TheRyan08

Finding passwords?

15 posts in this topic

I want to find a password to an old email account of mine, pretty much "hacking" it: how would I go about doing this? Since it is my old email address, it won't do any damage to anything. Is there some sort of back door besides social engineering, because it's my own account so that won't work :D ?

0

Share this post


Link to post
Share on other sites

I know you can use that, I mean is there a way to get around that, because I forgot the answer to the lost password question?

0

Share this post


Link to post
Share on other sites
I know you can use that, I mean is there a way to get around that, because I forgot the answer to the lost password question?

Give me a break, why dont you just cut the crap and just say you want to break into someones account? ... :blink:

0

Share this post


Link to post
Share on other sites
I know you can use that, I mean is there a way to get around that, because I forgot the answer to the lost password question?

Give me a break, why dont you just cut the crap and just say you want to break into someones account? ... :blink:

What is so hard to believe? I have lost tons of passwords to my own accounts, it's not that far-fetched. Well, if you really don't know your password, you can always bruteforce it with a dictionary hack of some sort. (If your passwords suck)

0

Share this post


Link to post
Share on other sites

Most good webmail providers can provide you with the password if you can actually tell them some emails that the inbox contains.

0

Share this post


Link to post
Share on other sites
I want to find a password to an old email account of mine, pretty much "hacking" it: how would I go about doing this? 

Erm... I take it this a web-based service you're trying to 'hack into'? Most web based services have a 'I've forgotten my password' link on them, as mentioned above. If this fails, you might consider emailing the administrator and asking them to a) reset your password and B) provide a link to do this automatically when they get chance.

If all else fails and you desperately need to get in, then a brute force approach might work, but bare in mind the admins might not like you sending endless amounts of failed login requests. Also, if they've done their job properly, they'll have some sort of account lockout feature installed - whereby the account will be innaccessable after x failed login attempts.

You could try writing a brute-forcer (maybe based on some POP mail client from source forge - I don't know) but it's probably easier to try to find one that works with your email account, from the usual script kiddie sites. It all depends on how secure you think your password might have been. If it was so secure that you forgot it because it was a random sequence of numbers and letters then I'd forget it, if I where you.

Alternatively, you could just decide it's not worth the effort and take a look at Konfabulators password generator gadget, for instance, to help you remember your passwords in future.

A word of warning: DO NOT DO THIS IF THIS IS NOT REALLY YOUR ACCOUNT. You will go to straight to JAIL, will not pass go, will not collect 200 pounds!

0

Share this post


Link to post
Share on other sites

I can understand everyone thinking that it might not be my account, because this is, after all, a hacking website. It is my own account; I can't prove this, but it is, and I wouldn't hack into someone else's email. It's not like I really really need to get into the email, I just want to find out if I can do it. Like I said, it's an old email address, one which I no longer use. Thanks coding_monkey, but I don't know how to program a brute forcer (I know what it is though). How do I use the widgets from Konfabulator once I download them? Is there another program to download?

0

Share this post


Link to post
Share on other sites

Once you download a widget, you have to load it in the Konfabulator. This is done by right-clicking on the Konfabulator icon in th system tray and loading from there.

0

Share this post


Link to post
Share on other sites

If its a webmail account you're trying to retrieve, I'd say its pretty much as good as lost.

Bruteforcing such accounts is pretty much an exercise in futility. On the other hand, if you're trying to retrieve passwords for accounts on an email client software you have on your computer, that's much easier to execute.

0

Share this post


Link to post
Share on other sites

I can understand how a local email service would be easier to hack than a webmail one. I got the Konfabulator widget, but it only does 1 password for every click. Kinda slow for a brute-force approach. Plus, it has no way of automatically sending it to the password bar on the browser. I'm guessing that the best way to hack into an email account would be to use a brute-force tool combined with an automated keyboard. Is this possible, to have a computer program that would trick the computer into thinking that the keyboard or the mouse made input, when it didn't? If this is possible, can you tell me of any example programs, like one where you could tell it a set of keystrokes to perform, and it could enter that into any applicable program, such as document processing or a web browser?

EDIT:

I've found some "automated" keyboard and mouse programs. The automated keyboard program screen shots can be found at KeyText 2000. The automated mouse-moving program can be found at Aaron's Cliker, but a screen shot of Aaron's Cliker is this: cliker.jpg. With these programs being used, the only thing left to do would be finding a way for the computer to recognize the security pictures (such as the ones used by Hotmail, Yahoo, and all other email providers) and then enter the letters and numbers into the bar.

Edited by TheRyan08
0

Share this post


Link to post
Share on other sites
I'm guessing that the best way to hack into an email account would be to use a brute-force tool combined with an automated keyboard.  Is this possible, to have a computer program that would trick the computer into thinking that the keyboard or the mouse made input, when it didn't?  If this is possible, can you tell me of any example programs, like one where you could tell it a set of keystrokes to perform, and it could enter that into any applicable program, such as document processing or a web browser?

Yes it is possible, and there are more automated efficient ways of executing such attacks. But in any case you're only as fast as the webserver receiving and processing your requests and the connection in between as you submit/test passwords. Plus, most mailing systems should have some kind of measures in place preventing such abuse.

In any instance, having a system send off a possible password to a webserver, have the webserver process it, validate it, and then return the result is an act that is hundreds if not thousands of times slower than bruteforcing something that's already on your system.

But there's a technique that's far more efficient here: its called guessing. You chose the password, therefore you should have a reasonable idea of what it was.

0

Share this post


Link to post
Share on other sites

if you dident click "secure connection" before like www.hotmai.com has as an option, you can crack the hash (rainbow tables will be your friend here) otherwise youl have to spoof some type of packet And CRACK the hash

not much is known about this, and if there was, it wouldent be talked about here

0

Share this post


Link to post
Share on other sites

Hmm...too difficult for me, I'll give up on getting my old email back. Don't think there's anything in the inbox anyway.

0

Share this post


Link to post
Share on other sites
if you dident click "secure connection" before like www.hotmai.com has as an option, you can crack the hash (rainbow tables will be your friend here) otherwise youl have to spoof some type of packet And CRACK the hash

not much is known about this, and if there was, it wouldent be talked about here

I don't think it works quite like that...

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now