Skip to content

Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.

Notifications You must be signed in to change notification settings

DrPython3/MailRipV2

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Mail.Rip V2.1337

Your SMTP checker / SMTP cracker for mailpass combolists including features like: proxy-support (SOCKS4 / SOCKS5) with automatic proxy-scraper and checker, e-mail delivery / inbox check and DNS lookup for unknown SMTP-hosts. Made for easy usage and always working!

Overview

Legal Notices

You are ONLY allowed to use the following code for educational purposes! Mail.Rip V2.1337 shall not be used for any kind of illegal activity nor law enforcement at any time. This restriction applies to all cases of usage, no matter whether the code as a whole or only parts of it are being used.

By downloading and / or using any part of the code and / or any file of this repository, you agree to this restriction without remarks.


Features

Mail.Rip V2.1337 is a SMTP checker / SMTP cracker written in Python 3.8. Using the "smtplib", it allows you to check common mailpass combolists for valid SMTP logins. It has included dictionaries and lists containing details of common email providers as well as most common ports used for SMTP servers. In case any data is missing, "dnspython" is used to lookup unknown SMTP hosts in MX records.

Moreover, Mail.Rip V2.1337 comes with SOCKS-proxy support including a proxy-scraper and checker function. If the proxy-support is activated, the checker / cracker scrapes SOCKS4 or SOCKS5 proxys from common online sources and will check the results, then.. The working proxys will be used randomly. And you can add new sources by editing the library.json at any time.

Last but not least, Mail.Rip V2.1337 includes an email delivery test / inbox check for found SMTP logins. For every valid combo, it tries to send a plain text email with the found SMTP login. All test messages are sent to your own user-defined receiving address whereby the content of the test emails is generated randomly. The templates can be edited in the "library.json", too.

Mail.Rip V2.1337 is full functional and ready to use!


How-to use Mail.Rip V2.1337

Mail.Rip V2.1337 has been written and tested with Python 3.8. It should run on any OS as long as Python and all dependencies are installed.
Just follow the steps below!

Installing needed Python modules

All Python modules / packages needed are listed in the txt-file requirements.txt. For an easy installation, type:

pip3 install -r requirements.txt

Installing any missing dependencies may take some time. Be patient, please.

Start the Checker / Cracker

With all dependencies being installed, you can start Mail.Rip V2.1337 with:

python3 MailRipV2.py

No extra arguments are needed. You only need to copy your combofile into the same directory before starting the checker / cracker. After starting it, just follow the steps from (1) to (4). For more information see "Options in Main Menu".

Please regard:
Your combofile needs to be encoded with utf-8! Any other encoding may cause errors.

Options in Main Menu

[1] Set Default Values

Use this option to edit the default values for Mail.Rip V2.1337. You can edit the following here:

  • Wether to send a test mail to a email you own
  • Amount of threads to use for checking / cracking.
  • Default timeout for connections.
  • De-/activate the blacklist check for email domains.
  • Set your email address as receiver for test messages.

[2] De-/Activate Proxy-Support

This option allows you to activate or deactivate the proxy-support. If activated, you will be asked for the proxy-type to use. Just enter SOCKS4 or SOCKS5. The scraper starts automatically then. You can add more sources by editing the library.json. After the scraping is done, you will be asked whether you want to skip the checker. DO NOT SKIP THE CHECKER except you really, really need to start an attack immediately.

[3] Load Combos

Option [3] starts the Comboloader. Enter the name of your combofile, for example: combos.txt. All combos in the file will be loaded and prepared for an attack. Therefor, the Comboloader performs the following steps:

  • Any other separator than ":" is replaced.
  • The email address in the combo is verified by its format using regular expressions.
  • For verified email addresses, the domain is checked against the blacklist included in library.json.
  • Then, the loader checks whether it has already loaded the given combo before (duplicates check).

All combos passing the checks will be loaded for an attack and saved to a txt-file called targets.txt. Please make sure that your combofile is encoded with utf-8 or errors may occur.

[4] Start Attack

This one is obvious.


Various

See the sections below for any tips, hints and other information.

SMTP cracking / SMTP checking process

Mail.Rip V2.1337 uses the smtplib for the checking / cracking process. The "magic" is done this way:

  1. The SMTP cracker / SMTP checker reads the next combo from the list loaded.
  2. It looks up the email domain in the "smtphost" dictionary for the SMTP-host to attack.
  3. For unknown hosts, it will try to get the address from the MX records of the email domain.
  4. The connection port for host found in MX records is searched using the most common ones in a trial and error process.
  5. Afterwards it establishes a connection to the SMTP host (trying SSL and non-SSL as well as TLS)
  6. and sends the login data using the target email address and the given password from the combo.
  7. If the login is denied, the cracker / checker will try to login with the user-ID (email without @...) and the password.
  8. In case the login data is valid, the so-called "hit" will be saved to a txt-file.
  9. In the end Mail.Rip V2.1337 will try to send a test message to you using the found SMTP.

For best results every user should edit the host information in the library.json before starting Mail.Rip V2.1337 the first time. Adding the data of the most common e-mail providers in a combolist will always speed up the checking / cracking process. And it will probably raise less security flags on the server-side.

Other ways to improve your results are: deactivating the proxy-support and adjusting default values. In fact, IT IS RECOMMENDED TO LEAVE THE PROXY-SUPPORT DEACTIVATED. Without using proxys, you will receive much better results - for the checker as well as for the inbox check.

Notes on the email delivery test (inbox check)

The email content is generated randomly using templates in the "library.json". Edit those templates for your needs. Editing the templates from time to time will provide a higher success rate.

Always regard that the email delivery test may return false negative results for many reasons. It just confirms that the given SMTP host can be used for sending emails with any software. Well-known email providers may block or restrict access to SMTP accounts, especially for tools like Mail.Rip V2.1337. Moreover, free proxys may be blacklisted as well as the certain SMTP account itself. You should test valid logins for which the delivery test failed again after the attack has been finished.

Notes on the blacklist check

The library.json includes a blacklist for email domains. More than 500 trashmail domains have been added to it. But there are also some very popular email providers on it. Those email providers are most often a waste of time when you check or crack mailpass combolists. Sometimes they just block the access, sometimes they ask for further verification.

If you want to attack those providers, too, edit the blacklist for your needs.


Support Mail.Rip V2.1337

If you like Mail.Rip V2.1337 support it, please! Every donation helps. Or just buy us coffee! The more coffee we drink the more time we can spend on projects like this one. Just use the wallets (BTC / LTC / XMR) below for your donation. All donations are appreciated - no matter how much you send. A single Dollar can keep us awake for one or two hours ... ;-)

Donation wallets

- DrPython3

  • BTC (Bitcoin): 1CU8WukMCDmeBfqJpsR4Vq9kxvNiRdYhf5
  • LTC (Litecoin): LeJsHzcMixhvR1qEfgHJU32joVAJDgQwR7
- Nexus
  • XMR (Monero): 4AkFxzDMmVMUFheuaohXrkGDUDPRCuKcJF7ajnXzSeipFHuPWbPiZTZTs5VDQux7fcgK5WV2vZwPY8qEqyV14nBUPwSxQkN


Last Update

Date can be different from the commit date
2022-03-21: release v2.1337 - Enhanced edition :P