MailRipV2 is a SMTP checker / SMTP cracker written in Python 3.8. Using the “smtplib”, it allows you to check common mailpass combolists for valid SMTP logins. It has included dictionaries and lists containing details of common email providers as well as most common ports used for SMTP servers. In case any data is missing, “dnspython” is used to lookup unknown SMTP hosts in MX records.
Moreover, Mail.Rip V2 comes with SOCKS-proxy support including a proxy-scraper and checker function. If the proxy-support is activated, the checker / cracker scrapes SOCKS4 or SOCKS5 proxys from common online sources and will check the results, then.. The working proxys will be used randomly. And you can add new sources by editing the library.json at any time.
Last but not least, Mail.Rip V2 includes an email delivery test / inbox check for found SMTP logins. For every valid combo, it tries to send a plain text email with the found SMTP login. All test messages are sent to your own user-defined receiving address whereby the content of the test emails is generated randomly. The templates can be edited in the “library.json”, too.
Mail.Rip V2 is full functional and ready to use!
Mail.Rip V2 has been written and tested with Python 3.8. It should run on any OS as long as Python and all dependencies are installed.
Just follow the steps below!
Installing Needed Python Modules
All Python modules / packages needed are listed in the txt-file requirements.txt. For an easy installation, type:
pip3 install -r requirements.txt
Installing any missing dependencies may take some time. Be patient, please.
With all dependencies being installed, you can start Mail.Rip V2 with:
python3 MailRipV2.py
No extra arguments are needed. You only need to copy your combofile into the same directory before starting the checker / cracker. After starting it, just follow the steps from (1) to (4). For more information see “Options in Main Menu”.
Please regard:
Your combofile needs to be encoded with utf-8! Any other encoding may cause errors.
Set Default Values
Use this option to edit the default values for Mail.Rip V2. You can edit the following here:
De-/Activate Proxy-Support
This option allows you to activate or deactivate the proxy-support. If activated, you will be asked for the proxy-type to use. Just enter SOCKS4 or SOCKS5. The scraper starts automatically then. You can add more sources by editing the library.json. After the scraping is done, you will be asked whether you want to skip the checker. DO NOT SKIP THE CHECKER except you really, really need to start an attack immediately.
Load Combos
Option #3 starts the Comboloader. Enter the name of your combofile, for example: combos.txt. All combos in the file will be loaded and prepared for an attack. Therefor, the Comboloader performs the following steps:
All combos passing the checks will be loaded for an attack and saved to a txt-file called targets.txt. Please make sure that your combofile is encoded with utf-8 or errors may occur.
Start Attack
This one is obvious.
See the sections below for any tips, hints and other information.
SMTP cracking / SMTP checking process
Mail.Rip V2 uses the smtplib for the checking / cracking process. The “magic” is done this way:
For best results every user should edit the host information in the library.json before starting Mail.Rip V2 the first time. Adding the data of the most common e-mail providers in a combolist will always speed up the checking / cracking process. And it will probably raise less security flags on the server-side.
Other ways to improve your results are: deactivating the proxy-support and adjusting default values. In fact, IT IS RECOMMENDED TO LEAVE THE PROXY-SUPPORT DEACTIVATED. Without using proxys, you will receive much better results – for the checker as well as for the inbox check.
Notes on the email delivery test (inbox check)
The email content is generated randomly using templates in the “library.json”. Edit those templates for your needs. Editing the templates from time to time will provide a higher success rate.
Always regard that the email delivery test may return false negative results for many reasons. It just confirms that the given SMTP host can be used for sending emails with any software. Well-known email providers may block or restrict access to SMTP accounts, especially for tools like Mail.Rip V2. Moreover, free proxys may be blacklisted as well as the certain SMTP account itself. You should test valid logins for which the delivery test failed again after the attack has been finished.
The library.json includes a blacklist for email domains. More than 500 trashmail domains have been added to it. But there are also some very popular email providers on it. Those email providers are most often a waste of time when you check or crack mailpass combolists. Sometimes they just block the access, sometimes they ask for further verification.
If you want to attack those providers, too, edit the blacklist for your needs.
ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled…
HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect…
SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination…
Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…
A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the…
LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without…