Forum Thread: Hydra Doesn't Work in Kali 2.0

I tried using hydra but it does'nt work..
i checked for syntax error but everything was fine.
Does'nt work means it does not crack the password.
i tried to crack my gmail with the wordlist having my password.
but it does not crack.
anyone please tell what to do.

Thanks in advance

14 Responses

please don't repost threads.

EDIT: i now see you reposted to post in the forum instead of the how-to's, which is good. But if you already posted on the how-to's, there's no need to make a second thread on the forums.

cracking your gmail? you know gmail blocks all login requests after 150 failed attempts, right?

-Phoenix750

can you be in detail little...

did you really expect that gmail wouldn't have a brute-force protection system?

when you use hydra to login to gmail, gmail logs your IP address. after 150 failed attempts from that IP address, gmail blocks your IP address. The result: failed crack.

-Phoenix750

so, whats the other way to do it..
how can i brute force gmail login?

unless you somehow find a way to hack into the gmail network and steal the password hashes of the account you want to hack and then try to crack it with Hashcat or Pyrit... you can't. atleast not that i know of.

-Phoenix750

E-mail hacking is usually a consequence of system compromisation. It's just... Very hard to hack with usually methods, if you know what I mean.

agreed.

-Phoenix750

Can we do something like feed a list of proxies and the bruteforcer will chanhe ips lets say every 140 attempts??

If you have few billion years, then yes.

Oh haha that long??

i know that it is possible, but how to do it is beyond my knowledge.

you could write a python script, perhaps.

-Phoenix750

you can just bruteforce or use social engineering to get into their icloud, icloud security isnt the best, and you can easily call customer support and verify basic information, and once you get into their icloud its pretty much GG

not everyone uses Icloud. for obvious reasons.

-Phoenix750

How about, we could do forget password and let the victim receive

password reset code.. As the code is sent by faccebook within no second.. immediately we can send the victim our fake mssg, saying

Facebook has detected some un-authorised activity on the account.

If it wasn't you then reply with the verification code.. or after reseting the password re-login from the below link.. this link will be phishing page.. got the password..

Only think we have to think how to send the mssg.
i searched for online sms spoofing but cant find

Share Your Thoughts

  • Hot
  • Active