Saturday, June 13, 2015

Google Blocks Hydra Attack and Sends the Victim the Hackers Information

So after helping someone get the correct syntax to use Hydra against an SMTP mail server, I decided to try it against my Google hosted email account and not only did Google block the attempt, alert me of the attempt via email to both my primary and secondary account, they also allowed me to see the IP address and the what the device was (presumably from the user agent, but since this was Hydra it was just unknown since there was no user agent sent.)

Great job Google, providing the victim with actual helpful information is what every company should do. I recently had my bank account locked down after a hacking attempt and after several phone calls, and going to the bank they still would not release the IP address or any other information like the password attempts. As you can see by the image below, Google even points out that they knew my correct password. If my bank would provide me with this information I could figure out if the hacking attempt was random or from someone who knows me. 

Special thanks to Joe Smith, for making me attempt this is the first place. Here is the (edited) Hydra syntax I used: 
hydra -l email@gmail.com -P ~/Desktop/gmTest.txt -S -s 465 -v -V smtps://smtp.gmail.com





If you like my videos, please subscribe to me on YouTube:
http://www.youtube.com/subscription_center?add_user=GarrettFogerlie

Follow me on Twitter, @gFogerlie and Google+ https://plus.google.com/+GarrettFogerlie

If you have a video request you can let me know in the comments here or on my channel:
https://www.youtube.com/user/GarrettFogerlie/discussion

5 comments: