EvilZone

Hacking and Security => Tutorials => Topic started by: parad0x on January 12, 2013, 10:21:24 AM

Title: How to extract email address from a domain name
Post by: parad0x on January 12, 2013, 10:21:24 AM

In this tut,I'll show you how to get email address from a domain using one of the modules of metasploit named "Search Engine Domain Email Address Collector". I'll be using msfconsole in backtrack.This module uses Google, Bing and Yahoo to create a list of valid email addresses for the target domain.In this example I'll perform this scan against www.mediafire.com (http://www.mediafire.com)

Benefits?
For the non-legitimate uses,you can extract the email address from a specified domain and then hijack the domain by hacking his email-id.

Now,let's do it.
Step 1: Open Terminal and run msfconsole.
Step 2: Type search collector.
This'll look like this..
(http://3.bp.blogspot.com/-bCbZ5Ib5l1s/UPEldYcFqXI/AAAAAAAAADI/n81tY9Gy8Fo/s1600/collector.jpg)

Step 3: Type use auxiliary/gather/search_email_collector to use the auxiliary.
Step 4: Now we'll have to set the domain of which we are going to find the email-address(In this case,it is mediafire.com).To set domain,type set domain mediafire.com
Step 5: Type exploit to run the scan.You can use run also instead of exploit.

(http://2.bp.blogspot.com/-kZfeiXZBSKs/UPEllCiy1FI/AAAAAAAAADg/2qOgKA8WAz0/s1600/collector3.jpg)

All the emails are that are found are...
(http://2.bp.blogspot.com/-wqLxS15bMMk/UPElgK-kQqI/AAAAAAAAADY/6sfOyVZZuAs/s1600/collector2.jpg)

Enjoy!!! ;) ;)

Title: Re: How to extract email address from a domain name
Post by: iTpHo3NiX on January 12, 2013, 10:13:43 PM

Nice tut +1

Title: Re: How to extract email address from a domain name
Post by: vezzy on January 12, 2013, 11:53:44 PM

Well, that's one way to do it. I prefer Google hunting with wildcards, but this is faster. Thanks for sharing.

Title: Re: How to extract email address from a domain name
Post by: Xtatics on January 13, 2013, 12:15:10 AM

Seen before but still a good tut. It does basically use Google and several other sources to scrape emails but much quicker IMo than manually doing it. +1

Title: Re: How to extract email address from a domain name
Post by: parad0x on January 13, 2013, 04:59:23 AM

Quote from: Xtatics on January 13, 2013, 12:15:10 AM

Seen before but still a good tut. It does basically use Google and several other sources to scrape emails but much quicker IMo than manually doing it. +1

Quote from: vezzy on January 12, 2013, 11:53:44 PM

Well, that's one way to do it. I prefer Google hunting with wildcards, but this is faster. Thanks for sharing.

Quote from: skidiot.h on January 12, 2013, 10:13:43 PM

Nice tut +1

Thanks guys, I am happy that I had contributed something. I'll be contributing more articles(tut) on the usage of metasploit,one on Wireshark andsome more on other topics. This will keep me motivated that you like my tut. Thanks again guys. :) :D