September 5, 2009 at 8:45 am #4240Sistem74Participant
I have Ecrawl and Atomic Email Hunter to harvest email addresses but they all suck.
How can I get into a site and collect email addresses? Any tutorials?
September 5, 2009 at 1:30 pm #26861
wget & grep + brain ?!?
September 5, 2009 at 3:00 pm #26862Don DonzalKeymaster
Not what we do here at the ‘Ethical’ Hacker Network.
September 5, 2009 at 7:42 pm #26863Don DonzalKeymaster
After a great offline discussion with an EH-Net Member, I unlocked this topic. Let’s see where it goes. Hopefully it stays within the legal realm of pen testing.
September 5, 2009 at 8:14 pm #26864rattisParticipant
Chris G’s method would be great, I’ll have to add it to my list. Google + site’s domain name would be another way. 1 search google for just the site, 2 search google for just the @domain_name.
I think the big question is though, why do want the email address?
From a pentest perspective, I could see collecting the different email addresses for trying to get possible log in names, or people in the company to try and impersonate for Social Engineering.
From a security standpoint to see if people are spoofing your comapny / found an open relay.
From a non-security related world, the only legal reason I could see doing this would be for an EECB (Executive Email Carpet Bomb). http://consumerist.com/259713/how-to-launch-an-executive-email-carpet-bomb
There are other methods, if I recall correctly, covered in Hacking for Dummies. But you really should only try to get email address for ETHICAL reasons. Spamming people is bad. Trying to get the information for just showing of is bad too.
September 6, 2009 at 12:08 am #26865ethicalhack3rParticipant
Dont forget Maltego! 🙂
September 6, 2009 at 3:27 am #26866JhaddixParticipant
theharvester.py is the best tool for the job most of the time.
Also maltego and BiLE suite can help with it.
September 6, 2009 at 6:53 am #26867Sistem74Participant
Thanks you guys. Very interesting answers.
September 6, 2009 at 12:53 pm #26868
September 6, 2009 at 12:59 pm #26869
a more serious answer would be…
2. theHarvestor (there are a couple of other google email crawlers most outdated based on google changing the way they return results)
3. google for target site:blah.com @blah.com (doesnt work so great anymore though)
4. use webbrowser + brain to figure out email naming convention of target
5. use metagoofil to extract metadata and usernames
6. either programatically or by hand join 1-5 together for your hopefully authorized SE activity.
September 6, 2009 at 5:52 pm #26870UNIXParticipant
I would recommend metagoofil and Maltego as well.
Haven’t heard of theharvester.py before, but will look at it; thanks for mentioning.
September 6, 2009 at 7:40 pm #26871
- You must be logged in to reply to this topic.