Skip to main content

How to find the password of hacked email addresses using OSINT

https://youtu.be/JAjVwf5NEOk

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy and correct tools. In this article, I will show you how a hacker can get passwords of thousands of email addresses without attacking the webserver or without using any other hacking technique; but, just using the power of OSINT.

You can implement all the techniques discussed in this article manually; however, to enhance the operation and to maximize the result, we will utilize Maltego along with a web service called Have I been Pwned?

Access the Hacked Passwords Systematically

Blackhat hackers usually post and publish data after hacking a webserver; for example, they dumped Linkedin hacked accounts and others. Let’s just fetch all this valuable information smartly. Tools used in this article:

  • theHarvester
  • Maltego
  • Have I been Pawned

I have discussed the configuration of Maltego with Have I been Pawned before; so, let’s just skip this part.

Step 1: Getting email addresses using the email harvesting tool, theHarvester

As a starting point, let’s search the google for email address using theHarvester tool.

# theHarvester -d hotmail.com -b google

Getting email addresses using the email harvesting tool, theHarvester

You can use any organization’s domain or any other specific target, if you have. A basic search gave us lots of information (54 email addresses) to begin. Let’s copy a few of them into the CSV file and import them into Maltego for further analysis. The reason for copying a few is the ease of maintaining the operation because, in the Maltego, you will see a massive connection of just a few email addresses.

Step 2: Importing the Data into Maltego for further analysis

Importing the Data into Maltego for further analysis

I am selecting the manual option, so no previous connection.

I am selecting the manual option, so no previous connection. Step 3: Find the breaches where the target email addresses appeared

Select all the email addresses, since I have only imported 11 of them, and run the Have I been Pawned transform to check whether the target email addresses been hacked before or not. If it is not the part of any breach, then just drop it; it’s of no use.

Find the breaches where the target email addresses appeared

There we can see so many email addresses appeared in many breaches. I have dropped some, two email addresses out of 11 because they did not appear in any breach.  Remember that we are just gathering information, not hacking or directly attacking any server; so, if an email was not got hacked before, it won’t be beneficial for us.

email was not got hacked beforeStep 4: Find the Plain Text Passwords of the Hacked Email addresses

The most common practice in the industry is to paste or dump the hacked email addresses details into Pastebin; it is a website where you can store text for some specific time. This time, let’s execute the  second  transform:

Find the Plain Text Passwords of the Hacked Email addressesEach email addresses appearing in many Pastebin text.

Each email addresses appearing in many Pastebin text.Open any Pastebin URL and analyze the data.

Open any Pastebin URL and analyze the dataWahoo, very recent data with the plain text password, email account, and the expiry date of a particular subscription, the blackhat guys use this information to ask a ransom. A common man does not know that someone published his confidential information online.

Step 5: Try to report it to the authority

Being a responsible cybersecurity professional, you should inform the authority or at least make sure that the hacked website or service should notify about changing the password to all its members.

Endnote

As you can see, the power of open-source intelligence gathering (OSINT), and we have started with just a random email acquired from the Google search. Imagine a malicious person with evil intent can do OSINT investigation against any specific target, let say an organization to check the employee details and possible passwords. And once the evil person got the password, he can further dig into the organization confidential information, or he can send his malware and backdoor to hack the entire organization. We have covered a similar story; you should this out.

Comments

Popular posts from this blog

OSINT tutorial to Find Information from a Phone Number – PhoneInfoga Tool

phone number plays a vital role in the social engineering and the open source intelligence investigation. Everyone carry’s phone, the  phone is now linked with an individual life and it has the most important information of a person. In the  OSINT investigation , we need to find-out the line type, carrier, location and other relevant information about the subject’s phone number. The number itself shows some information like country, city (landline pattern) and sometimes carrier; while the other information can be extracted by using the open platform available.   This tutorial is about PhoneInfoga, as the  official doc  says: “PHONEINFOGA IS ONE OF THE MOST ADVANCED TOOLS TO SCAN PHONE NUMBERS USING ONLY FREE RESOURCES. THE GOAL IS TO FIRST GATHER STANDARD INFORMATION SUCH AS COUNTRY, AREA, CARRIER AND LINE TYPE ON ANY INTERNATIONAL PHONE NUMBERS WITH A VERY GOOD ACCURACY. THEN SEARCH FOR FOOTPRINTS ON SEARCH ENGINES TO TRY TO FIND THE VOIP PROVIDER OR IDENTIFY THE OWNER.” As shown in t

Turn Windows 8 PC Into Wi-Fi HotSpot

In Windows 8, Microsoft  quietly removed  a useful networking feature: ad-hoc networks. In Windows 7 (and previous OSes), the tool could turn your PC into a Wi-Fi hot spot, allowing it to share its Ethernet or other Internet connection with other devices by broadcasting its own network. So, if you paid for Internet access at a cafe, or you're at work, and want to share your PC's Internet with your phone or tablet, this feature would let you do that. It is very possible to do this in Windows 8, but the built-in method requires fiddling with the command prompt. And for some of us, walking into that black abyss is daunting. Instead, check out  Virtual Router Plus . It's a free, open-source program that does the geek work for you, allowing you to quickly fire up an ad-hoc network whenever you need one. Once you've downloaded the file, extract it, and launch the VirtualRouterPlus file within that folder. There's no real installation here -- the program will simply launch