Three most common methods for hackers to crack Email accounts

Comments: Emails are not secure. each link in the process of sending, transmitting, and receiving emails may have weak links. If malicious users exploit this vulnerability, you can easily crack your account and get the mail content. 1. The mail server software runs on a specific operating system by exploiting the operating system vulnerabilities of the mail server. For example, Linux and Windows NT/20 emails are not secure, there may be weak links throughout the entire process of sending, transmitting, and receiving emails. Malicious users can easily crack their accounts and obtain the email content if they exploit the vulnerabilities.
I. Exploitation of email server operating system vulnerabilities
The mail server software runs on specific operating systems, such as Linux and Windows NT/2000. The default installation and configuration of these operating systems are insecure. Hackers can easily intrude into the system and obtain all user names and passwords.
1. Windows Server
If it is an Exchange Mail Server based on Windows, the system has not made any security configuration and has opened several services. Intruders can use the terminal server to combine the Chinese Input Method vulnerability or the Buffer Overflow program of IIS to obtain the Administrator permission, use pwdump3 to export the Hash password, and then use L0pht to hook up the dictionary or Brute Force to break down the password. Based on experience, if the password is simple, the password can be cracked within a few minutes, and the password can be solved within one day in the Brute Force mode with a length of 8 digits or less. 2. Linux/UNIX server UNIX systems generally use Sendmail as the mail system. After obtaining control of the system, use software such as John to crack the password from/etc/passwd or/etc/shadow. If the database is used to save the user information and password, it is also easy to export. Ii. vulnerabilities in the mail server software. The most common mail server programs include Sendmail and Qmail, which have security defects to varying degrees. Take Sendmail as an example. In earlier versions, telnet to port 25, enter wiz, and then enter shell to get a rootshell, debug command, and root permission. Qmail is relatively secure than Sendmail, but Qpoper has the Buffer Overflow defect. It can remotely obtain rootshell and control the system. Even if the email server is secure, intruders can obtain more information, such as user names. Telnet to port 25 and enter expn tom or vrfy tom to check whether a tom user exists. Although the Sendmail commands of the latest version are disabled, You can counterfeit the sender and use rcpt to determine whether the user exists. After obtaining the user name, you can telnet to port 110, try a simple password connection, or apply dictionary cracking. Therefore, relay must be disabled for non-local relay, or a mail authentication module must be used for SMTP by many ISPs. This enhances the security of the mail server. In addition to the POP3 method, it is popular to process emails on the WEB interface. This method is also vulnerable. Generally, CGI is used to accept the FORM parameters passed by the user, including username and password. If they are correct, you can enter the mail processing page. There are a lot of software available to use dictionaries or brute force combinations to crack the passwords of known users. The famous one is Xiao Rong's "Xue". In the case of simple passwords, there will soon be results. The WEB mail system has the option of "forgot password". If you can crack another email address of the sent password or guess the answer to the question, you can also succeed. 3. Install Sniffer in the network during mail transmission, and specify to listen for packets sent to port 110 of the external server, view the user and pass strings from the collected information to view the user name and the corresponding password.