Locate Breached Account Data with H8mail [Tutorial]

Подписаться 932 тыс.

Просмотров 161 тыс.

50% 1

Access Breached Account Information by Email with H8mail
Full Tutorial: bit.ly/H8mail
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Data breaches are serious business when a user makes the common mistake of reusing a password on various accounts across the internet. Today, we'll show you how to take advantage of this vulnerability with a tool called H8mail on this episode of Cyber Weapons Lab.
Follow Null Byte on:
Twitter: / nullbytewht
Flipboard: flip.it/3.Gf_0
Weekly newsletter: eepurl.com/dE3Ovb

Хобби

Опубликовано:

6 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 296

@DaddiDrako 11 дней назад

These videos are really the backbone of people getting into and learning cybersecurity

@betticropper7308 4 года назад

I just wanted to let you know that i find your channel probably top shelf. I find it really easy to follow have noticed my improvements since ive been learning from you , so thank you

@NullByteWHT 4 года назад

Thanks Betti Cropper! We really do put in a lot of hard work.

@pranjalgoel6015 5 лет назад

Awesome video @nullbyte!!! appreciate your work.........!!!!

@liljo3y 5 лет назад

My man Tom didn't deserve this

@NullByteWHT 5 лет назад

Did you see that man's passwords? He had some demons.

@SinanAkkoyun 5 лет назад

@@NullByteWHT Did you really attack the guardian on youtube?

@uhrihriavbenagha1826 4 года назад

@@SinanAkkoyun leemao

@iransecurityteam3750 4 года назад

@@NullByteWHT but how to scrape or harvest password list also ? Can you do a tutorial ? Im thinking the password list will def be hashed MD5 or other hash types

@Elias-qn2rg 4 года назад

@@iransecurityteam3750 use slayer leecher or some sort of thing but this could be private you could crack dbs urself but then its not a breach and you are way beyond osint

@andrearosati9931 5 лет назад

I LOVE your tutorials. thankyou kody.

@mk-rj6vr 10 месяцев назад

You inspired me to change careers, tinker in cyber security, and finally have a soc role, thank you Kody!

@NVY-Krom 10 месяцев назад

Sadly they haven’t uploaded in like 4 years :(

@acethenumba1042 2 года назад

@Null Byte thank you ive learned so much from your videos

@uditbhadauria6777 5 лет назад

Bruh...! You are just awesome. Respect++ Your content is just truly magnificent everytime..

@seriealltracks2816 5 лет назад

Does it include the collection#1 troy hunt has talk about recently ?

@mervynally459 5 лет назад

Congratulations excellent job Cody

@kobokobo339 5 лет назад

what is the name of the tool you use to connect your smartphone to the computer at the beginning of the video

@fancywaifu9821 3 года назад

I have a breach compilation file that is about 9 gigabytes. Not sure if I downloaded the right one or not

@hessen3061 5 лет назад

can i see if a hacker is in my computer with programs that show all the devices that are in your network like who is on my wifi?

@adolfTitlerr 2 года назад

can you share a link of the breach compilation

@showupshowout 4 года назад

I appreciate all of your hard work! Side note whats the song playing in the background shazam didn't pick it up lol

@Mega1137Gamez 5 лет назад

How did you get it to list the passwords

@hq_beatrix2983 4 года назад

hey man ik im no special from your other subscriber but do you think we can set up a video call and u walk me through how to pull ip and send attack to the ip please respond

@PulGoyGoy Год назад

Keep up the great work, your works are awesome.

@user-fx6um6iz9u Год назад

The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed

@M0h0ses 5 лет назад

Gran canal!!! Thanks for your work!!!

@positivitychannel5551 3 года назад

Hi Kody I am a big fan. Could you help me with where I can find the config.ini file I am running it on linux I think I need to switch to windows for that ? Also, not able to find the breach compilation db could you please help?

@jaikaarbhogal 5 лет назад

How do I fix the error where it says cannot contact HIBP with CF bypass

@ereal2 5 лет назад

Niiice content keep em coming love took you find more , more ,MORE! Please

@MartianMoon 5 лет назад

Immaculate tutorial, thank you!

@joelrobert4539 3 года назад

What does immaculate mean lol😂

@acethenumba1042 2 года назад

@@joelrobert4539 i dont know ......

@ivancastillo7156 2 года назад

where can I find this list? asking for a friend that is doing research.....

@robi8020 3 года назад

I love the info about these tools but they are usually a pain in the ass to figure out and use when you are on a non windows system and have to figure out which installer to use and why it’s not working. I usually spend about an hour smashing the keyboard, never get things working, then give up with no results. I don’t understand why great programmers can’t make these tools more readily usable and accessible.

@douglasmstewart 5 лет назад

Not sure why but pip3 always give problems in kali. Is the package not properly maintained?

@srikanth-pn3gh 5 лет назад

which device are you using??

@alessandrosala5511 5 лет назад

I download today the git but now is different from your tutorial.......can you write down here the new installation?

@kevinmatip9416 Год назад

Privacy is of the utmost importance to me, which is why I am in the Utopia ecosystem. Here I found anonymous communication and much more.

@cyber222 5 лет назад

if it say's pip3 command not found you need to install it by apt install python3-pip

@maxdeb6551 4 года назад

@@Badkuipeend Not if your in root

@ArsenGaming 3 года назад

Badkuipeend I don't want to type out apt-get, also, apt has a nice interface that apt-get doesn't.

@67hutch 3 года назад

@@maxdeb6551 can’t he just go “sudo su” then try again?

@maxdeb6551 3 года назад

@@67hutch The person i responded to deleted their comment

@67hutch 3 года назад

@@maxdeb6551 oh

@jKomwa02 5 лет назад

What’s the name of the laptop. Looking to upgrade mine

@BamaDega 5 лет назад

Nice info bro!

@fancywaifu9821 3 года назад

With the new and updated h8mail were u install through pip3, h8mail doesn't work for me for some reason. Idk how to fix it

@rainerzufall4268 3 года назад

Thank you very much for your content.

@user-fx6um6iz9u Год назад

The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed

@sleepsmoky8541 4 года назад

Thanks for this tutorial btw i really like what you do and especially how you explain things, could you just make another video about how to use API's cuz I'm a little bit lost 😂

@officialhumanityparty9483 5 лет назад

Great now I can make a brute force list with this too for hydra

@hatimaliraqisongsandotheri5268 3 года назад

Can you search by password? I mean the other way around. Thanks.

@pyguy9915 5 лет назад

Maybe a dumb question, but it's unclear to me--is it legal to download the breach compilation? There's some discussion on Reddit with folks arguing that it's not legal to store the data since it's stolen, although now that the data are basically public...

@ShadowEmpathy 5 месяцев назад

idk, but no comments and likes in 5 years? lemme change that

@8989youu 5 лет назад

Dude, you are awesome!

@mehul_deshwali_ 4 года назад

Do you have date breach link?.

@linuxvideoguy9475 5 лет назад

I keep getting the same error. query.sh no such file or directory ??? And where did you get the breach list from ?

@uncreativeus3rname787 4 года назад

Did you ever find this out? :)

@scottg5728 4 года назад

Same problem here

@tubehelpr 5 лет назад

Any idea why a certain email address would return the error: Warning: Breach compilation list index out of range? All others work fine...

@mgazyani 4 года назад

Where did you get the database from??

@muhammadhassnain7453 Год назад

Tell me too please

@garnery-tv8226 4 года назад

I have a question if you’d respond itll be great, instead of kali Linux, would it be ok if I used parrot security

@alexmartinez1151 4 года назад

Yes

@Dave-kq7gv 5 лет назад

top shelf content, good Sir

@sheilasolosthemcu 2 года назад

Where do you get the BreachCompilation? I ran the command on Kali and it said it doesn’t exist

@user-fx6um6iz9u Год назад

The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed

@mustafakhan948 2 года назад

Hi, for me it's not working. I am using windows 10. Should I install Bash Script UNIX for my system?

@nemoland426 3 года назад

Where can I get the breached compilation local file?

@user-fx6um6iz9u Год назад

Finally I got solution through the above details his service is fast and effective thanks Anom6000hack for the good work.

@rozer4660 4 года назад

Does it work on windows ?

@howtodefeatgangstalking Год назад

How do we put the api keys in

@SinanAkkoyun 5 лет назад

Where can I get this breach compilation file??

@helpme2999 3 года назад

this

@SinanAkkoyun 3 года назад

@@helpme2999 Help me

@ZxcFleacked 2 года назад

@ucanhnguyen7167 5 лет назад

you're the best

@adammagdy2795 5 лет назад

thanks very much for the good content :D

@tahmidislam7652 3 месяца назад

MY MAN DOESN'T BLINK

@worldlesscat4019 4 года назад

which program is this

@j_owatson 3 года назад

could someone link me the breach compilation

@mgazyani 4 года назад

Been searching for a while now, wasnt able to find the breached database..can someone please help?

@ivannunez2524 4 года назад

Im after the same thing

@nickhogg5575 5 лет назад

Can u do a video where it's used with the API instead of just locally

@mplserin 4 года назад

If you can't figure out how to use the API instead of a breach file (installed locally) yourself, then you may need more knowledge & practice with these tools before you consider doing this yourself.

@zake2255 4 года назад

You need paid services

@chaitanyakulkarni6416 3 года назад

@@mplserin asking for help is the step to learning , that kid is trying to get hep cause he is not smart and experience like you , go easy on kids

@dracodayss6566 2 года назад

yo where is the breach compilation u found

@TalesGrimm 5 лет назад

Is this better than Cr3dOv3r?

@soltiscd 3 года назад

How would you just search a single email address?

@user-fx6um6iz9u Год назад

Finally I got solution through the above details his service is fast and effective thanks Anom6000hack for the good work.

@adammagdy2795 5 лет назад

can you use a wordlist instead of the breach Compilation???

@tyjohnston5889 Год назад

4yrs later....yes

@DishTVupdates 5 лет назад

How can I use the Breach compilation API, if I don't want to download that huge file

@mgazyani 4 года назад

Did you get it??

@NetHacker100 4 года назад

@@mgazyani Did you get it?

@mgazyani 4 года назад

R. Nope.

@nathan-ql5vh 4 года назад

what is the terminal he is usin. he never explains in his video he just goes to it

@redpilledpatriot6868 4 года назад

The commands I used: cd Desktop, apt-get install nodejs, git clone github.com/khast3x/h8mail.git, cd h8mail, pip3 install -r requirements.txt. I got an error saying that "pip is configured with locations that require TLS/SSL" after executing that last command I listed. I also ran into an error after executing theHarvester -d theguardian.com -l 1000 -b pgp, it said "invalid source".

@romannepal1653 4 года назад

-lb/--local:'expected one argument ' error is making me mad. Please anyone help me with it. I have downloaded all the breach compilation file which is 45gb or so. I can give you link if you help me with this error

@ramprashanth 4 года назад

github.com/khast3x/h8mail Check out the new documentation... It is much simpler now.

@AnonyMous-rj2te 5 лет назад

alwayas my fav

@LoLOfIron 2 года назад

How download that breache ??

@user-ft1nd2bo1e 11 месяцев назад

Can someone tell me if this really worked? And how much gigabyte do l need to download the file

@eliddell1 5 лет назад

For those getting the query.sh file not found, you seem to not have downloaded the db and likely just a text file. I am having a different problem, where the file is giving me a permission denied error. Yes i tried changing the permissions, but nothing.. I am able to run the query.sh manually running "bash query.sh" but not "sh query.sh"

@eliddell1 5 лет назад

ok so i kind of got passed the permissions problem by editing the h8mail.py script changing: procfd = subprocess.run([query_bin, t.email], stdout=subprocess.PIPE) to: procfd = subprocess.run([query_bin, t.email], executable='/bin/bash', stdout=subprocess.PIPE) but now i get a file not found for each email like so: /media/root/Locust/BreachCompilation/query.sh: jflowers@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: jengurl@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: countryboy@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: johnboy@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: alice@anon-server.whitehouse.gov: No such file or directory anyone seeing this?

@NightfallChease 5 лет назад

Hey ^^. Do u know how i can install the magnet file from the DB folder without using some other programss like rtorrent or qbittorent or something like this bcs my rtorrent wont downlaod the file and I cant use the other bcs i use kali as a microsoft application (thx alot)

@Monalexander799 5 лет назад

Did you ever get this fixed?@@eliddell1

@tyjohnston5889 Год назад

@moneymon007 Just wait a little bit and surely your question will be answered lol.

@thehound3961 5 лет назад

# 8......keep them coming......

@sleepydj4704 5 лет назад

do I use in cmd or powershell

@Oef200862nd 5 лет назад

Need to use Linux Kali is the best dis for this.....

@MrGFYne1337357 5 лет назад

i keep getting a query.sh error......... otherwise tool works without the -bc option

@echelon5162 5 лет назад

I'm extremely late, but to fix the error: *Download the correct BreachCompilation File* (If you already have the correct file, skip this step) Download the file using the magnet link here raidforums.com/Thread-Breach-Compliation-you-know-the-one-Free This file is 44GB, so make sure you have the available disk space *Replace the **query.sh** file* Replace the query.sh text by opening it in a text editor and replacing it with this gist.github.com/nlitsme/6f138e72b328c28520d64d7e03f2d5f9 Hopefully, if all goes well, this should fix the error. Again, I'm late on this, but from my experience this is what caused the error.

@igorsan0101 5 лет назад

Awesomeeeeeeee!!!! Thanks

@crowtek2503 4 года назад

@donjames5761 3 года назад

can i use ubuntu for this or does it have to be keli ?

@NullByteWHT 3 года назад

Ubuntu should work.

@jamesh3639 3 года назад

Does this work on any distros or only kali?

@7kclouds319 2 года назад

Kali is based on Ubuntu, so yes.

@jamesh3639 2 года назад

@@7kclouds319 What about Arch?

@7kclouds319 2 года назад

@@jamesh3639 That might work if you have Python3 installed. As well as pip.

@niko-SMC 5 лет назад

wow very nice

@bufordmaddogtannen 5 лет назад

Has the list really been cleaned up or does it still contain 50%+ duplicates as it is usually the case?

@NullByteWHT 5 лет назад

It's been cleaned and organized

@NightfallChease 5 лет назад

Hey maybe you could help me... Iam using Kali-Linux as a Microsoft application on my Win10 Computer. I got 2 RaspberryPi's but my Pc is much faster than the Raspberry Pi's (so iam using it). Do u know how i can download the BrachCompalation without some rTorrent or qBittorrent? Is there a nother way or a better torrent/magnet installer?

@muhammadhassnain7453 Год назад

First of all tell me please from where did you downloaded the breach compilation torrent

@mouthfulacoque3580 4 года назад

Does that count as a blink?

@Elias-qn2rg 4 года назад

wdym blink?

@Morpheus776 5 лет назад

can you make a video about TempleOS? or give your opinion on it?

@rumilol2989 3 года назад

Null byte. Hey I was involved in the Wattpad breach and I’m really scared. I’ve changed passwords and deleted accounts. I just wanted to know if I can be hunted down? It’s been 4 months. Should I still be scared? Please reply soon. Thanks

@amoyzegh 3 года назад

Nope since you changed your passwords. If your old password is related to your secret questions than you should change it.

@rumilol2989 3 года назад

@@amoyzegh ok thanks so much. Can someone steal my identity with the info stolen?

@amoyzegh 3 года назад

@@rumilol2989 Nope since they don't have access to your accounts (because you changed the passwords)

@rumilol2989 3 года назад

@@amoyzegh I think they have my birthdate I’m not sure I think I put in a fake one tho I don’t actually remember and my full names

@rumilol2989 3 года назад

@@amoyzegh I deleted the email linked and made a new one and used a new one for all my social media’s. I’ve changed tho passwords too.

@frostyboi6989 5 лет назад

How do you run Linux kali in Windsose 10 pls answer

@mihaiioc.3809 5 лет назад

virtual machine

@AK-cm7uf 4 года назад

Dual boot!

@desiredditor 4 года назад

buddy where is the breached file that i can download

@blakerowland5562 3 года назад

Your kidding right

@whatiknowis 5 лет назад

were can i install the breach Compilation

@mgazyani 4 года назад

Did you get it??

@scottg5728 4 года назад

Ye did you get it?

@AnimeVeldora 4 года назад

Could not fetch URL pypi.org/simple/h8mail/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/h8mail/ (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.")) - skipping ERROR: Could not find a version that satisfies the requirement h8mail (from versions: none) ERROR: No matching distribution found for h8mail

@lililol7694 4 года назад

hey I just want to knew if its still working

@ramprashanth 4 года назад

Yes!

@abhishekpcc2637 2 года назад

How did you manage to use an external hard drive, in order to save to local space?

@tyjohnston5889 Год назад

On Kali Pi anyway I used: Inserted external USB Right clicked Icon Permissions Permanently mounted with access Added the path to downloads ie: #~/media/usb/password_download at the end

@skunkhead2007 5 лет назад

pip 3 ? not 'pip' alone :-) thanks very much ...

@SinanAkkoyun 5 лет назад

Why do you live show the passwords of these journalists? Are they a fake result?

@cinevapemonociclu5596 5 лет назад

Make a beginer tutorial with all programs for begginers

@skunkhead2007 5 лет назад

not working on parrot sec

@PSNCopy 5 лет назад

* not working on YOUR parrot sec

@skunkhead2007 5 лет назад

no it aint, i have no idea as to why,im a noob so simple answers,please :-) but every thing else i have used works or i have got to work with parrot @@PSNCopy

@kyuk3tsuk12 Год назад

im still amazed that its FOURTY FOUR GIGS OMG

@Darkkorex 5 лет назад

I use one of my dogs emails.

@lancelotwilliams1112 4 года назад

no such file or directory....pip3 install -r requirements.txt

@NullByteWHT 4 года назад

just run pip3 install h8mail You can find the docs here if you have any other issues. github.com/khast3x/h8mail

@muhammadhassnain7453 Год назад

Mine worked with python -m pip install h8mail

@muhammadhassnain7453 Год назад

I've also installed it on my android phone.

@gaydolfhitler6310 5 лет назад

Whats the legality of this? I mean they were leaked but I presume they were hacked before. I would think possession of stolen property at worst depending on what country you are in.

@NullByteWHT 5 лет назад

Great question, Gaydolf, as always. This should be legal, but that can vary by country. In general, this wouldn't be too bad in and of itself, but it looks pretty bad if you've been doing a bunch of other sketchy hacking stuff. After stolen stuff is public domain it becomes harder to track, and in general, if it can be found openly and downloaded with a google search, it can't be expected that you were involved in stealing it.

@gaydolfhitler6310 5 лет назад

@@NullByteWHT Yeah there no way anyone can expect you stole it. Where I am in the EU laws are written very ambiguously. I always get the impression that if you annoy the wrong people they will find something. I remember (as far as i could tell) hearing that google was fined 5 Billion under anti-competitive laws because they made phone manufactures that use android to include google's apps (music, Hangouts, Drive ect). Great video as always btw :).

@NullByteWHT 5 лет назад

@@gaydolfhitler6310 Thank you! Actually, it is the same here, the laws are very vague and I saw a great talk on how most pentesters could actually be breaking the law because of how shitty agreements are between companies and pentesters.

@NullByteWHT 5 лет назад

@@gaydolfhitler6310 Say hi on Twitter sometime, I see you popping up with good advice in the comments

@gaydolfhitler6310 5 лет назад

@@NullByteWHT I think the US has a law that outlaws vague laws (Its a bit of an oxymoron). Thanks. Its all down too much time binge watching deacon and black hat conferences and I would if i was on twitter