
Gammaprog is a bruteforce password cracker for web based e-mail
address. Actually was, cause now it support pop3 cracking too. Currently
hotmail.com, usa.net and yahoo.com address are supported. The program is
written in Java, so it should in theory run on any computer equiped with 
a Java virtual machine. It's not an applet however, it won't run from a
web browser. If you don't have a Java virtual machine, you can get one at
http://www.javasoft.com/products/index.html . 
Get JDK or JRE. JRE is much smaller and if you have no java coding 
experience it is all you`ll probably need. 

New with version 1.21

- I only fixed a bug caused by yahoo! dns reconfiguration. The IP of the
web server the program connects to changed so I needed to changed it in
the source code( I use IP rather than hostname to save on dns lookup).

New with version 1.2

- Added support for yahoo! mail craking through cgi. 

- Added support for pop3 cracking. Now you can crack any pop3 account, not
just hotmail ones. 

- cgi cracking is now a bit faster cause I remplaced the URL class by a
plain socket. I save a few bytes every connection by sending simple
request to the server rather than full ones. (Excepted for Yahoo! cause it
need to now the User-Agent to see if we support cookies.)

- I also changed the command line completly so keep reading this if you
used version 1.0 or 1.1 in the past.


Installation and usage

First, note that if you're using windowns, all the following must be type
from dos. Gammaprog is a text mode program. 

Assuming you have JDK and gammaprog source code, compile it with
	javac gammaprog.java

And run it with
	java gammaprog <option> <address> <word list>

You can also use the precompiled classes and skip the compiling phase. 
The classes were compiled with JDK1.1.5-v7 under Linux on a i586. 
They should run on other system thought, in theory. 

If you use JRE, try
	jre gammaprog <option> <address> <word list>
or
	jre -cp <directory where gammaprog is> gammaprog <option>
<address> <word list>

I don't use JRE, so refer to JRE readme for more details.

- option are:
	c : cgi cracking mode (for yahoo, hotmail and usa.net)
	p : pop cracking mode (for pop3 account. Hotmail also support pop3
	btw.) followed by the number of tries the pop server let you do
	before disconnection. Some let you do unlimited tries, some
	disconnects after 3, some after 1, etc. 0 is for unlimited tries.
	If you don't know the correct number, use 0. It might be a little
	slower however. 
	v : verbose mode. Displays password tired and reply on screen.
	s : socket number. Default is 10. This is use to set the number of
	socket you want to run in parallel. Each socket is a connection to 
	the server by the way. Adjust this value to fit the speed of your
	modem. In pop mode, you can run much more socket because each use 
	a really small amount of bandwidth. I don't know the best value  
	actually, so experiment.
	t : enable timeout on socket. This makes sure sockets won't block
	forever. On my linux jdk port is was slowing me a lot so I made
	this optional. On win95 jdk1.1.5 it doesn't appear to be slower.	

- address is of course the e-mail address you want to crack. When cracking 
a pop3 address, make sure there's a pop server on the second part of the
address. Cracking aneyewitness@geocities.com won't work cause there's no
pop server on geocities.com. The pop server is on mail.geocities.com, so
enter aneyewitness@mail.geocities.com in the address field.  
- word list is the dictionary you want to use. A short one comes with
gammaprog (common-passwords.lst). Here's two links where you can find
wordlist:
	http://www.antionline.com/archives/wordlists/
	ftp://ftp.ox.ac.uk/pub/wordlists/


Ex:
	java gammaprog -c someone@yahoo.com password.lst

This cracks someone@yahoo.com through the cgi using 10 sockets.

	java gammaprog -tvp 0 -s 50 someone@hotmail.com password.lst 

This cracks someone@hotmail.com through the pop server using 50 sockets,
timeout enabled and no limits on tries for each connection. 
 

The junk listed after each password tried when running the program in
verbose mode is what gammaprog read from the foreign host. It use it to 
determine whether the password was good or not. Simple changes in this 
could fool the program and it would no longer works. Since this is likely to 
eventually happen with web based e-mail, it might not be a bad idea to
check on an account you know the password if gammaprog still works. 


If you have technical suggestions or feedback feel free to mail me. 
Do NOT ask me to crack password for you because you're to lazzy and/or
stupid to install and run the program yourself.
 
An Eyewitness
98/10/21
aneyewitness@geocities.com






