Locate Breached Account Data with H8mail [Tutorial]
Рет қаралды 160,359
Күн бұрынAccess Breached Account Information by Email with H8mail
Full Tutorial: bit.ly/H8mail
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Data breaches are serious business when a user makes the common mistake of reusing a password on various accounts across the internet. Today, we'll show you how to take advantage of this vulnerability with a tool called H8mail on this episode of Cyber Weapons Lab.
Follow Null Byte on:
Twitter: / nullbytewht
Flipboard: flip.it/3.Gf_0
Weekly newsletter: eepurl.com/dE3Ovb
@betticropper7308 4 жыл бұрын
I just wanted to let you know that i find your channel probably top shelf. I find it really easy to follow have noticed my improvements since ive been learning from you , so thank you
@NullByteWHT 4 жыл бұрын
Thanks Betti Cropper! We really do put in a lot of hard work.
@liljo3y 5 жыл бұрын
My man Tom didn't deserve this
@NullByteWHT 5 жыл бұрын
Did you see that man's passwords? He had some demons.
@SinanAkkoyun 5 жыл бұрын
@@NullByteWHT Did you really attack the guardian on youtube?
@uhrihriavbenagha1826 4 жыл бұрын
@@SinanAkkoyun leemao
@iransecurityteam3750 4 жыл бұрын
@@NullByteWHT but how to scrape or harvest password list also ? Can you do a tutorial ? Im thinking the password list will def be hashed MD5 or other hash types
@Elias-qn2rg 4 жыл бұрын
@@iransecurityteam3750 use slayer leecher or some sort of thing but this could be private you could crack dbs urself but then its not a breach and you are way beyond osint
@mk-rj6vr 9 ай бұрын
You inspired me to change careers, tinker in cyber security, and finally have a soc role, thank you Kody!
@NVY-Krom 9 ай бұрын
Sadly they haven’t uploaded in like 4 years :(
@pranjalgoel6015 5 жыл бұрын
Awesome video @nullbyte!!! appreciate your work.........!!!!
@andrearosati9931 5 жыл бұрын
I LOVE your tutorials. thankyou kody.
@acethenumba1042 2 жыл бұрын
@Null Byte thank you ive learned so much from your videos
@uditbhadauria6777 5 жыл бұрын
Bruh...! You are just awesome. Respect++ Your content is just truly magnificent everytime..
@mervynally459 5 жыл бұрын
Congratulations excellent job Cody
@showupshowout 4 жыл бұрын
I appreciate all of your hard work! Side note whats the song playing in the background shazam didn't pick it up lol
@PulGoyGoy Жыл бұрын
Keep up the great work, your works are awesome.
@user-fx6um6iz9u Жыл бұрын
The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed
@MartianMoon 5 жыл бұрын
Immaculate tutorial, thank you!
@joelrobert4539 3 жыл бұрын
What does immaculate mean lol😂
@acethenumba1042 2 жыл бұрын
@@joelrobert4539 i dont know ......
@kevinmatip9416 Жыл бұрын
Privacy is of the utmost importance to me, which is why I am in the Utopia ecosystem. Here I found anonymous communication and much more.
@seriealltracks2816 5 жыл бұрын
Does it include the collection#1 troy hunt has talk about recently ?
@M0h0ses 5 жыл бұрын
Gran canal!!! Thanks for your work!!!
@ereal2 5 жыл бұрын
Niiice content keep em coming love took you find more , more ,MORE! Please
@kobokobo339 5 жыл бұрын
what is the name of the tool you use to connect your smartphone to the computer at the beginning of the video
@fancywaifu9821 3 жыл бұрын
I have a breach compilation file that is about 9 gigabytes. Not sure if I downloaded the right one or not
@cyber222 5 жыл бұрын
if it say's pip3 command not found you need to install it by apt install python3-pip
@maxdeb6551 4 жыл бұрын
@@Badkuipeend Not if your in root
@ArsenGaming 3 жыл бұрын
Badkuipeend I don't want to type out apt-get, also, apt has a nice interface that apt-get doesn't.
@67hutch 3 жыл бұрын
@@maxdeb6551 can’t he just go “sudo su” then try again?
@maxdeb6551 3 жыл бұрын
@@67hutch The person i responded to deleted their comment
@67hutch 3 жыл бұрын
@@maxdeb6551 oh
@sleepsmoky8541 4 жыл бұрын
Thanks for this tutorial btw i really like what you do and especially how you explain things, could you just make another video about how to use API's cuz I'm a little bit lost 😂
@rainerzufall4268 2 жыл бұрын
Thank you very much for your content.
@user-fx6um6iz9u Жыл бұрын
The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed
@hessen3061 5 жыл бұрын
can i see if a hacker is in my computer with programs that show all the devices that are in your network like who is on my wifi?
@positivitychannel5551 3 жыл бұрын
Hi Kody I am a big fan. Could you help me with where I can find the config.ini file I am running it on linux I think I need to switch to windows for that ? Also, not able to find the breach compilation db could you please help?
@adolfTitlerr 2 жыл бұрын
can you share a link of the breach compilation
@Mega1137Gamez 5 жыл бұрын
How did you get it to list the passwords
@hq_beatrix2983 3 жыл бұрын
hey man ik im no special from your other subscriber but do you think we can set up a video call and u walk me through how to pull ip and send attack to the ip please respond
@robi8020 3 жыл бұрын
I love the info about these tools but they are usually a pain in the ass to figure out and use when you are on a non windows system and have to figure out which installer to use and why it’s not working. I usually spend about an hour smashing the keyboard, never get things working, then give up with no results. I don’t understand why great programmers can’t make these tools more readily usable and accessible.
@linuxvideoguy9475 5 жыл бұрын
I keep getting the same error. query.sh no such file or directory ??? And where did you get the breach list from ?
@uncreativeus3rname787 4 жыл бұрын
Did you ever find this out? :)
@scottg5728 4 жыл бұрын
Same problem here
@srikanth-pn3gh 5 жыл бұрын
which device are you using??
@alessandrosala5511 5 жыл бұрын
I download today the git but now is different from your tutorial.......can you write down here the new installation?
@pyguy9915 5 жыл бұрын
Maybe a dumb question, but it's unclear to me--is it legal to download the breach compilation? There's some discussion on Reddit with folks arguing that it's not legal to store the data since it's stolen, although now that the data are basically public...
@ShadowEmpathy 4 ай бұрын
idk, but no comments and likes in 5 years? lemme change that
@tubehelpr 5 жыл бұрын
Any idea why a certain email address would return the error: Warning: Breach compilation list index out of range? All others work fine...
@mgazyani 4 жыл бұрын
Where did you get the database from??
@muhammadhassnain7453 Жыл бұрын
Tell me too please
@douglasmstewart 5 жыл бұрын
Not sure why but pip3 always give problems in kali. Is the package not properly maintained?
@ivancastillo7156 2 жыл бұрын
where can I find this list? asking for a friend that is doing research.....
@8989youu 5 жыл бұрын
Dude, you are awesome!
@BamaDega 5 жыл бұрын
Nice info bro!
@fancywaifu9821 3 жыл бұрын
With the new and updated h8mail were u install through pip3, h8mail doesn't work for me for some reason. Idk how to fix it
@jaikaarbhogal 5 жыл бұрын
How do I fix the error where it says cannot contact HIBP with CF bypass
@jKomwa02 5 жыл бұрын
What’s the name of the laptop. Looking to upgrade mine
@Dave-kq7gv 5 жыл бұрын
top shelf content, good Sir
@adammagdy2795 5 жыл бұрын
thanks very much for the good content :D
@tahmidislam7652 2 ай бұрын
MY MAN DOESN'T BLINK
@garnery-tv8226 4 жыл бұрын
I have a question if you’d respond itll be great, instead of kali Linux, would it be ok if I used parrot security
@alexmartinez1151 3 жыл бұрын
Yes
@mustafakhan948 2 жыл бұрын
Hi, for me it's not working. I am using windows 10. Should I install Bash Script UNIX for my system?
@SinanAkkoyun 5 жыл бұрын
Where can I get this breach compilation file??
@helpme2999 3 жыл бұрын
this
@SinanAkkoyun 3 жыл бұрын
@@helpme2999 Help me
@ZxcFleacked 2 жыл бұрын
reddit
@hatimaliraqisongsandotheri5268 3 жыл бұрын
Can you search by password? I mean the other way around. Thanks.
@officialhumanityparty9483 5 жыл бұрын
Great now I can make a brute force list with this too for hydra
@sheilasolosthemcu 2 жыл бұрын
Where do you get the BreachCompilation? I ran the command on Kali and it said it doesn’t exist
@user-fx6um6iz9u Жыл бұрын
The above name on the Channel possesses the fastest andstrongest in hacking and recovering skills. Just got mine fixed
@nemoland426 3 жыл бұрын
Where can I get the breached compilation local file?
@user-fx6um6iz9u Жыл бұрын
Finally I got solution through the above details his service is fast and effective thanks Anom6000hack for the good work.
@mehul_deshwali_ 4 жыл бұрын
Do you have date breach link?.
@ucanhnguyen7167 5 жыл бұрын
you're the best
@worldlesscat4019 3 жыл бұрын
which program is this
@mgazyani 4 жыл бұрын
Been searching for a while now, wasnt able to find the breached database..can someone please help?
@ivannunez2524 4 жыл бұрын
Im after the same thing
@crowtek2503 4 жыл бұрын
@romannepal1653 4 жыл бұрын
-lb/--local:'expected one argument ' error is making me mad. Please anyone help me with it. I have downloaded all the breach compilation file which is 45gb or so. I can give you link if you help me with this error
@ramprashanth 4 жыл бұрын
github.com/khast3x/h8mail Check out the new documentation... It is much simpler now.
@DishTVupdates 5 жыл бұрын
How can I use the Breach compilation API, if I don't want to download that huge file
@mgazyani 4 жыл бұрын
Did you get it??
@NetHacker100 3 жыл бұрын
@@mgazyani Did you get it?
@mgazyani 3 жыл бұрын
R. Nope.
@rozer4660 4 жыл бұрын
Does it work on windows ?
@bufordmaddogtannen 5 жыл бұрын
Has the list really been cleaned up or does it still contain 50%+ duplicates as it is usually the case?
@NullByteWHT 5 жыл бұрын
It's been cleaned and organized
@NightfallChease 5 жыл бұрын
Hey maybe you could help me... Iam using Kali-Linux as a Microsoft application on my Win10 Computer. I got 2 RaspberryPi's but my Pc is much faster than the Raspberry Pi's (so iam using it). Do u know how i can download the BrachCompalation without some rTorrent or qBittorrent? Is there a nother way or a better torrent/magnet installer?
@muhammadhassnain7453 Жыл бұрын
First of all tell me please from where did you downloaded the breach compilation torrent
@soltiscd 3 жыл бұрын
How would you just search a single email address?
@user-fx6um6iz9u Жыл бұрын
Finally I got solution through the above details his service is fast and effective thanks Anom6000hack for the good work.
@nickhogg5575 5 жыл бұрын
Can u do a video where it's used with the API instead of just locally
@mplserin 4 жыл бұрын
If you can't figure out how to use the API instead of a breach file (installed locally) yourself, then you may need more knowledge & practice with these tools before you consider doing this yourself.
@zake2255 4 жыл бұрын
You need paid services
@chaitanyakulkarni6416 3 жыл бұрын
@@mplserin asking for help is the step to learning , that kid is trying to get hep cause he is not smart and experience like you , go easy on kids
@redpilledpatriot6868 4 жыл бұрын
The commands I used: cd Desktop, apt-get install nodejs, git clone github.com/khast3x/h8mail.git, cd h8mail, pip3 install -r requirements.txt. I got an error saying that "pip is configured with locations that require TLS/SSL" after executing that last command I listed. I also ran into an error after executing theHarvester -d theguardian.com -l 1000 -b pgp, it said "invalid source".
@rumilol2989 3 жыл бұрын
Null byte. Hey I was involved in the Wattpad breach and I’m really scared. I’ve changed passwords and deleted accounts. I just wanted to know if I can be hunted down? It’s been 4 months. Should I still be scared? Please reply soon. Thanks
@amoyzegh 3 жыл бұрын
Nope since you changed your passwords. If your old password is related to your secret questions than you should change it.
@rumilol2989 3 жыл бұрын
@@amoyzegh ok thanks so much. Can someone steal my identity with the info stolen?
@amoyzegh 3 жыл бұрын
@@rumilol2989 Nope since they don't have access to your accounts (because you changed the passwords)
@rumilol2989 3 жыл бұрын
@@amoyzegh I think they have my birthdate I’m not sure I think I put in a fake one tho I don’t actually remember and my full names
@rumilol2989 3 жыл бұрын
@@amoyzegh I deleted the email linked and made a new one and used a new one for all my social media’s. I’ve changed tho passwords too.
@jamesh3639 3 жыл бұрын
Does this work on any distros or only kali?
@7kclouds319 2 жыл бұрын
Kali is based on Ubuntu, so yes.
@jamesh3639 2 жыл бұрын
@@7kclouds319 What about Arch?
@7kclouds319 2 жыл бұрын
@@jamesh3639 That might work if you have Python3 installed. As well as pip.
@adammagdy2795 5 жыл бұрын
can you use a wordlist instead of the breach Compilation???
@tyjohnston5889 Жыл бұрын
4yrs later....yes
@TalesGrimm 5 жыл бұрын
Is this better than Cr3dOv3r?
@user-ft1nd2bo1e 9 ай бұрын
Can someone tell me if this really worked? And how much gigabyte do l need to download the file
@dracodayss6566 2 жыл бұрын
yo where is the breach compilation u found
@nathan-ql5vh 4 жыл бұрын
what is the terminal he is usin. he never explains in his video he just goes to it
@eliddell1 5 жыл бұрын
For those getting the query.sh file not found, you seem to not have downloaded the db and likely just a text file. I am having a different problem, where the file is giving me a permission denied error. Yes i tried changing the permissions, but nothing.. I am able to run the query.sh manually running "bash query.sh" but not "sh query.sh"
@eliddell1 5 жыл бұрын
ok so i kind of got passed the permissions problem by editing the h8mail.py script changing: procfd = subprocess.run([query_bin, t.email], stdout=subprocess.PIPE) to: procfd = subprocess.run([query_bin, t.email], executable='/bin/bash', stdout=subprocess.PIPE) but now i get a file not found for each email like so: /media/root/Locust/BreachCompilation/query.sh: jflowers@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: jengurl@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: countryboy@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: johnboy@whitehouse.gov: No such file or directory /media/root/Locust/BreachCompilation/query.sh: alice@anon-server.whitehouse.gov: No such file or directory anyone seeing this?
@NightfallChease 5 жыл бұрын
Hey ^^. Do u know how i can install the magnet file from the DB folder without using some other programss like rtorrent or qbittorent or something like this bcs my rtorrent wont downlaod the file and I cant use the other bcs i use kali as a microsoft application (thx alot)
@Monalexander799 5 жыл бұрын
Did you ever get this fixed?@@eliddell1
@tyjohnston5889 Жыл бұрын
@moneymon007 Just wait a little bit and surely your question will be answered lol.
@j_owatson 3 жыл бұрын
could someone link me the breach compilation
@donjames5761 3 жыл бұрын
can i use ubuntu for this or does it have to be keli ?
@NullByteWHT 3 жыл бұрын
Ubuntu should work.
@howtodefeatgangstalking Жыл бұрын
How do we put the api keys in
@LoLOfIron 2 жыл бұрын
How download that breache ??
@MrGFYne1337357 5 жыл бұрын
i keep getting a query.sh error......... otherwise tool works without the -bc option
@echelon5162 5 жыл бұрын
I'm extremely late, but to fix the error: *Download the correct BreachCompilation File* (If you already have the correct file, skip this step) Download the file using the magnet link here raidforums.com/Thread-Breach-Compliation-you-know-the-one-Free This file is 44GB, so make sure you have the available disk space *Replace the **query.sh** file* Replace the query.sh text by opening it in a text editor and replacing it with this gist.github.com/nlitsme/6f138e72b328c28520d64d7e03f2d5f9 Hopefully, if all goes well, this should fix the error. Again, I'm late on this, but from my experience this is what caused the error.
@AnimeVeldora 4 жыл бұрын
Could not fetch URL pypi.org/simple/h8mail/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/h8mail/ (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.")) - skipping ERROR: Could not find a version that satisfies the requirement h8mail (from versions: none) ERROR: No matching distribution found for h8mail
@sleepydj4704 5 жыл бұрын
do I use in cmd or powershell
@Oef200862nd 5 жыл бұрын
Need to use Linux Kali is the best dis for this.....
@igorsan0101 5 жыл бұрын
Awesomeeeeeeee!!!! Thanks
@mouthfulacoque3580 4 жыл бұрын
Does that count as a blink?
@Elias-qn2rg 4 жыл бұрын
wdym blink?
@echelon5162 5 жыл бұрын
If you are using Homebrew, these are the installation instructions I had to follow: *Installing pip3* pip.pypa.io/en/stable/installing/ *H8mail installation* brew install nodejs git clone github.com/khast3x/h8mail.git cd h8mail pip3 install -r requirements.txt python3 h8mail.py -h
@user-lz8zv8rl6h Жыл бұрын
11:45 PEople be keeping "SEX" as password BRUH
@thehound3961 5 жыл бұрын
# 8......keep them coming......
@whatiknowis 5 жыл бұрын
were can i install the breach Compilation
@mgazyani 4 жыл бұрын
Did you get it??
@scottg5728 4 жыл бұрын
Ye did you get it?
@frostyboi6989 5 жыл бұрын
How do you run Linux kali in Windsose 10 pls answer
@mihaiioc.3809 5 жыл бұрын
virtual machine
@AK-cm7uf 4 жыл бұрын
Dual boot!
@gaydolfhitler6310 5 жыл бұрын
Whats the legality of this? I mean they were leaked but I presume they were hacked before. I would think possession of stolen property at worst depending on what country you are in.
@NullByteWHT 5 жыл бұрын
Great question, Gaydolf, as always. This should be legal, but that can vary by country. In general, this wouldn't be too bad in and of itself, but it looks pretty bad if you've been doing a bunch of other sketchy hacking stuff. After stolen stuff is public domain it becomes harder to track, and in general, if it can be found openly and downloaded with a google search, it can't be expected that you were involved in stealing it.
@gaydolfhitler6310 5 жыл бұрын
@@NullByteWHT Yeah there no way anyone can expect you stole it. Where I am in the EU laws are written very ambiguously. I always get the impression that if you annoy the wrong people they will find something. I remember (as far as i could tell) hearing that google was fined 5 Billion under anti-competitive laws because they made phone manufactures that use android to include google's apps (music, Hangouts, Drive ect). Great video as always btw :).
@NullByteWHT 5 жыл бұрын
@@gaydolfhitler6310 Thank you! Actually, it is the same here, the laws are very vague and I saw a great talk on how most pentesters could actually be breaking the law because of how shitty agreements are between companies and pentesters.
@NullByteWHT 5 жыл бұрын
@@gaydolfhitler6310 Say hi on Twitter sometime, I see you popping up with good advice in the comments
@gaydolfhitler6310 5 жыл бұрын
@@NullByteWHT I think the US has a law that outlaws vague laws (Its a bit of an oxymoron). Thanks. Its all down too much time binge watching deacon and black hat conferences and I would if i was on twitter
@lililol7694 4 жыл бұрын
hey I just want to knew if its still working
@ramprashanth 4 жыл бұрын
Yes!
@abhishekpcc2637 2 жыл бұрын
How did you manage to use an external hard drive, in order to save to local space?
@tyjohnston5889 Жыл бұрын
On Kali Pi anyway I used: Inserted external USB Right clicked Icon Permissions Permanently mounted with access Added the path to downloads ie: #~/media/usb/password_download at the end
@niko-SMC 5 жыл бұрын
wow very nice
@AnonyMous-rj2te 5 жыл бұрын
alwayas my fav
@SinanAkkoyun 5 жыл бұрын
Why do you live show the passwords of these journalists? Are they a fake result?
@desiredditor 4 жыл бұрын
buddy where is the breached file that i can download
@blakerowland5562 3 жыл бұрын
Your kidding right
@Morpheus776 5 жыл бұрын
can you make a video about TempleOS? or give your opinion on it?
@lancelotwilliams1112 4 жыл бұрын
no such file or directory....pip3 install -r requirements.txt
@NullByteWHT 4 жыл бұрын
just run pip3 install h8mail You can find the docs here if you have any other issues. github.com/khast3x/h8mail
@muhammadhassnain7453 Жыл бұрын
Mine worked with python -m pip install h8mail
@muhammadhassnain7453 Жыл бұрын
I've also installed it on my android phone.
@kyuk3tsuk12 11 ай бұрын
im still amazed that its FOURTY FOUR GIGS OMG
@rshrewd8809 5 жыл бұрын
what if youtube ban this channel ? is every video gonna be gone from the public ?
@laughingman2531 5 жыл бұрын
they can't its a prober company they do it's its a law suite
@SwapnilSingh4u 5 жыл бұрын
He has maintained the policy guidelines so it will not happen but we can't say for sure what they can change in their policy guidelines.
@laughingman2531 5 жыл бұрын
+D Hacker ya ture
@spotifyvibes319 5 жыл бұрын
cαn u línk thє 44 gв fílє
@MartianMoon 5 жыл бұрын
Google Breach Compilation Torrent
@NullByteWHT 5 жыл бұрын
@@MartianMoon This is the correct answer
@kevinhuddle 5 жыл бұрын
@@NullByteWHT Once you get the zip file, how do you use it? it doesn't seem to parse as a txt file. It looks for query.sh (not a directory)
@kevinhuddle 5 жыл бұрын
@@NullByteWHT Great video by the way, this is really fun to play with so far. H8mail is basically haveibeenpwned without the compilation.
@mikee. 5 жыл бұрын
@@kevinhuddle just run query.sh m8
@skunkhead2007 5 жыл бұрын
pip 3 ? not 'pip' alone :-) thanks very much ...
@matteobarsanti8139 3 жыл бұрын
I think you leaked my leak hahahaha
@geoqallen1871 4 жыл бұрын
Not all heros wear capes guys.
@NullByteWHT 4 жыл бұрын
Haha 🤓
@rozer4660 4 жыл бұрын
Why tf there is no youtube recommandation
@GameChannelOfficial 5 жыл бұрын
Топ!
@zawmin470 5 жыл бұрын
WoW
Marat Oralgazin
Рет қаралды 440 М.
AICodeKing
Рет қаралды 3,9 М.
David Bombal
Рет қаралды 124 М.