Password cracking

imEH · April 15, 2019, 5:00am

Suppose that we are cracking (say Gmail) password using any password cracking tool like medusa,hydra or whatever.
Does the victim get notifications that “someone is trying to access your Gmail”?
If yes, how can we avoid it?

MoUsE · April 15, 2019, 5:05am

Yes they get a notification… it says when and where it was done… But ofcourse U can trick the location.

Cyber_saviour · April 15, 2019, 5:12am

Yes , the victim will get it for sure if there are more than 6 - 10 unsuccessful login attempts . And after that google just black lists your ipaddress and you won’t be able to login . To avoid such kinda issues you need to increase the threadings … it means while you brute force the password then the ipaddress changes for every 3-4 tries to fool the Google system . But still I guess you can’t login because I am pretty much sure that you might have encountered any captcha in you online life saying that to prove yourself that you are not a robot right , so this captcha can only be bypassed if the hacker is able to create any image processing AI. If this can be achieved then you can bruteforce the account.

But but but … Just take off this idea of bruteforceing the password from your mind because there is only 2% chance of a successful bruteforce attemp that too when you are able to create a master password list.

D4rkhunt3r · April 21, 2019, 8:58am

Others have answered your questions so i will answer next part of your question. No you cannot avoid this issue of google sending notification to your victim while trying to bruteforce his/her account unless you hack into google servers and change the settings there. Chances are there that the setting to wheather or not receive a notification wouldn’t be available as todays websites have this system of notification by default.

sisiennajar · May 19, 2021, 9:40pm

all have answered your question and i just will add some info ,
the security of gmail accounts now are high , so if you try to brutefroce passw , the account will be blocked after a number of tries , i thinks if you try to hack the machine , try with keylogger it would be more guaranteed , than brute forcing , also , i have read some topics in cyber securities , that brute forcing , will show you a password as it is correct but it is fake , because the security in the server of gmail will fool you . hope i help …

C_J · February 18, 2022, 12:56pm

Yes the victim you get an alert if you try to brute force it and get it wrong to many time’s or if the password cracker accidentally lock the account. however you could spoof your location and ip (IPv4 and IPv6) to hide your identity and whereabouts. A free tool that you can use to hide your ip online is to use a VPN (Virtual Private Network) service, I love to use Proton VPN or a SOCKS proxy. As an alternative to that you could get the best of all and just use tor. I hope that you found my suggestions helpful and I hope that use use it for lawful activity.