Skip to content

Emagnet | v3.4.3

Emagnet is a very powerful tool for capturing email addresses and passwords from leaked databases uploaded on Pastebin.

It's almost impossible to find leaked passwords after they're removed from the list on pastebin.com.

Either they have been deleted by Pastebin's techs or the upload is just one in the crowd. To be honest it's easier to find a needle in a haystack then find outdated uploads on Pastebin.

Current Version News Tested On
3.4.3 More than twice as fast as the previous version Linux/MacOS/OpenWRT/Windows/Android
3.4.2 Support for scraping via API has been added Linux/MacOS/OpenWRT/Windows/Android
3.4.1 Support for SSH Tunnel/Socks5 proxy Linux/MacOS/OpenWRT/Windows/Android
3.4 Full support on android devices, no root required Linux/MacOS/OpenWRT/Windows/Android

About

Emagnet is a very powerful tool for capturing email addresses and passwords from leaked databases uploaded on Pastebin. It's almost impossible to find leaked passwords after they're removed from the list on pastebin.com. Either they have been deleted by Pastebin's techs or the upload is just one in the crowd. To be honest it's easier to find a needle in a haystack then find outdated uploads on Pastebin.

  • Parallel downloading! More than twice as fast as the previous version.
  • 555 files downloaded, over ~20.000 accounts found via auto brute-force using one command that takes approximately 4.51 seconds (see proof below)
  • Incredibly good results for successful attacks.
  • There is no other tool nearby that has more successful attempts than Emagnet.
  • Emagnet is quick, easy, unique and awesome!
  • Google used Emagnet's source to analyze their own site about 1year ago, this is how people are trying to attack accounts today.
  • No skills needed, even your grandmother can use Emagnet!
  • Bruteforce ssh targets and Microsoft Remote Desktop clients - extremely fast portscanning to choose our targets with X port open (netcat/xargs)
  • Super easy to add your own tools using inotifywait with Emagnet - See script example here
  • ./emagnet -g gmail will automate the attack for gmail/google accounts only - We skip the rest!
  • Read more on Google's security blog and automated-tools (emagnet)
  • Even 1 year after using Emagnet to analyze Google, it is still the best tool for it's purpose (2020-07-19) (7% using 2FA)
  • If the user does not have 2FA enable, you will succeed!
  • URL To Google's security blog (This was for try 2FA security): Google.com - Security Blog
  • Remember, bruteforcing accounts without the owner's approval violates the law.

Installation

Getting Started (Source)

git clone https://github.com/wuseman/emagnet
chmod +x emagnet/emagnet.sh
bash emagnet/emagnet.sh --emagnet

Getting Started (Docker)

  • Please notice that every docker maintainer is listed in the dockerfile.

Docker maintainers can never be held responsible for the EMAGNET project, they contribute by making the project available to users who prefer docker containers

  • Dockerfile
FROM "ubuntu:18.04"
MAINTAINER "M2kar<m2kar.cn@gmail.com>"
ARG EMAGNET_VERSION=3.4
RUN apt update \
    && apt-get install -y --no-install-recommends \
        inetutils-ping \
        wget \
        curl \
        screen \
        ca-certificates \
    && rm -rf /var/lib/apt/lists/*
RUN curl https://codeload.github.com/wuseman/EMAGNET/tar.gz/${EMAGNET_VERSION} > /tmp/emagnet.tar.gz \
    && tar -xzv -f /tmp/emagnet.tar.gz -C / \
    && ln -s /EMAGNET-${EMAGNET_VERSION} /EMAGNET
WORKDIR  /EMAGNET
CMD ["/EMAGNET/emagnet","--emagnet"]

Getting Started (Beta)

Visit releases for more info about the beta script.

System Requirements

  • GNU/Bash - Visit bash website fór more info
  • GNU/Sed - Visit gsed website fór more info
  • GNU/Gawk - Visit gawk website fór more info
  • GNU/Wget - Visit wget website fór more info

License

EMAGNET is release under GNU General Public License v3.0 - see the LICENSE

Terms and Conditions

Terms and Conditions

Attacking different kinds of accounts via Emagnet that you have not been granted permission to attack is strictly prohibited and it breaks the law. The punishment is grave and you can even get into prison in some countries just for trying to attack for intrusion. That said, it's important that all users are aware of this and when you have cloned or downloaded the repository it's fully up to you to take responsibility for your actions. Wuseman cannot be held responsible for the actions of any user, all users using Emagnet do so at their own responsibility.

All previews in this readme is from an unknown emagnet user

All my previews where a brute force attack has been done is under controlling forms with 100% fully permissions by the owners. If you have any questions about this then you are welcome to contact me or the owner.

Haters Gonna Hate

If you are one of these who dislikes EMAGNET and believe the program has been developed for a reason that would break the law then I am not interested in your opinions, keep them to yourself! Emagnet does NOT leak any data either to the developer(s) or anyone else. There are no statistics used to track any user so if you want to contact me to ask about them, it is completely useless since I really have no idea, and to be honest I don't care.

Pastebin patched the vulnerability

Pastebin patched the vulnerability I previously used in order to get recent uploads from pastebin.com/archive, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists).

Currently working on a new way to share all recent uploads for free.

Pastebin´s tweet can be found here

Read their terms of service here before this decision:

https://web.archive.org/web/20200410004902/https://pastebin.com/doc_terms_of_service

  1. Services Usage Limits You agree not to reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, or access to the Service without Pastebin's express written permission.

Scraping refers to extracting data from our Website via an automated process, such as a bot or webcrawler.

It does not refer to the collection of information through Pastebin's API. You may scrape the website for the following reasons:

Researchers may scrape public, non-personal information from Pastebin for research purposes, only if any publications resulting from that research are open access. Archivists may scrape Pastebin for public data for archival purposes. You may not scrape Pastebin for spamming purposes, including for the purposes of selling Pastebin users' personal information, such as to recruiters, headhunters, and job boards.

All use of Pastebin data gathered through scraping must comply with the Pastebin Privacy Statement.

Emagnet users are archivists! Right?

We didn't get the recent uploads from scrape.pastebin.com, we used pastebin.com/archive, this means our usage was in compliance with the privacy statements.

Whatever, this means that the Emagnet project has ended up in a pause phase as we will not go much further until this changes, but just wait. Soon the greed will come and they will open the pro section again. They can not run this service for free for too long.

April 2012, BBC News: "Pastebin running the site where hackers publicise their attacks"

Over recent years Pastebin.com has become a must-visit site for anyone wanting to keep track of the exploits of Anonymous and other hackers.

Text files containing emails, passwords and other hijacked information are often made public on the service - drawing attention as they climb its "trending pastes" list.

Twitter messages are frequently used to direct followers to the Pastebin, which has the advantage over the microblogging service of allowing "pastes" to run up to 0.5 megabytes in size rather than limiting them to 140 characters.

The platform was founded a decade ago, but its original owner sold it after thousands of people's Hotmail email passwords were exposed on the site in October 2009, leading him to briefly shut it down.

It was bought by Jeroen Vader - a Dutch internet entrepreneur who upgraded its features and has seen its popularity surge.

When he took it over in early 2010 Pastebin had 500,000 unique visitors a month. That number is now 17 million.

But as its profile has grown so have its problems.

Although many of the articles contain legally-shared information, Mr Vader says the authorities in Turkey and Pakistan have taken action to block the site after confidential data was exposed.

He also says that Pastebin itself has become the target of numerous hack and spam attacks.

Mr Vader agreed to be interviewed over email by the BBC - the following is an edit of the conversation:

Your site appears to have become one of the hacking community's favourite locations to publicise the results of its attacks. Why do you think this is - and does it cause you concern?

I am very happy and quite proud that so many people trust Pastebin as a place to publish their text. With the Trends section being checked by many journalists and the high search engine ranking on pastes, it can be quite beneficial for people to have their content on Pastebin. Often minutes after posting something it can be found in search engines such as Google.

How important do you think it is that hackers have an easily accessible facility like Pastebin to release their material rather than using parts of the net less likely to be visited by the general public?

The term hacker has received a lot of negative press over the years, but often that isn't fair at all. I think it is very important that people have access to sites like Pastebin, because it offers them total freedom of speech. Especially if they post their items behind a proxy of some kind, there is no way to trace who posted what. It is great to see that people use Pastebin as a platform to get their thoughts and ideals out to the rest of the world. A lot of items in the Trends section can be very interesting to read actually.

Your guidelines say users should not to post emails, stolen source code or password lists. Yet people associated with Anonymous often do this - and at times you have flagged up their actions on your own Twitter account - for example the YouPorn attack you tweeted about on 23 Feb. Do you accept that the popularity of such posts help drive traffic to the site and ultimately generates you advertising revenue?

We do indeed not allow people to post email lists and other personal information that does not belong to them. That said, we are very much aware that it happens a lot, but trying to automatically filter out such pastes is a pretty impossible task. Instead we heavily rely on our users to report items that do not comply with our FAQ. On average we get over 1,000 abuse reports a day via our on-site abuse report system, and another 200 or so come in via email. These are all monitored.

We would never link to sensitive information via our Twitter feed. The item you are referring to is rather harmless. It contains no user-names, but only some funny and rather shocking password statistics.

It has been reported that Pastebin has been blocked in Pakistan and Turkey by the authorities following the release of hacked local material posted to your site - can you provide an update on this, and comment on what you make of their actions?

Pakistan blocked us a few months ago, and three weeks ago Turkey also blocked us. We found out about this when users started to email and tweet about it. The authorities of these countries never told us about those blocks though. We have been asked to remove certain pieces of content by the authorities of both countries, and in both cases we have complied. Looking at our Google Analytics reports, it shows that even though the site has been blocked in those countries, the visitors drop is only about 50% in both cases. People still find a way to connect.

Some of our readers have expressed concern that some Pastebin posts reveal personal details of people working for the authorities - such as home addresses - or the identities of people paying for pornography which they might have wanted to keep private. Do you have concerns that your site could put lives in danger, or at the very least disrupt people's personal lives?

I am very much aware of the fact that it can be quite shocking when your personal information gets posted online by someone else. I've had it happen to me in the past, but luckily the information was posted on Pastebin so I was able to remove it quickly. It's important to understand that Pastebin.com monitors all removal requests, so when someone does get its personal information posted, we can often remove it within hours, sometimes minutes.

You say you monitor removal requests, but should you be more proactive? Bearing in mind people's home addresses and other personal details are sometimes posted to the site, do you have a responsibility to at least check what is trending at any time?

I am looking to hire some extra people soon to monitor more of the website's content, not just the items that are reported. Hopefully this will increase the speed in which we can remove sensitive information. This will give us more time to look at trending items in detail if they haven't been reported yet. Often articles contain a lot of information, and part of that can be a person's details. This does not mean straight away that it should be removed. Reading all those items, and determining which ones are hurtful, and which ones aren't, requires a lot of time. That's why we rely on the abuse report system at the moment. But there are plans to improve on this.

Last year you told one reporter that you tracked IP addresses - and had passed on the details to the authorities when asked in some cases. Can you provide more detail?

The main reason why we track IP information when people create a paste, is to be able to block them in case they spam a lot. Something which is a huge issue on Pastebin at the moment.

There have been a few cases when authorities request IP information from Pastebin, and we tend to comply with such requests, but only with a valid court order of course. Sharing IP information without such a court order is illegal in many countries. We do see that when a court order is presented, and we share the IP information, that it is often an IP from a proxy or some kind of anonymous browsing service. People who post sensitive information hardly even use their own home IP.

  • Emagnet is the No.1 tool for fetching leaks from Pastebin