In this tutorial, I will teach you how to crack a Gmail user's password with a brute force attack. To perform the attack, we will be using a script called Hydra, which comes preinstalled on your BackTrack 5 distribution bundle. The attack is simple; all we need is an email address for our victim and a wordlist or dictionary file. For those of you who don't know how to create a wordlist, I've added two different tutorials to show you how (links below). The larger your wordlist is, the more effective it will be in a brute force attack.
How To: Create a Wordlist With Crunch In BackTrack 5 -
This tutorial will teach you how to use a script called Crunch to generate a standard combination wordlist (uppercase and lowercase A-Z + 0-9 + Symbols).
How To: Password Profiling With CUPP In BackTrack 5 -
This tutorial will teach you how to use a technique called common user password profiling (CUPP) to generate a wordlist containing words that are specific to information about your victim.
How To: Merge Multiple Wordlists Into One Wordlist (BackTrack 5) -
I wrote a script called Wordmerge to facilitate the process of merging multiple wordlists together. This tutorial will provide you with the Wordmerge download, an overview, and step-by-step instructions.
Disclaimer: The information presented in this video tutorial is for educational purposes only. Please note that it is illegal to attempt this attack on any email or user account that does not belong to you. I am not liable for any illegal activities that you engage in as a result of obtaining this information. Use this knowledge in theory or apply it towards a hypothetical scenario.