Email Address Harvesting
Introduction
Harvesting email addresses is a common part of any external penetration test. Several tools exist that can be easily found with a simple google search that can greatly decrease the amount of time spent combing through search engine results.
I have recently released a new tool into the BackTrack Linux penetration testing distribution that has proven useful on many of my external gigs.
Introducing Jigsaw. Jigsaw is a simple ruby script that searches www.jigsaw.com for employee records and crafts email addresses based on first and last name entries pulled down from their website.
Installation
In Backtrack, installation is as simple as typing:
$ apt-get install jigsaw
Otherwise you can clone the git repository from the above link.
Usage
$ ./jigsaw -h
Jigsaw 1.0 ( http://www.pentestgeek.com/ - http://hdesser.wordpress.com/ )
Usage: jigsaw [options]
example: jigsaw -s Google
-i, –id [Jigsaw Company ID] The Jigsaw ID to use to pull records
-s, –search [Company Name] Name of organization to search for
-r, –report [Output Filename] Name to use for report EXAMPLE: ‘-r google’ will generate ‘google.csv’
-v, –verbose Enables verbose output
Examples:
$ ./jigsaw -s Google
Your search returned more then one company
Jigsaw ID: 215043 – Google, Inc. 6,627 employees.
Jigsaw ID: 224667 – Google Postini Services 149 employees.
Jigsaw ID: 439035 – AdMob Google Inc 2 employees.
Jigsaw ID: 5032028 – Google Inc 1 employees.
…
$ ./jigsaw -i 215043 |grep -i market |grep -i manager
Fyall, Mike - Product Marketing Manager
Ramaswamy, Jenny - Marketing Manager
Satyasai, Serena - Product Marketing Manager
Fu, John - Product Marketing Manager
Shah, Davang - Group Marketing Manager-US Large Advertiser Marketing
...
Reporting
Standard output to the command line is great for searching specific records however the real value in this tool is generating a .csv report that you can open in any spreadsheet application and then filter for records belonging to specific employee or user groups such as Sales & Marketing or Information Systems.
The following query takes about 1 minute to run on my Macbook Pro and pulls 6.5k records from Google.
Royces-MacBook-Pro:jigsaw r3dy$ ./jigsaw.rb -s google.com
Jigsaw ID for google.com is: 215043
Royces-MacBook-Pro:jigsaw r3dy$ ./jigsaw.rb -i 215043 -v -r google
Your target has 22 domain/s:
adwords.google.com
coppermountain.com
email.mot.com
google.ca
google.co.nz
google.co.uk
google.com
google.ie
mot.com
motorola-labs.com
motorola.ca
motorola.com
motorola.com.sg
motorolacareers.com
netplane.com
orthogonsystems.com
quantumbridge.com
sickdimension.com
sites.google.com
symbol.com
tutsys.com
youtube.com
Enter the name of the domain to use for crafting emails: google.com
Found 1122 records in Sales
Found 670 records in Marketing
Found 910 records in Finance & Administration
Found 245 records in Human Resources
Found 162 records in Support
Found 1410 records in Engineering & Research
Found 375 records in Operations
Found 1209 records in IT & IS
Found 468 records in Other
Wrote 6569 records to google.csv
Royces-MacBook-Pro:jigsaw r3dy$
Click on the link below to see a screenshot of the CSV Report:
CSV Report Screenshot
Share this article
Leave a Reply
Share This
Recent Posts
- Playing With the New Burp Suite REST API
- Burp Suite 2.0 Beta Review
- Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’
- GPG Errors While Updating Kali Linux
- Installing Kali NetHunter on HTC Nexus 9
Subscribe To Our Mailing List
The Ultimate Burp Suite Training Program
Learn Network Penetration Testing
Penetration Testing
Categories
- AWBS
- Burp Suite
- Definitions
- Forensics and Incident Response
- Information Gathering
- Metasploit
- Penetration Testing Tutorials
- Phishing
- Presentations
- Tools
- Web Applications
- Wireless
./jigsaw.rb -s google -u myemailaddress -p password
Error getting cookie. Timeout::Error
Searching for google.
Error performing search. undefined method `keys’ for #
Using jigsaw 1.3 in Backtrack 5r3 gave me lots of errors that i dont know how to fix:
root@bt:/pentest/enumeration/jigsaw# ./jigsaw.rb -s google
Searching for google.
Jigsaw ID: 215043 – Google, Inc. (5,896 employee/s)
Jigsaw ID: 224667 – Google Postini Services (159 employee/s)
Jigsaw ID: 439035 – AdMob Google Inc (3 employee/s)
Jigsaw ID: 3661145 – Maps and Google Maps (1 employee/s)
Jigsaw ID: 5170157 – Get Found on Google (0 employee/s)
Jigsaw ID: 5124294 – Google Web List (0 employee/s)
Jigsaw ID: 5138337 – Indian Art Company (0 employee/s)
Jigsaw ID: 5184654 – Master Google (0 employee/s)
Jigsaw ID: 5185023 – Davis Oldfield Inc (0 employee/s)
Jigsaw ID: 5068941 – Appliance Service and Repair Center (0 employee/s)
Jigsaw ID: 4866147 – Google Ventures (0 employee/s)
Jigsaw ID: 458155 – Oogles N Googles (0 employee/s)
Jigsaw ID: 1794426 – California Power and Light (0 employee/s)
Jigsaw ID: 2378402 – How To Use Google (0 employee/s)
root@bt:/pentest/enumeration/jigsaw# ./jigsaw.rb -i
root@bt:/pentest/enumeration/jigsaw# ^C
root@bt:/pentest/enumeration/jigsaw# ./jigsaw.rb -i 224667
Your target has 3 domain/s:
[1] – neomeo.com
[2] – postini.com
[3] – postinicorp.com
Enter the number of the domain to use for crafting emails: 2
Using ‘postini.com’ to craft emails.
Found 27 records in the Sales department.
Found 15 records in the Marketing department.
Found 17 records in the Finance & Administration department.
Found 4 records in the Human Resources department.
Error retrieving number of records Timeout::Error
Error retrieving number of records Connection timed out – connect(2)
Error retrieving number of records Connection timed out – connect(2)
Then when i tried to run it a second time all i got was:
root@bt:/pentest/enumeration/jigsaw# ./jigsaw.rb -s google
Error getting cookie. Connection timed out – connect(2)
Searching for google.
Error performing search. undefined method `keys’ for #
root@bt:/pentest/enumeration/jigsaw#
I have uninstalled, reinstalled, restarted, even downgraded once but still nothing.
I am trying to use jigsaw, but when I email harvest it doesn’t display full names and I think it is also doing the same with the emails, not printing full names of email addresses of people
Thanks Royce, I’ll make sure to update my jigsaw before running.
Maybe a dumb question but my reports are all crunched together with elipses between where it cuts off. Any quick advice. Love the program by the way.
Not a dumb quesiton at all. jigsw.com changed the way they display info to unauthenticated users. So the new 1.3 version was patched by Travils Lee to support authentication and then it works just fine.
So make sure to pull down the latest version from the github repo and you should be good to go.
Can you validate that you are using the current stable version 1.2? Run ‘./jigsaw.rb -h’
Thanks!
I am having the same issue. Commands and output are below.
Thanks.
./jigsaw.rb -s google
Your search returned more then one company
Jigsaw ID: 215043 – Google, Inc. 5,948 employees.
Jigsaw ID: 224667 – Google Postini Services 160 employees.
Jigsaw ID: 5068941 – Sitters On-Call 4 employees.
Jigsaw ID: 439035 – AdMob Google Inc 3 employees.
Jigsaw ID: 1794426 – California Power and Light 0 employees.
Jigsaw ID: 458155 – Oogles N Googles 0 employees.
Jigsaw ID: 4866147 – Google Ventures 0 employees.
Jigsaw ID: 2378402 – How To Use Google 0 employees.
Jigsaw ID: 5124294 – Google Web List 0 employees.
Jigsaw ID: 5138337 – Indian Art Company 0 employees.
./jigsaw.rb -i 215043
/usr/lib/ruby/1.9.2/net/protocol.rb:140:in `rescue in rbuf_fill’: Timeout::Error (Timeout::Error)
from /usr/lib/ruby/1.9.2/net/protocol.rb:134:in `rbuf_fill’
from /usr/lib/ruby/1.9.2/net/protocol.rb:116:in `readuntil’
from /usr/lib/ruby/1.9.2/net/protocol.rb:126:in `readline’
from /usr/lib/ruby/1.9.2/net/http.rb:2211:in `read_status_line’
from /usr/lib/ruby/1.9.2/net/http.rb:2200:in `read_new’
from /usr/lib/ruby/1.9.2/net/http.rb:1183:in `transport_request’
from /usr/lib/ruby/1.9.2/net/http.rb:1169:in `request’
from /usr/lib/ruby/1.9.2/net/http.rb:1073:in `request_get’
from /usr/lib/ruby/1.9.2/net/http.rb:394:in `block in get_response’
from /usr/lib/ruby/1.9.2/net/http.rb:627:in `start’
from /usr/lib/ruby/1.9.2/net/http.rb:393:in `get_response’
from ./jigsaw.rb:65:in `get_employees’
from ./jigsaw.rb:223:in `block in ‘
from ./jigsaw.rb:222:in `each’
from ./jigsaw.rb:222:in `’
An impressive share! I have just forwarded this onto a colleague who had been
conducting a little research on this. And he actually bought me breakfast
simply because I stumbled upon it for him… lol.
So allow me to reword this…. Thanks for the meal!
! But yeah, thanks for spending some time to discuss this matter here on your website.
/usr/lib/ruby/1.9.2/net/protocol.rb:140:in `rescue in rbuf_fill’: Timeout::Error (Timeout::Error)
from /usr/lib/ruby/1.9.2/net/protocol.rb:134:in `rbuf_fill’
from /usr/lib/ruby/1.9.2/net/protocol.rb:116:in `readuntil’
from /usr/lib/ruby/1.9.2/net/protocol.rb:126:in `readline’
from /usr/lib/ruby/1.9.2/net/http.rb:2211:in `read_status_line’
from /usr/lib/ruby/1.9.2/net/http.rb:2200:in `read_new’
from /usr/lib/ruby/1.9.2/net/http.rb:1183:in `transport_request’
from /usr/lib/ruby/1.9.2/net/http.rb:1169:in `request’
from /usr/lib/ruby/1.9.2/net/http.rb:1073:in `request_get’
from /usr/lib/ruby/1.9.2/net/http.rb:394:in `block in get_response’
from /usr/lib/ruby/1.9.2/net/http.rb:627:in `start’
from /usr/lib/ruby/1.9.2/net/http.rb:393:in `get_response’
from ./jigsaw.rb:112:in `block in get_each_page’
Perhaps you could post the command you ran to generate that error. Otherwise I don’t know what to tell you :)
nice work