Tools Introduction
hydra is an automated blasting tools, brute weak passwords, is a tool to support many protocols blasting, it has been integrated into KaliLinux in open directly to the terminal.
hydra support services are:
POP3, SMB, RDP, SSH, FTP, POP3, Telnet, MYSQL ... (for example some common services)
Instructions
-l |
Specify a single user name, suitable for use when the user knows the name of blasting Username Password |
-L |
Specify more than one user name, file path parameter values stored user name (absolute path is recommended) |
-p |
Specify a single password for use in blasting know username and password |
-P |
Specify multiple passwords, password files stored parameter value (usually called a dictionary) path (absolute path is recommended) |
-C |
This parameter is used when a user name and password stored in a file. Note that the file (dictionary) must be stored in the format "username: password" format. |
-M |
Specify multiple targets, this parameter is stored in the target path of the file (absolute path is recommended). Note: The list of file storage format must be "address: port" |
-t |
Specifies the number of tasks when blasting (can be understood as the number of threads), the default is 16 |
-s |
Designated port for non-targeted port by default. For example: http service using a non-80 port |
-S |
When specifying the use of SSL links blast |
-R |
Continue continue blasting from the last blast on progress |
-v/-V |
Show Details blasting |
-f |
Once a stop blasting blasting success |
server | Representatives to attack targets (single), use multiple target -M parameters |
service | Type of service attack targets (understandable protocol used when blasting), such as http, in the hydra, different protocols use different modules blasting, hydra of http-get and http-post-based module to be used to get and blasting post requested page |
OPT | Additional parameters blasting module, you can use -U the parameters to view the module supports those parameters, such as the command:hydra -U http-get |
Use screenshots:
Command Details:
- Target: 192.168.56.12
- Modules used: ssh
- Blasting Username: the User (
-l
) - Password dictionary used: /root/Work/sshpasswd.list (
-P
) - Number of blasting threads: 6 (
-t
) - Show Details (
-V
) - After blasting a successful stop (
-f
)