hydra

Parallelized online login cracker.

Usage

Generally, -l username and -p password will only try username and password, where -L usernames and -P passwords will try all possible candidates in the provided lists.

SSH

Given a username and a wordlist, one would do the following

hydra -l username -P wordlist ip ssh

FTP

Given a list of usernames and a wordlist, one would do the following

hydra -L usernames -P wordlist ip ftp

Telnet

Given a list of usernames and a password, one would do the following to make hydra exit when a successful pair is found

hydra -L usernames -p password -f ip telnet

HTTP Basic Authentication

Given a username, some wordlist, and say you are prompted to authenticate when visiting www.example.com/auth, one would then do the following to bruteforce HTTP Basic Authentication

hydra -l username -P wordlist www.example.com http-head /auth/

http-get should be used for https, but I haven't tried this myself.

HTTP POST form

Given a username alice, some wordlist, and say login is via a http post form on http://ip/login where the word "incorrect" is in the error message upon an invalid login.

hydra -l alice -P wordlist ip http-post-form "/login/:username=^USER^&password=^PASS^:F=incorrect" -V -

-V is for verbose output.

https-post-form should be used for https.

Miscellaneous

The flag -e takes the following values

n: Try null (blank/empty) password for each candidate
s: Try username/username for each candidate
r: Try password/username for each username/password candidate

Threads

The number of threads can be specified using the -t flag, default value is 16.

Port

A non-standard port can be specified using the -s flag.

IPv6

IPv6 can be specified using the -6 flag.

Exit upon successful pair

Specified by the -f flag.

Reference

See https://github.com/vanhauser-thc/thc-hydra or hydra -h for more documentation.

Previoushcxhashtool Nextjohn

Last updated 3 years ago