Hydra summary

Hydra Is a famous hacker organization THC Developed Open source Brute force tools , Support online password cracking for most protocols , It's network security · Penetration test A necessary tool .
Installation method ：Kali Bring it with you hydra, Search keywords directly .

Parameters,

stay Kali From the command line of hydra -h You can view it hydra All parameters of

See the following table for the specific parameter meanings ：

Usage method

stay hydra In the help command of, we provide some examples as follows

 hydra -l user -P passlist.txt ftp://192.168.0.1
 hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN
 hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5
 hydra -l admin -p password ftp://[192.168.0.0/24]/
 hydra -L logins.txt -P pws.txt -M targets.txt ssh

The basic usage of these commands is very similar , Let's take the first command as an example , In general, it can be divided into three parts , namely user name , password , and agreement

We use a OWASP The machine is used as the attacked machine to demonstrate several common protocol cracking methods
OWASP Environment building portal ： OWASP Broken Web Apps Penetration testing environment setup and installation tutorial

Crack SSH

We use the following command

hydra -L user.txt -P passwd.txt -o ssh.txt -vV -t ip  ssh -s 22   
-L  Specify the user dictionary file  
-P  Specifies the password dictionary file   
-o  Output success to ssh.txt file  
-vV  Show details   
-s  Specify another port   If you want to modify the default 22 port , have access to  -s  Parameters 

First, in the /test Create a new folder named userlist.txt The file of , And input some test data into it

stay /test Create a new folder named passwdlist.txt The file of , And input some test data into it

Enter the following command to start cracking

hydra -L /test/userlist.txt -P passwdlist.text -vV  -o ssh.txt -t 5 
192.168.0.129 ssh

From the output, we can see that there are 1 Group value successfully cracked

From the previous print, you can also see that the group value is rootowaspbwa

You can also find the cracked user name by viewing the saved directory file

Dictionary recommendation

Kali Bring your own password dictionary

The most important condition for the success of brute force cracking is to have a strong password dictionary ！Kali Some dictionaries are included by default , stay /usr/share/wordlists Under the table of contents

dirb Folder

The meaning of the dictionary file in this directory is as follows

• big.txt # A big dictionary
• small.txt # A little dictionary
• catala.txt # Project configuration Dictionary
• common.txt # Public Dictionary
• euskera.txt # Data catalog Dictionary
• extensions_common.txt # Common file extension Dictionary
• indexes.txt # Home page dictionary
• mutations_common.txt # Backup extension
• spanish.txt # Method name or Library Directory
• others # Extended Directory , Default user name, etc
• stress # Pressure test
• vulns # Vulnerability testing

28G Big dictionary

Whether the password can be cracked depends on whether the password dictionary is strong enough , Recommend a 28G Big dictionary , Compress 27M Less than , You know

Portal ：28G Super large password dictionary