Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Nice Brute Force Password Cracker
Posted 07 August 2004 - 04:37 AM
Number one of the biggest security holes are passwords, as every password security study shows.
Hydra is a parallized login cracker which supports numerous protocols to attack. New modules
are easy to add, beside that, it is flexible and very fast.
Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, LDAP, SMB, SMBNT, MS-SQL, MYSQL, REXEC,
CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3,
Cisco auth, Cisco enable, Cisco AAA (incorporated in telnet module).
This tool is a proof of concept code, to give researchers and security
consultants the possiblity to show how easy it would be to gain unauthorized
access from remote to a system
Posted 07 August 2004 - 06:09 AM
Posted 07 August 2004 - 06:49 PM
been using aout a hundred different programs for each protocol
but never had the time to look for an all-in-one
(will be used to show how weak the passwords at my work really are)
Posted 07 August 2004 - 07:04 PM
E:\FTP Files\Hacking-Cracking etc\Brute Forcer\hydra-4.2-win\hydra-4.2-win>hydra Hydra v4.2 [http://www.thc.org] (c) 2004 by van Hauser / THC <firstname.lastname@example.org> Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV] server service [OPT] Options: -R restore a previous aborted/crashed session -S connect via SSL -s PORT if the service is on a different default port, define it here -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE -p PASS or -P FILE try password PASS, or load several passwords from FILE -e ns additional checks, "n" for null password, "s" try login as pass -C FILE colon seperated "login:pass" format, instead of -L/-P options -M FILE server list for parallel attacks, -T TASKS sets max tasks per host -o FILE write found login/password pairs to FILE instead of stdout -f exit after the first found login/password pair (per host if -M) -t TASKS run TASKS number of connects in parallel (default: 16) -w TIME defines the max wait time in seconds for responses (default: 30) -v / -V verbose mode / show login+pass combination for each attempt server the target server (use either this OR the -M option) service the service to crack. Supported protocols: [telnet ftp pop3 imap smb smbnt http https http-proxy cisco cisco-enable ldap mssql mysql nntp vnc rexec socks5 snmp cvs icq pcnfs sapr3 ssh2 smtp-auth] OPT some service modules need special input (see README!) Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy. Hydra is a tool to guess/crack valid login/password pairs - use allowed only for legal purposes! If used commercially, name and web address must be mentioned in the report. You can always find the newest version at http://www.thc.org E:\FTP Files\Hacking-Cracking etc\Brute Forcer\hydra-4.2-win\hydra-4.2-win>
Those are the windows command line switches ... who needs a GUI when ya have CLI anywayz ?!?!?!
Posted 07 August 2004 - 11:59 PM
All I get is the command's that I entered.
Anyone know the proper way to get the results to show in a text file?
this is what I tried:
hydra -l -P c:\pass.txt -t 4 -v -V -o hydra.txt xx.xxx.xxx.xxx vnc
Posted 25 August 2004 - 09:08 AM
Posted 25 August 2004 - 09:18 AM
Posted 10 February 2012 - 04:44 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users