hydra
Parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.
Details
Category: Passwords
Publisher: trickest-mhmdiaa
Created Date: 7/14/2023
Container: quay.io/trickest/thchydra:93abd60-patch-3
Source URL: https://github.com/vanhauser-thc/thc-hydra
Parameters
Command:
-4
- use IPv4 addresses (default)Command:
-6
- use IPv6 addresses (put always in [] also in servers-to-attack)Command:
-s
- if the service is on a different default port, define it hereCommand:
-d
- debug modeCommand:
-l
- login with login nameCommand:
-q
- do not print messages about connection errorsCommand:
-L
- load several logins from fileCommand:
- the target: DNS, IP or 192.168.0.0/24 (this OR the servers-to-attack option)Command:
-O
- use old SSL v2 and v3Command:
-M
- List of servers to attack, one entry per line, ':' to specify portCommand:
- the service to crack. Supported: adam6500 asterisk cisco cisco-enable cvs ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmppCommand:
-v
- verbose modeCommand:
-p
- try passwordCommand:
-P
- load several passwords from FILECommand:
-f
- exit when a login/pass pair is found per hostCommand:
-e
- try n null password, s login as pass and/or r reversed loginCommand:
-b
- output format: text(default), json, jsonv1Command:
-T
- run a number of connects in parallel overall (default: 64)Command:
-C
- colon separated login:pass format, instead of usernames/passwords filesCommand:
-x
- MIN:MAX:CHARSET password bruteforce generation. e.g 5:8:A1 generate passwords from length 5 to 8 with uppercase characters and numbersCommand:
-V
- show login+pass for each attemptCommand:
-K
- do not redo failed attempts (good for servers-to-attack mass scanning)Command:
-F
- exit when any login/pass pair is found globallyCommand:
-u
- loop around users, not passwords (effective! implied with -x)Command:
-t
- Run a number of connects in parallel per target (default: 16)Command:
-r
- use a non-random shuffling method for option -xCommand:
-S
- perform an SSL connectCommand:
-c
- wait time per login attempt over all threads (enforces threads-per-target: 1)Command:
-w
- wait time for a response (default: 32)Command:
-y
- disable use of symbols in bruteforceCommand:
-W
- wait time between connects per thread (default: 0)