Details

Category: Passwords

Publisher: trickest-mhmdiaa

Created Date: 7/14/2023

Container: quay.io/trickest/thchydra:93abd60-patch-3

Source URL: https://github.com/vanhauser-thc/thc-hydra

Parameters

ipv4
boolean
Command: -4 - use IPv4 addresses (default)
ipv6
boolean
Command: -6 - use IPv6 addresses (put always in [] also in servers-to-attack)
port
string
Command: -s - if the service is on a different default port, define it here
debug
boolean
Command: -d - debug mode
login
string
Command: -l - login with login name
quiet
boolean
Command: -q - do not print messages about connection errors
logins
file
required
Command: -L - load several logins from file
server
string
Command: - the target: DNS, IP or 192.168.0.0/24 (this OR the servers-to-attack option)
old-ssl
boolean
Command: -O - use old SSL v2 and v3
servers
file
required
Command: -M - List of servers to attack, one entry per line, ':' to specify port
service
string
required
Command: - the service to crack. Supported: adam6500 asterisk cisco cisco-enable cvs ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp
verbose
boolean
Command: -v - verbose mode
password
string
Command: -p - try password
passwords
file
required
Command: -P - load several passwords from FILE
exit-found
boolean
Command: -f - exit when a login/pass pair is found per host
pass-gen-nsr
string
Command: -e - try n null password, s login as pass and/or r reversed login
output-format
string
Command: -b - output format: text(default), json, jsonv1
threads-global
string
Command: -T - run a number of connects in parallel overall (default: 64)
login-pass-file
file
Command: -C - colon separated login:pass format, instead of usernames/passwords files
pass-generation
string
Command: -x - MIN:MAX:CHARSET password bruteforce generation. e.g 5:8:A1 generate passwords from length 5 to 8 with uppercase characters and numbers
show-login-pass
boolean
Command: -V - show login+pass for each attempt
dont-redo-failed
boolean
Command: -K - do not redo failed attempts (good for servers-to-attack mass scanning)
exit-found-global
boolean
Command: -F - exit when any login/pass pair is found globally
loop-arround-users
string
Command: -u - loop around users, not passwords (effective! implied with -x)
threads-per-target
string
Command: -t - Run a number of connects in parallel per target (default: 16)
pass-gen-non-random
boolean
Command: -r - use a non-random shuffling method for option -x
perform-ssl-connect
boolean
Command: -S - perform an SSL connect
wait-time-per-login
string
Command: -c - wait time per login attempt over all threads (enforces threads-per-target: 1)
wait-time-for-response
string
Command: -w - wait time for a response (default: 32)
pass-gen-disable-symbols
boolean
Command: -y - disable use of symbols in bruteforce
wait-time-between-connects
string
Command: -W - wait time between connects per thread (default: 0)