hydra v8.8 released: Enhancements, bugfixes

THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: AFP, Cisco, cisco-enable, CVS, Firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, ICQ, IMAP, IMAP-NTLM, ldap2, ldap3, MySQL, mysql, NCP, nntp, oracle-listener, PCAnywhere, pcnfs, pop3, pop3-NTLM, Postgres, rexec, rlogin, rsh, sapr3, sip, smb, smbnt, SMTP-auth, SMTP-auth-NTLM, SNMP, socks5, ssh2, svn, TeamSpeak, telnet, vmauthd, vnc.

THIS TOOL IS FOR LEGAL PURPOSES ONLY!

Changelog 8.8

  • * New web page: https://github.com/vanhauser-thc/thc-hydra
    * added PROBLEMS file with known issues
    * rdp: disabled the module as it does not support the current protocol. If you want to add it contact me
    * ldap: fixed a dumb strlen on a potential null pointer
    * http-get/http-post:
       – now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch)
       – 403/404 errors are now always registered as failed attempts
    * mysql module: a non-default port was not working, fixed
    * added -w timeout support to ssh module
    * fixed various memory leaks in http-form module
    * corrected hydra return code to be 0 on success
    * added patch from debian maintainers which fixes spellings
    * fixed weird crash on x64 systems
    * many warning fixes by crondaemon

Installation

git clone https://github.com/vanhauser-thc/thc-hydra.git

./configure

make

make install

Use

PROTOCOL is the protocol you want to use for attacking, e.g. ftp, smtp, http-get or many others are available TARGET is the target you want to attack MODULE-OPTIONS are optional values which are special per PROTOCOL module

FIRST – select your target you have three options on how to specify the target you want to attack:

  1. a single target on the command line: just put the IP or DNS address in
  2. a network range on the command line: CIDR specification like “192.168.0.0/24”
  3. a list of hosts in a text file: one line per entry (see below)

SECOND – select your protocol Try to avoid telnet, as it is unreliable to detect a correct or false login attempt. Use a port scanner to see which protocols are enabled on the target.

THIRD – check if the module has optional parameters hydra -U PROTOCOL e.g. hydra -U smtp

FOURTH – the destination port this is optional! if no port is supplied the default common port for the PROTOCOL is used. If you specify SSL to use (“-S” option), the SSL common port is used by default.

If you use “://” notation, you must use “[” “]” brackets if you want to supply IPv6 addresses or CIDR (“192.168.0.0/24”) notations to attack: hydra [some command line options] ftp://[192.168.0.0/24]/ hydra [some command line options] -6 smtps://[2001:db8::1]/NTLM

Note that everything hydra does is IPv4 only! If you want to attack IPv6 addresses, you must add the “-6” command line option. All attacks are then IPv6 only!

If you want to supply your targets via a text file, you can not use the :// notation but use the old style and just supply the protocol (and module options): hydra [some command line options] -M targets.txt ftp You can supply also port for each target entry by adding “:” after a target entry in the file, e.g.:

foo.bar.com
target.com:21
unusual.port.com:2121
default.used.here.com
127.0.0.1
127.0.0.1:2121

 

 

Note that if you want to attach IPv6 targets, you must supply the -6 option and must put IPv6 addresses in brackets in the file(!) like this:

foo.bar.com
target.com:21
[fe80::1%eth0]
[2001::1]
[2002::2]:8080
[2a01:24a:133:0:00:123:ff:1a]

 

Tutorial

Copyright (C) vanhauser-thc

Share