hydra密码暴力破解工具

/hydra -v -V -l root -x 8 8 1 -t 64 -q 192.168.2.1 ftp

用户名root密码长度8~8，全数字，64线程 ftp协议

实测6位数字密码几分钟就破完了，大家设置密码的时候还是要注意密码复杂度。随便来个字母大小写+特殊符号+数组，破解难度几何式增长。

 

密码生成器格式：

Examples:

-x 3:5:a generate passwords from length 3 to 5 with all lowercase letters

-x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers

-x 1:3:/ generate passwords from length 1 to 3 containing only slashes

-x 5:5:/%,.- generate passwords with length 5 which consists only of /%,.-

-x 3:5:aA1 -y generate passwords from length 3 to 5 with a, A and 1 only

 

工具帮助：

Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

 

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-c TIME] [-ISOuvVd46] [-m MODULE_OPT] [service://server[:PORT][/OPT]]

 

Options:

-R restore a previous aborted/crashed session

-I ignore an existing restore file (don't wait 10 seconds)

-S perform an SSL connect

-s PORT if the service is on a different default port, define it here

-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE

-p PASS or -P FILE try password PASS, or load several passwords from FILE

-x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help

-y disable use of symbols in bruteforce, see above

-r rainy mode for password generation (-x)

-e nsr try "n" null password, "s" login as pass and/or "r" reversed login

-u loop around users, not passwords (effective! implied with -x)

-C FILE colon separated "login:pass" format, instead of -L/-P options

-M FILE list of servers to attack, one entry per line, ':' to specify port

-o FILE write found login/password pairs to FILE instead of stdout

-b FORMAT specify the format for the -o FILE: text(default), json, jsonv1

-f / -F exit when a login/pass pair is found (-M: -f per host, -F global)

-t TASKS run TASKS number of connects in parallel per target (default: 16)

-T TASKS run TASKS connects in parallel overall (for -M, default: 64)

-w / -W TIME wait time for a response (32) / between connects per thread (0)

-c TIME wait time per login attempt over all threads (enforces -t 1)

-4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M)

-v / -V / -d verbose mode / show login+pass for each attempt / debug mode

-O use old SSL v2 and v3

-K do not redo failed attempts (good for -M mass scanning)

-q do not print messages about connection errors

-U service module usage details

-m OPT options specific for a module, see -U output for information

-h more command line options (COMPLETE HELP)

server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)

service the service to crack (see below for supported protocols)

OPT some service modules support additional input (-U for module help)

 

Supported services: adam6500 asterisk cisco cisco-enable cvs firebird ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] memcached mongodb mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres radmin2 rdp redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp

 

Hydra is a tool to guess/crack valid login/password pairs.

Licensed under AGPL v3.0. The newest version is always available at;

https://github.com/vanhauser-thc/thc-hydra

Please don't use in military or secret service organizations, or for illegal

purposes. (This is a wish and non-binding - most such people do not care about

laws and ethics anyway - and tell themselves they are one of the good ones.)

These services were not compiled in: afp ncp oracle sapr3 smb2.

 

Use HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy setup.

E.g. % export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// connect://)

% export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 entries)

% export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080

% export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries)

 

Examples:

hydra -l user -P passlist.txt ftp://192.168.0.1

hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN

hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5

hydra -l admin -p password ftp://[192.168.0.0/24]/

hydra -L logins.txt -P pws.txt -M targets.txt ssh