首页 > 代码库 > Hydra介绍及使用
Hydra介绍及使用
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.
Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, and is made available under GPLv3 with a special OpenSSL license expansion.
Currently this tool supports:
AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.
This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.
详见官网:www.thc.org
使用说明:
-R 继续从上一次进度接着破解
-S 采用SSL链接(大写的S)
-s PORT 如果非默认端口,可通过这个参数指定
-l LOGIN 小写,用于指定破解的用户,对特定用户破解
-L FILE 大写,用于指定用户的用户名字典
-p PASS 小写,用于指定密码破解,少用,一般是采用密码字典
-P FILE 大写,用于指定密码字典
-e ns 额外的选项,n:空密码试探,s:使用指定账户和密码试探
-C FILE 使用冒号分割格式 例如 "登录名:密码"来代替-L/-P参数
-M FILE 指定目标列表文件一行一条
-o FILE 指定结果输出文件
-f 找到第一对登录名或者密码的时候中止破解
-t TASKS 同时运行的线程数,默认为16
-w TIME 设置最大超时的时间,单位秒,默认是30s
-v / -V 显示详细过程
server 目标ip
service 指定服务名,支持的服务跟协议有: telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt http-{head|get} http-{get|post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere teamspeak sip vmauthd firebird ncp afp
HYDRA_PROXY_HTTP 变量参数可以用来定义代理服务器(只能使用http代理)
语法:
HYDRA_PROXY_HTTP="http://ip:port/"
HYDRA_PROXY_CONNECT=ip:8000
如果你使用的代理需要用户名和密码,请使用HYDRA_PROXY_AUTH 变量参数:
HYDRA_PROXY_AUTH="the_login:the_password"