水润包装说明

Hydra是一个并行登录破解,支持多种协议的攻击。这是非常快速和灵活,新的模块很容易添加。这个工具可以使研究人员和安全顾问,以显示这将是多么容易远程获得未经授权的访问系统。 它支持:思科AAA,思科权威性,思科实现,CVS,FTP,HTTP(S)构型-GET,HTTP(S)构型-POST,HTTP(S)-GET,HTTP(S)-head,基于HTTP代理,ICQ,IMAP,IRC,LDAP,MS-SQL,MySQL和NNTP,Oracle侦听,甲骨文SID,PC-Anywhere中,PC-NFS,POP3和PostgreSQL,RDP,REXEC,Rlogin的,硫醇,SIP,SMB(NT) ,SMTP,SMTP枚举,SNMP V1 + V2 + V3,SOCKS5,SSH(v1和v2),SSHKEY,颠覆,Teamspeak(TS2),远程登录,VMware的验证,VNC和XMPP。 资料来源:https://www.thc.org/thc-hydra/

THC-水润首页 | 卡利THC-水润回购

  • 作者:范·豪瑟,罗兰·凯斯勒
  • 许可:AGPL-3.0

    0x01 包含在九头蛇包工具

    九头蛇 - 非常快速网络登录破解

    
    :~# hydra -h
    Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only
    Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SuvV46] [service://server[:PORT][/OPT]]
    Options:
    -R        restore a previous aborted/crashed session
    -S        perform an SSL connect
    -s PORT   if the service is on a different default port, define it here
    -l LOGIN or -L FILE  login with LOGIN name, or load several logins from FILE
    -p PASS  or -P FILE  try password PASS, or load several passwords from FILE
    -x MIN:MAX:CHARSET  password bruteforce generation, type "-x -h" to get help
    -e nsr    try "n" null password, "s" login as pass and/or "r" reversed login
    -u        loop around users, not passwords (effective! implied with -x)
    -C FILE   colon separated "login:pass" format, instead of -L/-P options
    -M FILE   list of servers to be attacked in parallel, one entry per line
    -o FILE   write found login/password pairs to FILE instead of stdout
    -f / -F   exit when a login/pass pair is found (-M: -f per host, -F global)
    -t TASKS  run TASKS number of connects in parallel (per host, default: 16)
    -w / -W TIME  waittime for responses (32s) / between connects per thread
    -4 / -6   prefer IPv4 (default) or IPv6 addresses
    -v / -V / -d  verbose mode / show login+pass for each attempt / debug mode
    -U        service module usage details
    server    the target server (use either this OR the -M option)
    service   the service to crack (see below for supported protocols)
    OPT       some service modules support additional input (-U for module help)
    Supported services: asterisk afp cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql ncp nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp rexec rlogin rsh s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp
    Hydra is a tool to guess/crack valid login/password pairs - usage only allowed
    for legal purposes. This tool is licensed under AGPL v3.0.
    The newest version is always available at http://www.thc.org/thc-hydra
    These services were not compiled in: sapr3 oracle.
    Use HYDRA_PROXY_HTTP or HYDRA_PROXY - and if needed HYDRA_PROXY_AUTH - environment for a proxy setup.
    E.g.:  % export HYDRA_PROXY=socks5://127.0.0.1:9150 (or socks4:// or connect://)
         % export HYDRA_PROXY_HTTP=http://proxy:8080
         % export HYDRA_PROXY_AUTH=user:pass
    Examples:
    hydra -l user -P passlist.txt ftp://192.168.0.1
    hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN
    hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/TLS:DIGEST-MD5
    

    0x02 PW-检查 - 读取密码和打印那些符合要求

    
    :~# pw-inspector
    PW-Inspector v0.2 (c) 2005 by van Hauser / THC 
    
    [http://www.thc.org]
    Syntax: pw-inspector [-i FILE] [-o FILE] [-m MINLEN] [-M MAXLEN] [-c MINSETS] -l -u -n -p -s
    Options:
    -i FILE    file to read passwords from (default: stdin)
    -o FILE    file to write valid passwords to (default: stdout)
    -m MINLEN  minimum length of a valid password
    -M MAXLEN  maximum length of a valid password
    -c MINSETS the minimum number of sets required (default: all given)
    Sets:
    -l         lowcase characters (a,b,c,d, etc.)
    -u         upcase characters (A,B,C,D, etc.)
    -n         numbers (1,2,3,4, etc.)
    -p         printable characters (which are not -l/-n/-p, e.g. $,!,/,(,*, etc.)
    -s         special characters - all others not withint the sets above
    PW-Inspector reads passwords in and prints those which meet the requirements.
    The return code is the number of valid passwords found, 0 if none was found.
    Use for security: check passwords, if 0 is returned, reject password choice.
    Use for hacking: trim your dictionary file to the pw requirements of the target.
    Usage only allowed for legal purposes.
    

    0x03 九头蛇用法示例

    尝试使用密码列表 (-P /usr/share/wordlists/metasploit/unix_passwords.txt) 有6个线程 (-t 6) 给定的SSH服务器上 (ssh来 登录为root用户 (-l root用户 )://

  • 192.168.1.123):

 :~# hydra -l root -P /usr/share/wordlists/metasploit/unix_passwords.txt -t 6 ssh://192.168.1.123
Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only
Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-19 07:53:33
[DATA] 6 tasks, 1 server, 1003 login tries (l:1/p:1003), ~167 tries per task
[DATA] attacking service ssh on port 22

0x04 PW-检查用法示例

读入的 口令(-i /usr/share/wordlists/nmap.lst) 的列表,并保存到文件 (-o /root/passes.txt), 选择的一个最小长度的密码 6(-m 6)和 为10的最大长度 (-M 10):


 :~# pw-inspector -i /usr/share/wordlists/nmap.lst -o /root/passes.txt -m 6 -M 10

 :~# wc -l /usr/share/wordlists/nmap.lst 
5086 /usr/share/wordlists/nmap.lst

 :~# wc -l /root/passes.txt 
4490 /root/passes.txt

原文来自:https://www.hackfun.org/kali-tools/hydra_zh.html。转载请注明原出处,商用请联系原作者授权。

results matching ""

    No results matching ""