How to Use Hydra to Crack Passwords with a Passlist
Hydra is a powerful tool that can brute force passwords for various services and protocols. It can use a list of passwords, also known as a passlist, to try different combinations until it finds the correct one. In this article, we will show you how to use Hydra with a passlist to crack passwords for SSH and web forms.
What is Hydra?
Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP (S)-FORM-GET, HTTP (S)-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, SAP/R3, SIP, SMB (NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP[^1^].
How to Install Hydra?
If you're using Kali Linux, hydra is pre-installed. Otherwise you can download it here: https://github.com/vanhauser-thc/thc-hydra. If you don't have Linux or the right desktop environment, you can deploy your own Kali Linux machine with all the needed security tools. You can even control the machine in your browser! Do this with our Kali room - https://tryhackme.com/room/kali[^2^].
The options we pass into Hydra depends on which service (protocol) we're attacking. For example if we wanted to bruteforce FTP with the username being user and a password list being passlist.txt on the machine 10.10.139.250 , we'd use the following command:
hydra -l user -P passlist.txt ftp://10.10.139.250
For the purpose of this article, here are the commands to use Hydra on SSH and a web form (POST method) on the same machine: