How to crack remote passwords with Hydra.
Posted: Thu Nov 01, 2007 3:19 am
Here is a little guide and tools on how to crack the passwords and/or finding out usernames remotly
well i tried few bruteforce tools, but had no success. ..so i decided to go with Hydra.
I made video on EXACTLY how to do it ..
here i will explain few things...
options for hydra:
-l user = uses the username u specify (replace ''user'')
-L file = uses a list of usernames you will specify.
-p pass = tries specified password
-P file = uses a list of passwords in the specific file.
-o port = uses a specified port (if you use ftp option and do not use -o then it will use 21, which is default for ftp)
I couldnt get it to work with http form atm...but i will look into it real soon.
so the video only shows how to get password for FTP:)
anyways...if you wanna get admin's password then use option -l ''admin'' ..this will try passwords only for ''admin'' (if admin's name is ''test'' then you replace ''admin'' with ''test'')
if you wish to get passwords for more than one user..then make a list of users first (one per line !!!)
then use -L ''yourlistfile'' option.
same goes for passwords, but i dont think somebody wants to try all users with ONE password lol...but u never know.
so use -P ''yourwordlist'' option
watch the VIDEO to understand it !
downloads:
Hydra
Tutorial Video
well i tried few bruteforce tools, but had no success. ..so i decided to go with Hydra.
I made video on EXACTLY how to do it ..
here i will explain few things...
options for hydra:
-l user = uses the username u specify (replace ''user'')
-L file = uses a list of usernames you will specify.
-p pass = tries specified password
-P file = uses a list of passwords in the specific file.
-o port = uses a specified port (if you use ftp option and do not use -o then it will use 21, which is default for ftp)
I couldnt get it to work with http form atm...but i will look into it real soon.
so the video only shows how to get password for FTP:)
anyways...if you wanna get admin's password then use option -l ''admin'' ..this will try passwords only for ''admin'' (if admin's name is ''test'' then you replace ''admin'' with ''test'')
if you wish to get passwords for more than one user..then make a list of users first (one per line !!!)
then use -L ''yourlistfile'' option.
same goes for passwords, but i dont think somebody wants to try all users with ONE password lol...but u never know.
so use -P ''yourwordlist'' option
watch the VIDEO to understand it !
downloads:
Hydra
Tutorial Video