命令:
hydra -vV -t 1 -l username -p password server://ip:port
參數詳解:
-vV # 顯示實時進度
-t 1 # 併發數爲1,想要快可以不加此參數,默認併發數爲16。有些服務,例如rdp是不允許多線訪問的
-l # 用戶名,大寫則爲用戶名字典,如:-L user.txt。有的服務如redis不需要用戶名,則不加此參數即可
-p # 密碼,同樣的,大寫爲密碼字典,如:-P pass.txt
server # 爆破的服務,有ssh、ftp、rdp、mysql、redis
port # 服務端口,不寫則爲服務默認端口
注:hydra爆破到正確的用戶名密碼時會自動停止爆破
實例:
hydra -vV -t 1 -l root -p toor ssh://192.168.10.1:22
hydra -vV -t 1 -L user.txt -P pass.txt rdp://192.168.10.2:3389
hydra -vV -t 1 -P pass.txt redis://192.168.10.3:6379
hydra支持的協議:
- Asterisk
- AFP
- Cisco AAA
- Cisco auth
- Cisco enable
- CVS
- Firebird
- FTP
- HTTP-FORM-GET
- HTTP-FORM-POST
- HTTP-GET
- HTTP-HEAD
- HTTP-POST
- HTTP-PROXY
- HTTPS-FORM-GET
- HTTPS-FORM-POST
- HTTPS-GET
- HTTPS-HEAD
- HTTPS-POST
- HTTP-Proxy
- ICQ
- IMAP
- IRC
- LDAP
- MS-SQL
- MYSQL
- NCP
- NNTP
- Oracle Listener
- Oracle SID
- Oracle
- PC-Anywhere
- PCNFS
- POP3
- POSTGRES
- RDP
- Rexec
- Rlogin
- Rsh
- RTSP
- SAP/R3
- SIP
- SMB
- SMTP
- SMTP Enum
- SNMP v1+v2+v3
- SOCKS5
- SSH (v1 and v2)
- SSHKEY
- Subversion
- Teamspeak (TS2)
- Telnet
- VMware-Auth
- VNC
- XMPP