May 2, 2011
THC-Hydra - A very fast network logon cracker
Do you like this story?
A very fast network logon cracker which support many different services. Have a look at the feature sets and services coverage page - including a speed comparison against ncrack and medusa!
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.
Version 6.x was tested to compile cleanly on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX.
Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, irc, RSH, RLOGIN, CVS, SNMP, SMTP, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, XMPP, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, Subversion/SVN, Firebird, LDAP2, Cisco AAA (incorporated in telnet module).
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest are supported.
This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.
Disclaimer
1. The source code of state-of-the-art Hydra: hydra-6.3-src.tar.gz
(compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, etc.)
2. The source code of the stable tree of Hydra in case v6 gives you problems on unusual platforms:
hydra-5.9.1-src.tar.gz
3. The Win32/Cywin binary release: --- not anymore ---
Install cygwin from http://www.cygwin.com
and compile it yourself. If you do not have cygwin installed - how
do you think you will do proper securiy testing?
4. ARM and Palm binaries here are old and not longer maintained:
ARM: hydra-5.0-arm.tar.gz
Palm: hydra-4.6-palm.zip
More info is available here:
THC-Hydra
Comments and suggestions are welcome.
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.
Version 6.x was tested to compile cleanly on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX.
Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, irc, RSH, RLOGIN, CVS, SNMP, SMTP, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, XMPP, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, Subversion/SVN, Firebird, LDAP2, Cisco AAA (incorporated in telnet module).
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest are supported.
This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.
Disclaimer
- This tool is for legal purposes only!
- The GPLv3 applies to this code.
- A special license expansion for OpenSSL is included which is required for the debian people
1. The source code of state-of-the-art Hydra: hydra-6.3-src.tar.gz
(compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, etc.)
2. The source code of the stable tree of Hydra in case v6 gives you problems on unusual platforms:
hydra-5.9.1-src.tar.gz
3. The Win32/Cywin binary release: --- not anymore ---
Install cygwin from http://www.cygwin.com
and compile it yourself. If you do not have cygwin installed - how
do you think you will do proper securiy testing?
4. ARM and Palm binaries here are old and not longer maintained:
ARM: hydra-5.0-arm.tar.gz
Palm: hydra-4.6-palm.zip
More info is available here:
THC-Hydra
Comments and suggestions are welcome.
About the Author:
Ifeanyi Emeka is the founder of this blog and also writes for Tech Forked. He is passionate about tech stuffs and loves customizing blogger themes.
Popular This Week
THC-Hydra - A very fast network logon cracker
2011-05-02T01:37:00+01:00
Esezobor Gabriel
Hacking Tools|Network Hacking|Password Cracking|THC-Hydra|
Subscribe to:
Post Comments (Atom)