九头蛇 hydra用法

作者：myluzh 发布于：2021-12-1 分类： SECURE 长度：2646 阅读：889

语法

hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns][-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]

参数详解

R 根据上一次进度继续破解
S 使用SSL协议连接
s 指定端口
l 指定用户名
L 指定用户名字典(文件)
p 指定密码破解
P 指定密码字典(文件)
e 空密码探测和指定用户密码探测(ns)
M 指定目标列表文件一行一条
f 在使用-M参数以后，找到第一对登录名或者密码的时候中止破解
C 用户名可以用:分割(username:password)可以代替-l username -p password
o 输出文件
t 指定多线程数量，默认为16个线程
w TIME 设置最大超时的时间，单位秒，默认是30s
vV 显示详细过程
server 目标IP
service 指定服务名(telnet ftp pop3 mssql mysql ssh ssh2......)

爆破 ssh:22 端口命令

hydra -L users.txt -P password.txt -t 5 -vV -o ssh.txt -e ns 192.168.0.132 ssh

爆破 Ftp:21 端口命令(指定用户名为root)

hydra -l root -P password.txt -t 5 -vV -o ftp.txt -e ns 192.168.0.132 ftp

get方式提交，破解web登录(指定用户名为admin)

hydra -L user.txt -p password.txt -t 线程 -vV -e ns ip http-get /admin/
hydra -l admin -p password.txt -t 线程 -vV -e ns -f ip http-get /admin/index.php

post方式提交，破解web登录

hydra -l admin -P password.txt -s 80 ip http-post-form "/admin/login.php:username=^USER^&password=^PASS^&submit=login:sorry password"
hydra -t 3 -l admin -P pass.txt -o out.txt -f 10.36.16.18 http-post-form "login.php:id=^USER^&passwd=^PASS^:<title>wrong username or password</title>"

参数说明：-t同时线程数3，-l用户名是admin，字典pass.txt，保存为out.txt，-f 当破解了一个密码就停止， 10.36.16.18目标ip，http-post-form表示破解是采用http的post方式提交的表单密码破解，中的内容是表示错误猜解的返回信息提示。</p> <h2>破解https</h2> <pre><code>hydra -m /index.php -l admin -P password.txt 192.168.0.132 https</code></pre> <h2>破解teamspeak</h2> <pre><code>hydra -l admin -P passworrd.txt -s 端口号 -vV 192.168.0.132 teamspeak</code></pre> <h2>破解cisco</h2> <pre><code>hydra -P password.txt 192.168.0.132 cisco hydra -m cloud -P password.txt 192.168.0.132 cisco-enable</code></pre> <h2>破解smb</h2> <pre><code>hydra -l administrator -P password.txt 192.168.0.132 smb</code></pre> <h2>破解pop3</h2> <pre><code>hydra -l root -P password.txt my.pop3.mail pop3</code></pre> <h2>破解rdp(3389端口)</h2> <pre><code>hydra -l administrator -P password.txt -V 192.168.0.132 rdp</code></pre> <h2>破解http-proxy</h2> <pre><code>hydra -l admin -P passwprd.txt http-proxy://192.168.0.132</code></pre> <h2>破解imap</h2> <pre><code>hydra -L user.txt -p secret 192.168.0.132 imap PLAIN hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN</code></pre></div> <p class="top-5"> <a href="https://itho.cn/tag/hydra" class='tags' title='标签' >hydra</a></p> <div style="background:#fff; overflow:hidden; clear:both; padding:10px; line-height:25px; font-size:14px;"> <div style="text-align: center; position: relative; margin: -5px 0 -10px 0;"> <hr style="border: 0; height: 1px; background: #ccc; margin: 0;"> <span style="background: white; padding: 0 10px; position: relative; top: -12px; color: #666;"> 正文到此结束 </span> </div> 版权声明：若无特殊注明，本文皆为 <a style="" href="https://itho.cn/">Myluzh Blog</a> 原创，转载请保留文章出处。<br /> 文章内容：https://itho.cn/secure/147.html <br /> 文章标题：《<a href="https://itho.cn/secure/147.html">九头蛇 hydra用法</a>》<br /> </div> <nav class="neighbor-log"> <span class="prev-log"><a href="https://itho.cn/notes/148.html" title="上一篇：黑群晖各版本引导下载"><span class="iconfont icon-prev"></span></a></span> <span class="next-log"><a href="https://itho.cn/huawei/188.html" title="下一篇：华为交换机vlan配置"><span class="iconfont icon-next"></span></a></span> </nav> <div id="comments"> <div class="comment-post" id="comment-post"> <form class="commentform" method="post" name="commentform" action="https://itho.cn/index.php?action=addcom" id="commentform"> <input type="hidden" name="gid" value="147" /> <textarea class="form-control log_comment" name="comment" id="comment" rows="10" tabindex="4" placeholder="撰写评论" required></textarea> <div class="comment-info" id="comment-info"> <input class="form-control com_control comment-name" id="info_n" autocomplete="off" type="text" name="comname" maxlength="49" value="" size="22" tabindex="1" placeholder="昵称*" required /> <input class="form-control com_control comment-mail" id="info_m" autocomplete="off" type="email" name="commail" maxlength="128" value="" size="22" tabindex="2" placeholder="邮箱" /> </div> <span class="com_submit_p"> <input class="btn" type="submit" id="comment_submit" value="发布评论" tabindex="6" /> </span> <input type="hidden" name="pid" id="comment-pid" value="0" tabindex="1" /> </form> </div> </div> <div id="pagenavi"> </div> <div style="clear:both;"></div> </article> <footer class="blog-footer"> <div class="container footinfo"> <a href="HTTPS://ITHO.CN" title="ITHO">ITHO</a> Powered by <a href="https://www.emlog.net" target="_blank">Emlog</a> and hosted on <a href="https://kubernetes.io" target="_blank">Kubernetes</a> <br> Load: 2.29 Runtime: 38.83ms<a href="https://itho.cn/sitemap.xml" rel="sitemap"> Sitemap</a>  <link href="https://itho.cn/content/plugins/czw_prism/prism/prism-one-light.css" rel="stylesheet" type="text/css" /> <link href="https://itho.cn/content/plugins/czw_prism/prism/style.css" rel="stylesheet" type="text/css" /> <link href="https://itho.cn/content/plugins/czw_prism/prism/prism-line-numbers.min.css" rel="stylesheet" type="text/css" /> <link href="https://itho.cn/content/plugins/czw_prism/prism/prism-toolbar.min.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="https://itho.cn/content/plugins/czw_prism/prism/prism.js"></script> <script type="text/javascript" src="https://itho.cn/content/plugins/czw_prism/prism/prism-line-numbers.min.js"></script> <script type="text/javascript" src="https://itho.cn/content/plugins/czw_prism/prism/prism-toolbar.min.js"></script> <script type="text/javascript" src="https://itho.cn/content/plugins/czw_prism/prism/prism-copy-to-clipboard.min.js"></script> <script>Prism.hooks.add('before-sanity-check',function(env){if(!env.element.classList.contains('line-numbers')&&env.code){env.element.classList.add('line-numbers');}});</script>  <script>!function(p){"use strict";!function(t){var s=window,e=document,i=p,c="".concat("https:"===e.location.protocol?"https://":"http://","sdk.51.la/js-sdk-pro.min.js"),n=e.createElement("script"),r=e.getElementsByTagName("script")[0];n.type="text/javascript",n.setAttribute("charset","UTF-8"),n.async=!0,n.src=c,n.id="LA_COLLECT",i.d=n;var o=function(){s.LA.ids.push(i)};s.LA?s.LA.ids&&o():(s.LA=p,s.LA.ids=[],o()),r.parentNode.insertBefore(n,r)}()}({id:"KFTM6jUu0viVQzVR",ck:"KFTM6jUu0viVQzVR",autoTrack:true,screenRecord:true});</script> <span style="display:inline-block;"><a target="_blank" title="51La" href="https://v6.51.la/land/KFTM6jUu0viVQzVR" style="text-decoration:none;">51.La</a></span> </div> </footer> </body> </html>