Hydra is a tool to guess/crack valid login/password pairs
syntax:
hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV] server service [OPT]
-Rrestore a previous aborted/crashed session-Sconnect via SSL
-s <PORT>if the service is on a different default port, define it here
-l <LOGIN> or -L <FILE>login with LOGIN name, or load several logins from FILE
-p <PASS> or -P <FILE>try password PASS, or load several passwords from FILE
-e <ns>additional checks, "n" for null password, "s" try login as pass
-C <FILE>colon seperated "login:pass" format, instead of -L/-P options
-M <FILE>server list for parallel attacks, one entry per line
-o <FILE>write found login/password pairs to FILE instead of stdout
-fexit after the first found login/password pair (per host if -M)
-t <TASKS>run TASKS number of connects in parallel (default: 16)
-wdefines the max wait time in seconds for responses (default: 30)
-v / -Vverbose mode / show login+pass combination for each attempt
serverthe target server (use either this OR the -M option)
servicethe service to crack. Supported protocols: telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt http[s]-{head|get} http-{get|post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere teamspeak sip vmauthd firebird ncp afp
OPTsome service modules need special input
(-U for module help) Supported services: asterisk afp cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql ncp nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp rexec rlogin rsh sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp Use HYDRA_PROXY_HTTP/HYDRA_PROXY and HYDRA_PROXY_AUTH environment for a proxy. E.g.: % export HTTP_PROXY=socks5://127.0.0.1:9150 (or socks4:// or connect://) % export HTTP_PROXY_HTTP=http://proxy:8080 % export HTTP_PROXY_AUTH=user:pass Examples: hydra -l user -P passlist.txt ftp://192.168.0.1
hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN
hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/TLS:DIGEST-MD5