THC-Hydra – The Fast and Flexible Network Login Hacking Tool

THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment.

It supports a LOT of services and protocols too.

Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

THC-Hydra

There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallelized connects.

Currently this tool supports:

TELNET, FTP, HTTP-GET, HTTP-HEAD, HTTPS-GET, HTTP-HEAD, HTTP-PROXY, LDAP2,
LADP3, SMB, SMBNT, MS-SQL, MYSQL, POSTGRES, REXEC, SOCKS5, VNC, POP3, IMAP,
NNTP, PCNFS, ICQ, SAP/R3, Cisco auth, Cisco enable, SMTP-AUTH, SSH2, SNMP,
CVS, Cisco AAA.

 

However the module engine for new services is very easy so it won’t take a long time until even more services are supported. Planned are: SSH v1, Oracle and more…

This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system.

 

You can download Hydra here:

hydra-5.4-src.tar.gz

Compile and install (./configure; make; make install)

IF you want the windows version you can grab this Cygwin version:

hydra-5.4-win.zip

3 thoughts on “THC-Hydra – The Fast and Flexible Network Login Hacking Tool

Leave a Reply

Your email address will not be published. Required fields are marked *