hydra
a very fast network logon cracker which supports many different services
TLDR
Start Hydra's wizard
Guess SSH credentials using a given username and a list of passwords
Guess Telnet credentials using a list of usernames and a single password, specifying a non-standard port and IPv6
Guess FTP credentials using usernames and passwords lists, specifying the number of threads
Guess MySQL credentials using a username and a passwords list, exiting when a username/password pair is found
Guess RDP credentials using a username and a passwords list, showing each attempt
Guess IMAP credentials on a range of hosts using a list of colon-separated username/password pairs
Guess POP3 credentials on a list of hosts using usernames and passwords lists, exiting when a username/password pair is found
SYNOPSIS
hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE|-x OPT -y]] | [-C FILE]] [-e nsr] [-u] [-f|-F] [-M FILE] [-o FILE] [-b FORMAT] [-t TASKS] [-T TASKS] [-w TIME] [-W TIME] [-m OPTIONS] [-s PORT] [-c TIME] [-S] [-O] [-4|6] [-I] [-vV] [-d] server service [OPTIONS]
DESCRIPTION
Hydra is a parallelized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. This tool gives researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. Currently this tool supports: adam6500 afp asterisk cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http- proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|di‐ gest}md5][s] mssql mysql(v4) mysql5 ncp nntp oracle oracle-lis‐ tener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp radmin2 redis rexec rlogin rpcap rsh rtsp s7-300 sapr3 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp For most protocols SSL is supported (e.g. https-get, ftp-ssl, etc.). If not all necessary libraries are found during compile time, your available services will be less. Type "hydra" to see what is avail‐ able.
Options
target a target to attack, can be an IPv4 address, IPv6 address or DNS
name.
service
a service to attack, see the list of protocols available
OPTIONAL SERVICE PARAMETER
Some modules have optional or mandatory options. type "hydra -U
SEE ALSO
xhydra(1), pw-inspector(1). The programs are documented fully by van Hauser
AUTHOR
hydra was written by van Hauser / THC