ÃÜÂ뱩Á¦Èí¼þ(htdra)ÖªÃûºÚ¿ÍÁªÃËthcµÄÒ»¿î¿ªÔ´ÏµÍ³µÄÃÜÂ뱩Á¦¹¤¾ß£¬¿ÉÒÔÆÆÒë¶àÖÖ¶àÑùÃÜÂë¡£

¶àÌØÈí¼þÌáÐÑ£º±¾ÊÖ»úÈí¼þ½ö×÷²Î¿¼ÓëѧϰÅàѵ£¬ÇÐÎðÓÃÒÔ²»·¨Ö÷ÒªÓÃ;£¬²»È»ºó¹ûºÜÑÏÖØ£¡.

Èí¼þ¼ò½é

THC-HYDRAÊÇÒ»¸öÊÊÓöàÖÖ¶àÑù»¥ÁªÍø·þÎñµÄÊ®·ÖѸËٵĻ¥ÁªÍøµÇ¼¹¤¾ß¡£ÕâһרÓù¤¾ßÊÇÒ»¸öÈÏÖ¤ÌØÐÔµÄרÓù¤¾ß£¬Ëü±»Éè¼Æ·½°¸µÄ¾ßÌåÄ¿µØÊÇΪ¿ÆѧÑо¿¹¤×÷ÈËÔ±ºÍ°²È«ÐÔ´ÓÒµÕßÕ¹ÏÖÔ¶³Ì¿ØÖÆ»ñµÃÒ»¸ö²Ù×÷ϵͳµÄÑéÖ¤¹ÜÀíȨÏÞÊÇÈÝÒ׵ģ¡

¸üÐÂÈÕÖ¾

Hydra v7.3 (c)2012 by van Hauser/THC David Maciejak - for legal purposes only

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o

FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN

:MAX:CHARSET] [-SuvV46] [server service [OPT]]|[service://server[:PORT][/OPT]]

Options:

-R restore a previous aborted/crashed session

-S perform an SSL connect

-s PORT if the service is on a different default port, define it here

-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE

-p PASS or -P FILE try password PASS, or load several passwords from FILE

-x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help

-e nsr try "n" null password, "s" login as pass and/or "r" reversed login

-u loop around users, not passwords (effective! implied with -x)

-C FILE colon separated "login:pass" format, instead of -L/-P options

-M FILE list of servers to be attacked in parallel, one entry per line

-o FILE write found login/password pairs to FILE instead of stdout

-f / -F exit when a login/pass pair is found (-M: -f per host, -F global)

-t TASKS run TASKS number of connects in parallel (per host, default: 16)

-w / -W TIME waittime for responses (32s) / between connects per thread

-4 / -6 prefer IPv4 (default) or IPv6 addresses

-v / -V verbose mode / show login pass combination for each attempt

-U service module usage details

server the target server (use either this OR the -M option)

service the service to crack. Supported protocols: cisco cisco-enable cvs ft

p ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum

icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql nntp oracle-lis

tener oracle-sid pcanywhere pcnfs pop3[s] rdp rexec rlogin rsh sip smb smtp[s] s

mtp-enum snmp socks5 svn teamspeak telnet[s] vmauthd vnc xmpp

OPT some service modules need special input (use -U to see module help)

Use HYDRA_PROXY_HTTP/HYDRA_PROXY and HYDRA_PROXY_AUTH environment for a proxy.

Hydra is a tool to guess/crack valid login/password pairs - usage only allowed

for legal purposes. Newest version available at The following services were not compiled in: postgres sapr3 firebird afp ncp ssh

oracle.

Examples:

hydra -l john -p doe 192.168.0.1 ftp

hydra -L user.txt -p defaultpw -S 192.168.0.1 imap PLAIN

hydra -l admin -P pass.txt http-proxy://192.168.0.1

hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/DIGEST-MD5