Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.
Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, and is made available under GPLv3 with a special OpenSSL license expansion.
Currently this tool supports:
AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.
This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.
詳見官網:www.thc.org
使用說明:
-R 繼續從上一次進度接着破解
-S 采用SSL連結(大寫的S)
-s PORT 如果非預設端口,可通過這個參數指定
-l LOGIN 小寫,用于指定破解的使用者,對特定使用者破解
-L FILE 大寫,用于指定使用者的使用者名字典
-p PASS 小寫,用于指定密碼破解,少用,一般是采用密碼字典
-P FILE 大寫,用于指定密碼字典
-e ns 額外的選項,n:空密碼試探,s:使用指定賬戶和密碼試探
-C FILE 使用冒号分割格式 例如 "登入名:密碼"來代替-L/-P參數
-M FILE 指定目标清單檔案一行一條
-o FILE 指定結果輸出檔案
-f 找到第一對登入名或者密碼的時候中止破解
-t TASKS 同時運作的線程數,預設為16
-w TIME 設定最大逾時的時間,機關秒,預設是30s
-v / -V 顯示詳細過程
server 目标ip
service 指定服務名,支援的服務跟協定有: telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt http-{head|get} http-{get|post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere teamspeak sip vmauthd firebird ncp afp
HYDRA_PROXY_HTTP 變量參數可以用來定義代理伺服器(隻能使用http代理)
文法:
HYDRA_PROXY_HTTP="http://ip:port/"
HYDRA_PROXY_CONNECT=ip:8000
如果你使用的代理需要使用者名和密碼,請使用HYDRA_PROXY_AUTH 變量參數:
HYDRA_PROXY_AUTH="the_login:the_password"
![delphi 2010破解完美無限制[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)