THC-Hydra
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.
Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
|
[0x00] News and Changelog
Check out the feature sets and services coverage page - including a speed comparison against ncrack and medusa (yes, we win :-) ) Read below for Linux compilation notes. And there is a new section below for online tutorials.
CHANGELOG for 7.4.1
===================
* Quickfix to compile for people who do not have libssh installed
CHANGELOG for 7.4
-----------------
* New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
* Added support for win8 and win2012 server to the RDP module
* Better target distribution if -M is used
* Added colored output (needs libcurses)
* Better library detection for current Cygwin and OS X
* Fixed the -W option
* Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
* Fixed HTTP Form module false positive when no answer was received from the server
* Fixed SMB module return code for invalid hours logon and LM auth disabled
* Fixed http-{get|post-form} from xhydra
* Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
* Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
* Added debug mode option to usage (thanks to Anold Black)
You can also take a look at the full CHANGES file
Source and Binaries
1. The source code of state-of-the-art Hydra: hydra-7.4.1.tar.gz
(compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, etc.)
2. The source code of the stable tree of Hydra ONLY in case v7 gives you problems on unusual and old platforms:
hydra-5.9.1-src.tar.gz
3. The Win32/Cywin binary release: --- not anymore ---
Install cygwin from http://www.cygwin.com
and compile it yourself. If you do not have cygwin installed - how
do you think you will do proper securiy testing? duh ...
4. ARM and Palm binaries here are old and not longer maintained:
ARM: hydra-5.0-arm.tar.gz
Palm: hydra-4.6-palm.zip
Source-
0 comments:
Post a Comment