Network Security THC Hydra – Report

perchmysteriousData Management

Dec 1, 2012 (4 years and 22 days ago)

206 views



Network Security

THC Hydra


Report










Group name:


Shake data

Group members name:

Mina gerges Fouad


20060436

Mina samy Youssef


20060438












Over View
about tool
:

Hydra was a software project developed by a German organization called "The
Hacker's Choice" (THC) that uses a
dictionary attack

to test for weak or simple
passwords on o
ne or many remote hosts running a variety of different services. It
was designed as a
proof
-
of
-
concept

utility to demonstrate the ease of cracking
poorly chosen passwords.

The project supports a wide range of services and protocols:
TELNET
,
FTP
,
HTTP
, HTTPS, HTTP
-
PROXY,
SMB
, SMBNT,
MS
-
SQL
,
MYSQL
, REXEC,
RSH
,
RLOGIN,
CVS
,
SNMP
,
SMTP
-
AUTH
,
SOCKS5
,
VNC
,
POP3
,
IMAP
,
N
NTP
,
PCNFS,
ICQ
, SAP/R3,
LDAP
,
PostgreSQL
,
Teamspeak
, Cisco auth, Cisco
enable, and Cisco AAA. It is licensed under version 2.0 of the
GNU General
Public License

with the additional terms that the software may not be used for
illegal purposes, and any commercial service or program that us
es Hydra must
give credit to THC
.


The 5.0 release of Hydra, released in November 2005, marked the 10th
anniversary of the hacking group. The current release is version 5.4, released in
May 2006.
[1]

On September 2007, to comply with new German laws regarding distribution of
hacking tools to the public, THC stopped making the program available.
[2]

[3]

Hydra is now mainly

used for Teamspeak password recovery.


over view about
fetures
:

There are already several login hacker tools available, h
owever none does

either support more than one protocol to attack or support parallized

connects.

Currently this tool supports:

TELNET, FTP, HTTP
-
GET, HTTP
-
HEAD, HTTPS
-
GET, HTTP
-
HEAD, HTTP
-
PROXY, HTTP
-
PROXY
-
NTLM, HTTP
-
FORM
-
GET HTTP
-
FORM
-
POST,
HTTPS
-
FORM
-
GET, HTTPS
-
FORM
-
POSTLDAP2, LADP3, SMB, SMBNT, MS
-
SQL,
MYSQL, POSTGRES, POP3
-
NTLM, IMAP, IMAP
-
NTLM, NNTP, PCNFS, ICQ,
SAP/R3, Cisco auth, Cisco enable, SMTP
-
AUTH, SMTP
-
AUTH
-
NTLM, SSH2,
SNMP, CVS, Cisco AAA, REXEC, SOCKS5, VNC, POP3 and VMware
-
Aut
h.






How
to run

the tool

under windows
?

Step1: after download the tool and extract get the path of the file hydra.exe


Step2: go to run and type cmd

to open the command prompt
-

Step3: type “cd” then the copyed path of thc hydra, all fetures will appear.

Step4:determine which protocol will be used to crack username or password.

-
Congratulation you successfully run the tool

,,,














How to use use ftp protocol?

Step1:after run the tool type”hydra

L username.txt

P password.txt
www.sitename.com

ftp”


-

If you know the user name you can write it directly instead of username.txt
but in this case use a small l instead of a capital one.

-

Same as with password , don’t forget to change

P to

p

-

To save the cracked user name and password type this command “
-
o
saved.txt “ before
the site name.

-

You can use the ip address of the site instead of its name.



-

To find the ip address just ping on the site.


How to use
teamspeak under
VNS protocol?

After r
un the tool type this command “hydra

L user.txt

P pass.txt
-
s port#
-
v
ipaddress # teamspeak


-

-
L an

P to search for user name and password in text file.

-

-
s the port number which the teamspeak listen on it.

-

-
v the service ip address which the teamspeak

established .

-

Teamspeak the target
protocol

to try user name and password on it.