top of page
Writer's picturestitwidthkooksress

Thc Hydra Gtk For Windows: A Guide to the Latest Version of the Multi-Protocol Attack Software



To crack passwords a great tool to brute force is a hydra. It is a parallelized login cracker or password cracker. It was faster and flexible where adding modules is easy. Hydra usually comes preinstalled in the Kali Linux system but if in any case it is not installed or you are using any other distribution you can follow the steps in this article.




Thc Hydra Gtk For Windows



This command will directly install hydra from repositories, this will install the command-line version of hydra with front end GUI on your Linux system. The major drawback of using this command is that you will not be able to get the latest version, so in case you used this command or hydra was preinstalled on your system you can remove it using:


This software is totally command-line based so you will have to learn all of its commands to completely use this software. I recommend you watching a THC hydra tutorial on Youtube to get to know this great brute force tool.


Hydra is the fastest network logon cracker which supports numerous attack protocols. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. Hydra was written by van Hauser and its additionally supported by David Maciejak. In the latest update hydra development is moved to public github repository at : -thc/thc-hydra.


There are also a lot login cracker tools beside hydra, however none support a huge list of protocols and parallelized login cracker support like hydra does. Tables below show the result of features, services and speed comparison against medusa and ncrack.


Note that if you are going to put colons (:) in your headers you should escape them with a backslash (\). All colons that are not option separators should be escaped (see the examples above and below). You can specify a header without escaping the colons, but that way you will not be able to put colons in the header value itself, as they will be interpreted by hydra as option separators.


Now lets let hydra try to break the password for us, it needs time since it is a dictionary attack. Once you succeeded finding a pair of login:password hydra will immediately terminate the job and show the valid credential.


There is so much that hydra could do, since in this tutorial we just learned how to bruteforce web based logon using hydra, we only learn one protocol, that is http-post-form protocol. We can also use hydra against another protocol such ssh, ftp, telnet, VNC, proxy, etc.


Some extra commands-x[] MIN:MAX:CHARSET password bruteforce generation-e nsr try "n" null password, "s" login as pass and/or "r" reversed login-C FILE colon separated "login:pass" format, instead of -L/-P options-oFILE write found login/password pairs to FILE instead of stdout-f / -F exit when a login/pass pair is found (-M: -f per host, -F global) -t TASKS run TASKS number of connects in parallel (per host, default: 16) -w/-W time wait-time for responses (32s) / between connects per thread-R restore a previous aborted/crashed sessionIf you want help type : hydra -h


L0phtCrack serves as substitute to OphCrack. It makes various attempts on cracking Windows passwords from hashes. For cracking these passwords, it utilizes the primary controllers of domain, workstations (windows), network server, also Active Directory. It also makes use of dictionary attack and brute force attacking in guessing and generating of passwords. It became an acquisition to Symantec and discontinued in the year 2006. Later developers of L0pht again re-acquired it and launched their L0phtCrack in the year 2009. 2ff7e9595c


0 views0 comments

Recent Posts

See All

Comments


bottom of page