1HYDRA(1)                    General Commands Manual                   HYDRA(1)
2
3
4

NAME

6       hydra  - a very fast network logon cracker which support many different
7       services
8

SYNOPSIS

10       hydra
11        [[[-l LOGIN|-L FILE] [-p PASS|-P FILE|-x OPT -y]] | [-C FILE]]
12        [-e nsr] [-u] [-f|-F] [-M FILE] [-o FILE] [-b FORMAT]
13        [-t TASKS] [-T TASKS] [-w TIME] [-W TIME] [-m OPTIONS] [-s PORT]
14        [-c TIME] [-S] [-O] [-4|6] [-I] [-vV] [-d]
15        server service [OPTIONS]
16

DESCRIPTION

18       Hydra is a parallelized login cracker which supports numerous protocols
19       to attack. New modules are easy to add, beside that, it is flexible and
20       very fast.
21
22       This tool gives researchers and security consultants the possibility to
23       show  how easy it would be to gain unauthorized access from remote to a
24       system.
25
26       Currently this tool supports:
27        adam6500 afp asterisk cisco cisco-enable cvs firebird ftp ftps
28        http[s]-{head|get|post} http[s]-{get|post}-form http-proxy
29        http-proxy-urlenum icq imap[s] irc ldap2[s]
30        ldap3[-{cram|digest}md5][s] mssql mysql(v4) mysql5 ncp nntp
31        oracle oracle-listener oracle-sid pcanywhere pcnfs pop3[s]
32        postgres rdp redis rexec rlogin rpcap rsh rtsp s7-300 sapr3 sip
33        smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s]
34        vmauthd vnc xmpp
35
36        For most protocols SSL is supported (e.g. https-get, ftp-ssl, etc.).
37        If not all necessary libraries are found during compile time, your
38        available services will be less.
39        Type "hydra" to see what is available.
40
41

Options

43       target a target to attack, can be an IPv4 address, IPv6 address or  DNS
44              name.
45
46       service
47              a service to attack, see the list of protocols available
48
49       OPTIONAL SERVICE PARAMETER
50              Some  modules have optional or mandatory options. type "hydra -U
51              <servicename>"
52               to get help on on the options of a service.
53
54       -R     restore a previously aborted session. Requires  a  hydra.restore
55              file  was  written.  Options are restored, but can be changed by
56              setting them after -R on the command line
57
58       -S     connect via SSL
59
60
61       -O     use old SSL v2 and v3
62
63       -s PORT
64              if the service is on a different default port, define  it
65              here
66
67       -l LOGIN
68              or  -L FILE login with LOGIN name, or load several logins
69              from FILE
70
71       -p PASS
72              or -P FILE try password PASS, or load  several  passwords
73              from FILE
74
75       -x min:max:charset
76              generate  passwords  from  min to max length. charset can
77              contain 1
78               for numbers, a for lowcase and A for upcase characters.
79               Any other character is added is put to the list.
80                 Example: 1:2:a1%.
81                 The generated passwords will be of length 1 to  2  and
82              contain
83                 lowcase  letters,  numbers  and/or  percent  signs and
84              dots.
85
86       -y     disable use of symbols in -x bruteforce, see above
87
88       -e nsr additional checks, "n" for null password, "s"  try  login
89              as pass, "r" try the reverse login as pass
90
91       -C FILE
92              colon  separated  "login:pass"  format,  instead of -L/-P
93              options
94
95       -u     by default Hydra checks all passwords for one  login  and
96              then  tries  the next login. This option loops around the
97              passwords, so the first password is tried on all  logins,
98              then the next password.
99
100       -f     exit  after the first found login/password pair (per host
101              if -M)
102
103       -F     exit after the first found login/password  pair  for  any
104              host (for usage with -M)
105
106       -M FILE
107              server list for parallel attacks, one entry per line
108
109       -o FILE
110              write  found login/password pairs to FILE instead of std‐
111              out
112
113       -b FORMAT
114              specify the format for the -o FILE: text(default),  json,
115              jsonv1
116
117       -t TASKS
118              run TASKS number of connects in parallel (default: 16)
119
120       -m OPTIONS
121              module  specific  options.  See  hydra  -U  <module> what
122              options are available.
123
124       -w TIME
125              defines the  max  wait  time  in  seconds  for  responses
126              (default: 32)
127
128       -W TIME
129              defines  a  wait time between each connection a task per‐
130              forms. This usually only makes sense if a low task number
131              is used, .e.g -t 1
132
133       -c TIME
134              the  wait  time  in  seconds  per  login attempt over all
135              threads (-t 1 is recommended)  This  usually  only  makes
136              sense if a low task number is used, .e.g -t 1
137
138       -4 / -6
139              prefer IPv4 (default) or IPv6 addresses
140
141       -v / -V
142              verbose  mode  /  show  login+pass  combination  for each
143              attempt
144
145       -d     debug mode
146
147       -I     ignore an existing restore file (dont wait 10 seconds)
148
149       -h, --help
150              Show summary of options.
151

SEE ALSO

153       xhydra(1), pw-inspector(1).
154       The programs are documented fully by van Hauser <vh@thc.org>
155

AUTHOR

157       hydra was written by van Hauser / THC <vh@thc.org>
158
159
160       This   manual   page   was   written   by    Daniel    Echeverry
161       <epsilon77@gmail.com>,  for  the Debian project (and may be used
162       by others).
163
164
165
166                                  01/03/2017                          HYDRA(1)
Impressum