1HYDRA(1)                    General Commands Manual                   HYDRA(1)
2
3
4

NAME

6       hydra - a very fast network logon cracker which supports many different
7       services
8

SYNOPSIS

10       hydra
11        [[[-l LOGIN|-L FILE] [-p PASS|-P FILE|-x OPT -y]] | [-C FILE]]
12        [-e nsr] [-u] [-f|-F] [-M FILE] [-o FILE] [-b FORMAT]
13        [-t TASKS] [-T TASKS] [-w TIME] [-W TIME] [-m OPTIONS] [-s PORT]
14        [-c TIME] [-S] [-O] [-4|6] [-I] [-vV] [-d]
15        server service [OPTIONS]
16

DESCRIPTION

18       Hydra is a parallelized login cracker which supports numerous protocols
19       to attack. New modules are easy to add, beside that, it is flexible and
20       very fast.
21
22       This tool gives researchers and security consultants the possibility to
23       show  how easy it would be to gain unauthorized access from remote to a
24       system.
25
26       Currently this tool supports:
27              adam6500 afp asterisk cisco cisco-enable cvs firebird  ftp  ftps
28              http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-
29              proxy-urlenum  icq   imap[s]   irc   ldap2[s]   ldap3[-{cram|di‐
30              gest}md5][s]  mssql mysql(v4) mysql5 ncp nntp oracle oracle-lis‐
31              tener oracle-sid pcanywhere pcnfs pop3[s] postgres  rdp  radmin2
32              redis  rexec  rlogin rpcap rsh rtsp s7-300 sapr3 sip smb smtp[s]
33              smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd
34              vnc xmpp
35
36       For  most  protocols  SSL is supported (e.g. https-get, ftp-ssl, etc.).
37       If not all necessary libraries are  found  during  compile  time,  your
38       available  services  will  be less.  Type "hydra" to see what is avail‐
39       able.
40

Options

42       target a target to attack, can be an IPv4 address, IPv6 address or  DNS
43              name.
44
45       service
46              a service to attack, see the list of protocols available
47
48       OPTIONAL SERVICE PARAMETER
49              Some  modules have optional or mandatory options. type "hydra -U
50              <servicename>"
51               to get help on on the options of a service.
52
53       -R     restore a previously aborted session. Requires  a  hydra.restore
54              file  was  written.  Options are restored, but can be changed by
55              setting them after -R on the command line
56
57       -S     connect via SSL
58
59
60       -O     use old SSL v2 and v3
61
62       -s PORT
63              if the service is on a different default port, define it here
64
65       -l LOGIN
66              or -L FILE login with LOGIN name, or load  several  logins  from
67              FILE
68
69       -p PASS
70              or  -P  FILE  try  password PASS, or load several passwords from
71              FILE
72
73       -x min:max:charset
74              generate passwords from min to max length. charset can contain 1
75               for numbers, a for lowcase and A for upcase characters.
76               Any other character is added is put to the list.
77                 Example: 1:2:a1%.
78                 The generated passwords will be of length 1 to 2 and contain
79                 lowcase letters, numbers and/or percent signs and dots.
80
81       -y     disable use of symbols in -x bruteforce, see above
82
83       -e nsr additional checks, "n" for null password, "s" try login as pass,
84              "r" try the reverse login as pass
85
86       -C FILE
87              colon separated "login:pass" format, instead of -L/-P options
88
89       -u     by  default  Hydra  checks  all passwords for one login and then
90              tries the next login. This option loops around the passwords, so
91              the  first  password is tried on all logins, then the next pass‐
92              word.
93
94       -f     exit after the first found login/password pair (per host if -M)
95
96       -F     exit after the first found login/password pair for any host (for
97              usage with -M)
98
99       -M FILE
100              server list for parallel attacks, one entry per line
101
102       -o FILE
103              write found login/password pairs to FILE instead of stdout
104
105       -b FORMAT
106              specify the format for the -o FILE: text(default), json, jsonv1
107
108       -t TASKS
109              run TASKS number of connects in parallel (default: 16)
110
111       -m OPTIONS
112              module  specific options. See hydra -U <module> what options are
113              available.
114
115       -w TIME
116              defines the max wait time in seconds for responses (default: 32)
117
118       -W TIME
119              defines a wait time between each  connection  a  task  performs.
120              This usually only makes sense if a low task number is used, .e.g
121              -t 1
122
123       -c TIME
124              the wait time in seconds per login attempt over all threads  (-t
125              1  is  recommended)  This usually only makes sense if a low task
126              number is used, .e.g -t 1
127
128       -4 / -6
129              prefer IPv4 (default) or IPv6 addresses
130
131       -v / -V
132              verbose mode / show login+pass combination for each attempt
133
134       -d     debug mode
135
136       -I     ignore an existing restore file (don't wait 10 seconds)
137
138       -h, --help
139              Show summary of options.
140

SEE ALSO

142       xhydra(1), pw-inspector(1).
143       The programs are documented fully by van Hauser <vh@thc.org>
144

AUTHOR

146       hydra was written by van Hauser / THC <vh@thc.org> Find new versions or
147       report bugs at https://github.com/vanhauser-thc/thc-hydra
148
149       This manual page was written by Daniel Echeverry <epsilon77@gmail.com>,
150       for the Debian project (and may be used by others).
151
152
153
154                                  01/01/2023                          HYDRA(1)
Impressum