If password length is not greater than 5 and contains only lower cases,
it will take less than 1 hour and a half to crack such telnet password.
http://thc.org/thc-hydra/
wget http://www.thc.org/releases/hydra-6.5-src.tar.gz
tar xvzf hydra-6.5-src.tar.gz
cd hydra-6.5-src
./configure --prefix=$HOME; make; make install
[user@serverName hydra-6.5-src]$ cd
[user@serverName ~]$ hydra
Hydra v6.5 (c) 2011 by van Hauser / THC and David Maciejak - use allowed only fo r legal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2011-08-10 18:43:14
Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
[-4|-6] [-x MIN:MAX:CHARSET] [server service [OPT]]|[service://server[:PORT][/O PT]]
Options:
-R restore a previous aborted/crashed session
-S connect via SSL
-s PORT if the service is on a different default port, define it here
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help
-e ns additional checks, "n" for null password, "s" try login as pass
-C FILE colon separated "login:pass" format, instead of -L/-P options
-M FILE server list for parallel attacks, one entry per line
-o FILE write found login/password pairs to FILE instead of stdout
-f exit after the first found login/password pair (per host if -M)
-t TASKS run TASKS number of connects in parallel (default: 16)
-W TIME defines the wait time between connects for one thread in seconds
-w TIME defines the max wait time in seconds for responses (default: 20)
-4 / -6 prefer IPv4 (default) or IPv6 addresses
-v / -V verbose mode / show login+pass combination for each attempt
-U service module usage details
server the target server (use either this OR the -M option)
service the service to crack. Supported protocols: cisco cisco-enable cvs ft p[s] http[s]-{head|get} http[s]-{get|post}-form http-proxy icq irc imap ldap2 ld ap3[-{cram|digest}md5] mssql mysql nntp oracle-listener oracle-sid pcnfs pop3 pc anywhere rexec rlogin rsh sip smb smtp smtp-enum snmp socks5 svn teamspeak telne t vnc vmauthd xmpp
OPT some service modules need special input (use -U to see details)
Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy.
Hydra is a tool to guess/crack valid login/password pairs - use allowed only
for legal purposes! If used commercially, tool name, version and web address
must be mentioned in the report. Find the newest version at http://www.thc.org/t hc-hydra
Examples:
hydra -l john -p doe 192.168.0.1 imap
hydra -l john -p doe 192.168.0.1 imap PLAIN
hydra -l john -p doe 192.168.0.1 imap PLAIN -s 143
hydra -l john -p doe imap://192.168.0.1/PLAIN
hydra -l john -p doe imap://[::FFFF:192.168.0.1]:143 -6
[user@serverName ~]$ hydra -x -h
Hydra v6.5 (c) 2011 by van Hauser / THC and David Maciejak - use allowed only for legal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2011-08-10 18:45:41
Hydra bruteforce password generation option usage:
-x MIN:MAX:CHARSET
MIN is the minimum number of characters in the password
MAX is the maximum number of characters in the password
CHARSET is a specification of the characters to use in the generation
valid CHARSET values are: 'a' for lowercase letters,
'A' for uppercase letters, '1' for numbers, and for all others,
just add their real representation.
Examples:
-x 3:5:a generate passwords from length 3 to 5 with all lowercase letters
-x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers
-x 1:3:/ generate passwords from length 1 to 3 containing only slashes
-x 5:5:/%,.- generate passwords with length 5 which consists only of /%,.-
The bruteforce mode was made by Jan Dlabal, http://houbysoft.com/bfg/
[user@serverName ~]$
[user@serverName ~]$ hydra -l user -x 3:5:a localhost telnet
Hydra v6.5 (c) 2011 by van Hauser / THC and David Maciejak - use allowed only for legal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2011-08-10 18:47:10
[DATA] 16 tasks, 1 servers, 12355928 login tries (l:1/p:12355928), ~772245 tries per task
[DATA] attacking service telnet on port 23
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
Error: Not a TELNET protocol or service shutdown: (null)
[STATUS] 282.00 tries/min, 282 tries in 00:01h, 12355646 todo in 730:15h
The session file ./hydra.restore was written. Type "hydra -R" to resume session.
2011/08/11
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿