Examples of Kali Linux Hydra Tool

Hydra is a pre-installed tool in Kali Linux used to brute-force usernames and passwords to different services such as FTP, ssh, telnet, MS SQL, etc. Brute force can be used to try different usernames and passwords against a target to identify the correct credentials. Below is the list of all protocols supported by hydra.

Check the usage of Hydra by using of below command:

#hydra -h

Click Here for Stress Test Tools - Kali Linux 

 To brute-force ssh username and password

Create a username and password list to enumerate a target by using a hydra automation tool. You can access the wordlist in a directory by using the below command.

cd /usr/share/wordlists

-l: input login

-L: list of username

-p: single password

-P: list of passwords

#hydra <Target_IP> ssh -l <username> -P <password_file> -s 22 -vV

#hydra <Target_IP> ssh -l <username> -p <password> -s 22 -vV

 To brute-force FTP username and password

#hydra -L <username_file> -P <password_file> ftp://<Target_IP>

#hydra -l <username> -p <password> ftp://<Target_IP>

To brute-force telnet username and password

#hydra -l <username> -p <password> telnet://<Target_IP>

Click here for Hash Identifier Usage in Kali Linux

Mitigation to avoid brute-force attacks of username and password 

Implementing account lockout, captcha implementation, complex password, two-factor authentication, hardware-based token authentication, etc. are some of the techniques for avoiding brute-force attacks on the target.

Conclusion

This article covers Examples of the Kali Linux Hydra Tool. At the end of the article, we discussed some mitigation techniques to avoid brute-force attacks.