Install the App(Homebrew)
1. 터미널 실행
- Press Command+Space and type Terminal and press Enter/return key.
2. 터미널에 다음 명령어 실행
- /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
- Homebrew가 설치 될 동안 기다려야함, 만약 패스워드를 입력하라고 하는경우 사용자 패스워드를 입력하면됨
* sudo로 실행하면 안됨
3. 터미널에 다음 명령어 실행
- echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> ~/.zprofile
4. 터미널 종료 후 재시작 필요
Install hydra on Mac OSX
1. 터미널에 다음 명령어 실행
- brew install hydra
2. You can now use hydra
hydra로 FTP 크랙
ex)
hydra -t 64 -V -f -l root -P direction-changes.txt ftp://192.168.0.3:3000
hydra -V -f -l test -x 5:5:a1 ftp://192.168.0.6:3000
hydra manual
| hydra -h Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway). Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-c TIME] [-ISOuvVd46] [-m MODULE_OPT] [service://server[:PORT][/OPT]] Options: -R restore a previous aborted/crashed session -I ignore an existing restore file (don't wait 10 seconds) -S perform an SSL connect -s PORT if the service is on a different default port, define it here -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE -p PASS or -P FILE try password PASS, or load several passwords from FILE -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help -y disable use of symbols in bruteforce, see above -r use a non-random shuffling method for option -x -e nsr try "n" null password, "s" login as pass and/or "r" reversed login -u loop around users, not passwords (effective! implied with -x) -C FILE colon separated "login:pass" format, instead of -L/-P options -M FILE list of servers to attack, one entry per line, ':' to specify port -o FILE write found login/password pairs to FILE instead of stdout -b FORMAT specify the format for the -o FILE: text(default), json, jsonv1 -f / -F exit when a login/pass pair is found (-M: -f per host, -F global) -t TASKS run TASKS number of connects in parallel per target (default: 16) -T TASKS run TASKS connects in parallel overall (for -M, default: 64) -w / -W TIME wait time for a response (32) / between connects per thread (0) -c TIME wait time per login attempt over all threads (enforces -t 1) -4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M) -v / -V / -d verbose mode / show login+pass for each attempt / debug mode -O use old SSL v2 and v3 -K do not redo failed attempts (good for -M mass scanning) -q do not print messages about connection errors -U service module usage details -m OPT options specific for a module, see -U output for information -h more command line options (COMPLETE HELP) server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option) service the service to crack (see below for supported protocols) OPT some service modules support additional input (-U for module help) Supported services: adam6500 asterisk cisco cisco-enable cobaltstrike cvs ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp Hydra is a tool to guess/crack valid login/password pairs. Licensed under AGPL v3.0. The newest version is always available at; https://github.com/vanhauser-thc/thc-hydra Please don't use in military or secret service organizations, or for illegal purposes. (This is a wish and non-binding - most such people do not care about laws and ethics anyway - and tell themselves they are one of the good ones.) These services were not compiled in: afp firebird memcached mongodb ncp oracle postgres radmin2 rdp sapr3 svn smb2. Use HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy setup. E.g. % export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// connect://) % export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 entries) % export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080 % export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries) Examples: hydra -l user -P passlist.txt ftp://192.168.0.1 hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5 hydra -l admin -p password ftp://[192.168.0.0/24]/ hydra -L logins.txt -P pws.txt -M targets.txt ssh |
hydra -x(password bruteforce generation) manual
| hydra -x -h Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway). Hydra bruteforce password generation option usage: -x MIN:MAX:CHARSET MIN is the minimum number of characters in the password MAX is the maximum number of characters in the password CHARSET is a specification of the characters to use in the generation valid CHARSET values are: 'a' for lowercase letters, 'A' for uppercase letters, '1' for numbers, and for all others, just add their real representation. -y disable the use of the above letters as placeholders Examples: -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers -x 1:3:/ generate passwords from length 1 to 3 containing only slashes -x 5:5:/%,.- generate passwords with length 5 which consists only of /%,.- -x 3:5:aA1 -y generate passwords from length 3 to 5 with a, A and 1 only The bruteforce mode was made by Jan Dlabal, http://houbysoft.com/bfg/ |
반응형
'Pentesting' 카테고리의 다른 글
| Hashcat 사용법 (Password Crack) (1) | 2023.11.15 |
|---|---|
| Dumping And Cracking Unix Password Hashes (0) | 2015.01.05 |
| Web Application Hacking Technique 분류 (0) | 2014.09.15 |