Hydra 8.5 - Network Logon Cracker

 A very fast network logon cracker which support many different services.

See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows.

This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.

There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and OSX.

Currently this tool supports the following protocols:

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

CHANGELOG for 8.5

CHANGELOG for 8.5
        ===================
        ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
        
        ! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix
        * New command line option:
          -b : format option for -o output file (json only so far, happy for patches supporting others :) ) - thanks to veggiespam for the patch
        * ./configure now honors the CC enviroment variable if present
        * Fix for the restore file crash on some x64 platforms (finally! thanks to lukas227!)
        * Changed the format of the restore file to detect cross platform copies
        * Fixed a bug in the NCP module
        * Favor strrchr() over rindex()
        * Added refactoring patch by diadlo
        * Updated man page with missing command line options

Download THC-Hydra 8.3

Read More

SPARTA - Network Infrastructure Penetration Testing Tool

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results. Despite the automation capabilities, the commands and tools used are fully customisable as each tester has his own methods, habits and preferences.

Requirements
It is recommended that Kali Linux is used as it already has most tools installed, however SPARTA would most likely also work in Debian based systems.
Kali (preferred):

apt-get install python-elixir

Ubuntu 12.04+ (untested)

apt-get install python-elixir python-qt4 xsltproc

Other than these, the following tools are required for SPARTA to have its minimum functionality:

• nmap (for adding hosts)
• hydra (for the brute tab)
• cutycapt (for screenshots)

In Kali Linux these can be installed with:

apt-get install nmap hydra cutycapt

In Kali, to ensure that you have all the tools used by SPARTA's default configuration use:

apt-get install ldap-utils rwho rsh-client x11-apps finger

Installation

cd /usr/share/
git clone https://github.com/secforce/sparta.git

Place the "sparta" file in /usr/bin/ and make it executable.
Type 'sparta' in any terminal to launch the application.

Source code
The source code is structured in folders as such:

• [app] - Contains the functionality (logic) as well as the models used by both the logic and gui
• [controller] - The controller interfaces between the gui and the logic (MVC design)
• [db] - Contains everything related to database, database tables, etc
• [doc] - Contains all SPARTA documentation
• [images] - Icons and images
• [parsers] - Contains nmap xml output parser files
• [scripts] - Contains custom scripts used by SPARTA
• [ui] - Contains the gui (.ui and .py generated by Qt Creator). Do not manually edit these.
• [wordlists] - Contains wordlists used by SPARTA
• README.txt - This file.
• sparta.conf - SPARTA's configuration file. Edit it to add custom tools and commands. If deleted, SPARTA will regenerate a new one.
• sparta.py - The main program. The one that needs to be executed by the user.

Demos

Known issues
SPARTA uses a third-party tool called Cutycapt to take screenshots. One of the problems with the version that is currently in Kali's repositories is that it fails to take screenshots of HTTPS pages when self-signed certificates are in use. A way around this is to compile the Cutycapt executable yourself and edit SPARTA's configuration file to specify the path to the compiled executable.
It can be compiled in Kali by following these instructions:

% sudo apt-get install subversion libqt4-webkit libqt4-dev g++
% svn co svn://svn.code.sf.net/p/cutycapt/code/ cutycapt
% cd cutycapt/CutyCapt
% qmake
% make
% ./CutyCapt --url=http://www.example.org --out=example.png

Download SPARTA

Read More

THC-Hydra 8.1 - Network Logon Cracker

 A very fast network logon cracker which support many different services.

See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows.

This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.

There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and OSX.

Currently this tool supports the following protocols:

Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

CHANGELOG for 8.1

        ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
        
        * David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best!
        * Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks!
        * Found login:password combinations are now printed with the name specified (hostname or IP), not always IP
        * Fixed the -M option, works now with many many targets :-)
        * -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port"
        * Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting)
        * Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks!
        * Added xhydra gtk patches by Petar Kaleychev to support -h, -U, -f, -F, -q and -e r options, thanks!
        * Added patch for teamspeak to better identify server errors and auth failures (thanks to Petar Kaleychev)
        * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting)
        * Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting)
        * Updated configure to detect subversion packages on current Cygwin
        * Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com)

Download THC-Hydra 8.1

Read More

[THC-Hydra v7.5] Fast network logon cracker

CHANGELOG for 7.5
===================

        * Moved the license from GPLv3 to AGPLv3 (see LICENSE file)
        * Added module for Asterisk Call Manager
        * Added support for Android where some functions are not available
        * hydra main:
           - reduced the screen output if run without -h, full screen with -h
           - fix for ipv6 and port parsing with service://[ipv6address]:port/OPTIONS
           - fixed -o output (thanks to www417)
           - warning if HYDRA_PROXY is defined but the module does not use it
           - fixed an issue with large input files and long entries

        * hydra library:
           - SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
           - removed support for old OPENSSL libraries
        * HTTP Form module:
           - login and password values are now encoded if special characters are present
           - ^USER^ and ^PASS^ are now also supported in H= header values
           - if you the colon as a value in your option string, you can now escape it with \: - but do not encode a \ with \\
        * Mysql module: protocol 10 is now supported
        * SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be defined as an option "TLS" if required. This increases performance.
        * Cisco module: fixed a small bug (thanks to Vitaly McLain)
        * Postgres module: libraries on Cygwin are buggy at the moment, module is therefore disabled on Cygwin

 You can also take a look at the full CHANGES file

Download THC-Hydra v7.5

1. The source code of state-of-the-art Hydra: hydra-7.5.tar.gz
    (compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, Android, etc.)

 2. The source code of the stable tree of Hydra ONLY in case v7 gives you problems on unusual and old platforms: hydra-5.9.1-src.tar.gz

 3. The Win32/Cywin binary release: --- not anymore ---
    Install cygwin from http://www.cygwin.com  and compile it yourself. If you do not have cygwin installed - how do you think you will do proper securiy testing? duh ...

Read More

[Hydra v 7.4] Fast Network cracker

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.

Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Change Log

• New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
• Added support for win8 and win2012 server to the RDP module
• Better target distribution if -M is used
• Added colored output (needs libcurses)
• Better library detection for current Cygwin and OS X
• Fixed the -W option
• Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
• Fixed HTTP Form module false positive when no answer was received from the server
• Fixed SMB module return code for invalid hours logon and LM auth disabled
• Fixed http-{get|post-form} from xhydra
• Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
• Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
• Added debug mode option to usage (thanks to Anold Black)

Download Hydra v 7.4 Fast Network cracker

Read More