This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Showing posts with label THC Hydra. Show all posts
Showing posts with label THC Hydra. Show all posts

Hydra 8.5 - Network Logon Cracker

May 06, 2017  , , , , , , , , , , ,  

 A very fast network logon cracker which support many different services.

See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows.

This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.

There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and OSX.

Currently this tool supports the following protocols:
Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

CHANGELOG for 8.5
CHANGELOG for 8.5
        ===================
        ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
        
        ! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix
        * New command line option:
          -b : format option for -o output file (json only so far, happy for patches supporting others :) ) - thanks to veggiespam for the patch
        * ./configure now honors the CC enviroment variable if present
        * Fix for the restore file crash on some x64 platforms (finally! thanks to lukas227!)
        * Changed the format of the restore file to detect cross platform copies
        * Fixed a bug in the NCP module
        * Favor strrchr() over rindex()
        * Added refactoring patch by diadlo
        * Updated man page with missing command line options


Read More

THC-Hydra 8.1 - Network Logon Cracker

December 08, 2014  , , , , , , , , , , , ,  

 A very fast network logon cracker which support many different services.

See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows.

This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system.

There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and OSX.

Currently this tool supports the following protocols:
Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

CHANGELOG for 8.1
        ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
        
        * David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best!
        * Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks!
        * Found login:password combinations are now printed with the name specified (hostname or IP), not always IP
        * Fixed the -M option, works now with many many targets :-)
        * -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port"
        * Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting)
        * Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks!
        * Added xhydra gtk patches by Petar Kaleychev to support -h, -U, -f, -F, -q and -e r options, thanks!
        * Added patch for teamspeak to better identify server errors and auth failures (thanks to Petar Kaleychev)
        * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting)
        * Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting)
        * Updated configure to detect subversion packages on current Cygwin
        * Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com)


Read More

[Hydra v 7.4] Fast Network cracker

December 23, 2012  , , , ,  



One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.


Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.


Change Log

  • New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
  • Added support for win8 and win2012 server to the RDP module
  • Better target distribution if -M is used
  • Added colored output (needs libcurses)
  • Better library detection for current Cygwin and OS X
  • Fixed the -W option
  • Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
  • Fixed HTTP Form module false positive when no answer was received from the server
  • Fixed SMB module return code for invalid hours logon and LM auth disabled
  • Fixed http-{get|post-form} from xhydra
  • Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
  • Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
  • Added debug mode option to usage (thanks to Anold Black)


Read More
Subscribe to: Posts (Atom)