Hydra Tool developed by the hacker group “The Hacker’s Choice“ in 2000 is a parallelized network logon Cracker. The tool works by using a set of methods to crack passwords by using different approaches of generating possible passwords. The Hydra tool uses methods like wordlist attacks, Brute Force attack and many other methods to guess passwords and gain unauthorized access to a system. It can perform rapid dictionary attacks against more than 50 protocols which includes telnet, FTP, HTTP, HTTPS, SMB, IMAP, LDAP, XMPP, Databases and several other services.
It can also be used to test the strength of passwords used in network systems and identify potential vulnerabilities that can be exploited by the attackers. The tool is often used by security professionals, network administrators and penetration testers to assess the security of their systems and identify any weaknesses that needs to be addressed.
A dictionary attack is an attack where there is a single or multiple usernames and we provide a password wordlist to Hydra. Hydra then tests all these passwords against every user in the list.
In this blog, we will crack passwords by using Hydra tool by conducting a dictionary attack on SSH.
So, Let’s Begin!
- The first step is to open the Kali Linux terminal. As this is a SSH password attack, we must first check if the SSH port which is 22 is open. For this type the following command in the terminal:
- COMMAND: nmap –sS <IP Address>
Here,
1. -sS stands for TCP SYN Scan
2.<IP Address> is 172.18.19.1
So, as seen from the above result we can see that the SSH port is open and it can be attacked.
- As we want to do a dictionary attack, the next step, we will go ahead and create two files using the command nano. The first file is called as User File which contains a list of usernames and the second file is called as Password File which contains a set of passwords.
- Type the following command in the terminal, it will open an empty file in which you can type the list of usernames as shown below.
- COMMAND: nano user.txt
- “Press CTRL+X to save and exit from user.txt file.“
- We will repeat the same step above to create a file for passwords. We will call that file as password.txt. Type the given command in the terminal which will open an empty file. Then type the list of passwords as shown in the figure.
- COMMAND: nano password.txt
- “Press CTRL+X to save and exit from password.txt file.“
Now let’s begin with the dictionary attack!
- First change the directory to Desktop by using the following command and then type the following command for the dictionary attack to take place:
- COMMAND: cd Desktop
- COMMAND: hydra -L <username_list> -P <password_list> <IP Address> <Service>
Here,
- Hydra: starts the Hydra tool.
- -L specifies the username to use in the attack
- <username list> is the user.txt file
- -P specifies the path to the file containing list of passwords in the attack.
- <password list> is the password.txt.
- <IP address> server’s IP i.e. 172.18.19.1
- <service> specifies the target protocol that is being attacked, here it is SSH.
- If the attack is successful, Hydra will highlight the successful username/password combinations in green for all the matches.
Please note, that these commands are just examples, and the specific options and parameters used may vary depending on the target system and the specific requirements of the attack.
