Professional Documents
Culture Documents
Tutorial Penggunaaan Crack Password
Tutorial Penggunaaan Crack Password
Hydra
Hydra is the brute forceing toolkit & called a login cracker. This tool is made for penetration tester
and ethical hackers.
It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST,
HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle
Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT),
SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2),
Telnet, VMware-Auth, VNC and XMPP.
The username can be a single user name, such as "admin" or username list, passwordlist is usually any
text file that contains potential passwords, and target can be an IP address and port, or it can be a
specific web form field.
Contoh ssh:
Contoh ftp:
For example: ‘-l’ or ‘-P’ etc. And then right after a space the string
or the value. The various parameters are given below :
► -l = The username
► -p = The password
► -vV – The verbose mode. This mode shows you every login attempt hydra
tries.
Website
/hydra -L /root/usernames.txt
-P /root/HugeDB.txt
-e ns -vV -s 80
website.com http-post-form
“/login.php&username=^USER^&password=^PASS^
Gmail
Wordpress
'/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log
In&testcookie=1:S=Location'
Joomla