THC-HYDRA UPDATED - A FASTER 8.1 VERSION RELEASED!


2 min read
THC-HYDRA UPDATED - A FASTER 8.1 VERSION RELEASED!

THC-HYDRA UPDATED - A FASTER 8.1 VERSION RELEASED!

THC-HYDRA UPDATED - A FASTER 8.1 VERSION RELEASED!

THC Hydra is often a tool of choice when you aim to crack a remote authentication service. Rapid dictionary attacks to brute force crack the security holes : the security passwords is what Hydra is known to endeavor. Now, that too with fast and easy to inculcate modules provided in a new version: version 8.1.

THC-hydra is known to perform against more than 30 protocols, namely :

  • Linux ,Windows/Cygwin,
  • Solaris 11, FreeBSD 8.1 and OSX,
  • Cisco AAA, Cisco auth, Cisco enable,
  • CVS, Firebird,
  • HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY.
  • ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP,
  • Oracle Listener, Oracle SID, Oracle, PC-Anywhere,
  • PNFS, POP3, POSTGRES,
  • RDP, Rexec, Rlogin, Rsh,
  • SAP/R3, SIP, SMB,
  • SMTP, SMTP Enum, SNMP,
  • SOCKS5, SSH (v1 and v2),
  • Subversion, Teamspeak (TS2),
  • Telnet, VMware-Auth,
  • VNC and XMPP.

New amendments :

  • Development shifted to https://github.com/vanhauser-thc/thc-hydra  ;a public github repository.

  • A patch allowing h/H header options for http-forms-* added (credits to Ander Juaristi).

  • Cracked login:password combinations, now printed with hostname or IP and not always with IP.

  • Enrichment of -M for better and more target distribution.

  • Enhanced -M to support ports,colon(:) addition in “host:port” ; “[ipv6ipaddress]:port” in case of ipv6.

  • Cisco-enabled in case of usage of initial Login/password (credits to Joswrite for reporting).

  • Patch-addition allowing better MySQL compilation and an android file and Makefile (credits to tux-mind).

  • Inclusion of xhydra gtk patches supporting -h, -U, -f , -F,-q and -e r options (credits to Petar Kaleychev).

  • For better identification of server errors and auth failures, a patch for teamspeak has been added (credits to Petar Kaleychev).

  • Rectification of cisco module crash (credits to Anatoly mamaev for reporting).

  • HTTP form module remedied for redirection of pages where S=string match wouldn’t work.

  • Configure updated to detect subversion packages on current Cygwin.

  • Applied Limitations to avoid lofty and deleterious input files for -L, -P, -C, and -M.

  • RDP module remedied to support the port options (credits to [email protected]).

Supported Platforms :

  • All UNIX platforms (linux, *bsd, solaris, etc.);
  • Mac OS/X;
  • Windows with Cygwin (both IPv4 and IPv6);
  • Linux, Mac OS/X or QNX-based mobile systems (e.g. Android, iPhone, Blackberry 10, Zaurus, iPaq).

COMPILATION :

  • Start by typing in:

./configure
            make
            make install
Installation,configuration and compilation of HYDRA incurs.

  • In case you want the ssh module, you need to have libssh on your system. You may obtain it from http://www.libssh.org (pay attention that you need to get libssh , not libssh2).
  • Add  "-DWITH_SSH1=On" option in the cmake command line for ssh v1 support.
  • For Ubuntu/Debian users, to install supplementary libraries :

apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev \

libgtk2.0-dev libmysqlclient-dev libpq-dev libsvn-dev \

firebird2.1-dev libncp-dev

All optional modules and features with the exception of Oracle, SAP R/3 and the apple filing protocol are enabled.

  • Linux derivatives and BSD based systems may use the software installer to look for the similar named libraries in the command written above.
  • In all other cases, you will have to manually compile all libraries’ sources after downloading..

Download

Follow us on Telegram and Twitter for all such latest cybersecurity news and updates.

GO TOP

🎉 You've successfully subscribed to Hack Reports!
OK