THC-Hydra 7.5 Released – Fast Parallel Network Logon Cracker


Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast.

THC-Hydra

Features

  • IPv6 Support
  • Graphic User Interface
  • Internationalized support (RFC 4013)
  • HTTP proxy support
  • SOCKS proxy support

The tool supports the following protocols –

And is faster in most tests than ncrack or medusa.

Changelog for 7.5

  • Added module for Asterisk Call Manager
  • Added support for Android where some functions are not available
  • hydra main:
    • – reduced the screen output if run without -h, full screen with -h
    • – fix for ipv6 and port parsing with service://[ipv6address]:port/OPTIONS
    • – fixed -o output (thanks to www417)
    • – warning if HYDRA_PROXY is defined but the module does not use it
    • – fixed an issue with large input files and long entries
  • hydra library:
    • – SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
    • – removed support for old OPENSSL libraries
  • HTTP Form module:
    • – login and password values are now encoded if special characters are present
    • – ^USER^ and ^PASS^ are now also supported in H= header values
    • – if you the colon as a value in your option string, you can now escape it with \: – but do not encode a \ with \\
  • Mysql module: protocol 10 is now supported
  • SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be defined as an option “TLS” if required. This increases performance.
  • Cisco module: fixed a small bug (thanks to Vitaly McLain)
  • Postgres module: libraries on Cygwin are buggy at the moment, module is therefore disabled on Cygwin

You can download THC-Hydra 7.5 here:

hydra-7.5.tar.gz

Or read more here.

Posted in: Networking Hacking Tools, Password Cracking Tools

, , , ,


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.


One Response to THC-Hydra 7.5 Released – Fast Parallel Network Logon Cracker

  1. NBGnetworks December 30, 2013 at 11:23 am #

    We use THC hydra all the time! The hackers choice always makes a quality product. Typically we’ll get a list of valid users and passwords through SQLI or phishing and then try that against an FTP or public SSH server.

    -Dan