THC-Hydra 7.5 Released – Fast Parallel Network Logon Cracker


Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast.

THC-Hydra

Features

  • IPv6 Support
  • Graphic User Interface
  • Internationalized support (RFC 4013)
  • HTTP proxy support
  • SOCKS proxy support

The tool supports the following protocols –

And is faster in most tests than ncrack or medusa.

Changelog for 7.5

  • Added module for Asterisk Call Manager
  • Added support for Android where some functions are not available
  • hydra main:
    • – reduced the screen output if run without -h, full screen with -h
    • – fix for ipv6 and port parsing with service://[ipv6address]:port/OPTIONS
    • – fixed -o output (thanks to www417)
    • – warning if HYDRA_PROXY is defined but the module does not use it
    • – fixed an issue with large input files and long entries
  • hydra library:
    • – SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
    • – removed support for old OPENSSL libraries
  • HTTP Form module:
    • – login and password values are now encoded if special characters are present
    • – ^USER^ and ^PASS^ are now also supported in H= header values
    • – if you the colon as a value in your option string, you can now escape it with \: – but do not encode a \ with \\
  • Mysql module: protocol 10 is now supported
  • SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be defined as an option “TLS” if required. This increases performance.
  • Cisco module: fixed a small bug (thanks to Vitaly McLain)
  • Postgres module: libraries on Cygwin are buggy at the moment, module is therefore disabled on Cygwin

You can download THC-Hydra 7.5 here:

hydra-7.5.tar.gz

Or read more here.

Posted in: Networking Hacking Tools, Password Cracking Tools

, , , ,


Latest Posts:


Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.
zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors


One Response to THC-Hydra 7.5 Released – Fast Parallel Network Logon Cracker

  1. NBGnetworks December 30, 2013 at 11:23 am #

    We use THC hydra all the time! The hackers choice always makes a quality product. Typically we’ll get a list of valid users and passwords through SQLI or phishing and then try that against an FTP or public SSH server.

    -Dan