Hydra Core Operations

Learn the fundamental operations and commands for using Hydra effectively

This section covers the fundamental operations and commands for using Hydra effectively in your penetration testing workflow. Hydra is a powerful and flexible password cracking tool that supports numerous protocols and offers various attack methods.

Command Line Structure

The basic syntax for Hydra follows this pattern:

hydra [options] [-s PORT] TARGET PROTOCOL [MODULE-OPTIONS]

Where:

  • [options] are the general Hydra options
  • [-s PORT] specifies a non-default port
  • TARGET is the target host(s) to attack
  • PROTOCOL is the protocol to use
  • [MODULE-OPTIONS] are protocol-specific options

Essential Options

Here are the most commonly used options in Hydra:

OptionDescription
-l LOGINSingle username
-L FILEList of usernames
-p PASSSingle password
-P FILEList of passwords
-C FILEColon-separated username:password combinations
-e nsrTry "n" null password, "s" as password, "r" reversed username
-M FILEList of multiple targets
-o FILEWrite found credentials to FILE
-t TASKSNumber of parallel connections per target
-T TASKSNumber of parallel connections total
-w TIMEOUTConnection timeout
-fExit after first found pair
-v / -VVerbose / Very verbose

Target Specification

You can specify targets in several ways:

# Single target
hydra 192.168.1.1 ssh

# Multiple targets
hydra 192.168.1.1/24 ssh

# Target from file
hydra -M targets.txt ssh

# IPv6 target
hydra -6 ::1 ssh

Understanding Output

Hydra's output includes:

  1. Task information: Shows the number of tasks and attempts
  2. Progress indicators: Displays percentage complete and attempts per minute
  3. Found credentials: Shows successful username/password combinations
  4. Statistics: Provides a summary of the attack at completion

Example output:

Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-05-01 12:00:00
[DATA] max 16 tasks per 1 server, overall 16 tasks, 100 login tries (l:10/p:10), ~7 tries per task
[DATA] attacking ssh://192.168.1.100:22/
[22][ssh] host: 192.168.1.100   login: admin   password: password123
[STATUS] 100.00 tries completed (1 valid password found)
[STATUS] attack finished for 192.168.1.100 (waiting for children to complete tests)
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-05-01 12:01:05

Navigate to the specific protocol pages to learn more about each protocol's unique options and attack methods.