> [!note] > This note is about the password cracker, not about the Nix CI build system. # Hydra Hydra is a parallelized login cracker which supports the following protocols: `adam6500`, `afp`, `asterisk`, `cisco`, cisco-`enable`, `cvs`, `firebird`, [[FTP]], `ftps`, `http`, `icq`, `imap`, `irc`, `ldap2`, `ldap3`, `mssql`, [[MySQL]], `ncp`, `nntp`, `oracle`, `oracle-listener`, `oracle-sid`, `pcanywhere`, `pcnfs`, `pop3`, [[PostgreSQL]], [[RDP]], `radmin2`, [[Redis]], `rexec`, `rlogin`, `rpcap`, `rsh`, `rtsp`, `s7-300`, `sapr3`, `sip`, [[SMB]], `smtp`, `smtp-enum`, `snmp`, `socks5`, [[SSH]], `sshkey`, `svn`, `teamspeak`, [[Telnet]], `vmauthd`, `vnc`, xmpp. The basic command line parameters are - `-L` load a list of user names from file (new-line separated) - `-l` use a single user name - `-P` load a password list - `-p` use a single password - `-f` will cause Hydra to exit after the first login combo is found - `-R` will restore previous session - `-C` load a list of user names and passwords to try in `login:pass` format You then need to configure the IP address and protocol Hydra will use. For example to test a list of usernames for a particular password call: ```sh hydra -f -L <usernames file> -p <password to attempt> <IP Address> <protocol> ``` Hydra is installed by default on Parrot and Kali. To install it on other systems use: ```sh sudo apt-get install hydra ``` ## Hack The Box Machines - [[Funnel Write-up|Funnel]]