One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.
Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
Change Log
- New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
- Added support for win8 and win2012 server to the RDP module
- Better target distribution if -M is used
- Added colored output (needs libcurses)
- Better library detection for current Cygwin and OS X
- Fixed the -W option
- Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
- Fixed HTTP Form module false positive when no answer was received from the server
- Fixed SMB module return code for invalid hours logon and LM auth disabled
- Fixed http-{get|post-form} from xhydra
- Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
- Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
- Added debug mode option to usage (thanks to Anold Black)