Home » Featured, Headline, News

Hydra v6 windows

25 January 2011 11 Comments

What is hydra?

Hydra is simply a network password/login cracker, it uses brute-forcing and supports many protocols.

Number one of the biggest security holes are passwords, as every password security study shows.
Hydra is a parallized login cracker which supports numerous protocols to attack. New modules
are easy to add, beside that, it is flexible and very fast.

Version 6 was tested to compile cleanly on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX.

Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, Subversion/SVN, Firebird, LDAP2, Cisco AAA (incorporated in telnet module).
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest are supported.

This tool is a proof of concept code, to give researchers and security
consultants the possiblity to show how easy it would be to gain unauthorized
access from remote to a system.

So yeah, Hydra v6 was finally released yesterday (2011-01-24)

Note: you can get the source from here (official hydra-6.0-src.tar.gz) or (my mirror).
I compiled it under windows in a few minutes (and you should do the same)

If you hate dealing with cygwin or just lazy, here are the binary files:

DOWNLOAD HERE

(hydra-6.0-windows.zip)

This package includes cygwin DLL/library files which are neccesary to run hydra.exe and pw-inspector.exe.

 

Here are the files’ size checksum data

hydra-6.0-windows.zip 1,707,630 bytes
MD5: BDDE8975A9CFD288C989B5BFD0EAF4BD
SHA-1: 19A3D5C233F24DBDD129B024DB68A85A7F5A0660

cygcrypto-0.9.8.dll 1,174,542 bytes
MD5: 54FDF116F1BD22A63827946F9B41ABAD
SHA-1: EB0AAA0CFB7D83F1FF1FACE8BBBA6468B74B7E38

cyggcc_s-1.dll 46,094 bytes
MD5: 6A4F59F77FF4C8516D048CED8B0E9AFD
SHA-1: 0AC42E0A272050D849C392CEB2A124109A4B6AE1

cygssl-0.9.8.dll 268,814 bytes
MD5: 040C5700A5ACD7EF1DC763DBB276C211
SHA-1: 74500B2755AB2C760B28CF3B0A3280E55F1E223F

cygwin1.dll 2,648,181 bytes
MD5: BC68345F873DE78310D324320E82FE65
SHA-1: 8EAC4488EF2C06460DEAD9E3EA79183AD0A70646

cygz.dll 77,838 bytes
MD5: 6EE4769467C586306B6103CFCDCA8070
SHA-1: F34693314BC52A030D6308B9B2B6D51BB76A2940

hydra.exe 171,534 bytes
MD5: 25AB7AF26A872CF84A5D9E26A5F7DC34
SHA-1: 6C8619D9B9A2B256D35F39DDFBE0D53E5BBB64A1

pw-inspector.exe 8,718 bytes
MD5: 9C55E306FE0D4D479A8D20C0BDF43A88
SHA-1: 0F11B7CF290EDF7DECB16E4438D682E1A7479879

Document files also included: CHANGES.TXT, LICENSE.TXT, LICENSE.OPENSSL.TXT, README.TXT, TODO.TXT

This is NOT an official build, Use at your own risk, and it’s for legal use only.

11 Comments »

  • deep said:

    not working

  • 0xAli (author) said:

    What is exactly “Not working”.
    Run hydra.exe in a command line window (start->type “cmd” then run) and see the options.
    This is a CLI tool if you double clicked it nothing will show up.

  • SMed79 said:

    thank you 🙂

    example how to use:

    hydra -l root -P passwords.txt 192.168.1.13 ftp

  • anoy said:

    can not display Chinese character in verbose mode.

  • guna said:

    can this tool do bruteforce ? if we have any passwordlist??

  • guna said:

    sorry, i mean. if we haven’t any password list??

  • 0xAli (author) said:

    I am afraid not, you will have to generate a wordlist or download it.

  • bunk said:

    Error: Sockerpair creation failed: Address already in use

    any advise?

  • 0xAli (author) said:

    That means that another service is using port 80 (apache maybe skype?)

    Run CMD (In administrator mode if win7) and type this into it “netstat -antb” and see what’s using the port :80

  • Undrakh said:

    So i’ve downloaded the biggest, largest password list (dictionary) and started this on my own website. And i kind of went through the words in that word list. And if this hydra searches username and password by using the whole words in that list, it will never find my username and password. So what i’m trying to ask is that does it search character by character?

  • 0xAli (author) said:

    It uses word by word (words being supplied by dictionary)

Your opinion matters!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.