" />

THC-Hydra – A very fast network logon cracker which support many different services

According to Kali, Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add.

This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.

Currently this tool supports:
Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-POST, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, S7-300, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.

Hydra will work in 4 modes:

  • One Username & One Password
  • Username List & One Password
  • One Username & Password List
  • Username List & Password List

Hydra has Various Options:

  • Target – Settings of various target options
  • Passwords – Specify password options & wordlists
  • Tuning – Specify how fast should hydra work. Other timing options are also available.
  • Specific – For testing on specific targets like a domain, https proxy etc.
  • Start – Start/Stop & shows the output.

Step 1:

Use THC-Hydra in Kali Linux: # sudo xhydra.

Here we are setting our single Target  e.g “″ (set your Remote Target) in Target area.

We are using SSH authentication for communicate to remote Target “″

Bottom of the tool we can see command line which is automatically create when we set out settings in xHydra.


Step 2:

we Perform wordlist attack by using a wordlist containing most common passwords to break into the root account. you can add “n” number of passwords to your word list.

In Passwords area , we set our username as “root” and specified our password.lst location in Password List box (/usr/share/john/password.lst).

Kali Linux comes with built in word lists e.g. /usr/share/john/password.lst (John the Ripper).

Search them using the command: # locate *.lst in terminal windows.


Step 3:

In Tuning area , we set the number of task that we are going to perform .

Number of Taks: e.g. 1 (per host, default: 16)
Timeout: e.g. 20 (default: 30)
No Proxy

Step 4:

In Start area, click the “Start” button.

You can see clearly  the terminal command line in the bottom of the tool which is about the target IP, a protocol that we used  and wordlist of dictionary list  “password.lst”


Finally, we have got the result about our target system login “root” and password “hackme”.