Password Cracking - hydra, medusa, hashcat

 Password cracking tools like Hydra, Medusa, and Hashcat are commonly used in penetration testing and security assessments to test the strength of passwords and assess system security. Each tool has its strengths and is used depending on the type of authentication and the format of passwords being cracked. Here’s a practical guide on how to use Hydra, Medusa, and Hashcat for password cracking in Kali Linux:


- Tools Overview:


- 1. Hydra:

   - Purpose: Hydra is a fast and flexible password cracking tool that supports various protocols for brute-force attacks.

   - Protocols Supported: HTTP, HTTPS, FTP, SMB, SSH, Telnet, etc.

   - Usage Example: Brute-force attacking an SSH server with Hydra:

     ```bash

     hydra -l <username> -P /path/to/passwords.txt ssh://<target_IP>

     ```

     - Replace `<username>` with the target username.

     - Provide the path to a file containing a list of passwords (`passwords.txt`).

     - Replace `<target_IP>` with the IP address of the SSH server.


- 2. Medusa:

   - Purpose: Medusa is a parallelized login brute-forcer that supports many different services, including databases, FTP, HTTP, IMAP, MySQL, SSH, and more.

   - Protocols Supported: Similar to Hydra, supports a wide range of protocols and services.

   - Usage Example: Brute-forcing a MySQL database with Medusa:

     ```bash

     medusa -u <username> -P /path/to/passwords.txt -h <target_IP> -M mysql

     ```

     - Replace `<username>` with the MySQL username.

     - Provide the path to a file containing a list of passwords (`passwords.txt`).

     - Replace `<target_IP>` with the IP address of the MySQL server.

     - Use `-M` to specify the module (`mysql` in this case).


- 3. Hashcat:

   - Purpose: Hashcat is a powerful password recovery tool for recovering passwords from hashes using brute-force, dictionary attacks, hybrid attacks, mask attacks, and rule-based attacks.

   - Usage Example: Cracking an MD5 hash with Hashcat:

     ```bash

     hashcat -m 0 /path/to/hashfile.txt /path/to/wordlist.txt

     ```

     - `-m 0` specifies the hash type (MD5 in this case).

     - Provide the path to the file containing the hashes (`hashfile.txt`).

     - Provide the path to a wordlist (`wordlist.txt`) for dictionary-based attacks.


- Practical Guide:


- 1. Install Tools:

   - Ensure Hydra, Medusa, and Hashcat are installed on your Kali Linux system:

     ```bash

     sudo apt update

     sudo apt install hydra medusa hashcat

     ```


- 2. Using Hydra:

   - SSH Brute Force Example:

     ```bash

     hydra -l root -P /usr/share/wordlists/rockyou.txt ssh://<target_IP>

     ```

     - Replace `<target_IP>` with the IP address of the SSH server.

     - `/usr/share/wordlists/rockyou.txt` is a popular wordlist included in Kali Linux.


- 3. Using Medusa:

   - MySQL Brute Force Example:

     ```bash

     medusa -u root -P /usr/share/wordlists/rockyou.txt -h <target_IP> -M mysql

     ```

     - Replace `<target_IP>` with the IP address of the MySQL server.


- 4. Using Hashcat:

   - MD5 Hash Cracking Example:

     ```bash

     hashcat -m 0 hashes.txt /usr/share/wordlists/rockyou.txt

     ```

     - `hashes.txt` should contain the MD5 hashes you want to crack.

     - `/usr/share/wordlists/rockyou.txt` is used as a dictionary for this example.


- Tips for Efficient Password Cracking:


- Wordlists: Use diverse and extensive wordlists (`rockyou.txt`, `SecLists`, etc.) for better chances of success.

- Rules: Utilize Hashcat's rule-based attacks (`-r` option) to modify and extend wordlists.

- Performance: Leverage GPU acceleration (if available) with Hashcat for faster cracking speeds.


Comments

Post a Comment

Popular Posts