Password Cracking - hydra, medusa, hashcat
Password cracking tools like Hydra, Medusa, and Hashcat are commonly used in penetration testing and security assessments to test the strength of passwords and assess system security. Each tool has its strengths and is used depending on the type of authentication and the format of passwords being cracked. Here’s a practical guide on how to use Hydra, Medusa, and Hashcat for password cracking in Kali Linux:
- Tools Overview:
- 1. Hydra:
- Purpose: Hydra is a fast and flexible password cracking tool that supports various protocols for brute-force attacks.
- Protocols Supported: HTTP, HTTPS, FTP, SMB, SSH, Telnet, etc.
- Usage Example: Brute-force attacking an SSH server with Hydra:
```bash
hydra -l <username> -P /path/to/passwords.txt ssh://<target_IP>
```
- Replace `<username>` with the target username.
- Provide the path to a file containing a list of passwords (`passwords.txt`).
- Replace `<target_IP>` with the IP address of the SSH server.
- 2. Medusa:
- Purpose: Medusa is a parallelized login brute-forcer that supports many different services, including databases, FTP, HTTP, IMAP, MySQL, SSH, and more.
- Protocols Supported: Similar to Hydra, supports a wide range of protocols and services.
- Usage Example: Brute-forcing a MySQL database with Medusa:
```bash
medusa -u <username> -P /path/to/passwords.txt -h <target_IP> -M mysql
```
- Replace `<username>` with the MySQL username.
- Provide the path to a file containing a list of passwords (`passwords.txt`).
- Replace `<target_IP>` with the IP address of the MySQL server.
- Use `-M` to specify the module (`mysql` in this case).
- 3. Hashcat:
- Purpose: Hashcat is a powerful password recovery tool for recovering passwords from hashes using brute-force, dictionary attacks, hybrid attacks, mask attacks, and rule-based attacks.
- Usage Example: Cracking an MD5 hash with Hashcat:
```bash
hashcat -m 0 /path/to/hashfile.txt /path/to/wordlist.txt
```
- `-m 0` specifies the hash type (MD5 in this case).
- Provide the path to the file containing the hashes (`hashfile.txt`).
- Provide the path to a wordlist (`wordlist.txt`) for dictionary-based attacks.
- Practical Guide:
- 1. Install Tools:
- Ensure Hydra, Medusa, and Hashcat are installed on your Kali Linux system:
```bash
sudo apt update
sudo apt install hydra medusa hashcat
```
- 2. Using Hydra:
- SSH Brute Force Example:
```bash
hydra -l root -P /usr/share/wordlists/rockyou.txt ssh://<target_IP>
```
- Replace `<target_IP>` with the IP address of the SSH server.
- `/usr/share/wordlists/rockyou.txt` is a popular wordlist included in Kali Linux.
- 3. Using Medusa:
- MySQL Brute Force Example:
```bash
medusa -u root -P /usr/share/wordlists/rockyou.txt -h <target_IP> -M mysql
```
- Replace `<target_IP>` with the IP address of the MySQL server.
- 4. Using Hashcat:
- MD5 Hash Cracking Example:
```bash
hashcat -m 0 hashes.txt /usr/share/wordlists/rockyou.txt
```
- `hashes.txt` should contain the MD5 hashes you want to crack.
- `/usr/share/wordlists/rockyou.txt` is used as a dictionary for this example.
- Tips for Efficient Password Cracking:
- Wordlists: Use diverse and extensive wordlists (`rockyou.txt`, `SecLists`, etc.) for better chances of success.
- Rules: Utilize Hashcat's rule-based attacks (`-r` option) to modify and extend wordlists.
- Performance: Leverage GPU acceleration (if available) with Hashcat for faster cracking speeds.
Thanks for the guide
ReplyDelete