THC Hydra examples for brute forcing passwords
Hydra continues to be a recognised and widely used method for brute force attacks for password cracking. The tool supports many protocols, a few of which are SSH, SMTP, IMAP, MONGODB, CISCO AAA, VNC, RDP amongst many others.
From the command line the basic syntax structure for brute forcing logins with username and/or passwords is as follows:
$ hydra -l username -P wordlist protocol host this could look like this: $ hydra -l admin -P wordlist /user/share/wordlists/rockyou.txt 10.10.10.10 ssh or the same search using
://option $ hydra -l admin -P wordlist /user/share/wordlists/rockyou.txt ssh://10.10.10.10