Brute-forcing passwords with THC-Hydra
THC-Hydra (or simply Hydra) is a network logon cracker, that is, an online cracker, which means that it can be used to find login passwords by brute-forcing network services. A brute force attack is the one that tries to guess the correct password by attempting all the possible combinations of characters; these type of attacks are guaranteed to find an answer, even if they take ten million years to do it.
Although it is not feasible for a penetration tester to wait for more than a few days or maybe hours to get the login password for a website, sometimes testing a few username/password combinations in a large number of servers might be very productive.
In this recipe, we will use Hydra to break into a login ...
Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.