# Hydra

## <mark style="color:blue;">Overview</mark>

Hydra is a password cracking tool that can be used to crack passwords for a variety of protocols, including SSH, FTP, Telnet, and HTTP. Hydra works by using a dictionary attack, which means that it tries all possible combinations of words and characters in a dictionary to crack the password.

Hydra is a powerful tool, but it can be slow to crack passwords, especially if the password is long and complex. Hydra also requires a large amount of processing power and memory to run effectively.

Hydra is a popular tool among security researchers and penetration testers. It can be used to test the security of systems and networks by trying to crack passwords for various accounts. Hydra can also be used to recover lost passwords.

Here are some of the key features of Hydra:

* Supports a wide range of protocols, including SSH, FTP, Telnet, and HTTP.
* Can use a variety of attack methods, including dictionary attack, brute-force attack, and hybrid attack.
* Supports parallel cracking, which can significantly speed up the cracking process.
* Can be used to crack passwords for local accounts, as well as remote accounts.

## <mark style="color:blue;">The most commonly used commands in Hydra</mark>

* HTTP Form-Based Authentication:&#x20;

```
hydra -l <username> -P <password_list> <target_url> http-post-form "<login_url>:<login_parameters>:<failure_message>"
```

* FTP:&#x20;

```
hydra -l <username> -P <password_list> <target_ip> ftp
```

* SSH:&#x20;

```
hydra -l <username> -P <password_list> <target_ip> ssh
```

* Telnet:&#x20;

```
hydra -l <username> -P <password_list> <target_ip> telnet
```

* MySQL:&#x20;

```
hydra -l <username> -P <password_list> <target_ip> mysql
```

* RDP (Remote Desktop Protocol):&#x20;

```
hydra -t 4 -l <username> -P <password_list> <target_ip> rdp
```

## <mark style="color:blue;">How to use Hydra?</mark>

{% embed url="<https://www.youtube.com/watch?v=-CMBoJ60K1A>" %}

{% hint style="info" %}
Thanks to [CertBros](https://www.youtube.com/@Certbros) for the great [video](https://www.youtube.com/watch?v=-CMBoJ60K1A) !
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hackingforbabies.gitbook.io/en/password-attacks/hydra.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.