存档

文章标签 ‘hydra’

hydra编译错误hydra-snmp.c: In function ‘start_snmp’:

2012年5月31日 1 条评论

编译hydra 7遇到这个错误,换成hydra 5.x的版本编译就OK了

hydra-snmp.c: In function ‘start_snmp’:
hydra-snmp.c:333: error: ‘C_Block’ undeclared (first use in this function)
hydra-snmp.c:333: error: (Each undeclared identifier is reported only once
hydra-snmp.c:333: error: for each function it appears in.)
hydra-snmp.c:333: error: expected expression before ‘)’ token
hydra-snmp.c:334: error: ‘symcbc’ undeclared (first use in this function)
hydra-snmp.c:334: error: expected expression before ‘)’ token
hydra-snmp.c:334: error: ‘DES_ENCRYPT’ undeclared (first use in this function)
make: *** [hydra-snmp.o] Error 1

分类: 技术点滴 标签: ,

从openssh函数看ssh连接建立过程

2012年4月7日 2 条评论

如果咱去面试的时候,别人问咱:请描述你通过ssh登陆linux系统的过程。这个问题挺不错的,可以从回答的内容看出来面试者对网络,系统,加密的熟悉程度,想问深一些可以加上一句“窃取ssh1协议登陆密码的方式叫什么?在上述哪个过程实现的?”。我记得http://shallwe.net说过他刚毕业去谷歌面试,其中一个题目就是:请描述你访问谷歌网站的过程。水平如何一试见高低。

这个咱心里有谱吗?看了ncrack出品的这个文章就可以很好很深入的回答这个问题,要喷起来,可以喷个15分钟吧。当然了,纯粹从网络和应用逻辑交互过程来描述(具体见 oreilly ssh the secure shell一书),也是一个让人满意的答案,但如果从代码层喷,能让人另眼相看了,说不定被认为是一个code hacker。另外说下,ncrack是一个非常优秀的远程密码审计工具,有兴趣的请自行围观 http://nmap.org/ncrack/ 不要用它做坏事啊。

阅读全文…

远程密码审计程序hydra已经10岁了,发布6.1版,修复多个BUG

2011年2月7日 评论已被关闭

hydra作为一个经典的远程密码强度审计程序,在2月3号已经10岁了。发布6.1版,修复多个BUG,特别是ssh相关的。

阅读全文…

linux下审计web http login form口令强度的工具

2010年6月25日 6 条评论

hydra的http-{get|post}-form模块,hydra漏报率太高了。

http[s]-form-{get|post}
                 specifies the page and the parameters for the web form.
                 the keyword “^USER^” is replaced with the login and
                 ^PASS^ with the password.
                 syntax:   <url>:<form parameters>:<failure string>
                 e.g.: /login.php:user=^USER^&pass=^PASS^&mid=123:incorrect

The hydra form can be used to carry out a brute-force attack on simple
web-based login forms that require username and password variables via
either a GET or POST request.

The module works similarly to the HTTP basic auth module and will honour
proxy mode (with authenticaion) as well as SSL. The module can be invoked
with the service names of “http-get-form”, “http-post-form”,
“https-get-form” and “https-post-form”.

Here’s a couple of examples: –

./hydra -l “<userID>” -P pass.txt 10.221.64.12 http-post-form
“/irmlab2/testsso-auth.do:ID=^USER^&Password=^PASS^:Invalid Password”

./hydra -s 443 -l “<username>” -P pass.txt 10.221.64.2 https-get-form
“/irmlab1/vulnapp.php:username=^USER^&pass=^PASS^:incorrect”

The option field (following the service field) takes three “:” seperated
values, the first is the page on the server to GET or POST to, the second is
the POST/GET variables (taken from either the browser, or a proxy such as
PAROS) with the varying usernames and passwords in the “^USER^” and “^PASS^”
placeholders and the third is the string that it checks for an *invalid*
login – any exception to this is counted as a success.

If you specify the verbose flag (-v) it will show you the response from the
HTTP server which is useful for checking the result of a failed login to
find something to pattern match against.

medusa的web-form模块,看某个模块的帮助的命令是medusa -M web-form -q

Usage example: “-M web-form -m USER-AGENT:”g3rg3 gerg” -m FORM:”webmail/index.php” -m DENY-SIGNAL:”deny!” -m FORM-DATA:”post?user=&pass=&submit=True”

Available module options:
  USER-AGENT:?       User-agent value. Default: “I’m not Mozilla, I’m Ming Mong”.
  FORM:?             Target form to request. Default: “/”
  DENY-SIGNAL:?      Authentication failure message. Attempt flagged as successful if text is not present in
                     server response. Default: “Login incorrect”
  FORM-DATA:<METHOD>?<FIELDS>
                     Methods and fields to send to web service. Valid methods are GET and POST. The actual form
                     data to be submitted should also be defined here. Specifically, the fields: username and
                     password. The username field must be the first, followed by the password field.
                     Default: “post?username=&password=”

linux下的东西的好处是可以用脚本控制输出数据产生报表。我YY了很久的风险监控中很快就要出内测版了。

另外windows下的auxtenx(可能拼写错误)那个web扫描器也可以

thc probe里的nat程序不错

2009年4月17日 评论已被关闭

linux下貌似很少看到有对windows进行密码破解的,hydra和medusa都太庞大了点,特别是hydra。这小玩意在内网从linux渗透windows的时候挺方便。

阅读全文…