THC Hydra

peppoj · Post by **peppoj** » 28 May 2007, 15:53

Hi!
I just want a "bruteforce over proxy" example from you internetpeople

Post by **ayu** » 28 May 2007, 22:21

Goto http://www.hackinglibrary.ws/

Should be some old B-forcer there called Brutus and munga bunga, you can use those through proxies. But even without a proxy it could take thousands of years to crack a password like that.

peppoj · Post by **peppoj** » 29 May 2007, 04:04

No i mean like:
hydra -l user -P passlist.txt ftp.ftpserver.com ftp

but where do i put in the proxy?

Post by **ayu** » 29 May 2007, 05:43

Well i haven't used THC hydra so i wouldn't know =/

do you have a link for it?

peppoj · Post by **peppoj** » 29 May 2007, 09:19

It is an commandline based bruteforcer witch you can find here:
http://www.thc.org/thc-hydra/

Post by **ayu** » 29 May 2007, 10:39

In the readme it says

HOW TO SCAN/CRACK OVER A PROXY
------------------------------
The environment variable HYDRA_PROXY_HTTP defines the web proxy (this works
just for the http/www service!).
The following syntax is valid:
HYDRA_PROXY_HTTP="http://123.45.67.89:8080/"
For all other services, use the HYDRA_PROXY_CONNECT variable to scan/crack
via a web proxy's CONNECT call. It uses the same syntax. eg:
HYDRA_PROXY_CONNECT=proxy.anonymizer.com:8000
If you require authentication for the proxy, use the HYDRA_PROXY_AUTH
environment variable:
HYDRA_PROXY_AUTH="the_login:the_password"