Password Based Attack (THC Hydra)

Password is a secret word that is used for authentication or proves your identity, password is a foundation of security for most computer or computer networks. Usually a normal user do not know the importance of password, many users choose the simplest
password such as a pet’s name to help them remember it.
Nowadays, many services use cryptography technique to secure their information, cryptography is the art of secret communication, by using cryptography techniques you can secure your password and make your password difficult to crack.

There is a different techniques to crack passwords below are the example of different techniques.

Guessing
This is an old but simplest method that an attacker used to crack passwords, as i told earlier that a normal user do not know the importance of password and a normal user do not care about passwords, many of the people use very weak passwords such as their pet’s name, lover name, friend or relative, phone numbers or passport numbers etc.
If your password is so weak than an attacker who knows you personally can easily guess your password, so be careful while choosing your passwords. If an attacker does not you personally so he/she uses some of social engineering technique to get your personal information.

Dictionary Based Attack
Dictionary attack happen when an attacker create a wordlist(a dictionary) which contains some commonly used passwords, name of places, common names, and other commonly used words. To avoid this type of attack you must choose a strong password.
There is various password cracking tools present on the internet like:

? Cain & able
? John the Ripper
? THC hydra
? Aircrack (WEP/WPA cracking tool)
? L0phtcrack
? Brutus
? Or more.

THC hydra
THC hydra is a network authentication cracker which supports many different services, click here for more information.

When you will get this screen that ask you to enter the password, if an attacker is not the authorized person than an attacker try to crack it, in our example i will show how to use Thc hydra to pergorm the desired task.

Download thc hydra than use command prompt 
C:Documents and SettingsuserDesktop>hydra
 

After that Type “hydra -L userslist.txt -P passlist.txt xxx.xxx.xxx.xxx ftp” and press
enter.
In our case hydra -L wordlist.txt -P passlist.txt 192.168.1.1 ftp and press enter.


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Exploit Heartbleed using Metasploit in Kali Linux

Heartbleed vulnerability (registered as CVE-2014-0160) is a security bug present in the older version of OpenSSL cryptographic library. OpenSSL is a cryptographic toolkit used...

How to Install Parrot Security OS on VirtualBox in 2020

Parrot Security OS is a free GNU/LINUX distribution, released on 10th April 2013. It is a mixture of Kali Linux and Frozenbox OS, aims to...

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...