Password Based Attack (THC Hydra)

Password is a secret word that is used for authentication or proves your identity, password is a foundation of security for most computer or computer networks. Usually a normal user do not know the importance of password, many users choose the simplest
password such as a pet’s name to help them remember it.
Nowadays, many services use cryptography technique to secure their information, cryptography is the art of secret communication, by using cryptography techniques you can secure your password and make your password difficult to crack.

There is a different techniques to crack passwords below are the example of different techniques.

Guessing
This is an old but simplest method that an attacker used to crack passwords, as i told earlier that a normal user do not know the importance of password and a normal user do not care about passwords, many of the people use very weak passwords such as their pet’s name, lover name, friend or relative, phone numbers or passport numbers etc.
If your password is so weak than an attacker who knows you personally can easily guess your password, so be careful while choosing your passwords. If an attacker does not you personally so he/she uses some of social engineering technique to get your personal information.

Dictionary Based Attack
Dictionary attack happen when an attacker create a wordlist(a dictionary) which contains some commonly used passwords, name of places, common names, and other commonly used words. To avoid this type of attack you must choose a strong password.
There is various password cracking tools present on the internet like:

? Cain & able
? John the Ripper
? THC hydra
? Aircrack (WEP/WPA cracking tool)
? L0phtcrack
? Brutus
? Or more.

THC hydra
THC hydra is a network authentication cracker which supports many different services, click here for more information.

When you will get this screen that ask you to enter the password, if an attacker is not the authorized person than an attacker try to crack it, in our example i will show how to use Thc hydra to pergorm the desired task.

Download thc hydra than use command prompt 
C:Documents and SettingsuserDesktop>hydra
 

After that Type “hydra -L userslist.txt -P passlist.txt xxx.xxx.xxx.xxx ftp” and press
enter.
In our case hydra -L wordlist.txt -P passlist.txt 192.168.1.1 ftp and press enter.


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...