The Whitehat Hacking and Penetration Testing

The Whitehat Hacking and Penetration Testing tutorial provides a solid overview of password cracking techniques.

Although there are quite a few password cracking utilities available, Hydra is renowned as one of the best ones and is relied on by hackers and security experts alike as a way to test the strength of user passwords and overall network integrity.

What Protocols Does Hydra Work With?

Hydra is a very versatile penetration testing tool that has been successfully used with most modern network security protocols. Some examples include:

• Cisco
• Cisco-enable
• HTTPS-form-get
• MySQL
• SSH2
• SIP
• FTP
• Oracle-listener
• MSSQL
• IMAP

This is a condensed list of some common protocols that Hydra has been successfully used against in penetration testing and malicious hacking exploits but there are many others as well.

How Does Hydra Work?

In order to understand how Hydra works, you first must understand how brute force hacking works. As previously mentioned, Hydra takes a large list of possible passwords (usually in the millions) and systematically attempts to use these passwords to gain entry. Many of the common passwords that are included with Hydra are passwords that are known to be used by non-IT savvy users such as password1, secretpassword, etc.

To maximize the effectiveness of a brute force password attack, a good hacker will also incorporate elements of social engineering into a custom password list that specifically targets users within an organization. Social media sites such as Facebook have made social engineering extremely easy as many people use loved ones, children’s names, street addresses, and favorite football teams as their passwords. By linking employees to a specific organization and then looking for social media clues, a hacker can usually build a sturdy password list with a much higher success ratio. You can learn more about social engineering techniques inHacking School.

Hydra was actually developed for penetration testing, although it has become very popular in the hacking underworld. Regardless of which way you plan to use Hydra, it’s worth noting the recommendations set forth by the Hydra developers.

1.      Make your network as secure as possible.

2.     Set up a test network.

3.     Set up a test server.

4.     Configure services.

5.     Configure the ACL.

6.     Choose good passwords.

7.     Use SSL.

8.    Use cryptography.

9.     Use an IDS.

10.Throw Hydra against these security measures and try to crack the login commands.

These recommendations are designed to help penetration testers set up a secure environment that it is unlikely to be breached by a Hydra attack. The reality is that many networks are set up by amateurs and there is little to no security.

In most professionally configured networks, there are a few security components that render Hydra practically useless and you will probably fail at your attempts to crack passwords and could possibly be charged with a crime for your actions.

Some of these security measures include:

Disabling or blocking access to accounts after a predetermined number of failed authentication attempts has been reached. If this has been configured on a  network, chances are it will only allow 3 – 5 attempts before locking down the account. The likelihood that Hydra will guess the correct password in this many attempts is slim to none. In fact, you’d be more likely to win the Powerball.

Many companies have also gone to a multifactor or double opt-in authentication method for users. This means that in addition to a password, a security question has to be answered correctly for access. At this time, Hydra is not set up to crack multifactor authentication. To be continue ....