THC Hydra: Cracking Router’s Admin Login Password

November 7, 2016 | Views: 144598

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello Guys, wazzup !

Today I’m going to explain how to hack a router after hacking the PSK ( Pre-shared Key).

I’m just joking, this is for educational purpose ONLY.

Most of you have heard about THC Hydra. It is a parallelized login cracker which supports many protocols. It is a very powerful and fast tool for brute forcing. It can easily give you unauthorized remote access.

Today I will explain the commands which I use for cracking the username-password pair.

Start Learning Cyber Security with these FREE Courses:

Most routers have a default username and password. You can get an overview of all the commands used with Hydra by following: “man hydra” (in terminal).

  1. First, you’ll need to scan the open ports on the router.
  2. Use the following command: “namp 192.168.1.1” (this is your router’s IP address).
    • I will use FTP here.
  3. Now, run the following command: “hydra -l admin -P password.txt -v -f  192.168.1.1 ftp”
    • Explanation of the command: “l” is used for the login username. My default is “admin.” You can use “-L” and give a text file of some usernames if you’re not aware of your router’s admin username.
      • “P” is used for the password list.
      • “v” is used for verbose mode; it shows the login attempts.
      • “f”  tells it to quit after getting the valid username and password pair once.
      • “192.168.1.1” is my router’s configure IP address.
      • “ftp” is the service which I am using to get an open port (you can also use “http-get” and others).
  4. Now wait and watch; if it gets a login password pair, then it will show you on the screen.

There are many types of services which hydra supports and you can use them for cracking any type of login passwords.

I’ve created a video on hydra that you can watch here:

If you liked this, read my other post: https://www.cybrary.it/0p3n/karma-mitm-attack/

Sign up for a free 7 Day Trial today to enroll in these Career Paths:

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
11 Comments
  1. hi, can you help me with getting password.txt files. There are so many of them available on the internet, its confusing which one is better.

  2. Nice, you are using a “password list”, is generated by you or downloaded/prefixed by OS?

    If you could give some info where to get some lists that are efficient please.

  3. i’ve installed zimbra email server in virtualbox using ubuntu. i created two test accounts for testing purposes. now, can i ask if how to crack the username and password of my two zimbra test accounts using hydra. the test box has no domain name, only ip is used. also, all ports are at default settings of zimbra. thanks in advance

    • You can use smtp service for cracking if port open on smtp(generally open). Watch the video i’ve created if you dont know how to get open port info on ip addresses.

  4. Don’t need to install on kali
    But this is the link where you can download http://www.hackreports.com/2012/12/download-hydra-v-74-fast-network-cracker.html

  5. how can i get the THC Hydra app on my android or as a software on my PC???

Page 1 of 212»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel