October 4, 2010

THC-Hydra 5.8 Released – Extremely Fast Multi-Threaded Login/Password Cracker

The number one biggest security hole is passwords, as every password security study shows. Hydra is a parallelized (multi-threaded) login cracker which supports attacking/cracking numerous protocols. New modules are easy to add, beside that, it is flexible and very fast.

Currently this tool supports:

	  TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL,
          MYSQL, REXEC,RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5,
          VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3,
          Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, LDAP2,
          Cisco AAA (incorporated in telnet module).

Recent changes for v5.8

  • Added Apple Filing Protocol
  • Fixed a big bug in the SSL option (-S)

Additions prior to public release (v5.7 and before)

  • Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com)
  • Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz
  • Removed unnecessary compiler warnings
  • Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be
  • Fixed small local defined overflow in the teamspeak module. Does it still work anyway??
  • Moved to GPLv3 License (lots of people wanted that)
  • Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for the 0.2 basis)
  • Added firebird support (by David Maciejak @ GMAIL dot com)
  • Added SIP MD5 auth patch (by Jean-Baptiste Aviat jba [at] hsc [dot] `french tld’)
  • Removed Palm and ARM support
  • Fix for cygwin which falsely detected postgres library when there was none.

You can download Hydra v5.8 here.