Is there a way to use Hydra to crack a telnet password that has no username?
I know brutus has/had an option for that but I can't seem to find a flag/option on Hydra.
Is there a way to use Hydra to crack a telnet password that has no username?
I know brutus has/had an option for that but I can't seem to find a flag/option on Hydra.
7 Responses
Have you tried hydra -l "" ?
yes, does not seem to work.
To be clear: The target only uses a password to authenticate (e.g. It does NOT prompt for a username)?
correct.
Well, looking at the debugging output from Hydra and attempting to analyze the telnet session with tcpdump, I don't think this is possible with this tool. It appears that even specifying a blank username, Hydra will still send the username parameter. Which makes sense as that is what that tool is designed to do.
I could be wrong as I am not an expert on Hydra. There is a good chance someone else would know more. I can see where other people are asking the same type of question, but, so far I have not seen any viable answers.
For your particular purpose, I think it would be easier, and far more productive, to either use a different tool or simply write your own. There are some good articles on this site for creating a script to do exactly what you are attempting to achieve. While sometimes it doesn't make sense to re-create the wheel, I think it is a good exercise and helps one understand exactly what is going on.
Sorry I could not help you, it sure was interesting digging into the subject, but, maybe someone else can shed some light.
Best wishes!
Thanks for the try David.
always learn things even when we don't get what we are looking for :)
Hydra has the option "cisco" for this (no username required for telnet).
This command line should ideally work,
hydra -P passswords.txt cisco://127.0.0.1
Share Your Thoughts