How to use the standard (non-dictionary) brute force attack on FTP in THC-Hydra?

Question

In the process of attempting to secure my local LAN, I have determined that I am at little risk of a dictionary brute-force attack.

This being said, a standard brute-force attack which involves cycling through every possible password in existence is (although not exactly subtle) a very dangerous threat.

I have downloaded THC-Hydra, however I can't find any tutorial or how-to website which actually explains how to use any other function aside from the dictionary attack method, which is really limited to easy passwords:

How do I launch a standard (non dictionary) brute force attack on FTP with THC-Hydra?

Answer 1

If you want to perform a brute force attack without a dictionary use "-x MIN:MAX:CHARSET", i.e "-x 3:3:a"

The -x switch defines the character set that will be used, instead of the -p switch which would have pointed at the dictionary.

-P "try password PASS, or load several passwords from FILE"

To launch the attack on a FTP server just place ftp in the protocol section of the URL, followed by the target IP address.

For example;

root@find:~/Desktop# hydra -t 10 -V -f -l root -x 4:6:a ftp://192.168.67.132

-t "run TASKS number of connects in parallel (per host, default: 16)"

-V "verbose mode / show login+pass for each attempt / debug mode"

-f "exit when a login/pass pair is found"

-l "LOGIN or -L FILE login with LOGIN name, or load several logins from FILE"

-x "MIN:MAX:CHARSET password bruteforce generation"

Good blog post about this.

Another link that may help is Hydras page from tools.kali.org, which has a lot of good information including full syntax, beyond the examples above.

Hope this helps.