# Fuerza Bruta ### Hydra Sintaxis para realizar fuerza bruta utilizando una lista de usuarios y una lista de contraseñas. ```bash hydra -L -P -s ``` Sintaxis para realizar fuerza bruta con un nombre de usuario y una lista de contraseñas. ```bash hydra -l -P -s ``` #### Fuerza bruta al protocolo SSH ```bash hydra -L users.txt -P passwords.txt 192.168.1.10 ssh hydra -L users.txt -P passwords.txt ssh://192.168.1.10 ``` #### **Fuerza bruta al protocolo FTP** ```bash hydra -l admin -P passwords.txt 192.168.1.10 ftp hydra -l admin -P passwords.txt ftp://192.168.1.10 ``` #### Fuerza bruta al protocolo HTTP ```bash hydra -l admin -P /usr/share/wordlists/rockyou.txt 192.168.1.10 http-post-form "/login/:user=^USER^&pass=^PASS^:Invalid password" ``` ### John The Ripper (`john`) Sintaxis: ```bash john --wordlist=/usr/share/wordlists/rockyou.txt hash.txt ``` #### /etc/shadow ```bash unshadow passwd shadow > hash # Primero, preparamos un archivo para que John lo descifre john --wordlist-/usr/share/wordlists/rockyou.txt hash # Crack the passwords ``` #### NTLM hashes ```bash john --format=NT --wordlist-/usr/share/wordlists/rockyou.txt hashes.txt ``` ### Hashcat ```bash hashcat -a3 -m 1000 hashes.txt --wordlist-/usr/share/wordlists/rockyou.txt ``` * `-m` tipo de hash (1000 - NTLM) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://d4redevil.gitbook.io/d4redevil/cheatsheet/fuerza-bruta.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.