How to crack ssh password by hydra:

3 min readMar 26, 2022

Hi,

This blog is about cracking the ssh password by using hydra.Its bruteforce ssh password. So lets see how we can do it.

— — — — — — — — — — Let The Party Begin— — — — — — — — — — — —

Its very important for know how to hack ssh because if we found a a user running ssh server on a system we can get a shell by it by its ask password so in this blog we see how we can crack the password

Hydra is a password bruteforcing tool. We can bruteforce many services like ssh, ftp, login page, imap ..etc lits comes pre-installed in Kali,Parrots and any Hacking linux distribution if its not intall in you system, you can simply install by using following command:

$ sudo apt install hydra

We can see all info about hydra by typing following:

$ hydra -h

Here you can see some examples(fig 3.0). Lets brake down ssh example and see how to use

flags:-

-l : if we brute force only one user we specify by -l.
-L : its use for if we have multiple username we specify user list.
-p : its use for try only single possword.
-P : its use for password list.
-M : if we have to many Ip Address we use it for specify ip address list.
-v : for verbose.
-V : show the bruteforce log(login+pass).
-f : Exit when password found.
-s : its use for specify the port number if the services not running on default port number.
You can get many more flags like -t, -o ..etc in hydra that you can use. You can see it in help section.(Try by yourself).

Brake down the command:-

first we use hydra for start hydra then we specify the username(-l flag) or user list(-L flag)then we specify the password(-p flag) or password(-P flag) the the IP or list the IP (Note: If the ssh service not running on port 22, we have to specify the port number by -s flag. Ex-192.0.0.1 -s 5342) on which we are going to perform the bruteforce attack and lastly the service (note: In our case its ssh)on which we perform the attack. We will use following command: