THC-Hydra v6.2 released

THC-Hydra – the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.


  • Added a patch by Jan Dlabal which adds password generation bruteforcing (no more password files icon smile UPDATE: THC HYDRA v6.2! )
  • New module: XMPP with TLS negotiation and LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1 support
  • New module: IRC is not dead ! use to find general server password and /oper credential
  • Added man pages from debian maintainers
  • Add support for new syntax: ://[:][/]
  • Add TLS support for SIP
  • Add SCRAM-SHA1 auth to IMAP module
  • Add module usage help (-U)
  • Add support for RFC 4013: Internationalized Strings in SASL (“SASLPrep”)
  • Add SASL + TLS support for NNTP
  • Add support for CRAM-MD5 and DIGEST-MD5 auth to ldap module
  • Add support for SCRAM-SHA1 (RFC 5802), first auth cracker to support it, yeah
  • Add TLS negotiation support for smtp-auth, pop3, imap, ftp and ldap
  • Rename smtpauth module to smtp
  • Forgot to rename ssh2 to ssh in xhydra, fixed
  • Fix SASL PLAIN auth method issue
  • Bugfix SASL DIGEST-MD5, response could be wrong on 64bits systems
  • Bugfix rlogin and rsh module, some auth failure could not be detected accurately
  • Add SSL support for VMware Authentication Daemon module
  • Bugfix CVS module, working now
  • Bugfix for Telnet module when line mode is not available


NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"