Online password attacks
In this recipe we will use the THC-Hydra password cracker (Hydra). There are times in which we will have the time to physically attack a Windows-based computer and obtain the Security Account Manager (SAM) directly. However, there will also be times in which we are unable to do so and this is where an online password attack proves most beneficial.
Hydra supports many protocols, including (but not limited to) FTP, HTTP, HTTPS, MySQL, MSSQL, Oracle, Cisco, IMAP, VNC, and many more! Be careful though, as this type of attack can be a bit noisy, which increases your chance of getting detected.
Getting ready
A connection to the Internet or intranet as well as a computer that we can use as our victim is required to complete this recipe.
How to do it...
So let's begin the process of cracking an online password.
From the Start menu, select Applications | Kali Linux | Password Attacks | Online Attacks | hydra-gtk.
Now that we have Hydra started, we will need to set our word lists...
