Add files via upload

2026-06-27 00:10:00 +02:00 · 2026-06-27 00:34:19 +08:00
parent c1763e1b9a
commit 2e908daebb
1 changed files with 63 additions and 28 deletions
@@ -1,60 +1,95 @@
 name: "hydra"
 command: "hydra"
+args: ["-I"]
 enabled: true
 short_description: "密码暴力破解工具，支持多种协议和服务"
 description: |
-  Hydra是一个快速的网络登录破解工具，支持多种协议和服务的密码暴力破解。
+  Hydra 是网络登录口令爆破工具，支持 SSH、FTP、HTTP、SMB 等多种协议。

-  **主要功能：**
-  - 支持多种协议（SSH, FTP, HTTP, SMB等）
-  - 快速并行破解
-  - 支持用户名和密码字典
-  - 可恢复的会话
+  **调用约定（必读）：**
+  - 必须提供 **用户名**：`username`（-l）或 `username_file`（-L）至少其一
+  - 必须提供 **口令**：`password`（-p）、`password_file`（-P）或 `-C`（经 `additional_args`）至少其一
+  - **先用小字典试跑**（几十～几百条），确认目标可达再扩大；禁止默认使用 rockyou 等超大字典
+  - 默认已启用：找到即停（-f）、并行 4（-t）、忽略 restore（-I）；长任务请设 `output_file`

-  **使用场景：**
-  - 密码强度测试
-  - 渗透测试
-  - 安全评估
-  - 弱密码检测
+  **CLI 顺序：** `hydra [选项] <target> <service>`（本工具已按此顺序组参，勿把 target 写在选项前）
+
+  **使用场景：** 授权环境下的弱口令检测、密码强度评估
+
+  **注意：** 仅用于已授权目标；对无响应目标请减小 `wait_time` 或缩小字典，避免长时间挂起。
 parameters:
-  - name: "target"
-    type: "string"
-    description: "目标IP或主机名"
-    required: true
-    position: 0
-    format: "positional"
-  - name: "service"
-    type: "string"
-    description: "服务类型（ssh, ftp, http等）"
-    required: true
-    position: 1
-    format: "positional"
  - name: "username"
    type: "string"
-    description: "单个用户名"
+    description: "单个用户名（-l）；与 username_file 二选一至少填一个"
    required: false
    flag: "-l"
    format: "flag"
  - name: "username_file"
    type: "string"
-    description: "用户名字典文件"
+    description: "用户名字典文件（-L）"
    required: false
    flag: "-L"
    format: "flag"
  - name: "password"
    type: "string"
-    description: "单个密码"
+    description: "单个密码（-p）"
    required: false
    flag: "-p"
    format: "flag"
  - name: "password_file"
    type: "string"
-    description: "密码字典文件"
+    description: "密码字典文件（-P）；优先使用小字典试跑"
    required: false
    flag: "-P"
    format: "flag"
+  - name: "stop_on_first"
+    type: "bool"
+    description: "找到一对有效账密后立即退出（-f，默认 true）"
+    required: false
+    flag: "-f"
+    format: "flag"
+    default: true
+  - name: "tasks"
+    type: "int"
+    description: "每目标并行连接数（-t）；SSH 等建议 4，默认 4"
+    required: false
+    flag: "-t"
+    format: "flag"
+    default: 4
+  - name: "wait_time"
+    type: "int"
+    description: "单次连接等待响应秒数（-w），默认 16（低于 Hydra 默认 32，减少挂起感）"
+    required: false
+    flag: "-w"
+    format: "flag"
+    default: 16
+  - name: "wait_between"
+    type: "int"
+    description: "每线程连接间隔秒数（-W），默认 1"
+    required: false
+    flag: "-W"
+    format: "flag"
+    default: 1
+  - name: "output_file"
+    type: "string"
+    description: "将结果写入文件（-o），长任务建议指定"
+    required: false
+    flag: "-o"
+    format: "flag"
+  - name: "target"
+    type: "string"
+    description: "目标 IP、主机名或 CIDR（须在选项之后）"
+    required: true
+    position: 1
+    format: "positional"
+  - name: "service"
+    type: "string"
+    description: "服务类型（ssh、ftp、http-get、http-post-form、smb 等，见 hydra -h）"
+    required: true
+    position: 2
+    format: "positional"
  - name: "additional_args"
    type: "string"
-    description: "额外的Hydra参数"
+    description: "额外参数（如 -s 端口、-S SSL、-m 模块选项、-C login:pass 文件），追加在命令末尾"
    required: false
    format: "positional"