How To Hack Wireless Router admin login Passwords Using Hydra

Leaving your wireless router at its default settings is a bad idea. The sad thing is, most people still do it. Once they’ve penetrated your network, hackers will change your router settings so they’ll have an easy way back in. This allows them to change your network into a shell or proxy so they can forward their traffic anonymously through you when committing other dirty deeds. If you keep your wireless router at the defaults, then hackers can control your firewalls, what ports are forwarded, and more.

But never mind the hackers, what about your kids?

In this Null Byte, we’re going to take a hack at our own wireless routers to see just how secure they really are. We’ll be using Arch Linux and THC Hydra, a brute-forcing tool. Windows users, you can follow along if you use Cygwin.

Step 1: Download & Install Hydra

First we need to go to the Hydra website, download Hyrda, and get everything configured. In this article, a “cmd” refers to a command that has to be entered into a terminal emulator.

  • Download Hydra from THC’s website.
  • Extract Hydra in a nice location. cmd: tar zxvf hydra-7.1-src.tar.gz
  • Change to the newly made directory.

Step 2: Use Hydra on Your Router

Now we’re going to attack our routers. The default IP/URL to reach it at will be, so test that address in a browser to confirm it. If you get a dialog box, you’ve reached your router. This is running HTTP basic authentication. 

Commands & Configuration

  • cmd: xhydra
  • Enter as your target.
  • Use http-get as the method.
  • Port 80.
  • Pick a word list saved on your computer.

Click start!

Congratulations! See how easy it can be? A router won’t block out requests normally, either. So someone could brute-force you for days upon days. Change your password to something greater than 12 characters and maybe review this guide. Most routers have a default username and password. You can get an overview of all the commands used with Hydra by following: “man hydra” (in terminal).

First, you’ll need to scan the open ports on the router. Use the following command: “namp” (this is your router’s IP address). I will use FTP here. Now, run the following command: “hydra -l admin -P password.txt -v -f ftp”

Explanation of the command:

“l” is used for the login username. My default is “admin.” You can use “-L” and give a text file of some usernames if you’re not aware of your router’s admin username. “P” is used for the password list. “v” is used for verbose mode; it shows the login attempts. “f”  tells it to quit after getting the valid username and password pair once.

“” is my router’s configure IP address. “ftp” is the service which I am using to get an open port (you can also use “http-get” and others). Now wait and watch; if it gets a login password pair, then it will show you on the screen. There are many types of services which hydra supports and you can use them for cracking any type of login passwords.

Hydra is popular password cracker which can be used to crack passwords from various services such as http, ftp, telnet etc. Most of our internet is routed through a router which has a http interface. If you are using web browser, try typing or in the web browser and see if the authentication prompt is issues.

If yes, it is prompted most probably from your router. Router web interface is useful to configure port forwarding for torrents or if you want to play multiplayer online games such as AOE etc. If you do not know the password of your router, hacking using hydra can be fun and easy.

For example, if my router web interface is on, the simple command will be- Here password.lst is the password list which contains the list of passwords to be bruteforced. admin is the username we will be trying for. The usernames can also be bruteforced with -L option.

Hydra (better known as “thc-hydra”) is an online password attack tool. It brute forces various combinations on live services like telnet, ssh, http, https, smb, snmp, smtp etc. Hydra supports 30+ protocols including their SSL enabled ones. It brute forces on services we specify by using user-lists & wordlists.

Hydra works in 4 modes :

One username & one password

User-list & One password

One username & Password list

User-list & Password list

Pentesters use this tool to test/audit the password complexity of live services mostly where direct sniffing is not possible. You can open xHydra from the Kali linux menu or terminal.

Target – Settings of various target oprions.

Passwords – Specify password options & wordlists.

Tuning – Secify how fast should hydra work. Other timing options are also available.

Specific – For testing on specific targets like a domain, https proxy etc.

Start – Start/Stop & shows the output.

Breaking an ssh with wordlist attack – Hydra

In this lab we try to break an ssh authentication on a remote has who has IP address Here we do a wordlist attack by using a wordlist containing most common passwords to break into the root account.

Step 1: Open thc-hydra

Step 2: Set Target & protocol in the target table

Step 3: Set the username as root & specify the location for a wordlist in passwords tab. Other wide ranges of wordlist ranging up to 3GB or more are available on the internet. Just google for 5 minutes.

Step 4 : Set no of tasks to 1 in tuning tab since this will reduce congestion & chance of detection. But takes longer to complete. This is also necessary to mitigate account lockout duration

Step 5: Start the thc-hydra from Start tab.

Step 6: Scroll Down & Wait until the password gets cracked THC Hydra is easy-to-use, user-friendly tool. Includes a GUI for those that do not know how to work with the cmd. Hydra is ideal for brute force and dictionary password cracks of over 30 different protocols.

Other common remote authentication tools are Medusa and Ncrack. These perform similar functions as THC Hydra and can also be downloaded online. Speed comparisons reveal that all three tools are relatively similar in output times. Hydra top-ranking because of so many supported protocols. THC Hydra is a great option for performing a brute force/dictionary crack of a remote authentication service.

Recent Articles

Can I play Pokemon Go without internet?

Can I play Pokemon Go without internet? Pokemon Go - Let's Go, Pikachu! and Pokémon: Let's Go, Eevee! bring the experience of a classic classic Pokémon RPG to...

Samsung Galaxy M01 smartphone launched in less than 10,000 price.

South Korea's most famous smartphone company samsung launched a very affordable smartphone in India in the budget of the people. Last year,...

Google algorithm latest update in September 2020.

When analysing some web-pages on Search Engine Optimization tool, seen some volatility in search engines results pages. Is this a sign...

Best You-Tube alternative Apps for iphone

1 TUBE MASTER Tube Master Tube master is a clean interface with a user-friendly design app. It is...

Related Stories


  1. Hello! This is kind of off topic but I need some guidance from an established blog. Is it very difficult to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about setting up my own but I’m not sure where to begin. Do you have any points or suggestions? Cheers

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox