「hydra」の版間の差分
提供: セキュリティ
(ページの作成:「<!-- vim: filetype=mediawiki --> 読み方 ;hydra:ひゅどらー __TOC__ == 概要 == hydra という言葉は、ギリシャ神話ヒュドラで、9頭...」) |
|||
行1: | 行1: | ||
− | + | THC-Hydra は、多くのサービスをサポートした非常に高速なネットワークログインクラッカー(Network Login Cracker)です。ssh, http, ftp, imap などさまざまなプロトコルに対応しています。 | |
− | + | ||
− | + | ||
− | 読み方 | + | '''読み方''' |
;[[hydra]]:ひゅどらー | ;[[hydra]]:ひゅどらー | ||
__TOC__ | __TOC__ | ||
== 概要 == | == 概要 == | ||
− | |||
[[hydra]] という言葉は、ギリシャ神話ヒュドラで、9頭の大蛇です。 | [[hydra]] という言葉は、ギリシャ神話ヒュドラで、9頭の大蛇です。 | ||
行38: | 行35: | ||
== インストール == | == インストール == | ||
− | |||
{{ports|/usr/ports/security/hydra|hydra}} | {{ports|/usr/ports/security/hydra|hydra}} | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ sudo pkg install hydra | ||
+ | Updating repository catalogue | ||
+ | The following 3 packages will be installed: | ||
− | + | Installing libssh: 0.6.1 | |
+ | Installing cyrus-sasl: 2.1.26_7 | ||
+ | Installing hydra: 7.6 | ||
+ | The installation will require 4 MB more space | ||
+ | |||
+ | 792 KB to be downloaded | ||
+ | |||
+ | Proceed with installing packages [y/N]: y | ||
+ | libssh-0.6.1.txz 100% 198KB 198.0KB/s 198.0KB/s 00:01 | ||
+ | cyrus-sasl-2.1.26_7.txz 100% 463KB 231.5KB/s 443.0KB/s 00:02 | ||
+ | hydra-7.6.txz 100% 131KB 131.0KB/s 131.0KB/s 00:00 | ||
+ | Checking integrity... done | ||
+ | [1/3] Installing libssh-0.6.1... done | ||
+ | [2/3] Installing cyrus-sasl-2.1.26_7...*** Added group `cyrus' (id 60) | ||
+ | *** Added user `cyrus' (id 60) | ||
+ | done | ||
+ | [3/3] Installing hydra-7.6... done | ||
+ | You can use sasldb2 for authentication, to add users use: | ||
+ | |||
+ | saslpasswd2 -c username | ||
+ | |||
+ | If you want to enable SMTP AUTH with the system Sendmail, read | ||
+ | Sendmail.README | ||
+ | |||
+ | NOTE: This port has been compiled with a default pwcheck_method of | ||
+ | auxprop. If you want to authenticate your user by /etc/passwd, | ||
+ | PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and | ||
+ | set sasl_pwcheck_method to saslauthd after installing the | ||
+ | Cyrus-IMAPd 2.X port. You should also check the | ||
+ | /usr/local/lib/sasl2/*.conf files for the correct | ||
+ | pwcheck_method. | ||
+ | If you want to use GSSAPI mechanism, install | ||
+ | ports/security/cyrus-sasl2-gssapi. | ||
+ | If you want to use LDAP auxprop plugin, install | ||
+ | ports/security/cyrus-sasl2-ldapdb. | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | == インストールされるファイル == | ||
[[FreeBSD]] にインストールされたファイルです。 | [[FreeBSD]] にインストールされたファイルです。 | ||
+ | === hydra-7.6 === | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ pkg info -l hydra | ||
+ | hydra-7.6: | ||
+ | /usr/local/bin/dpl4hydra.sh | ||
+ | /usr/local/bin/hydra | ||
+ | /usr/local/bin/hydra-wizard.sh | ||
+ | /usr/local/bin/pw-inspector | ||
+ | /usr/local/man/man1/hydra.1.gz | ||
+ | /usr/local/man/man1/pw-inspector.1.gz | ||
+ | /usr/local/share/licenses/hydra-7.6/AGPLv3 | ||
+ | /usr/local/share/licenses/hydra-7.6/LICENSE | ||
+ | /usr/local/share/licenses/hydra-7.6/catalog.mk | ||
+ | </syntaxhighlight> | ||
+ | === hydra-7.4.2 === | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
% pkg_info -L hydra-7.4.2 | % pkg_info -L hydra-7.4.2 | ||
行60: | 行112: | ||
== 使い方 == | == 使い方 == | ||
− | + | === 使用例 sshへのアタック === | |
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
% hydra -l root -P pass.dict -e ns localhost ssh | % hydra -l root -P pass.dict -e ns localhost ssh | ||
+ | </syntaxhighlight> | ||
+ | === 使用例 HTTP Basic認証をクラックする === | ||
+ | [[Basic認証]]が設定されているサイトをクラックする例です。[[ncrack]]の辞書を使用しています。 | ||
+ | ユーザ名が空の場合です。 | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ hydra -l '' -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic | ||
</syntaxhighlight> | </syntaxhighlight> | ||
+ | 実行例は、以下の通りです。 | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only | ||
+ | |||
+ | Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-20 01:13:40 | ||
+ | [WARNING] The service http has been replaced with http-head and http-get, | ||
+ | using by default GET method. Same for https. | ||
+ | [DATA] 16 tasks, 1 server, 50084 login tries (l:1/p:50084), ~3130 tries per task | ||
+ | [DATA] attacking service http-get on port 80 | ||
+ | [80][www] host: 127.0.0.1 login: password: admin | ||
+ | 1 of 1 target successfully completed, 1 valid password found | ||
+ | Hydra (http://www.thc.org/thc-hydra) finished at 2014-05-20 01:14:13 | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | ログインユーザ名test、パスワードがadminの場合の実行例です。 | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ hydra -l 'test' -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic | ||
+ | Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only | ||
+ | |||
+ | Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-20 01:15:59 | ||
+ | [WARNING] The service http has been replaced with http-head and http-get, | ||
+ | using by default GET method. Same for https. | ||
+ | [DATA] 16 tasks, 1 server, 50084 login tries (l:1/p:50084), ~3130 tries per task | ||
+ | [DATA] attacking service http-get on port 80 | ||
+ | [80][www] host: 127.0.0.1 login: test password: admin | ||
+ | 1 of 1 target successfully completed, 1 valid password found | ||
+ | Hydra (http://www.thc.org/thc-hydra) finished at 2014-05-20 01:16:05 | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | ユーザ名とパスワードを両方ファイルで指定する場合の例です。 | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ hydra -L /usr/local/share/ncrack/default.usr \ | ||
+ | -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic | ||
+ | </syntaxhighlight> | ||
+ | === コマンドラインオプション === | ||
+ | <syntaxhighlight lang="bash"> | ||
+ | $ hydra -h | ||
+ | Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only | ||
+ | |||
+ | Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SuvV46] [service://server[:PORT][/OPT]] | ||
+ | |||
+ | Options: | ||
+ | -R restore a previous aborted/crashed session | ||
+ | -S perform an SSL connect | ||
+ | -s PORT if the service is on a different default port, define it here | ||
+ | -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE | ||
+ | -p PASS or -P FILE try password PASS, or load several passwords from FILE | ||
+ | -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help | ||
+ | -e nsr try "n" null password, "s" login as pass and/or "r" reversed login | ||
+ | -u loop around users, not passwords (effective! implied with -x) | ||
+ | -C FILE colon separated "login:pass" format, instead of -L/-P options | ||
+ | -M FILE list of servers to be attacked in parallel, one entry per line | ||
+ | -o FILE write found login/password pairs to FILE instead of stdout | ||
+ | -f / -F exit when a login/pass pair is found (-M: -f per host, -F global) | ||
+ | -t TASKS run TASKS number of connects in parallel (per host, default: 16) | ||
+ | -w / -W TIME waittime for responses (32s) / between connects per thread | ||
+ | -4 / -6 prefer IPv4 (default) or IPv6 addresses | ||
+ | -v / -V / -d verbose mode / show login+pass for each attempt / debug mode | ||
+ | -U service module usage details | ||
+ | server the target server (use either this OR the -M option) | ||
+ | service the service to crack (see below for supported protocols) | ||
+ | OPT some service modules support additional input (-U for module help) | ||
+ | |||
+ | Supported services: asterisk cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] rdp rexec rlogin rsh s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp | ||
+ | |||
+ | Hydra is a tool to guess/crack valid login/password pairs - usage only allowed | ||
+ | for legal purposes. This tool is licensed under AGPL v3.0. | ||
+ | The newest version is always available at http://www.thc.org/thc-hydra | ||
+ | These services were not compiled in: postgres sapr3 firebird afp ncp svn oracle mysql5. | ||
+ | |||
+ | Use HYDRA_PROXY_HTTP or HYDRA_PROXY - and if needed HYDRA_PROXY_AUTH - environment for a proxy setup. | ||
+ | E.g.: % export HYDRA_PROXY=socks5://127.0.0.1:9150 (or socks4:// or connect://) | ||
+ | % export HYDRA_PROXY_HTTP=http://proxy:8080 | ||
+ | % export HYDRA_PROXY_AUTH=user:pass | ||
+ | |||
+ | Examples: | ||
+ | hydra -l user -P passlist.txt ftp://192.168.0.1 | ||
+ | hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN | ||
+ | hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/TLS:DIGEST-MD5 | ||
+ | </syntaxhighlight> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
% hydra | % hydra | ||
行140: | 行278: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== 関連項目 == | == 関連項目 == | ||
− | |||
* [[パスワードクラック]] | * [[パスワードクラック]] | ||
+ | * [[ncrack]] | ||
+ | <!-- | ||
+ | vim: filetype=mediawiki | ||
+ | --> |
2014年5月20日 (火) 01:25時点における版
THC-Hydra は、多くのサービスをサポートした非常に高速なネットワークログインクラッカー(Network Login Cracker)です。ssh, http, ftp, imap などさまざまなプロトコルに対応しています。
読み方
- hydra
- ひゅどらー
目次
概要
hydra という言葉は、ギリシャ神話ヒュドラで、9頭の大蛇です。
THC-Hydra は、多くのサービスをサポートした非常に高速なネットワークログインクラッカー(Network Login Cracker)です。
hydra は、以下の特徴があります。
- IPv6 のサポート
- GUI
- 国際化(RFC4013)
- HTTP プロキシのサポート
- SOCKS プロキシのサポート
サービスのカバレッジは
など、多くのサービスをサポートしています。
インストール
FreeBSDにインストールする場合
ports コレクションからインストールする場合
cd /usr/ports/security/hydra sudo make install clean
pkgコマンドでインストールする場合
sudo pkg install hydra
portmasterコマンドでインストールする場合
sudo portmaster -y -d /usr/ports/security/hydra
portinstallコマンドでインストールする場合
sudo portinstall /usr/ports/security/hydra
$ sudo pkg install hydra Updating repository catalogue The following 3 packages will be installed: Installing libssh: 0.6.1 Installing cyrus-sasl: 2.1.26_7 Installing hydra: 7.6 The installation will require 4 MB more space 792 KB to be downloaded Proceed with installing packages [y/N]: y libssh-0.6.1.txz 100% 198KB 198.0KB/s 198.0KB/s 00:01 cyrus-sasl-2.1.26_7.txz 100% 463KB 231.5KB/s 443.0KB/s 00:02 hydra-7.6.txz 100% 131KB 131.0KB/s 131.0KB/s 00:00 Checking integrity... done [1/3] Installing libssh-0.6.1... done [2/3] Installing cyrus-sasl-2.1.26_7...*** Added group `cyrus' (id 60) *** Added user `cyrus' (id 60) done [3/3] Installing hydra-7.6... done You can use sasldb2 for authentication, to add users use: saslpasswd2 -c username If you want to enable SMTP AUTH with the system Sendmail, read Sendmail.README NOTE: This port has been compiled with a default pwcheck_method of auxprop. If you want to authenticate your user by /etc/passwd, PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and set sasl_pwcheck_method to saslauthd after installing the Cyrus-IMAPd 2.X port. You should also check the /usr/local/lib/sasl2/*.conf files for the correct pwcheck_method. If you want to use GSSAPI mechanism, install ports/security/cyrus-sasl2-gssapi. If you want to use LDAP auxprop plugin, install ports/security/cyrus-sasl2-ldapdb.
インストールされるファイル
FreeBSD にインストールされたファイルです。
hydra-7.6
$ pkg info -l hydra hydra-7.6: /usr/local/bin/dpl4hydra.sh /usr/local/bin/hydra /usr/local/bin/hydra-wizard.sh /usr/local/bin/pw-inspector /usr/local/man/man1/hydra.1.gz /usr/local/man/man1/pw-inspector.1.gz /usr/local/share/licenses/hydra-7.6/AGPLv3 /usr/local/share/licenses/hydra-7.6/LICENSE /usr/local/share/licenses/hydra-7.6/catalog.mk
hydra-7.4.2
% pkg_info -L hydra-7.4.2 Information for hydra-7.4.2: Files: /usr/local/bin/hydra /usr/local/bin/pw-inspector /usr/local/bin/dpl4hydra.sh /usr/local/share/licenses/hydra-7.4.2/catalog.mk /usr/local/share/licenses/hydra-7.4.2/LICENSE /usr/local/share/licenses/hydra-7.4.2/GPLv3 /usr/local/man/man1/hydra.1.gz /usr/local/man/man1/pw-inspector.1.gz
使い方
使用例 sshへのアタック
% hydra -l root -P pass.dict -e ns localhost ssh
使用例 HTTP Basic認証をクラックする
Basic認証が設定されているサイトをクラックする例です。ncrackの辞書を使用しています。 ユーザ名が空の場合です。
$ hydra -l '' -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic
実行例は、以下の通りです。
Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-20 01:13:40 [WARNING] The service http has been replaced with http-head and http-get, using by default GET method. Same for https. [DATA] 16 tasks, 1 server, 50084 login tries (l:1/p:50084), ~3130 tries per task [DATA] attacking service http-get on port 80 [80][www] host: 127.0.0.1 login: password: admin 1 of 1 target successfully completed, 1 valid password found Hydra (http://www.thc.org/thc-hydra) finished at 2014-05-20 01:14:13
ログインユーザ名test、パスワードがadminの場合の実行例です。
$ hydra -l 'test' -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-20 01:15:59 [WARNING] The service http has been replaced with http-head and http-get, using by default GET method. Same for https. [DATA] 16 tasks, 1 server, 50084 login tries (l:1/p:50084), ~3130 tries per task [DATA] attacking service http-get on port 80 [80][www] host: 127.0.0.1 login: test password: admin 1 of 1 target successfully completed, 1 valid password found Hydra (http://www.thc.org/thc-hydra) finished at 2014-05-20 01:16:05
ユーザ名とパスワードを両方ファイルで指定する場合の例です。
$ hydra -L /usr/local/share/ncrack/default.usr \ -P /usr/local/share/ncrack/top50000.pwd http://localhost/basic
コマンドラインオプション
$ hydra -h Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SuvV46] [service://server[:PORT][/OPT]] Options: -R restore a previous aborted/crashed session -S perform an SSL connect -s PORT if the service is on a different default port, define it here -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE -p PASS or -P FILE try password PASS, or load several passwords from FILE -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help -e nsr try "n" null password, "s" login as pass and/or "r" reversed login -u loop around users, not passwords (effective! implied with -x) -C FILE colon separated "login:pass" format, instead of -L/-P options -M FILE list of servers to be attacked in parallel, one entry per line -o FILE write found login/password pairs to FILE instead of stdout -f / -F exit when a login/pass pair is found (-M: -f per host, -F global) -t TASKS run TASKS number of connects in parallel (per host, default: 16) -w / -W TIME waittime for responses (32s) / between connects per thread -4 / -6 prefer IPv4 (default) or IPv6 addresses -v / -V / -d verbose mode / show login+pass for each attempt / debug mode -U service module usage details server the target server (use either this OR the -M option) service the service to crack (see below for supported protocols) OPT some service modules support additional input (-U for module help) Supported services: asterisk cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] rdp rexec rlogin rsh s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp Hydra is a tool to guess/crack valid login/password pairs - usage only allowed for legal purposes. This tool is licensed under AGPL v3.0. The newest version is always available at http://www.thc.org/thc-hydra These services were not compiled in: postgres sapr3 firebird afp ncp svn oracle mysql5. Use HYDRA_PROXY_HTTP or HYDRA_PROXY - and if needed HYDRA_PROXY_AUTH - environment for a proxy setup. E.g.: % export HYDRA_PROXY=socks5://127.0.0.1:9150 (or socks4:// or connect://) % export HYDRA_PROXY_HTTP=http://proxy:8080 % export HYDRA_PROXY_AUTH=user:pass Examples: hydra -l user -P passlist.txt ftp://192.168.0.1 hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/TLS:DIGEST-MD5
% hydra Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SuvV46] [server service [OPT]]|[service://server[:PORT][/OPT]] Options: -R restore a previous aborted/crashed session -S perform an SSL connect -s PORT if the service is on a different default port, define it here -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE -p PASS or -P FILE try password PASS, or load several passwords from FILE -x MIN:MAX:CHARSET password bruteforce generation, type "-x -h" to get help -e nsr try "n" null password, "s" login as pass and/or "r" reversed login -u loop around users, not passwords (effective! implied with -x) -C FILE colon separated "login:pass" format, instead of -L/-P options -M FILE list of servers to be attacked in parallel, one entry per line -o FILE write found login/password pairs to FILE instead of stdout -f / -F exit when a login/pass pair is found (-M: -f per host, -F global) -t TASKS run TASKS number of connects in parallel (per host, default: 16) -w / -W TIME waittime for responses (32s) / between connects per thread -4 / -6 prefer IPv4 (default) or IPv6 addresses -v / -V / -d verbose mode / show login+pass for each attempt / debug mode -U service module usage details server the target server (use either this OR the -M option) service the service to crack. Supported protocols: cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] rdp rexec rlogin rsh sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp OPT some service modules support additional input (-U for module help) Use HYDRA_PROXY_HTTP/HYDRA_PROXY and HYDRA_PROXY_AUTH environment for a proxy. Hydra is a tool to guess/crack valid login/password pairs - usage only allowed for legal purposes. Newest version available at http://www.thc.org/thc-hydra The following services were not compiled in: postgres sapr3 firebird afp ncp oracle mysql5. Examples: hydra -l john -p doe 192.168.0.1 ftp hydra -L user.txt -p defaultpw -S 192.168.0.1 imap PLAIN hydra -l admin -P pass.txt http-proxy://192.168.0.1 hydra -C defaults.txt -6 pop3s://[fe80::2c:31ff:fe12:ac11]:143/DIGEST-MD5
% /usr/local/bin/pw-inspector PW-Inspector v0.2 (c) 2005 by van Hauser / THC vh@thc.org [http://www.thc.org] Syntax: /usr/local/bin/pw-inspector [-i FILE] [-o FILE] [-m MINLEN] [-M MAXLEN] [-c MINSETS] -l -u -n -p -s Options: -i FILE file to read passwords from (default: stdin) -o FILE file to write valid passwords to (default: stdout) -m MINLEN minimum length of a valid password -M MAXLEN maximum length of a valid password -c MINSETS the minimum number of sets required (default: all given) Sets: -l lowcase characters (a,b,c,d, etc.) -u upcase characters (A,B,C,D, etc.) -n numbers (1,2,3,4, etc.) -p printable characters (which are not -l/-n/-p, e.g. $,!,/,(,*, etc.) -s special characters - all others not withint the sets above PW-Inspector reads passwords in and prints those which meet the requirements. The return code is the number of valid passwords found, 0 if none was found. Use for security: check passwords, if 0 is returned, reject password choice. Use for hacking: trim your dictionary file to the pw requirements of the target. Usage only allowed for legal purposes.