The latest version of THC-Hydra came out a few days, if you haven’t already tried Hydra, you don’t know what you are missing. Hydra is my choice hands down when it comes to a lot of the password cracking I do, in particular web based forms, http post, get, head etc.
Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, and is made available under GPLv3 with a special OpenSSL license expansion.
Currently Hydra supports: AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.
Available from here:http://www.thc.org/thc-hydra/
changelog below:
CHANGELOG for 7.2 =================
* Speed-up http modules auth mechanism detection
* Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting)
* The -f switch was not working for postgres, afp, socks5,
* firebird and ncp, thanks to Richard Whitcroft for reporting!
* Fixed NTLM auth in http-proxy/http-proxy-url module
* Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at
* Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com
* Fix http form module: optional headers and 3xx status redirect, thx to Gash
* Fix in configure script for –prefix option, thanks to dazzlepod
* Update of the dpl4hydra script by Roland Kessler, thanks! * Small fix for hydra man page, thanks to brad(at)comstyle(dot)com
Source : http://www.bettertogether.org.au/blog/b/danielweis/archive/2012/02/13/thc-hydra-v7-2-is-out.aspx
By: Daniel Weis