Search the Community

hydra 190.13.132.90 -s 8081 -V -L /home/nicolas/Escritorio/USER -P /home/nicolas/Escritorio/passwords.txt http-post-form "/user=^USER^&password=^PASS^=Ingresar&culture=es-CL&mobile=0&clasica=1:F=Usuario inexistente:H=Cookie: stwa2={"lang":"es-CL"}" Hydra v8.7-dev (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2018-04-29 14:34:51 [ERROR] the variables argument needs at least the strings ^USER^, ^PASS^, ^USER64^ or ^PASS64^: F=Usuario inexistente Could anyone write the correct string to use in hydra please? I’m a noob using hydra ? The username is Gonzalo Sepulveda. The full URL of the login is: http://190.13.132.90:8081/

Hello, I’m trying to get THC-Hydra working on a website form which doesn’t require a username but hydra wants me to specify it with either –l, –L or -C. The form field in question needs the following parameters, as far as I’ve found out using Burp Suite Free Edition: password=test&do_login=yes&Submit=Log+in I’m also not sure what service to use and what success or failure message the server sends (Burp Suite doesn't show it and the website doesn't display any message - it just refreshes and shows the same page), currently I’ve tried http-form-post with the following parameters hydra –t 5 –L users.txt –f –x 2:6:a www.<url>.com http-form-post “/protected:password=^PASS^:S=success” (Note that I’ve specified, with –L users.txt, a username file but this is not required by the website’s form field) The website’s form can be found under www.<url>.com/protected, how do I tell hydra to target the /protected page, and no only the www.<url>.com part? What can I do? Any ideas?

Hi all, Perhaps someone here has tried this and is able to advise? Say my password was a combination of lowercase letters of 8 digits. Using OCLHashCat, would it be faster to Brute Force using ... oclhashcat --hash-type [TYPE] file.hccat ?l?l?l?l?l?l?l?l ... or, would it be faster to use a wordlist, with all of the combinations of 8 lowercase letters in it ... oclhashcat --hash-type [TYPE] file.hccat wordlist.dic ... ? This is not taking in to account the time spent to generate the wordlist, or the size. Let's say that's already covered. *edit* I assume the wordlist would be slightly faster, based on there being one less step per password for the GPU to have to compute, but I guess what I'm trying to get at is whether it's a noticeable difference? Are we talking shaving only minutes or hours off, or could this potentially save days? Thank you.

So I wanted to make payload which can be run without admin privileges brute force the admin password by call a program some program with system() that would require a password until the password is found. My question is what is the fastest command you can run from Windows command line that will actually require administrator a password? Also how do I get an error message back for conditional logic that will tell me if I got the right password? Any Ideas?

Does anyone have the payload (or script) to brute force Mac's efi 4-digit pin? I would really appreciate it...

I have a pretty good idea how to write out hash/string pairs in from a wordlist or with nested loops in C++. I'm fine with saving this stuff to a text file because I've been loading the stuff into MySQL tables so I can search for them easily. But I was curious about how one goes about creating rainbow tables. I want to write my own lookup tables mostly for a better understanding of how they work but l also want to customize the way the program looks up a hash. Can I just convert a delimitted text file to .rt or .rtc? Basically I have figured out how to write out texts and hash but I want to take it a little further with a way to put them into a lookup table and index the memory locations into a hierarchical structure kinda like you would do with hyperlinks on a web site. So for example my hash is something like ZzaFDGwfhi423i9E7xz81a... it will start searching at ZzFD... instead of searching through the entire table starting at AAAA or whatever. Also do table lookups already do this. I would think someone else has already thought of something like this an implemented it. It seems like using the memory locations for certain strings as starting points would cut the search time exponentially. I really don't know that much about lookup tables to begin know what the best way of going about this. Can anybody point me in the way of some suggested reading on the subject? Here's some simplified examples of what I've been doing. //Simple example that converts a wordlist from plaintext to plaintext and hash pair tab delimited. #include <string> #include <sstream> #include <iostream> #include <cctype> #include <fstream> #include "md5.h" using namespace std; int main () { string line; ifstream infile ("/path/file.txt"); if (infile.is_open()) { while ( getline (infile,line) ) cout << line << char(9) << md5(line) << endl; infile.close(); } else cout << "Unable to open file"; return 0; } Might be wrong I just grabbed a bunch of stuff and copy pasted from some of my source without including a lot. //Simple version of a string generator that uses nested loops to run through and echo out strings in order like brute force. #include <iostream> using namespace std; int d = 0; int main() { for (int a = 97; a <= 122; a++) { for (int b = 97; b <= 122; b++) { for (int c = 97; c <= 122; c++) { for (int d = 97; d <= 122; d++) { //only does four characters if you want more make more loops. cout << char(a) << char(b) << char(c) << char(d) << endl; } } } } return 0; }

Hey all, Is there a reliable way to recover the credentials you would need to access a router? I don't mean the network key, but instead the credentials you would use to log in to the router itself. (On my Linksys Router the address is 192.168.1.1 by default) As I understand it, there are exploits or brute forcing .. but I was hoping for something a bit more elegant. Thank you!