Rombro

Appologies for the double post I couldn't find the edit button. Is there one? Ignore the parsing alert box thing I've figured it out. I have managed to build the wget command to log into the site and the compared the output for a successful and unsuccessful login manually. The command is: wget --save-cookies cookies.txt --keep-session-cookies --auth-no-challenge --post-data 'login_option=0&password=nope' http://10.1.1.1/login.cgi The login_option and login.cgi come from burpsuite output as in OP. Now I just need to build a script to automate it - happy days! Thanks for the help so far guys.

So I've got the response for both a failed login and a successful login. The failed one is the response in the OP, the successful one is just the router control panel page. And in the case of the hydra command I am feeding it the correct login information (or at least that is what I'm trying to do - not sure if I've got it right thats the problem) so it should work but it still does not identify the password as correct. Given that the response for a fail is in the form of an alert box, how do I script something to parse through the text of an alert box? Or do I not need to do that? I'm a little confused.

Hi I am very new to all this. I am trying to learn how to use Hydra. I've done some reading online and had a go at using it against my own router. I am using Burpsuite to get the POST and response info. My router login page does not have a field for a login only for a password. The default password being "admin". On trying to login to the router using an incorrect password I get the following output: POST /login.cgi HTTP/1.1 Host: 10.1.1.1 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.8.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://10.1.1.1/login_main.html Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 28 login_option=0&password=asdf and the response I get back is: HTTP/1.1 200 Ok Server: micro_httpd Cache-Control: no-cache Date: Sat, 19 Sep 2015 16:27:20 GMT Content-Type: text/html Connection: close <html> <head> <meta HTTP-EQUIV='Pragma' CONTENT='no-cache'> <script language="JavaScript"> function back_page() { var loc = 'login.html'; var code = 'location="' + loc + '"'; eval(code); } </script> </head> <body> <script language="JavaScript"> alert("Invalid password"); back_page(); </script> </body> </html> Given I am just tryint to test out Hydra at the moment and learn it I figured I'd give it the correct login credentials so it only has to make one attempt. My hydra command is as follows: hydra -l 0 -p admin 10.1.1.1 http-post-form "/login_main.html:login_option=^USER^&password=^PASS^:Invalid password" -V However I am getting no joy. It is not able to identify "admin" as the correct password. Any help would be greatly appreciated.