refr3sh
-
Posts
5 -
Joined
-
Last visited
Posts posted by refr3sh
-
-
HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Date: Sat, 03 Dec 2016 10:01:40 GMT Server: nginx Vary: Accept-Encoding X-Jimdo-Instance: i-0a4ec76da6fce403c X-Jimdo-Wid: s742dd563442b66d6 transfer-encoding: chunked Connection: keep-alive 1354 [{W H OQQ <Dz ? B ! d Ir8e l $ FU x h ~ *I Iw c n q [ } ^ ?< t m x29"q? 9{Ù 0
This is the raw server response when I enter a password. Unfortunately, the website seems to be built with Jimdo so I guess it's a lot harder to attack than a simple PHP-based form.
Thank you for your help!
-
So I haven't found out the server response so far - it seems to be pretty tricky to get it to output something - but I managed to get it working with your proposed parameters and providing -l with ''. For some reason, my both my KALI (in a VM) and Windows (natively) environments seem to crash after 16 attemtps... I've tried ncrack before but I didn't get it to work either, I'll have a look at now. Also tried Burp Suite, both Free and Pro version, but after some time the targeted server didn't show any response anymore although the Burp intruder kept trying
-
Thank you! Attempts take place, -P '' doesn't work for me, it tells me that it can't file the specified file so I wrote -P passwords.txt instead. What do you mean by
1 hour ago, digip said:If success is a valid response in the page, fine, but if not, replace with the error messge or whatever text says to do, such as :F=Login: which should not be there if successful.
The HTML of the website defines a
<p class="cc-protected-note">
<br/>
Password:
</p>
which is visible on the website.
So I would use:
hydra -V -f -l passwords.txt -P passwords.txt www.<url>.com http-post-form "/protected:password=^USER^:do_login=yes:Submit=Log+In:F=Password::"
(Note the double :: at the end of Password, I use it because the HTML contains it like this and also -P passwords.txt because it doesn't matter, right? ^PASS is not specified so -P isn't expanded, right?)
-
Hello,
I’m trying to get THC-Hydra working on a website form which doesn’t require a username but hydra wants me to specify it with either –l, –L or -C.
The form field in question needs the following parameters, as far as I’ve found out using Burp Suite Free Edition: password=test&do_login=yes&Submit=Log+in
I’m also not sure what service to use and what success or failure message the server sends (Burp Suite doesn't show it and the website doesn't display any message - it just refreshes and shows the same page), currently I’ve tried http-form-post with the following parameters hydra –t 5 –L users.txt –f –x 2:6:a www.<url>.com http-form-post “/protected:password=^PASS^:S=success”
(Note that I’ve specified, with –L users.txt, a username file but this is not required by the website’s form field)
The website’s form can be found under www.<url>.com/protected, how do I tell hydra to target the /protected page, and no only the www.<url>.com part?
What can I do?
Any ideas?
THC-Hydra with password only login form
in Questions
Posted
Forget about the last post, i forgot to enable decompression. I've used various tools (Burp Suite, Fiddler) to intercept the traffic and all I get is the same page as before entering a password