Jump to content

Search the Community

Showing results for tags 'hydra'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 8 results

  1. Hi, I am trying to learn penetration testing and am using THC Hydra. What is the syntax for Hydra if I am trying to use the -x option ( charset, to determine password length and content)? I want to use special characters, minimum 6, maximum 10 characters. I am working with Windows 10. Could you include an example?
  2. hydra -s 8081 -V -L /home/nicolas/Escritorio/USER -P /home/nicolas/Escritorio/passwords.txt http-post-form "/user=^USER^&password=^PASS^=Ingresar&culture=es-CL&mobile=0&clasica=1:F=Usuario inexistente:H=Cookie: stwa2={"lang":"es-CL"}" Hydra v8.7-dev (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2018-04-29 14:34:51 [ERROR] the variables argument needs at least the strings ^USER^, ^PASS^, ^USER64^ or ^PASS64^: F=Usuario inexistent
  3. So I want to audit a few SSH servers. I want to save the output of THC-Hydra to a file then use the out of the file as variables in the next step of auditing. Trying to automate this this as much as possible. hydra syntax: hydra -o /root/Desktop/cracked.txt -l donkeypuncher -P /root/Desktop/thepassword.txt -s 22 ssh I want to use the output from the saved text file for the next step. I can get this a number of ways. this is simple. cat /root/Desktop/cracked.txt | tail -1 I get this output here:: [22][ssh] host: login: donkeypuncher password:
  4. Hey Guys, I'm stuck up with this for a long time now. I've just started out on learning various basic techniques used for navigating around various security mechanisms. I referred a number of posts around the web about brute forcing routers with Hydra. Most of the articles are focused on beating the basic authentication provided by HTTP. And the links that describe brute forcing web logins do not seem to work when I've tried. My router is a DLINK DSL2750U ADSL Router left aside for testing purposes. Even most of other routers I tried consists of such web interface which is first loaded an
  5. Hello, I’m trying to get THC-Hydra working on a website form which doesn’t require a username but hydra wants me to specify it with either –l, –L or -C. The form field in question needs the following parameters, as far as I’ve found out using Burp Suite Free Edition: password=test&do_login=yes&Submit=Log+in I’m also not sure what service to use and what success or failure message the server sends (Burp Suite doesn't show it and the website doesn't display any message - it just refreshes and shows the same page), currently I’ve tried http-form-post with th
  6. Hello, I'm trying to hack into my router (Not doing anything nefarious) Can I get some help with the '/login.cgi' part? hydra http-form-post "/login.cgi:sessionKey=177691457&inputUserName=^USER^&inputPassword=^PASS^:err" -L admin -P pass.txt -t 10 -w 30 -o hydra-http-post-attack.txt I'm guessing that in the current state even if hydra was to get the password correct it would still respond in "msg=err". Because I need to have a proper session key. Also any idea what "nothankyou=1" is? Do I need to have that in the command? Is there like a cookie file I
  7. Hi everyone, I have recently getting into hacking and after multiple videos, guides, and tutorials I decided to use Hydra and brute force my router. I was figuring out how everything worked, until I ran across one problem - the login error comes in the form of an alert box. After 2 hours of searching the web for solutions I have decided to come here. I used Burp to get the login form, but when I enter it the program runs 16 passwords, returns them all as valid, then stops. Everything would help, even a guide for me to read if I'm just doing something stupid. Thanks
  8. Yo Hak5 Comm! Hope everyone is well. So I have a confession to make: I forgot my router login credentials. That having been said , I have a plan of attack: Backtrack 5r3 in VM ware on my iMac (that is hardlined ) to my Century Link all in one (I know I know ) Is there any reason Hydra can't bruit force a Century Link router? I think it's still an https protocol so I personally don't see why not. BUT I wanna make sure from those who have more experience than I. Also Hydra can accept .txt lists right? Or does it really need something like a .lst format? Thanks as always!! B)
  • Create New...