Jump to content

Recommended Posts

Yo Hak5 Comm! Hope everyone is well.

So I have a confession to make: I forgot my router login credentials. :lol:

That having been said , I have a plan of attack: Backtrack 5r3 in VM ware on my iMac (that is hardlined ) to my Century Link all in one (I know I know )

Is there any reason Hydra can't bruit force a Century Link router? I think it's still an https protocol so I personally don't see why not. BUT I wanna make sure from those who have more experience than I.

Also Hydra can accept .txt lists right? Or does it really need something like a .lst format?

Thanks as always!! B)

Edited by Bountyhunter50
Link to post
Share on other sites

Does the router use basic/digest authentication or forms based? If it uses forms does it do a direct HTTP(S) post or does it mangle the credentials before sending them? You have to make sure you specify the right one when running Hydra.

Also, the word list you are using, would you have chosen a password that is in that list? If not then don't bother using it as you won't get in.

As it is your router then probably the easiest thing to do is just hit the reset button and start again.

Link to post
Share on other sites

Very good question! By what I see, it's a form based, I'm going to look into if it's direct HTTP(S) or not too.

The list I'm wanting to use I made of all the possible passwords I could have used. I know the reset button makes life much better but that's just too easy :P (plus I can also get some of my Pentesting practice on within a controlled environment)

Everyone would also be VERY proud to know the username is NOT "admin", lol!

Edited by Bountyhunter50
Link to post
Share on other sites

If you want to practice your skills then I wouldn't use Hydra to attack a web app, I'd personally use Burp but I don't think the free version has Intruder so you can't use it so you'd need to use ZAP instead, the fuzzer in there would do a good job of it.

And for the AFP question, when the binary is compiled it has certain features built in, your copy wasn't built with AFP support so no matter what you add to your machine it will never have it. If you want to add it you'll need to set up the build environment and built it yourself. Just make sure that you have all the other libraries you need so that you don't lose any other features.

Link to post
Share on other sites

So you say it's form based eh? Before you go all nutty bruteforcing, you might as well poke around a bit and see what it'll let you access without auth. I had an old belkin a while back that I could gain access to with....wget -r, and a little bit of grep. The really sad part is, after I knew what I was looking for, I found that particular line that mattered was actually loaded into the browser in a login.stm. Line began with " var password = " followed by an md5 hash of the password. Cool right? Then I found that all I needed to do was use tamper data and copy and paste and that was it. Routers suck sometimes. I doubt yours has this particular flaw, it looked like it was made in house. But you might learn more from poking around at it.

I hydra completely broke on your machine, or are you just missing some protocols?

Link to post
Share on other sites

Im driving home from work to try this

****

Ok now that I have tried this:

It downloaded 136 files (WOW! I learned something new) but it looks like the CSS , Images , JS items with the index and login.html files. That's it. Did the grep and only brought up the js for the login.html

**

Looked in the login.html

- Username in plain text :lol: HOWEVER, the password is protected:

" The support console is password protected and for support personal use only"

:ph34r:

Edited by Bountyhunter50
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...