Jump to content

Help with THC Hydra


Recommended Posts

I've got a problem with THC Hydra. Whenever I put in the command for cracking a web form, being:

hydra -l <username> -P BG_wordlist_and_digits_1-1_all_combinations.txt <domain name> http-post-form "/user/login:xuser=^USER^&xpass=^PASS^&do.auth.x=Login:LOGIN FAILED!" -V

Instead of starting the command, Hydra just resets and I get the following text again: 


Hydra v9.1-dev (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-05-26 11:47:45
Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-c TIME] [-ISOuvVd46] [-m MODULE_OPT] [service://server[:PORT][/OPT]]

  -l LOGIN or -L FILE  login with LOGIN name, or load several logins from FILE
  -p PASS  or -P FILE  try password PASS, or load several passwords from FILE
  -C FILE   colon separated "login:pass" format, instead of -L/-P options
  -M FILE   list of servers to attack, one entry per line, ':' to specify port
  -t TASKS  run TASKS number of connects in parallel per target (default: 16)
  -U        service module usage details
  -m OPT    options specific for a module, see -U output for information
  -h        more command line options (COMPLETE HELP)
  server    the target: DNS, IP or (this OR the -M option)
  service   the service to crack (see below for supported protocols)
  OPT       some service modules support additional input (-U for module help)

Supported services: adam6500 asterisk cisco cisco-enable cvs ftp http-{head|get|post} http-{get|post}-form http-proxy http-proxy-urlenum icq imap irc ldap2 ldap3[-{cram|digest}md5] mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3 postgres radmin2 rdp redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp smtp-enum snmp socks5 ssh sshkey teamspeak telnet vmauthd vnc xmpp

Hydra is a tool to guess/crack valid login/password pairs.
Licensed under AGPL v3.0. The newest version is always available at;
Please don't use in military or secret service organizations, or for illegal
purposes. (This is a wish and non-binding - most such people do not care about
laws and ethics anyway - and tell themselves they are one of the good ones.)

Example:  hydra -l user -P passlist.txt

How can I make Hydra execute the command?

Link to comment
Share on other sites

  • 2 weeks later...


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...