Since I forgot my router password I decided that I wanted to try brute forcing first just for fun.
I tried:
- Hydra: Giving multiple wrong passwords nearly instantly?!
- Medusa: Giving one wrong password
Both tools are kinda similar so are the commands and mine looked something like:
Medusa -U admin -P '/Root/Desktop/rockyou.txt' -H 'MYIP' -M Http
and
Hydra -L Admin -P '/Root/Desktop/rockyou.txt' -E Ns -vV 'MYIP' Http-Get
EDIT:
According to this question:
http://security.stackexchange.com/questions/37020/why-does-hydra-return-16-valid-passwords-when-none-are-valid
Its not as simple as I thought. You need the cookie information of the login page but I checked mine but it has no cookie info.
Does anyone know how to to this or has experience with this?
6 Responses
r u on kali linux?
hacked by Mr_Nakup3nda
Ofcourse
lol it could be something else, but anyway make sure your rockyou.txt path is "Root" instead of "root"
Hacked by Mr_Nakup3nda
and for Admin as username you should not use the capital letter "-L"
instead use"l"
try this :
hydra -l Admin -P /root/Desktop/rockyou.txt http://your____rooter____ip
Hacked by Mr_Nakup3nda
That's the editor screwing with my post I used the correct syntax I just need to figure out with extra I need to tell Hydra.
For commands, don't use the "headline" option in the article editor; it'll capitalize all the first letters of words. Better to just bold or italicize the commands instead.
Share Your Thoughts