Forum Thread: Router-Login Brute Force

Router-Login Brute Force

Since I forgot my router password I decided that I wanted to try brute forcing first just for fun.
I tried:

  • Hydra: Giving multiple wrong passwords nearly instantly?!
  • Medusa: Giving one wrong password

Both tools are kinda similar so are the commands and mine looked something like:

Medusa -U admin -P '/Root/Desktop/rockyou.txt' -H 'MYIP' -M Http

and

Hydra -L Admin -P '/Root/Desktop/rockyou.txt' -E Ns -vV 'MYIP' Http-Get

EDIT:
According to this question:
http://security.stackexchange.com/questions/37020/why-does-hydra-return-16-valid-passwords-when-none-are-valid

Its not as simple as I thought. You need the cookie information of the login page but I checked mine but it has no cookie info.

Does anyone know how to to this or has experience with this?

6 Responses

r u on kali linux?

hacked by Mr_Nakup3nda

Ofcourse

lol it could be something else, but anyway make sure your rockyou.txt path is "Root" instead of "root"

Hacked by Mr_Nakup3nda

and for Admin as username you should not use the capital letter "-L"
instead use"l"
try this :
hydra -l Admin -P /root/Desktop/rockyou.txt http://your____rooter____ip
Hacked by Mr_Nakup3nda

That's the editor screwing with my post I used the correct syntax I just need to figure out with extra I need to tell Hydra.

For commands, don't use the "headline" option in the article editor; it'll capitalize all the first letters of words. Better to just bold or italicize the commands instead.

Share Your Thoughts

  • Hot
  • Active