I am stuck at excercise where I need to login to /login.php admin panel with user ‘admin’. I am using below payload but still failing with error giving 0 of valid password found.
hydra -l admin -p /opt/useful/SecLists/Passwords/Leaked-Databases/rockyou.txt -f IP -s PORT http-post-form “/login.php:username=^USER^&password=^PASS^:F=<form name=‘login’”
use capital P (-P) on specifying password file.
I did that it said password file not found
I added the cookie and tried again. now it started but going very slow
[STATUS] 0.50 tries/min, 1 tries in 00:02h, 1 to do in 00:01h, 1 active
[STATUS] 0.33 tries/min, 1 tries in 00:03h, 1 to do in 00:01h, 1 active
[STATUS] 0.25 tries/min, 1 tries in 00:04h, 1 to do in 00:01h, 1 active
[STATUS] 0.20 tries/min, 1 tries in 00:05h, 1 to do in 00:01h, 1 active
[STATUS] 0.17 tries/min, 1 tries in 00:06h, 1 to do in 00:01h, 1 active
what does it mean?
You still stuck on this? If it still doesn’t find the password file, try running it as root.
Usually when hydra runs slow like that its because there is something wrong with its attempts to reach the target.
-onthesauce
Thanks for your help. I cleared that module