I want to check if my syntax for Hydra is correct for the Lernaen challenge.
It seems to be running ok, but hasn’t come up with anything so I just want to be sure it is actually working right!
hydra -l "" -P /usr/share/wordlists/rockyou.txt http-post://docker.hackthebox.eu:60686"/password=^PASS^:Invalid password!"
What output are you given?
This is a good source although it can be a bit jumbled. The main points to take away are:
- Hydra assumes default port, unless explicitly specified… how do you specify specific… argumemts… to a script?
- What do server IP’s translate to / from? Do we have to find our server’s IP address or could we simply use info already supplied to us?
- Books always have been good for knowledge but I’ve never been one to read a dictionary.
- Hey man, don’t be afraid to ask for -h elp
- Hydra assumes default port, unless explicitly specified…
I think this might be where he’s running into issues. As far as I know, Hydra looks for 3 sets of information separated by colons: username/list, password/list, and failure message. Hydra might be confusing your port specification because you’re using a colon in the url. Try running hydra --help for proper syntax. Also, your specification for a POST form is off, check the link for an example.
Challenged solved. Cheers dudes
could someone help me with sorting out hydra? i can only get 1 try per task per minute. i tried medusa since my hydra seems to be bitchy but medusa craps out on me with a sigsegv on bigger wordlists, so that’s unacceptable. FYI my connection is good enough, never had any problems, it’s just hydra not working properly. help please!