On BackTrack Final 4, there is a bug with Hydra that will prevent you from brute forcing HTTP-POST/GET forms. See following description:
To solve:
Download source:
Get patch:
Apply patch:
$[path_to_hydra_src] < patch -p1 [patch_file]
$./configure
$ make
$ sudo make install
You may receive a libssh error like I did. This was a bug in the pre-final release of BackTrack. To apply the libssh patch download:
Patch again:
$[path_to_hydra_src] < patch -p1 [patch_file]
$./configure
$ make
$ sudo make install
Example command:
hydra -t2 -e ns -L ~/projects/offsec/users.txt -P ~/projects/offsec/passwords.txt -f 192.168.11.223 http-post-form "/flatfilelogin/login.php:username=^USER^&password=^PASS^&submit=Login:Incorrect" -V
Where /flatfilelogin/login.php is the POST BACK action form.
username is username's input field form ID
password is the password's input field form ID
Incorrect is the bad display image. Note: You should check whether this string is returned back by the post back page, otherwise Hydra will return always as successful.
Note to self: If you are receiving false positives, check for other potential hidden POST form fields to also include.
No comments:
Post a Comment