Hydra (THC) issue
I hope this is in the right section now.
I've been trying to crack my email account with hydra and I failed.
The server I've been trying to attack provides ssl, so maybe that's why I failed when I was trying to use pop3 protocol, so then
I checked links from this site: http://www.thc.org/thc-hydra/ and still nothing.
I had many errors from hydra, but when I used with syntax"
(I also tried to modify the syntax after hhtps-form-post, but I failed or did something wrong.)
hydra -l firstname.lastname@example.org -P /root/Desktop/testdic.txt -v <serverIP> https-form-post "/index.cgi:login&name=^USER^&password=^PASS^&login=Login:Not allowed" &
it returned: "1 of 1 target successfully completed, 4 valid passwords found"...
I loged in to my account and checked, that the server IP and 443 port are correctly used by me in hydra.
The path to the dictionary above, is a text file I created, containing like three bad passwords and one legit one.
I've been using Backtrack for some time now, but I'd rather consider myself as noobie.
What am I doing wrong?
I'm using backtrack 5 installed on usb.
Re: Hydra (THC) issue
Without access or information about your email interface and access method we can't help you.
Note I'm not asking for real creds or anything here, but your post basically boils down to. I'm trying to do something like this and it doesn't work, how do I fix it. Based on that level of detail all we can possibly say is "do it properly"......
0) What are the actual errors hydra is giving you.
1) Can you actually access your email account via HTTP?
2) Is index.cgi the actual login page? Are the POST parameters you outlined above actually correct? Did you view the source of the page and do you understand it?
3) Have you tried to manually build the request with known creds and submit it? (use curl, or burp, or something like that)
Re: Hydra (THC) issue
Hi! Thank you for your reply.
First - you are absolutely right about how my post looks like. It's because I was so frustrated that nothing had worked. Sorry for that.
Second - I knew I was missing something obvious I just didn't know what (mysterious way my brain works...)
Here's what I did, inspired by your tips:
I used netcat to login to my account through pop3 just to see if everything works and it did.
Then I used hydra with pop3 option and it worked! Finally.
But I don't want to stop there. I spent hours today trying to answer you and myself if I understand the source page view. The answer is no, unfortunately.
You were right, there's no index.cgi in my case. I behaved like a total noob and just paste it from the tutorial.
Because I'm eager to learn, I'd appreciate if you gave me some tips, what should I look for in a source of the page.
I found something like this:
(it's a part of it), but I'm not sure if it's relevant?
What kind of information would you need about my email interface?