That sounds like a path error. Are you sure you're pointing Hydra to the correct drive and file?Originally Posted by gordon__1
Hydra
I have tried to read as much as possible to understand Hydra and it's functions. Pureh@tes video is cool. I think I have a good understanding of it, but one problem I'm having is when I try to use a password list that is stored on my external usb drive (160gb), I get an error, as shown below.
Error: File for passwords not found
If I use a small txt file on my usb drive to see if it uses that without a problem, it works.
Xydra is what I'm using
On the passwords tab page in the passwords list selection, i'm using pureh@tes password file, the hatelist.txt, which is 2.5gb.
Is there a size limit for the password file with hydra?
I am using my own equipment at home to do this testing in order to better understand security issues. Help and comments are appreciated, thanks again to Pureh@te for sharing his list. Can't wait to find out what I'm doing wrong.
That sounds like a path error. Are you sure you're pointing Hydra to the correct drive and file?
Thorn
Stop the TSA now! Boycott the airlines.
Here's the setup I'm using.
Backtrack 3 on USB stick
asus eee w/2gb ram/4gb ssd
160gb external USB HD with pureh@te.txt 2.5gb password list and xploitz master password list that has all the folders and files intact and also has them merged into a 3.6gb password file
Here's the steps i'm using with Xhydra
terminal>xhydra>target page>simple target 192.168.1.1>port 80>http get>be verbose>
passwords page>username:admin>password list>browse to file system>mnt>sdc5>hatelist.txt>try login as password>try empty password
Tuning page>number of tasks>30>timeout 30
start page>start>error: file for passwords not found!
If I put a txt file on my desktop it finds it no problem, although it contains no words so it's not going to help with xhydra
I can browse to one of the txt files that is in a folder on the usb drive that is from Master xploitz lists and it uses it okay.
Let's start with the basics: First, is the 160GB drive actually /dev/sda? Assuming you booted off a USB stick, normally the USB stick would be /dev/sda, which means the 160GB drive is /dev/sdb or something similar.
Secondly, is the 160 GB USB drive's primary partition actually /dev/sda5? The partition device name is more likely to be /dev/sdb1.
Finally, do you really have it mounted as /mnt/sda5? Plus, it's more usual to give it a name like "/mnt/usb2" or the like.
Thorn
Stop the TSA now! Boycott the airlines.
Timeout message
I couldn't find anything on this in the noob area, so here's my question.
I used hydra (on BT3) to bruteforce my router with a wordlist located in /pentest/wireless/aircrack-ng/test/password.lst. I have added my password to the top of the password list to test. It worked.
Then I have put the password at the bottom of the list and did the attack again. Now i am getting timeout messages:
Process 6997: Can not connect [timeout], process exiting
What am i doing wrong?
Check the Hydra timing options.
Also, you might want to check about reviving zombies in the Rules. While I don't remember a specific rule against it here, in most forums it's considered gauche to revive a thread over a one or two months old. This one had 14 months since the last post.
Thorn
Stop the TSA now! Boycott the airlines.
Yeah I call it necro-posting. While its not specifically against the forum rules, it is. as thorn stated, gauche.
For the academically challenged who don't know what gauche means:
gauche = lacking social grace, sensitivity, or acuteness; awkward; crude; tactless: Their exquisite manners always make me feel gauche.
Glad I am a righty after having read that..
(gauche = left in french)
Ok, I will keep that in mind next time
I think I got it working now though. I used the ''show attempts'' function, and put the tasks to 3 at a time. Problem solved.
Posting Permissions