HydraGTK Question

**LunchBox** · 10-15-2007, 05:52 PM

When using HydraGTK, Under the password tab it asks for a username. If i'm looking to try and get the local admin accounts password, would it be as simple as machinename\administrator. I already know the password to the machine but I wanted to see if the word list attack works on a local account. I'm using the smb protocol. I got it working for a network account, granted I had to turn off the 3 strike and your out rule, but I did not think the local account would lock so I figured I'd go after that. I have tried running this several times and it resolves the address ok and then starts the attack. Gives me a status and then I get cannot connect (unreachable). I know the pc is still on and pingable since it is right next to me. Any thoughts on this??

**-=Xploitz=-** · 10-15-2007, 06:04 PM

You trying this on your works server or your home comp??

**LunchBox** · 10-15-2007, 06:19 PM

This is being done on the hand me down test network just put in the office. Completely off the actual network. My group built this so we could test and destroy at will and not hurt the live network. No No I would not be trying this on the live system, boss doesn't mind us beating up a test lap but the real deal would not go over so well. :-)

**LunchBox** · 10-15-2007, 06:44 PM

Interesting find, if I create a new local user, I called it dave. Set the password and in Hydra, under the username just put in dave with no machine name everything runs and password is shown. If I put in administrator it says it finishes but does not display anything. Why would it work with one and not the other??

**-=Xploitz=-** · 10-15-2007, 06:57 PM

Originally Posted by LunchBox

Interesting find, if I create a new local user, I called it dave. Set the password and in Hydra, under the username just put in dave with no machine name everything runs and password is shown. If I put in administrator it says it finishes but does not display anything. Why would it work with one and not the other??

What happens if you don't specify a machine name with the admin account? Also..is the admin account really called administrator?? Do a net view from a windows command prompt( not sure exactly how this works under Linux) and make sure the admin account is really called or labeled administrator. Also..I believe Hydra is case sensitive.

<Wish I had my laptop up and running to help you better>

**LunchBox** · 10-15-2007, 07:18 PM

If I do or don't specify a machine name the outcome is the same with the Administrator account. It does say the attack finished but does not give me any results :-(

I did double and triple check that the username is actually Administrator. I figured Hydra might be case sensitive so I made sure I am typing it correctly also. Getting frustrated on this one so i'm off to lunch for now :-)

**thorin** · 10-15-2007, 07:46 PM

Did you make the password for Dave the same as the password for Administrator? The Administrator bruteforce may have just completed without a match.

If it's the same password for both accounts then there's a bigger issue at play.

**LunchBox** · 10-15-2007, 08:15 PM

Should have posted that both accounts have the same exact password

BackTrack Linux - Penetration Testing Distribution

Thread: HydraGTK Question

Thread Tools

Search Thread

Display

HydraGTK Question

Posting Permissions