Results 1 to 9 of 9

Thread: THC Hydra brute force router.

  1. #1
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    10

    Default THC Hydra brute force router.

    Hey, I finally get to post in the Backtrack forum, just like all the grownups... Anyway, I have been using XHydra and am not sure what to make of this. I suppose this is backtrack related, but if I shouldn't be posting here please tell me. Hydra doesn't seem to be logging into my Netgear router, I specify http-get, the right port, and 192.168.1.1 as the host, I can feed it directly my known username and password, or put them in a wordlist. No matter what I do it still finishes without telling me it was successful. Has anyone had this trouble before? Thanks.
    -ARCKEDA

    PS: Sorry about making that new topic archangel.amael.

  2. #2
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Did you try the technique in this thread?

    http://forums.remote-exploit.org/showthread.php?t=14910

    In my experience, Hydra can have timing and issues depending on the CPU, RAM, etc. You may need to tweak the command line settings for the best performance.
    Thorn
    Stop the TSA now! Boycott the airlines.

  3. #3
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    10

    Default

    I am afraid that that post wasn't much help, my router uses a standard http-get function, but thanks for the tip on tweaking command line.

  4. #4
    Moderator
    Join Date
    Aug 2007
    Posts
    1,053

    Default

    hi,

    hydra is ever a excelent tool , but with the router , i think than the best choice is Medusa , support many options specific for routers.

    hi.

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Are you sure your router uses http-get? Can you craft a URL that will login to your router without you having to fillin the login form? i.e.: http://192.168.1.1/login.jsp?username=admin&pass=mysupersecretpass (or similar)
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  6. #6
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    10

    Default

    Quote Originally Posted by thorin View Post
    Are you sure your router uses http-get? Can you craft a URL that will login to your router without you having to fillin the login form?

    i.e.: theurl For some reason it won't let me past links to other sites until I post 15 times, even if I am quoting you. :/

    (or similar)
    The thing is, it simply pops up, is there any addon or tool I can use to find out the specific form that the popup is using? Thanks.

    Medusa looks sexy, I will probably end up using both it and Hydra.

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Sounds like it's using javascript or similar to open a dialog box into which you enter your credentials. What happens if you disable javascript and try to visit the URL for your router?

    Is there any chance that you'd tell us what brand and model we're talking about?
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    10

    Default

    Quote Originally Posted by thorin View Post
    Sounds like it's using javascript or similar to open a dialog box into which you enter your credentials. What happens if you disable javascript and try to visit the URL for your router?

    Is there any chance that you'd tell us what brand and model we're talking about?
    V1.0.14_1.0.14NA << Firmware
    Netgear << Router
    WNDR3300 << Version.

    I disable Javascript and it still pops up.
    Sorry this took so long to reply, the freaking thing locked me out of it for awhile.

  9. #9
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    8

    Default

    It must use htaccess

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •