http-post-forms =how u do it????

[blue_bsm]

I really really tried everything to hack through -post forms- I tried medusa....hydra.....brutus.....
and nothing worked for me I dont know...I believe i did everything right but still wont work so what can do now?????

[capron]

To brute-force http-post you have to code some script off your own. Medusa , hyrda and brutus all bruteforce standard http-auth. Are the right password in the wordlist ? Do you get error messages ?

Edit Sorry I now see that the tools do http-form. I guess there are something wrong when you give the program the form parameters.

[lupin]

Id first of all confirm that you are using the tools to send the expected login sequences.

Do a packet capture of a regular authentication attempt to the http form (via a browser), then compare it to logon requests sent by a Medusa, Hydra and Brutus session to confirm that they are trying to logon correctly to that particular form. If not, you may have to modify the way you run Medusa/Hydra/Brutus until they do perform correct logon attempts. Read the manuals, look for example tutorials on the web, etc to find out how to use them correctly.

You could use Wireshark to do the packet captures, however you will probably need to get familiar with HTTP before you can really interpret the logon requests properly. There are plenty of references n the web to help with this,, you should be able to find some through Google.

[muts]

How is this related to backtrack ? Wrong forums.