Results 1 to 5 of 5

Thread: Trying to get Hydra to return correct results, not with much luck..

Hybrid View

  1. #1
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Trying to get Hydra to return correct results, not with much luck..

    I have a couple of old routers I have been trying Hydra out on and I seem to be missing something..

    Setup;
    B|T3 on eeepc 900
    Router linksys wrt54gl (flashed with dd-wrt)
    (gateway 192.168.1.1)

    So I set up the router with;
    login = ADMIN
    password = ADMIN
    No encryption, DHCP enabled.


    Created a login.txt file with random logins including ADMIN.
    Created a password.txt with random passwords including ADMIN.

    Associate with router, dhcpcd, then start hydra with following command ;

    hydra -L login.txt -P password.txt -V -e ns -f 192.168.1.1 http-get /

    So it runs through the attempts, however even after passing the correct logins and passwords,
    it continues without advising what the correct login / password was before stopping shortly after.

    Using the -o option writes used login/password combinations, but doesnt advise the correct login/password either.

    Am I missing an option here to advise Hydra to tell me what the login/password is ?
    (obviously I am..)


    Any advice from anyone here ?

    Edit
    ----
    I seem to be getting very varied results.. if I move the correct login / password lower down
    in the .txt file, the crack seems to stop immediately when found, so I can assume that the
    last noted combo is correct, if I move the correct login/password up in the list
    (so more combos needed) it says valid pair found, however it hasnt reached it yet..

    ? confused ?

  2. #2
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default

    Well I have to play around a bit more with the dd-wrt firmware, but have in any case
    got Hydra working consistently with my other linksys router using the same command;

    hydra 192.168.1.1 -L /mnt/sdb1/login.txt -P /mnt/sdb1/password.txt -V -e ns -f http-get /
    The above on my main router with internet access etc. so I think I must have been doing something wrong before..

    I decided to flash the other router back to stock linksys firmware and will dig in to dd-wrt
    when feeling optimistic again

    Any pointers on using hydra with different firmware as dd-wrt ?

  3. #3
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default

    Quote Originally Posted by =TAPE= View Post
    Well I have to play around a bit more with the dd-wrt firmware, but have in any case
    got Hydra working consistently with my other linksys router using the same command;

    The above on my main router with internet access etc. so I think I must have been doing something wrong before..

    I decided to flash the other router back to stock linksys firmware and will dig in to dd-wrt when feeling optimistic again

    Any pointers on using hydra with different firmware as dd-wrt ?
    My password cracking guide has some information on use hydra. See http://forums.remote-exploit.org/sho...62&postcount=1
    Sometimes http-get is not the correct option to use.
    I like the bleeding edge, but I don't like blood loss

  4. #4
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default

    Many thanks !

    I shall do some more digging..

    I seem to have it working now on both linksys routers I have, both running stock firmware
    (one used as AP other not connected to internet)
    So am pretty sure the reason it was not working was the way / when the login/passwords needed to be entered.

    For some reason hydra working consistently on linksys routers, but xhydra not..
    Oh well.. am slowly getting there now to figure out how to do on my asus router and I will be happy to have learned a bit more !

    Thanks again.


    edit
    ---
    Man, I should have read your file a long time ago ! good stuff..

  5. #5
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default

    If OK with the mods I will continue to post my progress here, if it is getting boring and not helping any, please say so !


    When logging into to my ASUS router, it requires a click on a 'login' button to open the 'username' / 'password' window.
    (so similar to linksys, just with an additional action required before)

    Opened up the standard web interface, and before clicking on the 'login' started a Wireshark capture and stopped
    capture after login window popped up.

    When filtering the capture with http, I saw 'GET /index.asp' showing up.

    So I tried starting hydra as follows ;

    Code:
    hydra -L login.txt -P password.txt -V -f -e ns 192.168.1.1 http-get /index.asp
    and that has been working consistently..

    I feel like a bit of an idiot now it seems so obvious !

    Living and learning !





    EDIT
    ----
    well I shant bring this one back to the front again, so just a simple edit


    Just to say that I got hydra working on the dd-wrt firmware as well by following similar
    to above ;

    > Ran wireshark while in the dd-wrt page at 192.168.1.1
    > Clicked on the Administrator section to capture what was been sent / requested -- stopped capture
    > In wireshark saw that it was looking for GET /Management.asp

    So in console ;
    hydra -L login.txt -P password.txt -v -f -e ns 192.168.1.1 http-get /Management.asp
    Am getting consistent results so far, so I am happy

    baby steps .. baby steps..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •