Trying to get Hydra to return correct results, not with much luck..

[TAPE]

I have a couple of old routers I have been trying Hydra out on and I seem to be missing something..

Setup;
B|T3 on eeepc 900
Router linksys wrt54gl (flashed with dd-wrt)
(gateway 192.168.1.1)

So I set up the router with;
login = ADMIN
password = ADMIN
No encryption, DHCP enabled.


Created a login.txt file with random logins including ADMIN.
Created a password.txt with random passwords including ADMIN.

Associate with router, dhcpcd, then start hydra with following command ;

hydra -L login.txt -P password.txt -V -e ns -f 192.168.1.1 http-get /

So it runs through the attempts, however even after passing the correct logins and passwords,
it continues without advising what the correct login / password was before stopping shortly after.

Using the -o option writes used login/password combinations, but doesnt advise the correct login/password either.

Am I missing an option here to advise Hydra to tell me what the login/password is ?
(obviously I am..)


Any advice from anyone here ?

Edit
----
I seem to be getting very varied results.. if I move the correct login / password lower down
in the .txt file, the crack seems to stop immediately when found, so I can assume that the
last noted combo is correct, if I move the correct login/password up in the list
(so more combos needed) it says valid pair found, however it hasnt reached it yet..

? confused ?

[TAPE]

Well I have to play around a bit more with the dd-wrt firmware, but have in any case
got Hydra working consistently with my other linksys router using the same command;

hydra 192.168.1.1 -L /mnt/sdb1/login.txt -P /mnt/sdb1/password.txt -V -e ns -f http-get /

The above on my main router with internet access etc. so I think I must have been doing something wrong before..

I decided to flash the other router back to stock linksys firmware and will dig in to dd-wrt
when feeling optimistic again

Any pointers on using hydra with different firmware as dd-wrt ?

[bofh28]

Well I have to play around a bit more with the dd-wrt firmware, but have in any case
got Hydra working consistently with my other linksys router using the same command;

The above on my main router with internet access etc. so I think I must have been doing something wrong before..

I decided to flash the other router back to stock linksys firmware and will dig in to dd-wrt when feeling optimistic again

Any pointers on using hydra with different firmware as dd-wrt ?

My password cracking guide has some information on use hydra. See http://forums.remote-exploit.org/sho...62&postcount=1
Sometimes http-get is not the correct option to use.

[TAPE]

Many thanks !

I shall do some more digging..

I seem to have it working now on both linksys routers I have, both running stock firmware
(one used as AP other not connected to internet)
So am pretty sure the reason it was not working was the way / when the login/passwords needed to be entered.

For some reason hydra working consistently on linksys routers, but xhydra not..
Oh well.. am slowly getting there now to figure out how to do on my asus router and I will be happy to have learned a bit more !

Thanks again.


edit
---
Man, I should have read your file a long time ago ! good stuff..

[TAPE]

If OK with the mods I will continue to post my progress here, if it is getting boring and not helping any, please say so !


When logging into to my ASUS router, it requires a click on a 'login' button to open the 'username' / 'password' window.
(so similar to linksys, just with an additional action required before)

Opened up the standard web interface, and before clicking on the 'login' started a Wireshark capture and stopped
capture after login window popped up.

When filtering the capture with http, I saw 'GET /index.asp' showing up.

So I tried starting hydra as follows ;

Code:

hydra -L login.txt -P password.txt -V -f -e ns 192.168.1.1 http-get /index.asp

and that has been working consistently..

I feel like a bit of an idiot now it seems so obvious !

Living and learning !





EDIT
----
well I shant bring this one back to the front again, so just a simple edit


Just to say that I got hydra working on the dd-wrt firmware as well by following similar
to above ;

> Ran wireshark while in the dd-wrt page at 192.168.1.1
> Clicked on the Administrator section to capture what was been sent / requested -- stopped capture
> In wireshark saw that it was looking for GET /Management.asp

So in console ;

hydra -L login.txt -P password.txt -v -f -e ns 192.168.1.1 http-get /Management.asp

Am getting consistent results so far, so I am happy

baby steps .. baby steps..