Results 1 to 6 of 6

Thread: Hydra the right program for the task?

  1. #1
    Just burned his ISO
    Join Date
    Sep 2011
    Location
    Alabama
    Posts
    3

    Default Hydra the right program for the task?

    Alright. So here's the sit-rep. We have a test scada system that we are working on at my college. I have the privilege playing with it. I'm new to bt and most forms of hands-on security testing. My teacher wants us to see if we can crack the website's login page. I was thinking that maybe hydra would do the trick but has been unsuccessful (assuming I'm using it correctly). Now, I read that Hydra is a "Network Logon" cracker and supports http/https. That would make me infer that it can crack website logins, but more to make me think only the ones that prompt you for your creds instead of an actual login page.

    Is this correct? If I'm wrong, does that mean Hydra can do it? If not, which of the programs will (assuming it's possible)?

    I've already looked through and searched a summary of each program and only really found a couple that I deemed suited for the task. Needless to say, I've had no luck with any.

  2. #2
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default Re: Hydra the right program for the task?

    Depending on what the SCADA system controls I would be VERY careful. I would never try to pentest a water treatment plant without having it fully staffed and everyone informed that the electronics may go haywire and having away to quickly reset everything to normal. I have run too many nmap scans that caused old and poorly designed equipment/software to freak out and send out bad data or worse stop responding i.e. showing a water tank full when it has been emptying for an hour. SCADA systems are way too fragile to play with. Your best defense is to put the SCADA system on its own private and physical network. What I mean is a network that is not in anyway shape or form plugged into equipment that has any non SCADA equipment on it. And make sure it is NOT internet accessible. If it is an absolute requirement that the SCADA system be remotely controlled, use a VPN, two factor authentication, and at least 2 hardware firewalls to get to the SCADA network. I have never seen a SCADA system that could function properly with a software firewall installed on it.
    I like the bleeding edge, but I don't like blood loss

  3. #3
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Cool Re: Hydra the right program for the task?

    bofh28
    Alright. So here's the sit-rep. We have a test scada system that we are working on at my college.
    He's not doing a real SCADA.

    revelryOcelot,

    yes, hydra will do that for you quite well. I've used it in situations like that before. It took me some googling to find the answer, but I'm happy to share with you how I use hydra to crack default admin passwords for a router test. The following assumes the login page is http://192.168.1.1/index.asp
    Code:
    hydra 192.168.1.1 -L [usernames file] -P [password file] -t 1 -e ns -V -f http-get /index.asp
    
    -or- the colonized way where username/passwords are in one file..ie
    
    admin:pass
    bob:salay
    foo:dung
    
    hydra 192.168.1.1 -C [colon file]-t 1 -e ns -V -f http-get /index.asp
    Last edited by snafu777; 09-05-2011 at 09:00 PM.

  4. #4
    Just burned his ISO
    Join Date
    Sep 2011
    Location
    Alabama
    Posts
    3

    Default Re: Hydra the right program for the task?

    Thanks for the info! It's helped. The command I've tried is
    Code:
    hydra <ip> -s <port> -P <password file>  -l <user> -V -f http-get /index.htm -t 5
    It stops at the first password in the file and says it's the valid pair, when it's by all means not. Why would it do that? Another thing that gets me is if you do a "man hydra", it shows the services that it supports. When I run some of those services (e.g. http-form-post), it gets mad and says "Unknown Service". Maybe I have a bad version? It's the one that came with bt5 though.

  5. #5
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default Re: Hydra the right program for the task?

    check out this link insidetrust.com: Using Hydra to dictionary-attack web-based login forms begin reading at "Web-based login forms prerequisites"

  6. #6
    Just burned his ISO
    Join Date
    Sep 2011
    Location
    Alabama
    Posts
    3

    Default Re: Hydra the right program for the task?

    Quote Originally Posted by Dudeman02379 View Post
    check out this link insidetrust.com: Using Hydra to dictionary-attack web-based login forms begin reading at "Web-based login forms prerequisites"
    Wow, that's helped out a lot. Thank you.

Similar Threads

  1. Replies: 1
    Last Post: 11-18-2010, 08:46 AM
  2. How to add a WICD Start Button to the task bar
    By Goldhedge in forum OLD BackTrack 4 Howto
    Replies: 4
    Last Post: 11-23-2009, 02:09 AM
  3. How to add a "power off" button to the task bar
    By Goldhedge in forum OLD BackTrack 4 Howto
    Replies: 0
    Last Post: 11-22-2009, 02:27 AM
  4. some airpwn questions *bit of a task to get wificard in proper mode
    By thefatmoop in forum OLD BackTrack 4 (pre) Final
    Replies: 0
    Last Post: 11-01-2009, 07:12 PM
  5. Task bots
    By jcglazier in forum OLD BT4 Feature Requests
    Replies: 7
    Last Post: 03-25-2009, 04:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •