Originally Posted by feyt333
What, where, when. you are going to have to provide a lot more information if you expect anyone to be able to have a clue what the problem is.
Originally Posted by feyt333
i am sory my english is bad
i try my route crack with hydraGTK but always find wrong pass
i dont know where l mistake
My router here is an Belkin46g
It has no username (or at least, I can't enter one)
I can only enter a password
Also, when I enter a wrong password I get referred to a badpassword.htm page.. Can I get around this?
Can I do this with Hydra? Because Hydra needs a username.
I tried it with Hydra but after the first or second or so checked password from my list, he gives me the "attack finished ... waiting for childs to finish" message.
Nice video Pureh@te!
It just will not work for me.
I am trying with a D-link router Di-624. its at 192.168.0.1. admin/pass=1234
I have done a very simpel wordlist:
when I choose "show attempts" the output is this:
Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
Hydra (url here) starting at 2008-03-12 03:09:59
[DATA] 4 tasks, 1 servers, 4 login tries (l:1/p:4), ~1 tries per task
[DATA] attacking service http-get on port 80
[VERBOSE] Resolving addresses ... done
[ATTEMPT] target 192.168.0.1 - login "admin" - pass "1234" - child 0 - 1 of 4
[ATTEMPT] target 192.168.0.1 - login "admin" - pass "abcd" - child 1 - 2 of 4
[ATTEMPT] target 192.168.0.1 - login "admin" - pass "4321" - child 2 - 3 of 4
[STATUS] attack finished for 192.168.0.1 (waiting for childs to finish)
[ATTEMPT] target 192.168.0.1 - login "admin" - pass "dcba" - child 3 - 4 of 4
Hydra (url here) finished at 2008-03-12 03:09:59
I have also tryed without the wordlist just typing in the user and password, but it didn't help.
I have tryed with both hydra 5,3 on BT2 and 5,4 on BT3 beta. it's the same thing.
I have also tryed changing : tasks, timeout and the :"http /https url" field.
any good idears, anybody?
yeah, i never got Hydra to work at all. And i think it's just a huge inside joke/myth that anyone has gotten it to work, ever. But my friend ataxicwolf wrote a program called tartarus that works flawlessly against routers and even other http login apps like cpanel etc.. Here are his links:
Video of Tartarus v1.0: (in ogg format)
I think this script is brilliant and he did a great job. I recommend it to any of you who can't get hydra to work as a quick fix.
Its not a myth and the tool works. I really dont know what to tell you except start tweaking the options in hydra. Any nice link trevlyn. I always like to chect out new tools.
i know, that was me just joking around, i really just wanted to share ataxicwolf's work, because it totally rocks. If you were to combine this python script with -=Xploitz=-'s HUGE password list [via torrent from the Gen IT thread] you would probably get into ANY router.
It's pretty fast too and like I said you can use it against cpanel and stuff - I tried it against my website.
Tartarus Password Cracker v1.0
A Dictionary Cracker for HTTP
Enter Address Requiring Authentication
(Do not include http:// or www.)
Enter Port Number:
(Default for HTTP Authentication is 80)
Enter Username for Page:
Enter Path of Dictionary File:
The URL: http://192.168.2.1:80 does not require authentication
Try checking that the port and address are correct
I dont know where is the worng?