I downloaded THC-Hydra for testing. I'm running Hydra in DOS commandprompt under a Windows XP Home PC. I know this is a UNIX related forum, but the commands for Hydra are same as in UNIX. And there are more experienced people in the UNIX community. I tried in Ubuntu first, with VirtualBox, but couldn't get it to work. And no, i didn't just try it once, i was trying to solve the problems for hours but in the end i got tired, and saw that there was a windows version of the software(lazy me). Now i run Hydra in the commandprompt.
Anyway, I have problems with it. I want to test perform an attack threw https against a website. I tried http://www.habbo.se as an example(Swedish version of this very lame Sulake project). My bigger sister also forgot her password there, and registered with the wrong DOB information and I thought hopefully i can crack it(she knows her usrname).
I found this in the source on the site www.habbo.se code:
I don't know if i have to explain the commands because you probably have more experience than me, but this is what these lines do:
-L = List of usernames to enter in the credentials.username field. The username replaces ^USER^
-P = Same as -L but for passwords
-O = It's used if you want to store the correct founded password in a file.
https-form-post = I think the protocol should be https, because of login function is http://www.habbo.se/account/submit. If I'm wrong, maybe that is the problem. Form-post is used to send the data to the fields on the site. Same as when you login at a site.
The last line in the quotes "" tells hydra where the parameters/fields are on the site. I think i did it right there(i followed the readme file).
When i execute it with these settings, the commandprompt just reruns the hydra.exe file(wich prints the list of commands for hydra) and ignores these settings. No attack performed. Strange because if i got some feedback of the problem maybe i could solve it.
I've been trying to solve this problem for a long time now.
Oh, by the way. The site have limited login performs. When four performs has been made, the site gives a code to enter together with the username and password, like this:
4th try:
user:
password:
please enter the code of the picture:
Is there anyway to bypass this?
Really grateful for help. Sorry for my bad english grammar. English is not my mother tounge.
And I have been reading the rules, but if it is some more information you need to help me, just tell me.
I don't know if you guys get this problem sometimes at Terminal but I had been having this problem since yesterday :( Maybe I overdid the Terminal. Even the codes that used to work doesn't work anymore.
Here is what 's happening:
* I wanted to remove lines containing digits so I used this... (25 Replies)
Hi,
This is rather a question from a "user" than from a sys admin, but I think this forum is apropriate for the question.
I have an adress with automatic email forwarding and for some senders (two hietherto), emails are bouncing. This has really created a lot of problems those two time so I... (0 Replies)
Dear ALL.
I installed AIX OS on customer sites.
but Only one site is too slow when I connected telnet, ftp..
Ping is too fast. but telnet and FTP is not connected..
of course i check the configuration file on aix but it's normal.
Do any Idea??
thanks in advance.
- Jun - (3 Replies)
At work I am trying to get this one Linux machine (let's call it ctesgm07) to behave like another Linux machine that we have (let's call it test007).
test007 returns the following version info:
cat /etc/debian_version: lenny/sid
uname -a: Linux test007 2.6.27-7-generic #1 SMP Tue Nov 4... (0 Replies)
Hi,
i've a redhat linux 9 upadated by redhat from 7 version to 9 version. A couple of days ago i was a problem with my mail, in other words i'm not able to get any email nor to send any email. I've a proxy configuration and i tried to set iptables in order to verify the port. The 110,255 and 995... (1 Reply)
1) when user login to the server the session got colosed. How will resolve?
2) While firing the command ls -l we are not able to see the any files in the director. but over all view the file system using the command df -g it is showing 91% used. what will be the problem?
Thanks in advance. (1 Reply)
Hi
I am right now facing a strange hardware problem. System get booted with the following error:
Fatal Error Reset
CPU 0000.0000.0000.0003 AFSR 0100.0000.0000.0000 SCE
AFAR 0000.07c6.0000.1000
SC Alert: Host System has Reset
It happen 4 or 5 times and get the same error every time.I... (8 Replies)
Hi
Please help me with the following problem with my script.
The following block of code is not repeating in the while loop and exiting after searching for first message.
input_file
==========
host001-01
host001-02
2008-07-23 13:02:04,651 ConnectionFactory - Setting session state... (2 Replies)
Hi, folks.
Sorry for bothering, but maybe someone could help me please.
The problem is the following:
there is some script that copies files from local file system to AFS. The copying is performed with dd command.
The script copies data into some AFS volumes.
The problem appeared with one... (0 Replies)
Hi,
Just recently we seem to be getting the following error message relating to SSH when we run the UNIX script in background mode:
warning: You have no controlling tty. Cannot read confirmation.^M
warning: Authentication failed.^M
Disconnected; key exchange or algorithm negotiation... (1 Reply)
