Por que o hydra não acha o login e senha

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 00:42h

Olá amigos. Fiz um teste com o hydra no meu roteador usando uma wordlist mas não tive êxito. Mesmo se coloco o login e senha corretos nas minhas listas ele não acha. Desde já agradeço.

px
(usa Debian)

Enviado em 29/09/2013 - 05:51h

Você tá tentando via terminal ou pelo xhydra? é só setar as wordlists e usar o método http-get na porta 80

aqui deu certo, infelizmente kkk, adapte a sintese para suas wordlists

hydra 192.168.1.1 -s 80 -L /xx/xx/xx/WORD/MODENS_LOGIN -P /xx/xx/xx/WORD/MODENS_PASSWORD -e ns -t 1 -m /foo/bar/protected.html http-get

da uma olhada na desgraça!

http://img407.imageshack.us/img407/4922/4h7q.png

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 11:38h

Eu usei os dois, tanto o xhydra quanto o hydra (terminal). O ip que uso para acessar a pagina do roteador é 192.168.0.1 Veja a saída:

bash-4.2$ hydra 192.168.0.1 -s 80 -L /home/wellington/list_login.txt -P /home/wellington/list_senhas.txt -e ns -t 1  http-get 



Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only



Hydra (http://www.thc.org/thc-hydra) starting at 2013-09-29 11:34:48

[WARNING] You must supply the web page as an additional option or via -m, default path set to /

[DATA] 1 task, 1 server, 48 login tries (l:6/p:8), ~48 tries per task

[DATA] attacking service http-get on port 80

[WARNING] Unusual return code:  for darlan:darlan

[WARNING] Unusual return code:  for darlan:

[WARNING] Unusual return code:  for darlan:wellington

[WARNING] Unusual return code:  for darlan:12414068

[WARNING] Unusual return code:  for darlan:1940491241

[WARNING] Unusual return code:  for darlan:wellington12414068

[WARNING] Unusual return code:  for darlan:wellington1241

[WARNING] Unusual return code:  for hugo:hugo

[WARNING] Unusual return code:  for hugo:

[WARNING] Unusual return code:  for hugo:wellington

[WARNING] Unusual return code:  for hugo:12414068

[WARNING] Unusual return code:  for hugo:1940491241

[WARNING] Unusual return code:  for hugo:wellington12414068

[WARNING] Unusual return code:  for hugo:wellington1241

[WARNING] Unusual return code:  for diogo:diogo

[WARNING] Unusual return code:  for diogo:

[WARNING] Unusual return code:  for diogo:wellington

[WARNING] Unusual return code:  for diogo:12414068

[WARNING] Unusual return code:  for diogo:1940491241

[WARNING] Unusual return code:  for diogo:wellington12414068

[WARNING] Unusual return code:  for diogo:wellington1241

[WARNING] Unusual return code:  for danilo:danilo

[WARNING] Unusual return code:  for danilo:

[WARNING] Unusual return code:  for danilo:wellington

[WARNING] Unusual return code:  for danilo:12414068

[WARNING] Unusual return code:  for danilo:1940491241

[WARNING] Unusual return code:  for danilo:wellington12414068

[WARNING] Unusual return code:  for danilo:wellington1241

[WARNING] Unusual return code:  for paula:paula

[WARNING] Unusual return code:  for paula:

[WARNING] Unusual return code:  for paula:wellington

[WARNING] Unusual return code:  for paula:12414068

[WARNING] Unusual return code:  for paula:1940491241

[WARNING] Unusual return code:  for paula:wellington12414068

[WARNING] Unusual return code:  for paula:wellington1241

[WARNING] Unusual return code:  for emanuel:emanuel

[WARNING] Unusual return code:  for emanuel:

[WARNING] Unusual return code:  for emanuel:wellington

[WARNING] Unusual return code:  for emanuel:12414068

[WARNING] Unusual return code:  for emanuel:1940491241

[WARNING] Unusual return code:  for emanuel:wellington12414068

[WARNING] Unusual return code:  for emanuel:wellington1241

1 of 1 target completed, 0 valid passwords found

Hydra (http://www.thc.org/thc-hydra) finished at 2013-09-29 11:34:49

bash-4.2$  

Nessa lista tem a combinação correta (login e senha) mas ele não acusa isso.

px
(usa Debian)

Enviado em 29/09/2013 - 11:51h

Tenta usar assim, só colar no terminal...

hydra 192.168.0.1 -s 80 -L /home/wellington/list_login.txt -P /home/wellington/list_senhas.txt -e ns -t 1 -m /foo/bar/protected.html http-get

px
(usa Debian)

Enviado em 29/09/2013 - 11:52h

aaa sua wordlist ta assim:

admin:admin - não da certo

tenque ter uma pra loguin e outra pra senha

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 11:53h

Já havia feito isso. Mas em todo caso:

bash-4.2$ hydra 192.168.0.1 -s 80 -L /home/wellington/list_login.txt -P /home/wellington/list_senhas.txt -e ns -t 1 -m /foo/bar/protected.html http-get

Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only



Hydra (http://www.thc.org/thc-hydra) starting at 2013-09-29 11:52:12

[DATA] 1 task, 1 server, 48 login tries (l:6/p:8), ~48 tries per task

[DATA] attacking service http-get on port 80

[WARNING] Unusual return code:  for darlan:darlan

[WARNING] Unusual return code:  for darlan:

[WARNING] Unusual return code:  for darlan:wellington

[WARNING] Unusual return code:  for darlan:12414068

[WARNING] Unusual return code:  for darlan:1940491241

[WARNING] Unusual return code:  for darlan:wellington12414068

[WARNING] Unusual return code:  for darlan:wellington1241

[WARNING] Unusual return code:  for hugo:hugo

[WARNING] Unusual return code:  for hugo:

[WARNING] Unusual return code:  for hugo:wellington

[WARNING] Unusual return code:  for hugo:12414068

[WARNING] Unusual return code:  for hugo:1940491241

[WARNING] Unusual return code:  for hugo:wellington12414068

[WARNING] Unusual return code:  for hugo:wellington1241

[WARNING] Unusual return code:  for diogo:diogo

[WARNING] Unusual return code:  for diogo:

[WARNING] Unusual return code:  for diogo:wellington

[WARNING] Unusual return code:  for diogo:12414068

[WARNING] Unusual return code:  for diogo:1940491241

[WARNING] Unusual return code:  for diogo:wellington12414068

[WARNING] Unusual return code:  for diogo:wellington1241

[WARNING] Unusual return code:  for danilo:danilo

[WARNING] Unusual return code:  for danilo:

[WARNING] Unusual return code:  for danilo:wellington

[WARNING] Unusual return code:  for danilo:12414068

[WARNING] Unusual return code:  for danilo:1940491241

[WARNING] Unusual return code:  for danilo:wellington12414068

[WARNING] Unusual return code:  for danilo:wellington1241

[WARNING] Unusual return code:  for paula:paula

[WARNING] Unusual return code:  for paula:

[WARNING] Unusual return code:  for paula:wellington

[WARNING] Unusual return code:  for paula:12414068

[WARNING] Unusual return code:  for paula:1940491241

[WARNING] Unusual return code:  for paula:wellington12414068

[WARNING] Unusual return code:  for paula:wellington1241

[WARNING] Unusual return code:  for emanuel:emanuel

[WARNING] Unusual return code:  for emanuel:

[WARNING] Unusual return code:  for emanuel:wellington

[WARNING] Unusual return code:  for emanuel:12414068

[WARNING] Unusual return code:  for emanuel:1940491241

[WARNING] Unusual return code:  for emanuel:wellington12414068

[WARNING] Unusual return code:  for emanuel:wellington1241

1 of 1 target completed, 0 valid passwords found

Hydra (http://www.thc.org/thc-hydra) finished at 2013-09-29 11:52:13

bash-4.2$ 

 

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 11:54h

Mas tem duas wordlist. Uma pra login e outra pra senha

px
(usa Debian)

Enviado em 29/09/2013 - 11:56h

qual o formato da sua wordlist? não pode usar aquela dos dois pontos, pq da formato inválido, teq usar uma palavra por linha no loguin e outro arquivo para os password. Posta ai um pedaço de cada word pra ver, acho q ta errado

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 11:58h

list_login.txt

darlan

hugo

diogo

danilo

paula

emanuel

 

list_senha.txt

wellington

12414068

1940491241

wellington12414068

wellington1241 

px
(usa Debian)

Enviado em 29/09/2013 - 12:01h

estranho, pensei que tava com formato inválido... seu modem ta escutando na http 80? tenq tentar usar outro método de autenticação, pois não parece que é erro

PS:. pode tentar assim também

hydra -L ~/word.txt -P ~/pass.txt -vV 192.168.0.1 http-get /index.html


tenta dar um GET no seu modem e logar, vai ter uma saída com mais informações...

GET 192.168.0.1


ai troca esse /index.html por uma página correspondente que esteja no modem

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 12:35h

Não sei se é aqui que sabe sobre a porta mas...fui na pagina do roteador:

Firewall - Gestão Remota

Porta de Gestão HTTP: 	80

IP para Acesso Remoto: 	0.0.0.0 (255.255.255.255 = TODOS)

 

wellingtonsr
(usa Slackware)

Enviado em 29/09/2013 - 12:58h

Se eu mudo o ip: 192.168.0.1 (esse é o que acesso o roteador) para ip: 192.168.1.1 dá a seguinte saída:

Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only



Hydra (http://www.thc.org/thc-hydra) starting at 2013-09-29 12:54:57

[DATA] 16 tasks, 1 server, 30 login tries (l:6/p:5), ~1 try per task

[DATA] attacking service http-get on port 80

[80][www] host: 192.168.1.1   login: darlan   password: 1940491241

[80][www] host: 192.168.1.1   login: darlan   password: 12414068

[80][www] host: 192.168.1.1   login: darlan   password: wellington12414068

[80][www] host: 192.168.1.1   login: darlan   password: wellington1241

[80][www] host: 192.168.1.1   login: darlan   password: 

[80][www] host: 192.168.1.1   login: hugo   password: 12414068

[80][www] host: 192.168.1.1   login: hugo   password: wellington12414068

[80][www] host: 192.168.1.1   login: hugo   password: 1940491241

[80][www] host: 192.168.1.1   login: hugo   password: wellington1241

[80][www] host: 192.168.1.1   login: hugo   password: 

[80][www] host: 192.168.1.1   login: diogo   password: 12414068

[80][www] host: 192.168.1.1   login: diogo   password: 1940491241

[80][www] host: 192.168.1.1   login: diogo   password: wellington12414068

[80][www] host: 192.168.1.1   login: diogo   password: wellington1241

[80][www] host: 192.168.1.1   login: danilo   password: 12414068

[80][www] host: 192.168.1.1   login: diogo   password: 

[80][www] host: 192.168.1.1   login: danilo   password: 1940491241

[80][www] host: 192.168.1.1   login: danilo   password: wellington12414068

[80][www] host: 192.168.1.1   login: danilo   password: wellington1241

[80][www] host: 192.168.1.1   login: danilo   password: 

[80][www] host: 192.168.1.1   login: paula   password: 12414068

[80][www] host: 192.168.1.1   login: paula   password: 1940491241

[80][www] host: 192.168.1.1   login: paula   password: wellington12414068

[80][www] host: 192.168.1.1   login: paula   password: wellington1241

[80][www] host: 192.168.1.1   login: paula   password: 

[80][www] host: 192.168.1.1   login: emanuel   password: 12414068

[80][www] host: 192.168.1.1   login: emanuel   password: 1940491241

[80][www] host: 192.168.1.1   login: emanuel   password: wellington12414068

[80][www] host: 192.168.1.1   login: emanuel   password: wellington1241

[80][www] host: 192.168.1.1   login: emanuel   password: 

1 of 1 target successfully completed, 30 valid passwords found

Hydra (http://www.thc.org/thc-hydra) finished at 2013-09-29 12:54:57

 

Quando coloco para parar ao achar o login e senha corretos ele para numa combinação errada:

bash-4.2$ hydra -L ~/list_login.txt -P ~/list_senhas.txt 192.168.1.1 http-get -f

Hydra v7.4.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only



Hydra (http://www.thc.org/thc-hydra) starting at 2013-09-29 12:58:04

[WARNING] You must supply the web page as an additional option or via -m, default path set to /

[DATA] 16 tasks, 1 server, 30 login tries (l:6/p:5), ~1 try per task

[DATA] attacking service http-get on port 80

[80][www] host: 192.168.1.1   login: darlan   password: 1940491241  <--- NÃO É ESSE

[STATUS] attack finished for 192.168.1.1 (valid pair found)

1 of 1 target successfully completed, 1 valid password found

Hydra (http://www.thc.org/thc-hydra) finished at 2013-09-29 12:58:05

bash-4.2$ 

[/code]