Comments (16)
Hi,
please add the options: "-t 1 -d" and send me the output.
Greets,
vh
On 07.10.2014 05:14, julegatti wrote:
Something strange is happening, because I run hydra several times
against my own known password and I get "Unusual return code" most of
the times, and if I keep trying I get it was actually found.However, when failing, looking at Wireshark, I can see the "HTTP/1.1 200
OK" packet.i.e.
Hydra v8.1-dev (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2014-10-07 00:04:48 [DATA] max 12 tasks per 1 server, overall 12 tasks, 12 login tries (l:1/p:12), ~0 tries per task [DATA] attacking service http-get on port 80 [WARNING] Unusual return code: for admin:mikemachuga [WARNING] Unusual return code: for admin:mike [WARNING] Unusual return code: for admin:asdf [WARNING] Unusual return code: for admin:dfgklj [WARNING] Unusual return code: for admin:gfgfg [WARNING] Unusual return code: for admin:e4gfrlgjl [WARNING] Unusual return code: for admin:mypass [WARNING] Unusual return code: for admin:alksdlfk [WARNING] Unusual return code: for admin:dfdkm [WARNING] Unusual return code: for admin:sdfkl [WARNING] Unusual return code: for admin:dfklmlsd 1 of 1 target completed, 0 valid passwords found Hydra (http://www.thc.org/thc-hydra) finished at 2014-10-07 00:04:49 dione@saturno:~/misc$ hydra -l admin -P asdf 192.168.1.1 http-get / Hydra v8.1-dev (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (http://www.thc.org/thc-hydra) starting at 2014-10-07 00:04:49 [DATA] max 12 tasks per 1 server, overall 12 tasks, 12 login tries (l:1/p:12), ~0 tries per task [DATA] attacking service http-get on port 80 [WARNING] Unusual return code: for admin:mike [WARNING] Unusual return code: for admin:gfgfg [WARNING] Unusual return code: for admin:dfgklj [WARNING] Unusual return code: for admin:e4gfrlgjl [WARNING] Unusual return code: for admin:alksdlfk [WARNING] Unusual return code: for admin:flskfemkl [80][www] host: 192.168.1.1 login: admin password: mypass [WARNING] Unusual return code: for admin:dfdkm 1 of 1 target successfully completed, 1 valid password found Hydra (http://www.thc.org/thc-hydra) finished at 2014-10-07 00:04:50``` — Reply to this email directly or view it on GitHub https://github.com/vanhauser-thc/thc-hydra/issues/18.
from thc-hydra.
My password list contains the following 12 words, in which my real password is: mypass
$ cat asdf
mike
mikemachuga
asdf
gfgfg
dfgklj
e4gfrlgjl
mypass
alksdlfk
flskfemkl
dfdkm
dfklmlsd
sdfkl
I run my original hydra line plus "-t 1 -d". I haven't been successful until the fifth attempt repeating the same command. In Wireshark I can see the HTTP 200 OK packet everytime it tries with "admin:mypass".
Here they are,
Attempt n1: http://pastebin.com/hpkMg4TN
Attempt n5: http://pastebin.com/b6rvBSU4
Router is: TP-LINK Wireless N Router WR941N
from thc-hydra.
Can you please email me the wireshark of that attempt where it fails?
=> vh(at)thc.org
I see what the problem is, however it is something that should not
happen - either its a broken web server or a broken client operating
system ...
On 07.10.2014 18:46, julegatti wrote:
My password list contains the following 12 words, in which my real
password is: mypass$ cat asdf
mike
mikemachuga
asdf
gfgfg
dfgklj
e4gfrlgjl
mypass
alksdlfk
flskfemkl
dfdkm
dfklmlsd
sdfkl
I run my original hydra line plus "-t 1 -d". I haven't been successful
until the fifth attempt repeating the same command. In Wireshark I can
see the HTTP 200 OK packet everytime it tries with "admin:mypass".Here they are,
Attempt n1: http://pastebin.com/hpkMg4TN
Attempt n5: http://pastebin.com/b6rvBSU4—
Reply to this email directly or view it on GitHub
#18 (comment).
from thc-hydra.
Thanks for the PCAP - as I suspected, the web server is badly implemented.
I added an addition to the http-get/head module to support this.
Please update your checkout, retry and report. thanks.
from thc-hydra.
Those tp link guys has also leave a hidden webshell in this router.
Thanks, I'll check it out!
pd: sorry about my github accounts confusion.
from thc-hydra.
Here's my report. First,
$ git pull
$ make clean
$ ./configure
$ make
$ make install
I get "Unsual return code: H" and fails on almost every attempt.
However, while running ./configure I've noticed that Firebird's libfbclient.so hadn't been found. I don't know if it's important. So, I've installed firebird1.2-dev package, and rebuilded Hydra again.
Now, I get the right response in most every attempts (I would say 95%), except for the wrong password tries in which I keep recieveing "Unusual return code: H"
I'm conformed, but just in case, this is an example of that 5% failed attempt (with libfbclient.so module): http://pastebin.com/VL2BS5XG
from thc-hydra.
Hi,
can you please try again and add again "-t 1 -d" and post the output?
Greets,
vh
On 08.10.2014 16:25, julegatti wrote:
Here's my report:
|$ git pull
$ make clean
$ ./configure
$ make
$ make install
|I get "Unsual return code: H" and fails on almost every attempt.
However, while running ./configure I've noticed that Firebird's
libfbclient.so hadn't been found. I don't know if it's important. So,
I've installed firebird1.2-dev package, and rebuild Hydra.Now, I get the right response in most every attempts (I would say 95%),
except for the wrong password tries in which I keep recieveing "Unusual
code: H"I'm conformed, but just in case, this is an example of that 5% failed
attempt (with libfbclient.so module): http://pastebin.com/VL2BS5XG—
Reply to this email directly or view it on GitHub
#18 (comment).
from thc-hydra.
... and first doing "git pull" ...
from thc-hydra.
My last pastebin was the output of doing:
$ hydra -l admin -P asdf -t 1 -d 192.168.1.1 http-get /
after I had pulled the lastest changes ("git pull") and rebuilded Hydra with Firebird module.
I didn't understand what to try. Do you mean without Firebird module?
from thc-hydra.
with/without firebird - doesnt matter.
git pull;make;make install
then send me again an output where it fails with -t 1 -d
from thc-hydra.
oh, I hadn't seen you've made a new commit for debugging.
Here, http://pastebin.com/hZRcMKtk
from thc-hydra.
sorry, I had a bug in the new function, please pull and try again.
On 08.10.2014 18:17, julegatti wrote:
oh, I hadn't seen you've made a new commit for debugging.
Here, http://pastebin.com/hZRcMKtk
—
Reply to this email directly or view it on GitHub
#18 (comment).
from thc-hydra.
Now it always works and doesn't return unusual code in any try. Genius
In few words, what was happening? I've seen you added something like a buffer.
from thc-hydra.
The web server in your router has code like
send(socket, "HTTP/1.1 ", 9);
if (code == 200)
send(socket, "200 OK\r\n", 8);
else if (code == 403)
send(socket, "404 NOK\r\n", 9);
so hydra would receive only the first packet contents which would not contain the information hydra was looking for.
from thc-hydra.
got it
from thc-hydra.
when i used hydra i get this with smtp protocol whts problem ?
1 of 1 target successfully completed, 0 valid password found
from thc-hydra.
Related Issues (20)
- False positives in xrdp weak credential scanning HOT 5
- http-post-form doesn't seem to be supported HOT 4
- Hydra not giving accurate result in SMTP server HOT 1
- termux android HOT 1
- hydra issue HOT 1
- Error: network size may only be between /16 and /31 HOT 1
- Add more meaningful information on hydra resolving interpolation error HOT 1
- Hydra Error: network size may only be between /16 and /31: HOT 1
- windows hydra9.5
- smb2 blank credentials issue. HOT 3
- [ERROR] invalid restore file (end) HOT 2
- Compilation failures with recent freerdp-3 HOT 2
- CAN YOU MAKE VIDEO HOW TO USE?
- Update INSTALL with current Oracle instant-client download URL HOT 1
- Djjdhj
- THC Hydra Help pls
- PGM
- windows
- https post form
- [ERROR]: all children were disabled due too many connection errors 0 of 1 target completed, 0 valid password found Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2024-04-19 09:10:34 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from thc-hydra.