Forum Discussion

Bronze I

4 months ago

Solved

Hack Your First Web App: Ep.6 - Hydra

I am stuck on Question 7 which instructs you to use hydra to brute force a password. I was able to use it correctly on Ep. 5. I have tried using the same cmd and changing to the login page but it...

help & support

LewisMutton
4 months ago
Almost there! Make sure that your failure string matches the response from the login form 😜

CyberSharpe

Silver I

4 months ago

sh5801

I agree with LewisMutton . You almost have it.

A quick scan using burp and entering incorrect creds allowed me to find the correct string for failed login.

This is the only change you need to make to your syntax.

Additionally, some vulnerable apps use weak or predictable passwords.

Always worth a shot.

If this works consider it solved ;)

Forum Discussion

Hack Your First Web App: Ep.6 - Hydra

Featured Places

Help & Support Forum

Related Content

Credential Access: Using Hydra

Web App Hacking Lab

Infrastructure Hacking: Responder Network Poisoning-hack root?

Server-Side Request Forgery Web App Hacking

Web App Hacking (Lab series): CVE-2022-2143 (iView2)

Recent Discussions

CVE-2021-25281 (SaltStack) – Offensive

Packet Analysis: Demonstrate your skills

World Cup Special - Immersive Squad

CVE-2022-26134 (Confluence) – OGNL Injection

Terrapoint (Hats off, Immersive Labs)