Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- hydra 192.168.101.10 -s 88 http-form-post "/index.php?module=Users&action=Login:__vtrftk=sid%3Ae984330e5ce4886553aa3c3fadef14ed3762d8b5%2C1504182894&username=^USER^&password=^PASS^:Invalid username or password.:H=Cookie: security=medium; PHPSESSID=5243380159a8026e9b91e" -l admin -p blackstar -d
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- [DEBUG] Output color flag is 1
- Hydra (http://www.thc.org/thc-hydra) starting at 2017-08-31 14:49:24
- [DEBUG] cmdline: hydra -s 88 -l admin -p blackstar -d 192.168.101.10 http-form-post /index.php?module=Users&action=Login:__vtrftk=sid%3Ae984330e5ce4886553aa3c3fadef14ed3762d8b5%2C1504182894&username=^USER^&password=^PASS^:Invalid username or password.:H=Cookie: security=medium; PHPSESSID=5243380159a8026e9b91e
- [DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
- [DATA] attacking http-post-form://192.168.101.10:88//index.php?module=Users&action=Login:__vtrftk=sid%3Ae984330e5ce4886553aa3c3fadef14ed3762d8b5%2C1504182894&username=^USER^&password=^PASS^:Invalid username or password.:H=Cookie: security=medium; PHPSESSID=5243380159a8026e9b91e
- [VERBOSE] Resolving addresses ...
- [DEBUG] resolving 192.168.101.10
- [VERBOSE] resolving done
- [DEBUG] Code: attack Time: 1504190964
- [DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /index.php?module=Users&action=Login:__vtrftk=sid%3Ae984330e5ce4886553aa3c3fadef14ed3762d8b5%2C1504182894&username=^USER^&password=^PASS^:Invalid username or password.:H=Cookie: security=medium; PHPSESSID=5243380159a8026e9b91e service http-post-form
- [DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 6 countpass 1 sizepass 10
- [DEBUG] Target 0 - target 192.168.101.10 ip 192.168.101.10 login_no 0 pass_no 0 sent 0 pass_state 0 redo_state 0 (0 redos) use_count 0 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr blackstar
- [DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
- [DEBUG] Tasks 1 inactive 0 active
- [DEBUG] child 0 got target 0 selected
- [DEBUG] child 0 spawned for target 0 with pid 1899
- [DEBUG] head_no 0 has pid 1899
- [DEBUG] head_no[0] read n
- [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass blackstar, logincnt 0/1, passcnt 0/1, loop_cnt 1
- [DEBUG] send_next_pair_mid done 1, pass_state 0, clogin admin, cpass blackstar, tlogin -p, tpass blackstar, redo 0
- [ATTEMPT] target 192.168.101.10 - login "admin" - pass "blackstar" - 1 of 1 [child 0] (0/0)
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:1899] (166 bytes):
- 0000: 4745 5420 2f69 6e64 6578 2e70 6870 3f6d [ GET /index.php?m ]
- 0010: 6f64 756c 653d 5573 6572 7326 6163 7469 [ odule=Users&acti ]
- 0020: 6f6e 3d4c 6f67 696e 2048 5454 502f 312e [ on=Login HTTP/1. ]
- 0030: 300d 0a43 6f6f 6b69 653a 2073 6563 7572 [ 0..Cookie: secur ]
- 0040: 6974 793d 6d65 6469 756d 3b20 5048 5053 [ ity=medium; PHPS ]
- 0050: 4553 5349 443d 3532 3433 3338 3031 3539 [ ESSID=5243380159 ]
- 0060: 6138 3032 3665 3962 3931 650d 0a48 6f73 [ a8026e9b91e..Hos ]
- 0070: 743a 2031 3932 2e31 3638 2e31 3031 2e31 [ t: 192.168.101.1 ]
- 0080: 300d 0a55 7365 722d 4167 656e 743a 204d [ 0..User-Agent: M ]
- 0090: 6f7a 696c 6c61 2f35 2e30 2028 4879 6472 [ ozilla/5.0 (Hydr ]
- 00a0: 6129 0d0a 0d0a [ a).... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (392 bytes):
- 0000: 4854 5450 2f31 2e31 2033 3032 204d 6f76 [ HTTP/1.1 302 Mov ]
- 0010: 6564 2054 656d 706f 7261 7269 6c79 0d0a [ ed Temporarily.. ]
- 0020: 5365 7276 6572 3a20 6e67 696e 782f 312e [ Server: nginx/1. ]
- 0030: 362e 320d 0a44 6174 653a 2054 6875 2c20 [ 6.2..Date: Thu, ]
- 0040: 3331 2041 7567 2032 3031 3720 3132 3a34 [ 31 Aug 2017 12:4 ]
- 0050: 393a 3339 2047 4d54 0d0a 436f 6e74 656e [ 9:39 GMT..Conten ]
- 0060: 742d 5479 7065 3a20 7465 7874 2f68 746d [ t-Type: text/htm ]
- 0070: 6c3b 2063 6861 7273 6574 3d55 5446 2d38 [ l; charset=UTF-8 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a58 2d50 6f77 6572 6564 2d42 [ ose..X-Powered-B ]
- 00a0: 793a 2050 4850 2f35 2e36 2e33 302d 302b [ y: PHP/5.6.30-0+ ]
- 00b0: 6465 6238 7531 0d0a 4578 7069 7265 733a [ deb8u1..Expires: ]
- 00c0: 2054 6875 2c20 3139 204e 6f76 2031 3938 [ Thu, 19 Nov 198 ]
- 00d0: 3120 3038 3a35 323a 3030 2047 4d54 0d0a [ 1 08:52:00 GMT.. ]
- 00e0: 4361 6368 652d 436f 6e74 726f 6c3a 206e [ Cache-Control: n ]
- 00f0: 6f2d 7374 6f72 652c 206e 6f2d 6361 6368 [ o-store, no-cach ]
- 0100: 652c 206d 7573 742d 7265 7661 6c69 6461 [ e, must-revalida ]
- 0110: 7465 2c20 706f 7374 2d63 6865 636b 3d30 [ te, post-check=0 ]
- 0120: 2c20 7072 652d 6368 6563 6b3d 300d 0a50 [ , pre-check=0..P ]
- 0130: 7261 676d 613a 206e 6f2d 6361 6368 650d [ ragma: no-cache. ]
- 0140: 0a4c 6f63 6174 696f 6e3a 2069 6e64 6578 [ .Location: index ]
- 0150: 2e70 6870 3f6d 6f64 756c 653d 5573 6572 [ .php?module=User ]
- 0160: 7326 7061 7265 6e74 3d53 6574 7469 6e67 [ s&parent=Setting ]
- 0170: 7326 7669 6577 3d4c 6f67 696e 2665 7272 [ s&view=Login&err ]
- 0180: 6f72 3d31 0d0a 0d0a [ or=1.... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (0 bytes):
- DEBUG_DISCONNECT
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:1899] (339 bytes):
- 0000: 504f 5354 202f 696e 6465 782e 7068 703f [ POST /index.php? ]
- 0010: 6d6f 6475 6c65 3d55 7365 7273 2661 6374 [ module=Users&act ]
- 0020: 696f 6e3d 4c6f 6769 6e20 4854 5450 2f31 [ ion=Login HTTP/1 ]
- 0030: 2e30 0d0a 436f 6f6b 6965 3a20 7365 6375 [ .0..Cookie: secu ]
- 0040: 7269 7479 3d6d 6564 6975 6d3b 2050 4850 [ rity=medium; PHP ]
- 0050: 5345 5353 4944 3d35 3234 3333 3830 3135 [ SESSID=524338015 ]
- 0060: 3961 3830 3236 6539 6239 3165 0d0a 486f [ 9a8026e9b91e..Ho ]
- 0070: 7374 3a20 3139 322e 3136 382e 3130 312e [ st: 192.168.101. ]
- 0080: 3130 0d0a 5573 6572 2d41 6765 6e74 3a20 [ 10..User-Agent: ]
- 0090: 4d6f 7a69 6c6c 612f 352e 3020 2848 7964 [ Mozilla/5.0 (Hyd ]
- 00a0: 7261 290d 0a43 6f6e 7465 6e74 2d4c 656e [ ra)..Content-Len ]
- 00b0: 6774 683a 2031 3032 0d0a 436f 6e74 656e [ gth: 102..Conten ]
- 00c0: 742d 5479 7065 3a20 6170 706c 6963 6174 [ t-Type: applicat ]
- 00d0: 696f 6e2f 782d 7777 772d 666f 726d 2d75 [ ion/x-www-form-u ]
- 00e0: 726c 656e 636f 6465 640d 0a0d 0a5f 5f76 [ rlencoded....__v ]
- 00f0: 7472 6674 6b3d 7369 6425 3341 6539 3834 [ trftk=sid%3Ae984 ]
- 0100: 3333 3065 3563 6534 3838 3635 3533 6161 [ 330e5ce4886553aa ]
- 0110: 3363 3366 6164 6566 3134 6564 3337 3632 [ 3c3fadef14ed3762 ]
- 0120: 6438 6235 2532 4331 3530 3431 3832 3839 [ d8b5%2C150418289 ]
- 0130: 3426 7573 6572 6e61 6d65 3d61 646d 696e [ 4&username=admin ]
- 0140: 2670 6173 7377 6f72 643d 626c 6163 6b73 [ &password=blacks ]
- 0150: 7461 72 [ tar ]
- HTTP request sent:[0A]POST /index.php?module=Users&action=Login HTTP/1.0[0D][0A]Cookie: security=medium; PHPSESSID=5243380159a8026e9b91e[0D][0A]Host: 192.168.101.10[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 102[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A][0D][0A]__vtrftk=sid%3Ae984330e5ce4886553aa3c3fadef14ed3762d8b5%2C1504182894&username=admin&password=blackstar[0A]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (454 bytes):
- 0000: 4854 5450 2f31 2e31 2033 3032 204d 6f76 [ HTTP/1.1 302 Mov ]
- 0010: 6564 2054 656d 706f 7261 7269 6c79 0d0a [ ed Temporarily.. ]
- 0020: 5365 7276 6572 3a20 6e67 696e 782f 312e [ Server: nginx/1. ]
- 0030: 362e 320d 0a44 6174 653a 2054 6875 2c20 [ 6.2..Date: Thu, ]
- 0040: 3331 2041 7567 2032 3031 3720 3132 3a34 [ 31 Aug 2017 12:4 ]
- 0050: 393a 3430 2047 4d54 0d0a 436f 6e74 656e [ 9:40 GMT..Conten ]
- 0060: 742d 5479 7065 3a20 7465 7874 2f68 746d [ t-Type: text/htm ]
- 0070: 6c3b 2063 6861 7273 6574 3d55 5446 2d38 [ l; charset=UTF-8 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a58 2d50 6f77 6572 6564 2d42 [ ose..X-Powered-B ]
- 00a0: 793a 2050 4850 2f35 2e36 2e33 302d 302b [ y: PHP/5.6.30-0+ ]
- 00b0: 6465 6238 7531 0d0a 4578 7069 7265 733a [ deb8u1..Expires: ]
- 00c0: 2054 6875 2c20 3139 204e 6f76 2031 3938 [ Thu, 19 Nov 198 ]
- 00d0: 3120 3038 3a35 323a 3030 2047 4d54 0d0a [ 1 08:52:00 GMT.. ]
- 00e0: 4361 6368 652d 436f 6e74 726f 6c3a 206e [ Cache-Control: n ]
- 00f0: 6f2d 7374 6f72 652c 206e 6f2d 6361 6368 [ o-store, no-cach ]
- 0100: 652c 206d 7573 742d 7265 7661 6c69 6461 [ e, must-revalida ]
- 0110: 7465 2c20 706f 7374 2d63 6865 636b 3d30 [ te, post-check=0 ]
- 0120: 2c20 7072 652d 6368 6563 6b3d 300d 0a50 [ , pre-check=0..P ]
- 0130: 7261 676d 613a 206e 6f2d 6361 6368 650d [ ragma: no-cache. ]
- 0140: 0a53 6574 2d43 6f6f 6b69 653a 2050 4850 [ .Set-Cookie: PHP ]
- 0150: 5345 5353 4944 3d39 6233 6236 3839 3364 [ SESSID=9b3b6893d ]
- 0160: 6135 3764 3165 3566 3131 3561 3133 3434 [ a57d1e5f115a1344 ]
- 0170: 6563 6134 3261 383b 2070 6174 683d 2f0d [ eca42a8; path=/. ]
- 0180: 0a4c 6f63 6174 696f 6e3a 2069 6e64 6578 [ .Location: index ]
- 0190: 2e70 6870 3f6d 6f64 756c 653d 5573 6572 [ .php?module=User ]
- 01a0: 7326 7061 7265 6e74 3d53 6574 7469 6e67 [ s&parent=Setting ]
- 01b0: 7326 7669 6577 3d53 7973 7465 6d53 6574 [ s&view=SystemSet ]
- 01c0: 7570 0d0a 0d0a [ up.... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (0 bytes):
- [DEBUG] attempt result: found 0, redirect 1, location: index.php?module=Users&parent=Settings&view=SystemSetup
- [DEBUG] host=192.168.101.10 redirect=/index.php?module=Users&parent=Settings&view=SystemSetup origin=/index.php?module=Users&action=Login
- [VERBOSE] Page redirected to http://:88/index.php?module=Users&parent=Settings&view=SystemSetup
- DEBUG_DISCONNECT
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:1899] (243 bytes):
- 0000: 4745 5420 2f69 6e64 6578 2e70 6870 3f6d [ GET /index.php?m ]
- 0010: 6f64 756c 653d 5573 6572 7326 7061 7265 [ odule=Users&pare ]
- 0020: 6e74 3d53 6574 7469 6e67 7326 7669 6577 [ nt=Settings&view ]
- 0030: 3d53 7973 7465 6d53 6574 7570 2048 5454 [ =SystemSetup HTT ]
- 0040: 502f 312e 300d 0a43 6f6f 6b69 653a 2073 [ P/1.0..Cookie: s ]
- 0050: 6563 7572 6974 793d 6d65 6469 756d 3b20 [ ecurity=medium; ]
- 0060: 5048 5053 4553 5349 443d 3532 3433 3338 [ PHPSESSID=524338 ]
- 0070: 3031 3539 6138 3032 3665 3962 3931 650d [ 0159a8026e9b91e. ]
- 0080: 0a48 6f73 743a 203a 3838 0d0a 5573 6572 [ .Host: :88..User ]
- 0090: 2d41 6765 6e74 3a20 4d6f 7a69 6c6c 612f [ -Agent: Mozilla/ ]
- 00a0: 352e 3020 2848 7964 7261 290d 0a43 6f6e [ 5.0 (Hydra)..Con ]
- 00b0: 7465 6e74 2d4c 656e 6774 683a 2030 0d0a [ tent-Length: 0.. ]
- 00c0: 436f 6e74 656e 742d 5479 7065 3a20 6170 [ Content-Type: ap ]
- 00d0: 706c 6963 6174 696f 6e2f 782d 7777 772d [ plication/x-www- ]
- 00e0: 666f 726d 2d75 726c 656e 636f 6465 640d [ form-urlencoded. ]
- 00f0: 0a0d 0a [ ... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (323 bytes):
- 0000: 4854 5450 2f31 2e31 2034 3030 2042 6164 [ HTTP/1.1 400 Bad ]
- 0010: 2052 6571 7565 7374 0d0a 5365 7276 6572 [ Request..Server ]
- 0020: 3a20 6e67 696e 782f 312e 362e 320d 0a44 [ : nginx/1.6.2..D ]
- 0030: 6174 653a 2054 6875 2c20 3331 2041 7567 [ ate: Thu, 31 Aug ]
- 0040: 2032 3031 3720 3132 3a34 393a 3430 2047 [ 2017 12:49:40 G ]
- 0050: 4d54 0d0a 436f 6e74 656e 742d 5479 7065 [ MT..Content-Type ]
- 0060: 3a20 7465 7874 2f68 746d 6c0d 0a43 6f6e [ : text/html..Con ]
- 0070: 7465 6e74 2d4c 656e 6774 683a 2031 3732 [ tent-Length: 172 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a0d 0a3c 6874 6d6c 3e0d 0a3c [ ose....<html>..< ]
- 00a0: 6865 6164 3e3c 7469 746c 653e 3430 3020 [ head><title>400 ]
- 00b0: 4261 6420 5265 7175 6573 743c 2f74 6974 [ Bad Request</tit ]
- 00c0: 6c65 3e3c 2f68 6561 643e 0d0a 3c62 6f64 [ le></head>..<bod ]
- 00d0: 7920 6267 636f 6c6f 723d 2277 6869 7465 [ y bgcolor="white ]
- 00e0: 223e 0d0a 3c63 656e 7465 723e 3c68 313e [ ">..<center><h1> ]
- 00f0: 3430 3020 4261 6420 5265 7175 6573 743c [ 400 Bad Request< ]
- 0100: 2f68 313e 3c2f 6365 6e74 6572 3e0d 0a3c [ /h1></center>..< ]
- 0110: 6872 3e3c 6365 6e74 6572 3e6e 6769 6e78 [ hr><center>nginx ]
- 0120: 2f31 2e36 2e32 3c2f 6365 6e74 6572 3e0d [ /1.6.2</center>. ]
- 0130: 0a3c 2f62 6f64 793e 0d0a 3c2f 6874 6d6c [ .</body>..</html ]
- 0140: 3e0d 0a [ >.. ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 1899
- [DEBUG] RECV [pid:1899] (0 bytes):
- DEBUG_DISCONNECT[DEBUG] head_no[0] read F
- [88][http-post-form] host: 192.168.101.10 login: admin password: blackstar
- [DEBUG] head_no[0] read n
- [STATUS] attack finished for 192.168.101.10 (waiting for children to complete tests)
- [DEBUG] head_no 0, kill 1, fail 0
- [DEBUG] all targets done and all heads finished
- [DEBUG] while loop left with 1
- 1 of 1 target successfully completed, 1 valid password found
- [DEBUG] killing all remaining children now that might be stuck
- Hydra (http://www.thc.org/thc-hydra) finished at 2017-08-31 14:49:26
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement