Use THC hydra to make dictionary attack on localhost

5.5k Views Asked by davide l At 20 October 2024 at 05:48

I have programmed a log in in my webpage and now I want to test it against a dictionary attack. I am using Apache and my website is not online so to access it I connect to localhost/website In hydra I am using the command

hydra -l username -P passList.txt localhost/website http-post-form "/logIn.php:user=^USER^&pass=^PASS:forgot"

But it terminates with error

[DATA] attacking service http-post-form on port 80 [ERROR] could not resolve address: localhost/website 0 of 1 target completed, 0 valid passwords found [ERROR] 1 target did not resolve or could not be connected What is the problem?

Original Q&A

There are 2 best solutions below

InvidecDave On 25 January 2015 at 00:46

Try this:

hydra -l username -P passList.txt localhost http-post-form \
    "/website/logIn.php:user=^USER^&pass=^PASS:forgot"

zrp On 14 September 2016 at 08:24

use the ip address somewhere localhost for example :

hydra -l username -P passList.txt 127.0.0.1/website http-post-form "/logIn.php:user=^USER^&pass=^PASS:forgot"

Use THC hydra to make dictionary attack on localhost

There are 2 best solutions below

Related Questions in BRUTE-FORCE

Related Questions in PENETRATION-TESTING

Related Questions in HYDRA

Related Questions in DICTIONARY-ATTACK

Trending Questions

Popular # Hahtags

Popular Questions