I'm trying to use Hydra on an ASP web application. Their login page uses the following method:
site/Login: username/password
If successful, I am redirect back to site/Login but with a newly set cookie, then redirected to site/Home
If authentication is not successful, the site shows an error message on site/Login
I've tried the following command:
hydra <ip> http-post-form "site/Login.aspx:< args >:S=moved" -l test -p test
However, this returns true for each user/pass combination. How can I make Hydra follow the redirection and work properly?
edit: It seems that Hydra is not able to create an SSL connection. I cannot see why it cannot do this.
