http-post-form issue in 8.2-dev

PatDal81 commented 9 years ago

Hello there,

I'm having a weird issue using both hydra 8.1 (from Kali) and the version here from git (at this moment, 8.2-dev).

I'm trying to simply bruteforce the default dvwa login page and I'm getting weird results, which leads me to think that there is a bug somewhere.

Here's the first (unsuccessful) hydra line:

hydra 192.168.88.129 -l admin -P ../../wordlists/rockyou.txt http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" -vV -t10

...and the output:

Hydra (http://www.thc.org/thc-hydra) starting at 2015-02-21 01:46:36 [DATA] max 10 tasks per 1 server, overall 64 tasks, 14344399 login tries (l:1/p:14344399), ~22413 tries per task [DATA] attacking service http-post-form on port 80 [VERBOSE] Resolving addresses ... done [ATTEMPT] target 192.168.88.129 - login "admin" - pass "123456" - 1 of 14344399 [child 0] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "12345" - 2 of 14344399 [child 1] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "123456789" - 3 of 14344399 [child 2] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "password" - 4 of 14344399 [child 3] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "iloveyou" - 5 of 14344399 [child 4] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "princess" - 6 of 14344399 [child 5] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "1234567" - 7 of 14344399 [child 6] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "rockyou" - 8 of 14344399 [child 7] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "12345678" - 9 of 14344399 [child 8] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "abc123" - 10 of 14344399 [child 9] [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/index.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php ^C[ERROR] Received signal 2, going down ...

As you can see, the second VERBOSE output says that the page was redirected to .../dvwa/index.php, which is the page when successfully logged. Hydra should have tell me that there was a successful login against the website. The fail condition are the "Login failed" keyword.

But if I change my hydra line to the following:

hydra 192.168.88.129 -l admin -P ../../wordlists/rockyou.txt http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:S=index" -vV -t10

I get the following result:

Hydra (http://www.thc.org/thc-hydra) starting at 2015-02-21 01:45:58 [DATA] max 10 tasks per 1 server, overall 64 tasks, 14344399 login tries (l:1/p:14344399), ~22413 tries per task [DATA] attacking service http-post-form on port 80 [VERBOSE] Resolving addresses ... done [ATTEMPT] target 192.168.88.129 - login "admin" - pass "123456" - 1 of 14344399 [child 0] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "12345" - 2 of 14344399 [child 1] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "123456789" - 3 of 14344399 [child 2] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "password" - 4 of 14344399 [child 3] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "iloveyou" - 5 of 14344399 [child 4] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "princess" - 6 of 14344399 [child 5] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "1234567" - 7 of 14344399 [child 6] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "rockyou" - 8 of 14344399 [child 7] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "12345678" - 9 of 14344399 [child 8] [ATTEMPT] target 192.168.88.129 - login "admin" - pass "abc123" - 10 of 14344399 [child 9] [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [80][http-post-form] host: 192.168.88.129 login: admin password: password [STATUS] attack finished for 192.168.88.129 (waiting for children to complete tests) [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php [VERBOSE] Page redirected to http://192.168.88.129/dvwa/login.php ^C[ERROR] Received signal 2, going down ...

I get a good password. What bothers me here is that the only thing that has changed between the two lines are the Fail/Success conditions, nothing else. The fail condition should have triggered a successful password in the first line. I have tried with the "F=failed" flag without success.

Regards, PatDal81

sagishahar-zz commented 9 years ago

Hi,

I am not sure this is a bug, it cannot be reproduced on my side, I think it might be the behaviour of the webserver and how much resources you have allocated to the VM.

root@kali:~# hydra 1.1.1.1 -l admin -P /usr/share/wordlists/top500.txt http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" -vV -t10
Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2015-02-21 05:22:38
[DATA] max 10 tasks per 1 server, overall 64 tasks, 501 login tries (l:1/p:501), ~0 tries per task
[DATA] attacking service http-post-form on port 80
[VERBOSE] Resolving addresses ... done
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "123456" - 1 of 501 [child 0]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "12345" - 2 of 501 [child 1]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "123456789" - 3 of 501 [child 2]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "password" - 4 of 501 [child 3]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "iloveyou" - 5 of 501 [child 4]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "princess" - 6 of 501 [child 5]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "1234567" - 7 of 501 [child 6]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "rockyou" - 8 of 501 [child 7]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "12345678" - 9 of 501 [child 8]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "abc123" - 10 of 501 [child 9]
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/index.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "nicole" - 11 of 501 [child 7]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "daniel" - 12 of 501 [child 8]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "babygirl" - 13 of 501 [child 9]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "monkey" - 14 of 501 [child 2]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "lovely" - 15 of 501 [child 4]
[ATTEMPT] target 1.1.1.1 - login "admin" - pass "jessica" - 16 of 501 [child 6]
[80][http-post-form] host: 1.1.1.1   login: admin   password: password
[STATUS] attack finished for 1.1.1.1 (waiting for children to complete tests)
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
[VERBOSE] Page redirected to http://1.1.1.1/dvwa/login.php
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2015-02-21 05:22:59

PatDal81 commented 9 years ago

Hi sagishahar,

Thanks for your reply concerning this issue.

I was afraid this problem might be related to my setup but I've double checked to the best of my knowledge before submitting my bug report. Webserver is metasploitable (tried it using Security Web Dogo 2.0 too) and VM is Fusion Pro 7.1.1, using a private network between the two. Here's a packet (which should have triggered a successful condition) as captured by tcpdump on the metasploitable 2 side:

04:49:59.844996 IP (tos 0x0, ttl 64, id 23996, offset 0, flags [DF], proto TCP (6), length 320) 192.168.88.131.42280 > 192.168.88.129.80: P, cksum 0x8982 (correct), 796817400:796817668(268) ack 3950815986 win 229 <nop,nop,timestamp 5515853 2251207> 0x0000: 4500 0140 5dbc 4000 4006 a9a6 c0a8 5883 E..@].@.@.....X. 0x0010: c0a8 5881 a528 0050 2f7e 77f8 eb7c aaf2 ..X..(.P/~w..|.. 0x0020: 8018 00e5 8982 0000 0101 080a 0054 2a4d .............T*M 0x0030: 0022 59c7 504f 5354 202f 6476 7761 2f6c ."Y.POST./dvwa/l 0x0040: 6f67 696e 2e70 6870 2048 5454 502f 312e ogin.php.HTTP/1. 0x0050: 300d 0a48 6f73 743a 2031 3932 2e31 3638 0..Host:.192.168 0x0060: 2e38 382e 3132 390d 0a55 7365 722d 4167 .88.129..User-Ag 0x0070: 656e 743a 204d 6f7a 696c 6c61 2f35 2e30 ent:.Mozilla/5.0 0x0080: 2028 4879 6472 6129 0d0a 436f 6f6b 6965 .(Hydra)..Cookie 0x0090: 3a20 5048 5053 4553 5349 443d 3339 3731 :.PHPSESSID=3971 0x00a0: 6331 3235 6338 3665 3263 6465 3161 3733 c125c86e2cde1a73 0x00b0: 6232 3831 3761 3838 3364 6333 3b20 7365 b2817a883dc3;.se 0x00c0: 6375 7269 7479 3d68 6967 680d 0a43 6f6e curity=high..Con 0x00d0: 7465 6e74 2d4c 656e 6774 683a 2034 340d tent-Length:.44. 0x00e0: 0a43 6f6e 7465 6e74 2d54 7970 653a 2061 .Content-Type:.a 0x00f0: 7070 6c69 6361 7469 6f6e 2f78 2d77 7777 pplication/x-www 0x0100: 2d66 6f72 6d2d 7572 6c65 6e63 6f64 6564 -form-urlencoded 0x0110: 0d0a 0d0a 7573 6572 6e61 6d65 3d61 646d ....username=adm 0x0120: 696e 2670 6173 7377 6f72 643d 7061 7373 in&password=pass 0x0130: 776f 7264 264c 6f67 696e 3d4c 6f67 696e word&Login=Login

As you can see, the username and password received on the webserver are both correct. How can this problem be related to the setup if both from the attacker and the webserver side, the packet is forged correctly? This thinking lead me to raise a concern on how hydra handles the http-post-form.

sagishahar-zz commented 9 years ago

I am not sure why you get a different behaviour from Hydra than I do, as the command you posted was literally copied into my command prompt with minor changes (target IP address and the dictionary). I would suggest that at least another person should follow the same test before we concluded. With that said, I have not inspected the actual code and therefore it might be that you are right and it's a bug.

On that note, when I tried to brute force DVWA using Burp Suite, it resulted in with false positives as the string I was grepping for did not appear at all times in the HTTP response. However, when I decreased the number of threads, things became a bit better. That led me to a realisation that maybe under some traffic stress the website does not behave as expected, but it might be that I am very well wrong.

Probably it's best if Hydra's core developers check this.

sagi-

PatDal81 commented 9 years ago

Do we have any updates on this issue?

vanhauser-thc commented 9 years ago

well, my guess is that the result page is not really showing "Login failed". add the "-d" switch to hydra and have a look what a failed login contains.

PatDal81 commented 9 years ago

Well, I was able to perform some tests and I'm even more confused now...

The command that was ran against a DVWA server with default credentials (admin/password)

hydra 192.168.88.129 -l admin -p password http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" -d

And here's the response I'm getting in the console:

[DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass password, logincnt 0/1, passcnt 0/1, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 0, clogin admin, cpass password, tlogin -p, tpass password, redo 0
[ATTEMPT] target 192.168.88.129 - login "admin" - pass "password" - 1 of 1 [child 0]
DEBUG_CONNECT_OK
[DEBUG] SEND [pid:6487] (87 bytes):
0000:  4745 5420 2f64 7677 612f 6c6f 6769 6e2e    [ GET /dvwa/login. ]
0010:  7068 7020 4854 5450 2f31 2e30 0d0a 486f    [ php HTTP/1.0..Ho ]
0020:  7374 3a20 3139 322e 3136 382e 3838 2e31    [ st: 192.168.88.1 ]
0030:  3239 0d0a 5573 6572 2d41 6765 6e74 3a20    [ 29..User-Agent:  ]
0040:  4d6f 7a69 6c6c 612f 352e 3020 2848 7964    [ Mozilla/5.0 (Hyd ]
0050:  7261 290d 0a0d 0a                          [ ra)....          ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 6487
[DEBUG] RECV [pid:6487] (1690 bytes):
0000:  4854 5450 2f31 2e31 2032 3030 204f 4b0d    [ HTTP/1.1 200 OK. ]
0010:  0a44 6174 653a 2053 756e 2c20 3232 2046    [ .Date: Sun, 22 F ]
0020:  6562 2032 3031 3520 3032 3a33 343a 3430    [ eb 2015 02:34:40 ]
0030:  2047 4d54 0d0a 5365 7276 6572 3a20 4170    [  GMT..Server: Ap ]
0040:  6163 6865 2f32 2e32 2e38 2028 5562 756e    [ ache/2.2.8 (Ubun ]
0050:  7475 2920 4441 562f 320d 0a58 2d50 6f77    [ tu) DAV/2..X-Pow ]
0060:  6572 6564 2d42 793a 2050 4850 2f35 2e32    [ ered-By: PHP/5.2 ]
0070:  2e34 2d32 7562 756e 7475 352e 3130 0d0a    [ .4-2ubuntu5.10.. ]
0080:  5072 6167 6d61 3a20 6e6f 2d63 6163 6865    [ Pragma: no-cache ]
0090:  0d0a 4361 6368 652d 436f 6e74 726f 6c3a    [ ..Cache-Control: ]
00a0:  206e 6f2d 6361 6368 652c 206d 7573 742d    [  no-cache, must- ]
00b0:  7265 7661 6c69 6461 7465 0d0a 4578 7069    [ revalidate..Expi ]
00c0:  7265 733a 2054 7565 2c20 3233 204a 756e    [ res: Tue, 23 Jun ]
00d0:  2032 3030 3920 3132 3a30 303a 3030 2047    [  2009 12:00:00 G ]
00e0:  4d54 0d0a 5365 742d 436f 6f6b 6965 3a20    [ MT..Set-Cookie:  ]
00f0:  5048 5053 4553 5349 443d 3434 3962 3936    [ PHPSESSID=449b96 ]
0100:  6566 3234 6231 6661 6565 3065 3366 6639    [ ef24b1faee0e3ff9 ]
0110:  3737 3337 3739 3334 3936 3b20 7061 7468    [ 7737793496; path ]
0120:  3d2f 0d0a 5365 742d 436f 6f6b 6965 3a20    [ =/..Set-Cookie:  ]
0130:  7365 6375 7269 7479 3d68 6967 680d 0a43    [ security=high..C ]
0140:  6f6e 7465 6e74 2d4c 656e 6774 683a 2031    [ ontent-Length: 1 ]
0150:  3238 390d 0a43 6f6e 6e65 6374 696f 6e3a    [ 289..Connection: ]
0160:  2063 6c6f 7365 0d0a 436f 6e74 656e 742d    [  close..Content- ]
0170:  5479 7065 3a20 7465 7874 2f68 746d 6c3b    [ Type: text/html; ]
0180:  6368 6172 7365 743d 7574 662d 380d 0a0d    [ charset=utf-8... ]
0190:  0a0d 0a0d 0a3c 2144 4f43 5459 5045 2068    [ .....<!DOCTYPE h ]
01a0:  746d 6c20 5055 424c 4943 2022 2d2f 2f57    [ tml PUBLIC "-//W ]
01b0:  3343 2f2f 4454 4420 5848 544d 4c20 312e    [ 3C//DTD XHTML 1. ]
01c0:  3020 5374 7269 6374 2f2f 454e 2220 2268    [ 0 Strict//EN" "h ]
01d0:  7474 703a 2f2f 7777 772e 7733 2e6f 7267    [ ttp://www.w3.org ]
01e0:  2f54 522f 7868 746d 6c31 2f44 5444 2f78    [ /TR/xhtml1/DTD/x ]
01f0:  6874 6d6c 312d 7374 7269 6374 2e64 7464    [ html1-strict.dtd ]
0200:  223e 0d0a 0d0a 3c68 746d 6c20 786d 6c6e    [ ">....<html xmln ]
0210:  733d 2268 7474 703a 2f2f 7777 772e 7733    [ s="http://www.w3 ]
0220:  2e6f 7267 2f31 3939 392f 7868 746d 6c22    [ .org/1999/xhtml" ]
0230:  3e0d 0a0d 0a09 3c68 6561 643e 0d0a 0d0a    [ >.....<head>.... ]
0240:  0909 3c6d 6574 6120 6874 7470 2d65 7175    [ ..<meta http-equ ]
0250:  6976 3d22 436f 6e74 656e 742d 5479 7065    [ iv="Content-Type ]
0260:  2220 636f 6e74 656e 743d 2274 6578 742f    [ " content="text/ ]
0270:  6874 6d6c 3b20 6368 6172 7365 743d 5554    [ html; charset=UT ]
0280:  462d 3822 202f 3e0d 0a0d 0a09 093c 7469    [ F-8" />......<ti ]
0290:  746c 653e 4461 6d6e 2056 756c 6e65 7261    [ tle>Damn Vulnera ]
02a0:  626c 6520 5765 6220 4170 7020 2844 5657    [ ble Web App (DVW ]
02b0:  4129 202d 204c 6f67 696e 3c2f 7469 746c    [ A) - Login</titl ]
02c0:  653e 0d0a 0d0a 0909 3c6c 696e 6b20 7265    [ e>......<link re ]
02d0:  6c3d 2273 7479 6c65 7368 6565 7422 2074    [ l="stylesheet" t ]
02e0:  7970 653d 2274 6578 742f 6373 7322 2068    [ ype="text/css" h ]
02f0:  7265 663d 2264 7677 612f 6373 732f 6c6f    [ ref="dvwa/css/lo ]
0300:  6769 6e2e 6373 7322 202f 3e0d 0a0d 0a09    [ gin.css" />..... ]
0310:  3c2f 6865 6164 3e0d 0a0d 0a09 3c62 6f64    [ </head>.....<bod ]
0320:  793e 0d0a 0d0a 093c 6469 7620 616c 6967    [ y>.....<div alig ]
0330:  6e3d 2263 656e 7465 7222 3e0d 0a09 0d0a    [ n="center">..... ]
0340:  093c 6272 202f 3e0d 0a0d 0a09 3c70 3e3c    [ .<br />.....<p>< ]
0350:  696d 6720 7372 633d 2264 7677 612f 696d    [ img src="dvwa/im ]
0360:  6167 6573 2f6c 6f67 696e 5f6c 6f67 6f2e    [ ages/login_logo. ]
0370:  706e 6722 202f 3e3c 2f70 3e0d 0a0d 0a09    [ png" /></p>..... ]
0380:  3c62 7220 2f3e 0d0a 090d 0a09 3c66 6f72    [ <br />......<for ]
0390:  6d20 6163 7469 6f6e 3d22 6c6f 6769 6e2e    [ m action="login. ]
03a0:  7068 7022 206d 6574 686f 643d 2270 6f73    [ php" method="pos ]
03b0:  7422 3e0d 0a09 0d0a 093c 6669 656c 6473    [ t">......<fields ]
03c0:  6574 3e0d 0a0d 0a09 0909 3c6c 6162 656c    [ et>.......<label ]
03d0:  2066 6f72 3d22 7573 6572 223e 5573 6572    [  for="user">User ]
03e0:  6e61 6d65 3c2f 6c61 6265 6c3e 203c 696e    [ name</label> <in ]
03f0:  7075 7420 7479 7065 3d22 7465 7874 2220    [ put type="text"  ]
0400:  636c 6173 733d 226c 6f67 696e 496e 7075    [ class="loginInpu ]
0410:  7422 2073 697a 653d 2232 3022 206e 616d    [ t" size="20" nam ]
0420:  653d 2275 7365 726e 616d 6522 3e3c 6272    [ e="username"><br ]
0430:  202f 3e0d 0a09 0d0a 0909 090d 0a09 0909    [  />............. ]
0440:  3c6c 6162 656c 2066 6f72 3d22 7061 7373    [ <label for="pass ]
0450:  223e 5061 7373 776f 7264 3c2f 6c61 6265    [ ">Password</labe ]
0460:  6c3e 203c 696e 7075 7420 7479 7065 3d22    [ l> <input type=" ]
0470:  7061 7373 776f 7264 2220 636c 6173 733d    [ password" class= ]
0480:  226c 6f67 696e 496e 7075 7422 2041 5554    [ "loginInput" AUT ]
0490:  4f43 4f4d 504c 4554 453d 226f 6666 2220    [ OCOMPLETE="off"  ]
04a0:  7369 7a65 3d22 3230 2220 6e61 6d65 3d22    [ size="20" name=" ]
04b0:  7061 7373 776f 7264 223e 3c62 7220 2f3e    [ password"><br /> ]
04c0:  0d0a 0909 090d 0a09 0909 0d0a 0909 093c    [ ...............< ]
04d0:  7020 636c 6173 733d 2273 7562 6d69 7422    [ p class="submit" ]
04e0:  3e3c 696e 7075 7420 7479 7065 3d22 7375    [ ><input type="su ]
04f0:  626d 6974 2220 7661 6c75 653d 224c 6f67    [ bmit" value="Log ]
0500:  696e 2220 6e61 6d65 3d22 4c6f 6769 6e22    [ in" name="Login" ]
0510:  3e3c 2f70 3e0d 0a0d 0a09 3c2f 6669 656c    [ ></p>.....</fiel ]
0520:  6473 6574 3e0d 0a0d 0a09 3c2f 666f 726d    [ dset>.....</form ]
0530:  3e0d 0a0d 0a09 0d0a 093c 6272 202f 3e0d    [ >........<br />. ]
0540:  0a0d 0a09 0d0a 0d0a 093c 6272 202f 3e0d    [ .........<br />. ]
0550:  0a09 3c62 7220 2f3e 0d0a 093c 6272 202f    [ ..<br />...<br / ]
0560:  3e0d 0a09 3c62 7220 2f3e 0d0a 093c 6272    [ >...<br />...<br ]
0570:  202f 3e0d 0a09 3c62 7220 2f3e 0d0a 093c    [  />...<br />...< ]
0580:  6272 202f 3e0d 0a09 3c62 7220 2f3e 090d    [ br />...<br />.. ]
0590:  0a0d 0a09 3c21 2d2d 203c 696d 6720 7372    [ ....<!-- <img sr ]
05a0:  633d 2264 7677 612f 696d 6167 6573 2f52    [ c="dvwa/images/R ]
05b0:  616e 646f 6d53 746f 726d 2e70 6e67 2220    [ andomStorm.png"  ]
05c0:  2f3e 202d 2d3e 0d0a 090d 0a09 3c70 3e44    [ /> -->......<p>D ]
05d0:  616d 6e20 5675 6c6e 6572 6162 6c65 2057    [ amn Vulnerable W ]
05e0:  6562 2041 7070 6c69 6361 7469 6f6e 2028    [ eb Application ( ]
05f0:  4456 5741 2920 6973 2061 2052 616e 646f    [ DVWA) is a Rando ]
0600:  6d53 746f 726d 204f 7065 6e53 6f75 7263    [ mStorm OpenSourc ]
0610:  6520 7072 6f6a 6563 743c 2f70 3e0d 0a3c    [ e project</p>..< ]
0620:  703e 4869 6e74 3a20 6465 6661 756c 7420    [ p>Hint: default  ]
0630:  7573 6572 6e61 6d65 2069 7320 2761 646d    [ username is 'adm ]
0640:  696e 2720 7769 7468 2070 6173 7377 6f72    [ in' with passwor ]
0650:  6420 2770 6173 7377 6f72 6427 093c 2f70    [ d 'password'.</p ]
0660:  3e0d 0a09 3c2f 6469 763e 203c 212d 2d20    [ >...</div> <!--  ]
0670:  656e 6420 616c 6967 6e20 6469 7620 2d2d    [ end align div -- ]
0680:  3e0d 0a0d 0a09 3c2f 626f 6479 3e0d 0a0d    [ >.....</body>... ]
0690:  0a3c 2f68 746d 6c3e 0d0a                   [ .</html>..       ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 6487
[DEBUG] RECV [pid:6487] (0 bytes):
DEBUG_DISCONNECT
DEBUG_CONNECT_OK
[DEBUG] SEND [pid:6487] (268 bytes):
0000:  504f 5354 202f 6476 7761 2f6c 6f67 696e    [ POST /dvwa/login ]
0010:  2e70 6870 2048 5454 502f 312e 300d 0a48    [ .php HTTP/1.0..H ]
0020:  6f73 743a 2031 3932 2e31 3638 2e38 382e    [ ost: 192.168.88. ]
0030:  3132 390d 0a55 7365 722d 4167 656e 743a    [ 129..User-Agent: ]
0040:  204d 6f7a 696c 6c61 2f35 2e30 2028 4879    [  Mozilla/5.0 (Hy ]
0050:  6472 6129 0d0a 436f 6f6b 6965 3a20 5048    [ dra)..Cookie: PH ]
0060:  5053 4553 5349 443d 3434 3962 3936 6566    [ PSESSID=449b96ef ]
0070:  3234 6231 6661 6565 3065 3366 6639 3737    [ 24b1faee0e3ff977 ]
0080:  3337 3739 3334 3936 3b20 7365 6375 7269    [ 37793496; securi ]
0090:  7479 3d68 6967 680d 0a43 6f6e 7465 6e74    [ ty=high..Content ]
00a0:  2d4c 656e 6774 683a 2034 340d 0a43 6f6e    [ -Length: 44..Con ]
00b0:  7465 6e74 2d54 7970 653a 2061 7070 6c69    [ tent-Type: appli ]
00c0:  6361 7469 6f6e 2f78 2d77 7777 2d66 6f72    [ cation/x-www-for ]
00d0:  6d2d 7572 6c65 6e63 6f64 6564 0d0a 0d0a    [ m-urlencoded.... ]
00e0:  7573 6572 6e61 6d65 3d61 646d 696e 2670    [ username=admin&p ]
00f0:  6173 7377 6f72 643d 7061 7373 776f 7264    [ assword=password ]
0100:  264c 6f67 696e 3d4c 6f67 696e              [ &Login=Login     ]
HTTP request sent:[0A]POST /dvwa/login.php HTTP/1.0[0D][0A]Host: 192.168.88.129[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Cookie: PHPSESSID=449b96ef24b1faee0e3ff97737793496; security=high[0D][0A]Content-Length: 44[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A][0D][0A]username=admin&password=password&Login=Login[0A]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 6487
[DEBUG] RECV [pid:6487] (354 bytes):
0000:  4854 5450 2f31 2e31 2033 3032 2046 6f75    [ HTTP/1.1 302 Fou ]
0010:  6e64 0d0a 4461 7465 3a20 5375 6e2c 2032    [ nd..Date: Sun, 2 ]
0020:  3220 4665 6220 3230 3135 2030 323a 3334    [ 2 Feb 2015 02:34 ]
0030:  3a34 3020 474d 540d 0a53 6572 7665 723a    [ :40 GMT..Server: ]
0040:  2041 7061 6368 652f 322e 322e 3820 2855    [  Apache/2.2.8 (U ]
0050:  6275 6e74 7529 2044 4156 2f32 0d0a 582d    [ buntu) DAV/2..X- ]
0060:  506f 7765 7265 642d 4279 3a20 5048 502f    [ Powered-By: PHP/ ]
0070:  352e 322e 342d 3275 6275 6e74 7535 2e31    [ 5.2.4-2ubuntu5.1 ]
0080:  300d 0a45 7870 6972 6573 3a20 5468 752c    [ 0..Expires: Thu, ]
0090:  2031 3920 4e6f 7620 3139 3831 2030 383a    [  19 Nov 1981 08: ]
00a0:  3532 3a30 3020 474d 540d 0a43 6163 6865    [ 52:00 GMT..Cache ]
00b0:  2d43 6f6e 7472 6f6c 3a20 6e6f 2d73 746f    [ -Control: no-sto ]
00c0:  7265 2c20 6e6f 2d63 6163 6865 2c20 6d75    [ re, no-cache, mu ]
00d0:  7374 2d72 6576 616c 6964 6174 652c 2070    [ st-revalidate, p ]
00e0:  6f73 742d 6368 6563 6b3d 302c 2070 7265    [ ost-check=0, pre ]
00f0:  2d63 6865 636b 3d30 0d0a 5072 6167 6d61    [ -check=0..Pragma ]
0100:  3a20 6e6f 2d63 6163 6865 0d0a 4c6f 6361    [ : no-cache..Loca ]
0110:  7469 6f6e 3a20 696e 6465 782e 7068 700d    [ tion: index.php. ]
0120:  0a43 6f6e 7465 6e74 2d4c 656e 6774 683a    [ .Content-Length: ]
0130:  2030 0d0a 436f 6e6e 6563 7469 6f6e 3a20    [  0..Connection:  ]
0140:  636c 6f73 650d 0a43 6f6e 7465 6e74 2d54    [ close..Content-T ]
0150:  7970 653a 2074 6578 742f 6874 6d6c 0d0a    [ ype: text/html.. ]
0160:  0d0a                                       [ ..               ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 6487
[DEBUG] RECV [pid:6487] (0 bytes):
[DEBUG] attempt result: found 0, redirect 1, location: index.php
[DEBUG] host=192.168.88.129 redirect=/dvwa/index.php origin=/dvwa/login.php
[VERBOSE] Page redirected to http://192.168.88.129/dvwa/index.php
DEBUG_DISCONNECT
DEBUG_CONNECT_OK
[DEBUG] SEND [pid:6487] (223 bytes):
0000:  4745 5420 2f64 7677 612f 696e 6465 782e    [ GET /dvwa/index. ]
0010:  7068 7020 4854 5450 2f31 2e30 0d0a 486f    [ php HTTP/1.0..Ho ]
0020:  7374 3a20 3139 322e 3136 382e 3838 2e31    [ st: 192.168.88.1 ]
0030:  3239 0d0a 5573 6572 2d41 6765 6e74 3a20    [ 29..User-Agent:  ]
0040:  4d6f 7a69 6c6c 612f 352e 3020 2848 7964    [ Mozilla/5.0 (Hyd ]
0050:  7261 290d 0a43 6f6f 6b69 653a 2050 4850    [ ra)..Cookie: PHP ]
0060:  5345 5353 4944 3d34 3439 6239 3665 6632    [ SESSID=449b96ef2 ]
0070:  3462 3166 6165 6530 6533 6666 3937 3733    [ 4b1faee0e3ff9773 ]
0080:  3737 3933 3439 363b 2073 6563 7572 6974    [ 7793496; securit ]
0090:  793d 6869 6768 0d0a 436f 6e74 656e 742d    [ y=high..Content- ]
00a0:  4c65 6e67 7468 3a20 3434 0d0a 436f 6e74    [ Length: 44..Cont ]
00b0:  656e 742d 5479 7065 3a20 6170 706c 6963    [ ent-Type: applic ]
00c0:  6174 696f 6e2f 782d 7777 772d 666f 726d    [ ation/x-www-form ]
00d0:  2d75 726c 656e 636f 6465 640d 0a0d 0a      [ -urlencoded....  ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 6487
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1

I've been following multiple tutorials on the subject, all testing against DVWA and I'm always getting the same results, which tells me the latest version might contain a small issue that gives me this result.

Let me know if you need anything else from me.

PatDal81 commented 9 years ago

After further investigations, I've found that the client seem to timeout after those "head_no..." strings.

[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] hydra_data_ready_timed: 0, waittime: 32, conwait: 0, socket: 5
[DEBUG] RECV [pid:7834] (0 bytes):
DEBUG: no response from server
DEBUG_DISCONNECT
[DEBUG] head_no[0] to target_no 0 active 1
[DEBUG] head_no[0] read N
[STATUS] attack finished for 192.168.88.129 (waiting for children to complete tests)
[DEBUG] head_no 0, kill 1, fail 0
[DEBUG] all targets done and all heads finished
[DEBUG] while loop left with 1
[DEBUG] killing all remaining children now that might be stuck
1 of 1 target completed, 0 valid passwords found

Could this be the issue? What is it waiting at this step exactly? (the "DEBUG: no response from server" line)

I have been following the stream using BURP and I can see that usually, after the "GET /dvwa/index.php", the server responds with a "HTTP/1.1 200 OK" and then sends the DVWA Home page. From my point of view, it seem like hydra is timing out waiting for the webserver response but I can see from other requests (BURP, for instance), that the webserver does sent the right response. Maybe there is something wrong with the way Hydra handles the requests/responses in that particular case?

vanhauser-thc commented 9 years ago

no, the issue is that you have not set hydra correctly.

use this:

hydra -l admin -p password 192.168.88.129 http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:S=Location: index.php"

PatDal81 commented 9 years ago

I know that this method will work but it demands that you know the exact behavior of a successful login. Without analyzing a successful login, there is no way to know that the page will redirect to "index.php" in that particular case. This is more a workaround than anything else where you know the default behavior.

Is the timeout from hydra in my last post a normal behavior? The response from the server should contain the parts needed from hydra to confirm a successful login and I don't understand why hydra timeout at that phase.

vanhauser-thc commented 9 years ago

Hi, your snippit is too short to say if there is a timeout issue. always, always post full output, although it might be gigantic.

vanhauser-thc commented 9 years ago

please post a full output, otherwise I will cose the issue

PatDal81 commented 9 years ago

This is pretty much all the output there is. The rest is just the last line being repeated over and over again.

I don't know what else to do to help you finding the issue. Let me know if I can give you any other kind of input.

On Apr 4, 2015, at 13:31, van Hauser notifications@github.com wrote:

please post a full output, otherwise I will cose the issue

— Reply to this email directly or view it on GitHub.

einar-lanfranco commented 9 years ago

Hello, i have the same problem, it seems like if it keep redirecting and redirecting to index.php

$ cat /tmp/pp.txt pepe password

If i use: $./hydra -v -d -V -F -l admin -P /tmp/pp.txt -t 1 -m "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed" 192.168.200.101 http-post-form

[DEBUG] Ouput color flag is 0 Hydra (http://www.thc.org/thc-hydra) starting at 2015-06-02 12:27:13 [DEBUG] cmdline: ./hydra -v -d -V -F -l admin -P /tmp/pp.txt -t 1 -m /dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed 192.168.200.101 http-post-form [DATA] max 1 task per 1 server, overall 64 tasks, 2 login tries (l:1/p:2), ~0 tries per task [DATA] attacking service http-post-form on port 80 [VERBOSE] Resolving addresses ... [DEBUG] resolving 192.168.200.101 done [DEBUG] Code: attack Time: 1433258843 [DEBUG] Options: mode 1 ssl 0 restore 0 showAttempt 1 tasks 1 max_use 64 tnp 0 tpsal 0 tprl 0 exit_found 2 miscptr /dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:Login failed service http-post-form [DEBUG] Brains: active 0 targets 1 finished 0 todo_all 2 todo 2 sent 0 found 0 countlogin 1 sizelogin 6 countpass 2 sizepass 15 [DEBUG] Target 0 - target 192.168.200.101 ip 192.168.200.101 login_no 0 pass_no 0 sent 0 pass_state 0 use_count 0 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr pepe [DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 1 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 2 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 3 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 4 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 5 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 6 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 7 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 8 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 9 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 10 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 11 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 12 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 13 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 14 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 15 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 16 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 17 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 18 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 19 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 20 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 21 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 22 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 23 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 24 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 25 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 26 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 27 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 28 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 29 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 30 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 31 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 32 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 33 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 34 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 35 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 36 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 37 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 38 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 39 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 40 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 41 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 42 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 43 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 44 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 45 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 46 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 47 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 48 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 49 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 50 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 51 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 52 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 53 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 54 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 55 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 56 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 57 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 58 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 59 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 60 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 61 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 62 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 63 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] head_no[0] to target_no 0 active 0 [DEBUG] child 0 got target 0 selected [DEBUG] child 0 spawned for target 0 with pid 7364 [DEBUG] head_no[1] to target_no 0 active 0 [DEBUG] child 1 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 1, kill 0, fail 3 [DEBUG] head_no[2] to target_no 0 active 0 [DEBUG] child 2 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 2, kill 0, fail 3 [DEBUG] head_no[3] to target_no 0 active 0 [DEBUG] child 3 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 3, kill 0, fail 3 [DEBUG] head_no[4] to target_no 0 active 0 [DEBUG] head_no 0 has pid 7364 [DEBUG] child 4 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 4, kill 0, fail 3 [DEBUG] head_no[5] to target_no 0 active 0 [DEBUG] child 5 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 5, kill 0, fail 3 [DEBUG] head_no[6] to target_no 0 active 0 [DEBUG] child 6 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 6, kill 0, fail 3 [DEBUG] head_no[7] to target_no 0 active 0 [DEBUG] child 7 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 7, kill 0, fail 3 [DEBUG] head_no[8] to target_no 0 active 0 [DEBUG] child 8 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 8, kill 0, fail 3 [DEBUG] head_no[9] to target_no 0 active 0 [DEBUG] child 9 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 9, kill 0, fail 3 [DEBUG] head_no[10] to target_no 0 active 0 [DEBUG] child 10 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 10, kill 0, fail 3 [DEBUG] head_no[11] to target_no 0 active 0 [DEBUG] child 11 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 11, kill 0, fail 3 [DEBUG] head_no[12] to target_no 0 active 0 [DEBUG] child 12 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 12, kill 0, fail 3 [DEBUG] head_no[13] to target_no 0 active 0 [DEBUG] child 13 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 13, kill 0, fail 3 [DEBUG] head_no[14] to target_no 0 active 0 [DEBUG] child 14 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 14, kill 0, fail 3 [DEBUG] head_no[15] to target_no 0 active 0 [DEBUG] child 15 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 15, kill 0, fail 3 [DEBUG] head_no[16] to target_no 0 active 0 [DEBUG] child 16 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 16, kill 0, fail 3 [DEBUG] head_no[17] to target_no 0 active 0 [DEBUG] child 17 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 17, kill 0, fail 3 [DEBUG] head_no[18] to target_no 0 active 0 [DEBUG] child 18 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 18, kill 0, fail 3 [DEBUG] head_no[19] to target_no 0 active 0 [DEBUG] child 19 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 19, kill 0, fail 3 [DEBUG] head_no[20] to target_no 0 active 0 [DEBUG] child 20 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 20, kill 0, fail 3 [DEBUG] head_no[21] to target_no 0 active 0 [DEBUG] child 21 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 21, kill 0, fail 3 [DEBUG] head_no[22] to target_no 0 active 0 [DEBUG] child 22 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 22, kill 0, fail 3 [DEBUG] head_no[23] to target_no 0 active 0 [DEBUG] child 23 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 23, kill 0, fail 3 [DEBUG] head_no[24] to target_no 0 active 0 [DEBUG] child 24 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 24, kill 0, fail 3 [DEBUG] head_no[25] to target_no 0 active 0 [DEBUG] child 25 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 25, kill 0, fail 3 [DEBUG] head_no[26] to target_no 0 active 0 [DEBUG] child 26 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 26, kill 0, fail 3 [DEBUG] head_no[27] to target_no 0 active 0 [DEBUG] child 27 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 27, kill 0, fail 3 [DEBUG] head_no[28] to target_no 0 active 0 [DEBUG] child 28 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 28, kill 0, fail 3 [DEBUG] head_no[29] to target_no 0 active 0 [DEBUG] child 29 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 29, kill 0, fail 3 [DEBUG] head_no[30] to target_no 0 active 0 [DEBUG] child 30 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 30, kill 0, fail 3 [DEBUG] head_no[31] to target_no 0 active 0 [DEBUG] child 31 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 31, kill 0, fail 3 [DEBUG] head_no[32] to target_no 0 active 0 [DEBUG] child 32 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 32, kill 0, fail 3 [DEBUG] head_no[33] to target_no 0 active 0 [DEBUG] child 33 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 33, kill 0, fail 3 DEBUG_CONNECT_OK[DEBUG] head_no[34] to target_no 0 active 0

[DEBUG] child 34 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 34, kill 0, fail 3 [DEBUG] head_no[35] to target_no 0 active 0 [DEBUG] child 35 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 35, kill 0, fail 3 [DEBUG] head_no[36] to target_no 0 active 0 [DEBUG] child 36 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 36, kill 0, fail 3 [DEBUG] head_no[37] to target_no 0 active 0 [DEBUG] child 37 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 37, kill 0, fail 3 [DEBUG] head_no[38] to target_no 0 active 0 [DEBUG] child 38 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 38, kill 0, fail 3 [DEBUG] head_no[39] to target_no 0 active 0 [DEBUG] child 39 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 39, kill 0, fail 3 [DEBUG] head_no[40] to target_no 0 active 0 [DEBUG] child 40 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 40, kill 0, fail 3 [DEBUG] head_no[41] to target_no 0 active 0 [DEBUG] child 41 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 41, kill 0, fail 3 [DEBUG] head_no[42] to target_no 0 active 0 [DEBUG] child 42 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 42, kill 0, fail 3 [DEBUG] head_no[43] to target_no 0 active 0 [DEBUG] child 43 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 43, kill 0, fail 3 [DEBUG] head_no[44] to target_no 0 active 0 [DEBUG] child 44 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 44, kill 0, fail 3 [DEBUG] head_no[45] to target_no 0 active 0 [DEBUG] child 45 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 45, kill 0, fail 3 [DEBUG] head_no[46] to target_no 0 active 0 [DEBUG] child 46 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 46, kill 0, fail 3 [DEBUG] head_no[47] to target_no 0 active 0 [DEBUG] child 47 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 47, kill 0, fail 3 [DEBUG] head_no[48] to target_no 0 active 0 [DEBUG] child 48 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 48, kill 0, fail 3 [DEBUG] head_no[49] to target_no 0 active 0 [DEBUG] child 49 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 49, kill 0, fail 3 [DEBUG] head_no[50] to target_no 0 active 0 [DEBUG] child 50 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 50, kill 0, fail 3 [DEBUG] head_no[51] to target_no 0 active 0 [DEBUG] child 51 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 51, kill 0, fail 3 [DEBUG] head_no[52] to target_no 0 active 0 [DEBUG] child 52 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 52, kill 0, fail 3 [DEBUG] head_no[53] to target_no 0 active 0 [DEBUG] child 53 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 53, kill 0, fail 3 [DEBUG] head_no[54] to target_no 0 active 0 [DEBUG] child 54 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 54, kill 0, fail 3 [DEBUG] head_no[55] to target_no 0 active 0 [DEBUG] child 55 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 55, kill 0, fail 3 [DEBUG] head_no[56] to target_no 0 active 0 [DEBUG] child 56 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 56, kill 0, fail 3 [DEBUG] head_no[57] to target_no 0 active 0 [DEBUG] child 57 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 57, kill 0, fail 3 [DEBUG] head_no[58] to target_no 0 active 0 [DEBUG] child 58 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 58, kill 0, fail 3 [DEBUG] head_no[59] to target_no 0 active 0 [DEBUG] child 59 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 59, kill 0, fail 3 [DEBUG] head_no[60] to target_no 0 active 0 [DEBUG] child 60 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 60, kill 0, fail 3 [DEBUG] head_no[61] to target_no 0 active 0 [DEBUG] child 61 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 61, kill 0, fail 3 [DEBUG] head_no[62] to target_no 0 active 0 [DEBUG] child 62 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 62, kill 0, fail 3 [DEBUG] head_no[63] to target_no 0 active 0 [DEBUG] child 63 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 63, kill 0, fail 3 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] read n [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass pepe, logincnt 0/1, passcnt 0/2, loop_cnt 1 [DEBUG] send_next_pair_mid done 1, pass_state 3, clogin admin, cpass pepe, tlogin admin, tpass password, redo 0 [ATTEMPT] target 192.168.200.101 - login "admin" - pass "pepe" - 1 of 2 [child 0] [DEBUG] SEND [pid:7364](88 bytes): 0000: 4745 5420 2f64 7677 612f 6c6f 6769 6e2e [ GET /dvwa/login. ] 0010: 7068 7020 4854 5450 2f31 2e30 0d0a 486f [ php HTTP/1.0..Ho ] 0020: 7374 3a20 3139 322e 3136 382e 3230 302e [ st: 192.168.200. ] 0030: 3130 310d 0a55 7365 722d 4167 656e 743a [ 101..User-Agent: ] 0040: 204d 6f7a 696c 6c61 2f35 2e30 2028 4879 [ Mozilla/5.0 (Hy ] 0050: 6472 6129 0d0a 0d0a [ dra).... ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 6, pid: 7364 [DEBUG] RECV [pid:7364](1635 bytes): 0000: 4854 5450 2f31 2e31 2032 3030 204f 4b0d [ HTTP/1.1 200 OK. ] 0010: 0a44 6174 653a 2054 7565 2c20 3032 204a [ .Date: Tue, 02 J ] 0020: 756e 2032 3031 3520 3135 3a32 373a 3231 [ un 2015 15:27:21 ] 0030: 2047 4d54 0d0a 5365 7276 6572 3a20 4170 [ GMT..Server: Ap ] 0040: 6163 6865 2f32 2e32 2e32 3220 2844 6562 [ ache/2.2.22 (Deb ] 0050: 6961 6e29 0d0a 582d 506f 7765 7265 642d [ ian)..X-Powered- ] 0060: 4279 3a20 5048 502f 352e 342e 3339 2d30 [ By: PHP/5.4.39-0 ] 0070: 2b64 6562 3775 320d 0a53 6574 2d43 6f6f [ +deb7u2..Set-Coo ] 0080: 6b69 653a 2050 4850 5345 5353 4944 3d35 [ kie: PHPSESSID=5 ] 0090: 6967 646b 3173 636f 3967 316a 6262 3138 [ igdk1sco9g1jbb18 ] 00a0: 3069 3961 6635 6a69 313b 2070 6174 683d [ 0i9af5ji1; path= ] 00b0: 2f0d 0a45 7870 6972 6573 3a20 5475 652c [ /..Expires: Tue, ] 00c0: 2032 3320 4a75 6e20 3230 3039 2031 323a [ 23 Jun 2009 12: ] 00d0: 3030 3a30 3020 474d 540d 0a43 6163 6865 [ 00:00 GMT..Cache ] 00e0: 2d43 6f6e 7472 6f6c 3a20 6e6f 2d63 6163 [ -Control: no-cac ] 00f0: 6865 2c20 6d75 7374 2d72 6576 616c 6964 [ he, must-revalid ] 0100: 6174 650d 0a50 7261 676d 613a 206e 6f2d [ ate..Pragma: no- ] 0110: 6361 6368 650d 0a53 6574 2d43 6f6f 6b69 [ cache..Set-Cooki ] 0120: 653a 2073 6563 7572 6974 793d 6869 6768 [ e: security=high ] 0130: 0d0a 5661 7279 3a20 4163 6365 7074 2d45 [ ..Vary: Accept-E ] 0140: 6e63 6f64 696e 670d 0a43 6f6e 7465 6e74 [ ncoding..Content ] 0150: 2d4c 656e 6774 683a 2031 3232 340d 0a43 [ -Length: 1224..C ] 0160: 6f6e 6e65 6374 696f 6e3a 2063 6c6f 7365 [ onnection: close ] 0170: 0d0a 436f 6e74 656e 742d 5479 7065 3a20 [ ..Content-Type: ] 0180: 7465 7874 2f68 746d 6c3b 6368 6172 7365 [ text/html;charse ] 0190: 743d 7574 662d 380d 0a0d 0a0d 0a0d 0a3c [ t=utf-8........< ] 01a0: 2144 4f43 5459 5045 2068 746d 6c20 5055 [ !DOCTYPE html PU ] 01b0: 424c 4943 2022 2d2f 2f57 3343 2f2f 4454 [ BLIC "-//W3C//DT ] 01c0: 4420 5848 544d 4c20 312e 3020 5374 7269 [ D XHTML 1.0 Stri ] 01d0: 6374 2f2f 454e 2220 2268 7474 703a 2f2f [ ct//EN" "http:// ] 01e0: 7777 772e 7733 2e6f 7267 2f54 522f 7868 [ www.w3.org/TR/xh ] 01f0: 746d 6c31 2f44 5444 2f78 6874 6d6c 312d [ tml1/DTD/xhtml1- ] 0200: 7374 7269 6374 2e64 7464 223e 0d0a 0d0a [ strict.dtd">.... ] 0210: 3c68 746d 6c20 786d 6c6e 733d 2268 7474 [ ..... ] 0240: 3c68 6561 643e 0d0a 0d0a 0909 3c6d 6574 [ ......<met ] 0250: 6120 6874 7470 2d65 7175 6976 3d22 436f [ a http-equiv="Co ] 0260: 6e74 656e 742d 5479 7065 2220 636f 6e74 [ ntent-Type" cont ] 0270: 656e 743d 2274 6578 742f 6874 6d6c 3b20 [ ent="text/html; ] 0280: 6368 6172 7365 743d 5554 462d 3822 202f [ charset=UTF-8" / ] 0290: 3e0d 0a0d 0a09 093c 7469 746c 653e 4461 [ >......Da ] 02a0: 6d6e 2056 756c 6e65 7261 626c 6520 5765 [ mn Vulnerable We ] 02b0: 6220 4170 7020 2844 5657 4129 202d 204c [ b App (DVWA) - L ] 02c0: 6f67 696e 3c2f 7469 746c 653e 0d0a 0d0a [ ogin.... ] 02d0: 0909 3c6c 696e 6b20 7265 6c3d 2273 7479 [ .......</head ] 0320: 3e0d 0a0d 0a09 3c62 6f64 793e 0d0a 0d0a [ >......... ] 0330: 093c 6469 7620 616c 6967 6e3d 2263 656e [ .

......<br / ] 0350: 3e0d 0a0d 0a09 3c70 3e3c 696d 6720 7372 [ >.....

.....
] 0390: 0d0a 090d 0a09 3c66 6f72 6d20 6163 7469 [ ......<form acti ] 03a0: 6f6e 3d22 6c6f 6769 6e2e 7068 7022 206d [ on="login.php" m ] 03b0: 6574 686f 643d 2270 6f73 7422 3e0d 0a09 [ ethod="post">... ] 03c0: 0d0a 093c 6669 656c 6473 6574 3e0d 0a0d [ ...

... ] 03d0: 0a09 0909 3c6c 6162 656c 2066 6f72 3d22 [ ....Username</ ] 03f0: 6c61 6265 6c3e 203c 696e 7075 7420 7479 [ label> <input ty ] 0400: 7065 3d22 7465 7874 2220 636c 6173 733d [ pe="text" class= ] 0410: 226c 6f67 696e 496e 7075 7422 2073 697a [ "loginInput" siz ] 0420: 653d 2232 3022 206e 616d 653d 2275 7365 [ e="20" name="use ] 0430: 726e 616d 6522 3e3c 6272 202f 3e0d 0a09 [ rname">
... ] 0440: 0d0a 0909 090d 0a09 0909 3c6c 6162 656c [ ..........<label ] 0450: 2066 6f72 3d22 7061 7373 223e 5061 7373 [ for="pass">Pass ] 0460: 776f 7264 3c2f 6c61 6265 6c3e 203c 696e [ word <in ] 0470: 7075 7420 7479 7065 3d22 7061 7373 776f [ put type="passwo ] 0480: 7264 2220 636c 6173 733d 226c 6f67 696e [ rd" class="login ] 0490: 496e 7075 7422 2041 5554 4f43 4f4d 504c [ Input" AUTOCOMPL ] 04a0: 4554 453d 226f 6666 2220 7369 7a65 3d22 [ ETE="off" size=" ] 04b0: 3230 2220 6e61 6d65 3d22 7061 7373 776f [ 20" name="passwo ] 04c0: 7264 223e 3c62 7220 2f3e 0d0a 0909 090d [ rd">
...... ] 04d0: 0a09 0909 0d0a 0909 093c 7020 636c 6173 [ .........<p clas ] 04e0: 733d 2273 7562 6d69 7422 3e3c 696e 7075 [ s="submit"><inpu ] 04f0: 7420 7479 7065 3d22 7375 626d 6974 2220 [ t type="submit" ] 0500: 7661 6c75 653d 224c 6f67 696e 2220 6e61 [ value="Login" na ] 0510: 6d65 3d22 4c6f 6769 6e22 3e3c 2f70 3e0d [ me="Login">

. ] 0520: 0a0d 0a09 3c2f 6669 656c 6473 6574 3e0d [ ....

. ] 0530: 0a0d 0a09 3c2f 666f 726d 3e0d 0a0d 0a09 [ ......... ] 0540: 0d0a 093c 6272 202f 3e0d 0a0d 0a09 0d0a [ ...
....... ] 0550: 0d0a 093c 6272 202f 3e0d 0a09 3c62 7220 [ ...
...<br ] 0560: 2f3e 0d0a 093c 6272 202f 3e0d 0a09 3c62 [ />...
...<b ] 0570: 7220 2f3e 0d0a 093c 6272 202f 3e0d 0a09 [ r />...
... ] 0580: 3c62 7220 2f3e 0d0a 093c 6272 202f 3e0d [
...
. ] 0590: 0a09 3c62 7220 2f3e 090d 0a0d 0a09 3c21 [ ..
......<! ] 05a0: 2d2d 203c 696d 6720 7372 633d 2264 7677 [ --

--> ] 05d0: 0d0a 090d 0a09 3c70 3e44 616d 6e20 5675 [ ......

Damn Vu ] 05e0: 6c6e 6572 6162 6c65 2057 6562 2041 7070 [ lnerable Web App ] 05f0: 6c69 6361 7469 6f6e 2028 4456 5741 2920 [ lication (DVWA) ] 0600: 6973 2061 2052 616e 646f 6d53 746f 726d [ is a RandomStorm ] 0610: 204f 7065 6e53 6f75 7263 6520 7072 6f6a [ OpenSource proj ] 0620: 6563 743c 2f70 3e0d 0a09 0d0a 093c 2f64 [ ect

......</d ] 0630: 6976 3e20 3c21 2d2d 2065 6e64 2061 6c69 [ iv> .....< ] 0650: 2f62 6f64 793e 0d0a 0d0a 3c2f 6874 6d6c [ /body>....</html ] 0660: 3e0d 0a [ >.. ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 6, pid: 7364 [DEBUG] RECV [pid:7364](0 bytes): DEBUG_DISCONNECT DEBUG_CONNECT_OK [DEBUG] SEND [pid:7364](259 bytes): 0000: 504f 5354 202f 6476 7761 2f6c 6f67 696e [ POST /dvwa/login ] 0010: 2e70 6870 2048 5454 502f 312e 300d 0a48 [ .php HTTP/1.0..H ] 0020: 6f73 743a 2031 3932 2e31 3638 2e32 3030 [ ost: 192.168.200 ] 0030: 2e31 3031 0d0a 5573 6572 2d41 6765 6e74 [ .101..User-Agent ] 0040: 3a20 4d6f 7a69 6c6c 612f 352e 3020 2848 [ : Mozilla/5.0 (H ] 0050: 7964 7261 290d 0a43 6f6e 7465 6e74 2d4c [ ydra)..Content-L ] 0060: 656e 6774 683a 2034 300d 0a43 6f6e 7465 [ ength: 40..Conte ] 0070: 6e74 2d54 7970 653a 2061 7070 6c69 6361 [ nt-Type: applica ] 0080: 7469 6f6e 2f78 2d77 7777 2d66 6f72 6d2d [ tion/x-www-form- ] 0090: 7572 6c65 6e63 6f64 6564 0d0a 436f 6f6b [ urlencoded..Cook ] 00a0: 6965 3a20 5048 5053 4553 5349 443d 3569 [ ie: PHPSESSID=5i ] 00b0: 6764 6b31 7363 6f39 6731 6a62 6231 3830 [ gdk1sco9g1jbb180 ] 00c0: 6939 6166 356a 6931 3b20 7365 6375 7269 [ i9af5ji1; securi ] 00d0: 7479 3d68 6967 680d 0a0d 0a75 7365 726e [ ty=high....usern ] 00e0: 616d 653d 6164 6d69 6e26 7061 7373 776f [ ame=admin&passwo ] 00f0: 7264 3d70 6570 6526 4c6f 6769 6e3d 4c6f [ rd=pepe&Login=Lo ] 0100: 6769 6e [ gin ] HTTP request sent:[0A]POST /dvwa/login.php HTTP/1.0[0D][0A]Host: 192.168.200.101[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 40[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A]Cookie: PHPSESSID=5igdk1sco9g1jbb180i9af5ji1; security=high[0D][0A][0D][0A]username=admin&password=pepe&Login=Login[0A] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 6, pid: 7364 [DEBUG] RECV [pid:7364](370 bytes): 0000: 4854 5450 2f31 2e31 2033 3032 2046 6f75 [ HTTP/1.1 302 Fou ] 0010: 6e64 0d0a 4461 7465 3a20 5475 652c 2030 [ nd..Date: Tue, 0 ] 0020: 3220 4a75 6e20 3230 3135 2031 353a 3237 [ 2 Jun 2015 15:27 ] 0030: 3a32 3120 474d 540d 0a53 6572 7665 723a [ :21 GMT..Server: ] 0040: 2041 7061 6368 652f 322e 322e 3232 2028 [ Apache/2.2.22 ( ] 0050: 4465 6269 616e 290d 0a58 2d50 6f77 6572 [ Debian)..X-Power ] 0060: 6564 2d42 793a 2050 4850 2f35 2e34 2e33 [ ed-By: PHP/5.4.3 ] 0070: 392d 302b 6465 6237 7532 0d0a 4578 7069 [ 9-0+deb7u2..Expi ] 0080: 7265 733a 2054 6875 2c20 3139 204e 6f76 [ res: Thu, 19 Nov ] 0090: 2031 3938 3120 3038 3a35 323a 3030 2047 [ 1981 08:52:00 G ] 00a0: 4d54 0d0a 4361 6368 652d 436f 6e74 726f [ MT..Cache-Contro ] 00b0: 6c3a 206e 6f2d 7374 6f72 652c 206e 6f2d [ l: no-store, no- ] 00c0: 6361 6368 652c 206d 7573 742d 7265 7661 [ cache, must-reva ] 00d0: 6c69 6461 7465 2c20 706f 7374 2d63 6865 [ lidate, post-che ] 00e0: 636b 3d30 2c20 7072 652d 6368 6563 6b3d [ ck=0, pre-check= ] 00f0: 300d 0a50 7261 676d 613a 206e 6f2d 6361 [ 0..Pragma: no-ca ] 0100: 6368 650d 0a4c 6f63 6174 696f 6e3a 206c [ che..Location: l ] 0110: 6f67 696e 2e70 6870 0d0a 5661 7279 3a20 [ ogin.php..Vary: ] 0120: 4163 6365 7074 2d45 6e63 6f64 696e 670d [ Accept-Encoding. ] 0130: 0a43 6f6e 7465 6e74 2d4c 656e 6774 683a [ .Content-Length: ] 0140: 2030 0d0a 436f 6e6e 6563 7469 6f6e 3a20 [ 0..Connection: ] 0150: 636c 6f73 650d 0a43 6f6e 7465 6e74 2d54 [ close..Content-T ] 0160: 7970 653a 2074 6578 742f 6874 6d6c 0d0a [ ype: text/html.. ] 0170: 0d0a [ .. ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 6, pid: 7364 [DEBUG] RECV [pid:7364](0 bytes): [DEBUG] attempt result: found 0, redirect 1, location: login.php DEBUG_DISCONNECT DEBUG_CONNECT_OK [DEBUG] SEND [pid:7364](218 bytes): 0000: 4745 5420 2f64 7677 612f 6c6f 6769 6e2e [ GET /dvwa/login. ] 0010: 7068 7020 4854 5450 2f31 2e30 0d0a 486f [ php HTTP/1.0..Ho ] 0020: 7374 3a20 3139 322e 3136 382e 3230 302e [ st: 192.168.200. ] 0030: 3130 310d 0a55 7365 722d 4167 656e 743a [ 101..User-Agent: ] 0040: 204d 6f7a 696c 6c61 2f35 2e30 2028 4879 [ Mozilla/5.0 (Hy ] 0050: 6472 6129 0d0a 436f 6e74 656e 742d 4c65 [ dra)..Content-Le ] 0060: 6e67 7468 3a20 3430 0d0a 436f 6e74 656e [ ngth: 40..Conten ] 0070: 742d 5479 7065 3a20 6170 706c 6963 6174 [ t-Type: applicat ] 0080: 696f 6e2f 782d 7777 772d 666f 726d 2d75 [ ion/x-www-form-u ] 0090: 726c 656e 636f 6465 640d 0a43 6f6f 6b69 [ rlencoded..Cooki ] 00a0: 653a 2050 4850 5345 5353 4944 3d35 6967 [ e: PHPSESSID=5ig ] 00b0: 646b 3173 636f 3967 316a 6262 3138 3069 [ dk1sco9g1jbb180i ] 00c0: 3961 6635 6a69 313b 2073 6563 7572 6974 [ 9af5ji1; securit ] 00d0: 793d 6869 6768 0d0a 0d0a [ y=high.... ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 6, pid: 7364 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] to targetno 0 active 1 [DEBUG] RECV [pid:7364](1589 bytes): 0000: 4854 5450 2f31 2e31 2032 3030 204f 4b0d [ HTTP/1.1 200 OK. ] 0010: 0a44 6174 653a 2054 7565 2c20 3032 204a [ .Date: Tue, 02 J ] 0020: 756e 2032 3031 3520 3135 3a32 373a 3231 [ un 2015 15:27:21 ] 0030: 2047 4d54 0d0a 5365 7276 6572 3a20 4170 [ GMT..Server: Ap ] 0040: 6163 6865 2f32 2e32 2e32 3220 2844 6562 [ ache/2.2.22 (Deb ] 0050: 6961 6e29 0d0a 582d 506f 7765 7265 642d [ ian)..X-Powered- ] 0060: 4279 3a20 5048 502f 352e 342e 3339 2d30 [ By: PHP/5.4.39-0 ] 0070: 2b64 6562 3775 320d 0a45 7870 6972 6573 [ +deb7u2..Expires ] 0080: 3a20 5475 652c 2032 3320 4a75 6e20 3230 [ : Tue, 23 Jun 20 ] 0090: 3039 2031 323a 3030 3a30 3020 474d 540d [ 09 12:00:00 GMT. ] 00a0: 0a43 6163 6865 2d43 6f6e 7472 6f6c 3a20 [ .Cache-Control: ] 00b0: 6e6f 2d63 6163 6865 2c20 6d75 7374 2d72 [ no-cache, must-r ] 00c0: 6576 616c 6964 6174 650d 0a50 7261 676d [ evalidate..Pragm ] 00d0: 613a 206e 6f2d 6361 6368 650d 0a56 6172 [ a: no-cache..Var ] 00e0: 793a 2041 6363 6570 742d 456e 636f 6469 [ y: Accept-Encodi ] 00f0: 6e67 0d0a 436f 6e74 656e 742d 4c65 6e67 [ ng..Content-Leng ] 0100: 7468 3a20 3132 3633 0d0a 436f 6e6e 6563 [ th: 1263..Connec ] 0110: 7469 6f6e 3a20 636c 6f73 650d 0a43 6f6e [ tion: close..Con ] 0120: 7465 6e74 2d54 7970 653a 2074 6578 742f [ tent-Type: text/ ] 0130: 6874 6d6c 3b63 6861 7273 6574 3d75 7466 [ html;charset=utf ] 0140: 2d38 0d0a 0d0a 0d0a 0d0a 3c21 444f 4354 [ -8........<!DOCT ] 0150: 5950 4520 6874 6d6c 2050 5542 4c49 4320 [ YPE html PUBLIC ] 0160: 222d 2f2f 5733 432f 2f44 5444 2058 4854 [ "-//W3C//DTD XHT ] 0170: 4d4c 2031 2e30 2053 7472 6963 742f 2f45 [ ML 1.0 Strict//E ] 0180: 4e22 2022 6874 7470 3a2f 2f77 7777 2e77 [ N" "http://www.w ] 0190: 332e 6f72 672f 5452 2f78 6874 6d6c 312f [ 3.org/TR/xhtml1/ ] 01a0: 4454 442f 7868 746d 6c31 2d73 7472 6963 [ DTD/xhtml1-stric ] 01b0: 742e 6474 6422 3e0d 0a0d 0a3c 6874 6d6c [ t.dtd">....<html ] 01c0: 2078 6d6c 6e73 3d22 6874 7470 3a2f 2f77 [ xmlns="http://w ] 01d0: 7777 2e77 332e 6f72 672f 3139 3939 2f78 [ ww.w3.org/1999/x ] 01e0: 6874 6d6c 223e 0d0a 0d0a 093c 6865 6164 [ html">.....<head ] 01f0: 3e0d 0a0d 0a09 093c 6d65 7461 2068 7474 [ >......<meta htt ] 0200: 702d 6571 7569 763d 2243 6f6e 7465 6e74 [ p-equiv="Content ] 0210: 2d54 7970 6522 2063 6f6e 7465 6e74 3d22 [ -Type" content=" ] 0220: 7465 7874 2f68 746d 6c3b 2063 6861 7273 [ text/html; chars ] 0230: 6574 3d55 5446 2d38 2220 2f3e 0d0a 0d0a [ et=UTF-8" />.... ] 0240: 0909 3c74 6974 6c65 3e44 616d 6e20 5675 [ ..Damn Vu ] 0250: 6c6e 6572 6162 6c65 2057 6562 2041 7070 [ lnerable Web App ] 0260: 2028 4456 5741 2920 2d20 4c6f 6769 6e3c [ (DVWA) - Login< ] 0270: 2f74 6974 6c65 3e0d 0a0d 0a09 093c 6c69 [ /title>......<li ] 0280: 6e6b 2072 656c 3d22 7374 796c 6573 6865 [ nk rel="styleshe ] 0290: 6574 2220 7479 7065 3d22 7465 7874 2f63 [ et" type="text/c ] 02a0: 7373 2220 6872 6566 3d22 6476 7761 2f63 [ ss" href="dvwa/c ] 02b0: 7373 2f6c 6f67 696e 2e63 7373 2220 2f3e [ ss/login.css" /> ] 02c0: 0d0a 0d0a 093c 2f68 6561 643e 0d0a 0d0a [ .....</head>.... ] 02d0: 093c 626f 6479 3e0d 0a0d 0a09 3c64 6976 [ .<body>.....<div ] 02e0: 2061 6c69 676e 3d22 6365 6e74 6572 223e [ align="center"> ] 02f0: 0d0a 090d 0a09 3c62 7220 2f3e 0d0a 0d0a [ ......<br />.... ] 0300: 093c 703e 3c69 6d67 2073 7263 3d22 6476 [ .<p><img src="dv ] 0310: 7761 2f69 6d61 6765 732f 6c6f 6769 6e5f [ wa/images/login</em> ] 0320: 6c6f 676f 2e70 6e67 2220 2f3e 3c2f 703e [ logo.png" /></p> ] 0330: 0d0a 0d0a 093c 6272 202f 3e0d 0a09 0d0a [ .....<br />..... ] 0340: 093c 666f 726d 2061 6374 696f 6e3d 226c [ .<form action="l ] 0350: 6f67 696e 2e70 6870 2220 6d65 7468 6f64 [ ogin.php" method ] 0360: 3d22 706f 7374 223e 0d0a 090d 0a09 3c66 [ ="post">......<f ] 0370: 6965 6c64 7365 743e 0d0a 0d0a 0909 093c [ ieldset>.......< ] 0380: 6c61 6265 6c20 666f 723d 2275 7365 7222 [ label for="user" ] 0390: 3e55 7365 726e 616d 653c 2f6c 6162 656c [ >Username</label ] 03a0: 3e20 3c69 6e70 7574 2074 7970 653d 2274 [ > <input type="t ] 03b0: 6578 7422 2063 6c61 7373 3d22 6c6f 6769 [ ext" class="logi ] 03c0: 6e49 6e70 7574 2220 7369 7a65 3d22 3230 [ nInput" size="20 ] 03d0: 2220 6e61 6d65 3d22 7573 6572 6e61 6d65 [ " name="username ] 03e0: 223e 3c62 7220 2f3e 0d0a 090d 0a09 0909 [ "><br />........ ] 03f0: 0d0a 0909 093c 6c61 6265 6c20 666f 723d [ .....<label for= ] 0400: 2270 6173 7322 3e50 6173 7377 6f72 643c [ "pass">Password< ] 0410: 2f6c 6162 656c 3e20 3c69 6e70 7574 2074 [ /label> <input t ] 0420: 7970 653d 2270 6173 7377 6f72 6422 2063 [ ype="password" c ] 0430: 6c61 7373 3d22 6c6f 6769 6e49 6e70 7574 [ lass="loginInput ] 0440: 2220 4155 544f 434f 4d50 4c45 5445 3d22 [ " AUTOCOMPLETE=" ] 0450: 6f66 6622 2073 697a 653d 2232 3022 206e [ off" size="20" n ] 0460: 616d 653d 2270 6173 7377 6f72 6422 3e3c [ ame="password">< ] 0470: 6272 202f 3e0d 0a09 0909 0d0a 0909 090d [ br />........... ] 0480: 0a09 0909 3c70 2063 6c61 7373 3d22 7375 [ ....<p class="su ] 0490: 626d 6974 223e 3c69 6e70 7574 2074 7970 [ bmit"><input typ ] 04a0: 653d 2273 7562 6d69 7422 2076 616c 7565 [ e="submit" value ] 04b0: 3d22 4c6f 6769 6e22 206e 616d 653d 224c [ ="Login" name="L ] 04c0: 6f67 696e 223e 3c2f 703e 0d0a 0d0a 093c [ ogin"></p>.....< ] 04d0: 2f66 6965 6c64 7365 743e 0d0a 0d0a 093c [ /fieldset>.....< ] 04e0: 2f66 6f72 6d3e 0d0a 0d0a 090d 0a09 3c62 [ /form>........<b ] 04f0: 7220 2f3e 0d0a 0d0a 093c 6469 7620 636c [ r />.....<div cl ] 0500: 6173 733d 226d 6573 7361 6765 223e 4c6f [ ass="message">Lo ] 0510: 6769 6e20 6661 696c 6564 3c2f 6469 763e [ gin failed</div> ] 0520: 0d0a 0d0a 093c 6272 202f 3e0d 0a09 3c62 [ .....<br />...<b ] 0530: 7220 2f3e 0d0a 093c 6272 202f 3e0d 0a09 [ r />...<br />... ] 0540: 3c62 7220 2f3e 0d0a 093c 6272 202f 3e0d [ <br />...<br />. ] 0550: 0a09 3c62 7220 2f3e 0d0a 093c 6272 202f [ ..<br />...<br / ] 0560: 3e0d 0a09 3c62 7220 2f3e 090d 0a0d 0a09 [ >...<br />...... ] 0570: 3c21 2d2d 203c 696d 6720 7372 633d 2264 [ .... ] 0620: 093c 2f62 6f64 793e 0d0a 0d0a 3c2f 6874 [ .</body>....</ht ] 0630: 6d6c 3e0d 0a [ ml>.. ] [DEBUG] children crashed! (0) [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] read E [ATTEMPT-ERROR] target 192.168.200.101 - login "admin" - pass "pepe" - child 0 - 1 of 2 [DEBUG] hydra_increase_fail_count: 1 >= 3 => disable [DEBUG] head_no 0, kill 1, fail 1 [VERBOSE] Retrying connection for child 0 [DEBUG] head_no[0] to target_no 0 active 0 [DEBUG] child 0 spawned for target 0 with pid 7373 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] read n [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 3. loop_mode 0, curlogin admin, curpass pepe, tlogin admin, tpass password, logincnt 0/1, passcnt 1/2, loop_cnt 1 [COMPLETED] target 192.168.200.101 - login "admin" - pass "pepe" - child 0 - 1 of 2 [DEBUG] send_next_pair_mid done 1, pass_state 3, clogin admin, cpass pepe, tlogin admin, tpass password, redo 0 [DEBUG] send_next_pair_redo done 1, pass_state 3, clogin admin, cpass pepe, tlogin admin, tpass password, is_redo 1 [RE-ATTEMPT] target 192.168.200.101 - login "admin" - pass "pepe" - 1 of 2 [child 0] [DEBUG] head_no 0 has pid 7373 DEBUG_CONNECT_OK [DEBUG] SEND [pid:7373](88 bytes):</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/einar-lanfranco"><img src="https://avatars.githubusercontent.com/u/3857748?v=4" />einar-lanfranco</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>the debug keep going but github limit copy&paste.</p> <p>With version 8.1 i have no problem.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>can you set up the application so I can reach it? you set configure a firewall to allow just the ip 85.214.61.253 otherwise I have little chance to debug and fix the problem.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/einar-lanfranco"><img src="https://avatars.githubusercontent.com/u/3857748?v=4" />einar-lanfranco</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>Sorry, but i can't because it isn't a public vm. It is in my laptop only for use in classroom, because it is a software for teach common vulnerability in webapps and of course it is really vulnerable. If you want you can get it you can do it from <a href="http://www.dvwa.co.uk/">http://www.dvwa.co.uk/</a>.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/erwanlr"><img src="https://avatars.githubusercontent.com/u/1668843?v=4" />erwanlr</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>There is definitely something wrong when a password is valid and the response is a redirection in the 8.2-dev</p> <p>Command: <code>hydra -t 2 -l user -p 123456789 s34019-102113-ort.sipontum.hack.me http-form-post "/wp-login.php:log=^USER^&pwd=^PASS^:S=Location\: .*/wp-admin/"</code></p> <p>The valid account is correctly detected by the 8.1 but not the 8.2-dev</p> <p>The target is a sandbox (<a href="https://hack.me/102113/damn-vulnerable-wordpress-blog.html">https://hack.me/102113/damn-vulnerable-wordpress-blog.html</a>)</p> <p>Burp suite was used to see the requests done by each version</p> <p>Requests done by the 8.2-dev (from Debian 8), order is ASC:</p> <pre><code>GET http://s34019-102113-ort.sipontum.hack.me/wp-login.php 200 POST http://s34019-102113-ort.sipontum.hack.me/wp-login.php 302 GET http://s34019-102113-ort.sipontum.hack.me/wp-admin/profile.ph 404 GET http://s34019-102113-ort.sipontum.hack.me/wp-login.php 200 POST http://s34019-102113-ort.sipontum.hack.me/wp-login.php 302 GET http://s34019-102113-ort.sipontum.hack.me/wp-admin/profile.ph 404 GET http://s34019-102113-ort.sipontum.hack.me/wp-login.php 200 POST http://s34019-102113-ort.sipontum.hack.me/wp-login.php 302 GET http://s34019-102113-ort.sipontum.hack.me/wp-admin/profile.ph 404</code></pre> <p>(Furthermore, the 302 responses have Location: <a href="http://s34019-102113-ort.sipontum.hack.me/wp-admin/profile.php">http://s34019-102113-ort.sipontum.hack.me/wp-admin/profile.php</a>, still hydra tries to get the profile.ph)</p> <p>Requests done by the 8.1 (from Kali Linux), order is ASC:</p> <pre><code>GET http://s34019-102113-ort.sipontum.hack.me/wp-login.php 200 POST http://s34019-102113-ort.sipontum.hack.me/wp-login.php 302</code></pre> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/erwanlr"><img src="https://avatars.githubusercontent.com/u/1668843?v=4" />erwanlr</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>The incorrect location followed (profile.ph instead of profile.php) can also be reproduced in the 8.1 with the following command:</p> <pre><code>hydra -t 2 -l user -p 123456789 s34019-102113-ort.sipontum.hack.me http-form-post "/wp-login.php:log=^USER^&pwd=^PASS^:S=Location\: /wp-admin/"</code></pre> <p>Not sure if I am doing something wrong :o</p> <p>My goal is to consider the success if the response to the POST contains /wp-admin/ in the Location header. (which works in the 8.1 with S=Location: .*/wp-admin/ ).</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/haydenyoung"><img src="https://avatars.githubusercontent.com/u/936565?v=4" />haydenyoung</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@vanhauser-thc I am experiencing the same problem. It seems to be related to 302 redirects for me; I.e. if I create a small test form and I redirect after success using the header() I experience the same issue as above. Please let me know if you would like me to deploy the two php scripts I have written to replicate this problem and I will set them up on a test site for you.</p> <p>Checking my Apache logs, I can see hydra attempt to execute a POST but then it seems to stall. However, after hydra exits, I can see the redirect to my other script. I can provide you with my Apache logs as well if this helps.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@haydenyoung yes please set up a test page. I have nothing to reproduce that with so I can not debug and fix it ... so this would help to finally get this done.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/haydenyoung"><img src="https://avatars.githubusercontent.com/u/936565?v=4" />haydenyoung</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@vanhauser-thc Details emailed to your github registered email. Please let me know if you need any other information such as the apache access logs.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>special thanks to @haydenyoung for setting up a test page so I could debug it.</p> <p>I fixed it, please check out the code and test if it also works for your cases - it should but better test :)</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/haydenyoung"><img src="https://avatars.githubusercontent.com/u/936565?v=4" />haydenyoung</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@vanhauser-thc Thanks for fixing. I'll decommission the testing scripts but feel free to ping me if you need them for further testing.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/harrim4n"><img src="https://avatars.githubusercontent.com/u/711475?v=4" />harrim4n</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@vanhauser-thc I was using hydra today (8.1.8 -- the one that comes with kali). I encountered the same bug (the page was returning a 302 and the last character of the url went missing). I found this bug report and cloned the newest version from this repo, compiled it and tried it with this one, however the result was the same. I was also using http-post-form, so I have to report that this bug is sadly not fixed yet.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>@harrim4n this has to be a different issue (nobody here reported something about a character missing). please submit the full output of something like hydra -l test -p foobar -d -v (rest of parameters)</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/erwanlr"><img src="https://avatars.githubusercontent.com/u/1668843?v=4" />erwanlr</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>Yes someone did there <a href="https://github.com/vanhauser-thc/thc-hydra/issues/42#issuecomment-116278043">https://github.com/vanhauser-thc/thc-hydra/issues/42#issuecomment-116278043</a> and the comment below</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <h1>42 is not a log.</h1> <p>and I tried the command and it is working (no 404). so please checkout the current version from github and send a full output where it fails with -t 1 -d -v -V</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/harrim4n"><img src="https://avatars.githubusercontent.com/u/711475?v=4" />harrim4n</a> commented <strong> 9 years ago</strong> </div> <div class="markdown-body"> <p>Alright, I cloned the newest git version and compiled it. The error is still there, as I said. Here is the output:</p> <pre><code>% hydra -t 1 -d -v -V -l test -p test -f -s 8000 127.0.0.1 http-post-form "/login.html:username=^USER^&pass=^PASS^:S=Hello, world" :( Hydra v8.2-dev (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. [DEBUG] Ouput color flag is 1 Hydra (http://www.thc.org/thc-hydra) starting at 2015-08-02 21:17:54 [DEBUG] cmdline: hydra -t 1 -d -v -V -l test -p test -f -s 8000 127.0.0.1 http-post-form /login.html:username=^USER^&pass=^PASS^:S=Hello, world [DATA] max 1 task per 1 server, overall 64 tasks, 1 login try (l:1/p:1), ~0 tries per task [DATA] attacking service http-post-form on port 8000 [VERBOSE] Resolving addresses ... [DEBUG] resolving 127.0.0.1 done [DEBUG] Code: attack Time: 1438543074 [DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 1 tasks 1 max_use 64 tnp 0 tpsal 0 tprl 0 exit_found 1 miscptr /login.html:username=^USER^&pass=^PASS^:S=Hello, world service http-post-form [DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5 [DEBUG] Target 0 - target 127.0.0.1 ip 127.0.0.1 login_no 0 pass_no 0 sent 0 pass_state 0 use_count 0 failed 0 done 0 fail_count 0 login_ptr test pass_ptr test [DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 1 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 2 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 3 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 4 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 5 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 6 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 7 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 8 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 9 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 10 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 11 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 12 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 13 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 14 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 15 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 16 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 17 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 18 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 19 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 20 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 21 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 22 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 23 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 24 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 25 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 26 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 27 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 28 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 29 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 30 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 31 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 32 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 33 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 34 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 35 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 36 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 37 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 38 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 39 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 40 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 41 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 42 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 43 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 44 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 45 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 46 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 47 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 48 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 49 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 50 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 51 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 52 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 53 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 54 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 55 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 56 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 57 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 58 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 59 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 60 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 61 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 62 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 63 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] head_no[0] to target_no 0 active 0 [DEBUG] child 0 got target 0 selected [DEBUG] child 0 spawned for target 0 with pid 9535 [DEBUG] head_no[1] to target_no 0 active 0 [DEBUG] child 1 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 1, kill 0, fail 3 [DEBUG] head_no[2] to target_no 0 active 0 [DEBUG] child 2 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 2, kill 0, fail 3 [DEBUG] head_no[3] to target_no 0 active 0 [DEBUG] child 3 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 3, kill 0, fail 3 [DEBUG] head_no[4] to target_no 0 active 0 [DEBUG] child 4 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 4, kill 0, fail 3 [DEBUG] head_no[5] to target_no 0 active 0 [DEBUG] child 5 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 5, kill 0, fail 3 [DEBUG] head_no[6] to target_no 0 active 0 [DEBUG] child 6 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 6, kill 0, fail 3 [DEBUG] head_no[7] to target_no 0 active 0 [DEBUG] child 7 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 7, kill 0, fail 3 [DEBUG] head_no[8] to target_no 0 active 0 [DEBUG] child 8 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 8, kill 0, fail 3 [DEBUG] head_no[9] to target_no 0 active 0 [DEBUG] child 9 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 9, kill 0, fail 3 [DEBUG] head_no[10] to target_no 0 active 0 [DEBUG] child 10 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 10, kill 0, fail 3 [DEBUG] head_no[11] to target_no 0 active 0 [DEBUG] child 11 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 11, kill 0, fail 3 [DEBUG] head_no[12] to target_no 0 active 0 [DEBUG] child 12 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 12, kill 0, fail 3 [DEBUG] head_no[13] to target_no 0 active 0 [DEBUG] child 13 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 13, kill 0, fail 3 [DEBUG] head_no[14] to target_no 0 active 0 [DEBUG] child 14 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 14, kill 0, fail 3 [DEBUG] head_no[15] to target_no 0 active 0 [DEBUG] child 15 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 15, kill 0, fail 3 [DEBUG] head_no 0 has pid 9535 [DEBUG] head_no[16] to target_no 0 active 0 [DEBUG] child 16 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 16, kill 0, fail 3 [DEBUG] head_no[17] to target_no 0 active 0 [DEBUG] child 17 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 17, kill 0, fail 3 [DEBUG] head_no[18] to target_no 0 active 0 [DEBUG] child 18 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 18, kill 0, fail 3 [DEBUG] head_no[19] to target_no 0 active 0 [DEBUG] child 19 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 19, kill 0, fail 3 [DEBUG] head_no[20] to target_no 0 active 0 [DEBUG] child 20 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 20, kill 0, fail 3 [DEBUG] head_no[21] to target_no 0 active 0 [DEBUG] child 21 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 21, kill 0, fail 3 [DEBUG] head_no[22] to target_no 0 active 0 [DEBUG] child 22 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 22, kill 0, fail 3 [DEBUG] head_no[23] to target_no 0 active 0 [DEBUG] child 23 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 23, kill 0, fail 3 [DEBUG] head_no[24] to target_no 0 active 0 [DEBUG] child 24 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 24, kill 0, fail 3 [DEBUG] head_no[25] to target_no 0 active 0 [DEBUG] child 25 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 25, kill 0, fail 3 [DEBUG] head_no[26] to target_no 0 active 0 [DEBUG] child 26 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 26, kill 0, fail 3 [DEBUG] head_no[27] to target_no 0 active 0 [DEBUG] child 27 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 27, kill 0, fail 3 [DEBUG] head_no[28] to target_no 0 active 0 [DEBUG] child 28 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 28, kill 0, fail 3 [DEBUG] head_no[29] to target_no 0 active 0 [DEBUG] child 29 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 29, kill 0, fail 3 [DEBUG] head_no[30] to target_no 0 active 0 [DEBUG] child 30 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 30, kill 0, fail 3 [DEBUG] head_no[31] to target_no 0 active 0 [DEBUG] child 31 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 31, kill 0, fail 3 [DEBUG] head_no[32] to target_no 0 active 0 [DEBUG] child 32 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 32, kill 0, fail 3 [DEBUG] head_no[33] to target_no 0 active 0 [DEBUG] child 33 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 33, kill 0, fail 3 [DEBUG] head_no[34] to target_no 0 active 0 [DEBUG] child 34 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 34, kill 0, fail 3 [DEBUG] head_no[35] to target_no 0 active 0 [DEBUG] child 35 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 35, kill 0, fail 3 [DEBUG] head_no[36] to target_no 0 active 0 [DEBUG] child 36 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 36, kill 0, fail 3 [DEBUG] head_no[37] to target_no 0 active 0 [DEBUG] child 37 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 37, kill 0, fail 3 [DEBUG] head_no[38] to target_no 0 active 0 [DEBUG] child 38 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 38, kill 0, fail 3 [DEBUG] head_no[39] to target_no 0 active 0 [DEBUG] child 39 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left DEBUG_CONNECT_OK[DEBUG] head_no 39, kill 0, fail 3 [DEBUG] head_no[40] to target_no 0 active 0 [DEBUG] child 40 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 40, kill 0, fail 3 [DEBUG] head_no[41] to target_no 0 active 0 [DEBUG] child 41 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 41, kill 0, fail 3 [DEBUG] head_no[42] to target_no 0 active 0 [DEBUG] child 42 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 42, kill 0, fail 3 [DEBUG] head_no[43] to target_no 0 active 0 [DEBUG] child 43 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 43, kill 0, fail 3 [DEBUG] head_no[44] to target_no 0 active 0 [DEBUG] child 44 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 44, kill 0, fail 3 [DEBUG] head_no[45] to target_no 0 active 0 [DEBUG] child 45 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 45, kill 0, fail 3 [DEBUG] head_no[46] to target_no 0 active 0 [DEBUG] child 46 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 46, kill 0, fail 3 [DEBUG] head_no[47] to target_no 0 active 0 [DEBUG] child 47 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 47, kill 0, fail 3 [DEBUG] head_no[48] to target_no 0 active 0 [DEBUG] child 48 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 48, kill 0, fail 3 [DEBUG] head_no[49] to target_no 0 active 0 [DEBUG] child 49 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 49, kill 0, fail 3 [DEBUG] head_no[50] to target_no 0 active 0 [DEBUG] child 50 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 50, kill 0, fail 3 [DEBUG] head_no[51] to target_no 0 active 0 [DEBUG] child 51 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 51, kill 0, fail 3 [DEBUG] head_no[52] to target_no 0 active 0 [DEBUG] child 52 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 52, kill 0, fail 3 [DEBUG] head_no[53] to target_no 0 active 0 [DEBUG] child 53 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 53, kill 0, fail 3 [DEBUG] head_no[54] to target_no 0 active 0 [DEBUG] child 54 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 54, kill 0, fail 3 [DEBUG] head_no[55] to target_no 0 active 0 [DEBUG] child 55 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 55, kill 0, fail 3 [DEBUG] head_no[56] to target_no 0 active 0 [DEBUG] child 56 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 56, kill 0, fail 3 [DEBUG] head_no[57] to target_no 0 active 0 [DEBUG] child 57 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 57, kill 0, fail 3 [DEBUG] head_no[58] to target_no 0 active 0 [DEBUG] child 58 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 58, kill 0, fail 3 [DEBUG] head_no[59] to target_no 0 active 0 [DEBUG] child 59 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 59, kill 0, fail 3 [DEBUG] head_no[60] to target_no 0 active 0 [DEBUG] child 60 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 60, kill 0, fail 3 [DEBUG] head_no[61] to target_no 0 active 0 [DEBUG] child 61 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 61, kill 0, fail 3 [DEBUG] head_no[62] to target_no 0 active 0 [DEBUG] child 62 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 62, kill 0, fail 3 [DEBUG] head_no[63] to target_no 0 active 0 [DEBUG] child 63 got target -1 selected [DEBUG] hydra_select_target() reports no more targets left [DEBUG] head_no 63, kill 0, fail 3 [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] read n [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin test, tpass test, logincnt 0/1, passcnt 0/1, loop_cnt 1 [DEBUG] send_next_pair_mid done 1, pass_state 0, clogin test, cpass test, tlogin -p, tpass test, redo 0 [ATTEMPT] target 127.0.0.1 - login "test" - pass "test" - 1 of 1 [child 0] [DEBUG] SEND [pid:9535] (78 bytes): 0000: 4745 5420 2f6c 6f67 696e 2e68 746d 6c20 [ GET /login.html ] 0010: 4854 5450 2f31 2e30 0d0a 486f 7374 3a20 [ HTTP/1.0..Host: ] 0020: 3132 372e 302e 302e 310d 0a55 7365 722d [ 127.0.0.1..User- ] 0030: 4167 656e 743a 204d 6f7a 696c 6c61 2f35 [ Agent: Mozilla/5 ] 0040: 2e30 2028 4879 6472 6129 0d0a 0d0a [ .0 (Hydra).... ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 9535 [DEBUG] RECV [pid:9535] (205 bytes): 0000: 4854 5450 2f31 2e30 2033 3032 2046 4f55 [ HTTP/1.0 302 FOU ] 0010: 4e44 0d0a 4461 7465 3a20 5375 6e2c 2030 [ ND..Date: Sun, 0 ] 0020: 3220 4175 6720 3230 3135 2031 393a 3137 [ 2 Aug 2015 19:17 ] 0030: 3a35 3420 474d 540d 0a53 6572 7665 723a [ :54 GMT..Server: ] 0040: 2057 5347 4953 6572 7665 722f 302e 3220 [ WSGIServer/0.2 ] 0050: 4350 7974 686f 6e2f 332e 342e 330d 0a58 [ CPython/3.4.3..X ] 0060: 2d46 7261 6d65 2d4f 7074 696f 6e73 3a20 [ -Frame-Options: ] 0070: 5341 4d45 4f52 4947 494e 0d0a 436f 6e74 [ SAMEORIGIN..Cont ] 0080: 656e 742d 5479 7065 3a20 7465 7874 2f68 [ ent-Type: text/h ] 0090: 746d 6c3b 2063 6861 7273 6574 3d75 7466 [ tml; charset=utf ] 00a0: 2d38 0d0a 4c6f 6361 7469 6f6e 3a20 6874 [ -8..Location: ht ] 00b0: 7470 3a2f 2f31 3237 2e30 2e30 2e31 2f69 [ tp://127.0.0.1/i ] 00c0: 6e64 6578 2e68 746d 6c0d 0a0d 0a [ ndex.html.... ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 9535 [DEBUG] RECV [pid:9535] (0 bytes): DEBUG_DISCONNECT DEBUG_CONNECT_OK [DEBUG] SEND [pid:9535] (181 bytes): 0000: 504f 5354 202f 6c6f 6769 6e2e 6874 6d6c [ POST /login.html ] 0010: 2048 5454 502f 312e 300d 0a48 6f73 743a [ HTTP/1.0..Host: ] 0020: 2031 3237 2e30 2e30 2e31 0d0a 5573 6572 [ 127.0.0.1..User ] 0030: 2d41 6765 6e74 3a20 4d6f 7a69 6c6c 612f [ -Agent: Mozilla/ ] 0040: 352e 3020 2848 7964 7261 290d 0a43 6f6e [ 5.0 (Hydra)..Con ] 0050: 7465 6e74 2d4c 656e 6774 683a 2032 330d [ tent-Length: 23. ] 0060: 0a43 6f6e 7465 6e74 2d54 7970 653a 2061 [ .Content-Type: a ] 0070: 7070 6c69 6361 7469 6f6e 2f78 2d77 7777 [ pplication/x-www ] 0080: 2d66 6f72 6d2d 7572 6c65 6e63 6f64 6564 [ -form-urlencoded ] 0090: 0d0a 436f 6f6b 6965 3a20 0d0a 0d0a 7573 [ ..Cookie: ....us ] 00a0: 6572 6e61 6d65 3d74 6573 7426 7061 7373 [ ername=test&pass ] 00b0: 3d74 6573 74 [ =test ] HTTP request sent:[0A]POST /login.html HTTP/1.0[0D][0A]Host: 127.0.0.1[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 23[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A]Cookie: [0D][0A][0D][0A]username=test&pass=test[0A] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 9535 [DEBUG] RECV [pid:9535] (2784 bytes): 0000: 4854 5450 2f31 2e30 2034 3033 2046 4f52 [ HTTP/1.0 403 FOR ] 0010: 4249 4444 454e 0d0a 4461 7465 3a20 5375 [ BIDDEN..Date: Su ] 0020: 6e2c 2030 3220 4175 6720 3230 3135 2031 [ n, 02 Aug 2015 1 ] 0030: 393a 3137 3a35 3420 474d 540d 0a53 6572 [ 9:17:54 GMT..Ser ] 0040: 7665 723a 2057 5347 4953 6572 7665 722f [ ver: WSGIServer/ ] 0050: 302e 3220 4350 7974 686f 6e2f 332e 342e [ 0.2 CPython/3.4. ] 0060: 330d 0a58 2d46 7261 6d65 2d4f 7074 696f [ 3..X-Frame-Optio ] 0070: 6e73 3a20 5341 4d45 4f52 4947 494e 0d0a [ ns: SAMEORIGIN.. ] 0080: 436f 6e74 656e 742d 5479 7065 3a20 7465 [ Content-Type: te ] 0090: 7874 2f68 746d 6c0d 0a0d 0a0a 3c21 444f [ xt/html.....<!DO ] 00a0: 4354 5950 4520 6874 6d6c 3e0a 3c68 746d [ CTYPE html>.<htm ] 00b0: 6c20 6c61 6e67 3d22 656e 223e 0a3c 6865 [ l lang="en">.<he ] 00c0: 6164 3e0a 2020 3c6d 6574 6120 6874 7470 [ ad>. <meta http ] 00d0: 2d65 7175 6976 3d22 636f 6e74 656e 742d [ -equiv="content- ] 00e0: 7479 7065 2220 636f 6e74 656e 743d 2274 [ type" content="t ] 00f0: 6578 742f 6874 6d6c 3b20 6368 6172 7365 [ ext/html; charse ] 0100: 743d 7574 662d 3822 3e0a 2020 3c6d 6574 [ t=utf-8">. <met ] 0110: 6120 6e61 6d65 3d22 726f 626f 7473 2220 [ a name="robots" ] 0120: 636f 6e74 656e 743d 224e 4f4e 452c 4e4f [ content="NONE,NO ] 0130: 4152 4348 4956 4522 3e0a 2020 3c74 6974 [ ARCHIVE">. <tit ] 0140: 6c65 3e34 3033 2046 6f72 6269 6464 656e [ le>403 Forbidden ] 0150: 3c2f 7469 746c 653e 0a20 203c 7374 796c [ </title>. <styl ] 0160: 6520 7479 7065 3d22 7465 7874 2f63 7373 [ e type="text/css ] 0170: 223e 0a20 2020 2068 746d 6c20 2a20 7b20 [ ">. html * { ] 0180: 7061 6464 696e 673a 303b 206d 6172 6769 [ padding:0; margi ] 0190: 6e3a 303b 207d 0a20 2020 2062 6f64 7920 [ n:0; }. body ] 01a0: 2a20 7b20 7061 6464 696e 673a 3130 7078 [ * { padding:10px ] 01b0: 2032 3070 783b 207d 0a20 2020 2062 6f64 [ 20px; }. bod ] 01c0: 7920 2a20 2a20 7b20 7061 6464 696e 673a [ y * * { padding: ] 01d0: 303b 207d 0a20 2020 2062 6f64 7920 7b20 [ 0; }. body { ] 01e0: 666f 6e74 3a73 6d61 6c6c 2073 616e 732d [ font:small sans- ] 01f0: 7365 7269 663b 2062 6163 6b67 726f 756e [ serif; backgroun ] 0200: 643a 2365 6565 3b20 7d0a 2020 2020 626f [ d:#eee; }. bo ] 0210: 6479 3e64 6976 207b 2062 6f72 6465 722d [ dy>div { border- ] 0220: 626f 7474 6f6d 3a31 7078 2073 6f6c 6964 [ bottom:1px solid ] 0230: 2023 6464 643b 207d 0a20 2020 2068 3120 [ #ddd; }. h1 ] 0240: 7b20 666f 6e74 2d77 6569 6768 743a 6e6f [ { font-weight:no ] 0250: 726d 616c 3b20 6d61 7267 696e 2d62 6f74 [ rmal; margin-bot ] 0260: 746f 6d3a 2e34 656d 3b20 7d0a 2020 2020 [ tom:.4em; }. ] 0270: 6831 2073 7061 6e20 7b20 666f 6e74 2d73 [ h1 span { font-s ] 0280: 697a 653a 3630 253b 2063 6f6c 6f72 3a23 [ ize:60%; color:# ] 0290: 3636 363b 2066 6f6e 742d 7765 6967 6874 [ 666; font-weight ] 02a0: 3a6e 6f72 6d61 6c3b 207d 0a20 2020 2023 [ :normal; }. # ] 02b0: 696e 666f 207b 2062 6163 6b67 726f 756e [ info { backgroun ] 02c0: 643a 2366 3666 3666 363b 207d 0a20 2020 [ d:#f6f6f6; }. ] 02d0: 2023 696e 666f 2075 6c20 7b20 6d61 7267 [ #info ul { marg ] 02e0: 696e 3a20 302e 3565 6d20 3465 6d3b 207d [ in: 0.5em 4em; } ] 02f0: 0a20 2020 2023 696e 666f 2070 2c20 2373 [ . #info p, #s ] 0300: 756d 6d61 7279 2070 207b 2070 6164 6469 [ ummary p { paddi ] 0310: 6e67 2d74 6f70 3a31 3070 783b 207d 0a20 [ ng-top:10px; }. ] 0320: 2020 2023 7375 6d6d 6172 7920 7b20 6261 [ #summary { ba ] 0330: 636b 6772 6f75 6e64 3a20 2366 6663 3b20 [ ckground: #ffc; ] 0340: 7d0a 2020 2020 2365 7870 6c61 6e61 7469 [ }. #explanati ] 0350: 6f6e 207b 2062 6163 6b67 726f 756e 643a [ on { background: ] 0360: 2365 6565 3b20 626f 7264 6572 2d62 6f74 [ #eee; border-bot ] 0370: 746f 6d3a 2030 7078 206e 6f6e 653b 207d [ tom: 0px none; } ] 0380: 0a20 203c 2f73 7479 6c65 3e0a 3c2f 6865 [ . </style>.</he ] 0390: 6164 3e0a 3c62 6f64 793e 0a3c 6469 7620 [ ad>.<body>.<div ] 03a0: 6964 3d22 7375 6d6d 6172 7922 3e0a 2020 [ id="summary">. ] 03b0: 3c68 313e 466f 7262 6964 6465 6e20 3c73 [ <h1>Forbidden <s ] 03c0: 7061 6e3e 2834 3033 293c 2f73 7061 6e3e [ pan>(403)</span> ] 03d0: 3c2f 6831 3e0a 2020 3c70 3e43 5352 4620 [ </h1>. <p>CSRF ] 03e0: 7665 7269 6669 6361 7469 6f6e 2066 6169 [ verification fai ] 03f0: 6c65 642e 2052 6571 7565 7374 2061 626f [ led. Request abo ] 0400: 7274 6564 2e3c 2f70 3e0a 0a0a 2020 3c70 [ rted.</p>... <p ] 0410: 3e59 6f75 2061 7265 2073 6565 696e 6720 [ >You are seeing ] 0420: 7468 6973 206d 6573 7361 6765 2062 6563 [ this message bec ] 0430: 6175 7365 2074 6869 7320 7369 7465 2072 [ ause this site r ] 0440: 6571 7569 7265 7320 6120 4353 5246 2063 [ equires a CSRF c ] 0450: 6f6f 6b69 6520 7768 656e 2073 7562 6d69 [ ookie when submi ] 0460: 7474 696e 6720 666f 726d 732e 2054 6869 [ tting forms. Thi ] 0470: 7320 636f 6f6b 6965 2069 7320 7265 7175 [ s cookie is requ ] 0480: 6972 6564 2066 6f72 2073 6563 7572 6974 [ ired for securit ] 0490: 7920 7265 6173 6f6e 732c 2074 6f20 656e [ y reasons, to en ] 04a0: 7375 7265 2074 6861 7420 796f 7572 2062 [ sure that your b ] 04b0: 726f 7773 6572 2069 7320 6e6f 7420 6265 [ rowser is not be ] 04c0: 696e 6720 6869 6a61 636b 6564 2062 7920 [ ing hijacked by ] 04d0: 7468 6972 6420 7061 7274 6965 732e 3c2f [ third parties.</ ] 04e0: 703e 0a20 203c 703e 4966 2079 6f75 2068 [ p>. <p>If you h ] 04f0: 6176 6520 636f 6e66 6967 7572 6564 2079 [ ave configured y ] 0500: 6f75 7220 6272 6f77 7365 7220 746f 2064 [ our browser to d ] 0510: 6973 6162 6c65 2063 6f6f 6b69 6573 2c20 [ isable cookies, ] 0520: 706c 6561 7365 2072 652d 656e 6162 6c65 [ please re-enable ] 0530: 2074 6865 6d2c 2061 7420 6c65 6173 7420 [ them, at least ] 0540: 666f 7220 7468 6973 2073 6974 652c 206f [ for this site, o ] 0550: 7220 666f 7220 2623 3339 3b73 616d 652d [ r for 'same- ] 0560: 6f72 6967 696e 2623 3339 3b20 7265 7175 [ origin' requ ] 0570: 6573 7473 2e3c 2f70 3e0a 0a3c 2f64 6976 [ ests.</p>..</div ] 0580: 3e0a 0a3c 6469 7620 6964 3d22 696e 666f [ >..<div id="info ] 0590: 223e 0a20 203c 6832 3e48 656c 703c 2f68 [ ">. <h2>Help</h ] 05a0: 323e 0a20 2020 200a 2020 2020 3c70 3e52 [ 2>. . <p>R ] 05b0: 6561 736f 6e20 6769 7665 6e20 666f 7220 [ eason given for ] 05c0: 6661 696c 7572 653a 3c2f 703e 0a20 2020 [ failure:</p>. ] 05d0: 203c 7072 653e 0a20 2020 2043 5352 4620 [ <pre>. CSRF ] 05e0: 636f 6f6b 6965 206e 6f74 2073 6574 2e0a [ cookie not set.. ] 05f0: 2020 2020 3c2f 7072 653e 0a20 2020 200a [ </pre>. . ] 0600: 0a20 203c 703e 496e 2067 656e 6572 616c [ . <p>In general ] 0610: 2c20 7468 6973 2063 616e 206f 6363 7572 [ , this can occur ] 0620: 2077 6865 6e20 7468 6572 6520 6973 2061 [ when there is a ] 0630: 2067 656e 7569 6e65 2043 726f 7373 2053 [ genuine Cross S ] 0640: 6974 6520 5265 7175 6573 7420 466f 7267 [ ite Request Forg ] 0650: 6572 792c 206f 7220 7768 656e 0a20 203c [ ery, or when. < ] 0660: 610a 2020 6872 6566 3d22 6874 7470 733a [ a. href="https: ] 0670: 2f2f 646f 6373 2e64 6a61 6e67 6f70 726f [ //docs.djangopro ] 0680: 6a65 6374 2e63 6f6d 2f65 6e2f 312e 382f [ ject.com/en/1.8/ ] 0690: 7265 662f 6373 7266 2f22 3e44 6a61 6e67 [ ref/csrf/">Djang ] 06a0: 6f27 730a 2020 4353 5246 206d 6563 6861 [ o's. CSRF mecha ] 06b0: 6e69 736d 3c2f 613e 2068 6173 206e 6f74 [ nism</a> has not ] 06c0: 2062 6565 6e20 7573 6564 2063 6f72 7265 [ been used corre ] 06d0: 6374 6c79 2e20 2046 6f72 2050 4f53 5420 [ ctly. For POST ] 06e0: 666f 726d 732c 2079 6f75 206e 6565 6420 [ forms, you need ] 06f0: 746f 0a20 2065 6e73 7572 653a 3c2f 703e [ to. ensure:</p> ] 0700: 0a0a 2020 3c75 6c3e 0a20 2020 203c 6c69 [ .. <ul>. <li ] 0710: 3e59 6f75 7220 6272 6f77 7365 7220 6973 [ >Your browser is ] 0720: 2061 6363 6570 7469 6e67 2063 6f6f 6b69 [ accepting cooki ] 0730: 6573 2e3c 2f6c 693e 0a0a 2020 2020 3c6c [ es.</li>.. <l ] 0740: 693e 5468 6520 7669 6577 2066 756e 6374 [ i>The view funct ] 0750: 696f 6e20 7061 7373 6573 2061 203c 636f [ ion passes a <co ] 0760: 6465 3e72 6571 7565 7374 3c2f 636f 6465 [ de>request</code ] 0770: 3e20 746f 2074 6865 2074 656d 706c 6174 [ > to the templat ] 0780: 6527 7320 3c61 0a20 2020 2068 7265 663d [ e's <a. href= ] 0790: 2268 7474 7073 3a2f 2f64 6f63 732e 646a [ "https://docs.dj ] 07a0: 616e 676f 7072 6f6a 6563 742e 636f 6d2f [ angoproject.com/ ] 07b0: 656e 2f64 6576 2f74 6f70 6963 732f 7465 [ en/dev/topics/te ] 07c0: 6d70 6c61 7465 732f 2364 6a61 6e67 6f2e [ mplates/#django. ] 07d0: 7465 6d70 6c61 7465 2e62 6163 6b65 6e64 [ template.backend ] 07e0: 732e 6261 7365 2e54 656d 706c 6174 652e [ s.base.Template. ] 07f0: 7265 6e64 6572 223e 3c63 6f64 653e 7265 [ render"><code>re ] 0800: 6e64 6572 3c2f 636f 6465 3e3c 2f61 3e0a [ nder</code></a>. ] 0810: 2020 2020 6d65 7468 6f64 2e3c 2f6c 693e [ method.</li> ] 0820: 0a0a 2020 2020 3c6c 693e 496e 2074 6865 [ .. <li>In the ] 0830: 2074 656d 706c 6174 652c 2074 6865 7265 [ template, there ] 0840: 2069 7320 6120 3c63 6f64 653e 7b25 2063 [ is a <code>{% c ] 0850: 7372 665f 746f 6b65 6e0a 2020 2020 257d [ srf_token. %} ] 0860: 3c2f 636f 6465 3e20 7465 6d70 6c61 7465 [ </code> template ] 0870: 2074 6167 2069 6e73 6964 6520 6561 6368 [ tag inside each ] 0880: 2050 4f53 5420 666f 726d 2074 6861 740a [ POST form that. ] 0890: 2020 2020 7461 7267 6574 7320 616e 2069 [ targets an i ] 08a0: 6e74 6572 6e61 6c20 5552 4c2e 3c2f 6c69 [ nternal URL.</li ] 08b0: 3e0a 0a20 2020 203c 6c69 3e49 6620 796f [ >.. <li>If yo ] 08c0: 7520 6172 6520 6e6f 7420 7573 696e 6720 [ u are not using ] 08d0: 3c63 6f64 653e 4373 7266 5669 6577 4d69 [ <code>CsrfViewMi ] 08e0: 6464 6c65 7761 7265 3c2f 636f 6465 3e2c [ ddleware</code>, ] 08f0: 2074 6865 6e20 796f 7520 6d75 7374 2075 [ then you must u ] 0900: 7365 0a20 2020 203c 636f 6465 3e63 7372 [ se. <code>csr ] 0910: 665f 7072 6f74 6563 743c 2f63 6f64 653e [ f_protect</code> ] 0920: 206f 6e20 616e 7920 7669 6577 7320 7468 [ on any views th ] 0930: 6174 2075 7365 2074 6865 203c 636f 6465 [ at use the <code ] 0940: 3e63 7372 665f 746f 6b65 6e3c 2f63 6f64 [ >csrf_token</cod ] 0950: 653e 0a20 2020 2074 656d 706c 6174 6520 [ e>. template ] 0960: 7461 672c 2061 7320 7765 6c6c 2061 7320 [ tag, as well as ] 0970: 7468 6f73 6520 7468 6174 2061 6363 6570 [ those that accep ] 0980: 7420 7468 6520 504f 5354 2064 6174 612e [ t the POST data. ] 0990: 3c2f 6c69 3e0a 0a20 203c 2f75 6c3e 0a0a [ </li>.. </ul>.. ] 09a0: 2020 3c70 3e59 6f75 2772 6520 7365 6569 [ <p>You're seei ] 09b0: 6e67 2074 6865 2068 656c 7020 7365 6374 [ ng the help sect ] 09c0: 696f 6e20 6f66 2074 6869 7320 7061 6765 [ ion of this page ] 09d0: 2062 6563 6175 7365 2079 6f75 2068 6176 [ because you hav ] 09e0: 6520 3c63 6f64 653e 4445 4255 4720 3d0a [ e <code>DEBUG =. ] 09f0: 2020 5472 7565 3c2f 636f 6465 3e20 696e [ True</code> in ] 0a00: 2079 6f75 7220 446a 616e 676f 2073 6574 [ your Django set ] 0a10: 7469 6e67 7320 6669 6c65 2e20 4368 616e [ tings file. Chan ] 0a20: 6765 2074 6861 7420 746f 203c 636f 6465 [ ge that to <code ] 0a30: 3e46 616c 7365 3c2f 636f 6465 3e2c 0a20 [ >False</code>,. ] 0a40: 2061 6e64 206f 6e6c 7920 7468 6520 696e [ and only the in ] 0a50: 6974 6961 6c20 6572 726f 7220 6d65 7373 [ itial error mess ] 0a60: 6167 6520 7769 6c6c 2062 6520 6469 7370 [ age will be disp ] 0a70: 6c61 7965 642e 2020 3c2f 703e 0a0a 2020 [ layed. </p>.. ] 0a80: 3c70 3e59 6f75 2063 616e 2063 7573 746f [ <p>You can custo ] 0a90: 6d69 7a65 2074 6869 7320 7061 6765 2075 [ mize this page u ] 0aa0: 7369 6e67 2074 6865 2043 5352 465f 4641 [ sing the CSRF_FA ] 0ab0: 494c 5552 455f 5649 4557 2073 6574 7469 [ ILURE_VIEW setti ] 0ac0: 6e67 2e3c 2f70 3e0a 3c2f 6469 763e 0a0a [ ng.</p>.</div>.. ] 0ad0: 3c2f 626f 6479 3e0a 3c2f 6874 6d6c 3e0a [ </body>.</html>. ] [DEBUG] attempt result: found 0, redirect 1, location: http://127.0.0.1/index.html [VERBOSE] Page redirected to http://127.0.0.1/index.htm DEBUG_DISCONNECT DEBUG_CONNECT_OK [DEBUG] SEND [pid:9535] (155 bytes): 0000: 4745 5420 2f69 6e64 6578 2e68 746d 2048 [ GET /index.htm H ] 0010: 5454 502f 312e 300d 0a48 6f73 743a 2031 [ TTP/1.0..Host: 1 ] 0020: 3237 2e30 2e30 2e31 0d0a 5573 6572 2d41 [ 27.0.0.1..User-A ] 0030: 6765 6e74 3a20 4d6f 7a69 6c6c 612f 352e [ gent: Mozilla/5. ] 0040: 3020 2848 7964 7261 290d 0a43 6f6e 7465 [ 0 (Hydra)..Conte ] 0050: 6e74 2d4c 656e 6774 683a 2030 0d0a 436f [ nt-Length: 0..Co ] 0060: 6e74 656e 742d 5479 7065 3a20 6170 706c [ ntent-Type: appl ] 0070: 6963 6174 696f 6e2f 782d 7777 772d 666f [ ication/x-www-fo ] 0080: 726d 2d75 726c 656e 636f 6465 640d 0a43 [ rm-urlencoded..C ] 0090: 6f6f 6b69 653a 200d 0a0d 0a [ ookie: .... ] [DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 9535 [DEBUG] RECV [pid:9535] (2307 bytes): 0000: 4854 5450 2f31 2e30 2034 3034 204e 4f54 [ HTTP/1.0 404 NOT ] 0010: 2046 4f55 4e44 0d0a 4461 7465 3a20 5375 [ FOUND..Date: Su ] 0020: 6e2c 2030 3220 4175 6720 3230 3135 2031 [ n, 02 Aug 2015 1 ] 0030: 393a 3137 3a35 3420 474d 540d 0a53 6572 [ 9:17:54 GMT..Ser ] 0040: 7665 723a 2057 5347 4953 6572 7665 722f [ ver: WSGIServer/ ] 0050: 302e 3220 4350 7974 686f 6e2f 332e 342e [ 0.2 CPython/3.4. ] 0060: 330d 0a58 2d46 7261 6d65 2d4f 7074 696f [ 3..X-Frame-Optio ] 0070: 6e73 3a20 5341 4d45 4f52 4947 494e 0d0a [ ns: SAMEORIGIN.. ] 0080: 436f 6e74 656e 742d 5479 7065 3a20 7465 [ Content-Type: te ] 0090: 7874 2f68 746d 6c0d 0a0d 0a0a 3c21 444f [ xt/html.....<!DO ] 00a0: 4354 5950 4520 6874 6d6c 3e0a 3c68 746d [ CTYPE html>.<htm ] 00b0: 6c20 6c61 6e67 3d22 656e 223e 0a3c 6865 [ l lang="en">.<he ] 00c0: 6164 3e0a 2020 3c6d 6574 6120 6874 7470 [ ad>. <meta http ] 00d0: 2d65 7175 6976 3d22 636f 6e74 656e 742d [ -equiv="content- ] 00e0: 7479 7065 2220 636f 6e74 656e 743d 2274 [ type" content="t ] 00f0: 6578 742f 6874 6d6c 3b20 6368 6172 7365 [ ext/html; charse ] 0100: 743d 7574 662d 3822 3e0a 2020 3c74 6974 [ t=utf-8">. <tit ] 0110: 6c65 3e50 6167 6520 6e6f 7420 666f 756e [ le>Page not foun ] 0120: 6420 6174 202f 696e 6465 782e 6874 6d3c [ d at /index.htm< ] 0130: 2f74 6974 6c65 3e0a 2020 3c6d 6574 6120 [ /title>. <meta ] 0140: 6e61 6d65 3d22 726f 626f 7473 2220 636f [ name="robots" co ] 0150: 6e74 656e 743d 224e 4f4e 452c 4e4f 4152 [ ntent="NONE,NOAR ] 0160: 4348 4956 4522 3e0a 2020 3c73 7479 6c65 [ CHIVE">. <style ] 0170: 2074 7970 653d 2274 6578 742f 6373 7322 [ type="text/css" ] 0180: 3e0a 2020 2020 6874 6d6c 202a 207b 2070 [ >. html * { p ] 0190: 6164 6469 6e67 3a30 3b20 6d61 7267 696e [ adding:0; margin ] 01a0: 3a30 3b20 7d0a 2020 2020 626f 6479 202a [ :0; }. body * ] 01b0: 207b 2070 6164 6469 6e67 3a31 3070 7820 [ { padding:10px ] 01c0: 3230 7078 3b20 7d0a 2020 2020 626f 6479 [ 20px; }. body ] 01d0: 202a 202a 207b 2070 6164 6469 6e67 3a30 [ * * { padding:0 ] 01e0: 3b20 7d0a 2020 2020 626f 6479 207b 2066 [ ; }. body { f ] 01f0: 6f6e 743a 736d 616c 6c20 7361 6e73 2d73 [ ont:small sans-s ] 0200: 6572 6966 3b20 6261 636b 6772 6f75 6e64 [ erif; background ] 0210: 3a23 6565 653b 207d 0a20 2020 2062 6f64 [ :#eee; }. bod ] 0220: 793e 6469 7620 7b20 626f 7264 6572 2d62 [ y>div { border-b ] 0230: 6f74 746f 6d3a 3170 7820 736f 6c69 6420 [ ottom:1px solid ] 0240: 2364 6464 3b20 7d0a 2020 2020 6831 207b [ #ddd; }. h1 { ] 0250: 2066 6f6e 742d 7765 6967 6874 3a6e 6f72 [ font-weight:nor ] 0260: 6d61 6c3b 206d 6172 6769 6e2d 626f 7474 [ mal; margin-bott ] 0270: 6f6d 3a2e 3465 6d3b 207d 0a20 2020 2068 [ om:.4em; }. h ] 0280: 3120 7370 616e 207b 2066 6f6e 742d 7369 [ 1 span { font-si ] 0290: 7a65 3a36 3025 3b20 636f 6c6f 723a 2336 [ ze:60%; color:#6 ] 02a0: 3636 3b20 666f 6e74 2d77 6569 6768 743a [ 66; font-weight: ] 02b0: 6e6f 726d 616c 3b20 7d0a 2020 2020 7461 [ normal; }. ta ] 02c0: 626c 6520 7b20 626f 7264 6572 3a6e 6f6e [ ble { border:non ] 02d0: 653b 2062 6f72 6465 722d 636f 6c6c 6170 [ e; border-collap ] 02e0: 7365 3a20 636f 6c6c 6170 7365 3b20 7769 [ se: collapse; wi ] 02f0: 6474 683a 3130 3025 3b20 7d0a 2020 2020 [ dth:100%; }. ] 0300: 7464 2c20 7468 207b 2076 6572 7469 6361 [ td, th { vertica ] 0310: 6c2d 616c 6967 6e3a 746f 703b 2070 6164 [ l-align:top; pad ] 0320: 6469 6e67 3a32 7078 2033 7078 3b20 7d0a [ ding:2px 3px; }. ] 0330: 2020 2020 7468 207b 2077 6964 7468 3a31 [ th { width:1 ] 0340: 3265 6d3b 2074 6578 742d 616c 6967 6e3a [ 2em; text-align: ] 0350: 7269 6768 743b 2063 6f6c 6f72 3a23 3636 [ right; color:#66 ] 0360: 363b 2070 6164 6469 6e67 2d72 6967 6874 [ 6; padding-right ] 0370: 3a2e 3565 6d3b 207d 0a20 2020 2023 696e [ :.5em; }. #in ] 0380: 666f 207b 2062 6163 6b67 726f 756e 643a [ fo { background: ] 0390: 2366 3666 3666 363b 207d 0a20 2020 2023 [ #f6f6f6; }. # ] 03a0: 696e 666f 206f 6c20 7b20 6d61 7267 696e [ info ol { margin ] 03b0: 3a20 302e 3565 6d20 3465 6d3b 207d 0a20 [ : 0.5em 4em; }. ] 03c0: 2020 2023 696e 666f 206f 6c20 6c69 207b [ #info ol li { ] 03d0: 2066 6f6e 742d 6661 6d69 6c79 3a20 6d6f [ font-family: mo ] 03e0: 6e6f 7370 6163 653b 207d 0a20 2020 2023 [ nospace; }. # ] 03f0: 7375 6d6d 6172 7920 7b20 6261 636b 6772 [ summary { backgr ] 0400: 6f75 6e64 3a20 2366 6663 3b20 7d0a 2020 [ ound: #ffc; }. ] 0410: 2020 2365 7870 6c61 6e61 7469 6f6e 207b [ #explanation { ] 0420: 2062 6163 6b67 726f 756e 643a 2365 6565 [ background:#eee ] 0430: 3b20 626f 7264 6572 2d62 6f74 746f 6d3a [ ; border-bottom: ] 0440: 2030 7078 206e 6f6e 653b 207d 0a20 203c [ 0px none; }. < ] 0450: 2f73 7479 6c65 3e0a 3c2f 6865 6164 3e0a [ /style>.</head>. ] 0460: 3c62 6f64 793e 0a20 203c 6469 7620 6964 [ <body>. <div id ] 0470: 3d22 7375 6d6d 6172 7922 3e0a 2020 2020 [ ="summary">. ] 0480: 3c68 313e 5061 6765 206e 6f74 2066 6f75 [ <h1>Page not fou ] 0490: 6e64 203c 7370 616e 3e28 3430 3429 3c2f [ nd <span>(404)</ ] 04a0: 7370 616e 3e3c 2f68 313e 0a20 2020 203c [ span></h1>. < ] 04b0: 7461 626c 6520 636c 6173 733d 226d 6574 [ table class="met ] 04c0: 6122 3e0a 2020 2020 2020 3c74 723e 0a20 [ a">. <tr>. ] 04d0: 2020 2020 2020 203c 7468 3e52 6571 7565 [ <th>Reque ] 04e0: 7374 204d 6574 686f 643a 3c2f 7468 3e0a [ st Method:</th>. ] 04f0: 2020 2020 2020 2020 3c74 643e 4745 543c [ <td>GET< ] 0500: 2f74 643e 0a20 2020 2020 203c 2f74 723e [ /td>. </tr> ] 0510: 0a20 2020 2020 203c 7472 3e0a 2020 2020 [ . <tr>. ] 0520: 2020 2020 3c74 683e 5265 7175 6573 7420 [ <th>Request ] 0530: 5552 4c3a 3c2f 7468 3e0a 2020 2020 2020 [ URL:</th>. ] 0540: 2020 3c74 643e 6874 7470 3a2f 2f31 3237 [ <td>http://127 ] 0550: 2e30 2e30 2e31 2f69 6e64 6578 2e68 746d [ .0.0.1/index.htm ] 0560: 3c2f 7464 3e0a 2020 2020 2020 3c2f 7472 [ </td>. </tr ] 0570: 3e0a 2020 2020 2020 0a20 2020 203c 2f74 [ >. . </t ] 0580: 6162 6c65 3e0a 2020 3c2f 6469 763e 0a20 [ able>. </div>. ] 0590: 203c 6469 7620 6964 3d22 696e 666f 223e [ <div id="info"> ] 05a0: 0a20 2020 200a 2020 2020 2020 3c70 3e0a [ . . <p>. ] 05b0: 2020 2020 2020 5573 696e 6720 7468 6520 [ Using the ] 05c0: 5552 4c63 6f6e 6620 6465 6669 6e65 6420 [ URLconf defined ] 05d0: 696e 203c 636f 6465 3e64 6a61 6e67 6f61 [ in <code>djangoa ] 05e0: 7070 2e75 726c 733c 2f63 6f64 653e 2c0a [ pp.urls</code>,. ] 05f0: 2020 2020 2020 446a 616e 676f 2074 7269 [ Django tri ] 0600: 6564 2074 6865 7365 2055 524c 2070 6174 [ ed these URL pat ] 0610: 7465 726e 732c 2069 6e20 7468 6973 206f [ terns, in this o ] 0620: 7264 6572 3a0a 2020 2020 2020 3c2f 703e [ rder:. </p> ] 0630: 0a20 2020 2020 203c 6f6c 3e0a 2020 2020 [ . <ol>. ] 0640: 2020 2020 0a20 2020 2020 2020 2020 203c [ . < ] 0650: 6c69 3e0a 2020 2020 2020 2020 2020 2020 [ li>. ] 0660: 0a20 2020 2020 2020 2020 2020 2020 2020 [ . ] 0670: 205e 6164 6d69 6e2f 0a20 2020 2020 2020 [ ^admin/. ] 0680: 2020 2020 2020 2020 200a 2020 2020 2020 [ . ] 0690: 2020 2020 2020 0a20 2020 2020 2020 2020 [ . ] 06a0: 203c 2f6c 693e 0a20 2020 2020 2020 200a [ </li>. . ] 06b0: 2020 2020 2020 2020 2020 3c6c 693e 0a20 [ <li>. ] 06c0: 2020 2020 2020 2020 2020 200a 2020 2020 [ . ] 06d0: 2020 2020 2020 2020 2020 2020 5e69 6e64 [ ^ind ] 06e0: 6578 2e68 746d 6c24 0a20 2020 2020 2020 [ ex.html$. ] 06f0: 2020 2020 2020 2020 200a 2020 2020 2020 [ . ] 0700: 2020 2020 2020 0a20 2020 2020 2020 2020 [ . ] 0710: 203c 2f6c 693e 0a20 2020 2020 2020 200a [ </li>. . ] 0720: 2020 2020 2020 2020 2020 3c6c 693e 0a20 [ <li>. ] 0730: 2020 2020 2020 2020 2020 200a 2020 2020 [ . ] 0740: 2020 2020 2020 2020 2020 2020 5e6c 6f67 [ ^log ] 0750: 696e 2e68 746d 6c24 0a20 2020 2020 2020 [ in.html$. ] 0760: 2020 2020 2020 2020 200a 2020 2020 2020 [ . ] 0770: 2020 2020 2020 0a20 2020 2020 2020 2020 [ . ] 0780: 203c 2f6c 693e 0a20 2020 2020 2020 200a [ </li>. . ] 0790: 2020 2020 2020 3c2f 6f6c 3e0a 2020 2020 [ </ol>. ] 07a0: 2020 3c70 3e54 6865 2063 7572 7265 6e74 [ <p>The current ] 07b0: 2055 524c 2c20 3c63 6f64 653e 696e 6465 [ URL, <code>inde ] 07c0: 782e 6874 6d3c 2f63 6f64 653e 2c20 6469 [ x.htm</code>, di ] 07d0: 646e 2774 206d 6174 6368 2061 6e79 206f [ dn't match any o ] 07e0: 6620 7468 6573 652e 3c2f 703e 0a20 2020 [ f these.</p>. ] 07f0: 200a 2020 3c2f 6469 763e 0a0a 2020 3c64 [ . </div>.. <d ] 0800: 6976 2069 643d 2265 7870 6c61 6e61 7469 [ iv id="explanati ] 0810: 6f6e 223e 0a20 2020 203c 703e 0a20 2020 [ on">. <p>. ] 0820: 2020 2059 6f75 2772 6520 7365 6569 6e67 [ You're seeing ] 0830: 2074 6869 7320 6572 726f 7220 6265 6361 [ this error beca ] 0840: 7573 6520 796f 7520 6861 7665 203c 636f [ use you have <co ] 0850: 6465 3e44 4542 5547 203d 2054 7275 653c [ de>DEBUG = True< ] 0860: 2f63 6f64 653e 2069 6e0a 2020 2020 2020 [ /code> in. ] 0870: 796f 7572 2044 6a61 6e67 6f20 7365 7474 [ your Django sett ] 0880: 696e 6773 2066 696c 652e 2043 6861 6e67 [ ings file. Chang ] 0890: 6520 7468 6174 2074 6f20 3c63 6f64 653e [ e that to <code> ] 08a0: 4661 6c73 653c 2f63 6f64 653e 2c20 616e [ False</code>, an ] 08b0: 6420 446a 616e 676f 0a20 2020 2020 2077 [ d Django. w ] 08c0: 696c 6c20 6469 7370 6c61 7920 6120 7374 [ ill display a st ] 08d0: 616e 6461 7264 2034 3034 2070 6167 652e [ andard 404 page. ] 08e0: 0a20 2020 203c 2f70 3e0a 2020 3c2f 6469 [ . </p>. </di ] 08f0: 763e 0a3c 2f62 6f64 793e 0a3c 2f68 746d [ v>.</body>.</htm ] 0900: 6c3e 0a [ l>. ] DEBUG_DISCONNECT [DEBUG] head_no[0] to target_no 0 active 1 [DEBUG] head_no[0] read N [STATUS] attack finished for 127.0.0.1 (waiting for children to complete tests) [DEBUG] head_no 0, kill 1, fail 0 [DEBUG] all targets done and all heads finished [DEBUG] while loop left with 1 [DEBUG] killing all remaining childs now that might be stuck 1 of 1 target completed, 0 valid passwords found Hydra (http://www.thc.org/thc-hydra) finished at 2015-08-02 21:17:54</code></pre> <p>The important bit is this:</p> <pre><code>[DEBUG] attempt result: found 0, redirect 1, location: http://127.0.0.1/index.html [VERBOSE] Page redirected to http://127.0.0.1/index.htm</code></pre> <p>Also, FYI your ssl cert for thc.org ran out yesterday.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/mhernes"><img src="https://avatars.githubusercontent.com/u/18550183?v=4" />mhernes</a> commented <strong> 8 years ago</strong> </div> <div class="markdown-body"> <p>Hello,</p> <p>I have the same issue :C Do you know if its solved?</p> <p>Thanks</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 8 years ago</strong> </div> <div class="markdown-body"> <p>there was a fix for the redirect behaviour a few days ago, which might have fixed this.</p> <p>please update your checkout, recompile, retry and report please</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/mhernes"><img src="https://avatars.githubusercontent.com/u/18550183?v=4" />mhernes</a> commented <strong> 8 years ago</strong> </div> <div class="markdown-body"> <p>Yeah is fixed now!!</p> <p>i used this comand: hydra -L username.txt -P password.txt localhost http-post-form "/dvwa/login.php:username=^USER^&password=^PASS^&Login=Login:F=Login failed" -v</p> <p>the output:</p> <p>Hydra v8.2-dev (c) 2016 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.</p> <p>Hydra (<a href="http://www.thc.org/thc-hydra">http://www.thc.org/thc-hydra</a>) starting at 2016-05-17 06:18:14 [DATA] max 16 tasks per 1 server, overall 64 tasks, 60 login tries (l:10/p:6), ~0 tries per task [DATA] attacking service http-post-form on port 80 [ATTEMPT] target localhost - login "admin" - pass "password" - 1 of 60 [child 0] [ATTEMPT] target localhost - login "admin" - pass "pass123" - 2 of 60 [child 1] [ATTEMPT] target localhost - login "admin" - pass "password123" - 3 of 60 [child 2] [ATTEMPT] target localhost - login "admin" - pass "admin" - 4 of 60 [child 3] [ATTEMPT] target localhost - login "admin" - pass "guest" - 5 of 60 [child 4] [ATTEMPT] target localhost - login "admin" - pass "owaspbwa" - 6 of 60 [child 5] [ATTEMPT] target localhost - login "administrator " - pass "password" - 7 of 60 [child 6] [ATTEMPT] target localhost - login "administrator " - pass "pass123" - 8 of 60 [child 7] [ATTEMPT] target localhost - login "administrator " - pass "password123" - 9 of 60 [child 8] [ATTEMPT] target localhost - login "administrator " - pass "admin" - 10 of 60 [child 9] [ATTEMPT] target localhost - login "administrator " - pass "guest" - 11 of 60 [child 10] [ATTEMPT] target localhost - login "administrator " - pass "owaspbwa" - 12 of 60 [child 11] [ATTEMPT] target localhost - login "root" - pass "password" - 13 of 60 [child 12] [ATTEMPT] target localhost - login "root" - pass "pass123" - 14 of 60 [child 13] [ATTEMPT] target localhost - login "root" - pass "password123" - 15 of 60 [child 14] [ATTEMPT] target localhost - login "root" - pass "admin" - 16 of 60 [child 15] [ATTEMPT] target localhost - login "root" - pass "guest" - 17 of 60 [child 3] [ATTEMPT] target localhost - login "root" - pass "owaspbwa" - 18 of 60 [child 4] [ATTEMPT] target localhost - login "system" - pass "password" - 19 of 60 [child 1] [ATTEMPT] target localhost - login "system" - pass "pass123" - 20 of 60 [child 2] [ATTEMPT] target localhost - login "system" - pass "password123" - 21 of 60 [child 5] [ATTEMPT] target localhost - login "system" - pass "admin" - 22 of 60 [child 6] [ATTEMPT] target localhost - login "system" - pass "guest" - 23 of 60 [child 14] [ATTEMPT] target localhost - login "system" - pass "owaspbwa" - 24 of 60 [child 7] [ATTEMPT] target localhost - login "guest" - pass "password" - 25 of 60 [child 8] [ATTEMPT] target localhost - login "guest" - pass "pass123" - 26 of 60 [child 9] [ATTEMPT] target localhost - login "guest" - pass "password123" - 27 of 60 [child 11] [ATTEMPT] target localhost - login "guest" - pass "admin" - 28 of 60 [child 12] [ATTEMPT] target localhost - login "guest" - pass "guest" - 29 of 60 [child 13] [ATTEMPT] target localhost - login "guest" - pass "owaspbwa" - 30 of 60 [child 10] [ATTEMPT] target localhost - login "operator" - pass "password" - 31 of 60 [child 15] [80][http-post-form] host: localhost login: admin password: password [ATTEMPT] target localhost - login "operator" - pass "pass123" - 32 of 60 [child 0] [ATTEMPT] target localhost - login "operator" - pass "password123" - 33 of 60 [child 3] [ATTEMPT] target localhost - login "operator" - pass "admin" - 34 of 60 [child 4] [ATTEMPT] target localhost - login "operator" - pass "guest" - 35 of 60 [child 1] [ATTEMPT] target localhost - login "operator" - pass "owaspbwa" - 36 of 60 [child 2] [ATTEMPT] target localhost - login "super " - pass "password" - 37 of 60 [child 5] [ATTEMPT] target localhost - login "super " - pass "pass123" - 38 of 60 [child 6] [ATTEMPT] target localhost - login "super " - pass "password123" - 39 of 60 [child 14] [ATTEMPT] target localhost - login "super " - pass "admin" - 40 of 60 [child 7] [ATTEMPT] target localhost - login "super " - pass "guest" - 41 of 60 [child 8] [ATTEMPT] target localhost - login "super " - pass "owaspbwa" - 42 of 60 [child 9] [ATTEMPT] target localhost - login "qa" - pass "password" - 43 of 60 [child 11] [ATTEMPT] target localhost - login "qa" - pass "pass123" - 44 of 60 [child 12] [ATTEMPT] target localhost - login "qa" - pass "password123" - 45 of 60 [child 13] [ATTEMPT] target localhost - login "qa" - pass "admin" - 46 of 60 [child 10] [ATTEMPT] target localhost - login "qa" - pass "guest" - 47 of 60 [child 15] [ATTEMPT] target localhost - login "qa" - pass "owaspbwa" - 48 of 60 [child 0] [ATTEMPT] target localhost - login "test" - pass "password" - 49 of 60 [child 4] [ATTEMPT] target localhost - login "test" - pass "pass123" - 50 of 60 [child 1] [ATTEMPT] target localhost - login "test" - pass "password123" - 51 of 60 [child 3] [ATTEMPT] target localhost - login "test" - pass "admin" - 52 of 60 [child 2] [ATTEMPT] target localhost - login "test" - pass "guest" - 53 of 60 [child 5] [ATTEMPT] target localhost - login "test" - pass "owaspbwa" - 54 of 60 [child 6] [ATTEMPT] target localhost - login "test1" - pass "password" - 55 of 60 [child 14] [ATTEMPT] target localhost - login "test1" - pass "pass123" - 56 of 60 [child 7] [ATTEMPT] target localhost - login "test1" - pass "password123" - 57 of 60 [child 8] [ATTEMPT] target localhost - login "test1" - pass "admin" - 58 of 60 [child 9] [ATTEMPT] target localhost - login "test1" - pass "guest" - 59 of 60 [child 11] [ATTEMPT] target localhost - login "test1" - pass "owaspbwa" - 60 of 60 [child 12] 1 of 1 target successfully completed, 1 valid password found Hydra (<a href="http://www.thc.org/thc-hydra">http://www.thc.org/thc-hydra</a>) finished at 2016-05-17 06:18:19</p> <p>All rigth mate, thanks you :D </p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/vanhauser-thc"><img src="https://avatars.githubusercontent.com/u/7396244?v=4" />vanhauser-thc</a> commented <strong> 8 years ago</strong> </div> <div class="markdown-body"> <p>thanks for reporting its fixed!</p> </div> </div> <div class="page-bar-simple"> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>

vanhauser-thc / thc-hydra

http-post-form issue in 8.2-dev #42