vanhauser-thc
commented
5 years ago If it is in the path you should be able to use encoding, e.g. %3a for a colon
Closed SolomonSklash closed 5 years ago
vanhauser-thc
commented
5 years ago If it is in the path you should be able to use encoding, e.g. %3a for a colon
vanhauser-thc
commented
5 years ago It works perfecly fine with escaping. you got a wrong command line. please do better research next time before opening an issue.
hydra -P passwords -L users -e nsr -s 8000 192.168.1.1 http-post-form '/blah\:auth:username=^USER^&password=^PASS^:Invalid'
I ran into an issue attempting to use hydra on a Hackthebox.eu machine. The path of the authentication page contained a colon. This caused the colon delimiter for the path, POST parameters, and success string to break, as there were 4 colons and they were not in the expected order.
Example:
hydra -e nsr 192.168.1.1:8000 http-post-form '/blah:auth:username=^USER^&password=^PASS^:Invalid' -P passwords -L usersI tried using escaping the path colon with
\and URL encoding it as well, but no luck. I've checked the docs and don't see a way to define a different delimiter.