yelsanya
commented
3 years ago Just in case:
Closed yelsanya closed 3 years ago
yelsanya
commented
3 years ago Just in case:
Memogcia
commented
3 years ago I just updated hydra from 9.0 to 9.1 and use the same command to try passwords for my app, in the 9.1 version hangs, this could be related to what @yelsanya is issuing
vanhauser-thc
commented
3 years ago @yelsanya please make the effort to write a clear issue report. you just paste 2 pictures and expect that this makes everything clear? what is exactly not work? what is the difference between the first and second?
@Memogcia same for you, without any information ... how should that help? full command lines and what exactly is not working, etc.
yelsanya
commented
3 years ago @vanhauser-thc after running command below hydra can't process a single request (as you can see from the first screenshot it didn't finish in 3 minutes, while the same command without providing a header on the second pane finished in 1 second. I left it running for 30+ minutes, no changes):
hydra -l user -p pass 127.0.0.1 -s 3000 http-post-form "path:{\"email\"\:\"^USER^\",\"password\"\:\"^PASS^\"}:Invalid:H=anything: anything
The difference with the second screenshot is that I changed ":" to "\:" in the header part since in the manual page it is written in that way (I know that both should work).
I downgraded to v9.0 and the exact same command works perfectly fine.
vanhauser-thc
commented
3 years ago thank you that helps.
can you now please add the "-d" switch to both 9.0 and 9.1 commands and send the debug output?
Memogcia
commented
3 years ago I can't compile Hydra 9.0, I am on Kali Linux, installed the optional packages but it returns me an error, I think I will need to purge Hydra in order to compile and install it
kali@kali:~/Documents/thc-hydra$ make cc -I. -O3 -pie -fPIE -fstack-protector-all --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wl,-z,now -Wl,-z,relro -lm -o hydra hydra.c hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o hydra-memcached.o hydra-mongodb.o hydra-mysql.o hydra-mssql.o hydra-xmpp.o hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o hydra-redis.o hydra-rdp.o hydra-s7-300.c hydra-adam6500.o hydra-rtsp.o hydra-rpcap.o hydra-radmin2.o crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o hydra-time.o -lm -lz -lcurses -lssl -lfbclient -lidn -lpcre -lmysqlclient -lpq -lsvn_client-1 -lapr-1 -laprutil-1 -lsvn_subr-1 -lssh -lcrypto -lmemcached -L/usr/lib -L/usr/local/lib -L/lib -L/lib/x86_64-linux-gnu -I/usr/include/mysql -I/usr/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include/postgresql -I/usr/include -I/usr/include/subversion-1 -I/usr/include/apr-1.0 -I/usr/include/subversion-1 -I/usr/include/libmemcached-1.0 -DHAVE_MYSQL_MYSQL_H -DLIBOPENSSL -DLIBNCURSES -DLIBFIREBIRD -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE -DLIBMYSQLCLIENT -DLIBPOSTGRES -DLIBSVN -DLIBSSH -DHAVE_ZLIB -DLIBMCACHED -DHAVE_MATH_H /usr/bin/ld: hydra-pcnfs.o:(.bss+0x0): multiple definition ofbuf'; hydra-vnc.o:(.bss+0x0): first defined here
/usr/bin/ld: hydra-pcnfs.o:(.bss+0x8): multiple definition of cmdlinetarget'; hydra-vnc.o:(.bss+0x10): first defined here /usr/bin/ld: hydra-pcnfs.o:(.bss+0x20): multiple definition ofproxy_authentication'; hydra-vnc.o:(.bss+0x20): first defined here
/usr/bin/ld: hydra-pcnfs.o:(.bss+0x220): multiple definition of proxy_string_type'; hydra-vnc.o:(.bss+0x220): first defined here /usr/bin/ld: hydra-pcnfs.o:(.bss+0x4a0): multiple definition ofproxy_string_port'; hydra-vnc.o:(.bss+0x4a0): first defined here
/usr/bin/ld: hydra-pcnfs.o:(.bss+0x5a0): multiple definition of proxy_string_ip'; hydra-vnc.o:(.bss+0x5a0): first defined here /usr/bin/ld: hydra-pcnfs.o:(.bss+0xea0): multiple definition ofselected_proxy'; hydra-vnc.o:(.bss+0xea0): first defined here
.........
/usr/bin/ld: hydra-mod.o:(.bss+0x680): multiple definition of proxy_string_port'; hydra-vnc.o:(.bss+0x4a0): first defined here /usr/bin/ld: hydra-mod.o:(.bss+0x400): multiple definition ofproxy_string_type'; hydra-vnc.o:(.bss+0x220): first defined here
/usr/bin/ld: hydra-mod.o:(.bss+0x200): multiple definition of proxy_authentication'; hydra-vnc.o:(.bss+0x20): first defined here /usr/bin/ld: hydra-mod.o:(.bss+0x1f0): multiple definition ofcmdlinetarget'; hydra-vnc.o:(.bss+0x10): first defined here
/usr/bin/ld: hydra-mod.o:(.bss+0x108c): multiple definition of found'; hydra-vnc.o:(.bss+0xeac): first defined here /usr/bin/ld: hydra-mod.o:(.bss+0x1090): multiple definition ofport'; hydra-vnc.o:(.bss+0xeb0): first defined here
collect2: error: ld returned 1 exit status
make: *** [Makefile:61: hydra] Error 1
`
vanhauser-thc
commented
3 years ago @Memogcia I am also kali so no :) most likely something is wrong in your build or how you compiled. try this:
make clean
git stash
git pull
./configure
makeYeah, I can compile the last version, so I did what you told me, here is an output with the most recent changes in master
kali@kali:~/Documents/thc-hydra$ ./hydra -l admin -t 2 -w 3 -V -d -f -P ../Dictionaries/rockyou_cleaned.txt mydomain.com https-post-form "/login:csrf_token_name=${CSRF}&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=${CSRF}; PHPSESSID=${SESSIONID}" Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
[WARNING] the waittime you set is low, this can result in errornous results [DEBUG] Output color flag is 1 Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-09-19 08:14:10 [DEBUG] cmdline: ./hydra -l admin -t 2 -w 3 -V -d -f -P ../Dictionaries/rockyou_cleaned.txt mydomain.com https-post-form /login:csrf_token_name=fb0e4f9030d4303ba4210d4ea8359a13&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=fb0e4f9030d4303ba4210d4ea8359a13; PHPSESSID=20e2e69e0cc90ad8185b2de584f750d1 [WARNING] Restorefile (you have 10 seconds to abort... (use option -I to skip waiting)) from a previous session found, to prevent overwriting, ./hydra.restore [DATA] max 2 tasks per 1 server, overall 2 tasks, 13722394 login tries (l:1/p:13722394), ~6861197 tries per task [DATA] attacking http-post-forms://mydomain.com:443/login:csrf_token_name=fb0e4f9030d4303ba4210d4ea8359a13&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=fb0e4f9030d4303ba4210d4ea8359a13; PHPSESSID=20e2e69e0cc90ad8185b2de584f750d1 [VERBOSE] Resolving addresses ... [DEBUG] resolving mydomain.com [VERBOSE] resolving done [DEBUG] Code: attack Time: 1600521263 [DEBUG] Options: mode 1 ssl 1 restore 0 showAttempt 1 tasks 2 max_use 2 tnp 0 tpsal 0 tprl 0 exit_found 1 miscptr /login:csrf_token_name=fb0e4f9030d4303ba4210d4ea8359a13&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=fb0e4f9030d4303ba4210d4ea8359a13; PHPSESSID=20e2e69e0cc90ad8185b2de584f750d1 service http-post-form [DEBUG] Brains: active 0 targets 1 finished 0 todo_all 13722394 todo 13722394 sent 0 found 0 countlogin 1 sizelogin 7 countpass 13722394 sizepass 131837964 [DEBUG] Target 0 - target mydomain.com ip xxx.xxx.xx.xxx login_no 0 pass_no 0 sent 0 pass_state 0 redo_state 0 (0 redos) use_count 0 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr 123456 [DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Task 1 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null) [DEBUG] Tasks 2 inactive 0 active [DEBUG] child 0 got target 0 selected [DEBUG] child 0 spawned for target 0 with pid 30060 [DEBUG] child 1 got target 0 selected [DEBUG] head_no 0 has pid 30060 [DEBUG] child 1 spawned for target 0 with pid 30061 [DEBUG] head_no 1 has pid 30061 [DEBUG] head_no[0] read n [DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass 123456, logincnt 0/1, passcnt 0/13722394, loop_cnt 1 [DEBUG] send_next_pair_mid done 1, pass_state 3, clogin admin, cpass 123456, tlogin admin, tpass 123456789, redo 0 [ATTEMPT] target mydomain.com - login "admin" - pass "123456" - 1 of 13722394 [child 0] (0/0) [DEBUG] head_no[1] read n [DEBUG] send_next_pair_init target 0, head 1, redo 0, redo_state 0, pass_state 3. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass 123456789, logincnt 0/1, passcnt 1/13722394, loop_cnt 1 [DEBUG] send_next_pair_mid done 1, pass_state 3, clogin admin, cpass 123456789, tlogin admin, tpass password, redo 0 [ATTEMPT] target mydomain.com - login "admin" - pass "123456789" - 2 of 13722394 [child 1] (0/0) [STATUS] 2.00 tries/min, 2 tries in 00:01h, 13722392 to do in 114353:17h, 2 active [DEBUG] Code: STATUS Time: 1600521323 [DEBUG] Options: mode 1 ssl 1 restore 0 showAttempt 1 tasks 2 max_use 2 tnp 0 tpsal 0 tprl 0 exit_found 1 miscptr /login:csrf_token_name=fb0e4f9030d4303ba4210d4ea8359a13&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=fb0e4f9030d4303ba4210d4ea8359a13; PHPSESSID=20e2e69e0cc90ad8185b2de584f750d1 service http-post-form [DEBUG] Brains: active 2 targets 1 finished 0 todo_all 13722394 todo 13722394 sent 2 found 0 countlogin 1 sizelogin 7 countpass 13722394 sizepass 131837964 [DEBUG] Target 0 - target mydomain.com ip xxx.xxx.xx.xxx login_no 0 pass_no 2 sent 2 pass_state 3 redo_state 0 (0 redos) use_count 2 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr password [DEBUG] Task 0 - pid 30060 active 1 redo 0 current_login_ptr admin current_pass_ptr 123456 [DEBUG] Task 1 - pid 30061 active 1 redo 0 current_login_ptr admin current_pass_ptr 123456789 [DEBUG] Tasks 0 inactive 2 active ^C[ERROR] Received signal 2, going down ... [DEBUG] head_no 0, kill 1, fail 0 [DEBUG] Writing restore file... [DEBUG] sizeof hydra_head: 304 [DEBUG] memcmp: 0 [DEBUG] we will redo the following combination: target mydomain.com child 0 login "admin" pass "123456" [DEBUG] we will redo the following combination: target mydomain.com child 1 login "admin" pass "123456789" [DEBUG] done writing session file The session file ./hydra.restore was written. Type "hydra -R" to resume session. [DEBUG] Code: hydra_restore_write() Time: 1600521332 [DEBUG] Options: mode 1 ssl 1 restore 0 showAttempt 1 tasks 2 max_use 2 tnp 0 tpsal 0 tprl 0 exit_found 1 miscptr /login:csrf_token_name=fb0e4f9030d4303ba4210d4ea8359a13&login_username=^USER^&login_password=^PASS^&login_submit=Log+in%21:S=moved:H=Content-Type: application/x-www-form-urlencoded:H=Cookie: csrf_cookie_name=fb0e4f9030d4303ba4210d4ea8359a13; PHPSESSID=20e2e69e0cc90ad8185b2de584f750d1 service http-post-form [DEBUG] Brains: active 1 targets 1 finished 0 todo_all 13722394 todo 13722394 sent 2 found 0 countlogin 1 sizelogin 7 countpass 13722394 sizepass 131837964 [DEBUG] Target 0 - target mydomain.com ip xxx.xxx.xx.xxx login_no 0 pass_no 2 sent 2 pass_state 3 redo_state 0 (0 redos) use_count 1 failed 0 done 0 fail_count 0 login_ptr admin pass_ptr password [DEBUG] Task 0 - pid -1 active 0 redo 0 current_login_ptr admin current_pass_ptr 123456 [DEBUG] Task 1 - pid 30061 active 1 redo 0 current_login_ptr admin current_pass_ptr 123456789 [DEBUG] Tasks 1 inactive 1 active
Edit: When I want to compile Hydra 9.0:
And It shows me the error that I commented https://github.com/vanhauser-thc/thc-hydra/issues/564#issuecomment-694952144
RaduNico
commented
3 years ago I think I can clear up a bit how to reproduce this bug as I am currently experiencing it as well. Providing any headers for hydra causes it to hang and not send any requests. So for example running the command below results in hydra working as expected:
hydra -l 'user' -p 'pass' domain.com http-post-form '/login/:username=^USER^&password=^PASS^:Error'
Whereas the next command would cause hydra not to send any outgoing traffic to the web server and appear to get stuck in a loop:
hydra -l 'user' -p 'pass' domain.com http-post-form '/login/:username=^USER^&password=^PASS^:Error:H=Header: header'
The problem seems to be introduced only in hydra v9.1 as hydra 9.0 does work just fine. I'll provide debug messages for both. I sent SIGINT to the hydra 9.1 process at some point as it will just loop over and over (you'll notice a ^C somewhere in the output).
hydra v9.1$ hydra -l 'user' -p 'pass' 192.168.14.3 -s 8080 http-post-form '/login/:username=^USER^&password=^PASS^:Error:H=Header: header' -d
Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
[DEBUG] Output color flag is 0
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-10-09 19:00:00
[DEBUG] cmdline: hydra -l user -p pass -s 8080 -d 192.168.14.3 http-post-form /login/:username=^USER^&password=^PASS^:Error:H=Header: header
[DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking http-post-form://192.168.14.3:8080/login/:username=^USER^&password=^PASS^:Error:H=Header: header
[VERBOSE] Resolving addresses ...
[DEBUG] resolving 192.168.14.3
[VERBOSE] resolving done
[DEBUG] Code: attack Time: 1602259200
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 0 pass_no 0 sent 0 pass_state 0 redo_state 0 (0 redos) use_count 0 failed 0 done 0 fail_count 0 login_ptr user pass_ptr pass
[DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
[DEBUG] Tasks 1 inactive 0 active
[DEBUG] child 0 got target 0 selected
[DEBUG] child 0 spawned for target 0 with pid 32373
[DEBUG] head_no 0 has pid 32373
[DEBUG] head_no[0] read n
[DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin user, tpass pass, logincnt 0/1, passcnt 0/1, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 0, clogin user, cpass pass, tlogin -p, tpass pass, redo 0
[ATTEMPT] target 192.168.14.3 - login "user" - pass "pass" - 1 of 1 [child 0] (0/0)
[STATUS] 1.00 tries/min, 1 tries in 00:01h, 1 to do in 00:01h, 1 active
[DEBUG] Code: STATUS Time: 1602259260
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 1 targets 1 finished 0 todo_all 1 todo 1 sent 1 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 1 pass_no 0 sent 1 pass_state 0 redo_state 0 (0 redos) use_count 1 failed 0 done 0 fail_count 0 login_ptr -p pass_ptr pass
[DEBUG] Task 0 - pid 32373 active 1 redo 0 current_login_ptr user current_pass_ptr pass
[DEBUG] Tasks 0 inactive 1 active
[STATUS] 0.50 tries/min, 1 tries in 00:02h, 1 to do in 00:01h, 1 active
[DEBUG] Code: STATUS Time: 1602259320
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 1 targets 1 finished 0 todo_all 1 todo 1 sent 1 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 1 pass_no 0 sent 1 pass_state 0 redo_state 0 (0 redos) use_count 1 failed 0 done 0 fail_count 0 login_ptr -p pass_ptr pass
[DEBUG] Task 0 - pid 32373 active 1 redo 0 current_login_ptr user current_pass_ptr pass
[DEBUG] Tasks 0 inactive 1 active
[STATUS] 0.33 tries/min, 1 tries in 00:03h, 1 to do in 00:01h, 1 active
[DEBUG] Code: STATUS Time: 1602259380
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 1 targets 1 finished 0 todo_all 1 todo 1 sent 1 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 1 pass_no 0 sent 1 pass_state 0 redo_state 0 (0 redos) use_count 1 failed 0 done 0 fail_count 0 login_ptr -p pass_ptr pass
[DEBUG] Task 0 - pid 32373 active 1 redo 0 current_login_ptr user current_pass_ptr pass
[DEBUG] Tasks 0 inactive 1 active
^C[ERROR] Received signal 2, going down ...
[DEBUG] Writing restore file... [DEBUG] sizeof hydra_head: 304
[DEBUG] memcmp: 0
[DEBUG] we will redo the following combination: target 192.168.14.3 child 0 login "user" pass "pass"
[DEBUG] done writing session file
The session file ./hydra.restore was written. Type "hydra -R" to resume session.
[DEBUG] Code: hydra_restore_write() Time: 1602259385
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 1 targets 1 finished 0 todo_all 1 todo 1 sent 1 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 1 pass_no 0 sent 1 pass_state 0 redo_state 0 (0 redos) use_count 1 failed 0 done 0 fail_count 0 login_ptr -p pass_ptr pass
[DEBUG] Task 0 - pid 32373 active 1 redo 0 current_login_ptr user current_pass_ptr pass
[DEBUG] Tasks 0 inactive 1 activehydra v9.0$ hydra -l 'user' -p 'pass' 192.168.14.3 -s 8080 http-post-form '/login/:username=^USER^&password=^PASS^:Error:H=Header: header' -d
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
[DEBUG] Output color flag is 0
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-10-09 19:04:10
[DEBUG] cmdline: hydra -l user -p pass -s 8080 -d 192.168.14.3 http-post-form /login/:username=^USER^&password=^PASS^:Error:H=Header: header
[DATA] max 1 task per 1 server, overall 1 task, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking http-post-form://192.168.14.3:8080/login/:username=^USER^&password=^PASS^:Error:H=Header: header
[VERBOSE] Resolving addresses ...
[DEBUG] resolving 192.168.14.3
[VERBOSE] resolving done
[DEBUG] Code: attack Time: 1602259450
[DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 1 tnp 0 tpsal 0 tprl 0 exit_found 0 miscptr /login/:username=^USER^&password=^PASS^:Error:H=Header: header service http-post-form
[DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 5 countpass 1 sizepass 5
[DEBUG] Target 0 - target 192.168.14.3 ip 192.168.14.3 login_no 0 pass_no 0 sent 0 pass_state 0 redo_state 0 (0 redos) use_count 0 failed 0 done 0 fail_count 0 login_ptr user pass_ptr pass
[DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
[DEBUG] Tasks 1 inactive 0 active
[DEBUG] child 0 got target 0 selected
[DEBUG] child 0 spawned for target 0 with pid 34692
[DEBUG] head_no 0 has pid 34692
DEBUG_CONNECT_OK
[DEBUG] head_no[0] read n
[DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin user, tpass pass, logincnt 0/1, passcnt 0/1, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 0, clogin user, cpass pass, tlogin -p, tpass pass, redo 0
[ATTEMPT] target 192.168.14.3 - login "user" - pass "pass" - 1 of 1 [child 0] (0/0)
[DEBUG] SEND [pid:34692] (94 bytes):
0000: 4745 5420 2f6c 6f67 696e 2f20 4854 5450 [ GET /login/ HTTP ]
0010: 2f31 2e30 0d0a 4865 6164 6572 3a20 2068 [ /1.0..Header: h ]
0020: 6561 6465 720d 0a48 6f73 743a 2031 3932 [ eader..Host: 192 ]
0030: 2e31 3638 2e31 342e 330d 0a55 7365 722d [ .168.14.3..User- ]
0040: 4167 656e 743a 204d 6f7a 696c 6c61 2f35 [ Agent: Mozilla/5 ]
0050: 2e30 2028 4879 6472 6129 0d0a 0d0a [ .0 (Hydra).... ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 34692
[DEBUG] RECV [pid:34692] (409 bytes):
0000: 4854 5450 2f31 2e31 2034 3030 2042 6164 [ HTTP/1.1 400 Bad ]
0010: 2052 6571 7565 7374 0d0a 5365 7276 6572 [ Request..Server ]
0020: 3a20 6e67 696e 780d 0a44 6174 653a 2046 [ : nginx..Date: F ]
0030: 7269 2c20 3039 204f 6374 2032 3032 3020 [ ri, 09 Oct 2020 ]
0040: 3136 3a30 343a 3130 2047 4d54 0d0a 436f [ 16:04:10 GMT..Co ]
0050: 6e74 656e 742d 5479 7065 3a20 7465 7874 [ ntent-Type: text ]
0060: 2f68 746d 6c0d 0a43 6f6e 7465 6e74 2d4c [ /html..Content-L ]
0070: 656e 6774 683a 2032 3634 0d0a 436f 6e6e [ ength: 264..Conn ]
0080: 6563 7469 6f6e 3a20 636c 6f73 650d 0a0d [ ection: close... ]
0090: 0a3c 6874 6d6c 3e0d 0a3c 6865 6164 3e3c [ .<html>..<head>< ]
00a0: 7469 746c 653e 3430 3020 5468 6520 706c [ title>400 The pl ]
00b0: 6169 6e20 4854 5450 2072 6571 7565 7374 [ ain HTTP request ]
00c0: 2077 6173 2073 656e 7420 746f 2048 5454 [ was sent to HTT ]
00d0: 5053 2070 6f72 743c 2f74 6974 6c65 3e3c [ PS port</title>< ]
00e0: 2f68 6561 643e 0d0a 3c62 6f64 7920 6267 [ /head>..<body bg ]
00f0: 636f 6c6f 723d 2277 6869 7465 223e 0d0a [ color="white">.. ]
0100: 3c63 656e 7465 723e 3c68 313e 3430 3020 [ <center><h1>400 ]
0110: 4261 6420 5265 7175 6573 743c 2f68 313e [ Bad Request</h1> ]
0120: 3c2f 6365 6e74 6572 3e0d 0a3c 6365 6e74 [ </center>..<cent ]
0130: 6572 3e54 6865 2070 6c61 696e 2048 5454 [ er>The plain HTT ]
0140: 5020 7265 7175 6573 7420 7761 7320 7365 [ P request was se ]
0150: 6e74 2074 6f20 4854 5450 5320 706f 7274 [ nt to HTTPS port ]
0160: 3c2f 6365 6e74 6572 3e0d 0a3c 6872 3e3c [ </center>..<hr>< ]
0170: 6365 6e74 6572 3e6e 6769 6e78 3c2f 6365 [ center>nginx</ce ]
0180: 6e74 6572 3e0d 0a3c 2f62 6f64 793e 0d0a [ nter>..</body>.. ]
0190: 3c2f 6874 6d6c 3e0d 0a [ </html>.. ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 34692
DEBUG_DISCONNECT
DEBUG_CONNECT_OK
[DEBUG] SEND [pid:34692] (201 bytes):
0000: 504f 5354 202f 6c6f 6769 6e2f 2048 5454 [ POST /login/ HTT ]
0010: 502f 312e 300d 0a48 6561 6465 723a 2020 [ P/1.0..Header: ]
0020: 6865 6164 6572 0d0a 486f 7374 3a20 3139 [ header..Host: 19 ]
0030: 322e 3136 382e 3134 2e33 0d0a 5573 6572 [ 2.168.14.3..User ]
0040: 2d41 6765 6e74 3a20 4d6f 7a69 6c6c 612f [ -Agent: Mozilla/ ]
0050: 352e 3020 2848 7964 7261 290d 0a43 6f6e [ 5.0 (Hydra)..Con ]
0060: 7465 6e74 2d4c 656e 6774 683a 2032 370d [ tent-Length: 27. ]
0070: 0a43 6f6e 7465 6e74 2d54 7970 653a 2061 [ .Content-Type: a ]
0080: 7070 6c69 6361 7469 6f6e 2f78 2d77 7777 [ pplication/x-www ]
0090: 2d66 6f72 6d2d 7572 6c65 6e63 6f64 6564 [ -form-urlencoded ]
00a0: 0d0a 436f 6f6b 6965 3a20 0d0a 0d0a 7573 [ ..Cookie: ....us ]
00b0: 6572 6e61 6d65 3d75 7365 7226 7061 7373 [ ername=user&pass ]
00c0: 776f 7264 3d70 6173 73 [ word=pass ]
HTTP request sent:[0A]POST /login/ HTTP/1.0[0D][0A]Header: header[0D][0A]Host: 192.168.14.3[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 27[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A]Cookie: [0D][0A][0D][0A]username=user&password=pass[0A]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 34692
[DEBUG] RECV [pid:34692] (409 bytes):
0000: 4854 5450 2f31 2e31 2034 3030 2042 6164 [ HTTP/1.1 400 Bad ]
0010: 2052 6571 7565 7374 0d0a 5365 7276 6572 [ Request..Server ]
0020: 3a20 6e67 696e 780d 0a44 6174 653a 2046 [ : nginx..Date: F ]
0030: 7269 2c20 3039 204f 6374 2032 3032 3020 [ ri, 09 Oct 2020 ]
0040: 3136 3a30 343a 3131 2047 4d54 0d0a 436f [ 16:04:11 GMT..Co ]
0050: 6e74 656e 742d 5479 7065 3a20 7465 7874 [ ntent-Type: text ]
0060: 2f68 746d 6c0d 0a43 6f6e 7465 6e74 2d4c [ /html..Content-L ]
0070: 656e 6774 683a 2032 3634 0d0a 436f 6e6e [ ength: 264..Conn ]
0080: 6563 7469 6f6e 3a20 636c 6f73 650d 0a0d [ ection: close... ]
0090: 0a3c 6874 6d6c 3e0d 0a3c 6865 6164 3e3c [ .<html>..<head>< ]
00a0: 7469 746c 653e 3430 3020 5468 6520 706c [ title>400 The pl ]
00b0: 6169 6e20 4854 5450 2072 6571 7565 7374 [ ain HTTP request ]
00c0: 2077 6173 2073 656e 7420 746f 2048 5454 [ was sent to HTT ]
00d0: 5053 2070 6f72 743c 2f74 6974 6c65 3e3c [ PS port</title>< ]
00e0: 2f68 6561 643e 0d0a 3c62 6f64 7920 6267 [ /head>..<body bg ]
00f0: 636f 6c6f 723d 2277 6869 7465 223e 0d0a [ color="white">.. ]
0100: 3c63 656e 7465 723e 3c68 313e 3430 3020 [ <center><h1>400 ]
0110: 4261 6420 5265 7175 6573 743c 2f68 313e [ Bad Request</h1> ]
0120: 3c2f 6365 6e74 6572 3e0d 0a3c 6365 6e74 [ </center>..<cent ]
0130: 6572 3e54 6865 2070 6c61 696e 2048 5454 [ er>The plain HTT ]
0140: 5020 7265 7175 6573 7420 7761 7320 7365 [ P request was se ]
0150: 6e74 2074 6f20 4854 5450 5320 706f 7274 [ nt to HTTPS port ]
0160: 3c2f 6365 6e74 6572 3e0d 0a3c 6872 3e3c [ </center>..<hr>< ]
0170: 6365 6e74 6572 3e6e 6769 6e78 3c2f 6365 [ center>nginx</ce ]
0180: 6e74 6572 3e0d 0a3c 2f62 6f64 793e 0d0a [ nter>..</body>.. ]
0190: 3c2f 6874 6d6c 3e0d 0a [ </html>.. ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 5, pid: 34692
[DEBUG] attempt result: found 0, redirect 0, location:
DEBUG_DISCONNECT
DEBUG_CONNECT_OK
[DEBUG] head_no[0] read F
[8080][http-post-form] host: 192.168.14.3 login: user password: pass
[DEBUG] head_no[0] read n
[STATUS] attack finished for 192.168.14.3 (waiting for children to complete tests)
[DEBUG] head_no 0, kill 1, fail 0
[DEBUG] all targets done and all heads finished
[DEBUG] while loop left with 1
1 of 1 target successfully completed, 1 valid password found
[DEBUG] killing all remaining children now that might be stuck
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2020-10-09 19:04:11Cheers, Radu
vanhauser-thc
commented
3 years ago @RaduNico thank you, that was a very good analysis! I fixed the bug, can you please test if it works for your usecase?
Memogcia
commented
3 years ago @vanhauser-thc I can confirm that It works with the Hydra v9.2-dev version. It doesn't hang anymore and continues with the next attempts, I will explain better my uses cases in the future. Thanks both @RaduNico @vanhauser-thc
EDIT: also I used the debug flag and It shows the debug like in the v9.0 that @RaduNico showed above
P.S. Sorry for opening new issue wasn't sure whether closed issue will be checked