Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - zoup

Pages: [1] 2
1
Beginner's Corner / Hydra and DVWA in a VM - redirect to login.php
« on: August 30, 2015, 12:54:25 pm »
Hi there, i am using hydra and the damn vulnerable web application
to learn brute forcing with hydra.

The url i try to hack is:
/dvwa/vulnerabilities/brute/

The thing is i get an redirect to the main page where i must
authorize. I brute forced the login.php already with success.

Code: [Select]
[VERBOSE] Page redirected to http://192.168.56.101/dvwa/vulnerabilities/brute/../../login.php
So my question is:
How can i brute-force this webform when i have to first authorize
at the login.php ? I can't reach the brute page.

My commandline:

Code: [Select]
hydra -vV -l admin -P pw/25common.txt 192.168.56.101 http-get-form "/dvwa/vulnerabilities/brute/:username=^USER^&password=^PASS^&Login=Login:password incorrect"
EDIT:
I figured it out. Of cos it was the cookie.

Code: [Select]
hydra -vV -l admin -P pw/25common.txt 192.168.56.101 http-get-form "/dvwa/vulnerabilities/brute/:username=^USER^&password=^PASS^&Login=Login:password incorrect:H=Cookie: security=low; PHPSESSID=<phpsessid>"

2
Scripting Languages / Re: script for scanning random specific port with nmap
« on: September 18, 2014, 07:08:55 pm »
Thank you and sorry for asking stupid questions.

3
Scripting Languages / Re: script for scanning random specific port with nmap
« on: September 17, 2014, 04:22:54 pm »
@Architect
Sorry for my bad english. I am not a native english.

Ok. I try it the nmap way. The idea behind this was that i wanted to scan RANDOM targets until
this specific port is found.

4
Scripting Languages / Re: script for scanning random specific port with nmap
« on: September 16, 2014, 08:16:04 pm »
Some hint where could i start how nmap this manages ? Thank you.

5
Scripting Languages / script for scanning random specific port with nmap
« on: September 16, 2014, 07:33:12 pm »
I had this idea using nmap for random scanning for a specific port.
Maybe a bit stupid but useful. This is what i did:

Code: [Select]
#!/bin/bash

port="$1"

if [ "$port" = "" ]
then
echo "port misssing"
exit
fi

f='filtered'
while [ "$f" != 'open' ]
do
a=$(nmap -sS -Pn -p $port -iR 1 -o tmp | grep $port/ ) # )
f=$(echo $a | cut -f2 -d ' ')
echo $f
done

 :o

6
Hacking and Security / Re: hydra false positives - password crack doesnt work
« on: September 12, 2014, 06:44:54 pm »
Thank you proxx for this good tip. I set burpsuite as proxy and run the command again. 404 error. So i changed the
ip to the dns name and it worked.

hydra -w50 -l opera -P testwordlist -o found -t5 testasp.vulnweb.com http-post-form "/Login.asp?RetURL=/Default.asp?:tfUName=^USER^&tfUPass=^PASS^:Invalid login"

Still a beginner  :o

7
Hacking and Security / Re: hydra false positives - password crack doesnt work
« on: September 11, 2014, 03:53:47 pm »
I read some tutorials and the help for the http-post-form module and it says that the third argument is the response for an
BAD input. But i think hydra can't recognize this for some reason. I could use S= or F= too and i tried but i had the same result.
Maybe someone knows an answer but nevertheless i try some medusa now too.

8
Hacking and Security / hydra false positives - password crack doesnt work
« on: September 10, 2014, 06:43:54 pm »
Hi, i am trying to learn with hydra (version 7.6) on the cli in Kali linux (latest version).
I use this online test site for trying it out.
http://testasp.vulnweb.com

I registered as user opera and tried to crack my password.
It doesnt work. Before i tried hydra on my router too. Nothing.

The problem is that i get false positives. The password is the last
in the list and hydra tells for every password from the list that
it is the right one. Which is not.

This is the command i use:

hydra -vV -l opera -P testwordlist -o found -t5 87.230.29.167 http-post-form "/Login.asp?RetURL=/Default.asp?:tfUName=^USER^&tfUPass=^PASS^:Invalid login"

I tried it with higher waiting response time but still get the false positive results.

What am i missing ?
 :o



 

9
General discussion / Re: Gaming Issues
« on: June 12, 2013, 11:46:48 pm »
I had once a failed update of the nvidia drivers and recognized that PhysX was not properly installed. Did you try to reinstall ? Search registry for nvidia and kill  the stuff etc

10
General discussion / Re: My Pocket Tee Company
« on: June 12, 2013, 11:31:13 pm »
Is this the merchandise section of ez or what the heck is this shit ?

11
Found it on the Webs / Re: ethical hacking repository
« on: June 11, 2013, 12:10:29 am »
"There is light from heaven .... oh it's this post !!!" +1

Thnx.

12
Scripting Languages / Re: [Bash] Log wiping script
« on: June 11, 2013, 12:07:14 am »
I have something similar for my box. It's some hammer and amboss method but it works.

Code: [Select]
~/.bashrc
shred /home/iamtotallystupidbutilikeit/.bash_history ; rm /home/iamtotallystupidbutilikeit/.bash_history

# ignore sudo commands
HISTIGNORE=sudo*:*0-link*

13
Scripting Languages / Re: Scrape a website with wget
« on: June 10, 2013, 11:46:33 pm »
wget has a --spider switch too. So it don't downloads anything and you can go through the output and look if you find some interesting. But i think you already know. But i have to get posts :-))))

14
Found it on the Webs / Re: Psion Mobile Computers
« on: May 23, 2013, 06:36:14 pm »
I am a moron. I should have read the link carefully. I only have 2 of this. But nevertheless nice anyway.

Psion 3

15
Found it on the Webs / Re: Psion Mobile Computers
« on: May 22, 2013, 12:30:53 pm »
The link is broken.
I have 2 of this. Sadly they broken. You can get spare parts from a dealer in GB though.
As they worked i had a lot of fun with them.  :)



Pages: [1] 2