Hydra input

Hello,

In Network Security Analysis Using Wireshark, Snort, and SO course, in Lab 3 part 2, Jesse enters the following into kali’s terminal:![Screenshot from 2021-01-03 16-50-32|690x49]


How should I adjust this input to run this brute force attack, if my burp suite did not give me the same output? In fact, 2 things happen in my case that are not the same in the video:

  1. the POST request doesn’t come back with 200 status, but gives me 401 response.
  2. HTML code of my version of squert page does not have “The user name or password is incorrect” text anywhere (If I try to enter the incorrect password on squert page, nothing happens, no alert/message appears), so I guess I can’t add this text to the hydra command. If I live that text out, I get the error: :Hydra … Wrong syntax, requires three arguments separated by a colon which may not be null …".
    If I add any text from that responseHTML, like “Security Onion” header, then hydra just hangs in there, never stops, even though the password is simply 1234 and it should spit out the answer almost instantly.
  1. (errors continue until ^C)

Screenshots from my Burp Suite are posted in the reply to the question.

Please help me to make this work! Thank you.

Pasting my BurpSuite output here:


( I selected the ‘Security Onion’ line which I tried in the hydra input, although I now see that these words are used in the html twice: as a header and as a title above that…)

Did you try using GET request instead of POST as shown in the error. I am not sure if it will work or not. Also, the Security onion has updated a lot of things from 2018 so they may have changed the site in some way. Try to see what happens when you type the incorrect password (look at the HTML response in Burp Suite). Also, check what happens when you type the correct password, does it logs in or no? If not then maybe there is some other problem

nothing works :frowning: