[ВОПРОС] Брут админки роутера Гидрой (Hydra)

Discussion in 'Песочница' started by kpa6, 28 Oct 2015.

  1. kpa6

    kpa6 Banned

    Joined:
    4 Sep 2011
    Messages:
    25
    Likes Received:
    2
    Reputations:
    0
    Здравствуйте.
    Люди добрые, спасайте.
    Уже какой час сижу и пытаюсь забрутить админку своего собственного роутера с помощью гидры.
    Вечно какие-то косяки.
    Помогите, пожалуйста, составить правильный запрос. Буду премного благодарен.
    Вот заголовки, передаваемые браузером при входе в админку:
    (Пароль 12344321 - неверный, если это важно)
    Code:
    http://192.168.1.1/index.cgi
    
    POST /index.cgi HTTP/1.1
    Host: 192.168.1.1
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
    Accept-Encoding: gzip, deflate
    DNT: 1
    Referer: http://192.168.1.1/
    Cookie: cookie_lang=eng; client_login=admin; client_password=12344321
    Connection: keep-alive
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 48
    v2=y&rs_type=html&A1=admin&A2=12344321&auth=auth
    HTTP/1.0 200 OK
    Pragma: no-cache
    Cache-Control: no-cache, must-revalidate
    Content-Type: text/html
    Expires: Tue, 02 Jan 2000 01:00:00 GMT
    Last-Modified: Thu, 01 Jan 1970 11:48:37 GMT
    Set-Cookie: cookie_lang=eng
    Составляю следующий запрос:
    Code:
    hydra -l admin -p crabping1 192.168.1.1 http-post-form "/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:badAuthKey:H=Cookie:cookie_lang=eng; client_login=^USER^; client_password=^PASS^:C=cookie_lang=eng:H=Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5;en;q=0.3:H=Accept-Encoding: gzip, deflate:H=Referer: 192.168.1.1:H=DNT:1" -fd -o /root/Desktop/123.txt -t 1
    
    Вот дебаг:
    (http://pastebin.com/HdustMAR#)
    Code:
    [LIST=1]
    [*]root@kali:~# clear
    [*][3;J
    [*]
    
    [*]root@kali:~# hydra -l admin -p crabping1 192.168.1.1 http-post-form"/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:badAuthKey:H=Cookie: cookie_lang=eng; client_login=^USER^; client_password=^PASS^:C=cookie_lang=eng:H=Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5;en;q=0.3:H=Accept-Encoding: gzip, deflate:H=Referer: 192.168.1.1:H=DNT:1" -fd -o /root/Desktop/123.txt -t 1
    [*]Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
    [*]
    
    [*][DEBUG] Output color flag is 1
    [*]Hydra (http://www.thc.org/thc-hydra) starting at 2015-10-28 04:53:11
    [*][DEBUG] cmdline: hydra -l admin -p crabping1 -fd -o /root/Desktop/123.txt -t 1 192.168.1.1 http-post-form/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:badAuthKey:H=Cookie: cookie_lang=eng; client_login=^USER^;client_password=^PASS^:C=cookie_lang=eng:H=Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5;en;q=0.3:H=Accept-Encoding: gzip, deflate:H=Referer: 192.168.1.1:H=DNT:1
    [*][DATA] max 1 task per 1 server, overall 64 tasks, 1 login try (l:1/p:1), ~0 tries per task
    [*][DATA] attacking service http-post-form on port 80
    [*][VERBOSE] Resolving addresses ...
    [*][DEBUG] resolving 192.168.1.1
    [*]done
    [*][DEBUG] Code: attack   Time: 1446007991
    [*][DEBUG] Options: mode 0 ssl 0 restore 0 showAttempt 0 tasks 1 max_use 64 tnp 0 tpsal 0 tprl 0 exit_found 1 miscptr/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:badAuthKey:H=Cookie: cookie_lang=eng; client_login=^USER^;client_password=^PASS^:C=cookie_lang=eng:H=Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5;en;q=0.3:H=Accept-Encoding: gzip, deflate:H=Referer: 192.168.1.1:H=DNT:1 service http-post-form
    [*][DEBUG] Brains: active 0 targets 1 finished 0 todo_all 1 todo 1 sent 0 found 0 countlogin 1 sizelogin 6 countpass 1 sizepass 11
    [*][DEBUG] Target 0 - target 192.168.1.1  ip 192.168.1.1  login_no 0 pass_no 0 sent 0 pass_state 0 use_count 0 failed 0 done 0 fail_count0 login_ptr admin  pass_ptr crabping1
    [*][DEBUG] Task 0 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 1 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 2 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 3 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 4 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 5 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 6 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 7 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 8 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 9 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 10 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 11 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 12 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 13 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 14 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 15 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 16 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 17 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 18 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 19 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 20 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 21 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 22 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 23 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 24 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 25 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 26 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 27 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 28 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 29 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 30 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 31 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 32 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 33 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 34 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 35 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 36 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 37 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 38 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 39 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 40 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 41 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 42 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 43 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 44 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 45 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 46 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 47 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 48 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 49 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 50 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 51 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 52 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 53 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 54 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 55 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 56 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 57 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 58 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 59 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 60 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 61 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 62 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] Task 63 - pid 0 active 0 redo 0 current_login_ptr (null) current_pass_ptr (null)
    [*][DEBUG] head_no[0] to target_no 0 active 0
    [*][DEBUG] child 0 got target 0 selected
    [*][DEBUG] child 0 spawned for target 0 with pid 3260
    [*][DEBUG] head_no[1] to target_no 0 active 0
    [*][DEBUG] child 1 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 1, kill 0, fail 3
    [*][DEBUG] head_no 0 has pid 3260
    [*][DEBUG] head_no[2] to target_no 0 active 0
    [*][DEBUG] child 2 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 2, kill 0, fail 3
    [*][DEBUG] head_no[3] to target_no 0 active 0
    [*][DEBUG] child 3 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 3, kill 0, fail 3
    [*][DEBUG] head_no[4] to target_no 0 active 0
    [*][DEBUG] child 4 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 4, kill 0, fail 3
    [*][DEBUG] head_no[5] to target_no 0 active 0
    [*][DEBUG] child 5 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 5, kill 0, fail 3
    [*][DEBUG] head_no[6] to target_no 0 active 0
    [*][DEBUG] child 6 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 6, kill 0, fail 3
    [*][DEBUG] head_no[7] to target_no 0 active 0
    [*][DEBUG] child 7 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 7, kill 0, fail 3
    [*][DEBUG] head_no[8] to target_no 0 active 0
    [*][DEBUG] child 8 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 8, kill 0, fail 3
    [*][DEBUG] head_no[9] to target_no 0 active 0
    [*][DEBUG] child 9 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 9, kill 0, fail 3
    [*][DEBUG] head_no[10] to target_no 0 active 0
    [*][DEBUG] child 10 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 10, kill 0, fail 3
    [*][DEBUG] head_no[11] to target_no 0 active 0
    [*][DEBUG] child 11 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 11, kill 0, fail 3
    [*][DEBUG] head_no[12] to target_no 0 active 0
    [*][DEBUG] child 12 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 12, kill 0, fail 3
    [*][DEBUG] head_no[13] to target_no 0 active 0
    [*][DEBUG] child 13 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 13, kill 0, fail 3
    [*][DEBUG] head_no[14] to target_no 0 active 0
    [*][DEBUG] child 14 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 14, kill 0, fail 3
    [*][DEBUG] head_no[15] to target_no 0 active 0
    [*][DEBUG] child 15 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets leftDEBUG_CONNECT_OK
    [*][DEBUG] head_no 15, kill 0, fail 3
    [*]
    
    [*][DEBUG] head_no[16] to target_no 0 active 0
    [*][DEBUG] child 16 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 16, kill 0, fail 3
    [*][DEBUG] head_no[17] to target_no 0 active 0
    [*][DEBUG] child 17 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 17, kill 0, fail 3
    [*][DEBUG] head_no[18] to target_no 0 active 0
    [*][DEBUG] child 18 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 18, kill 0, fail 3
    [*][DEBUG] head_no[19] to target_no 0 active 0
    [*][DEBUG] child 19 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 19, kill 0, fail 3
    [*][DEBUG] head_no[20] to target_no 0 active 0
    [*][DEBUG] child 20 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 20, kill 0, fail 3
    [*][DEBUG] head_no[21] to target_no 0 active 0
    [*][DEBUG] child 21 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 21, kill 0, fail 3
    [*][DEBUG] head_no[22] to target_no 0 active 0
    [*][DEBUG] child 22 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 22, kill 0, fail 3
    [*][DEBUG] head_no[23] to target_no 0 active 0
    [*][DEBUG] child 23 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 23, kill 0, fail 3
    [*][DEBUG] head_no[24] to target_no 0 active 0
    [*][DEBUG] child 24 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 24, kill 0, fail 3
    [*][DEBUG] head_no[25] to target_no 0 active 0
    [*][DEBUG] child 25 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 25, kill 0, fail 3
    [*][DEBUG] head_no[26] to target_no 0 active 0
    [*][DEBUG] child 26 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 26, kill 0, fail 3
    [*][DEBUG] head_no[27] to target_no 0 active 0
    [*][DEBUG] child 27 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 27, kill 0, fail 3
    [*][DEBUG] head_no[28] to target_no 0 active 0
    [*][DEBUG] child 28 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 28, kill 0, fail 3
    [*][DEBUG] head_no[29] to target_no 0 active 0
    [*][DEBUG] child 29 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 29, kill 0, fail 3
    [*][DEBUG] head_no[30] to target_no 0 active 0
    [*][DEBUG] child 30 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 30, kill 0, fail 3
    [*][DEBUG] head_no[31] to target_no 0 active 0
    [*][DEBUG] child 31 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 31, kill 0, fail 3
    [*][DEBUG] head_no[32] to target_no 0 active 0
    [*][DEBUG] child 32 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 32, kill 0, fail 3
    [*][DEBUG] head_no[33] to target_no 0 active 0
    [*][DEBUG] child 33 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 33, kill 0, fail 3
    [*][DEBUG] head_no[34] to target_no 0 active 0
    [*][DEBUG] child 34 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 34, kill 0, fail 3
    [*][DEBUG] head_no[35] to target_no 0 active 0
    [*][DEBUG] child 35 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 35, kill 0, fail 3
    [*][DEBUG] head_no[36] to target_no 0 active 0
    [*][DEBUG] child 36 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 36, kill 0, fail 3
    [*][DEBUG] head_no[37] to target_no 0 active 0
    [*][DEBUG] child 37 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 37, kill 0, fail 3
    [*][DEBUG] head_no[38] to target_no 0 active 0
    [*][DEBUG] child 38 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 38, kill 0, fail 3
    [*][DEBUG] head_no[39] to target_no 0 active 0
    [*][DEBUG] child 39 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 39, kill 0, fail 3
    [*][DEBUG] head_no[40] to target_no 0 active 0
    [*][DEBUG] child 40 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 40, kill 0, fail 3
    [*][DEBUG] head_no[41] to target_no 0 active 0
    [*][DEBUG] child 41 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 41, kill 0, fail 3
    [*][DEBUG] head_no[42] to target_no 0 active 0
    [*][DEBUG] child 42 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 42, kill 0, fail 3
    [*][DEBUG] head_no[43] to target_no 0 active 0
    [*][DEBUG] child 43 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 43, kill 0, fail 3
    [*][DEBUG] head_no[44] to target_no 0 active 0
    [*][DEBUG] child 44 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 44, kill 0, fail 3
    [*][DEBUG] head_no[45] to target_no 0 active 0
    [*][DEBUG] child 45 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 45, kill 0, fail 3
    [*][DEBUG] head_no[46] to target_no 0 active 0
    [*][DEBUG] child 46 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 46, kill 0, fail 3
    [*][DEBUG] head_no[47] to target_no 0 active 0
    [*][DEBUG] child 47 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 47, kill 0, fail 3
    [*][DEBUG] head_no[48] to target_no 0 active 0
    [*][DEBUG] child 48 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 48, kill 0, fail 3
    [*][DEBUG] head_no[49] to target_no 0 active 0
    [*][DEBUG] child 49 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 49, kill 0, fail 3
    [*][DEBUG] head_no[50] to target_no 0 active 0
    [*][DEBUG] child 50 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 50, kill 0, fail 3
    [*][DEBUG] head_no[51] to target_no 0 active 0
    [*][DEBUG] child 51 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 51, kill 0, fail 3
    [*][DEBUG] head_no[52] to target_no 0 active 0
    [*][DEBUG] child 52 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 52, kill 0, fail 3
    [*][DEBUG] head_no[53] to target_no 0 active 0
    [*][DEBUG] child 53 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 53, kill 0, fail 3
    [*][DEBUG] head_no[54] to target_no 0 active 0
    [*][DEBUG] child 54 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 54, kill 0, fail 3
    [*][DEBUG] head_no[55] to target_no 0 active 0
    [*][DEBUG] child 55 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 55, kill 0, fail 3
    [*][DEBUG] head_no[56] to target_no 0 active 0
    [*][DEBUG] child 56 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 56, kill 0, fail 3
    [*][DEBUG] head_no[57] to target_no 0 active 0
    [*][DEBUG] child 57 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 57, kill 0, fail 3
    [*][DEBUG] head_no[58] to target_no 0 active 0
    [*][DEBUG] child 58 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 58, kill 0, fail 3
    [*][DEBUG] head_no[59] to target_no 0 active 0
    [*][DEBUG] child 59 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 59, kill 0, fail 3
    [*][DEBUG] head_no[60] to target_no 0 active 0
    [*][DEBUG] child 60 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 60, kill 0, fail 3
    [*][DEBUG] head_no[61] to target_no 0 active 0
    [*][DEBUG] child 61 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 61, kill 0, fail 3
    [*][DEBUG] head_no[62] to target_no 0 active 0
    [*][DEBUG] child 62 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 62, kill 0, fail 3
    [*][DEBUG] head_no[63] to target_no 0 active 0
    [*][DEBUG] child 63 got target -1 selected
    [*][DEBUG] hydra_select_target() reports no more targets left
    [*][DEBUG] head_no 63, kill 0, fail 3
    [*][DEBUG] head_no[0] to target_no 0 active 1
    [*][DEBUG] head_no[0] read n
    [*][DEBUG] send_next_pair_init target 0, head 0, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin admin, tpass crabping1, logincnt 0/1, passcnt 0/1, loop_cnt 1
    [*][DEBUG] send_next_pair_mid done 1, pass_state 0, clogin admin, cpass crabping1, tlogin -p, tpass crabping1, redo 0
    [*][ATTEMPT] target 192.168.1.1 - login "admin" - pass "crabping1" - 1 of 1 [child 0]
    [*][DEBUG] SEND [pid:3260] (269 bytes):
    [*]0000:  4745 5420 636f 6f6b 6965 5f6c 616e 673d    [ GET cookie_lang= ]
    [*]0010:  656e 6720 4854 5450 2f31 2e30 0d0a 436f    [ eng HTTP/1.0..Co ]
    [*]0020:  6f6b 6965 3a20 636f 6f6b 6965 5f6c 616e    [ okie: cookie_lan ]
    [*]0030:  673d 656e 673b 2063 6c69 656e 745f 6c6f    [ g=eng; client_lo ]
    [*]0040:  6769 6e3d 5e55 5345 525e 3b20 636c 6965   [ gin=^USER^; clie ]
    [*]0050:  6e74 5f70 6173 7377 6f72 643d 5e50 4153   [ nt_password=^PAS ]
    [*]0060:  535e 0d0a 4163 6365 7074 2d4c 616e 6775   [ S^..Accept-Langu ]
    [*]0070:  6167 653a 2072 752d 5255 2c72 753b 713d    [ age: ru-RU,ru;q= ]
    [*]0080:  302e 382c 656e 2d55 533b 713d 302e 353b    [ 0.8,en-US;q=0.5; ]
    [*]0090:  656e 3b71 3d30 2e33 0d0a 4163 6365 7074   [ en;q=0.3..Accept ]
    [*]00a0:  2d45 6e63 6f64 696e 673a 2067 7a69 702c    [ -Encoding: gzip, ]
    [*]00b0:  2064 6566 6c61 7465 0d0a 5265 6665 7265   [ deflate..Refere ]
    [*]00c0:  723a 2031 3932 2e31 3638 2e31 2e31 0d0a    [ r: 192.168.1.1.. ]
    [*]00d0:  444e 543a 200d 0a48 6f73 743a 2031 3932   [ DNT: ..Host: 192 ]
    [*]00e0:  2e31 3638 2e31 2e31 0d0a 5573 6572 2d41    [ .168.1.1..User-A ]
    [*]00f0:  6765 6e74 3a20 4d6f 7a69 6c6c 612f 352e    [ gent: Mozilla/5. ]
    [*]0100:  3020 2848 7964 7261 290d 0a0d 0a          [ 0 (Hydra)....    ]
    [*][DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 7, pid: 3260
    [*][DEBUG] RECV [pid:3260] (211 bytes):
    [*]0000:  4854 5450 2f31 2e30 2034 3030 2042 6164   [ HTTP/1.0 400 Bad ]
    [*]0010:  2052 6571 7565 7374 0a43 6f6e 7465 6e74    [ Request.Content ]
    [*]0020:  2d74 7970 653a 2074 6578 742f 6874 6d6c    [ -type: text/html ]
    [*]0030:  0d0a 4461 7465 3a20 5468 752c 2030 3120   [ ..Date: Thu, 01  ]
    [*]0040:  4a61 6e20 3139 3730 2031 333a 3132 3a32    [ Jan 1970 13:12:2 ]
    [*]0050:  3020 474d 540d 0a43 6f6e 6e65 6374 696f    [ 0 GMT..Connectio ]
    [*]0060:  6e3a 2063 6c6f 7365 0d0a 0d0a 3c48 4541   [ n: close....<HEA ]
    [*]0070:  443e 3c54 4954 4c45 3e34 3030 2042 6164   [ D><TITLE>400 Bad ]
    [*]0080:  2052 6571 7565 7374 3c2f 5449 544c 453e    [ Request</TITLE> ]
    [*]0090:  3c2f 4845 4144 3e0a 3c42 4f44 593e 3c48    [ </HEAD>.<BODY><H ]
    [*]00a0:  313e 3430 3020 4261 6420 5265 7175 6573   [ 1>400 Bad Reques ]
    [*]00b0:  743c 2f48 313e 0a55 6e73 7570 706f 7274   [ t</H1>.Unsupport ]
    [*]00c0:  6564 206d 6574 686f 642e 0a3c 2f42 4f44    [ ed method..</BOD ]
    [*]00d0:  593e 0a                                    [ Y>.              ]
    [*][DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 7, pid: 3260
    [*][DEBUG] RECV [pid:3260] (0 bytes):
    [*]DEBUG_DISCONNECT
    [*]DEBUG_CONNECT_OK
    [*][DEBUG] SEND [pid:3260] (329 bytes):
    [*]0000:  504f 5354 202f 696e 6465 782e 6367 6920   [ POST /index.cgi  ]
    [*]0010:  4854 5450 2f31 2e30 0d0a 436f 6f6b 6965   [ HTTP/1.0..Cookie ]
    [*]0020:  3a20 6164 6d69 6e0d 0a41 6363 6570 742d    [ : admin..Accept- ]
    [*]0030:  4c61 6e67 7561 6765 3a20 7275 2d52 552c    [ Language: ru-RU, ]
    [*]0040:  7275 3b71 3d30 2e38 2c65 6e2d 5553 3b71    [ ru;q=0.8,en-US;q ]
    [*]0050:  3d30 2e35 3b65 6e3b 713d 302e 330d 0a41    [ =0.5;en;q=0.3..A ]
    [*]0060:  6363 6570 742d 456e 636f 6469 6e67 3a20    [ ccept-Encoding:  ]
    [*]0070:  677a 6970 2c20 6465 666c 6174 650d 0a52    [ gzip, deflate..R ]
    [*]0080:  6566 6572 6572 3a20 3139 322e 3136 382e    [ eferer: 192.168. ]
    [*]0090:  312e 310d 0a44 4e54 3a20 0d0a 486f 7374   [ 1.1..DNT: ..Host ]
    [*]00a0:  3a20 3139 322e 3136 382e 312e 310d 0a55    [ : 192.168.1.1..U ]
    [*]00b0:  7365 722d 4167 656e 743a 204d 6f7a 696c    [ ser-Agent: Mozil ]
    [*]00c0:  6c61 2f35 2e30 2028 4879 6472 6129 0d0a    [ la/5.0 (Hydra).. ]
    [*]00d0:  436f 6e74 656e 742d 4c65 6e67 7468 3a20    [ Content-Length:  ]
    [*]00e0:  3530 0d0a 436f 6e74 656e 742d 5479 7065   [ 50..Content-Type ]
    [*]00f0:  3a20 6170 706c 6963 6174 696f 6e2f 782d    [ : application/x- ]
    [*]0100:  7777 772d 666f 726d 2d75 726c 656e 636f    [ www-form-urlenco ]
    [*]0110:  6465 640d 0a0d 0a76 323d 7926 7273 5f74    [ ded....v2=y&rs_t ]
    [*]0120:  7970 653d 6874 6d6c 2641 313d 6164 6d69    [ ype=html&A1=admi ]
    [*]0130:  6e26 4132 3d31 3233 3434 3332 3145 6726   [ n&A2=crabping1& ]
    [*]0140:  6175 7468 3d61 7574 68                   [ auth=auth        ]
    [*]HTTP request sent:[0A]POST /index.cgi HTTP/1.0[0D][0A]Cookie: admin[0D][0A]Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5;en;q=0.3[0D][0A]Accept-Encoding: gzip, deflate[0D][0A]Referer: 192.168.1.1[0D][0A]DNT: [0D][0A]Host: 192.168.1.1[0D][0A]User-Agent: Mozilla/5.0 (Hydra)[0D][0A]Content-Length: 50[0D][0A]Content-Type: application/x-www-form-urlencoded[0D][0A][0D][0A]v2=y&rs_type=html&A1=admin&A2=crabping1&auth=auth[0A]
    [*][DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 7, pid: 3260
    [*][DEBUG] RECV [pid:3260] (16 bytes):
    [*]0000:  4854 5450 2f31 2e30 2032 3030 204f 4b0a    [ HTTP/1.0 200 OK. ]
    [*][DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 7, pid: 3260
    [*][DEBUG] RECV [pid:3260] (1448 bytes):
    [*]0000:  5072 6167 6d61 3a20 6e6f 2d63 6163 6865   [ Pragma: no-cache ]
    [*]0010:  0d0a 4361 6368 652d 436f 6e74 726f 6c3a    [ ..Cache-Control: ]
    [*]0020:  206e 6f2d 6361 6368 652c 206d 7573 742d    [ no-cache, must- ]
    [*]0030:  7265 7661 6c69 6461 7465 0d0a 436f 6e74    [ revalidate..Cont ]
    [*]0040:  656e 742d 7479 7065 3a20 7465 7874 2f68    [ ent-type: text/h ]
    [*]0050:  746d 6c0d 0a45 7870 6972 6573 3a20 5475   [ tml..Expires: Tu ]
    [*]0060:  652c 2030 3220 4a61 6e20 3230 3030 2030   [ e, 02 Jan 2000 0 ]
    [*]0070:  313a 3030 3a30 3020 474d 540d 0a4c 6173   [ 1:00:00 GMT..Las ]
    [*]0080:  742d 4d6f 6469 6669 6564 3a20 5468 752c    [ t-Modified: Thu, ]
    [*]0090:  2030 3120 4a61 6e20 3139 3730 2031 333a    [ 01 Jan 1970 13: ]
    [*]00a0:  3132 3a32 3020 474d 540d 0a53 6574 2d43    [ 12:20 GMT..Set-C ]
    [*]00b0:  6f6f 6b69 653a 2063 6f6f 6b69 655f 6c61    [ ookie: cookie_la ]
    [*]00c0:  6e67 3d72 7573 0d0a 0d0a 3c3f 786d 6c20    [ ng=rus....<?xml  ]
    [*]00d0:  7665 7273 696f 6e3d 2231 2e30 2220 656e    [ version="1.0" en ]
    [*]00e0:  636f 6469 6e67 3d22 5554 462d 3822 3f3e    [ coding="UTF-8"?> ]
    [*]00f0:  0a3c 2144 4f43 5459 5045 2068 746d 6c20    [ .<!DOCTYPE html  ]
    [*]0100:  5055 424c 4943 2022 2d2f 2f57 3343 2f2f    [ PUBLIC "-//W3C// ]
    [*]0110:  4454 4420 5848 544d 4c20 312e 3020 5472    [ DTD XHTML 1.0 Tr ]
    [*]0120:  616e 7369 7469 6f6e 616c 2f2f 454e 2220    [ ansitional//EN" ]
    [*]0130:  2268 7474 703a 2f2f 7777 772e 7733 2e6f    [ "http://www.w3.o ]
    [*]0140:  7267 2f54 522f 7868 746d 6c31 2f44 5444    [ rg/TR/xhtml1/DTD ]
    [*]0150:  2f78 6874 6d6c 312d 7472 616e 7369 7469    [ /xhtml1-transiti ]
    [*]0160:  6f6e 616c 2e64 7464 223e 0a3c 6874 6d6c    [ onal.dtd">.<html ]
    [*]0170:  2078 6d6c 6e73 3d22 6874 7470 3a2f 2f77    [ xmlns="http://w ]
    [*]0180:  7777 2e77 332e 6f72 672f 3139 3939 2f78    [ ww.w3.org/1999/x ]
    [*]0190:  6874 6d6c 2220 786d 6c3a 6c61 6e67 3d22    [ html" xml:lang=" ]
    [*]01a0:  656e 2220 6c61 6e67 3d22 656e 223e 0a3c    [ en" lang="en">.< ]
    [*]01b0:  6865 6164 3e0a 3c74 6974 6c65 3e44 534c    [ head>.<title>DSL ]
    [*]01c0:  5f32 3634 304e 5255 3c2f 7469 746c 653e    [ _2640NRU</title> ]
    [*]01d0:  0a3c 6d65 7461 206e 616d 653d 2264 6174   [ .<meta name="dat ]
    [*]01e0:  6522 2063 6f6e 7465 6e74 3d22 2220 2f3e    [ e" content="" /> ]
    [*]01f0:  0a3c 6d65 7461 206e 616d 653d 2267 656e    [ .<meta name="gen ]
    [*]0200:  6572 6174 6f72 2220 636f 6e74 656e 743d    [ erator" content= ]
    [*]0210:  226e 6f20 6765 6e65 7261 746f 7222 202f    [ "no generator" / ]
    [*]0220:  3e0a 3c6d 6574 6120 6e61 6d65 3d22 636f    [ >.<meta name="co ]
    [*]0230:  7079 7269 6768 7422 2063 6f6e 7465 6e74    [ pyright" content ]
    [*]0240:  3d22 436f 7079 7269 6768 7420 2843 2920   [ ="Copyright (C)  ]
    [*]0250:  3230 3038 2044 2d4c 696e 6b20 5275 7373    [ 2008 D-Link Russ ]
    [*]0260:  6961 2220 2f3e 0a3c 6d65 7461 206e 616d    [ ia" />.<meta nam ]
    [*]0270:  653d 226b 6579 776f 7264 7322 2063 6f6e    [ e="keywords" con ]
    [*]0280:  7465 6e74 3d22 4453 4c5f 3236 3430 4e52    [ tent="DSL_2640NR ]
    [*]0290:  5522 202f 3e0a 3c6d 6574 6120 6e61 6d65    [ U" />.<meta name ]
    [*]02a0:  3d22 6465 7363 7269 7074 696f 6e22 2063   [ ="description" c ]
    [*]02b0:  6f6e 7465 6e74 3d22 4453 4c5f 3236 3430   [ ontent="DSL_2640 ]
    [*]02c0:  4e52 5522 202f 3e0a 3c6d 6574 6120 6874    [ NRU" />.<meta ht ]
    [*]02d0:  7470 2d65 7175 6976 3d22 636f 6e74 656e    [ tp-equiv="conten ]
    [*]02e0:  742d 7479 7065 2220 636f 6e74 656e 743d    [ t-type" content= ]
    [*]02f0:  2261 7070 6c69 6361 7469 6f6e 2f78 6874   [ "application/xht ]
    [*]0300:  6d6c 2b78 6d6c 3b20 6368 6172 7365 743d    [ ml+xml; charset= ]
    [*]0310:  7574 662d 3822 202f 3e0a 3c6d 6574 6120    [ utf-8" />.<meta  ]
    [*]0320:  6874 7470 2d65 7175 6976 3d22 7072 6167   [ http-equiv="prag ]
    [*]0330:  6d61 2220 636f 6e74 656e 743d 226e 6f2d    [ ma" content="no- ]
    [*]0340:  6361 6368 6522 202f 3e0a 3c6d 6574 6120    [ cache" />.<meta  ]
    [*]0350:  6874 7470 2d65 7175 6976 3d22 6361 6368   [ http-equiv="cach ]
    [*]0360:  652d 636f 6e74 726f 6c22 2063 6f6e 7465    [ e-control" conte ]
    [*]0370:  6e74 3d22 6e6f 2d63 6163 6865 2220 2f3e    [ nt="no-cache" /> ]
    [*]0380:  0a3c 6d65 7461 2068 7474 702d 6571 7569   [ .<meta http-equi ]
    [*]0390:  763d 2263 6f6e 7465 6e74 2d73 7479 6c65    [ v="content-style ]
    [*]03a0:  2d74 7970 6522 2063 6f6e 7465 6e74 3d22    [ -type" content=" ]
    [*]03b0:  7465 7874 2f63 7373 2220 2f3e 0a3c 6d65    [ text/css" />.<me ]
    [*]03c0:  7461 2068 7474 702d 6571 7569 763d 2263   [ ta http-equiv="c ]
    [*]03d0:  6f6e 7465 6e74 2d73 6372 6970 742d 7479    [ ontent-script-ty ]
    [*]03e0:  7065 2220 636f 6e74 656e 743d 2274 6578    [ pe" content="tex ]
    [*]03f0:  742f 6a61 7661 7363 7269 7074 2220 2f3e    [ t/javascript" /> ]
    [*]0400:  0a3c 6c69 6e6b 2072 656c 3d22 7368 6f72    [ .<link rel="shor ]
    [*]0410:  7463 7574 2069 636f 6e22 2068 7265 663d    [ tcut icon" href= ]
    [*]0420:  222f 6661 7669 636f 6e2e 6963 6f22 2074   [ "/favicon.ico" t ]
    [*]0430:  7970 653d 2269 6d61 6765 2f78 2d69 636f    [ ype="image/x-ico ]
    [*]0440:  6e22 202f 3e0a 3c6c 696e 6b20 7265 6c3d    [ n" />.<link rel= ]
    [*]0450:  2273 7479 6c65 7368 6565 7422 2068 7265   [ "stylesheet" hre ]
    [*]0460:  663d 222f 6373 732f 6a68 6d76 632e 6373   [ f="/css/jhmvc.cs ]
    [*]0470:  7322 2074 7970 653d 2274 6578 742f 6373    [ s" type="text/cs ]
    [*]0480:  7322 202f 3e0a 3c6c 696e 6b20 7265 6c3d    [ s" />.<link rel= ]
    [*]0490:  2273 7479 6c65 7368 6565 7422 2068 7265   [ "stylesheet" hre ]
    [*]04a0:  663d 222f 6373 732f 6c6f 6769 6e2e 6373   [ f="/css/login.cs ]
    [*]04b0:  7322 2074 7970 653d 2274 6578 742f 6373    [ s" type="text/cs ]
    [*]04c0:  7322 202f 3e0a 3c6c 696e 6b20 7265 6c3d    [ s" />.<link rel= ]
    [*]04d0:  2273 7479 6c65 7368 6565 7422 2068 7265   [ "stylesheet" hre ]
    [*]04e0:  663d 222f 6373 732f 636f 6d6d 6f6e 2e63    [ f="/css/common.c ]
    [*]04f0:  7373 2220 7479 7065 3d22 7465 7874 2f63    [ ss" type="text/c ]
    [*]0500:  7373 2220 2f3e 0a3c 7363 7269 7074 2074    [ ss" />.<script t ]
    [*]0510:  7970 653d 2274 6578 742f 6a61 7661 7363   [ ype="text/javasc ]
    [*]0520:  7269 7074 2220 7372 633d 222f 7363 7269    [ ript" src="/scri ]
    [*]0530:  7074 732f 6a71 7565 7279 2e6a 7322 3e3c    [ pts/jquery.js">< ]
    [*]0540:  2f73 6372 6970 743e 0a3c 7363 7269 7074   [ /script>.<script ]
    [*]0550:  2074 7970 653d 2274 6578 742f 6a61 7661   [ type="text/java ]
    [*]0560:  7363 7269 7074 2220 7372 633d 222f 7363    [ script" src="/sc ]
    [*]0570:  7269 7074 732f 6a68 6d76 632e 6a73 223e    [ ripts/jhmvc.js"> ]
    [*]0580:  3c2f 7363 7269 7074 3e0a 3c73 6372 6970   [ </script>.<scrip ]
    [*]0590:  7420 7479 7065 3d22 7465 7874 2f6a 6176   [ t type="text/jav ]
    [*]05a0:  6173 6372 6970 7422                        [ ascript"       ]
    [*][DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 7, pid: 3260
    [*][DEBUG] RECV [pid:3260] (1340 bytes):
    [*]0000:  2073 7263 3d22 2f73 6372 6970 7473 2f73    [ src="/scripts/s ]
    [*]0010:  6d5f 7061 7261 6d73 2e6a 7322 3e3c 2f73    [ m_params.js"></s ]
    [*]0020:  6372 6970 743e 0a3c 7363 7269 7074 2074   [ cript>.<script t ]
    [*]0030:  7970 653d 2274 6578 742f 6a61 7661 7363   [ ype="text/javasc ]
    [*]0040:  7269 7074 2220 7372 633d 222f 7363 7269    [ ript" src="/scri ]
    [*]0050:  7074 732f 636f 6d6d 6f6e 2e6a 7322 3e3c    [ pts/common.js">< ]
    [*]0060:  2f73 6372 6970 743e 0a3c 7363 7269 7074   [ /script>.<script ]
    [*]0070:  2074 7970 653d 2274 6578 742f 6a61 7661   [ type="text/java ]
    [*]0080:  7363 7269 7074 2220 7372 633d 222f 7363    [ script" src="/sc ]
    [*]0090:  7269 7074 732f 6c6f 6769 6e2e 6a73 223e    [ ripts/login.js"> ]
    [*]00a0:  3c2f 7363 7269 7074 3e0a 3c73 6372 6970   [ </script>.<scrip ]
    [*]00b0:  7420 7479 7065 3d22 7465 7874 2f6a 6176   [ t type="text/jav ]
    [*]00c0:  6173 6372 6970 7422 2073 7263 3d22 2f73    [ ascript" src="/s ]
    [*]00d0:  6372 6970 7473 2f65 6e67 2e6c 6e67 2e6a    [ cripts/eng.lng.j ]
    [*]00e0:  7322 3e3c 2f73 6372 6970 743e 0a3c 7363    [ s"></script>.<sc ]
    [*]00f0:  7269 7074 2074 7970 653d 2274 6578 742f    [ ript type="text/ ]
    [*]0100:  6a61 7661 7363 7269 7074 2220 7372 633d    [ javascript" src= ]
    [*]0110:  222f 7363 7269 7074 732f 636f 6e66 6967   [ "/scripts/config ]
    [*]0120:  2e6c 6e67 2e6a 7322 3e3c 2f73 6372 6970    [ .lng.js"></scrip ]
    [*]0130:  743e 0a3c 7363 7269 7074 2074 7970 653d    [ t>.<script type= ]
    [*]0140:  2274 6578 742f 6a61 7661 7363 7269 7074   [ "text/javascript ]
    [*]0150:  223e 0a76 6172 2062 6164 4175 7468 4b65    [ ">.var badAuthKe ]
    [*]0160:  7920 3d20 2262 6164 5f61 7574 6822 3b0a    [ y = "bad_auth";. ]
    [*]0170:  2428 7374 6172 7429 0a3c 2f73 6372 6970   [ $(start).</scrip ]
    [*]0180:  743e 0a3c 2f68 6561 643e 0a3c 626f 6479   [ t>.</head>.<body ]
    [*]0190:  3e0a 3c64 6976 2069 643d 2269 645f 6865   [ >.<div id="id_he ]
    [*]01a0:  6164 5f6c 6f67 6f30 223e 0a3c 6469 7620    [ ad_logo0">.<div  ]
    [*]01b0:  6964 3d27 6661 7374 6d65 6e75 273e 0a3c    [ id='fastmenu'>.< ]
    [*]01c0:  2f64 6976 3e0a 3c2f 6469 763e 0a3c 6469   [ /div>.</div>.<di ]
    [*]01d0:  7620 6964 3d22 6964 5f68 6561 645f 6c6f    [ v id="id_head_lo ]
    [*]01e0:  676f 3122 3e3c 2f64 6976 3e0a 3c64 6976    [ go1"></div>.<div ]
    [*]01f0:  2069 643d 2269 645f 6469 765f 6d65 7373   [ id="id_div_mess ]
    [*]0200:  6167 6573 223e 0a3c 2f64 6976 3e0a 3c64    [ ages">.</div>.<d ]
    [*]0210:  6976 2069 643d 2269 645f 6469 765f 6d61    [ iv id="id_div_ma ]
    [*]0220:  696e 5f63 6f6e 7461 696e 6572 223e 0a3c    [ in_container">.< ]
    [*]0230:  666f 726d 2069 643d 2269 645f 666f 726d    [ form id="id_form ]
    [*]0240:  5f6d 6169 6e22 206d 6574 686f 643d 2270    [ _main" method="p ]
    [*]0250:  6f73 7422 2065 6e63 7479 7065 3d22 6170    [ ost" enctype="ap ]
    [*]0260:  706c 6963 6174 696f 6e2f 782d 7777 772d    [ plication/x-www- ]
    [*]0270:  666f 726d 2d75 726c 656e 636f 6465 6422    [ form-urlencoded" ]
    [*]0280:  2061 6374 696f 6e3d 2269 6e64 6578 2e63    [ action="index.c ]
    [*]0290:  6769 223e 0a3c 696e 7075 7420 7479 7065    [ gi">.<input type ]
    [*]02a0:  3d22 6869 6464 656e 2220 6e61 6d65 3d22    [ ="hidden" name=" ]
    [*]02b0:  7632 2220 7661 6c75 653d 2279 222f 3e0a    [ v2" value="y"/>. ]
    [*]02c0:  3c69 6e70 7574 2074 7970 653d 2268 6964   [ <input type="hid ]
    [*]02d0:  6465 6e22 206e 616d 653d 2272 735f 7479    [ den" name="rs_ty ]
    [*]02e0:  7065 2220 7661 6c75 653d 2268 746d 6c22    [ pe" value="html" ]
    [*]02f0:  2f3e 0a3c 6469 7620 6964 3d22 6964 5f64    [ />.<div id="id_d ]
    [*]0300:  6976 5f6c 6f67 696e 5f68 6561 6465 7222    [ iv_login_header" ]
    [*]0310:  3e0a 4453 4c5f 3236 3430 4e52 550a 3c2f    [ >.DSL_2640NRU.</ ]
    [*]0320:  6469 763e 0a3c 6469 7620 6964 3d22 6964   [ div>.<div id="id ]
    [*]0330:  5f64 6976 5f6c 6f67 696e 5f69 6e70 7574    [ _div_login_input ]
    [*]0340:  223e 0a3c 6469 7620 6964 3d22 6964 5f64    [ ">.<div id="id_d ]
    [*]0350:  6976 5f63 6f6e 7461 696e 6572 5f6c 6f67    [ iv_container_log ]
    [*]0360:  696e 5f69 6e70 7574 223e 0a3c 7370 616e    [ in_input">.<span ]
    [*]0370:  2069 643d 2268 735f 6c6f 6769 6e22 3e3c    [ id="hs_login">< ]
    [*]0380:  2f73 7061 6e3e 0a3c 696e 7075 7420 6964   [ /span>.<input id ]
    [*]0390:  3d22 4131 2220 6e61 6d65 3d22 4131 2220   [ ="A1" name="A1" ]
    [*]03a0:  7479 7065 3d22 7465 7874 2220 6d61 786c    [ type="text" maxl ]
    [*]03b0:  656e 6774 683d 2231 3522 202f 3e0a 3c62    [ ength="15" />.<b ]
    [*]03c0:  7220 2f3e 0a3c 6272 202f 3e0a 3c73 7061   [ r />.<br />.<spa ]
    [*]03d0:  6e20 6964 3d22 6873 5f70 6173 7377 6f72    [ n id="hs_passwor ]
    [*]03e0:  6422 3e3c 2f73 7061 6e3e 0a3c 696e 7075    [ d"></span>.<inpu ]
    [*]03f0:  7420 6964 3d22 4132 2220 6e61 6d65 3d22    [ t id="A2" name=" ]
    [*]0400:  4132 2220 7479 7065 3d22 7061 7373 776f    [ A2" type="passwo ]
    [*]0410:  7264 2220 6d61 786c 656e 6774 683d 2233    [ rd" maxlength="3 ]
    [*]0420:  3022 202f 3e0a 3c62 7220 2f3e 0a3c 696e    [ 0" />.<br />.<in ]
    [*]0430:  7075 7420 6964 3d22 6175 7468 2220 6e61    [ put id="auth" na ]
    [*]0440:  6d65 3d22 6175 7468 2220 7479 7065 3d22    [ me="auth" type=" ]
    [*]0450:  6869 6464 656e 2220 7661 6c75 653d 2261    [ hidden" value="a ]
    [*]0460:  7574 6822 202f 3e0a 3c2f 6469 763e 0a3c    [ uth" />.</div>.< ]
    [*]0470:  2f64 6976 3e0a 3c64 6976 2069 643d 2269   [ /div>.<div id="i ]
    [*]0480:  645f 6469 765f 6c6f 6769 6e5f 6275 7474    [ d_div_login_butt ]
    [*]0490:  6f6e 7322 3e0a 3c64 6976 2069 643d 2269    [ ons">.<div id="i ]
    [*]04a0:  645f 6469 765f 636f 6e74 6169 6e65 725f    [ d_div_container_ ]
    [*]04b0:  6275 7474 6f6e 7322 3e0a 3c61 2069 643d    [ buttons">.<a id= ]
    [*]04c0:  2262 745f 7265 7365 7422 2063 6c61 7373   [ "bt_reset" class ]
    [*]04d0:  3d22 6274 2220 6872 6566 3d22 2322 3e3c    [ ="bt" href="#">< ]
    [*]04e0:  2f61 3e0a 3c61 2069 643d 2262 745f 7375   [ /a>.<a id="bt_su ]
    [*]04f0:  626d 6974 2220 636c 6173 733d 2262 7422    [ bmit" class="bt" ]
    [*]0500:  2068 7265 663d 2223 223e 3c2f 613e 0a3c    [ href="#"></a>.< ]
    [*]0510:  2f64 6976 3e0a 3c2f 6469 763e 0a3c 2f66    [ /div>.</div>.</f ]
    [*]0520:  6f72 6d3e 0a3c 2f64 6976 3e0a 3c2f 626f    [ orm>.</div>.</bo ]
    [*]0530:  6479 3e0a 3c2f 6874 6d6c 3e0a              [ dy>.</html>.    ]
    [*][DEBUG] attempt result: found 1, redirect 0, location:
    [*][DEBUG] head_no[0] to target_no 0 active 1
    [*][DEBUG] head_no[0] read N
    [*][STATUS] attack finished for 192.168.1.1 (waiting for children to complete tests)
    [*][DEBUG] head_no 0, kill 1, fail 0
    [*]DEBUG_DISCONNECT[DEBUG] all targets done and all heads finished
    [*][DEBUG] while loop left with 1
    [*][DEBUG] killing all remaining children now that might be stuck
    [*]1 of 1 target completed, 0 valid passwords found
    [*]Hydra (http://www.thc.org/thc-hydra) finished at 2015-10-28 04:53:11
    [*]root@kali:~#
    [/LIST]
    
     
  2. kpa6

    kpa6 Banned

    Joined:
    4 Sep 2011
    Messages:
    25
    Likes Received:
    2
    Reputations:
    0
    Я нашёл проблему. Теперь новый вопрос.
    Каким образом можно установить переменные ^USER^ и ^PASS^ в заголовки гидры? То есть в :H=client_login=^USER^; client_password=^PASS^?
    При подстановке этих значений они не заменяются на логин и пароль
    Мой запрос:
    Code:
    hydra -l admin -p crabping1 192.168.1.1 http-post-form "/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:A2:H=Cookie: cookie_lang=eng; client_login=^USER^; client_password=^PASS^" -fVd
    
    Если изменить в :H переменные ^USER^, ^PASS^ на нужные значения, то всё проходит успешно.

    UPD
    Даже в описании гидры написано, что ^USER^ и ^PASS^ в заголовках изменяются на значения логина и пароля. В чём проблема то?:!

    UPD
    Если в заголовке оставлять ^USER^ или ^PASS^, то "сжирается" всё за исключением
    "Cookie: admin" На месте "admin" стояло ^USER^
    Каким образом можно вставить данные в заголовок так же, как они вставляются в часть запроса?

    Всем доброго времени суток. Здравствуйте.
    Сижу уже второй день, перечитал гору мусора и полезных статей касательно гидры.
    Прошерстил каждую строку её хелпы, но всё равно не нашёл ответа.

    Есть запрос следующего вида:
    Code:
    hydra -l admin -p crabping1 192.168.1.1 http-post-form "/index.cgi:v2=y&rs_type=html&A1=^USER^&A2=^PASS^&auth=auth:A2:H=Cookie: cookie_lang=eng; client_login=^USER^; client_password=^PASS^" -fVd
    Проблема в том, что переменные ^USER^ и ^PASS^, идущие в заголовок:)H=) неадекватно воспринимаются гидрой.
    Я рассчитывал на то, что эти переменные просто будут заменяться на нужные значения, однако всё пошло к х не так, как я планировал.

    С помощью дебага я определил, что в данном случае хеадер получается такой:
    Code:
    Cookie: admin
    То есть всё остальное отрезалось.
    Как вы можете понять - значение admin образовалось из переменной ^USER^
    Надеюсь на вашу помощь в решении данного вопроса. Свои силы на исходе.

    Если же я ставлю заместо ^USER^ и ^PASS^ верные значения, то авторизация проходит успешно.
    Так что запрос по своей сути верный.

    P.S: роутер свой.
     
    #2 kpa6, 28 Oct 2015
    Last edited: 28 Oct 2015
  3. ZombieXLX

    ZombieXLX Member

    Joined:
    3 Oct 2015
    Messages:
    32
    Likes Received:
    15
    Reputations:
    0
    Используй медузу
    # medusa -h 192.168.0.1 -U us -P pw -M http
    ACCOUNT FOUND: [http] Host: 192.168.0.1 User: admin Password: admin [SUCCESS]
     
  4. Kevin Shindel

    Kevin Shindel Elder - Старейшина

    Joined:
    24 May 2015
    Messages:
    1,011
    Likes Received:
    1,195
    Reputations:
    62
    client_login=^USER^&client_password=^PASS^
    ты забыл поставить знак &
     
    leksadin likes this.
  5. leksadin

    leksadin Level 8

    Joined:
    19 Jan 2016
    Messages:
    128
    Likes Received:
    60
    Reputations:
    12
    проблема решена?
     
  6. kpa6

    kpa6 Banned

    Joined:
    4 Sep 2011
    Messages:
    25
    Likes Received:
    2
    Reputations:
    0
    Тогда я не смог решить эту проблему.
    Как вариант - самопись. Делать его не долго.
     
  7. leksadin

    leksadin Level 8

    Joined:
    19 Jan 2016
    Messages:
    128
    Likes Received:
    60
    Reputations:
    12
    Code:
    hydra -l "" -P passwords/password-2011.lst http-post-form://ctf.infosecinstitute.com -m '/ctf2/exercises/ex12.php:username=admin&password=^PASS^&logIn=Login:Incorrect username or password combination' -F
    можешь взять как пример

    P.S. запрос рабочий
     
    #7 leksadin, 14 Feb 2016
    Last edited: 15 Feb 2016
    to.Index and kpa6 like this.
  8. kpa6

    kpa6 Banned

    Joined:
    4 Sep 2011
    Messages:
    25
    Likes Received:
    2
    Reputations:
    0
    Может быть потом понадобится. Спасибо)
     
Loading...