As in title. I'm testing my router security and I came up with problem.
hydra 192.168.0.1 http-get-form "/:un=^USER^&pw=^PASS^:User Name or Password is incorrect." -L usernames -P passwords
usernames : admin
passwords : admin, root, toor, 1234, realpassword(correct one)
I get: 1 of 1 target successfully completed, 5 valid passwords found
Only realpassword is the correct one but Hydra says all of them are good.
When I go to 192.168.0.1, which is router page, cookie (I guess) from Hydra allows me to be logged in. Still, executing this command does not provide me password, only session.
Q: How can I find out what password is real?
Aucun commentaire:
Enregistrer un commentaire