Coming mid-July
Cybrary Reimagined.
People first, Security first.
Coming mid-July.
Cybrary Reimagined.
Celebrate Cybersecurity Awareness Month with our buy 2, get 1 offer!
People first, Security first.
Valid until October 31. Elevate your skills today!
Start for free

What is DVWA?Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.You can download DVWA here.and install it on your lamp serverWhat is bruteforce?In a simple way, Bruteforce is a technique which applies all possible value of usernames and passwords, or any required field, to satisfy our problem needs.You can learn more about bruteforce here.How to bruteforce low and medium security using Hydra?Hydra is a very fast tool used to perform rapid dictionary attacks. Here we are going to use Hydra and perform bruteforce attack based on HTTP-form-get.The syntax is:

hydra <target-site> -l admin -l  -P <path to your password list> http-form-get <path to directory to make login attempt including error message and cookie details>

This will only work on the site which uses HTTP-form-get method.The hydra command which I used to break DVWA bruteforce low and medium security is:

hydra 127.0.0.1 http-form-get -l admin -P rockyout.txt 'DVWA-master/vulnerabilities/brute/index.php:username=^USER^&password=^PASS^&Login=Login:Username and/or password incorrect. :H=cookie: security=low; PHPSESSID=l6au67gu3uclemji3f95vndr65'

How to bruteforce high security using python script?In high security, they used a hidden field to check a CSRF token along with our username and password. This CSRF token changes its value on each request. So our normal hydra won't work here. We need to get our own tool. I used python script which gets the CSRF token by scrapping it. I bruteforced the username and password along with the CSRF token which is unique for each request.You can find my script, which I used to bruteforce high-level security, here: https://github.com/mafiakid/DVWA-solutions/blob/master/bruteforce/brute.py

Start learning with Cybrary

Create a free account

Related Posts

All Blogs