This is beginner level post for learning how to hack less secured password of login page. For this I am going to use some router for cracking the password and of course Hydra to brute forceit. What you need
- Kali Linux ( or any Linux distribution with Hydra installed )
- A good wordlists for brute forcing the password which you can download from here
- Login address of the target
- You need to know whether the service using SSL connection or not
- Basic knowledge of HTTP-GET and HTTP-POST form
- A lot of patience.
- Common sense
Let the hacking Begin
STEP 1: Fire up your Kali Linux and go to terminal and type hydra , you should see something like this
STEP 2 : Now type "hydra -V -L C:UsersHACKETTDesktopwordlist.txt -P C:UsersHACKETTDesktopwordlist.txt 192.168.1.2 http-get"
Options we used in above commands
192.168.1.2 : This is the login address of the target which we are cracking
-V : Verbose mode / show login+pass combination for each attempt
-l : If you know the username or -L : for locating the wordlist file if you don't know the username
-P : For locating the wordlist file to brute force the login panel
http-get : This is the request-response method between a client and server . The most common request and response form are GET and POST. There are lot of ways to spy on HTTP HEADER fields, as i use Burp Suite for this .
Brute force started
As you can see below hydra has started to brute force the network by guessing all username and password. Depending on the password settings of our target it will take some time. So here come the patience part.
Successfully cracked it
So finally we successfully got the username and password of our target network
So that's all guys, this was the beginner level tutorial for hacking into login password. Stay tune for more.