I have a problem with using a dictionary in Thc Hydra for Header/Cookie parametr.
hydra IP -l mylogin -P /.../test.txt http-get-form "/index.php:login=^USER^&password=mypassword:S=You are logged in!:H=Cookie: token=^PASS^;" -V
That command is working, when I not using ^PASS^ for checking token. When I trying to use ^PASS^ in token, that is not working, even if I have a got right token in test.txt.
I really asking for, a brute force a just header/cookie! For example, I know my login and password, but lets sey I "forgot" my token cookie. How can I brute force with Dictionary the Cookie in Header?
I hope everyone will understand my question!
PS. I using that, only for my permission/personal checking!!!
Thc Hydra Brute force session/cookie(header)
Regulamin forum
-Jeżeli chcesz coś wkleić pamiętaj o poszanowaniu autora treści. Wskazane jest podanie źródła informacji.
-Zawsze cytaty oznaczaj tagiem [quote].
-Jeżeli chcesz coś wkleić pamiętaj o poszanowaniu autora treści. Wskazane jest podanie źródła informacji.
-Zawsze cytaty oznaczaj tagiem [quote].
-
- Posty: 2
- Rejestracja: 08 lut 2017, 13:22
Re: Thc Hydra Brute force session/cookie(header)
You wanna hack router? OR php online/offline page?
Why do you use "/index.php:login=^USER^&password=mypassword:S=You are logged in!:H=Cookie: token=^PASS^;"??
Maybe you use wrong parametr? Do you sure to use "http-get-form" ?
Why do you use "/index.php:login=^USER^&password=mypassword:S=You are logged in!:H=Cookie: token=^PASS^;"??
Maybe you use wrong parametr? Do you sure to use "http-get-form" ?
Zainteresowany Informatyką śledczą i bezpieczeństwem sieci teleinformatycznych oraz informatycznych.
Remember, remember the fifth of November
The Gunpowder Treason and Plot
I see of no reason,
Why Gunpowder Treason
Should ever be forgot...
Remember, remember the fifth of November
The Gunpowder Treason and Plot
I see of no reason,
Why Gunpowder Treason
Should ever be forgot...