Among the many protocols that Hydra supports, there are http-get-form, http-post-form, https-get-form, and https-post-form, which are the HTTP and HTTPS login forms sent by the GET and POST method respectively. Using the same information from the previous exercise, you can run a dictionary attack with Hydra using the following command:
hydra 10.7.7.5 http-form-post "/owaspbricks/login-3/index.php:username=^USER^&passwd=^PASS^&submit=Submit:Wrong user name or password." -L users.txt -P passwords.txt
You may notice that the syntax in this case is slightly different than your previous use of Hydra. Let's check it out together:
- First, you have the hydra command and the target host (hydra 10.7.7.5).
- Then the protocol or service that you want to test (http-form-post).
- Next comes the protocol-specific parameters in quotes ("") and separated with colons:
- URL (/owaspbricks/login-3/index.php)
- The body of the request, indicated by ^USER^, where Hydra should put the usernames and ^PASS^ for the place where the passwords should go
- The failed login message (Wrong user name or password.)
- Last comes the username and password lists indicated by -L and -P