How To Use Hydra

This usually occurs because your response for a failed attempt is wrong or mistyped. That or you could be using the wrong http method such as using get instead of post. In this situation I would suggest using burp suite to see for sure what the http method is, and to see what the failed response is. That and also to see what they are calling the username and password. I have seen before that they use username=user and password=secret instead of password or pass.

@@MattMiles1986 thank you

You’re welcome!

I’ve not personally used hydra on a phone but given that it is saying command not found I’m thinking either it’s a typo such as using a capital letter when it should be lower case or using a lower case letter when it should be a capital letter. Check your syntax very closely and see if maybe you mistyped something. That or something is not installed such as a dependency. To my knowledge hydra is built in for the nethunter application for a phone but you could run sudo apt install hydra to make sure hydra is installed. I hope this helps.

Thank you for subscribing!

My first suggestion is to start with the basics of learning Linux and networking. There are several resources out there such as RUclips, Udemy courses, TCM Security, tryhackme, hack the box, and several others. I’m going to be working on a couple of videos about getting started with Linux in the near future as well.

@@MattMiles1986 Thanks man...waiting for it

You’re welcome!

Thank you, I definitely plan on it.

Thanks for the comment. In this situation I would use burp suite or zap proxy to proxy the request and use a password wordlist to brute force the password.
Just have to have to watch for lockouts on the router as some routers do this to prevent brute forcing.

I used nano and copied some passwords from the seclist and pasted them into a file I named passwords.txt. That and I added a couple of more to it. If you would like I can make a video on this sometime this week because there are several ways to go about it. Just let me know.

​@@MattMiles1986 Oh thanks that'll be great

Here is the video on how to make a custom wordlist.
ruclips.net/video/onhQ4OTZM6A/видео.htmlsi=4WT5gt5ZHesm4BlE

Two great resources online are tryhackme or hack the box. If you want to save some money though you can download DVWA which is a vulnerable web app for free and you can run all kinds of tests against it. Legally you can only use hydra against machines/web applications you own yourself or that you have permission. Also you can run it on the websites I mentioned above on their machines. Here is a link with info on how to download DVWA, install it, and get it running. www.kali.org/tools/dvwa/

Thank you!

Thanks for watching. Be sure to subscribe so that you’ll get notified when I post new videos.

Thank you!

Which website are you talking about?
The website I used in the video for demonstration is through tryhackme.com

I cannot unfortunately. I’m sorry.

Well.Thanks your reply.

@ManSpider-m9m you’re welcome!

I’m good. Thank you for checking on me though. I think I was battling a cold when I filmed that video.

Ahh Okay I was kind of worried for you

@eitelngolle1886 I appreciate it. I’m all good though. I’ve been working on some new content and another certification. I just passed the PJPT test offered by TCM-Security on Thursday.