Tryhackme - hydra

Tryhackme – Hydra

In this walk through, we will be going through the Hydra room from Tryhackme. This room will teach us about and use of Hydra, a fast network logon cracker, to bruteforce and obtain a website’s credentials. On that note, let’s get started.

Hydra

Task 1 – Hydra Introduction

Question 1 – Read the above and have Hydra at the ready.

Done

Task 1 - Hydra Introduction

Task 2 – Using Hydra

Question 1 – Use Hydra to bruteforce molly’s web password. What is flag 1?

  • We will start off with a nmap scan to discover the open ports and running services. Found two ports open – 22 (SSH) and 80 (HTTP).
nmap scan
  • On Port 80, we found a login page. We will use hydra to bruteforce its password.
HTTP login

  • Now, we used Burpsuite to capture the post request and get the username and password field implementation as it is required by the hydra command arguments.

Incorrect password

Burpsuite post request capture

  • Use the following command to bruteforce the HTTP login password using hydra.
#Use command to bruteforce the login page.

hydra -l molly -p ~/Desktop/rockyou.txt 10.10.135.55 http-post-form "/login:username=^USER^&password=^PASS^:Your username or password is incorrect." -V

Hydra HTTP bruteforce

Hydra HTTP bruteforce getting password

  • Using the username: molly and password: sunshine, login into the application and claim the flag 1.

Flag 1

THM{2673a7dd116de68e85c48ec0b1f2612e}

Question 2 – Use Hydra to bruteforce molly’s SSH password. What is flag 2?

  • Use the following command to bruteforce the server’s SSH password.

#Use the command to bruteforce the SSH login.

hydra -l molly -P ~/Downloads/rockyou.txt ssh://10.10.135.55

hydra SSH bruteforce

  • Use the username: molly and password: butterfly to login into the SSH server and claim the Flag 2.

ssh login

flag 2

THM{2673a7dd116de68e85c48ec0b1f2612e}

Task 2 - Using Hydra

Also Read: Tryhackme – h4cked

So that was “Hydra” room for you. We learned what hydra is and its usage. Next we used it bruteforce a web application login page and with the found credentials to get out first flag. Further, we used it again to bruteforce the SSH password and claimed the second flag. In your CTF and pentesting journey, you will be using hydra to bruteforcing the common services password. So, this is one of the tool that is a must in your arsenal. Hope you found this article handy. On that note, i will take your leave but remember to “Keep Hacking”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top