Here we are. Firstly i must advise you to only use these methods to test your own security. I will be hacking my own email address / router password as example.
All Tools to be found in Backtrack 5 OR Kali Linux!
INTRO:
Xhydra : It can be used to brute force a huge number of passwords, including Telnet and FTP.
If you are Using Another Linux Such as Ubuntu, if i am not mistaken ubuntu doesnt surely include Xhydra so Inorder to install it follow the steps written below!!
install Xhydra by opening a terminal window (Applications>Accessories-->Terminal) and typing the following command:
sudo apt-get install hydra , Then You're good to go!!
Starting
Start X-Hydra
Also Start Zenmap
Everything Should Start, And Look Like This...
We will start by hacking a local network router password. This can be very useful to a hacker in the scenario where one has cracked a wifi password and gained local access to the network. After gaining access to the router possibilities are endless.
All router security can be disabled and then we can perform MitM attacks. if you're experienced enough in networking then you get the picture.
Typically a router's IP address will start with 192.168.x.x. (which it may be in your case) to check this type ifconfig in linux.
(the routers IP will be the Default Gateway).
Now i'm sure you have seen this before:
What we are going to do is tell Xhydra to connect to the routers http server with a protected page, input the username and bruteforce the password. Note this method can be used against any similar password protected page not using forms.
so your input should be like this:
Check off show attempts as it makes it easier. single target SHOULD BE YOUR DEFAULT GATEWAY. perhaps 192.168.0.1. do not use this against websites or hardware you do not own or have permission to test. Important - port should be 80 or in some cases 8080. EVEN MORE IMPORTANT under PROTOCOL find http-get and click it. to find open ports on a device just scan the target IP with zenmap.
Back To Hydra...
In most cases the username will be admin. also in most cases the password will be either "password" "admin" or BLANK.
however, in my situation the default password is far different from admin or blank. so what i have done was selected a wordlist. you can find many wordlists using google. typically the bigger the better especially on a local network. backtrack comes with a few. can be found in: /root/pentest/passwords/wordlists
i have compiled my own and named it password.lst. It has 1.1 million Words in it!!
Click Here To Download
so:
click username enter admin
click Password list and select your list
also check off "try login as password" and "try empty password"
then move to the Specific tab.
change http / https url to just a slash /
this tells hydra what directory the protected page is on the server.
goto the start tab and click start. results will follow.
Now You're good to go!!
Please Share This Blog If You'd Enjoyed all the Tutorials we've written OR
