1
00:00:00,060 --> 00:00:06,510
But in this video, we're going to see how beautiful the login pages using the Hydra, so we have seen

2
00:00:06,510 --> 00:00:10,580
the Hydra for breakfasting as an MP and as six protocols.

3
00:00:10,830 --> 00:00:13,380
So now we will see the how the first login page.

4
00:00:13,980 --> 00:00:22,440
So this is a good example to show you guys protect me Hydra room, and they are just given direction

5
00:00:22,440 --> 00:00:29,480
about the hydra that it can cracka these protocols, plus passwords and logins, I mean, brute force.

6
00:00:31,530 --> 00:00:38,510
So they're, uh, displaying the how, uh, syntax, how to use the Hydra.

7
00:00:38,850 --> 00:00:44,520
They are already seen this sort of brute force, this, uh, web browsing page.

8
00:00:44,520 --> 00:00:49,650
You need to specify it should be pushed forward because, uh, we are submitting that it is.

9
00:00:49,650 --> 00:00:51,270
And it will be the first request.

10
00:00:51,810 --> 00:00:53,760
And to specify the you here.

11
00:00:53,770 --> 00:01:02,640
And after putting the semi colon, you need to specify the username and password to the oh, where it

12
00:01:02,640 --> 00:01:12,240
was that URL parameters the user is going to send to the server and it to specify this, uh, cap and

13
00:01:12,240 --> 00:01:13,230
user and cap.

14
00:01:13,230 --> 00:01:21,600
So it will Haidara understands that it should have this user, it will replace the uh are the oldest

15
00:01:21,600 --> 00:01:29,190
values and within the password you'll see that, uh, to replace the word values.

16
00:01:29,460 --> 00:01:31,540
And what this means is value.

17
00:01:31,770 --> 00:01:36,160
So if you type used in the password, you get the third page.

18
00:01:36,720 --> 00:01:44,820
So on this index page, YAML, uh, that means that you will get some words they call your password

19
00:01:44,820 --> 00:01:47,270
is incorrect, your username is wrong.

20
00:01:47,280 --> 00:01:50,210
So in character we have to specify.

21
00:01:50,370 --> 00:01:58,930
So Heidrun, see that um, a response which will understand that this combination is not correct.

22
00:01:58,950 --> 00:02:02,510
So if you do not get incorrect, obviously it's correct.

23
00:02:02,520 --> 00:02:06,420
That way it will identify the combination as uh successfully.

24
00:02:07,110 --> 00:02:11,610
So now let's go ahead and see what is in browser.

25
00:02:13,140 --> 00:02:14,250
So let me open this.

26
00:02:14,250 --> 00:02:19,100
I have already connected to our project that we have been using it.

27
00:02:19,890 --> 00:02:31,620
So let me go and quickly open this so that your IP address login, it would be normal, uh, username

28
00:02:32,400 --> 00:02:33,230
and password.

29
00:02:34,830 --> 00:02:38,130
So it says that your username and password is incorrect.

30
00:02:38,130 --> 00:02:38,910
So incorrect.

31
00:02:39,270 --> 00:02:46,080
Decided to put forth all the possible combinations of username and password and it will get the response

32
00:02:46,080 --> 00:02:47,310
right in that response.

33
00:02:47,550 --> 00:02:52,170
If there is a word incorrect, obviously it will be using password are wrong.

34
00:02:52,380 --> 00:02:54,360
So I don't think this incorrect.

35
00:02:54,360 --> 00:02:57,150
It will identify that this username and password are wrong.

36
00:02:57,420 --> 00:03:05,370
So we will use this, uh, keyword as a, um, notification like we have got the wrong or right.

37
00:03:06,330 --> 00:03:13,390
So let's go ahead and do the, uh, brute force using Hydra.

38
00:03:13,410 --> 00:03:16,290
That's a Hydra minus Shell.

39
00:03:16,980 --> 00:03:22,830
And the user name is they have already said that, uh, Malteser password.

40
00:03:22,830 --> 00:03:24,120
So username is Molly.

41
00:03:26,090 --> 00:03:27,900
And the minus possibilities.

42
00:03:28,280 --> 00:03:37,520
So they're asking you to put the rocket up so you can how you discovered the next mission already,

43
00:03:37,520 --> 00:03:42,430
how this rocket attacks, you can just look at that and you can actually this you will get the rocket

44
00:03:42,440 --> 00:03:45,070
attacks and also you can download from the GitHub.

45
00:03:45,590 --> 00:03:48,190
It's very famous whorish file.

46
00:03:51,560 --> 00:03:57,870
So I'm putting the username and the password protected, and I want to pay this IP address.

47
00:03:58,400 --> 00:04:05,210
Now I want to say it should be pushed from because this matter is pushed.

48
00:04:06,620 --> 00:04:12,500
And then we want to say this because our Web page is good at it.

49
00:04:14,810 --> 00:04:26,600
And we need to say in to space for the user name is equal to, uh, let's say, cap, user cap to identify

50
00:04:26,600 --> 00:04:30,710
this place and it will put the amorally in this place.

51
00:04:31,820 --> 00:04:36,440
And the password is equal to.

52
00:04:42,720 --> 00:04:43,520
Uh, kapper.

53
00:04:44,690 --> 00:04:51,000
So let me see the index again, so password is called back up and failure is incorrect.

54
00:04:51,030 --> 00:04:51,440
OK.

55
00:05:04,080 --> 00:05:08,520
So that's also minus V for verbose to see what's happening.

56
00:05:09,770 --> 00:05:11,780
I think I have given the cart, OK?

57
00:05:13,360 --> 00:05:14,360
We are good to go.

58
00:05:16,740 --> 00:05:22,620
So it's going to start and it's going to attempt this rugged username and password.

59
00:05:23,280 --> 00:05:28,010
And it has found that login is username and password is sunshine.

60
00:05:29,490 --> 00:05:37,500
So as you can see, oh, let's go and login Molly Sunshine.

61
00:05:40,200 --> 00:05:42,460
And we got the password.

62
00:05:42,630 --> 00:05:48,920
I mean, the flags are just me pasted in here between here and somewhere.

63
00:05:50,220 --> 00:05:54,970
So this is all about this, how you brute force the web using the hydra.

64
00:05:55,230 --> 00:05:57,960
So let's go and prove this as a dinosaur.

65
00:05:59,130 --> 00:06:06,250
So they're asking us as such, I think we should keep the same puzzle.

66
00:06:08,490 --> 00:06:14,190
I dropped my initial Molly and password stars are keyboard to

67
00:06:17,370 --> 00:06:18,780
an IP address.

68
00:06:22,170 --> 00:06:25,820
So let me copy this IP address.

69
00:06:29,220 --> 00:06:33,480
And let me say a Secich.

70
00:06:35,510 --> 00:06:38,280
Currently, I think we are good to go.

71
00:06:38,300 --> 00:06:41,270
No, let's run this hydra.

72
00:06:49,030 --> 00:06:56,710
So it has called the Maadi and the Pouncer butterfly so successfully, Bill Foster, and we got the

73
00:06:57,430 --> 00:06:58,000
butterfly.

74
00:06:58,300 --> 00:07:01,910
So now I'm going to login as user.

75
00:07:02,260 --> 00:07:05,560
So this is very good time to show you.

76
00:07:05,600 --> 00:07:07,120
This is its current syntax.

77
00:07:07,360 --> 00:07:08,670
We need to say, as is it.

78
00:07:08,890 --> 00:07:19,900
And that user name at the IP address, at the IP address and hit enter and it will ask, uh, at the,

79
00:07:20,440 --> 00:07:26,970
uh, fingerprint to you, what is it to keester and precious and not.

80
00:07:26,980 --> 00:07:29,530
We need to take the password itself, but it.

81
00:07:32,620 --> 00:07:36,460
And we have successfully located its address and its.

82
00:07:39,370 --> 00:07:47,850
Dirt track dirt and there we go, all this we have already seen in the previous video as such a beautiful

83
00:07:47,890 --> 00:07:52,890
thing, but again, just the asker know run the comment again.

84
00:07:53,860 --> 00:07:58,090
So I hope you have understood guys that are about this Hydra tool.

85
00:07:58,420 --> 00:08:01,730
You can use Hydra for so many protocols as well.

86
00:08:01,750 --> 00:08:06,550
Here they have mentioned the rest of the protocols, hydrocarbon, brute force.

87
00:08:07,370 --> 00:08:13,090
Uh, that's about this, uh, Verbruggen brute force using Hydra.