The Dutch Hacker
Hydra tryhackme


This is the write up for the room Hydra on Tryhackme and it is part of the CompTIA Pentest+ Path

Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment


Task 1

Read all that is in the task. Start the attached machine

Once the machine is deployed open firefox and navigate to http://MACHINE_IP

1.1 Use Hydra to bruteforce molly’s web password. What is flag 1?

According ot the question the user name is molly and we now need to find her password with hydra

We will use the command given us in the task and adjust it a little bit

hydra -l molly -P /usr/share/wordlists/rockyou.txt http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V

Now login with these credentials and you will find the flag

1.2 Use Hydra to bruteforce molly’s SSH password. What is flag 2?

I did an nmap scan to make sure the ssh port is on 22


Command I used

hydra -l molly -P /usr/share/wordlists/rockyou.txt ssh

Login in with those credentials

ssh molly@MACHINE_IP

Most Popular Post

Sign Up

Signup today for free and be the first to get notified on new updates.
* indicates required

Follow Me

Most Popular Post

Contact Us