Hack Like a Pro: How to Crack Online Passwords with Tamper Data & THC Hydra

Welcome back, my tenderfoot hackers!
Not too long ago, I showed how to find various online devices using Shodan. As you remember, Shodan is a different type of search engine. Instead of indexing the content of websites, it pulls the banner of web servers on all types of online devices and then indexes the content of those banners.
This info can be from any type of device including web servers, routers, webcams, SCADA systems, home security systems, and basically anything that has a web interface, which in 2014, means just about everything.
I mentioned in my first Shodan tutorial that you can often access these devices by simply using the default username and password, as administrators are often lazy and neglectful. The question we want to address in this tutorial is—what do we do when the site requires credentials and the defaults don't work?
There is tool that is excellent for cracking online passwords and it is called THC-Hydra. Fortunately, it is built into our Kali distribution, so we don't need to download, install, or compile anything to use it.

Step 1: Download & Install Tamper Data

Before we start with THC-Hydra, let's install another tool that complements THC-Hydra. This tool is known as "Tamper Data", and it is a plug-in for Mozilla's Firefox. Since our IceWeasel browser in Kali is built on the open source Firefox, it plugs equally well into Iceweasel.
Tamper Data enables us to capture and see the HTTP and HTTPS GET and POST information. In essense, Tamper Data is a web proxy similar to Burp Suite, but simpler and built right into our browser.
Tamper Data enables us to grab the information from the browser en route to the server and modify it. In addition, once we get into more sophisticated web attacks, it is crucial to know what fields and methods are being used by the web form, and Tamper Data can help us with that as well.
Let's download it from here and install it into Iceweasel.

Install the Tamper Data Firefox add-on in Iceweasel.

Step 2: Test Tamper Data

Now that we have Tamper Data installed into our browser, let's see what it can do. Activate Tamper Data and then navigate to any website. Below you can see that I have navigated to Bank of America and Tamper Data provides we with each HTTPS GET and POST request between my browser and the server.

HTTPS GET and POST requests for BOA.

When I try to login to the site with the username "hacker", Tamper Data returns to me all the critical info on the form. This information will be useful when we begin to use Hydra to crack online passwords.

Tamper Data information for BOA login.

Step 3: Open THC Hydra

Now that we have Tamper Data in place and working properly, let's open Hydra. You can find it at Kali Linux -> Password -> Online Attacks -> Hydra. You can see it about midway among the list of online password cracking tools.

Step 4: Understand the Hydra Basics

When we open Hydra, we are greeted with this help screen. Note the sample syntax at the bottom of the screen. Hydra's syntax is relatively simple and similar to other password cracking tools.

The initial help screen for Hydra.

Let's take a look at it further.
hydra -l username -p passwordlist.txt target
The username can be a single user name, such as "admin" or username list, passwordlist is usually any text file that contains potential passwords, and target can be an IP address and port, or it can be a specific web form field.
Although you can use ANY password text file in Hydra, Kali has several built in. Let's change directories to /usr/share/wordlists:
kali > cd /usr/share/wordlists
Then list the contents of that directory:
kali > ls
You can see below, Kali has many word lists built in. You can use any of these or any word list you download from the web as long as it was created in Linux and is in the .txt format.

The default word lists available in Kali.

Step 5: Use Hydra to Crack Passwords

In the example below, I am using Hydra to try to crack the "admin" password using the "rockyou.txt" wordlist at 192.168.89.190 on port 80.

An example of using Hydra.

Using Hydra on Web Forms

Using Hydra on web forms adds a level of complexity, but the format is similar except that you need info on the web form parameters that Tamper Data can provide us.
The syntax for using Hydra with a web form is to use <url>:<formparameters>:<failure string> where previously we had used the target IP. We still need a username list and password list.
Probably the most critical of these parameters for web form password hacking is the "failure string". This is the string that the form returns when the username or password is incorrect. We need to capture this and provide it to Hydra so that Hydra knows when the attempted password is incorrect and can then go to the next attempt.
In my next Hydra tutorial, I will show you how to use this information to brute-force any web form including all those web cams, SCADA systems, traffic lights, etc. that we can find on Shodan.

Powerful Ways to Get the Ideal Girls

For those of you who feel men / boys are more genuine singles or singles who want a dream lover may want to get it one way how we can get our dream girl. Before I went straight to the matter, I hope that reading this powerful way really genuine guy, not a girl Abal Abal ngondek frequent roadside, hehehhehe. Indeed, many other ways that can be done to get the girl of our dream, this is just a little reference point that can be tried on thousands of another powerful way to get the woman of your dreams. To get a girl dream of many thousands of ways that sometimes powerful and those that failed, it all depends on our efforts, and not least also the most important thing is luck. If you've tried as much as possible, but you are not lucky, then chances are your dream girl will not you get.

Since most men prefer girls who are pretty white, sexy body, bohai. However, not all men love girls liked these characteristics, most of them choose who can communicate well and according to him.
Well, I will direct it to the material on a powerful way to get a girl's dream, this is just an article from me, I'm also not someone who is an expert in getting a girl's dream, but I'm just trying to menshare some thoughts for you to read and hopefully also if you are trying way will I give it, for it cekidot ..

Powerful Ways to Get Girls Craving

1. Initial Intention

Why I wrote the initial intention of the way first, because there is a second intention in the language that will be me next stage, but the original intent is the most important thing for you who want to get the girl of your dream as expected, because the girl's dream of each man is different . Instill your intention to get the girl according to your dream, you may crave beautiful girl bohai, craving naughty girl whom you can play on the bed, or a girl who is sweet and can be good for the invite to communicate. Once you can make your choice which you directly Niatkanlah to find a girl like you desire, and just focus on looking for a girl like you desire.
 
2. Look for the girl you desire

Once you determine the initial intention to select the type of girl that you will find, now you look and guerrilla was to find a girl that you desire, maybe this is the hardest part to find a girl that you desire, but it is unlikely that there are millions of girls in your world did not find any girl you desire-idamkan.Usahakan to search more than one girl, because there may be a problem that will occur in the next stage.
 
3. Dig Senyak many Information About Your Ideal Girl

Once you manage to find your dream girl then continue with this lagkah, is one of the important steps to be able to continue to the next stage, it can be safely said to be the first step that you need to get. The important thing is that you have to dig up as much information about the girl you desire, you can find more information by searching facebook, then ask her to make friends, or me-follow twitter, or may seek to be close friends know more information about the girl you desire. The second stage is why I say, you have to find more than one girl, is she the reason. In this stage the important thing is we have to find our dream girl status, at the moment we are looking for information about the girl, and it turns out the girl has a boyfriend, maybe this is one of the barriers to failure, for the anticipation of the right is to search for more than one chick and we direct the selection and choose the best of several options. Keep this information in the discovery stage, you should perform a basic approach phase. Stage of the basic approach is to try to get to know you, and try to get to know him bagaimanan figure, it is very important to continue the next phase.
 
4. Intention Second

Once you manage to find information about your dream girl, selanjuntya stage is that you must intend to return a second time, but the intention is the intention that matters. You must bernit that you really want to date, because if you intend for others, I assure you that you will not get the best results, because in good faith then comes the good results, otherwise if instilling bad intentions then you will get bad results as well. So, guys solidified intentions to get the girl of your dreams, and always trying to get the girl that you have craved for this.
 
5. Early Stage Approach

For you can perform the initial approach phase, you must perform the basic stage have I explained in the 2nd stage, because if you have not done the basic stage, it will be a long time to carry out the initial stages. The time that you can do to make the initial approach to future <1 week> 3 months, if you exceed 3 months and your dream girl has not given a definite response, you should leave and go back to the 2nd stage, because men need certainty quickly instead of waiting. At this stage, you try to slightly menggombal, seduce but do not overdo it, fatal consequences if you do too much, can assume another girl and you have to bury your dreams to get it.

 
6. Intensive Phase Approach

Once you make it through the early stages of the approach of the longest about 3 months, if they can be faster is better. At this stage, you should have pretty close to your dream girl, and also grateful that if he had given a positive response that the dream girl had both wanted to date and is also interested in you. Live you give a little seduction-seduction your death, so if a girl is already interested in you, then you give your deadly seduction-seduction, then immediately kelepek-tuh kelepek succumb to the seduction of your girl. You will be much easier to move on to stage selanjuntnya, because now you've set one of your legs to the heart. We recommend at this stage you need to keep your good communication as well as possible, and continue to put through intensive talks with a slight seduce.
 
7. Final Stage

The final stage of the approaches you is to say, to express, to pour, stating the contents of your heart to your dream girl or often known as the shooting process. If you are a sniper then you will be able to guess the right time, the right situation to shoot a girl's dream, will feel confident and not afraid of a bad answer would be said by the girl's dream, but kebanyaka a sniper will not get lost in the fire the bullet to the target, or in other words you are a sniper would not be rejected by your dream girl. However, if you are full of doubt, fear to express, then embarrassed to declare it dangerous for you, because it approaches intertwine with the girl you have a dream for this will hang, if too long a girl's dream itself was also no longer gives the feeling again, because most girls do not like hanging relationships. So guys, better you have to be quick to fire if you really really like, if you loose any doubt mending your dream girl.

No less important than the 7th stage of the above, there is one more stage in case you've managed to be accepted by your dream girl after devouring the 7th stage of the ...

8. Treat

More appropriate term is giving loyaty or reward to those who have helped you in the process of getting your dream girl, the more you give to others, then your friends give a good prayer to you, then your relationship will be better and far better if your relationship progressed to a higher stage. The most important is also to give something to those who have submitted the tips above, hahhahaha.

This is a little tips from me even though many thousands of other tips more powerful than the way I gave it, if you have more tips, wrote wrote in the comments field below for input, I will always reply to comments that advance.