From 29cba23b58519f5dfd7da5e1c11b0de5a08ec919 Mon Sep 17 00:00:00 2001
From: ARZ <60057481+AbdullahRizwan101@users.noreply.github.com>
Date: Tue, 13 Apr 2021 17:39:40 +0500
Subject: [PATCH] Update Cheat Sheet.md
---
Cheat Sheet.md | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/Cheat Sheet.md b/Cheat Sheet.md
index 58b05cd..352d332 100644
--- a/Cheat Sheet.md
+++ b/Cheat Sheet.md
@@ -470,6 +470,18 @@ To get a RCE
* using `crackstation`
* using `seclists`
+### Hydra
+
+When the login shows an error message
+
+`hydra -l admin -P /usr/share/wordlists/rockyou.txt http-post-form '/login.php:username=^USE
+R^&password=^PASS^:F=Incorrect!' -t 64 -V -I`
+
+
+When the login doesn't show an error message so we can specify a `success (s)` string which is shown after we login to a site , typically logout is shown to us.
+`hydra -l admin -P /usr/share/wordlists/rockyou.txt http-post-form '/login.php:username=^USE
+R^&password=^PASS^:S=logout' -t 64 -V -I`
+
# Hash Cracking
### Hashcat