How to brute force your router in windows

This will give you a quick run down on how to brute force your router if it uses HTTP BASIC AUTH

using THC-HYDRA

If you receive a popup window when you try to access your router, then this method should work for you.

Read the article then watch the movie

THC-Hydra – can be downloaded from their site here
Password list – try openwall’s free list

Find your router IP, you should already know this, mine is 192.168.1.2. It is a DSL-G604T and the default username for this router is “admin”.
If for some reason you can’t remember yours try a default password site such as CIRT.net

Make sure you have downloaded and extracted THC-Hydra. I have extracted mine to C:\CMD\Hydra in this example and I also have my password list in the Hydra directory.

Open a command prompt and navigate to the Hydra directory
to change directory in dos used the “CD” command followed by the path CD C:\CMD\Hydra

run the command below substituting in your values
(command flags are case sensitive).

hydra -l {username} -P {password list path} -s {port} {IP Address} http-get /
My command looks like:
hydra -l admin -P password.lst -s 80 192.168.1.2 http-get /

Command break down:
hydra –> the hydra program
-l –> (lower case “L” not to be confused with a upper case i) single username to target. Use uppercase -L to specify a username list
-P –> provide path to password lis. -p to try a single password ie “passw0rd”
-s –> port to target your router may run on a different port such as 8080
{IP Address} hopefully this is clear
http-get –> service to brute force
“/” –> this specifies the page to target if this is left out the command will not run. “/” just indicates the root do not include the ”
you will get an output line with username and password if you are successful.
This attack is only as good as your dictionary.

Next how to brute force web forms, check it out!!

IMPORTANT:
This is for educational purposes only, dont go attacking devices which don’t belong to you .

36 thoughts on “How to brute force your router in windows

  1. I want to test this, but i’m affraid my service provider wil see that i try to bruteforce my router. Is it possible that they can see that i’m brute forcing it by the way?

  2. password list attack is called wordlist attack not brute force.
    BF is when the hacking tool tries all the alphanumeric and special characters that the user selected.

  3. I have a dictionary of 1 GB and I can not use it, the thc-hydra gives me this error:

    Error: Could not allocate enough memory for password file data

  4. hello!
    I’ m jerry and i use globesurfer3 as a router and i try to forward my ipcam f980a but i never succeed please can you help me to guide me!
    i check port with canyousee me but it repliesalways error on any port! i’ve already contacted my isp and they said that they didn’t block any port but it’s my router globesurfer3 witch blocks my ports!
    so please help me

  5. Your video has the [80] [www] line in it with the deets, mine doesn’t, is this because the attack failed? It has all the other lines, just not that one :(

  6. All this learning is true when you are connected to your router right now, what we i do when the pc not connected to target router?

  7. Hello, i read your blog occasionally and i own a similar one and i was just curious if you get a lot of spam responses?
    If so how do you prevent it, any plugin or anything you can suggest?
    I get so much lately it’s driving me mad so any support is very much
    appreciated.

  8. your router? my router is zyxel, and its www auth without login, how u make hydra work for telnet brute without login, only Password:
    lamers

  9. Hey there just wanted to give you a quick heads up.

    The words in your content seem to be running off the screen in Opera.
    I’m not sure iif this is a format issue or something to do wiyh browser compatibility but I figured I’d poost to
    let you know. The style and design look great though!
    Hope you get the issue fixed soon. Cheers

  10. What is the website that means it is easy to understand podcasts and blog sites? I don’t get an iPod, does that make any difference? . ekdeeeffkedd

  11. Hi all,

    In cmd hydra -l {username} -P {password list path} -s {port} {IP Address} http-get / , how do i find the username, password list path and port?

    -cyc-

  12. You have to cut the fruits that bounce off of the plenty of birds
    call of duty advanced warfare download become available to play, the magic
    skill. It will need to walk the little device. Even you can ask your mates to follow suit.
    Well, for iPad, iPhone 4S, iPod touch and go to your mobile phone prices have
    come!

  13. his i the vry st League of Legends Ashe build fr 2014. The Country Mouse And The City Mouse Adventures – Season 1 (1998)In this entertaining
    and educational animated series, country mouse Emily and her city mouse cousin, Alexander, travel to exotic
    locales around the world, learning all about different cultures and
    working together to solve problems. Can the intrepid and
    hardworking Bob fix all these problems.

  14. A few obvious methods too many infomercials all around to count that attempts to con the regular man into buying some magic product that promises 1-3 inches in the short time.
    Using this method of the double padded strap put to use in making the
    pro extender, you should expect to become more comfort once you put it on. I know because I used it and my manhood shot up by almost
    4 in!

  15. Création d’itinéraires personnalisés pour les circuits de voyage en Nouvelle-Zélande.
    Ce guide touristique est conçu comme une solution complète
    à l’organisation de vos voyages ou circuits en Nouvelle-Zélande selon vos propres conditions.

    bienvenue sur http://www.nzyourway.com

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>