// CTF CHALLENGE 11

Hydra Web Cracker

You intercepted the following HTTP login request. You know the user is admin. Use the wordlist rockyou.txt and the keyword "Incorrect" as the failure condition to write the Hydra command.

[ Intercepted Request - BurpSuite ]

POST /panel/login.php HTTP/1.1 Host: 10.10.20.50 User-Agent: Mozilla/5.0 Content-Type: application/x-www-form-urlencoded Content-Length: 27 usr=admin&pwd=MySecretPassword HTTP/1.1 200 OK Content-Type: text/html <div class="alert">Incorrect password, please try again.</div>
root@kali:~#