I’m continuing my studying for the Comptia Pentest+ and wanted to walk through another one of the rooms in the TryHackMe learning path for the Pentest+. In the video below, we reviewed and completed the tasks in the Hydra room. We covered how to use Hydra, a fast network logon cracker, to bruteforce and obtain a website’s credentials. As part of the process of identification of what information we needed to craft our Hydra attack, we also covered some of the basics of using Burp Suite as a proxy to be able to identify web traffic. As always, this is a lab for learning purposes only. Don’t use a tool like this on any IT systems that do not belong to you or that you don’t have authorized permission to do so.
Below I’m going to share with you my answers when going through the knowledge checks in the different tasks in the room. Definitely try to work through the problems as much as you can. In this particular room, there is only two tasks, but…there is a decent amount of work that goes into completing Task 2 in order to capture the flags. Make sure to follow along in the video so you understand what you need to do to get the answers below.
Hydra Task 2 – Using Hydra
Network Knowledge Wrap Up
Keep an eye out as I continue to work through other TryHackMe CompTIA Pentest+ rooms!
Here is the Comptia Pentest+ training book bundle I’m using. (Affiliate Link)
TryHackMe Hydra Room