How does hydra and other brute force programs work?

>>58967656
poorly, essentially by throwing your computer's resources at a target and hoping something sticks in the gears

>>58967656
post data, check response
over and over agan until the response is
"SUCCESS" then save the data send

Take a bunch of pleb level credentials and try them all very quickly...Sadly sometimes it actually works...Because plebs

>>58967656

for each password in password list:
  if by submiting password you're not succesful
  continue
  otherwise return the password

>>58967656

Make script kiddies think they are H@X0R$

>>58968083
but it changes the passwords from the password list right? Or does it uses the exact same?

>>58968108
does work if a system is poorly secured..

>>58968154
It works, but once you get a reverse shell set up, then what will you do? Program can only do so much.

What do you mean 'how does it work'
It sends requests to the server containing credentials over and over again until it finds one that the server responds with something that isn't a failed authentication

I thought that 'brute force' would have made it obvious

>>58968181
But let's say you have a list of requests you give to the program but none work, does it try modifying the list or does it simply fail?

>>58968198
What do you mean modify the list? I'm assuming you have to feed it a list so that it can use each entry as an argument.

>>58968198
It uses whatever request you give it.