You need to use an error message which isn't on the page when it finds the right username. In this case, the login page will display the message "Invalid username" until you find the right one, which will then change to "Invalid password". So you want Hydra to know that it succeeds when the "Invalid username" is no longer displayed.
Thanks for the great post!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
You need to use an error message which isn't on the page when it finds the right username. In this case, the login page will display the message "Invalid username" until you find the right one, which will then change to "Invalid password". So you want Hydra to know that it succeeds when the "Invalid username" is no longer displayed.
Thanks for the great post!