Following is the partial result from : hydra -U http-form-post
Syntax: <url>:<form parameters>[:<optional>[:<optional>]:<condition string>
................................................................................
The following parameters are optional and are put between the form parameters
and the condition string; seperate them too with colons:
2= 302 page forward return codes identify a successful attempt
(c|C)=/page/uri to define a different page to gather initial cookies from
(g|G)= skip pre-requests - only use this when no pre-cookies are required
(h|H)=My-Hdr\: foo to send a user defined HTTP header with each request
^USER[64]^ and ^PASS[64]^ can also be put into these headers!
Note: 'h' will add the user-defined header at the end
regardless it's already being sent by Hydra or not.
'H' will replace the value of that header if it exists, by the
one supplied by the user, or add the header at the end
I mention ................................................................................ for other part of the results from : hydra -U http-form-post because I wanna focus on this part. If these are optional what is the actual use case of these options and when should we use these with hydra.
I am just in beginner phase of learning this tool. I try this for this buggy bwapp page and works fine without those option mentioned (well it should as they are optional). I checked some web tutorial but could not find any focused on these optional parameters. So, I wanna learn with actual use case where and when to mention cookies, session info or whatever optional parameter wants. Are there any cases when hydra may not function well if these are not mentioned ?