From 0626888331d01498b353f6c7cae5512a44a343d3 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Thu, 9 Aug 2018 11:13:25 +0200 Subject: [PATCH] http-form fix to always identify 403/404 as failed --- CHANGES | 4 +++- hydra-http-form.c | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 84333ba..dba24ce 100644 --- a/CHANGES +++ b/CHANGES @@ -3,7 +3,9 @@ Changelog for hydra Release 8.7-dev -* http-get/http-post: now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch) +* http-get/http-post: + - now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch) + - 403/404 errors are now always registered as failed attempts * mysql module: a non-default port was not working, fixed * added -w timeout support to ssh module * fixed various memory leaks in http-form module diff --git a/hydra-http-form.c b/hydra-http-form.c index 4b02483..bf8497d 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -562,7 +562,7 @@ int32_t analyze_server_response(int32_t s) { } else if (strstr(buf, "HTTP/1.1 401") != NULL || strstr(buf, "HTTP/1.0 401") != NULL) { auth_flag = 1; } else if ((strstr(buf, "HTTP/1.1 403") != NULL) || (strstr(buf, "HTTP/1.1 404") != NULL) || (strstr(buf, "HTTP/1.0 403") != NULL) || (strstr(buf, "HTTP/1.0 404") != NULL)) { - return 0; + return -1; } if (hydra_strcasestr(buf, "Location: ") != NULL) { @@ -899,7 +899,7 @@ int32_t start_http_form(int32_t s, char *ip, int32_t port, unsigned char options found = analyze_server_response(s); - if (auth_flag) { // we received a 401 error - user using wrong module + if (auth_flag) { // we received a 401 error - user is using wrong module hydra_report(stderr, "[ERROR] the target is using HTTP auth, not a web form, received HTTP error code 401. Use module \"http%s-get\" instead.\n", (options & OPTION_SSL) > 0 ? "s" : ""); return 4;