github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-08-22 06:13:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix hydra-http.c

Browse source
This commit is contained in:
Nicholas.Ni 2021-07-25 23:01:27 +08:00
commit 0776e47741
1 changed files with 22 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

38
hydra-http.c
View file

@ -11,7 +11,7 @@ static char end_condition[END_CONDITION_MAX_LEN];
int end_condition_type = -1; int end_condition_type = -1;
#define MAX_STATUS_CODE_SIZE 10 #define MAX_STATUS_CODE_SIZE 10
int match_status_code[MAX_STATUS_CODE_SIZE]; int *match_status_code;
int32_t webport; int32_t webport;
int32_t http_auth_mechanism = AUTH_UNASSIGNED; int32_t http_auth_mechanism = AUTH_UNASSIGNED;
@ -44,7 +44,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
header = stringify_headers(&ptr_head); header = stringify_headers(&ptr_head);
buffer_size = strlen(header) + 500; buffer_size = strlen(header) + 500;
if (!(buffer = malloc(buffer_size))) { if (!(buffer = (char *)malloc(buffer_size))) {
freeM(header); freeM(header);
return 3; return 3;
} }
@ -229,7 +229,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
http_buf = hydra_receive_line(s); http_buf = hydra_receive_line(s);
} else if (tmpreplybuf[0] != 0) { } else if (tmpreplybuf[0] != 0) {
complete_line = 1; complete_line = 1;
if ((tmpreplybufptr = malloc(strlen(tmpreplybuf) + strlen(http_buf) + 1)) != NULL) { if ((tmpreplybufptr = (char *) malloc(strlen(tmpreplybuf) + strlen(http_buf) + 1)) != NULL) {
strcpy(tmpreplybufptr, tmpreplybuf); strcpy(tmpreplybufptr, tmpreplybuf);
strcat(tmpreplybufptr, http_buf); strcat(tmpreplybufptr, http_buf);
freeM(http_buf); freeM(http_buf);
@ -262,7 +262,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
// check status // check status
if (match_status_code != NULL) { if (match_status_code != NULL) {
for (int i = 0; match_status_code[i]; i++) { for (int i = 0; i < sizeof(*match_status_code) / sizeof(int); i++) {
if (match_status_code[i] == atoi(ptr)) { if (match_status_code[i] == atoi(ptr)) {
if (end_condition_type == -1) { if (end_condition_type == -1) {
if (debug) if (debug)
@ -358,7 +358,7 @@ void service_http(char *ip, int32_t sp, unsigned char options, char *miscptr, FI
webport = mysslport; webport = mysslport;
/* normalise the webtarget for ipv6/port number */ /* normalise the webtarget for ipv6/port number */
webtarget = malloc(strlen(hostname) + 1 /* null */ + 6 /* :65535 */ webtarget = (char *) malloc(strlen(hostname) + 1 /* null */ + 6 /* :65535 */
#ifdef AF_INET6 #ifdef AF_INET6
+ 2 /* [] */ + 2 /* [] */
#endif #endif
@ -460,10 +460,9 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
memset(misc, '\0', strlen(miscptr)); memset(misc, '\0', strlen(miscptr));
strcpy(misc, miscptr); strcpy(misc, miscptr);
char *delim = ":"; const char *delim = ":";
char *p = NULL; char *p = NULL;
char *match_text_start = NULL; char *match_text_start = NULL;
memset(match_status_code, '\0', MAX_STATUS_CODE_SIZE);
#if defined __APPLE__ || __linux__ || __unix__ #if defined __APPLE__ || __linux__ || __unix__
while ((p = strtok_r(NULL, delim, &misc))) { while ((p = strtok_r(NULL, delim, &misc))) {
@ -476,11 +475,12 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
if (strstr(p, "r=") != NULL || strstr(p, "R=") != NULL) { if (strstr(p, "r=") != NULL || strstr(p, "R=") != NULL) {
if (strlen(p) < 3) { if (strlen(p) < 3) {
hydra_report(stderr, "Invalid status code, eg: 200 or 200|400."); hydra_report(stderr, "Invalid status code, eg: 200 or 200|400.");
free(misc); freeM(misc);
misc = NULL;
return -1; return -1;
} }
int *status_tmp = (int *) malloc(MAX_STATUS_CODE_SIZE * sizeof(int));
char tmp; char tmp;
int value, n; int value, n;
int pos = 0; int pos = 0;
@ -492,15 +492,15 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
if ((n != 1 && tmp != '|') || value > 1000) { if ((n != 1 && tmp != '|') || value > 1000) {
hydra_report(stderr, "Invalid status code, eg: 200 or 200|400."); hydra_report(stderr, "Invalid status code, eg: 200 or 200|400.");
free(misc); freeM(misc);
return -1; return -1;
} }
match_status_code[pos++] = value; status_tmp[pos++] = value;
if (pos > MAX_STATUS_CODE_SIZE) { if (pos > MAX_STATUS_CODE_SIZE) {
hydra_report(stderr, "Match up to %d status codes.", MAX_STATUS_CODE_SIZE); hydra_report(stderr, "Match up to %d status codes.", MAX_STATUS_CODE_SIZE);
free(misc); freeM(misc);
return -1; return -1;
} }
@ -514,7 +514,14 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
++p; ++p;
} }
} }
match_status_code = (int *) malloc(pos * sizeof(int));
for(int i = 0; i < pos; i++) {
match_status_code[i] = status_tmp[i];
} }
freeM(status_tmp);
}
if (strstr(p, "F=") != NULL || strstr(p, "S=") != NULL) { if (strstr(p, "F=") != NULL || strstr(p, "S=") != NULL) {
int size = 0; int size = 0;
if (misc != NULL) { if (misc != NULL) {
@ -543,8 +550,8 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
if (condition_len >= END_CONDITION_MAX_LEN) { if (condition_len >= END_CONDITION_MAX_LEN) {
hydra_report(stderr, "Condition string cannot be bigger than %u.", END_CONDITION_MAX_LEN); hydra_report(stderr, "Condition string cannot be bigger than %u.", END_CONDITION_MAX_LEN);
free(misc); freeM(misc);
free(match_text_start); freeM(match_text_start);
return -1; return -1;
} }
@ -553,8 +560,7 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
if (debug) if (debug)
hydra_report(stderr, "End condition is %s, mod is %d\n", end_condition, end_condition_type); hydra_report(stderr, "End condition is %s, mod is %d\n", end_condition, end_condition_type);
free(match_text_start); freeM(match_text_start);
match_text_start = NULL;
if (debug) if (debug)
hydra_report(stderr, "Modificated options:%s\n", miscptr); hydra_report(stderr, "Modificated options:%s\n", miscptr);