http module a= option

CHANGES

@@ -3,7 +3,8 @@ Changelog for hydra
 
 Release 8.9-dev
 * your patch? :)
-* Revamped rdp module to use FreeRDP library (thanks to loianhtuan@github for the patch!)
+* http: http module now supports a= option to select http authentication type
+* rdp: Revamped rdp module to use FreeRDP library (thanks to loianhtuan@github for the patch!)
 * JSON output does now truncate the file if exists. Beware when using -R
 * Fixed svn module memory leaks
 * Fixed rtsp module potential buffer overflow

hydra-http-form.c

@@ -50,10 +50,12 @@ Added fail or success condition, getting cookies, and allow 5 redirections by da
 */
 
 #include "hydra-http.h"
+#include "sasl.h"
 
 extern char *HYDRA_EXIT;
 char *buf;
 char *cond;
+extern int32_t http_auth_mechanism;
 
 struct header_node {
   char *header;
@@ -397,6 +399,18 @@ int32_t parse_options(char *miscptr, ptr_header_node *ptr_head) {
    */
   while (*miscptr != 0) {
     switch (miscptr[0]) {
+    case 'a':                  // fall through
+    case 'A':                  // only for http, not http-form!
+      ptr = miscptr + 2;
+      if (strncasecmp(miscptr, "NTML", 4) == 0)
+        http_auth_mechanism = AUTH_NTLM;
+      else if (strncasecmp(miscptr, "MD5", 3) == 0 || strncasecmp(miscptr, "DIGEST", 6) == 0)
+        http_auth_mechanism = AUTH_DIGESTMD5;
+      else if (strncasecmp(miscptr, "BASIC", 4) == 0)
+        http_auth_mechanism = AUTH_BASIC;
+      else
+        fprintf(stderr, "[WARNING] unknown http auth type: %s\n", miscptr);
+      break;
     case 'c':                  // fall through
     case 'C':
       ptr = miscptr + 2;

hydra-http.c

@@ -6,7 +6,7 @@ char *webtarget = NULL;
 char *slash = "/";
 char *http_buf = NULL;
 int32_t webport, freemischttp = 0;
-int32_t http_auth_mechanism = AUTH_BASIC;
+int32_t http_auth_mechanism = AUTH_UNASSIGNED;
 
 int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp, char *type, ptr_header_node ptr_head) {
   char *empty = "";
@@ -314,9 +314,12 @@ void service_http(char *ip, int32_t sp, unsigned char options, char *miscptr, FI
     *ptr++ = 0;
   optional1 = ptr;
 
-  if (!parse_options(optional1, &ptr_head))
+  if (!parse_options(optional1, &ptr_head)) // this function is in hydra-http-form.c !!
     run = 4;
 
+  if (http_auth_mechanism == AUTH_UNASSIGNED)
+    http_auth_mechanism = AUTH_BASIC;
+
   while (1) {
     next_run = 0;
     switch (run) {
@@ -393,6 +396,7 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
 void usage_http(const char* service) {
   printf("Module %s requires the page to authenticate.\n"
          "The following parameters are optional:\n"
+         " (a|A)=auth-type   specify authentication mechanism to use: BASIC, NTLM or MD5\n"
          " (h|H)=My-Hdr\\: foo   to send a user defined HTTP header with each request\n"
-         "For example:  \"/secret\" or \"http://bla.com/foo/bar:H=Cookie\\: sessid=aaaa\" or \"https://test.com:8080/members\"\n\n", service);
+         "For example:  \"/secret\" or \"http://bla.com/foo/bar:H=Cookie\\: sessid=aaaa\" or \"https://test.com:8080/members:A=NTLM\"\n\n", service);
 }

sasl.h

@@ -19,6 +19,7 @@
 #define AUTH_BASIC 11
 #define AUTH_LM 12
 #define AUTH_LMv2 13
+#define AUTH_UNASSIGNED 14
 
 #if LIBIDN
 #include <stringprep.h>