github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-08-21 22:03:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #253 from crondaemon/ccc-analyzer

Browse source 
ccc-analyzer code audit fixes
This commit is contained in:
van Hauser 2017-08-19 06:20:39 +02:00 committed by GitHub
commit 24f1a929c1
6 changed files with 13 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

9
hydra-cisco.c
View file

@ -127,7 +127,7 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
switch (run) { switch (run) {
case 1: /* connect and service init function */ case 1: /* connect and service init function */
{ {
unsigned char *buf2; unsigned char *buf2 = NULL;
int32_t f = 0; int32_t f = 0;
if (sock >= 0) if (sock >= 0)
@ -151,9 +151,10 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
hydra_child_exit(1); hydra_child_exit(1);
} }
do { do {
if (f != 0) if (f != 0) {
free(buf2); free(buf2);
else buf2 = NULL;
} else
f = 1; f = 1;
if ((buf2 = (unsigned char *) hydra_receive_line(sock)) == NULL) { if ((buf2 = (unsigned char *) hydra_receive_line(sock)) == NULL) {
if (failc < retry) { if (failc < retry) {
@ -169,7 +170,7 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
} }
if (buf2 != NULL && hydra_strcasestr((char*)buf2, "ress ENTER") != NULL) if (buf2 != NULL && hydra_strcasestr((char*)buf2, "ress ENTER") != NULL)
hydra_send(sock, "\r\n", 2, 0); hydra_send(sock, "\r\n", 2, 0);
} while (strstr((char *) buf2, "assw") == NULL); } while (buf2 != NULL && strstr((char *) buf2, "assw") == NULL);
free(buf2); free(buf2);
if (next_run != 0) if (next_run != 0)
break; break;

5
hydra-mod.c
View file

@ -288,9 +288,9 @@ int32_t internal__hydra_connect(char *host, int32_t port, int32_t protocol, int3
if (debug) if (debug)
printf("DEBUG_CONNECT_PROXY_OK\n"); printf("DEBUG_CONNECT_PROXY_OK\n");
} else { } else {
if (debug) if (debug && tmpptr)
printf("DEBUG_CONNECT_PROXY_FAILED (Code: %c%c%c)\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2)); printf("DEBUG_CONNECT_PROXY_FAILED (Code: %c%c%c)\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));
if (verbose) if (verbose && tmpptr)
fprintf(stderr, "[ERROR] CONNECT call to proxy failed with code %c%c%c\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2)); fprintf(stderr, "[ERROR] CONNECT call to proxy failed with code %c%c%c\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));
err = 1; err = 1;
} }
@ -948,7 +948,6 @@ char *hydra_receive_line(int32_t socket) {
} else { } else {
if (debug) if (debug)
printf("[DEBUG] hydra_data_ready_timed: %d, waittime: %d, conwait: %d, socket: %d\n", i, waittime, conwait, socket); printf("[DEBUG] hydra_data_ready_timed: %d, waittime: %d, conwait: %d, socket: %d\n", i, waittime, conwait, socket);
i = 0;
} }
if (got < 0) { if (got < 0) {

4
hydra-radmin2.c
View file

@ -86,7 +86,7 @@ char *message2buffer(struct rmessage *msg) {
switch(msg->type) { switch(msg->type) {
case 0x1b: //Challenge request case 0x1b: //Challenge request
data = calloc (10, sizeof(unsigned char)); data = (char *)calloc (10, sizeof(char));
if(data == NULL) { if(data == NULL) {
hydra_report(stderr, "calloc failure\n"); hydra_report(stderr, "calloc failure\n");
hydra_child_exit(0); hydra_child_exit(0);
@ -97,7 +97,7 @@ char *message2buffer(struct rmessage *msg) {
memcpy((data+9), &msg->type, sizeof(char)); memcpy((data+9), &msg->type, sizeof(char));
break; break;
case 0x09: case 0x09:
data = calloc (42, sizeof(unsigned char)); data = (char *)calloc (42, sizeof(char));
if(data == NULL) { if(data == NULL) {
hydra_report(stderr, "calloc failure\n"); hydra_report(stderr, "calloc failure\n");
hydra_child_exit(0); hydra_child_exit(0);

2
hydra-vmauthd.c
View file

@ -108,8 +108,8 @@ void service_vmauthd(char *ip, int32_t sp, unsigned char options, char *miscptr,
hydra_child_exit(2); hydra_child_exit(2);
} }
if ((strstr(buf, "Version 1.00") == NULL) && (strstr(buf, "Version 1.10") == NULL)) { if ((strstr(buf, "Version 1.00") == NULL) && (strstr(buf, "Version 1.10") == NULL)) {
free(buf);
hydra_report(stderr, "[ERROR] this vmware authd protocol is not supported, please report: %s\n", buf); hydra_report(stderr, "[ERROR] this vmware authd protocol is not supported, please report: %s\n", buf);
free(buf);
hydra_child_exit(2); hydra_child_exit(2);
} }
//by default this service is waiting for ssl connections //by default this service is waiting for ssl connections

2
hydra-vnc.c
View file

@ -135,8 +135,8 @@ int32_t start_vnc(int32_t s, char *ip, int32_t port, unsigned char options, char
return 3; return 3;
return 1; return 1;
default: default:
free(buf);
hydra_report(stderr, "[ERROR] unknown VNC server security result %d\n", buf[3]); hydra_report(stderr, "[ERROR] unknown VNC server security result %d\n", buf[3]);
free(buf);
return 1; return 1;
} }

4
hydra.c
View file

@ -894,7 +894,7 @@ void hydra_restore_read() {
if (debug) if (debug)
printf("[DEBUG] reading restore file: Step 10 complete\n"); printf("[DEBUG] reading restore file: Step 10 complete\n");
hydra_targets = malloc((hydra_brains.targets + 3) * sizeof(hydra_targets)); hydra_targets = (hydra_target **) malloc((hydra_brains.targets + 3) * sizeof(hydra_target*));
for (j = 0; j < hydra_brains.targets; j++) { for (j = 0; j < hydra_brains.targets; j++) {
hydra_targets[j] = malloc(sizeof(hydra_target)); hydra_targets[j] = malloc(sizeof(hydra_target));
fck = (int32_t) fread(hydra_targets[j], sizeof(hydra_target), 1, f); fck = (int32_t) fread(hydra_targets[j], sizeof(hydra_target), 1, f);
@ -3397,7 +3397,7 @@ int32_t main(int32_t argc, char *argv[]) {
four_from = (addr4 & l); four_from = (addr4 & l);
l = 1 << (32 - k); l = 1 << (32 - k);
hydra_brains.targets = countservers = l; hydra_brains.targets = countservers = l;
hydra_targets = malloc(sizeof(hydra_target*) * (l + 2) + 8); hydra_targets = (hydra_target**)malloc(sizeof(hydra_target*) * (l + 2) + 8);
if (hydra_targets == NULL) if (hydra_targets == NULL)
bail("Could not allocate enough memory for target data"); bail("Could not allocate enough memory for target data");
i = 0; i = 0;