diff --git a/Makefile b/Makefile index 372e67e..6eb18ec 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,94 @@ -all: - @echo Error: you must run "./configure" first +CC=clang +STRIP=strip +XDEFINES= -DHAVE_MYSQL_MYSQL_H -DLIBOPENSSL -DLIBNCURSES -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE -DLIBMYSQLCLIENT -DLIBSSH -DHAVE_ZLIB -DHAVE_GCRYPT -DHAVE_MATH_H +XLIBS= -lgcrypt -lz -lcurses -lssl -lidn -lpcre -lmysqlclient -lssh -lcrypto +XLIBPATHS=-L/usr/lib -L/usr/local/lib -L/lib -L/lib/x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu -L/lib/x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu +XIPATHS= -I/usr/include/mysql -I/usr/include -I/usr/include -I/usr/include -I/usr/include +PREFIX=/usr/local +XHYDRA_SUPPORT=xhydra +STRIP=strip + +HYDRA_LOGO= +PWI_LOGO= +SEC=-pie -fPIE -fstack-protector-all --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wl,-z,now -Wl,-z,relro + +# +# Makefile for Hydra - (c) 2001-2017 by van Hauser / THC +# +OPTS=-I. -O3 +# -Wall -g -pedantic +LIBS=-lm +BINDIR = /bin +MANDIR ?= /man/man1/ +DATADIR ?= /etc +DESTDIR ?= + +SRC = hydra-vnc.c hydra-pcnfs.c hydra-rexec.c hydra-nntp.c hydra-socks5.c \ + hydra-telnet.c hydra-cisco.c hydra-http.c hydra-ftp.c hydra-imap.c \ + hydra-pop3.c hydra-smb.c hydra-icq.c hydra-cisco-enable.c hydra-ldap.c \ + hydra-mysql.c hydra-mssql.c hydra-xmpp.c hydra-http-proxy-urlenum.c \ + hydra-snmp.c hydra-cvs.c hydra-smtp.c hydra-smtp-enum.c hydra-sapr3.c \ + hydra-ssh.c hydra-sshkey.c hydra-teamspeak.c hydra-postgres.c \ + hydra-rsh.c hydra-rlogin.c hydra-oracle-listener.c hydra-svn.c \ + hydra-pcanywhere.c hydra-sip.c hydra-oracle.c hydra-vmauthd.c \ + hydra-asterisk.c hydra-firebird.c hydra-afp.c hydra-ncp.c hydra-rdp.c \ + hydra-oracle-sid.c hydra-http-proxy.c hydra-http-form.c hydra-irc.c \ + hydra-s7-300.c hydra-redis.c hydra-adam6500.c hydra-rtsp.c \ + hydra-rpcap.c hydra-radmin2.c \ + hydra-time.c crc32.c d3des.c bfg.c ntlm.c sasl.c hmacmd5.c hydra-mod.c +OBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \ + hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o \ + hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o \ + hydra-mysql.o hydra-mssql.o hydra-xmpp.o hydra-http-proxy-urlenum.o \ + hydra-snmp.o hydra-cvs.o hydra-smtp.o hydra-smtp-enum.o hydra-sapr3.o \ + hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o hydra-postgres.o \ + hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o hydra-svn.o \ + hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o \ + hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o \ + hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o \ + hydra-redis.o hydra-rdp.o hydra-s7-300.c hydra-adam6500.o hydra-rtsp.o \ + hydra-rpcap.o hydra-radmin2.o \ + crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o hydra-time.o +BINS = hydra pw-inspector + +EXTRA_DIST = README README.arm README.palm CHANGES TODO INSTALL LICENSE \ + hydra-mod.h hydra.h crc32.h d3des.h + +all: pw-inspector hydra $(XHYDRA_SUPPORT) + @echo + @echo Now type "make install" + +hydra: hydra.c $(OBJ) + $(CC) $(OPTS) $(SEC) $(LIBS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o hydra $(HYDRA_LOGO) hydra.c $(OBJ) $(LIBS) $(XLIBS) $(XLIBPATHS) $(XIPATHS) $(XDEFINES) + @echo + @echo If men could get pregnant, abortion would be a sacrament + @echo + +xhydra: + -cd hydra-gtk && sh ./make_xhydra.sh + +pw-inspector: pw-inspector.c + -$(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o pw-inspector $(PWI_LOGO) pw-inspector.c + +.c.o: + $(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) -c $< $(XDEFINES) $(XIPATHS) + +strip: all + strip $(BINS) + -echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null + +install: strip + -mkdir -p $(DESTDIR)$(PREFIX)$(BINDIR) + cp -f hydra-wizard.sh $(BINS) $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 hydra-wizard.sh $(BINS) + -echo OK > /dev/null && test -x xhydra && cp xhydra $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 xhydra || echo OK > /dev/null + -sed -e "s|^INSTALLDIR=.*|INSTALLDIR="$(PREFIX)"|" dpl4hydra.sh | sed -e "s|^LOCATION=.*|LOCATION="$(DATADIR)"|" > $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh + -chmod 755 $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh + -mkdir -p $(DESTDIR)$(PREFIX)$(DATADIR) + -cp -f *.csv $(DESTDIR)$(PREFIX)$(DATADIR) + -mkdir -p $(DESTDIR)$(PREFIX)$(MANDIR) + -cp -f hydra.1 xhydra.1 pw-inspector.1 $(DESTDIR)$(PREFIX)$(MANDIR) clean: + rm -rf xhydra pw-inspector hydra *.o core *.core *.stackdump *~ Makefile.in Makefile dev_rfc hydra.restore arm/*.ipk arm/ipkg/usr/bin/* hydra-gtk/src/*.o hydra-gtk/src/xhydra hydra-gtk/stamp-h hydra-gtk/config.status hydra-gtk/errors hydra-gtk/config.log hydra-gtk/src/.deps hydra-gtk/src/Makefile hydra-gtk/Makefile cp -f Makefile.orig Makefile + diff --git a/Makefile.unix b/Makefile.unix index d58d678..6519b52 100644 --- a/Makefile.unix +++ b/Makefile.unix @@ -1,2 +1 @@ -CC=gcc STRIP=strip diff --git a/configure b/configure index 482217c..bfca454 100755 --- a/configure +++ b/configure @@ -1266,7 +1266,8 @@ echo "XHYDRA_SUPPORT=$XHYDRA_SUPPORT" >> Makefile.in #fi echo "STRIP=$STRIP" >> Makefile.in echo >> Makefile.in -cat Makefile.unix > Makefile +echo "CC=$CC" > Makefile +cat Makefile.unix >> Makefile cat Makefile.in >> Makefile # ignore errors if this uname call fails ### Current Cygwin is up to speed :-) diff --git a/hydra-adam6500.c b/hydra-adam6500.c index 9382fd1..ca7fcfa 100644 --- a/hydra-adam6500.c +++ b/hydra-adam6500.c @@ -70,11 +70,11 @@ int32_t start_adam6500(int32_t s, char *ip, int32_t port, unsigned char options, for (i = 0; i < 8 && i < strlen(pass); i++) buffer[19 + i] = pass[i] ^ 0x3f; - if (hydra_send(s, buffer, sizeof(adam6500_req1), 0) < 0) + if (hydra_send(s, (char*)buffer, sizeof(adam6500_req1), 0) < 0) return 1; if (recv(s, buffer, sizeof(buffer), 0) == 12 && memcmp(buffer, adam6500_resp1, sizeof(adam6500_resp1)) == 0) { - if (hydra_send(s, adam6500_req2, sizeof(adam6500_req2), 0) < 0) + if (hydra_send(s, (char *)adam6500_req2, sizeof(adam6500_req2), 0) < 0) return 1; if (recv(s, buffer, sizeof(buffer), 0) == 259 && memcmp(buffer, adam6500_resp2, sizeof(adam6500_resp2)) == 0) { hydra_completed_pair(); diff --git a/hydra-mod.c b/hydra-mod.c index 42b9c3b..9d5ecde 100644 --- a/hydra-mod.c +++ b/hydra-mod.c @@ -900,7 +900,7 @@ int32_t hydra_recv(int32_t socket, char *buf, uint32_t length) { ret = internal__hydra_recv(socket, buf, length); if (debug) { sprintf(text, "[DEBUG] RECV [pid:%d]", getpid()); - hydra_dump_data(buf, ret, text); + hydra_dump_data((unsigned char *)buf, ret, text); //hydra_report_debug(stderr, "DEBUG_RECV_BEGIN|%s|END [pid:%d ret:%d]", buf, getpid(), ret); } return ret; @@ -915,13 +915,13 @@ int32_t hydra_recv_nb(int32_t socket, char *buf, uint32_t length) { buf[0] = 0; if (debug) { sprintf(text, "[DEBUG] RECV [pid:%d]", getpid()); - hydra_dump_data(buf, ret, text); + hydra_dump_data((unsigned char *)buf, ret, text); } return ret; } if (debug) { sprintf(text, "[DEBUG] RECV [pid:%d]", getpid()); - hydra_dump_data(buf, ret, text); + hydra_dump_data((unsigned char *)buf, ret, text); //hydra_report_debug(stderr, "DEBUG_RECV_BEGIN|%s|END [pid:%d ret:%d]", buf, getpid(), ret); } } @@ -954,7 +954,7 @@ char *hydra_receive_line(int32_t socket) { if (got < 0) { if (debug) { sprintf(text, "[DEBUG] RECV [pid:%d]", getpid()); - hydra_dump_data("", -1, text); + hydra_dump_data((unsigned char *)"", -1, text); //hydra_report_debug(stderr, "DEBUG_RECV_BEGIN||END [pid:%d %d]", getpid(), i); perror("recv"); } @@ -991,7 +991,7 @@ char *hydra_receive_line(int32_t socket) { if (debug) { sprintf(text, "[DEBUG] RECV [pid:%d]", getpid()); - hydra_dump_data(buff, got, text); + hydra_dump_data((unsigned char *)buff, got, text); //hydra_report_debug(stderr, "DEBUG_RECV_BEGIN [pid:%d len:%d]|%s|END", getpid(), got, buff); } if (got == 0) { @@ -1006,7 +1006,7 @@ int32_t hydra_send(int32_t socket, char *buf, uint32_t size, int32_t options) { if (debug) { sprintf(text, "[DEBUG] SEND [pid:%d]", getpid()); - hydra_dump_data(buf, size, text); + hydra_dump_data((unsigned char *)buf, size, text); /* int32_t k; char *debugbuf = malloc(size + 1); @@ -1151,7 +1151,7 @@ void hydra_tobase64(unsigned char *buf, uint32_t buflen, uint32_t bufsize) { strcpy((char *) buf, (char *) bof); /* can not overflow */ } -void hydra_dump_asciihex(unsigned char *string, int32_t length) { +void hydra_dump_asciihex(const char *string, int32_t length) { unsigned char *p = (unsigned char *) string; unsigned char lastrow_data[16]; int32_t rows = length / HYDRA_DUMP_ROWS; diff --git a/hydra-mod.h b/hydra-mod.h index bf72b7c..fa3e7c0 100644 --- a/hydra-mod.h +++ b/hydra-mod.h @@ -31,7 +31,7 @@ extern int32_t hydra_send(int32_t socket, char *buf, uint32_t size, int32_t opti extern int32_t make_to_lower(char *buf); extern unsigned char hydra_conv64(unsigned char in); extern void hydra_tobase64(unsigned char *buf, uint32_t buflen, uint32_t bufsize); -extern void hydra_dump_asciihex(unsigned char *string, int32_t length); +extern void hydra_dump_asciihex(const char *string, int32_t length); extern void hydra_set_srcport(int32_t port); extern char *hydra_address2string(char *address); extern char *hydra_address2string_beautiful(char *address); diff --git a/hydra-radmin2.c b/hydra-radmin2.c index cba0431..835539b 100644 --- a/hydra-radmin2.c +++ b/hydra-radmin2.c @@ -179,7 +179,7 @@ void service_radmin2(char *ip, int32_t sp, unsigned char options, char *miscptr, char buffer[42]; char password[101]; uint8_t rawkey[16]; - uint8_t *IV = "\xFE\xDC\xBA\x98\x76\x54\x32\x10\xA3\x9D\x4A\x18\xF8\x5B\x4A\x52"; + char *IV = "\xFE\xDC\xBA\x98\x76\x54\x32\x10\xA3\x9D\x4A\x18\xF8\x5B\x4A\x52"; uint8_t encrypted[32]; gcry_error_t err; gcry_cipher_hd_t cipher; diff --git a/hydra-smb.c b/hydra-smb.c index 3be4170..18d501e 100644 --- a/hydra-smb.c +++ b/hydra-smb.c @@ -119,7 +119,7 @@ static size_t UTF8_UTF16LE(unsigned char *in, int32_t insize, unsigned char *out uint64_t ch; if (debug) { hydra_report(stderr, "[DEBUG] UTF8_UTF16LE in:\n"); - hydra_dump_asciihex(in, insize); + hydra_dump_asciihex((char *)in, insize); } for (i = 0; i < insize; i++) { if (in[i] < 128) { // one byte @@ -149,7 +149,7 @@ static size_t UTF8_UTF16LE(unsigned char *in, int32_t insize, unsigned char *out } if (debug) { hydra_report(stderr, "[DEBUG] UTF8_UTF16LE out:\n"); - hydra_dump_asciihex(out,j); + hydra_dump_asciihex((char *)out,j); } return j; } @@ -1189,7 +1189,7 @@ unsigned long SMBSessionSetup(int32_t s, char *szLogin, char *szPassword, char * hydra_send(s, (char *) buf, iOffset + iByteCount, 0); nReceiveBufferSize = hydra_recv(s, bufReceive, sizeof(bufReceive)); - if (/*(bufReceive == NULL) ||*/ (nReceiveBufferSize == 0)) + if (nReceiveBufferSize == 0) return -1; /* 41 - Action (Guest/Non-Guest Account) */ @@ -1499,7 +1499,7 @@ int32_t service_smb_init(char *ip, int32_t sp, unsigned char options, char *misc return -1; } - if (buf[15] & 16 == 16) { + if ((buf[15] & 16) == 16) { fprintf(stderr, "[ERROR] target smb://%s:%d/ requires signing which we do not support\n", hostname, port); return -1; } diff --git a/hydra-snmp.c b/hydra-snmp.c index 5ffc4ef..8e25884 100644 --- a/hydra-snmp.c +++ b/hydra-snmp.c @@ -15,7 +15,7 @@ extern int32_t child_head_no; char snmpv3buf[1024], *snmpv3info = NULL; int32_t snmpv3infolen = 0, snmpversion = 1, snmpread = 1, hashtype = 1, enctype = 0; -unsigned char snmpv3_init[] = { 0x30, 0x3e, 0x02, 0x01, 0x03, 0x30, 0x11, 0x02, +char snmpv3_init[] = { 0x30, 0x3e, 0x02, 0x01, 0x03, 0x30, 0x11, 0x02, 0x04, 0x08, 0x86, 0xdd, 0xf0, 0x02, 0x03, 0x00, 0xff, 0xe3, 0x04, 0x01, 0x04, 0x02, 0x01, 0x03, 0x04, 0x10, 0x30, 0x0e, 0x04, 0x00, 0x02, 0x01, @@ -39,7 +39,7 @@ unsigned char snmpv3_get2[] = { 0x30, 0x2e, 0x04, 0x0c, 0x80, 0x00, 0x00, 0x00 }; -unsigned char snmpv3_nouser[] = { 0x04, 0x00, 0x04, 0x00, 0x04, 0x00 }; +char snmpv3_nouser[] = { 0x04, 0x00, 0x04, 0x00, 0x04, 0x00 }; struct SNMPV1_A { char ID; @@ -94,13 +94,13 @@ struct SNMPV1_W { }; #ifdef LIBOPENSSL -void password_to_key_md5(u_char * password, /* IN */ +void password_to_key_md5(char * password, /* IN */ u_int passwordlen, /* IN */ - u_char * engineID, /* IN - pointer to snmpEngineID */ + char * engineID, /* IN - pointer to snmpEngineID */ u_int engineLength, /* IN - length of snmpEngineID */ - u_char * key) { /* OUT - pointer to caller 16-octet buffer */ + char * key) { /* OUT - pointer to caller 16-octet buffer */ MD5_CTX MD; - u_char *cp, password_buf[80], *mypass = password, bpass[17]; + char *cp, password_buf[80], *mypass = password, bpass[17]; u_long password_index = 0, count = 0, i, mylen, myelen = engineLength; if (strlen(password) > passwordlen) @@ -133,7 +133,7 @@ void password_to_key_md5(u_char * password, /* IN */ MD5_Update(&MD, password_buf, 64); count += 64; } - MD5_Final(key, &MD); /* tell MD5 we're done */ + MD5_Final((unsigned char *)key, &MD); /* tell MD5 we're done */ /* Now localize the key with the engineID and pass */ /* through MD5 to produce final key */ /* May want to ensure that engineLength <= 32, */ @@ -143,24 +143,24 @@ void password_to_key_md5(u_char * password, /* IN */ memcpy(password_buf + 16 + myelen, key, 16); MD5_Init(&MD); MD5_Update(&MD, password_buf, 32 + myelen); - MD5_Final(key, &MD); + MD5_Final((unsigned char *)key, &MD); return; } -void password_to_key_sha(u_char * password, /* IN */ +void password_to_key_sha(char * password, /* IN */ u_int passwordlen, /* IN */ - u_char * engineID, /* IN - pointer to snmpEngineID */ + char * engineID, /* IN - pointer to snmpEngineID */ u_int engineLength, /* IN - length of snmpEngineID */ - u_char * key) { /* OUT - pointer to caller 20-octet buffer */ + char * key) { /* OUT - pointer to caller 20-octet buffer */ SHA_CTX SH; - u_char *cp, password_buf[80], *mypass = password, bpass[17]; + char *cp, password_buf[80], *mypass = password, bpass[17]; u_long password_index = 0, count = 0, i, mylen = passwordlen, myelen = engineLength; if (mylen < 8) { memset(bpass, 0, sizeof(bpass)); - strcpy(bpass, password); + strcpy((char *)bpass, password); while (mylen < 8) { - strcat(bpass, password); + strcat((char *)bpass, password); mylen += passwordlen; } mypass = bpass; @@ -181,7 +181,7 @@ void password_to_key_sha(u_char * password, /* IN */ SHA1_Update(&SH, password_buf, 64); count += 64; } - SHA1_Final(key, &SH); /* tell SHA we're done */ + SHA1_Final((unsigned char *)key, &SH); /* tell SHA we're done */ /* Now localize the key with the engineID and pass */ /* through SHA to produce final key */ /* May want to ensure that engineLength <= 32, */ @@ -191,7 +191,7 @@ void password_to_key_sha(u_char * password, /* IN */ memcpy(password_buf + 20 + myelen, key, 20); SHA1_Init(&SH); SHA1_Update(&SH, password_buf, 40 + myelen); - SHA1_Final(key, &SH); + SHA1_Final((unsigned char *)key, &SH); return; } #endif @@ -336,7 +336,7 @@ int32_t start_snmp(int32_t s, char *ip, int32_t port, unsigned char options, cha for (i = 0; i < 8; i++) initVect[i] ^= privacy_params[i]; DES_key_sched((const_DES_cblock *) key, &symcbc); - DES_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, &symcbc, (const_DES_cblock *) (initVect), DES_ENCRYPT); + DES_ncbc_encrypt(snmpv3_get2 + 2, (unsigned char *)buf, sizeof(snmpv3_get2) - 2, &symcbc, (const_DES_cblock *) (initVect), DES_ENCRYPT); #endif @@ -367,10 +367,10 @@ int32_t start_snmp(int32_t s, char *ip, int32_t port, unsigned char options, cha i++; // just to conform with the snmpv1/2 code #ifdef LIBOPENSSL if (hashtype == 1) { - HMAC((EVP_MD *) EVP_md5(), key, 16, buffer, i - 1, hash, NULL); + HMAC((EVP_MD *) EVP_md5(), key, 16, (const unsigned char*)buffer, i - 1, (unsigned char *)hash, NULL); memcpy(buffer + off, hash, 12); } else if (hashtype == 2) { - HMAC((EVP_MD *) EVP_sha1(), key, 20, buffer, i - 1, hash, NULL); + HMAC((EVP_MD *) EVP_sha1(), key, 20, (const unsigned char *)buffer, i - 1, (unsigned char *)hash, NULL); memcpy(buffer + off, hash, 12); } #endif