v8.8 release

CHANGES

@@ -2,7 +2,7 @@ Changelog for hydra
 -------------------
 
 
-Release 8.7-dev
+Release 8.8
 * New web page: https://github.com/vanhauser-thc/thc-hydra
 * added PROBLEMS file with known issues
 * rdp: disabled the module as it does not support the current protocol. If you want to add it contact me

Makefile.am

@@ -1,5 +1,5 @@
 #
-# Makefile for Hydra - (c) 2001-2018 by van Hauser / THC <vh@thc.org>
+# Makefile for Hydra - (c) 2001-2019 by van Hauser / THC <vh@thc.org>
 #
 OPTS=-I. -O3
 # -Wall -g -pedantic

README

@@ -1,7 +1,7 @@
 
 				  H Y D R A
 
-                      (c) 2001-2018 by van Hauser / THC
+                      (c) 2001-2019 by van Hauser / THC
              <vh@thc.org> https://github.com/vanhauser-thc/thc-hydra
        many modules were written by David (dot) Maciejak @ gmail (dot) com
                  BFG code by Jan Dlabal <dlabaljan@gmail.com>
@@ -378,7 +378,7 @@ Version 1.00 example:
         "These are very free form"
     ],
     "generator": {
-        "built": "2018-03-01 14:44:22",
+        "built": "2019-03-01 14:44:22",
         "commandline": "hydra -b jsonv1 -o results.json ... ...",
         "jsonoutputversion": "1.00",
         "server": "127.0.0.1",

README.md

@@ -1,7 +1,7 @@
 
 				  H Y D R A
 
-                      (c) 2001-2018 by van Hauser / THC
+                      (c) 2001-2019 by van Hauser / THC
              <vh@thc.org> https://github.com/vanhauser-thc/thc-hydra
        many modules were written by David (dot) Maciejak @ gmail (dot) com
                  BFG code by Jan Dlabal <dlabaljan@gmail.com>
@@ -378,7 +378,7 @@ Version 1.00 example:
         "These are very free form"
     ],
     "generator": {
-        "built": "2018-03-01 14:44:22",
+        "built": "2019-03-01 14:44:22",
         "commandline": "hydra -b jsonv1 -o results.json ... ...",
         "jsonoutputversion": "1.00",
         "server": "127.0.0.1",

hydra.1

@@ -1,4 +1,4 @@
-.TH "HYDRA" "1" "01/01/2018"
+.TH "HYDRA" "1" "01/01/2019"
 .SH NAME
 hydra \- a very fast network logon cracker which support many different services
 .SH SYNOPSIS

hydra.c

@@ -1,5 +1,5 @@
 /*
- * hydra (c) 2001-2018 by van Hauser / THC <vh@thc.org>
+ * hydra (c) 2001-2019 by van Hauser / THC <vh@thc.org>
  * https://github.com/vanhauser-thc/thc-hydra
  *
  * Parallized network login hacker.
@@ -204,7 +204,7 @@ char *SERVICES =
 #define RESTOREFILE "./hydra.restore"
 
 #define PROGRAM   "Hydra"
-#define VERSION   "v8.7-dev"
+#define VERSION   "v8.8"
 #define AUTHOR    "van Hauser/THC"
 #define EMAIL     "<vh@thc.org>"
 #define RESOURCE  "https://github.com/vanhauser-thc/thc-hydra"
@@ -2063,7 +2063,7 @@ int main(int argc, char *argv[]) {
   struct sockaddr_in6 *ipv6 = NULL;
   struct sockaddr_in *ipv4 = NULL;
 
-  printf("%s %s (c) 2018 by %s - Please do not use in military or secret service organizations, or for illegal purposes.\n\n", PROGRAM, VERSION, AUTHOR);
+  printf("%s %s (c) 2019 by %s - Please do not use in military or secret service organizations, or for illegal purposes.\n\n", PROGRAM, VERSION, AUTHOR);
 #ifndef LIBAFP
   SERVICES = hydra_string_replace(SERVICES, "afp ", "");
   strcat(unsupported, "afp ");

web/CHANGES

@@ -2,8 +2,11 @@ Changelog for hydra
 -------------------
 
 
-Release 8.7-dev
+Release 8.8
 * New web page: https://github.com/vanhauser-thc/thc-hydra
+* added PROBLEMS file with known issues
+* rdp: disabled the module as it does not support the current protocol. If you want to add it contact me
+* ldap: fixed a dumb strlen on a potential null pointer
 * http-get/http-post:
    - now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch)
    - 403/404 errors are now always registered as failed attempts

web/README

@@ -1,7 +1,7 @@
 
 				  H Y D R A
 
-                      (c) 2001-2018 by van Hauser / THC
+                      (c) 2001-2019 by van Hauser / THC
              <vh@thc.org> https://github.com/vanhauser-thc/thc-hydra
        many modules were written by David (dot) Maciejak @ gmail (dot) com
                  BFG code by Jan Dlabal <dlabaljan@gmail.com>
@@ -23,7 +23,7 @@ access from remote to a system.
 
 THIS TOOL IS FOR LEGAL PURPOSES ONLY!
 
-There are already several login hacker tools available, however none does
+There are already several login hacker tools available, however, none does
 either support more than one protocol to attack or support parallized
 connects.
 
@@ -73,6 +73,7 @@ make install
 If you want the ssh module, you have to setup libssh (not libssh2!) on your
 system,  get it from http://www.libssh.org, for ssh v1 support you also need
 to add "-DWITH_SSH1=On" option in the cmake command line.
+IMPORTANT: If you compile on MacOS then you must do this - do not install libssh via brew!
 
 If you use Ubuntu/Debian, this will install supplementary libraries needed
 for a few optional modules (note that some might not be available on your distribution):
@@ -80,23 +81,23 @@ for a few optional modules (note that some might not be available on your distri
 ```
 apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev \
                  libgtk2.0-dev libmysqlclient-dev libpq-dev libsvn-dev \
-                 firebird-dev libncp-dev
+                 firebird-dev
 ```
 
 This enables all optional modules and features with the exception of Oracle,
-SAP R/3 and the apple filing protocol - which you will need to download and
+SAP R/3, NCP and the apple filing protocol - which you will need to download and
 install from the vendor's web sites.
 
 For all other Linux derivates and BSD based systems, use the system
-software installer and look for similar named libraries like in the
-command above. In all other cases you have to download all source libraries
+software installer and look for similarly named libraries like in the
+command above. In all other cases, you have to download all source libraries
 and compile them manually.
 
 
 
 SUPPORTED PLATFORMS
 -------------------
-- All UNIX platforms (Linux, *bsd, Solaris, etc.)
+- All UNIX platforms (Linux, *BSD, Solaris, etc.)
 - MacOS (basically a BSD clone)
 - Windows with Cygwin (both IPv4 and IPv6)
 - Mobile systems based on Linux, MacOS or QNX (e.g. Android, iPhone, Blackberry 10, Zaurus, iPaq)
@@ -113,7 +114,7 @@ Note that NO login/password file is included. Generate them yourself.
 A default password list is however present, use "dpl4hydra.sh" to generate
 a list.
 
-For Linux users, a GTK gui is available, try `./xhydra`
+For Linux users, a GTK GUI is available, try `./xhydra`
 
 For the command line usage, the syntax is as follows:
  For attacking one target or a network, you can use the new "://" style:
@@ -165,7 +166,7 @@ All attacks are then IPv6 only!
 If you want to supply your targets via a text file, you can not use the ://
 notation but use the old style and just supply the protocol (and module options):
   hydra [some command line options] -M targets.txt ftp
-You can supply also port for each target entry by adding ":<port>" after a
+You can supply also the port for each target entry by adding ":<port>" after a
 target entry in the file, e.g.:
 
 ```
@@ -290,7 +291,7 @@ When hydra is aborted with Control-C, killed or crashes, it leaves a
 "hydra.restore" file behind which contains all necessary information to
 restore the session. This session file is written every 5 minutes.
 NOTE: the hydra.restore file can NOT be copied to a different platform (e.g.
-from little endian to big endian, or from solaris to aix)
+from little endian to big endian, or from Solaris to AIX)
 
 HOW TO SCAN/CRACK OVER A PROXY
 ------------------------------
@@ -329,7 +330,7 @@ ADDITIONAL HINTS
 * uniq your dictionary files! this can save you a lot of time :-)
     cat words.txt | sort | uniq > dictionary.txt
 * if you know that the target is using a password policy (allowing users
-  only to choose password with a minimum length of 6, containing a least one
+  only to choose a password with a minimum length of 6, containing a least one
   letter and one number, etc. use the tool pw-inspector which comes along
   with the hydra package to reduce the password list:
     cat dictionary.txt | pw-inspector -m 6 -c 2 -n > passlist.txt
@@ -377,7 +378,7 @@ Version 1.00 example:
         "These are very free form"
     ],
     "generator": {
-        "built": "2018-01-01 14:44:22",
+        "built": "2019-03-01 14:44:22",
         "commandline": "hydra -b jsonv1 -o results.json ... ...",
         "jsonoutputversion": "1.00",
         "server": "127.0.0.1",
@@ -526,4 +527,4 @@ zlGuZP1S6Y7S13ytiULSzTfUxJmyGYgNo+4ygh0i6Dudf9NLmV+i9aEIbLbd6bni
 zB3yrr+vYBT0uDWmxwPjiJs=
 =ytEf
 -----END PGP PUBLIC KEY BLOCK-----
-```
+```