From 1658f4926fbb2a732d08f250a14204423a37dae1 Mon Sep 17 00:00:00 2001 From: owein Date: Mon, 7 Oct 2019 14:20:02 +0200 Subject: [PATCH 01/24] it look like github wants to drive me mad --- bfg.c | 32 +++++++++++++++++++++++++++++--- bfg.h | 3 ++- hydra.c | 11 ++++++++--- hydra.h | 1 + 4 files changed, 40 insertions(+), 7 deletions(-) diff --git a/bfg.c b/bfg.c index a3a1dad..a19fcfa 100644 --- a/bfg.c +++ b/bfg.c @@ -52,6 +52,7 @@ static int32_t add_single_char(char ch, char flags, int32_t* crs_len) { // note that we check for -x .:.:ab but not for -x .:.:ba // int32_t bf_init(char *arg) { + bf_options.rain = 0; int32_t i = 0; int32_t crs_len = 0; char flags = 0; @@ -189,8 +190,17 @@ uint64_t bf_get_pcount() { return foo; } +int accu(int value) +{ + int sum = 0; + for(int i=1; i<=value; ++i) + { + sum+=i; + } + return sum; +} -char *bf_next() { +char *bf_next(_Bool rainy) { int32_t i, pos = bf_options.current - 1; if (bf_options.current > bf_options.to) @@ -200,9 +210,25 @@ char *bf_next() { fprintf(stderr, "Error: Can not allocate memory for -x data!\n"); return NULL; } + + if(rainy) + { + for (i = 0; i < bf_options.current; i++){ + bf_options.ptr[i] = bf_options.crs[(bf_options.state[i]+bf_options.rain)%bf_options.crs_len]; + bf_options.rain += i+1; + } + if(bf_options.crs_len%10 == 0) + bf_options.rain-=accu(bf_options.current)-2; + else if(bf_options.crs_len%2 == 0) + bf_options.rain-=accu(bf_options.current)-4; + else if(bf_options.crs_len%2) + bf_options.rain-=accu(bf_options.current)-1; - for (i = 0; i < bf_options.current; i++) - bf_options.ptr[i] = bf_options.crs[bf_options.state[i]]; + } + else + for (i = 0; i < bf_options.current; i++) + bf_options.ptr[i] = bf_options.crs[bf_options.state[i]]; + bf_options.ptr[bf_options.current] = 0; if (debug) { diff --git a/bfg.h b/bfg.h index 2ac5f49..132571b 100644 --- a/bfg.h +++ b/bfg.h @@ -41,6 +41,7 @@ typedef struct { char *crs; /* internal representation of charset */ char *ptr; /* ptr to the last generated password */ uint32_t disable_symbols; + unsigned long rain; } bf_option; extern bf_option bf_options; @@ -48,7 +49,7 @@ extern bf_option bf_options; #ifdef HAVE_MATH_H extern uint64_t bf_get_pcount(); extern int32_t bf_init(char *arg); -extern char *bf_next(); +extern char *bf_next(_Bool rainy); #endif #endif diff --git a/hydra.c b/hydra.c index d3f7430..6f2b497 100644 --- a/hydra.c +++ b/hydra.c @@ -337,6 +337,7 @@ char *sck = NULL; int32_t prefer_ipv6 = 0, conwait = 0, loop_cnt = 0, fck = 0, options = 0, killed = 0; int32_t child_head_no = -1, child_socket; int32_t total_redo_count = 0; +bool rainy = false; // moved for restore feature int32_t process_restore = 0, dont_unlink; @@ -482,6 +483,7 @@ void help(int32_t ext) { "[service://server[:PORT][/OPT]]\n"); PRINT_NORMAL(ext, "\nOptions:\n"); PRINT_EXTEND(ext, " -R restore a previous aborted/crashed session\n" + " -r in conjonction with -x, use rain algorythm\n" " -I ignore an existing restore file (don't wait 10 seconds)\n" #ifdef LIBOPENSSL " -S perform an SSL connect\n" @@ -1745,7 +1747,7 @@ int32_t hydra_send_next_pair(int32_t target_no, int32_t head_no) { #ifndef HAVE_MATH_H sleep(1); #else - hydra_targets[target_no]->pass_ptr = bf_next(); + hydra_targets[target_no]->pass_ptr = bf_next(hydra_options.rainy); if (debug) printf("[DEBUG] bfg new password for next child: %s\n", hydra_targets[target_no]->pass_ptr); #endif @@ -2229,7 +2231,7 @@ int main(int argc, char *argv[]) { help(1); if (argc < 2) help(0); - while ((i = getopt(argc, argv, "hIq64Rde:vVl:fFg:L:p:OP:o:b:M:C:t:T:m:w:W:s:SUux:yc:K")) >= 0) { + while ((i = getopt(argc, argv, "hIq64Rrde:vVl:fFg:L:p:OP:o:b:M:C:t:T:m:w:W:s:SUux:yc:K")) >= 0) { switch (i) { case 'h': help(1); @@ -2256,6 +2258,9 @@ int main(int argc, char *argv[]) { hydra_options.restore = 1; hydra_restore_read(); break; + case 'r': + hydra_options.rainy = true; + break; case 'I': ignore_restore = 1; // this is not to be saved in hydra_options! break; @@ -3267,7 +3272,7 @@ int main(int argc, char *argv[]) { #ifdef HAVE_MATH_H if (bf_init(bf_options.arg)) exit(-1); // error description is handled by bf_init - pass_ptr = bf_next(); + pass_ptr = bf_next(hydra_options.rainy); hydra_brains.countpass += bf_get_pcount(); hydra_brains.sizepass += BF_BUFLEN; #else diff --git a/hydra.h b/hydra.h index 0d47f0f..1aa04a2 100644 --- a/hydra.h +++ b/hydra.h @@ -221,6 +221,7 @@ typedef struct { char *service; char bfg; int32_t skip_redo; + _Bool rainy; } hydra_option; #define _HYDRA_H From ab4aa36fd0014930751fe178e2efbbbf100bac24 Mon Sep 17 00:00:00 2001 From: owein Date: Sun, 20 Oct 2019 23:26:44 +0200 Subject: [PATCH 02/24] rolled back head_init for http-post-form, still an issue with the display --- hydra-http-form.c | 12 ++++-------- hydra.c | 8 ++++---- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/hydra-http-form.c b/hydra-http-form.c index 1ac8721..65e54c3 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1261,18 +1261,14 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { ptr++; if (*ptr != 0) *ptr++ = 0; + + cond = ptr; - if ((ptr2 = rindex(ptr, ':')) != NULL) { - cond = ptr2 + 1; - *ptr2 = 0; - } else - cond = ptr; -/* while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) ptr++; if (*ptr != 0) *ptr++ = 0; -*/ + optional1 = ptr; if (strstr(url, "\\:") != NULL) { if ((ptr = malloc(strlen(url))) != NULL) { @@ -1314,7 +1310,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { success_cond = 0; } - //printf("miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); + printf("miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); /* * Parse the user-supplied options. diff --git a/hydra.c b/hydra.c index 6f2b497..7d2decc 100644 --- a/hydra.c +++ b/hydra.c @@ -337,7 +337,6 @@ char *sck = NULL; int32_t prefer_ipv6 = 0, conwait = 0, loop_cnt = 0, fck = 0, options = 0, killed = 0; int32_t child_head_no = -1, child_socket; int32_t total_redo_count = 0; -bool rainy = false; // moved for restore feature int32_t process_restore = 0, dont_unlink; @@ -483,7 +482,6 @@ void help(int32_t ext) { "[service://server[:PORT][/OPT]]\n"); PRINT_NORMAL(ext, "\nOptions:\n"); PRINT_EXTEND(ext, " -R restore a previous aborted/crashed session\n" - " -r in conjonction with -x, use rain algorythm\n" " -I ignore an existing restore file (don't wait 10 seconds)\n" #ifdef LIBOPENSSL " -S perform an SSL connect\n" @@ -495,6 +493,7 @@ void help(int32_t ext) { #ifdef HAVE_MATH_H " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -y disable use of symbols in bruteforce, see above\n" + " -r rainy mode for password generation (-x)\n" #endif " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -u loop around users, not passwords (effective! implied with -x)\n"); @@ -2224,6 +2223,7 @@ int main(int argc, char *argv[]) { hydra_brains.ofp = stdout; hydra_brains.targets = 1; hydra_options.waittime = waittime = WAITTIME; + hydra_options.rainy = 0; bf_options.disable_symbols = 0; // command line processing @@ -2259,7 +2259,7 @@ int main(int argc, char *argv[]) { hydra_restore_read(); break; case 'r': - hydra_options.rainy = true; + hydra_options.rainy = 1; break; case 'I': ignore_restore = 1; // this is not to be saved in hydra_options! @@ -3204,7 +3204,7 @@ int main(int argc, char *argv[]) { hydra_strcasestr(hydra_options.server, ".gmail.") != NULL || hydra_strcasestr(hydra_options.server, "googlemail.") != NULL )) { - fprintf(stderr, "[WARNING] Google Mail and others have bruteforce and hydra detection and sends false positives. You are not doing anything illegal right?!\n"); + fprintf(stderr, "[WARNING] Google Mail and others have bruteforce and hydra detection and sends false positives. You are not doing anything illegal right?! If you really need to bruteforce gmail, connect to pop3s://smtp.gmail.com\n"); fprintf(stderr, "[WARNING] !read the above!\n"); sleep(5); } From 6dfd77a37d04e167a1dafbb2b2f5e21aa7dd31f8 Mon Sep 17 00:00:00 2001 From: owein Date: Mon, 21 Oct 2019 20:11:38 +0200 Subject: [PATCH 03/24] fixed http-post --- bfg.c | 16 +++++++--------- bfg.h | 2 +- hydra-http-form.c | 31 +++++++++---------------------- hydra.c | 7 +++---- 4 files changed, 20 insertions(+), 36 deletions(-) diff --git a/bfg.c b/bfg.c index a19fcfa..2ff9f9f 100644 --- a/bfg.c +++ b/bfg.c @@ -192,12 +192,12 @@ uint64_t bf_get_pcount() { int accu(int value) { - int sum = 0; - for(int i=1; i<=value; ++i) - { - sum+=i; - } - return sum; + int i = 0; + for(int a=1; a<=value; ++a) + { + i+=a; + } + return i; } char *bf_next(_Bool rainy) { @@ -210,7 +210,7 @@ char *bf_next(_Bool rainy) { fprintf(stderr, "Error: Can not allocate memory for -x data!\n"); return NULL; } - + if(rainy) { for (i = 0; i < bf_options.current; i++){ @@ -223,12 +223,10 @@ char *bf_next(_Bool rainy) { bf_options.rain-=accu(bf_options.current)-4; else if(bf_options.crs_len%2) bf_options.rain-=accu(bf_options.current)-1; - } else for (i = 0; i < bf_options.current; i++) bf_options.ptr[i] = bf_options.crs[bf_options.state[i]]; - bf_options.ptr[bf_options.current] = 0; if (debug) { diff --git a/bfg.h b/bfg.h index 132571b..ab2f5e4 100644 --- a/bfg.h +++ b/bfg.h @@ -41,7 +41,7 @@ typedef struct { char *crs; /* internal representation of charset */ char *ptr; /* ptr to the last generated password */ uint32_t disable_symbols; - unsigned long rain; + uint64_t rain; /* accumulator for the rain */ } bf_option; extern bf_option bf_options; diff --git a/hydra-http-form.c b/hydra-http-form.c index 65e54c3..04260a4 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1250,26 +1250,13 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { webport = PORT_HTTP_SSL; sprintf(bufferurl, "%.6096s", miscptr); - url = bufferurl; - ptr = url; - while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) - ptr++; - if (*ptr != 0) - *ptr++ = 0; - variables = ptr; - while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) - ptr++; - if (*ptr != 0) - *ptr++ = 0; + ptr = bufferurl; + url = strtok(ptr, ":"); + variables = strtok(NULL, ":"); + cond = strtok(NULL, ":"); + optional1 = strtok(NULL, "\n"); + if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set "" (don't know the difference...) - cond = ptr; - - while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) - ptr++; - if (*ptr != 0) - *ptr++ = 0; - - optional1 = ptr; if (strstr(url, "\\:") != NULL) { if ((ptr = malloc(strlen(url))) != NULL) { strcpy(ptr, hydra_strrep(url, "\\:", ":")); @@ -1309,9 +1296,9 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { //by default condition is a fail success_cond = 0; } - - printf("miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); - + + fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); + /* * Parse the user-supplied options. * Beware of the backslashes (\)! diff --git a/hydra.c b/hydra.c index 7d2decc..a7fc7bb 100644 --- a/hydra.c +++ b/hydra.c @@ -493,7 +493,6 @@ void help(int32_t ext) { #ifdef HAVE_MATH_H " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -y disable use of symbols in bruteforce, see above\n" - " -r rainy mode for password generation (-x)\n" #endif " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -u loop around users, not passwords (effective! implied with -x)\n"); @@ -556,6 +555,7 @@ void help_bfg() { " 'A' for uppercase letters, '1' for numbers, and for all others,\n" " just add their real representation.\n" " -y disable the use of the above letters as placeholders\n\n" + " -r use 'rain' to explode the linearity of the generation. "Examples:\n" " -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters\n" " -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n" @@ -3053,7 +3053,6 @@ int main(int argc, char *argv[]) { printf("[INFO] Using HTTP Proxy: %s\n", getenv("HYDRA_PROXY_HTTP")); use_proxy = 1; } - if (strstr(hydra_options.miscptr, "\\:") != NULL) { fprintf(stderr, "[INFORMATION] escape sequence \\: detected in module option, no parameter verification is performed.\n"); } else { @@ -3075,7 +3074,7 @@ int main(int argc, char *argv[]) { fprintf(stderr, "[ERROR] Wrong syntax of optional argument: %s\n", optional1); exit(-1); } - switch (optional1[0]) { + switch (optional1[0]){ case 'C': // fall through case 'c': if (optional1[1] != '=' || optional1[2] != '/') { @@ -3204,7 +3203,7 @@ int main(int argc, char *argv[]) { hydra_strcasestr(hydra_options.server, ".gmail.") != NULL || hydra_strcasestr(hydra_options.server, "googlemail.") != NULL )) { - fprintf(stderr, "[WARNING] Google Mail and others have bruteforce and hydra detection and sends false positives. You are not doing anything illegal right?! If you really need to bruteforce gmail, connect to pop3s://smtp.gmail.com\n"); + fprintf(stderr, "[WARNING] Google Mail and others have bruteforce and hydra detection and sends false positives. You are not doing anything illegal right?!\n"); fprintf(stderr, "[WARNING] !read the above!\n"); sleep(5); } From b34655617fee2b4e043211882bac26a8a4529a16 Mon Sep 17 00:00:00 2001 From: owein Date: Mon, 21 Oct 2019 20:37:25 +0200 Subject: [PATCH 04/24] !!! I did not test the escapes in the miscptr !!! --- hydra-http-form.c | 6 +++--- hydra.c | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/hydra-http-form.c b/hydra-http-form.c index 04260a4..e91db03 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1255,8 +1255,8 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { variables = strtok(NULL, ":"); cond = strtok(NULL, ":"); optional1 = strtok(NULL, "\n"); - if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set "" (don't know the difference...) - + if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set to blank + if (strstr(url, "\\:") != NULL) { if ((ptr = malloc(strlen(url))) != NULL) { strcpy(ptr, hydra_strrep(url, "\\:", ":")); @@ -1297,7 +1297,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { success_cond = 0; } - fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); + //fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); /* * Parse the user-supplied options. diff --git a/hydra.c b/hydra.c index a7fc7bb..e4fa4e7 100644 --- a/hydra.c +++ b/hydra.c @@ -493,6 +493,7 @@ void help(int32_t ext) { #ifdef HAVE_MATH_H " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -y disable use of symbols in bruteforce, see above\n" + " -r rainy mode for password generation (-x)\n" #endif " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -u loop around users, not passwords (effective! implied with -x)\n"); From ccd3a99765a92b96ec0d1e3b0117cfdeb40d25b6 Mon Sep 17 00:00:00 2001 From: owein Date: Tue, 19 Nov 2019 16:49:54 +0100 Subject: [PATCH 05/24] rolled back the http-form parameters parsing. help for bfg's rain is in bfg's help now --- hydra-http-form.c | 23 +++++++++++++++++------ hydra.c | 5 ++--- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/hydra-http-form.c b/hydra-http-form.c index e91db03..c6f3a24 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1250,12 +1250,23 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { webport = PORT_HTTP_SSL; sprintf(bufferurl, "%.6096s", miscptr); - ptr = bufferurl; - url = strtok(ptr, ":"); - variables = strtok(NULL, ":"); - cond = strtok(NULL, ":"); - optional1 = strtok(NULL, "\n"); - if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set to blank + url = bufferurl; + ptr = url; + while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) + ptr++; + if (*ptr != 0) + *ptr++ = 0; + variables = ptr; + while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) + ptr++; + if (*ptr != 0) + *ptr++ = 0; + cond = ptr; + while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) + ptr++; + if (*ptr != 0) + *ptr++ = 0; + optional1 = ptr; if (strstr(url, "\\:") != NULL) { if ((ptr = malloc(strlen(url))) != NULL) { diff --git a/hydra.c b/hydra.c index e4fa4e7..6c58f58 100644 --- a/hydra.c +++ b/hydra.c @@ -493,7 +493,6 @@ void help(int32_t ext) { #ifdef HAVE_MATH_H " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -y disable use of symbols in bruteforce, see above\n" - " -r rainy mode for password generation (-x)\n" #endif " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -u loop around users, not passwords (effective! implied with -x)\n"); @@ -555,8 +554,8 @@ void help_bfg() { " valid CHARSET values are: 'a' for lowercase letters,\n" " 'A' for uppercase letters, '1' for numbers, and for all others,\n" " just add their real representation.\n" - " -y disable the use of the above letters as placeholders\n\n" - " -r use 'rain' to explode the linearity of the generation. + " -y disable the use of the above letters as placeholders\n" + " -r use a formula to explode the linearity of the generation, without loss.\n\n" "Examples:\n" " -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters\n" " -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n" From 3742af00bb76fc14c5e53ba6e5c4e832986d4857 Mon Sep 17 00:00:00 2001 From: owein Date: Wed, 9 Sep 2020 18:34:40 +0200 Subject: [PATCH 06/24] rebranded the bruteforce variation method --- Makefile | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- bfg.c | 34 ++++++++++++--------- bfg.h | 4 ++- 3 files changed, 112 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index 372e67e..472a20f 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,93 @@ -all: - @echo Error: you must run "./configure" first +STRIP=strip +XDEFINES= -DLIBOPENSSL -DLIBSSH -DHAVE_ZLIB -DHAVE_MATH_H +XLIBS= -lz -lssl -lssh -lcrypto +XLIBPATHS=-L/usr/lib -L/usr/local/lib -L/lib -L/lib/x86_64-linux-gnu +XIPATHS= +PREFIX=/usr/local +XHYDRA_SUPPORT= +STRIP=strip + +HYDRA_LOGO= +PWI_LOGO= +SEC=-pie -fPIE -fstack-protector-all --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wl,-z,now -Wl,-z,relro + +# +# Makefile for Hydra - (c) 2001-2019 by van Hauser / THC +# +OPTS=-I. -O3 -march=native -flto +# -Wall -g -pedantic +LIBS=-lm +BINDIR = /bin +MANDIR ?= /man/man1/ +DATADIR ?= /etc +DESTDIR ?= + +SRC = hydra-vnc.c hydra-pcnfs.c hydra-rexec.c hydra-nntp.c hydra-socks5.c \ + hydra-telnet.c hydra-cisco.c hydra-http.c hydra-ftp.c hydra-imap.c \ + hydra-pop3.c hydra-smb.c hydra-icq.c hydra-cisco-enable.c hydra-ldap.c \ + hydra-memcached.c hydra-mongodb.c hydra-mysql.c hydra-mssql.c hydra-xmpp.c \ + hydra-http-proxy-urlenum.c hydra-snmp.c hydra-cvs.c hydra-smtp.c \ + hydra-smtp-enum.c hydra-sapr3.c hydra-ssh.c hydra-sshkey.c hydra-teamspeak.c \ + hydra-postgres.c hydra-rsh.c hydra-rlogin.c hydra-oracle-listener.c \ + hydra-svn.c hydra-pcanywhere.c hydra-sip.c hydra-oracle.c hydra-vmauthd.c \ + hydra-asterisk.c hydra-firebird.c hydra-afp.c hydra-ncp.c hydra-rdp.c \ + hydra-oracle-sid.c hydra-http-proxy.c hydra-http-form.c hydra-irc.c \ + hydra-s7-300.c hydra-redis.c hydra-adam6500.c hydra-rtsp.c \ + hydra-rpcap.c hydra-radmin2.c \ + hydra-time.c crc32.c d3des.c bfg.c ntlm.c sasl.c hmacmd5.c hydra-mod.c +OBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \ + hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o \ + hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o \ + hydra-memcached.o hydra-mongodb.o hydra-mysql.o hydra-mssql.o hydra-xmpp.o \ + hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o \ + hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o \ + hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o \ + hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o \ + hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o \ + hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o \ + hydra-redis.o hydra-rdp.o hydra-s7-300.c hydra-adam6500.o hydra-rtsp.o \ + hydra-rpcap.o hydra-radmin2.o \ + crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o hydra-time.o +BINS = hydra pw-inspector + +EXTRA_DIST = README README.arm README.palm CHANGES TODO INSTALL LICENSE \ + hydra-mod.h hydra.h crc32.h d3des.h + +all: pw-inspector hydra $(XHYDRA_SUPPORT) + @echo + @echo Now type "make install" + +hydra: hydra.c $(OBJ) + $(CC) $(OPTS) $(SEC) $(LIBS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o hydra $(HYDRA_LOGO) hydra.c $(OBJ) $(LIBS) $(XLIBS) $(XLIBPATHS) $(XIPATHS) $(XDEFINES) + @echo + @echo If men could get pregnant, abortion would be a sacrament + @echo + +xhydra: + -cd hydra-gtk && sh ./make_xhydra.sh + +pw-inspector: pw-inspector.c + -$(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o pw-inspector $(PWI_LOGO) pw-inspector.c + +.c.o: + $(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) -c $< $(XDEFINES) $(XIPATHS) + +strip: all + strip $(BINS) + -echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null + +install: strip + -mkdir -p $(DESTDIR)$(PREFIX)$(BINDIR) + cp -f hydra-wizard.sh $(BINS) $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 hydra-wizard.sh $(BINS) + -echo OK > /dev/null && test -x xhydra && cp xhydra $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 xhydra || echo OK > /dev/null + -sed -e "s|^INSTALLDIR=.*|INSTALLDIR="$(PREFIX)"|" dpl4hydra.sh | sed -e "s|^LOCATION=.*|LOCATION="$(DATADIR)"|" > $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh + -chmod 755 $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh + -mkdir -p $(DESTDIR)$(PREFIX)$(DATADIR) + -cp -f *.csv $(DESTDIR)$(PREFIX)$(DATADIR) + -mkdir -p $(DESTDIR)$(PREFIX)$(MANDIR) + -cp -f hydra.1 xhydra.1 pw-inspector.1 $(DESTDIR)$(PREFIX)$(MANDIR) clean: + rm -rf xhydra pw-inspector hydra *.o core *.core *.stackdump *~ Makefile.in Makefile dev_rfc hydra.restore arm/*.ipk arm/ipkg/usr/bin/* hydra-gtk/src/*.o hydra-gtk/src/xhydra hydra-gtk/stamp-h hydra-gtk/config.status hydra-gtk/errors hydra-gtk/config.log hydra-gtk/src/.deps hydra-gtk/src/Makefile hydra-gtk/Makefile cp -f Makefile.orig Makefile + diff --git a/bfg.c b/bfg.c index 2ff9f9f..aaa1f73 100644 --- a/bfg.c +++ b/bfg.c @@ -52,12 +52,13 @@ static int32_t add_single_char(char ch, char flags, int32_t* crs_len) { // note that we check for -x .:.:ab but not for -x .:.:ba // int32_t bf_init(char *arg) { - bf_options.rain = 0; + bf_options.rotate = 0; + bf_options.strafe = 0; int32_t i = 0; int32_t crs_len = 0; char flags = 0; char *tmp = strchr(arg, ':'); - + if (!tmp) { fprintf(stderr, "Error: Invalid option format for -x\n"); return 1; @@ -163,10 +164,11 @@ int32_t bf_init(char *arg) { } } } - + bf_options.crs_len = crs_len; bf_options.current = bf_options.from; memset((char *) bf_options.state, 0, sizeof(bf_options.state)); + if (debug) printf("[DEBUG] bfg INIT: from %u, to %u, len: %u, set: %s\n", bf_options.from, bf_options.to, bf_options.crs_len, bf_options.crs); @@ -192,10 +194,10 @@ uint64_t bf_get_pcount() { int accu(int value) { - int i = 0; - for(int a=1; a<=value; ++a) + int i = 0, a; + for(a = 1; a <= value; ++a) { - i+=a; + i += a; } return i; } @@ -213,16 +215,18 @@ char *bf_next(_Bool rainy) { if(rainy) { - for (i = 0; i < bf_options.current; i++){ - bf_options.ptr[i] = bf_options.crs[(bf_options.state[i]+bf_options.rain)%bf_options.crs_len]; - bf_options.rain += i+1; + #if(mpl < 5) + #define strafeValue i + #else + #define strafeValue (strafe[loop]+i-(i%2)*(1-mpl%2)-1+charcount%2)%mpl + #endif + + for(i=0; i Date: Wed, 9 Sep 2020 18:38:07 +0200 Subject: [PATCH 07/24] help menu ok --- hydra.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hydra.c b/hydra.c index 6c58f58..f60a22d 100644 --- a/hydra.c +++ b/hydra.c @@ -555,7 +555,7 @@ void help_bfg() { " 'A' for uppercase letters, '1' for numbers, and for all others,\n" " just add their real representation.\n" " -y disable the use of the above letters as placeholders\n" - " -r use a formula to explode the linearity of the generation, without loss.\n\n" + " -r use a method to delinearize the bruteforce.\n\n" "Examples:\n" " -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters\n" " -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n" From fd8e83d0b1c04da4189a6d2a9f1c00e5206fc64d Mon Sep 17 00:00:00 2001 From: owein Date: Wed, 9 Sep 2020 21:36:30 +0200 Subject: [PATCH 08/24] done --- bfg.c | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/bfg.c b/bfg.c index aaa1f73..d27669e 100644 --- a/bfg.c +++ b/bfg.c @@ -1,5 +1,6 @@ -/* code original by Jan Dlabal , partially rewritten by vh */ +/* code original by Jan Dlabal , partially rewritten by vh, + rainy tweaks by yvain douard*/ #include #include @@ -192,15 +193,6 @@ uint64_t bf_get_pcount() { return foo; } -int accu(int value) -{ - int i = 0, a; - for(a = 1; a <= value; ++a) - { - i += a; - } - return i; -} char *bf_next(_Bool rainy) { int32_t i, pos = bf_options.current - 1; @@ -215,18 +207,22 @@ char *bf_next(_Bool rainy) { if(rainy) { - #if(mpl < 5) - #define strafeValue i - #else - #define strafeValue (strafe[loop]+i-(i%2)*(1-mpl%2)-1+charcount%2)%mpl - #endif - + int strafeValue; for(i=0; i 4) { + if(bf_options.current % 2) + strafeValue = (bf_options.strafe+i)%bf_options.current; + else + strafeValue = strafeValue = (i+bf_options.current/2+3)%bf_options.current; + } + else + strafeValue = i; + bf_options.ptr[i] = bf_options.crs[(bf_options.state[strafeValue] + bf_options.rotate) % bf_options.crs_len]; - bf_options.rotate += i%2+1; + bf_options.rotate += 1; bf_options.strafe += 3; } - bf_options.rotate -= accu(bf_options.current); + bf_options.rotate -= bf_options.current - 2 + bf_options.crs_len % 2; } else for (i = 0; i < bf_options.current; i++) @@ -243,6 +239,8 @@ char *bf_next(_Bool rainy) { while (pos >= 0 && (++bf_options.state[pos]) >= bf_options.crs_len) { bf_options.state[pos] = 0; pos--; + bf_options.strafe = 0; + bf_options.rotate = 0; } if (pos < 0) { From a6a87f11f43c7a5207b451363fe81a5310672d15 Mon Sep 17 00:00:00 2001 From: owein Date: Thu, 10 Sep 2020 10:57:06 +0200 Subject: [PATCH 09/24] fixed rotation broken due to a typo. --- bfg.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/bfg.c b/bfg.c index d27669e..896b307 100644 --- a/bfg.c +++ b/bfg.c @@ -207,22 +207,26 @@ char *bf_next(_Bool rainy) { if(rainy) { - int strafeValue; + int mpldisp = bf_options.current/2+3; + int mplmod2 = bf_options.current % 2; + int strafeIndex; for(i=0; i 4) { - if(bf_options.current % 2) - strafeValue = (bf_options.strafe+i)%bf_options.current; - else - strafeValue = strafeValue = (i+bf_options.current/2+3)%bf_options.current; - } - else - strafeValue = i; - - bf_options.ptr[i] = bf_options.crs[(bf_options.state[strafeValue] + bf_options.rotate) % bf_options.crs_len]; - bf_options.rotate += 1; + if(mplmod2) strafeIndex = (strafe[loop]+i)%bf_options.current; + else strafeIndex = (i+mpldisp)%bf_options.current; + + bf_options.ptr[i] = bf_options.crs[(bf_options.state[strafeIndex] + bf_options.rotate) % bf_options.crs_len]; + bf_options.rotate += i+1; bf_options.strafe += 3; } - bf_options.rotate -= bf_options.current - 2 + bf_options.crs_len % 2; + #define accu(i) \ + do { \ + int j; \ + for(j=1; j<=i; ++j) k += j; \ + } while(0) + + int k = 0; + accu(mpl); + bf_options.rotate[loop] -= k-4; } else for (i = 0; i < bf_options.current; i++) From 2514335bf98510dfc7bef889c84b467958c1c243 Mon Sep 17 00:00:00 2001 From: owein Date: Thu, 10 Sep 2020 12:45:35 +0200 Subject: [PATCH 10/24] clean --- Makefile | 92 ++------------------------------------------------------ 1 file changed, 2 insertions(+), 90 deletions(-) diff --git a/Makefile b/Makefile index 472a20f..372e67e 100644 --- a/Makefile +++ b/Makefile @@ -1,93 +1,5 @@ -STRIP=strip -XDEFINES= -DLIBOPENSSL -DLIBSSH -DHAVE_ZLIB -DHAVE_MATH_H -XLIBS= -lz -lssl -lssh -lcrypto -XLIBPATHS=-L/usr/lib -L/usr/local/lib -L/lib -L/lib/x86_64-linux-gnu -XIPATHS= -PREFIX=/usr/local -XHYDRA_SUPPORT= -STRIP=strip - -HYDRA_LOGO= -PWI_LOGO= -SEC=-pie -fPIE -fstack-protector-all --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wl,-z,now -Wl,-z,relro - -# -# Makefile for Hydra - (c) 2001-2019 by van Hauser / THC -# -OPTS=-I. -O3 -march=native -flto -# -Wall -g -pedantic -LIBS=-lm -BINDIR = /bin -MANDIR ?= /man/man1/ -DATADIR ?= /etc -DESTDIR ?= - -SRC = hydra-vnc.c hydra-pcnfs.c hydra-rexec.c hydra-nntp.c hydra-socks5.c \ - hydra-telnet.c hydra-cisco.c hydra-http.c hydra-ftp.c hydra-imap.c \ - hydra-pop3.c hydra-smb.c hydra-icq.c hydra-cisco-enable.c hydra-ldap.c \ - hydra-memcached.c hydra-mongodb.c hydra-mysql.c hydra-mssql.c hydra-xmpp.c \ - hydra-http-proxy-urlenum.c hydra-snmp.c hydra-cvs.c hydra-smtp.c \ - hydra-smtp-enum.c hydra-sapr3.c hydra-ssh.c hydra-sshkey.c hydra-teamspeak.c \ - hydra-postgres.c hydra-rsh.c hydra-rlogin.c hydra-oracle-listener.c \ - hydra-svn.c hydra-pcanywhere.c hydra-sip.c hydra-oracle.c hydra-vmauthd.c \ - hydra-asterisk.c hydra-firebird.c hydra-afp.c hydra-ncp.c hydra-rdp.c \ - hydra-oracle-sid.c hydra-http-proxy.c hydra-http-form.c hydra-irc.c \ - hydra-s7-300.c hydra-redis.c hydra-adam6500.c hydra-rtsp.c \ - hydra-rpcap.c hydra-radmin2.c \ - hydra-time.c crc32.c d3des.c bfg.c ntlm.c sasl.c hmacmd5.c hydra-mod.c -OBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \ - hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o \ - hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o \ - hydra-memcached.o hydra-mongodb.o hydra-mysql.o hydra-mssql.o hydra-xmpp.o \ - hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o \ - hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o \ - hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o \ - hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o \ - hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o \ - hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o \ - hydra-redis.o hydra-rdp.o hydra-s7-300.c hydra-adam6500.o hydra-rtsp.o \ - hydra-rpcap.o hydra-radmin2.o \ - crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o hydra-time.o -BINS = hydra pw-inspector - -EXTRA_DIST = README README.arm README.palm CHANGES TODO INSTALL LICENSE \ - hydra-mod.h hydra.h crc32.h d3des.h - -all: pw-inspector hydra $(XHYDRA_SUPPORT) - @echo - @echo Now type "make install" - -hydra: hydra.c $(OBJ) - $(CC) $(OPTS) $(SEC) $(LIBS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o hydra $(HYDRA_LOGO) hydra.c $(OBJ) $(LIBS) $(XLIBS) $(XLIBPATHS) $(XIPATHS) $(XDEFINES) - @echo - @echo If men could get pregnant, abortion would be a sacrament - @echo - -xhydra: - -cd hydra-gtk && sh ./make_xhydra.sh - -pw-inspector: pw-inspector.c - -$(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o pw-inspector $(PWI_LOGO) pw-inspector.c - -.c.o: - $(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) -c $< $(XDEFINES) $(XIPATHS) - -strip: all - strip $(BINS) - -echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null - -install: strip - -mkdir -p $(DESTDIR)$(PREFIX)$(BINDIR) - cp -f hydra-wizard.sh $(BINS) $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 hydra-wizard.sh $(BINS) - -echo OK > /dev/null && test -x xhydra && cp xhydra $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 xhydra || echo OK > /dev/null - -sed -e "s|^INSTALLDIR=.*|INSTALLDIR="$(PREFIX)"|" dpl4hydra.sh | sed -e "s|^LOCATION=.*|LOCATION="$(DATADIR)"|" > $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh - -chmod 755 $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh - -mkdir -p $(DESTDIR)$(PREFIX)$(DATADIR) - -cp -f *.csv $(DESTDIR)$(PREFIX)$(DATADIR) - -mkdir -p $(DESTDIR)$(PREFIX)$(MANDIR) - -cp -f hydra.1 xhydra.1 pw-inspector.1 $(DESTDIR)$(PREFIX)$(MANDIR) +all: + @echo Error: you must run "./configure" first clean: - rm -rf xhydra pw-inspector hydra *.o core *.core *.stackdump *~ Makefile.in Makefile dev_rfc hydra.restore arm/*.ipk arm/ipkg/usr/bin/* hydra-gtk/src/*.o hydra-gtk/src/xhydra hydra-gtk/stamp-h hydra-gtk/config.status hydra-gtk/errors hydra-gtk/config.log hydra-gtk/src/.deps hydra-gtk/src/Makefile hydra-gtk/Makefile cp -f Makefile.orig Makefile - From 14ee7f2c830061b4d8307a2b39fcd018e2a031a4 Mon Sep 17 00:00:00 2001 From: owein Date: Thu, 10 Sep 2020 13:02:46 +0200 Subject: [PATCH 11/24] typos again, too much copies and pastes... --- bfg.c | 6 +++--- hydra.h | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/bfg.c b/bfg.c index cb0bc05..5e638c3 100644 --- a/bfg.c +++ b/bfg.c @@ -228,7 +228,7 @@ char *bf_next(_Bool rainy) { int mplmod2 = bf_options.current % 2; int strafeIndex; for(i=0; i Date: Fri, 11 Sep 2020 11:59:20 +0200 Subject: [PATCH 12/24] fixed min length --- bfg.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/bfg.c b/bfg.c index 5e638c3..a3a6d68 100644 --- a/bfg.c +++ b/bfg.c @@ -224,16 +224,19 @@ char *bf_next(_Bool rainy) { if(rainy) { - int mpldisp = bf_options.current/2+3; - int mplmod2 = bf_options.current % 2; - int strafeIndex; - for(i=0; i 3) { + for(i=0; i Date: Tue, 29 Sep 2020 21:01:13 +0200 Subject: [PATCH 13/24] update efficient rain option --- bfg.c | 44 +++++++++++++++----------------------------- bfg.h | 3 --- 2 files changed, 15 insertions(+), 32 deletions(-) diff --git a/bfg.c b/bfg.c index a3a6d68..a06a93a 100644 --- a/bfg.c +++ b/bfg.c @@ -60,7 +60,6 @@ static int32_t add_single_char(char ch, char flags, int32_t *crs_len) { // int32_t bf_init(char *arg) { bf_options.rotate = 0; - bf_options.strafe = 0; int32_t i = 0; int32_t crs_len = 0; @@ -224,34 +223,16 @@ char *bf_next(_Bool rainy) { if(rainy) { - //only strafe the index above length 3 - if(bf_options.current > 3) { - for(i=0; i= 0 && (++bf_options.state[bf_options.current-1-pos]) >= bf_options.crs_len) { + bf_options.state[bf_options.current-1-pos] = 0; + pos--; + } + else while (pos >= 0 && (++bf_options.state[pos]) >= bf_options.crs_len) { bf_options.state[pos] = 0; pos--; - bf_options.strafe = 0; - bf_options.rotate = 0; } if (pos < 0) { diff --git a/bfg.h b/bfg.h index 38bbbc2..3ff0710 100644 --- a/bfg.h +++ b/bfg.h @@ -43,10 +43,7 @@ typedef struct { char *crs; /* internal representation of charset */ char *ptr; /* ptr to the last generated password */ uint32_t disable_symbols; - uint64_t rotate; - uint64_t strafe; - } bf_option; extern bf_option bf_options; From 490bd3e7cd38c637972331f2c6f512d7a6f86162 Mon Sep 17 00:00:00 2001 From: owein D Date: Wed, 30 Sep 2020 10:19:10 +0200 Subject: [PATCH 14/24] avoid negative values for the rotation variable --- bfg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bfg.c b/bfg.c index a06a93a..2677b47 100644 --- a/bfg.c +++ b/bfg.c @@ -230,7 +230,7 @@ char *bf_next(_Bool rainy) { bf_options.rotate += i+3; } //we don't subtract the same depending on wether the length is odd or even - for(i=1+bf_options.current%2; i<=bf_options.current; ++i) + for(i=1+bf_options.current%2; i Date: Mon, 5 Oct 2020 14:37:04 +0200 Subject: [PATCH 15/24] working algo after a change --- bfg.c | 48 ++++++++++++++++++++++++++++-------------------- bfg.h | 1 + 2 files changed, 29 insertions(+), 20 deletions(-) diff --git a/bfg.c b/bfg.c index 2677b47..6f9fdc4 100644 --- a/bfg.c +++ b/bfg.c @@ -59,8 +59,6 @@ static int32_t add_single_char(char ch, char flags, int32_t *crs_len) { // note that we check for -x .:.:ab but not for -x .:.:ba // int32_t bf_init(char *arg) { - bf_options.rotate = 0; - int32_t i = 0; int32_t crs_len = 0; char flags = 0; @@ -176,7 +174,9 @@ int32_t bf_init(char *arg) { bf_options.crs_len = crs_len; bf_options.current = bf_options.from; - + bf_options.strafe = 0; + bf_options.rotate = 0; + memset((char *) bf_options.state, 0, sizeof(bf_options.state)); if (debug) @@ -202,14 +202,6 @@ uint64_t bf_get_pcount() { return foo; } -int accu(int value) { - int i = 0, a; - for (a = 1; a <= value; ++a) { - i += a; - } - return i; -} - char *bf_next(_Bool rainy) { int32_t i, pos = bf_options.current - 1; @@ -223,16 +215,30 @@ char *bf_next(_Bool rainy) { if(rainy) { - //the first character cannot be taken into account - bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; - for(i=1; i 2) { + if(bf_options.current % 2) { + bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; + bf_options.ptr[1] = bf_options.crs[bf_options.state[1]]; + bf_options.ptr[2] = bf_options.crs[bf_options.state[2]]; + + for(i=3; i Date: Mon, 5 Oct 2020 14:45:07 +0200 Subject: [PATCH 16/24] if current < 4 --- bfg.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/bfg.c b/bfg.c index 6f9fdc4..c4838c4 100644 --- a/bfg.c +++ b/bfg.c @@ -215,7 +215,7 @@ char *bf_next(_Bool rainy) { if(rainy) { - if(bf_options.current > 2) { + if(bf_options.current > 3) { if(bf_options.current % 2) { bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; bf_options.ptr[1] = bf_options.crs[bf_options.state[1]]; @@ -226,17 +226,20 @@ char *bf_next(_Bool rainy) { bf_options.rotate ++; } } - } - else { - if(bf_options.current % 2) { - bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; - bf_options.ptr[1] = bf_options.crs[bf_options.state[1]]; - for(i=2; i Date: Thu, 8 Oct 2020 04:10:54 +0200 Subject: [PATCH 17/24] implement rain --- bfg.c | 44 ++++++++++++++------------------------------ bfg.h | 4 ++-- hydra.c | 5 +++-- 3 files changed, 19 insertions(+), 34 deletions(-) diff --git a/bfg.c b/bfg.c index c4838c4..a2bb1f5 100644 --- a/bfg.c +++ b/bfg.c @@ -174,8 +174,8 @@ int32_t bf_init(char *arg) { bf_options.crs_len = crs_len; bf_options.current = bf_options.from; - bf_options.strafe = 0; - bf_options.rotate = 0; + bf_options.rain = 0; + bf_options.gcounter = 0; memset((char *) bf_options.state, 0, sizeof(bf_options.state)); @@ -215,33 +215,18 @@ char *bf_next(_Bool rainy) { if(rainy) { - if(bf_options.current > 3) { - if(bf_options.current % 2) { - bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; - bf_options.ptr[1] = bf_options.crs[bf_options.state[1]]; - bf_options.ptr[2] = bf_options.crs[bf_options.state[2]]; - - for(i=3; i Date: Sat, 10 Oct 2020 18:52:04 +0200 Subject: [PATCH 18/24] slight modif that fixes all --- bfg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bfg.c b/bfg.c index a2bb1f5..ee70dfa 100644 --- a/bfg.c +++ b/bfg.c @@ -218,7 +218,7 @@ char *bf_next(_Bool rainy) { bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; for(i=2; i Date: Sat, 10 Oct 2020 19:49:02 +0200 Subject: [PATCH 19/24] this should be the last commit --- bfg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bfg.c b/bfg.c index ee70dfa..dcab78a 100644 --- a/bfg.c +++ b/bfg.c @@ -218,7 +218,7 @@ char *bf_next(_Bool rainy) { bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; for(i=2; i Date: Thu, 22 Oct 2020 02:35:46 +0200 Subject: [PATCH 20/24] see https://github.com/e2002e/zhou --- bfg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bfg.c b/bfg.c index dcab78a..b146bd4 100644 --- a/bfg.c +++ b/bfg.c @@ -218,10 +218,10 @@ char *bf_next(_Bool rainy) { bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; for(i=2; i Date: Mon, 9 Nov 2020 19:25:26 +0100 Subject: [PATCH 21/24] up to last fix --- bfg.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/bfg.c b/bfg.c index b146bd4..8a6428a 100644 --- a/bfg.c +++ b/bfg.c @@ -215,13 +215,13 @@ char *bf_next(_Bool rainy) { if(rainy) { - bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; - for(i=2; i Date: Mon, 9 Nov 2020 19:41:00 +0100 Subject: [PATCH 22/24] lqst commit --- bfg.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/bfg.c b/bfg.c index 8a6428a..bdb221c 100644 --- a/bfg.c +++ b/bfg.c @@ -237,10 +237,12 @@ char *bf_next(_Bool rainy) { } //we revert the ordering of the bruteforce to fix the first static character - if(rainy) - while (pos >= 0 && (++bf_options.state[bf_options.current-1-pos]) >= bf_options.crs_len) { - bf_options.state[bf_options.current-1-pos] = 0; - pos--; + if(rainy) { + pos = 0; + while (pos < bf_options.current && (++bf_options.state[pos]) >= bf_options.crs_len) { + bf_options.state[pos] = 0; + pos++; + } } else while (pos >= 0 && (++bf_options.state[pos]) >= bf_options.crs_len) { @@ -248,7 +250,7 @@ char *bf_next(_Bool rainy) { pos--; } - if (pos < 0) { + if (pos < 0 || pos >= bf_options.current) { bf_options.current++; bf_options.rain = 0; memset((char *)bf_options.state, 0, sizeof(bf_options.state)); From 78b3358862da15587bc8c2d75caa4a3030d8bb26 Mon Sep 17 00:00:00 2001 From: owein Date: Thu, 12 Nov 2020 17:06:53 +0100 Subject: [PATCH 23/24] profound mangling --- bfg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bfg.c b/bfg.c index bdb221c..80e7392 100644 --- a/bfg.c +++ b/bfg.c @@ -219,9 +219,9 @@ char *bf_next(_Bool rainy) { bf_options.ptr[0] = bf_options.crs[bf_options.state[0]]; for(i=1; i Date: Sat, 14 Nov 2020 14:20:00 +0100 Subject: [PATCH 24/24] uptodate with rainycrack --- bfg.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/bfg.c b/bfg.c index 80e7392..912b61c 100644 --- a/bfg.c +++ b/bfg.c @@ -202,6 +202,14 @@ uint64_t bf_get_pcount() { return foo; } + +int accu(int x) { + int a = 0, b; + for(b=1; b