github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-07-05 20:41:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

code indent

Browse source
This commit is contained in:
van Hauser 2020-02-01 11:47:13 +01:00
parent 531ee7734b
commit 720bdb3f96
83 changed files with 6377 additions and 6240 deletions
Download patch file Download diff file Expand all files Collapse all files

109
hydra-mysql.c
View file

@ -1,19 +1,16 @@
/* mysql 3.2x.x to 4.x support - by mcbethh (at) u-n-f (dot) com */
/* david (dot) maciejak (at) gmail (dot) com for using libmysqlclient-dev, adding support for mysql version 5.x */
/* david (dot) maciejak (at) gmail (dot) com for using libmysqlclient-dev,
* adding support for mysql version 5.x */
#include "hydra-mod.h"
#ifndef HAVE_MATH_H
#include <stdio.h>
void dummy_mysql() {
printf("\n");
}
void dummy_mysql() { printf("\n"); }
void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname) {
printf("\n");
}
void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { printf("\n"); }
#else
#include <math.h>
@ -41,7 +38,8 @@ extern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);
extern char *HYDRA_EXIT;
char mysqlsalt[9];
/* modified hydra_receive_line, I've striped code which changed every 0x00 to 0x20 */
/* modified hydra_receive_line, I've striped code which changed every 0x00 to
* 0x20 */
char *hydra_mysql_receive_line(int32_t socket) {
char buf[300], *buff, *buff2;
int32_t i = 0, j = 0, buff_size = 300;
@ -51,7 +49,7 @@ char *hydra_mysql_receive_line(int32_t socket) {
return NULL;
memset(buff, 0, sizeof(buf));
i = hydra_data_ready_timed(socket, (long) waittime, 0);
i = hydra_data_ready_timed(socket, (long)waittime, 0);
if (i > 0) {
if ((i = internal__hydra_recv(socket, buff, sizeof(buf))) < 0) {
free(buff);
@ -98,7 +96,7 @@ char hydra_mysql_init(int32_t sock) {
protocol = buf[4];
if (protocol == 0xff) {
pos = &buf[6];
// *(strchr(pos, '.')) = '\0';
// *(strchr(pos, '.')) = '\0';
hydra_report(stderr, "[ERROR] %s\n", pos);
free(buf);
return 2;
@ -108,7 +106,10 @@ char hydra_mysql_init(int32_t sock) {
return 2;
}
if (protocol > 10) {
fprintf(stderr, "[INFO] This is protocol version %d, only v10 is supported, not sure if it will work\n", protocol);
fprintf(stderr,
"[INFO] This is protocol version %d, only v10 is supported, not "
"sure if it will work\n",
protocol);
}
server_version = &buf[5];
pos = buf + strlen(server_version) + 10;
@ -116,7 +117,8 @@ char hydra_mysql_init(int32_t sock) {
if (!strstr(server_version, "3.") && !strstr(server_version, "4.") && strstr(server_version, "5.")) {
#ifndef LIBMYSQLCLIENT
hydra_report(stderr, "[ERROR] Not an MySQL protocol or unsupported version,\ncheck configure to see if libmysql is found\n");
hydra_report(stderr, "[ERROR] Not an MySQL protocol or unsupported version,\ncheck "
"configure to see if libmysql is found\n");
#endif
free(buf);
return 2;
@ -130,35 +132,32 @@ char hydra_mysql_init(int32_t sock) {
char *hydra_mysql_prepare_auth(char *login, char *pass) {
unsigned char *response;
unsigned long login_len = strlen(login) > 32 ? 32 : strlen(login);
unsigned long response_len = 4 /* header */ +
2 /* client flags */ +
3 /* max packet len */ +
login_len + 1 + 8 /* scrambled password len */ ;
unsigned long response_len = 4 /* header */ + 2 /* client flags */ + 3 /* max packet len */ + login_len + 1 + 8 /* scrambled password len */;
response = (unsigned char *) malloc(response_len + 4);
response = (unsigned char *)malloc(response_len + 4);
if (response == NULL) {
fprintf(stderr, "[ERROR] could not allocate memory\n");
return NULL;
}
memset(response, 0, response_len + 4);
*((unsigned long *) response) = response_len - 4;
response[3] = 0x01; /* packet number */
*((unsigned long *)response) = response_len - 4;
response[3] = 0x01; /* packet number */
response[4] = 0x85;
response[5] = 0x24; /* client flags */
response[6] = response[7] = response[8] = 0x00; /* max packet */
memcpy(&response[9], login, login_len); /* login */
response[9 + login_len] = '\0'; /* null terminate login */
hydra_scramble((char *) &response[9 + login_len + 1], mysqlsalt, pass);
response[5] = 0x24; /* client flags */
response[6] = response[7] = response[8] = 0x00; /* max packet */
memcpy(&response[9], login, login_len); /* login */
response[9 + login_len] = '\0'; /* null terminate login */
hydra_scramble((char *)&response[9 + login_len + 1], mysqlsalt, pass);
return (char *) response;
return (char *)response;
}
/* returns 0 if authentication succeed */
/* and 1 if failed */
char hydra_mysql_parse_response(unsigned char *response) {
unsigned long response_len = *((unsigned long *) response) & 0xffffff;
unsigned long response_len = *((unsigned long *)response) & 0xffffff;
if (response_len < 4)
return 0;
@ -170,13 +169,13 @@ char hydra_mysql_parse_response(unsigned char *response) {
}
char hydra_mysql_send_com_quit(int32_t sock) {
char com_quit_packet[5] = { 0x01, 0x00, 0x00, 0x00, 0x01 };
char com_quit_packet[5] = {0x01, 0x00, 0x00, 0x00, 0x01};
hydra_send(sock, com_quit_packet, 5, 0);
return 0;
}
int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp) {
int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {
char *response = NULL, *login = NULL, *pass = NULL;
unsigned long response_len;
char res = 0;
@ -221,7 +220,8 @@ int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options,
}
if (my_errno == 1251) {
hydra_report(stderr, "[ERROR] Client does not support authentication protocol requested by server\n");
hydra_report(stderr, "[ERROR] Client does not support authentication "
"protocol requested by server\n");
}
/*
@ -235,8 +235,8 @@ int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options,
*/
//if the error is more critical, we just try to reconnect
//to the db later with the mysql_init
// if the error is more critical, we just try to reconnect
// to the db later with the mysql_init
if ((my_errno != 1044) && (my_errno != 1045)) {
mysql_close(mysql);
mysql = NULL;
@ -264,7 +264,7 @@ int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options,
response = hydra_mysql_prepare_auth(login, pass);
if (response == NULL)
return 3;
response_len = *((unsigned long *) response) & 0xffffff;
response_len = *((unsigned long *)response) & 0xffffff;
/* send client auth packet */
/* dunny why, mysql IO code had problem reading my response. */
@ -280,7 +280,7 @@ int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options,
/* read authentication response */
if ((response = hydra_mysql_receive_line(sock)) == NULL)
return 1;
res = hydra_mysql_parse_response((unsigned char *) response);
res = hydra_mysql_parse_response((unsigned char *)response);
if (!res) {
hydra_mysql_send_com_quit(sock);
@ -302,7 +302,7 @@ int32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options,
return 1;
}
void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname) {
void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {
int32_t run = 1, next_run = 1, sock = -1;
int32_t myport = PORT_MYSQL;
@ -311,12 +311,12 @@ void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, F
return;
while (1) {
switch (run) {
case 1: /* connect and service init function */
case 1: /* connect and service init function */
if (sock >= 0) {
hydra_mysql_send_com_quit(sock);
sock = hydra_disconnect(sock);
}
// usleepn(300);
// usleepn(300);
if ((options & OPTION_SSL) == 0) {
if (port != 0)
myport = port;
@ -324,15 +324,16 @@ void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, F
port = myport;
}
if (sock < 0) {
if (quiet != 1) fprintf(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int32_t) getpid());
if (quiet != 1)
fprintf(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int32_t)getpid());
hydra_child_exit(1);
}
next_run = 2;
break;
case 2: /* run the cracking function */
case 2: /* run the cracking function */
next_run = start_mysql(sock, ip, port, options, miscptr, fp);
break;
case 3: /* clean exit */
case 3: /* clean exit */
if (sock >= 0) {
hydra_mysql_send_com_quit(sock);
sock = hydra_disconnect(sock);
@ -349,8 +350,6 @@ void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, F
#ifndef LIBMYSQLCLIENT
#endif
/************************************************************************/
@ -367,9 +366,9 @@ struct hydra_rand_struct {
double max_value_dbl;
};
void hydra_randominit(struct hydra_rand_struct *rand_st, unsigned long seed1, unsigned long seed2) { /* For mysql 3.21.# */
void hydra_randominit(struct hydra_rand_struct *rand_st, unsigned long seed1, unsigned long seed2) { /* For mysql 3.21.# */
rand_st->max_value = 0x3FFFFFFFL;
rand_st->max_value_dbl = (double) rand_st->max_value;
rand_st->max_value_dbl = (double)rand_st->max_value;
rand_st->seed1 = seed1 % rand_st->max_value;
rand_st->seed2 = seed2 % rand_st->max_value;
}
@ -377,7 +376,7 @@ void hydra_randominit(struct hydra_rand_struct *rand_st, unsigned long seed1, un
double hydra_rnd(struct hydra_rand_struct *rand_st) {
rand_st->seed1 = (rand_st->seed1 * 3 + rand_st->seed2) % rand_st->max_value;
rand_st->seed2 = (rand_st->seed1 + rand_st->seed2 + 33) % rand_st->max_value;
return (((double) rand_st->seed1) / rand_st->max_value_dbl);
return (((double)rand_st->seed1) / rand_st->max_value_dbl);
}
void hydra_hash_password(unsigned long *result, const char *password) {
register unsigned long nr = 1345345333L, add = 7, nr2 = 0x12345671L;
@ -385,14 +384,15 @@ void hydra_hash_password(unsigned long *result, const char *password) {
for (; *password; password++) {
if (*password == ' ' || *password == '\t')
continue; /* skipp space in password */
tmp = (unsigned long) (unsigned char) *password;
continue; /* skipp space in password */
tmp = (unsigned long)(unsigned char)*password;
nr ^= (((nr & 63) + add) * tmp) + (nr << 8);
nr2 += (nr2 << 8) ^ nr;
add += tmp;
}
result[0] = nr & (((unsigned long) 1L << 31) - 1L); /* Don't use sign bit (str2int) */ ;
result[1] = nr2 & (((unsigned long) 1L << 31) - 1L);
result[0] = nr & (((unsigned long)1L << 31) - 1L); /* Don't use sign bit (str2int) */
;
result[1] = nr2 & (((unsigned long)1L << 31) - 1L);
return;
}
@ -408,8 +408,8 @@ char *hydra_scramble(char *to, const char *message, const char *password) {
hydra_hash_password(hash_message, message);
hydra_randominit(&rand_st, hash_pass[0] ^ hash_message[0], hash_pass[1] ^ hash_message[1]);
while (*message++)
*to++ = (char) (floor(hydra_rnd(&rand_st) * 31) + 64);
extra = (char) (floor(hydra_rnd(&rand_st) * 31));
*to++ = (char)(floor(hydra_rnd(&rand_st) * 31) + 64);
extra = (char)(floor(hydra_rnd(&rand_st) * 31));
while (to_start != to)
*(to_start++) ^= extra;
}
@ -418,13 +418,13 @@ char *hydra_scramble(char *to, const char *message, const char *password) {
}
#endif
int32_t service_mysql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname) {
int32_t service_mysql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {
// called before the childrens are forked off, so this is the function
// which should be filled if initial connections and service setup has to be
// performed once only.
//
// fill if needed.
//
//
// return codes:
// 0 all OK
// -1 error, hydra will exit, so print a good error message here
@ -432,6 +432,7 @@ int32_t service_mysql_init(char *ip, int32_t sp, unsigned char options, char *mi
return 0;
}
void usage_mysql(const char* service) {
printf("Module mysql is optionally taking the database to attack, default is \"mysql\"\n\n");
void usage_mysql(const char *service) {
printf("Module mysql is optionally taking the database to attack, default is "
"\"mysql\"\n\n");
}