github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-07-05 20:41:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

-M port fix; and always print the specified target name when found

Browse source
This commit is contained in:
van Hauser 2014-11-30 18:16:15 +01:00
parent 4cc2dcebc2
commit 748ee9c422
4 changed files with 55 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -2,7 +2,9 @@ Changelog for hydra
-------------------
Release 8.1-pre
* Found login:password combinations are now printed with the name specified (hostname or IP), not always IP
* Fixed the -M option, works now with many many targets :-)
* -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port"
* David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best!
* Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks!
* Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting)

3
TODO
View file

@ -1,6 +1,5 @@
Prio 1:
* print hostnames if present, not IP
* hydra-smb more than 1 connection?
* add help hints?
* test teamspeak, icq
@ -23,7 +22,7 @@ Prio 2:
Prio 3:
* Specify user-agent for http-form module as extra optional option
* ipv6 support for sip
* IPv6 support for sip
* add RIP, OSPF, BGP, PIM
* add diameter support
* round robin proxy support ?

9
hydra-mod.c
View file

@ -662,6 +662,7 @@ void hydra_report_debug(FILE * st, char *format, ...) {
}
void hydra_report_found(int port, char *svc, FILE * fp) {
/*
if (!strcmp(svc, "rsh"))
if (colored_output)
fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] login: \e[32m%s\e[0m\n", port, svc, hydra_get_next_login());
@ -680,10 +681,12 @@ void hydra_report_found(int port, char *svc, FILE * fp) {
}
fflush(fp);
*/
}
/* needed for irc module to display the general server password */
void hydra_report_pass_found(int port, char *ip, char *svc, FILE * fp) {
/*
strcpy(ipaddr_str, hydra_address2string(ip));
if (colored_output)
fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] host: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", port, svc, ipaddr_str, hydra_get_next_password());
@ -692,10 +695,11 @@ void hydra_report_pass_found(int port, char *ip, char *svc, FILE * fp) {
if (stdout != fp)
printf("[%d][%s] host: %s password: %s\n", port, svc, ipaddr_str, hydra_get_next_password());
fflush(fp);
*/
}
void hydra_report_found_host(int port, char *ip, char *svc, FILE * fp) {
char *keyw = "password";
/* char *keyw = "password";
strcpy(ipaddr_str, hydra_address2string(ip));
if (!strcmp(svc, "smtp-enum"))
@ -732,9 +736,11 @@ void hydra_report_found_host(int port, char *ip, char *svc, FILE * fp) {
}
fflush(fp);
fflush(stdout);
*/
}
void hydra_report_found_host_msg(int port, char *ip, char *svc, FILE * fp, char *msg) {
/*
strcpy(ipaddr_str, hydra_address2string(ip));
if (colored_output)
fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m password: \e[32m%s\e[0m [%s]\n", port, svc, ipaddr_str, hydra_get_next_login(),
@ -744,6 +750,7 @@ void hydra_report_found_host_msg(int port, char *ip, char *svc, FILE * fp, char
if (stdout != fp)
printf("[%d][%s] host: %s login: %s password: %s\n", port, svc, ipaddr_str, hydra_get_next_login(), hydra_get_next_password());
fflush(fp);
*/
}
int hydra_connect_to_ssl(int socket) {

47
hydra.c
View file

@ -2240,7 +2240,7 @@ int main(int argc, char *argv[]) {
break;
case 'o':
hydra_options.outfile_ptr = optarg;
colored_output = 0;
// colored_output = 0;
break;
case 'M':
hydra_options.infile_ptr = optarg;
@ -3153,9 +3153,18 @@ int main(int argc, char *argv[]) {
for (i = 0; i < countinfile; i++) {
hydra_targets[i] = malloc(sizeof(hydra_target));
memset(hydra_targets[i], 0, sizeof(hydra_target));
hydra_targets[i]->target = tmpptr;
if (*tmpptr == '[') {
tmpptr++;
hydra_targets[i]->target = tmpptr;
if ((tmpptr2 = index(tmpptr, ']')) != NULL) {
*tmpptr2++ = 0;
tmpptr = tmpptr2;
}
} else
hydra_targets[i]->target = tmpptr;
if ((tmpptr2 = index(hydra_targets[i]->target, ':')) != NULL) {
*tmpptr2++ = 0;
tmpptr = tmpptr2;
hydra_targets[i]->port = atoi(tmpptr2);
if (hydra_targets[i]->port < 1 || hydra_targets[i]->port > 65535)
hydra_targets[i]->port = 0;
@ -3394,7 +3403,7 @@ int main(int argc, char *argv[]) {
perror("[ERROR] Error creating outputfile");
exit(-1);
}
fprintf(hydra_brains.ofp, "# %s %s run at %s on %s %s (%s ", PROGRAM, VERSION, hydra_build_time(),
fprintf(hydra_brains.ofp, "# %s %s run at %s on %s %s (%s", PROGRAM, VERSION, hydra_build_time(),
hydra_options.server == NULL ? hydra_options.infile_ptr : hydra_options.server, hydra_options.service, prg);
for (i = 1; i < argc; i++)
fprintf(hydra_brains.ofp, " %s", argv[i]);
@ -3588,6 +3597,38 @@ int main(int argc, char *argv[]) {
case 'F': // valid password found
hydra_brains.found++;
if (colored_output) {
if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {
if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)
printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);
else
printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);
} else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {
printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);
} else
printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);
} else {
if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {
if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)
printf("[%d][%s] host: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);
else
printf("[%d][%s] host: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);
} else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {
printf("[%d][%s] host: %s login: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);
} else
printf("[%d][%s] host: %s login: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);
}
if (hydra_options.outfile_ptr != NULL && hydra_brains.ofp != NULL) {
if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {
if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)
fprintf(hydra_brains.ofp, "[%d][%s] host: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);
else
fprintf(hydra_brains.ofp, "[%d][%s] host: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);
} else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {
fprintf(hydra_brains.ofp, "[%d][%s] host: %s login: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);
} else
fprintf(hydra_brains.ofp, "[%d][%s] host: %s login: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);
}
if (hydra_options.exit_found) { // option set says quit target after on valid login/pass pair is found
if (hydra_targets[hydra_heads[head_no]->target_no]->done == 0) {
hydra_targets[hydra_heads[head_no]->target_no]->done = 1; // mark target as done