diff --git a/CHANGES b/CHANGES index 4ce7214..100d00a 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,9 @@ Changelog for hydra ------------------- Release 8.1-pre +* Found login:password combinations are now printed with the name specified (hostname or IP), not always IP * Fixed the -M option, works now with many many targets :-) +* -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port" * David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best! * Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks! * Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting) diff --git a/TODO b/TODO index c0a84ab..6315c26 100644 --- a/TODO +++ b/TODO @@ -1,6 +1,5 @@ Prio 1: -* print hostnames if present, not IP * hydra-smb more than 1 connection? * add help hints? * test teamspeak, icq @@ -23,7 +22,7 @@ Prio 2: Prio 3: * Specify user-agent for http-form module as extra optional option -* ipv6 support for sip +* IPv6 support for sip * add RIP, OSPF, BGP, PIM * add diameter support * round robin proxy support ? diff --git a/hydra-mod.c b/hydra-mod.c index ec5a983..44eba85 100644 --- a/hydra-mod.c +++ b/hydra-mod.c @@ -662,6 +662,7 @@ void hydra_report_debug(FILE * st, char *format, ...) { } void hydra_report_found(int port, char *svc, FILE * fp) { +/* if (!strcmp(svc, "rsh")) if (colored_output) fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] login: \e[32m%s\e[0m\n", port, svc, hydra_get_next_login()); @@ -680,10 +681,12 @@ void hydra_report_found(int port, char *svc, FILE * fp) { } fflush(fp); +*/ } /* needed for irc module to display the general server password */ void hydra_report_pass_found(int port, char *ip, char *svc, FILE * fp) { +/* strcpy(ipaddr_str, hydra_address2string(ip)); if (colored_output) fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] host: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", port, svc, ipaddr_str, hydra_get_next_password()); @@ -692,10 +695,11 @@ void hydra_report_pass_found(int port, char *ip, char *svc, FILE * fp) { if (stdout != fp) printf("[%d][%s] host: %s password: %s\n", port, svc, ipaddr_str, hydra_get_next_password()); fflush(fp); +*/ } void hydra_report_found_host(int port, char *ip, char *svc, FILE * fp) { - char *keyw = "password"; +/* char *keyw = "password"; strcpy(ipaddr_str, hydra_address2string(ip)); if (!strcmp(svc, "smtp-enum")) @@ -732,9 +736,11 @@ void hydra_report_found_host(int port, char *ip, char *svc, FILE * fp) { } fflush(fp); fflush(stdout); +*/ } void hydra_report_found_host_msg(int port, char *ip, char *svc, FILE * fp, char *msg) { +/* strcpy(ipaddr_str, hydra_address2string(ip)); if (colored_output) fprintf(fp, "[\e[31m%d\e[0m][\e[31m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m password: \e[32m%s\e[0m [%s]\n", port, svc, ipaddr_str, hydra_get_next_login(), @@ -744,6 +750,7 @@ void hydra_report_found_host_msg(int port, char *ip, char *svc, FILE * fp, char if (stdout != fp) printf("[%d][%s] host: %s login: %s password: %s\n", port, svc, ipaddr_str, hydra_get_next_login(), hydra_get_next_password()); fflush(fp); +*/ } int hydra_connect_to_ssl(int socket) { diff --git a/hydra.c b/hydra.c index 78332c2..44e6289 100644 --- a/hydra.c +++ b/hydra.c @@ -2240,7 +2240,7 @@ int main(int argc, char *argv[]) { break; case 'o': hydra_options.outfile_ptr = optarg; - colored_output = 0; +// colored_output = 0; break; case 'M': hydra_options.infile_ptr = optarg; @@ -3153,9 +3153,18 @@ int main(int argc, char *argv[]) { for (i = 0; i < countinfile; i++) { hydra_targets[i] = malloc(sizeof(hydra_target)); memset(hydra_targets[i], 0, sizeof(hydra_target)); - hydra_targets[i]->target = tmpptr; + if (*tmpptr == '[') { + tmpptr++; + hydra_targets[i]->target = tmpptr; + if ((tmpptr2 = index(tmpptr, ']')) != NULL) { + *tmpptr2++ = 0; + tmpptr = tmpptr2; + } + } else + hydra_targets[i]->target = tmpptr; if ((tmpptr2 = index(hydra_targets[i]->target, ':')) != NULL) { *tmpptr2++ = 0; + tmpptr = tmpptr2; hydra_targets[i]->port = atoi(tmpptr2); if (hydra_targets[i]->port < 1 || hydra_targets[i]->port > 65535) hydra_targets[i]->port = 0; @@ -3394,7 +3403,7 @@ int main(int argc, char *argv[]) { perror("[ERROR] Error creating outputfile"); exit(-1); } - fprintf(hydra_brains.ofp, "# %s %s run at %s on %s %s (%s ", PROGRAM, VERSION, hydra_build_time(), + fprintf(hydra_brains.ofp, "# %s %s run at %s on %s %s (%s", PROGRAM, VERSION, hydra_build_time(), hydra_options.server == NULL ? hydra_options.infile_ptr : hydra_options.server, hydra_options.service, prg); for (i = 1; i < argc; i++) fprintf(hydra_brains.ofp, " %s", argv[i]); @@ -3588,6 +3597,38 @@ int main(int argc, char *argv[]) { case 'F': // valid password found hydra_brains.found++; + if (colored_output) { + if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) { + if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) + printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target); + else + printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr); + } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) { + printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr); + } else + printf("[\e[32m%d\e[0m][\e[32m%s\e[0m] host: \e[32m%s\e[0m login: \e[32m%s\e[0m password: \e[32m%s\e[0m\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr); + } else { + if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) { + if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) + printf("[%d][%s] host: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target); + else + printf("[%d][%s] host: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr); + } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) { + printf("[%d][%s] host: %s login: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr); + } else + printf("[%d][%s] host: %s login: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr); + } + if (hydra_options.outfile_ptr != NULL && hydra_brains.ofp != NULL) { + if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) { + if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) + fprintf(hydra_brains.ofp, "[%d][%s] host: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target); + else + fprintf(hydra_brains.ofp, "[%d][%s] host: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr); + } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) { + fprintf(hydra_brains.ofp, "[%d][%s] host: %s login: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr); + } else + fprintf(hydra_brains.ofp, "[%d][%s] host: %s login: %s password: %s\n", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr); + } if (hydra_options.exit_found) { // option set says quit target after on valid login/pass pair is found if (hydra_targets[hydra_heads[head_no]->target_no]->done == 0) { hydra_targets[hydra_heads[head_no]->target_no]->done = 1; // mark target as done