github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-08-22 06:13:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

add authentication type switching option

Browse source
This commit is contained in:
Roman Maksimov 2019-05-15 22:27:49 +03:00
commit 79c6302818
3 changed files with 40 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

31
hydra-http-form.c
View file

@ -50,6 +50,7 @@ Added fail or success condition, getting cookies, and allow 5 redirections by da
*/ */
#include "hydra-http.h" #include "hydra-http.h"
#include "sasl.h"
extern char *HYDRA_EXIT; extern char *HYDRA_EXIT;
char *buf; char *buf;
@ -397,6 +398,36 @@ int32_t parse_options(char *miscptr, ptr_header_node *ptr_head) {
*/ */
while (*miscptr != 0) { while (*miscptr != 0) {
switch (miscptr[0]) { switch (miscptr[0]) {
case 'a':
case 'A':
// grab the value
ptr = miscptr + 2;
// and make it lowercase
while (*ptr != 0 && *ptr != ':') {
*ptr = tolower(*ptr);
ptr++;
}
if (*ptr != 0) {
*ptr = 0;
ptr += 1;
}
// AUTH_BASIC is a default value of http_auth_type variable defined in hydra-http.c, it could be skipped here
if (strcmp(miscptr + 2, "basic") == 0)
http_auth_type = AUTH_BASIC;
else if (strcmp(miscptr + 2, "ntlm") == 0)
http_auth_type = AUTH_NTLM;
else if (strcmp(miscptr + 2, "digest") == 0)
http_auth_type = AUTH_DIGESTMD5;
else {
hydra_report(stderr, "[ERROR] Incorrect authentication type is provided.\n");
return 0;
}
miscptr = ptr;
break;
case 'c': // fall through case 'c': // fall through
case 'C': case 'C':
ptr = miscptr + 2; ptr = miscptr + 2;

15
hydra-http.c
View file

@ -6,7 +6,7 @@ char *webtarget = NULL;
char *slash = "/"; char *slash = "/";
char *http_buf = NULL; char *http_buf = NULL;
int32_t webport, freemischttp = 0; int32_t webport, freemischttp = 0;
int32_t http_auth_mechanism = AUTH_BASIC; int32_t http_auth_type = AUTH_BASIC;
int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp, char *type, ptr_header_node ptr_head) { int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp, char *type, ptr_header_node ptr_head) {
char *empty = ""; char *empty = "";
@ -33,13 +33,13 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
} }
// we must reset this if buf is NULL and we do MD5 digest // we must reset this if buf is NULL and we do MD5 digest
if (http_buf == NULL && http_auth_mechanism == AUTH_DIGESTMD5) if (http_buf == NULL && http_auth_type == AUTH_DIGESTMD5)
http_auth_mechanism = AUTH_BASIC; http_auth_type = AUTH_BASIC;
if (use_proxy > 0 && proxy_count > 0) if (use_proxy > 0 && proxy_count > 0)
selected_proxy = random() % proxy_count; selected_proxy = random() % proxy_count;
switch (http_auth_mechanism) { switch (http_auth_type) {
case AUTH_BASIC: case AUTH_BASIC:
sprintf(buffer2, "%.50s:%.50s", login, pass); sprintf(buffer2, "%.50s:%.50s", login, pass);
hydra_tobase64((unsigned char *) buffer2, strlen(buffer2), sizeof(buffer2)); hydra_tobase64((unsigned char *) buffer2, strlen(buffer2), sizeof(buffer2));
@ -233,17 +233,17 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
fprintf(stderr, "[WARNING] Unusual return code: %.3s for %s:%s\n", (char *) ptr, login, pass); fprintf(stderr, "[WARNING] Unusual return code: %.3s for %s:%s\n", (char *) ptr, login, pass);
//the first authentication type failed, check the type from server header //the first authentication type failed, check the type from server header
if ((hydra_strcasestr(http_buf, "WWW-Authenticate: Basic") == NULL) && (http_auth_mechanism == AUTH_BASIC)) { if ((hydra_strcasestr(http_buf, "WWW-Authenticate: Basic") == NULL) && (http_auth_type == AUTH_BASIC)) {
//seems the auth supported is not Basic scheme so testing further //seems the auth supported is not Basic scheme so testing further
int32_t find_auth = 0; int32_t find_auth = 0;
if (hydra_strcasestr(http_buf, "WWW-Authenticate: NTLM") != NULL) { if (hydra_strcasestr(http_buf, "WWW-Authenticate: NTLM") != NULL) {
http_auth_mechanism = AUTH_NTLM; http_auth_type = AUTH_NTLM;
find_auth = 1; find_auth = 1;
} }
#ifdef LIBOPENSSL #ifdef LIBOPENSSL
if (hydra_strcasestr(http_buf, "WWW-Authenticate: Digest") != NULL) { if (hydra_strcasestr(http_buf, "WWW-Authenticate: Digest") != NULL) {
http_auth_mechanism = AUTH_DIGESTMD5; http_auth_type = AUTH_DIGESTMD5;
find_auth = 1; find_auth = 1;
} }
#endif #endif
@ -393,6 +393,7 @@ int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *mis
void usage_http(const char* service) { void usage_http(const char* service) {
printf("Module %s requires the page to authenticate.\n" printf("Module %s requires the page to authenticate.\n"
"The following parameters are optional:\n" "The following parameters are optional:\n"
" (a|A)=type to use one of the following authentication types: Basic, Digest, NTLM\n"
" (h|H)=My-Hdr\\: foo to send a user defined HTTP header with each request\n" " (h|H)=My-Hdr\\: foo to send a user defined HTTP header with each request\n"
"For example: \"/secret\" or \"http://bla.com/foo/bar:H=Cookie\\: sessid=aaaa\" or \"https://test.com:8080/members\"\n\n", service); "For example: \"/secret\" or \"http://bla.com/foo/bar:H=Cookie\\: sessid=aaaa\" or \"https://test.com:8080/members\"\n\n", service);
} }

1
hydra-http.h
View file

@ -14,6 +14,7 @@ typedef struct header_node t_header_node, *ptr_header_node;
extern char *webtarget; extern char *webtarget;
extern char *slash; extern char *slash;
extern char *optional1; extern char *optional1;
extern int32_t http_auth_type;
extern int32_t parse_options(char *miscptr, ptr_header_node * ptr_head); extern int32_t parse_options(char *miscptr, ptr_header_node * ptr_head);
extern int32_t add_header(ptr_header_node * ptr_head, char *header, char *value, char type); extern int32_t add_header(ptr_header_node * ptr_head, char *header, char *value, char type);