openssl v1.1 interface changes - this is beta!

hydra-http.c

@@ -246,8 +246,6 @@ void service_http(char *ip, int sp, unsigned char options, char *miscptr, FILE *
   if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
     return;
 
-  printf("DEBUG0: %s\n", miscptr);
-
   if ((webtarget = strstr(miscptr, "://")) != NULL) {
     webtarget += strlen("://");
     if ((ptr2 = index(webtarget, ':')) != NULL) {       /* step over port if present */

hydra-mod.c

@@ -440,11 +440,25 @@ int internal__hydra_connect(char *host, int port, int protocol, int type) {
 
 #ifdef LIBOPENSSL
 RSA *ssl_temp_rsa_cb(SSL * ssl, int export, int keylength) {
-  if(rsa->n && RSA_size(rsa)!=(keylength/8)){
+  int ok = 0;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  BIGNUM *n;
+  n = BN_new();
+  RSA_get0_key(rsa, &n, NULL, NULL);
+  ok = BN_zero(n);
+#else
+  if (rsa->n == 0)
+    ok = 1;
+#endif
+  if(ok == 0 && RSA_size(rsa)!=(keylength/8)){ // n is not zero
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+      BN_free(n);
+#endif
       RSA_free(rsa);
+      rsa = NULL;
   }
-  if (rsa->n == 0) {
-#ifdef NO_RSA_LEGACY
+  if (ok != 0) { // n is zero
+#if defined(NO_RSA_LEGACY) || OPENSSL_VERSION_NUMBER >= 0x10100000L
     RSA *rsa = RSA_new();
     BIGNUM *f4 = BN_new();
     BN_set_word(f4, RSA_F4);
@@ -453,6 +467,9 @@ RSA *ssl_temp_rsa_cb(SSL * ssl, int export, int keylength) {
     rsa = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
 #endif
   }
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  BN_free(n);
+#endif
   return rsa;
 }
 
@@ -480,7 +497,11 @@ int internal__hydra_connect_to_ssl(int socket, char *hostname) {
     } else {
 //    if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {
 #ifndef TLSv1_2_client_method
-  #define TLSv1_2_client_method TLSv1_client_method
+  #if OPENSSL_VERSION_NUMBER < 0x10100000L
+    #define TLSv1_2_client_method TLSv1_client_method
+  #else
+    #define TLSv1_2_client_method TLS_client_method
+  #endif
 #endif
       if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) {
         if (verbose) {
@@ -497,7 +518,9 @@ int internal__hydra_connect_to_ssl(int socket, char *hostname) {
 
     /* we set the default verifiers and dont care for the results */
     (void) SSL_CTX_set_default_verify_paths(sslContext);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     SSL_CTX_set_tmp_rsa_callback(sslContext, ssl_temp_rsa_cb);
+#endif
     SSL_CTX_set_verify(sslContext, SSL_VERIFY_NONE, NULL);
   }
 

hydra-oracle-listener.c

@@ -106,7 +106,7 @@ int convert_byteorder(unsigned char **result, int size) {
 int ora_descrypt(unsigned char **rs, unsigned char *result, int siz) {
   int i = 0;
   char lastkey[8];
-  des_key_schedule ks1;
+  DES_key_schedule ks1;
   unsigned char key1[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
   unsigned char ivec1[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
   unsigned char *desresult;
@@ -116,17 +116,17 @@ int ora_descrypt(unsigned char **rs, unsigned char *result, int siz) {
     hydra_report(stderr, "[ERROR] Can't allocate memory\n");
     return 1;
   }
-  des_key_sched((C_Block *) key1, ks1);
-  des_ncbc_encrypt(result, desresult, siz, ks1, &ivec1, DES_ENCRYPT);
+  DES_key_sched((const_DES_cblock *) key1, &ks1);
+  DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT);
 
   for (i = 0; i < 8; i++) {
     lastkey[i] = desresult[siz - 8 + i];
   }
 
-  des_key_sched((C_Block *) lastkey, ks1);
+  DES_key_sched((const_DES_cblock *) lastkey, &ks1);
   memset(desresult, 0, siz);
   memset(ivec1, 0, sizeof(ivec1));
-  des_ncbc_encrypt(result, desresult, siz, ks1, &ivec1, DES_ENCRYPT);
+  DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT);
 
   if ((*rs = malloc(siz)) == NULL) {
     hydra_report(stderr, "[ERROR] Can't allocate memory\n");

hydra-rdp.c

@@ -1,4 +1,3 @@
-
 /*
    david: this module is heavily based on rdesktop v 1.7.0
 
@@ -859,7 +858,7 @@ static void reverse(uint8 * p, int len) {
 
 void ssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * modulus, uint8 * exponent) {
   BN_CTX *ctx;
-  BIGNUM mod, exp, x, y;
+  BIGNUM *mod, *exp, *x, *y;
   uint8 inr[SEC_MAX_MODULUS_SIZE];
   int outlen;
 
@@ -869,39 +868,39 @@ void ssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint
   reverse(inr, len);
 
   ctx = BN_CTX_new();
-  BN_init(&mod);
-  BN_init(&exp);
-  BN_init(&x);
-  BN_init(&y);
+  mod = BN_new();
+  exp = BN_new();
+  x = BN_new();
+  y = BN_new();
 
-  BN_bin2bn(modulus, modulus_size, &mod);
-  BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
-  BN_bin2bn(inr, len, &x);
-  BN_mod_exp(&y, &x, &exp, &mod, ctx);
-  outlen = BN_bn2bin(&y, out);
+  BN_bin2bn(modulus, modulus_size, mod);
+  BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp);
+  BN_bin2bn(inr, len, x);
+  BN_mod_exp(y, x, exp, mod, ctx);
+  outlen = BN_bn2bin(y, out);
   reverse(out, outlen);
   if (outlen < (int) modulus_size)
     memset(out + outlen, 0, modulus_size - outlen);
 
-  BN_free(&y);
-  BN_clear_free(&x);
-  BN_free(&exp);
-  BN_free(&mod);
+  BN_free(y);
+  BN_free(x);
+  BN_free(exp);
+  BN_free(mod);
   BN_CTX_free(ctx);
 }
 
-/* returns newly allocated SSL_CERT or NULL */
-SSL_CERT *ssl_cert_read(uint8 * data, uint32 len) {
+/* returns newly allocated X509 or NULL */
+X509 *ssl_cert_read(uint8 * data, uint32 len) {
   /* this will move the data pointer but we don't care, we don't use it again */
   return d2i_X509(NULL, (D2I_X509_CONST unsigned char **) &data, len);
 }
 
-static void ssl_cert_free(SSL_CERT * cert) {
+static void ssl_cert_free(X509 * cert) {
   X509_free(cert);
 }
 
 /* returns newly allocated SSL_RKEY or NULL */
-SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) {
+SSL_RKEY *ssl_cert_to_rkey(X509 * cert, uint32 * key_len) {
   EVP_PKEY *epk = NULL;
   SSL_RKEY *lkey;
   int nid;
@@ -909,13 +908,19 @@ SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) {
   /* By some reason, Microsoft sets the OID of the Public RSA key to
      the oid for "MD5 with RSA Encryption" instead of "RSA Encryption"
 
-     Kudos to Richard Levitte for the following (. intiutive .) 
+     Kudos to Richard Levitte for the following (. intuitive .) 
      lines of code that resets the OID and let's us extract the key. */
-  nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
+  //nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
+  nid = X509_get_signature_nid(cert);
   if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    fprintf(stderr, "[ERROR] the current experimental openssl-1.1 support in hydra does not support RDP :( \n");
+    hydra_child_exit(2);
+#else 
     DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n"));
     ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm);
     cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
+#endif
   }
   epk = X509_get_pubkey(cert);
   if (NULL == epk) {
@@ -929,7 +934,7 @@ SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) {
   return lkey;
 }
 
-int ssl_cert_print_fp(FILE * fp, SSL_CERT * cert) {
+int ssl_cert_print_fp(FILE * fp, X509 * cert) {
   return X509_print_fp(fp, cert);
 }
 
@@ -941,13 +946,29 @@ void ssl_rkey_free(SSL_RKEY * rkey) {
 int ssl_rkey_get_exp_mod(SSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len, uint8 * modulus, uint32 max_mod_len) {
   int len;
 
-  if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || (BN_num_bytes(rkey->n) > (int) max_mod_len)) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  BIGNUM *n, *e, *d;
+
+  n = BN_new();
+  e = BN_new();
+  RSA_get0_key(rkey, &n, &e, NULL);
+  if ((BN_num_bytes(e) > (int) max_exp_len) || (BN_num_bytes(n) > (int) max_mod_len)) {
     return 1;
   }
+  len = BN_bn2bin(e, exponent);
+  reverse(exponent, len);
+  len = BN_bn2bin(n, modulus);
+  reverse(modulus, len);
+  BN_free(n);
+  BN_free(e);
+#else
+  if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || (BN_num_bytes(rkey->n) > (int) max_mod_len))
+    return 1;
   len = BN_bn2bin(rkey->e, exponent);
   reverse(exponent, len);
   len = BN_bn2bin(rkey->n, modulus);
   reverse(modulus, len);
+#endif
   return 0;
 }
 
@@ -958,11 +979,17 @@ BOOL ssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 mod_le
 
 
 void ssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len, unsigned char *md) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  HMAC_CTX *ctx;
+  ctx = HMAC_CTX_new();
+  HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
+  HMAC_CTX_free(ctx);
+#else
   HMAC_CTX ctx;
-
   HMAC_CTX_init(&ctx);
   HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
   HMAC_CTX_cleanup(&ctx);
+#endif
 }
 
 
@@ -1373,7 +1400,7 @@ static BOOL sec_parse_public_sig(STREAM s, uint32 len, uint8 * modulus, uint8 *
 static BOOL sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size, uint8 ** server_random, uint8 * modulus, uint8 * exponent) {
   uint32 crypt_level, random_len, rsa_info_len;
   uint32 cacert_len, cert_len, flags;
-  SSL_CERT *cacert, *server_cert;
+  X509 *cacert, *server_cert;
   SSL_RKEY *server_public_key;
   uint16 tag, length;
   uint8 *next_tag, *end;
@@ -1438,7 +1465,7 @@ static BOOL sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size, uint8 ** serve
     }
     for (; certcount > 2; certcount--) {        /* ignore all the certificates between the root and the signing CA */
       uint32 ignorelen;
-      SSL_CERT *ignorecert;
+      X509 *ignorecert;
 
       DEBUG_RDP5(("Ignored certs left: %d\n", certcount));
       in_uint32_le(s, ignorelen);

hydra-smb.c

@@ -166,27 +166,27 @@ static unsigned char Get7Bits(unsigned char *input, int startBit) {
 }
 
 /* Make the key */
-static void MakeKey(unsigned char *key, unsigned char *des_key) {
-  des_key[0] = Get7Bits(key, 0);
-  des_key[1] = Get7Bits(key, 7);
-  des_key[2] = Get7Bits(key, 14);
-  des_key[3] = Get7Bits(key, 21);
-  des_key[4] = Get7Bits(key, 28);
-  des_key[5] = Get7Bits(key, 35);
-  des_key[6] = Get7Bits(key, 42);
-  des_key[7] = Get7Bits(key, 49);
+static void MakeKey(unsigned char *key, unsigned char *DES_key) {
+  DES_key[0] = Get7Bits(key, 0);
+  DES_key[1] = Get7Bits(key, 7);
+  DES_key[2] = Get7Bits(key, 14);
+  DES_key[3] = Get7Bits(key, 21);
+  DES_key[4] = Get7Bits(key, 28);
+  DES_key[5] = Get7Bits(key, 35);
+  DES_key[6] = Get7Bits(key, 42);
+  DES_key[7] = Get7Bits(key, 49);
 
-  des_set_odd_parity((DES_cblock *) des_key);
+  DES_set_odd_parity((DES_cblock *) DES_key);
 }
 
 /* Do the DesEncryption */
 void DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher) {
-  DES_cblock des_key;
-  des_key_schedule key_schedule;
+  DES_cblock DES_key;
+  DES_key_schedule key_schedule;
 
-  MakeKey(key, des_key);
-  des_set_key(&des_key, key_schedule);
-  des_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cipher, key_schedule, 1);
+  MakeKey(key, DES_key);
+  DES_set_key(&DES_key, &key_schedule);
+  DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cipher, &key_schedule, 1);
 }
 
 /*

hydra-snmp.c

@@ -335,13 +335,13 @@ int start_snmp(int s, char *ip, int port, unsigned char options, char *miscptr,
       // xor initVect with salt  
       for (i = 0; i < 8; i++)
         initVect[i] ^= privacy_params[i];
-      des_key_sched((C_Block *) key, symcbc);
-      des_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, symcbc, (C_Block *) (initVect), DES_ENCRYPT);
+      DES_key_sched((const_DES_cblock *) key, &symcbc);
+      DES_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, &symcbc, (const_DES_cblock *) (initVect), DES_ENCRYPT);
 
 #endif
 
 /*  for (i = 0; i <= sizeof(snmpv3_get2) - 8; i += 8) {  
-    des_ncbc_encrypt(snmpv3_get2 + i, buf + i, 8, (C_Block*)(initVect), DES_ENCRYPT);
+    DES_ncbc_encrypt(snmpv3_get2 + i, buf + i, 8, (const_DES_cblock*)(initVect), DES_ENCRYPT);
   }  
   // last part of buffer
   if (buffer_len % 8) {  
@@ -351,7 +351,7 @@ int start_snmp(int s, char *ip, int port, unsigned char options, char *miscptr,
     memset(tmp_buf, 0, 8);  
     for (unsigned int l = start; l < buffer_len; l++)  
       *tmp_buf_ptr++ = buffer[l];  
-    des_ncbc_encrypt(tmp_buf, buf + start, 1, symcbc, (C_Block*)(initVect), DES_ENCRYPT);
+    DES_ncbc_encrypt(tmp_buf, buf + start, 1, &symcbc, (const_DES_cblock*)(initVect), DES_ENCRYPT);
     *out_buffer_len = buffer_len + 8 - (buffer_len % 8);  
   } else  
     *out_buffer_len = buffer_len;  

hydra.c

@@ -3685,6 +3685,15 @@ int main(int argc, char *argv[]) {
   fflush(stderr);
   fflush(hydra_brains.ofp);
 
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (hydra_options.ssl) {
+    fprintf(stderr, "[WARNING] *****************************************************\n");
+    fprintf(stderr, "[WARNING] OPENSSL v1.1 development changes are active - modules SMB, SNMP, RDP, ORACLE LISTENER and SSL in general might not work properly! Please test and report to vh@thc.org.\n");
+    fprintf(stderr, "[WARNING] *****************************************************\n");
+  }
+#endif
+
   hydra_debug(0, "attack");
   process_restore = 1;
 

hydra.h

@@ -41,6 +41,14 @@
 
 #define OPTION_SSL 1
 
+#ifdef LIBOPENSSL
+  #ifndef NO_RSA_LEGACY
+    #if OPENSSL_VERSION_NUMBER >= 0x10100000L
+      #define NO_RSA_LEGACY
+    #endif
+  #endif
+#endif
+
 #define PORT_NOPORT     -1
 #define PORT_FTP	21
 #define PORT_FTP_SSL	990

rdp.h

@@ -49,6 +49,8 @@
 #include <sys/stat.h>           /* stat */
 #include <sys/time.h>           /* gettimeofday */
 #include <sys/times.h>          /* times */
+#include <openssl/rsa.h>
+#include <openssl/hmac.h>
 
 //fixme