diff --git a/hydra-http.c b/hydra-http.c index 7dc9b97..cc6e66d 100644 --- a/hydra-http.c +++ b/hydra-http.c @@ -246,8 +246,6 @@ void service_http(char *ip, int sp, unsigned char options, char *miscptr, FILE * if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) return; - printf("DEBUG0: %s\n", miscptr); - if ((webtarget = strstr(miscptr, "://")) != NULL) { webtarget += strlen("://"); if ((ptr2 = index(webtarget, ':')) != NULL) { /* step over port if present */ diff --git a/hydra-mod.c b/hydra-mod.c index dada37b..521660c 100644 --- a/hydra-mod.c +++ b/hydra-mod.c @@ -440,11 +440,25 @@ int internal__hydra_connect(char *host, int port, int protocol, int type) { #ifdef LIBOPENSSL RSA *ssl_temp_rsa_cb(SSL * ssl, int export, int keylength) { - if(rsa->n && RSA_size(rsa)!=(keylength/8)){ + int ok = 0; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BIGNUM *n; + n = BN_new(); + RSA_get0_key(rsa, &n, NULL, NULL); + ok = BN_zero(n); +#else + if (rsa->n == 0) + ok = 1; +#endif + if(ok == 0 && RSA_size(rsa)!=(keylength/8)){ // n is not zero +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BN_free(n); +#endif RSA_free(rsa); + rsa = NULL; } - if (rsa->n == 0) { -#ifdef NO_RSA_LEGACY + if (ok != 0) { // n is zero +#if defined(NO_RSA_LEGACY) || OPENSSL_VERSION_NUMBER >= 0x10100000L RSA *rsa = RSA_new(); BIGNUM *f4 = BN_new(); BN_set_word(f4, RSA_F4); @@ -453,6 +467,9 @@ RSA *ssl_temp_rsa_cb(SSL * ssl, int export, int keylength) { rsa = RSA_generate_key(keylength, RSA_F4, NULL, NULL); #endif } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BN_free(n); +#endif return rsa; } @@ -480,7 +497,11 @@ int internal__hydra_connect_to_ssl(int socket, char *hostname) { } else { // if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) { #ifndef TLSv1_2_client_method - #define TLSv1_2_client_method TLSv1_client_method + #if OPENSSL_VERSION_NUMBER < 0x10100000L + #define TLSv1_2_client_method TLSv1_client_method + #else + #define TLSv1_2_client_method TLS_client_method + #endif #endif if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) { if (verbose) { @@ -497,7 +518,9 @@ int internal__hydra_connect_to_ssl(int socket, char *hostname) { /* we set the default verifiers and dont care for the results */ (void) SSL_CTX_set_default_verify_paths(sslContext); +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_CTX_set_tmp_rsa_callback(sslContext, ssl_temp_rsa_cb); +#endif SSL_CTX_set_verify(sslContext, SSL_VERIFY_NONE, NULL); } diff --git a/hydra-oracle-listener.c b/hydra-oracle-listener.c index 4d23f56..0d453bb 100644 --- a/hydra-oracle-listener.c +++ b/hydra-oracle-listener.c @@ -106,7 +106,7 @@ int convert_byteorder(unsigned char **result, int size) { int ora_descrypt(unsigned char **rs, unsigned char *result, int siz) { int i = 0; char lastkey[8]; - des_key_schedule ks1; + DES_key_schedule ks1; unsigned char key1[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; unsigned char ivec1[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; unsigned char *desresult; @@ -116,17 +116,17 @@ int ora_descrypt(unsigned char **rs, unsigned char *result, int siz) { hydra_report(stderr, "[ERROR] Can't allocate memory\n"); return 1; } - des_key_sched((C_Block *) key1, ks1); - des_ncbc_encrypt(result, desresult, siz, ks1, &ivec1, DES_ENCRYPT); + DES_key_sched((const_DES_cblock *) key1, &ks1); + DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT); for (i = 0; i < 8; i++) { lastkey[i] = desresult[siz - 8 + i]; } - des_key_sched((C_Block *) lastkey, ks1); + DES_key_sched((const_DES_cblock *) lastkey, &ks1); memset(desresult, 0, siz); memset(ivec1, 0, sizeof(ivec1)); - des_ncbc_encrypt(result, desresult, siz, ks1, &ivec1, DES_ENCRYPT); + DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT); if ((*rs = malloc(siz)) == NULL) { hydra_report(stderr, "[ERROR] Can't allocate memory\n"); diff --git a/hydra-rdp.c b/hydra-rdp.c index 55dee0b..a02f787 100644 --- a/hydra-rdp.c +++ b/hydra-rdp.c @@ -1,4 +1,3 @@ - /* david: this module is heavily based on rdesktop v 1.7.0 @@ -859,7 +858,7 @@ static void reverse(uint8 * p, int len) { void ssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * modulus, uint8 * exponent) { BN_CTX *ctx; - BIGNUM mod, exp, x, y; + BIGNUM *mod, *exp, *x, *y; uint8 inr[SEC_MAX_MODULUS_SIZE]; int outlen; @@ -869,39 +868,39 @@ void ssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint reverse(inr, len); ctx = BN_CTX_new(); - BN_init(&mod); - BN_init(&exp); - BN_init(&x); - BN_init(&y); + mod = BN_new(); + exp = BN_new(); + x = BN_new(); + y = BN_new(); - BN_bin2bn(modulus, modulus_size, &mod); - BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp); - BN_bin2bn(inr, len, &x); - BN_mod_exp(&y, &x, &exp, &mod, ctx); - outlen = BN_bn2bin(&y, out); + BN_bin2bn(modulus, modulus_size, mod); + BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp); + BN_bin2bn(inr, len, x); + BN_mod_exp(y, x, exp, mod, ctx); + outlen = BN_bn2bin(y, out); reverse(out, outlen); if (outlen < (int) modulus_size) memset(out + outlen, 0, modulus_size - outlen); - BN_free(&y); - BN_clear_free(&x); - BN_free(&exp); - BN_free(&mod); + BN_free(y); + BN_free(x); + BN_free(exp); + BN_free(mod); BN_CTX_free(ctx); } -/* returns newly allocated SSL_CERT or NULL */ -SSL_CERT *ssl_cert_read(uint8 * data, uint32 len) { +/* returns newly allocated X509 or NULL */ +X509 *ssl_cert_read(uint8 * data, uint32 len) { /* this will move the data pointer but we don't care, we don't use it again */ return d2i_X509(NULL, (D2I_X509_CONST unsigned char **) &data, len); } -static void ssl_cert_free(SSL_CERT * cert) { +static void ssl_cert_free(X509 * cert) { X509_free(cert); } /* returns newly allocated SSL_RKEY or NULL */ -SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) { +SSL_RKEY *ssl_cert_to_rkey(X509 * cert, uint32 * key_len) { EVP_PKEY *epk = NULL; SSL_RKEY *lkey; int nid; @@ -909,13 +908,19 @@ SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) { /* By some reason, Microsoft sets the OID of the Public RSA key to the oid for "MD5 with RSA Encryption" instead of "RSA Encryption" - Kudos to Richard Levitte for the following (. intiutive .) + Kudos to Richard Levitte for the following (. intuitive .) lines of code that resets the OID and let's us extract the key. */ - nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); + //nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); + nid = X509_get_signature_nid(cert); if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + fprintf(stderr, "[ERROR] the current experimental openssl-1.1 support in hydra does not support RDP :( \n"); + hydra_child_exit(2); +#else DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n")); ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm); cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); +#endif } epk = X509_get_pubkey(cert); if (NULL == epk) { @@ -929,7 +934,7 @@ SSL_RKEY *ssl_cert_to_rkey(SSL_CERT * cert, uint32 * key_len) { return lkey; } -int ssl_cert_print_fp(FILE * fp, SSL_CERT * cert) { +int ssl_cert_print_fp(FILE * fp, X509 * cert) { return X509_print_fp(fp, cert); } @@ -941,13 +946,29 @@ void ssl_rkey_free(SSL_RKEY * rkey) { int ssl_rkey_get_exp_mod(SSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len, uint8 * modulus, uint32 max_mod_len) { int len; - if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || (BN_num_bytes(rkey->n) > (int) max_mod_len)) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BIGNUM *n, *e, *d; + + n = BN_new(); + e = BN_new(); + RSA_get0_key(rkey, &n, &e, NULL); + if ((BN_num_bytes(e) > (int) max_exp_len) || (BN_num_bytes(n) > (int) max_mod_len)) { return 1; } + len = BN_bn2bin(e, exponent); + reverse(exponent, len); + len = BN_bn2bin(n, modulus); + reverse(modulus, len); + BN_free(n); + BN_free(e); +#else + if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || (BN_num_bytes(rkey->n) > (int) max_mod_len)) + return 1; len = BN_bn2bin(rkey->e, exponent); reverse(exponent, len); len = BN_bn2bin(rkey->n, modulus); reverse(modulus, len); +#endif return 0; } @@ -958,11 +979,17 @@ BOOL ssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 mod_le void ssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len, unsigned char *md) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + HMAC_CTX *ctx; + ctx = HMAC_CTX_new(); + HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL); + HMAC_CTX_free(ctx); +#else HMAC_CTX ctx; - HMAC_CTX_init(&ctx); HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL); HMAC_CTX_cleanup(&ctx); +#endif } @@ -1373,7 +1400,7 @@ static BOOL sec_parse_public_sig(STREAM s, uint32 len, uint8 * modulus, uint8 * static BOOL sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size, uint8 ** server_random, uint8 * modulus, uint8 * exponent) { uint32 crypt_level, random_len, rsa_info_len; uint32 cacert_len, cert_len, flags; - SSL_CERT *cacert, *server_cert; + X509 *cacert, *server_cert; SSL_RKEY *server_public_key; uint16 tag, length; uint8 *next_tag, *end; @@ -1438,7 +1465,7 @@ static BOOL sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size, uint8 ** serve } for (; certcount > 2; certcount--) { /* ignore all the certificates between the root and the signing CA */ uint32 ignorelen; - SSL_CERT *ignorecert; + X509 *ignorecert; DEBUG_RDP5(("Ignored certs left: %d\n", certcount)); in_uint32_le(s, ignorelen); diff --git a/hydra-smb.c b/hydra-smb.c index c94c8cd..2fbf455 100644 --- a/hydra-smb.c +++ b/hydra-smb.c @@ -166,27 +166,27 @@ static unsigned char Get7Bits(unsigned char *input, int startBit) { } /* Make the key */ -static void MakeKey(unsigned char *key, unsigned char *des_key) { - des_key[0] = Get7Bits(key, 0); - des_key[1] = Get7Bits(key, 7); - des_key[2] = Get7Bits(key, 14); - des_key[3] = Get7Bits(key, 21); - des_key[4] = Get7Bits(key, 28); - des_key[5] = Get7Bits(key, 35); - des_key[6] = Get7Bits(key, 42); - des_key[7] = Get7Bits(key, 49); +static void MakeKey(unsigned char *key, unsigned char *DES_key) { + DES_key[0] = Get7Bits(key, 0); + DES_key[1] = Get7Bits(key, 7); + DES_key[2] = Get7Bits(key, 14); + DES_key[3] = Get7Bits(key, 21); + DES_key[4] = Get7Bits(key, 28); + DES_key[5] = Get7Bits(key, 35); + DES_key[6] = Get7Bits(key, 42); + DES_key[7] = Get7Bits(key, 49); - des_set_odd_parity((DES_cblock *) des_key); + DES_set_odd_parity((DES_cblock *) DES_key); } /* Do the DesEncryption */ void DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher) { - DES_cblock des_key; - des_key_schedule key_schedule; + DES_cblock DES_key; + DES_key_schedule key_schedule; - MakeKey(key, des_key); - des_set_key(&des_key, key_schedule); - des_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cipher, key_schedule, 1); + MakeKey(key, DES_key); + DES_set_key(&DES_key, &key_schedule); + DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cipher, &key_schedule, 1); } /* diff --git a/hydra-snmp.c b/hydra-snmp.c index 6f552cd..8b9d3c3 100644 --- a/hydra-snmp.c +++ b/hydra-snmp.c @@ -335,13 +335,13 @@ int start_snmp(int s, char *ip, int port, unsigned char options, char *miscptr, // xor initVect with salt for (i = 0; i < 8; i++) initVect[i] ^= privacy_params[i]; - des_key_sched((C_Block *) key, symcbc); - des_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, symcbc, (C_Block *) (initVect), DES_ENCRYPT); + DES_key_sched((const_DES_cblock *) key, &symcbc); + DES_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, &symcbc, (const_DES_cblock *) (initVect), DES_ENCRYPT); #endif /* for (i = 0; i <= sizeof(snmpv3_get2) - 8; i += 8) { - des_ncbc_encrypt(snmpv3_get2 + i, buf + i, 8, (C_Block*)(initVect), DES_ENCRYPT); + DES_ncbc_encrypt(snmpv3_get2 + i, buf + i, 8, (const_DES_cblock*)(initVect), DES_ENCRYPT); } // last part of buffer if (buffer_len % 8) { @@ -351,7 +351,7 @@ int start_snmp(int s, char *ip, int port, unsigned char options, char *miscptr, memset(tmp_buf, 0, 8); for (unsigned int l = start; l < buffer_len; l++) *tmp_buf_ptr++ = buffer[l]; - des_ncbc_encrypt(tmp_buf, buf + start, 1, symcbc, (C_Block*)(initVect), DES_ENCRYPT); + DES_ncbc_encrypt(tmp_buf, buf + start, 1, &symcbc, (const_DES_cblock*)(initVect), DES_ENCRYPT); *out_buffer_len = buffer_len + 8 - (buffer_len % 8); } else *out_buffer_len = buffer_len; diff --git a/hydra.c b/hydra.c index 1951dde..4d0e333 100644 --- a/hydra.c +++ b/hydra.c @@ -3685,6 +3685,15 @@ int main(int argc, char *argv[]) { fflush(stderr); fflush(hydra_brains.ofp); + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (hydra_options.ssl) { + fprintf(stderr, "[WARNING] *****************************************************\n"); + fprintf(stderr, "[WARNING] OPENSSL v1.1 development changes are active - modules SMB, SNMP, RDP, ORACLE LISTENER and SSL in general might not work properly! Please test and report to vh@thc.org.\n"); + fprintf(stderr, "[WARNING] *****************************************************\n"); + } +#endif + hydra_debug(0, "attack"); process_restore = 1; diff --git a/hydra.h b/hydra.h index a855f08..64170a7 100644 --- a/hydra.h +++ b/hydra.h @@ -41,6 +41,14 @@ #define OPTION_SSL 1 +#ifdef LIBOPENSSL + #ifndef NO_RSA_LEGACY + #if OPENSSL_VERSION_NUMBER >= 0x10100000L + #define NO_RSA_LEGACY + #endif + #endif +#endif + #define PORT_NOPORT -1 #define PORT_FTP 21 #define PORT_FTP_SSL 990 diff --git a/rdp.h b/rdp.h index 66af31a..0b7c496 100644 --- a/rdp.h +++ b/rdp.h @@ -49,6 +49,8 @@ #include /* stat */ #include /* gettimeofday */ #include /* times */ +#include +#include //fixme