changed -R behaviour

CHANGES

@@ -4,6 +4,9 @@ Changelog for hydra
 Release 8.6-dev
 * http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch)
 * Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting)
+* Added new command line option:
+   -c TIME: seconds between login attempts (over all threads, so -t 1 is recommended)
+* Options put after -R (for loading a restore file) are now honored (and were disallowed before)
 * merged several patches by Diadlo@github to make the code easier readable. thanks for that!
 
 

hydra.1

@@ -6,7 +6,7 @@ hydra \- a very fast network logon cracker which support many different services
  [[[\-l LOGIN|\-L FILE] [\-p PASS|\-P FILE|\-x OPT \-y]] | [\-C FILE]]
  [\-e nsr] [\-u] [\-f|\-F] [\-M FILE] [\-o FILE] [\-b FORMAT]
  [\-t TASKS] [\-T TASKS] [\-w TIME] [\-W TIME] [\-m OPTIONS] [\-s PORT]
- [\-S] [\-O] [\-4|6] [\-I] [\-vV] [\-d]
+ [\-c TIME] [\-S] [\-O] [\-4|6] [\-I] [\-vV] [\-d]
  server service [OPTIONS]
 .br
 .SH DESCRIPTION
@@ -47,7 +47,8 @@ Some modules have optional or mandatory options. type "hydra \-U <servicename>"
 .TP
 .B \-R 
 restore a previously aborted session. Requires a hydra.restore file was
-written. No other options are allowed when using \-R
+written. Options are restored, but can be changed by setting them after
+\-R on the command line
 .TP
 .B \-S
 connect via SSL
@@ -115,6 +116,10 @@ defines the max wait time in seconds for responses (default: 32)
 defines a wait time between each connection a task performs. This usually
 only makes sense if a low task number is used, .e.g \-t 1
 .TP
+.B \-c TIME
+the wait time in seconds per login attempt over all threads (-t 1 is recommended)
+This usually only makes sense if a low task number is used, .e.g \-t 1
+.TP
 .B \-4 / \-6 
 prefer IPv4 (default) or IPv6 addresses
 .TP

hydra.c

@@ -495,7 +495,7 @@ void help(int ext) {
 #ifdef HAVE_MATH_H
                     " [-x MIN:MAX:CHARSET]"
 #endif
-                    " [-ISOuvVd46] "
+                    " [-c TIME] [-ISOuvVd46] "
                     //"[server service [OPT]]|"
                     "[service://server[:PORT][/OPT]]\n");
   PRINT_NORMAL(ext, "\nOptions:\n");
@@ -521,7 +521,10 @@ void help(int ext) {
                     "  -f / -F   exit when a login/pass pair is found (-M: -f per host, -F global)\n");
   PRINT_NORMAL(ext, "  -t TASKS  run TASKS number of connects in parallel per target (default: %d)\n", TASKS);
   PRINT_EXTEND(ext, "  -T TASKS  run TASKS connects in parallel overall (for -M, default: %d)\n"
-                    "  -w / -W TIME  waittime for responses (%d) / between connects per thread (%d)\n"
+                    "  -w / -W TIME  wait time for a response (%d) / between connects per thread (%d)\n"
+#ifdef MSG_PEEK
+                    "  -c TIME   wait time per login attempt over all threads (-t 1 is recommended)\n"
+#endif
                     "  -4 / -6   use IPv4 (default) / IPv6 addresses (put always in [] also in -M)\n"
                     "  -v / -V / -d  verbose mode / show login+pass for each attempt / debug mode \n"
                     "  -O        use old SSL v2 and v3\n"
@@ -970,8 +973,7 @@ void hydra_restore_read() {
   int i, j, orig_debug = debug;
   char out[1024];
 
-  if (debug)
-    printf("[DEBUG] reading restore file %s\n", RESTOREFILE);
+  printf("[INFORMATION] reading restore file %s\n", RESTOREFILE);
   if ((f = fopen(RESTOREFILE, "r")) == NULL) {
     fprintf(stderr, "[ERROR] restore file (%s) not found - ", RESTOREFILE);
     perror("");
@@ -2444,6 +2446,7 @@ int main(int argc, char *argv[]) {
       break;
     case 'R':
       hydra_options.restore = 1;
+      hydra_restore_read();
       break;
     case 'I':
       ignore_restore = 1; // this is not to be saved in hydra_options!
@@ -2610,7 +2613,8 @@ int main(int argc, char *argv[]) {
     printf("[DEBUG] Ouput color flag is %d\n", colored_output);
 
   if (hydra_options.restore && argc > 2 + debug + verbose)
-    bail("no option may be supplied together with -R");
+    fprintf(stderr, "[WARNING] options after -R are now honored (since v8.6)\n");
+//    bail("no option may be supplied together with -R");
 
   printf("%s (%s) starting at %s\n", PROGRAM, RESOURCE, hydra_build_time());
   if (debug) {
@@ -2629,7 +2633,7 @@ int main(int argc, char *argv[]) {
     fprintf(stderr, "[WARNING] output file format specified (-b) - but no output file (-o)\n");
     
   if (hydra_options.restore) {
-    hydra_restore_read();
+//    hydra_restore_read();
     // stuff we have to copy from the non-restore part
     if (strncmp(hydra_options.service, "http-", 5) == 0) {
       if (getenv("HYDRA_PROXY_HTTP") && getenv("HYDRA_PROXY"))
@@ -3456,7 +3460,7 @@ int main(int argc, char *argv[]) {
     }
     free(memcheck);
     if ((rfp = fopen(RESTOREFILE, "r")) != NULL) {
-      fprintf(stderr, "[WARNING] Restorefile (%s) from a previous session found, to prevent overwriting, %s\n", ignore_restore == 1 ? "ignored ..." : "you have 10 seconds to abort...", RESTOREFILE);
+      fprintf(stderr, "[WARNING] Restorefile (%s) from a previous session found, to prevent overwriting, %s\n", ignore_restore == 1 ? "ignored ..." : "you have 10 seconds to abort... (use option -I to skip waiting)", RESTOREFILE);
       if (ignore_restore != 1)
         sleep(10);
       fclose(rfp);