From 88aae592279141800da4565fb7598396fcf88ec8 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 23 Jun 2017 18:23:59 +0200 Subject: [PATCH] changed -R behaviour --- CHANGES | 3 +++ hydra.1 | 9 +++++++-- hydra.c | 18 +++++++++++------- 3 files changed, 21 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index ee7a523..ec4f017 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changelog for hydra Release 8.6-dev * http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch) * Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting) +* Added new command line option: + -c TIME: seconds between login attempts (over all threads, so -t 1 is recommended) +* Options put after -R (for loading a restore file) are now honored (and were disallowed before) * merged several patches by Diadlo@github to make the code easier readable. thanks for that! diff --git a/hydra.1 b/hydra.1 index 20ae24d..12e2e7c 100644 --- a/hydra.1 +++ b/hydra.1 @@ -6,7 +6,7 @@ hydra \- a very fast network logon cracker which support many different services [[[\-l LOGIN|\-L FILE] [\-p PASS|\-P FILE|\-x OPT \-y]] | [\-C FILE]] [\-e nsr] [\-u] [\-f|\-F] [\-M FILE] [\-o FILE] [\-b FORMAT] [\-t TASKS] [\-T TASKS] [\-w TIME] [\-W TIME] [\-m OPTIONS] [\-s PORT] - [\-S] [\-O] [\-4|6] [\-I] [\-vV] [\-d] + [\-c TIME] [\-S] [\-O] [\-4|6] [\-I] [\-vV] [\-d] server service [OPTIONS] .br .SH DESCRIPTION @@ -47,7 +47,8 @@ Some modules have optional or mandatory options. type "hydra \-U " .TP .B \-R restore a previously aborted session. Requires a hydra.restore file was -written. No other options are allowed when using \-R +written. Options are restored, but can be changed by setting them after +\-R on the command line .TP .B \-S connect via SSL @@ -115,6 +116,10 @@ defines the max wait time in seconds for responses (default: 32) defines a wait time between each connection a task performs. This usually only makes sense if a low task number is used, .e.g \-t 1 .TP +.B \-c TIME +the wait time in seconds per login attempt over all threads (-t 1 is recommended) +This usually only makes sense if a low task number is used, .e.g \-t 1 +.TP .B \-4 / \-6 prefer IPv4 (default) or IPv6 addresses .TP diff --git a/hydra.c b/hydra.c index 4f409ce..2385415 100644 --- a/hydra.c +++ b/hydra.c @@ -495,7 +495,7 @@ void help(int ext) { #ifdef HAVE_MATH_H " [-x MIN:MAX:CHARSET]" #endif - " [-ISOuvVd46] " + " [-c TIME] [-ISOuvVd46] " //"[server service [OPT]]|" "[service://server[:PORT][/OPT]]\n"); PRINT_NORMAL(ext, "\nOptions:\n"); @@ -521,7 +521,10 @@ void help(int ext) { " -f / -F exit when a login/pass pair is found (-M: -f per host, -F global)\n"); PRINT_NORMAL(ext, " -t TASKS run TASKS number of connects in parallel per target (default: %d)\n", TASKS); PRINT_EXTEND(ext, " -T TASKS run TASKS connects in parallel overall (for -M, default: %d)\n" - " -w / -W TIME waittime for responses (%d) / between connects per thread (%d)\n" + " -w / -W TIME wait time for a response (%d) / between connects per thread (%d)\n" +#ifdef MSG_PEEK + " -c TIME wait time per login attempt over all threads (-t 1 is recommended)\n" +#endif " -4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M)\n" " -v / -V / -d verbose mode / show login+pass for each attempt / debug mode \n" " -O use old SSL v2 and v3\n" @@ -970,8 +973,7 @@ void hydra_restore_read() { int i, j, orig_debug = debug; char out[1024]; - if (debug) - printf("[DEBUG] reading restore file %s\n", RESTOREFILE); + printf("[INFORMATION] reading restore file %s\n", RESTOREFILE); if ((f = fopen(RESTOREFILE, "r")) == NULL) { fprintf(stderr, "[ERROR] restore file (%s) not found - ", RESTOREFILE); perror(""); @@ -2444,6 +2446,7 @@ int main(int argc, char *argv[]) { break; case 'R': hydra_options.restore = 1; + hydra_restore_read(); break; case 'I': ignore_restore = 1; // this is not to be saved in hydra_options! @@ -2610,7 +2613,8 @@ int main(int argc, char *argv[]) { printf("[DEBUG] Ouput color flag is %d\n", colored_output); if (hydra_options.restore && argc > 2 + debug + verbose) - bail("no option may be supplied together with -R"); + fprintf(stderr, "[WARNING] options after -R are now honored (since v8.6)\n"); +// bail("no option may be supplied together with -R"); printf("%s (%s) starting at %s\n", PROGRAM, RESOURCE, hydra_build_time()); if (debug) { @@ -2629,7 +2633,7 @@ int main(int argc, char *argv[]) { fprintf(stderr, "[WARNING] output file format specified (-b) - but no output file (-o)\n"); if (hydra_options.restore) { - hydra_restore_read(); +// hydra_restore_read(); // stuff we have to copy from the non-restore part if (strncmp(hydra_options.service, "http-", 5) == 0) { if (getenv("HYDRA_PROXY_HTTP") && getenv("HYDRA_PROXY")) @@ -3456,7 +3460,7 @@ int main(int argc, char *argv[]) { } free(memcheck); if ((rfp = fopen(RESTOREFILE, "r")) != NULL) { - fprintf(stderr, "[WARNING] Restorefile (%s) from a previous session found, to prevent overwriting, %s\n", ignore_restore == 1 ? "ignored ..." : "you have 10 seconds to abort...", RESTOREFILE); + fprintf(stderr, "[WARNING] Restorefile (%s) from a previous session found, to prevent overwriting, %s\n", ignore_restore == 1 ? "ignored ..." : "you have 10 seconds to abort... (use option -I to skip waiting)", RESTOREFILE); if (ignore_restore != 1) sleep(10); fclose(rfp);