From b2e43fc82d221916d203871436fd126868abde20 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 26 May 2014 10:46:05 +0200 Subject: [PATCH 01/12] three fixes --- CHANGES | 6 ++++++ hydra-cisco.c | 7 ++++++- hydra-gtk/src/callbacks.c | 13 ++++++++++++- hydra-gtk/src/interface.c | 10 +++++++++- hydra-http-form.c | 2 +- web/index.html | 2 +- 6 files changed, 35 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 0a903f3..6b65adf 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,12 @@ Changelog for hydra ------------------- +Release 8.1-pre +* Added xhydra gtk patch by Peter Kaleychev to support -e r reverse login attempt, thanks! +* Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) +* Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting) + + Release 8.0 ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra * Added module for redis (submitted by Alejandro Ramos, thanks!) diff --git a/hydra-cisco.c b/hydra-cisco.c index 424f0ad..65fd31b 100644 --- a/hydra-cisco.c +++ b/hydra-cisco.c @@ -24,6 +24,7 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr, return 1; } sleep(1); + buf = NULL; do { if (buf != NULL) free(buf); @@ -51,8 +52,11 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr, if (hydra_send(s, buffer, strlen(buffer), 0) < 0) { return 1; } + + buf = NULL; do { - free(buf); + if (buf != NULL) + free(buf); if ((buf = hydra_receive_line(s)) == NULL) return 3; if (buf[strlen(buf) - 1] == '\n') @@ -78,6 +82,7 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr, if (hydra_send(s, buffer, strlen(buffer), 0) < 0) { return 1; } + buf = NULL; do { if (buf != NULL) free(buf); diff --git a/hydra-gtk/src/callbacks.c b/hydra-gtk/src/callbacks.c index bc19a5c..715194a 100755 --- a/hydra-gtk/src/callbacks.c +++ b/hydra-gtk/src/callbacks.c @@ -150,7 +150,7 @@ int hydra_get_options(char *options[]) { } } - /* empty passes / login as pass? */ + /* empty passes / login as pass / reversed login? */ memset(passLoginNull, 0, 4); widget = lookup_widget(GTK_WIDGET(wndMain), "chkPassNull"); if (gtk_toggle_button_get_active((GtkToggleButton *) widget)) { @@ -164,6 +164,17 @@ int hydra_get_options(char *options[]) { passLoginNull[1] = 's'; } } + /* The "Try reversed login" button was implemented by Petar Kaleychev */ + widget = lookup_widget(GTK_WIDGET(wndMain), "chkPassReverse"); + if (gtk_toggle_button_get_active((GtkToggleButton *) widget)) { + if (passLoginNull[0] == 0) { + passLoginNull[0] = 'r'; + } else if (passLoginNull[1] == 0) { + passLoginNull[1] = 'r'; + } else { + passLoginNull[2] = 'r'; + } + } if (passLoginNull[0] != 0) { options[i++] = "-e"; options[i++] = passLoginNull; diff --git a/hydra-gtk/src/interface.c b/hydra-gtk/src/interface.c index 6fdebc5..4ea8213 100755 --- a/hydra-gtk/src/interface.c +++ b/hydra-gtk/src/interface.c @@ -88,6 +88,7 @@ GtkWidget *create_wndMain(void) { GtkWidget *table6; GtkWidget *chkPassLogin; GtkWidget *chkPassNull; + GtkWidget *chkPassReverse; GtkWidget *label2; GtkWidget *table4; GtkWidget *frame9; @@ -528,7 +529,7 @@ GtkWidget *create_wndMain(void) { gtk_widget_show(label20); gtk_frame_set_label_widget(GTK_FRAME(frame8), label20); - table6 = gtk_table_new(1, 2, FALSE); + table6 = gtk_table_new(1, 3, FALSE); gtk_widget_set_name(table6, "table6"); gtk_widget_show(table6); gtk_box_pack_start(GTK_BOX(vbox2), table6, TRUE, TRUE, 0); @@ -545,6 +546,12 @@ GtkWidget *create_wndMain(void) { gtk_table_attach(GTK_TABLE(table6), chkPassNull, 1, 2, 0, 1, (GtkAttachOptions) (GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions) (GTK_EXPAND), 0, 0); gtk_tooltips_set_tip(tooltips, chkPassNull, "Enable this option to try an empty password, in addition to the password/file", NULL); + chkPassReverse = gtk_check_button_new_with_mnemonic ("Try reversed login"); + gtk_widget_set_name (chkPassReverse, "chkPassReverse"); + gtk_widget_show (chkPassReverse); + gtk_table_attach (GTK_TABLE (table6), chkPassReverse, 2, 3, 0, 1, (GtkAttachOptions) (GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions) (GTK_EXPAND), 0, 0); + gtk_tooltips_set_tip (tooltips, chkPassReverse, "Enable this option to try an reverse password, in addition to the password/file", NULL); + label2 = gtk_label_new("Passwords"); gtk_widget_set_name(label2, "label2"); gtk_widget_show(label2); @@ -1049,6 +1056,7 @@ GtkWidget *create_wndMain(void) { GLADE_HOOKUP_OBJECT(wndMain, table6, "table6"); GLADE_HOOKUP_OBJECT(wndMain, chkPassLogin, "chkPassLogin"); GLADE_HOOKUP_OBJECT(wndMain, chkPassNull, "chkPassNull"); + GLADE_HOOKUP_OBJECT(wndMain, chkPassReverse, "chkPassReverse"); GLADE_HOOKUP_OBJECT(wndMain, label2, "label2"); GLADE_HOOKUP_OBJECT(wndMain, table4, "table4"); GLADE_HOOKUP_OBJECT(wndMain, frame9, "frame9"); diff --git a/hydra-http-form.c b/hydra-http-form.c index 69fa064..70ceabe 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -460,7 +460,7 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc } //if the last status is still 3xx, set it as a false - if (found != -1 && found == success_cond && redirected_flag == 0 && redirected_cpt >= 0) { + if (found != -1 && found == success_cond && (redirected_flag == 0 || success_cond == 1) && redirected_cpt >= 0) { hydra_report_found_host(port, ip, "www-form", fp); hydra_completed_pair_found(); } else { diff --git a/web/index.html b/web/index.html index dd32d7e..3057301 100755 --- a/web/index.html +++ b/web/index.html @@ -163,7 +163,7 @@ [0x06] Compilation Help - Hydry compiles fine on all platforms that have gcc - Linux, all BSD, Mac OS/X, Cygwin on Windows, Solaris, etc. + Hydra compiles fine on all platforms that have gcc - Linux, all BSD, Mac OS/X, Cygwin on Windows, Solaris, etc. It should even compile on historical SunOS, Ultrix etc. platforms :-) There are many optional modules for network protocols like SSH, SVN etc. that require libraries. From 08a95ea31339321ce5c50eed69e9e1c8a2e58266 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 26 May 2014 14:57:29 +0200 Subject: [PATCH 02/12] typo --- CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 6b65adf..57152b9 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ Changelog for hydra ------------------- Release 8.1-pre -* Added xhydra gtk patch by Peter Kaleychev to support -e r reverse login attempt, thanks! +* Added xhydra gtk patch by Petar Kaleychev to support -e r reverse login attempt, thanks! * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) * Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting) From 0af3dcd4f4e9e5c29651965335f7dc33a7be7894 Mon Sep 17 00:00:00 2001 From: tux-mind Date: Tue, 27 May 2014 14:22:08 +0200 Subject: [PATCH 03/12] mysql.h location can be both and --- hydra-mysql.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hydra-mysql.c b/hydra-mysql.c index 4a839cc..77b3d61 100644 --- a/hydra-mysql.c +++ b/hydra-mysql.c @@ -22,8 +22,13 @@ void service_mysql(char *ip, int sp, unsigned char options, char *miscptr, FILE #ifndef LIBMYSQLCLIENT #else - +#if defined(HAVE_MYSQL_MYSQL_H) #include +#elif defined(HAVE_MYSQL_H) +#include +#else +#error libmysqlclient found, but no usable headers available +#endif MYSQL *mysql = NULL; #endif From 9f5dfeecaa160110948472364aa569b25bf95ca3 Mon Sep 17 00:00:00 2001 From: tux-mind Date: Tue, 27 May 2014 14:22:44 +0200 Subject: [PATCH 04/12] errno shouldn't be declared by programmers, errno should be declared in , furthermore the bionic libc define it as __errno, which is not an integer as declared in hydra.c, so type mismatch error is fired. --- hydra.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hydra.c b/hydra.c index 9fced14..14eedb3 100644 --- a/hydra.c +++ b/hydra.c @@ -264,7 +264,9 @@ typedef struct { // external vars extern char HYDRA_EXIT[5]; +#if !defined(ANDROID) && !defined(__BIONIC__) extern int errno; +#endif extern int debug; extern int verbose; extern int waittime; From 612d0f457bdbfb2f5caae626ad0654c4439bb070 Mon Sep 17 00:00:00 2001 From: tux-mind Date: Tue, 27 May 2014 14:26:07 +0200 Subject: [PATCH 05/12] added Android.mk makefile --- Android.mk | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 Android.mk diff --git a/Android.mk b/Android.mk new file mode 100644 index 0000000..588a94b --- /dev/null +++ b/Android.mk @@ -0,0 +1,104 @@ +LOCAL_PATH:= $(call my-dir) +include $(CLEAR_VARS) + +LOCAL_CFLAGS:= -O3 -DLIBOPENSSL -DLIBFIREBIRD -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE \ + -DLIBMYSQLCLIENT -DLIBNCP -DLIBPOSTGRES -DLIBSVN -DLIBSSH -DNO_RINDEX \ + -DHAVE_MATH_H -DHAVE_MYSQL_H -DOPENSSL_NO_DEPRECATED -fdata-sections \ + -ffunction-sections + +LOCAL_LDFLAGS:=-Wl,--gc-sections + +LOCAL_C_INCLUDES:= \ + $(LOCAL_PATH)\ + external/openssl/include\ + external/libssh/include\ + external/libidn/lib\ + external/libmysqlclient/include\ + external/subversion/subversion/include\ + external/apr/include\ + external/firebird/include\ + external/libncp/include\ + external/libpcre + +LOCAL_SRC_FILES:= \ + bfg.c\ + crc32.c\ + d3des.c\ + hmacmd5.c\ + hydra-afp.c\ + hydra-asterisk.c\ + hydra.c\ + hydra-cisco.c\ + hydra-cisco-enable.c\ + hydra-cvs.c\ + hydra-firebird.c\ + hydra-ftp.c\ + hydra-http.c\ + hydra-http-form.c\ + hydra-http-proxy.c\ + hydra-http-proxy-urlenum.c\ + hydra-icq.c\ + hydra-imap.c\ + hydra-irc.c\ + hydra-ldap.c\ + hydra-mod.c\ + hydra-mssql.c\ + hydra-mysql.c\ + hydra-ncp.c\ + hydra-nntp.c\ + hydra-oracle.c\ + hydra-oracle-listener.c\ + hydra-oracle-sid.c\ + hydra-pcanywhere.c\ + hydra-pcnfs.c\ + hydra-pop3.c\ + hydra-postgres.c\ + hydra-rdp.c\ + hydra-redis.c\ + hydra-rexec.c\ + hydra-rlogin.c\ + hydra-rsh.c\ + hydra-s7-300.c\ + hydra-sapr3.c\ + hydra-sip.c\ + hydra-smb.c\ + hydra-smtp.c\ + hydra-smtp-enum.c\ + hydra-snmp.c\ + hydra-socks5.c\ + hydra-ssh.c\ + hydra-sshkey.c\ + hydra-svn.c\ + hydra-teamspeak.c\ + hydra-telnet.c\ + hydra-vmauthd.c\ + hydra-vnc.c\ + hydra-xmpp.c\ + ntlm.c\ + sasl.c + +LOCAL_STATIC_LIBRARIES := \ + libfbclient \ + libidn \ + libmysqlclient \ + libncp \ + libpcre \ + libpcrecpp \ + libpcreposix \ + libpq \ + libssh \ + libsvn_client-1 \ + libapr-1 \ + libaprutil-1 \ + libiconv\ + libneon + +LOCAL_SHARED_LIBRARIES := \ + libcrypto\ + libssl\ + libsqlite\ + libexpat + +LOCAL_MODULE:= hydra + +include $(BUILD_EXECUTABLE) From 99d32d9284fd5faf68b15499c4a97d55d66736fb Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 29 May 2014 12:04:46 +0200 Subject: [PATCH 06/12] Anroid_mySQL --- CHANGES | 1 + configure | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/CHANGES b/CHANGES index 57152b9..e9cfe5e 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,7 @@ Changelog for hydra ------------------- Release 8.1-pre +* Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks! * Added xhydra gtk patch by Petar Kaleychev to support -e r reverse login attempt, thanks! * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) * Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting) diff --git a/configure b/configure index 9ba9ebb..82fd22d 100755 --- a/configure +++ b/configure @@ -451,10 +451,15 @@ for i in $LIBDIRS ; do fi fi done +MYSQLINSUBDIR="" for i in $INCDIRS ; do if [ "X" != "X$MYSQL_PATH" ]; then if [ -f "$i/mysql/mysql.h" ]; then MYSQL_IPATH="$i/mysql" + MYSQLINSUBDIR="mysql/" + fi + if [ -f "$i/mysql.h" ]; then + MYSQL_IPATH="$i" fi fi done @@ -931,6 +936,11 @@ if [ -n "$SVN_IPATH" ]; then fi if [ -n "$MYSQL_IPATH" ]; then XIPATHS="$XIPATHS -I$MYSQL_IPATH" + if [ -n "$MYSQLINSUBDIR" ]; then + XDEFINES="$XDEFINES -DHAVE_MYSQL_MYSQL_H" + else + XDEFINES="$XDEFINES -DHAVE_MYSQL_H" + fi fi if [ -n "$AFP_IPATH" ]; then XIPATHS="$XIPATHS -I$AFP_IPATH" From dbc9d20fcf5c360303898eec1832b97dd8ec3c2f Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 30 May 2014 10:42:44 +0200 Subject: [PATCH 07/12] closed before merging, sorry, silly me. fix for Android --- Android.mk | 4 ++-- hydra-mod.c | 2 ++ rdp.h | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/Android.mk b/Android.mk index 588a94b..628d9fd 100644 --- a/Android.mk +++ b/Android.mk @@ -3,8 +3,8 @@ include $(CLEAR_VARS) LOCAL_CFLAGS:= -O3 -DLIBOPENSSL -DLIBFIREBIRD -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE \ -DLIBMYSQLCLIENT -DLIBNCP -DLIBPOSTGRES -DLIBSVN -DLIBSSH -DNO_RINDEX \ - -DHAVE_MATH_H -DHAVE_MYSQL_H -DOPENSSL_NO_DEPRECATED -fdata-sections \ - -ffunction-sections + -DHAVE_MATH_H -DHAVE_MYSQL_H -DOPENSSL_NO_DEPRECATED -DNO_RSA_LEGACY \ + -fdata-sections -ffunction-sections LOCAL_LDFLAGS:=-Wl,--gc-sections diff --git a/hydra-mod.c b/hydra-mod.c index a9cefab..526a25c 100644 --- a/hydra-mod.c +++ b/hydra-mod.c @@ -3,6 +3,8 @@ #ifdef LIBOPENSSL #include #include +#include +#include #endif #ifdef HAVE_PCRE #include diff --git a/rdp.h b/rdp.h index c4188df..66af31a 100644 --- a/rdp.h +++ b/rdp.h @@ -551,6 +551,7 @@ enum RDP_UPDATE_PDU_TYPE #include #include #include +#include #if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800f) #define D2I_X509_CONST const From 6f0c841485ed9e1f4fe0343169242596226a75f2 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 3 Jun 2014 13:37:23 +0200 Subject: [PATCH 08/12] better error msgs --- hydra.c | 50 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/hydra.c b/hydra.c index 14eedb3..8a9a855 100644 --- a/hydra.c +++ b/hydra.c @@ -2922,7 +2922,7 @@ int main(int argc, char *argv[]) { fprintf(stderr, "[WARNING] you specified port 443 for attacking a http service, however did not specify the -S ssl switch nor used https-..., therefore using plain HTTP\n"); if (hydra_options.loop_mode && hydra_options.colonfile != NULL) - bail("The loop mode option (-u) works with all modes - except colon files (-C)\n"); + bail("The loop mode option (-u) works with all modes - except colon files (-C)\n"); if (strncmp(hydra_options.service, "http-", strlen("http-")) != 0 && strcmp(hydra_options.service, "http-head") != 0 && getenv("HYDRA_PROXY_HTTP") != NULL) fprintf(stderr, "[WARNING] the HYDRA_PROXY_HTTP environment variable works only with the http-head/http-get module, ignored...\n"); if (i == 2) { @@ -2980,12 +2980,16 @@ int main(int argc, char *argv[]) { if (hydra_options.colonfile == NULL) { if (hydra_options.loginfile != NULL) { - if ((lfp = fopen(hydra_options.loginfile, "r")) == NULL) - bail("File for logins not found!"); + if ((lfp = fopen(hydra_options.loginfile, "r")) == NULL) { + fprintf(stderr, "[ERROR] File for logins not found: %s", hydra_options.loginfile); + exit(-1); + } hydra_brains.countlogin = countlines(lfp, 0); hydra_brains.sizelogin = size_of_data; - if (hydra_brains.countlogin == 0) - bail("File for logins is empty!"); + if (hydra_brains.countlogin == 0) { + fprintf(stderr, "[ERROR] File for logins is empty: %s", hydra_options.loginfile); + exit(-1); + } if (hydra_brains.countlogin > MAX_LINES) { fprintf(stderr, "[ERROR] Maximum number of logins is %d, this file has %lu entries.\n", MAX_LINES, hydra_brains.countlogin); exit(-1); @@ -3005,12 +3009,16 @@ int main(int argc, char *argv[]) { hydra_brains.countlogin = 1; } if (hydra_options.passfile != NULL) { - if ((pfp = fopen(hydra_options.passfile, "r")) == NULL) - bail("File for passwords not found!"); + if ((pfp = fopen(hydra_options.passfile, "r")) == NULL) { + fprintf(stderr, "[ERROR] File for passwords not found: %s", hydra_options.passfile); + exit(-1); + } hydra_brains.countpass = countlines(pfp, 0); hydra_brains.sizepass = size_of_data; - if (hydra_brains.countpass == 0) - bail("File for passwords is empty!"); + if (hydra_brains.countpass == 0) { + fprintf(stderr, "[ERROR] File for passwords is empty: %s", hydra_options.passfile); + exit(-1); + } if (hydra_brains.countpass > MAX_LINES) { fprintf(stderr, "[ERROR] Maximum number of passwords is %d, this file has %lu entries.\n", MAX_LINES, hydra_brains.countpass); exit(-1); @@ -3048,12 +3056,16 @@ int main(int argc, char *argv[]) { } } } else { - if ((cfp = fopen(hydra_options.colonfile, "r")) == NULL) - bail("File with login:password information not found!"); + if ((cfp = fopen(hydra_options.colonfile, "r")) == NULL) { + fprintf(stderr, "[ERROR] File for colon files (login:pass) not found: %s", hydra_options.colonfile); + exit(-1); + } hydra_brains.countlogin = countlines(cfp, 1); hydra_brains.sizelogin = size_of_data; - if (hydra_brains.countlogin == 0) - bail("File for login:password information is empty!"); + if (hydra_brains.countlogin == 0) { + fprintf(stderr, "[ERROR] File for colon files (login:pass) is empty: %s", hydra_options.colonfile); + exit(-1); + } if (hydra_brains.countlogin > MAX_LINES / 2) { fprintf(stderr, "[ERROR] Maximum number of colon file entries is %d, this file has %lu entries.\n", MAX_LINES / 2, hydra_brains.countlogin); exit(-1); @@ -3089,11 +3101,15 @@ int main(int argc, char *argv[]) { } if (hydra_options.infile_ptr != NULL) { - if ((ifp = fopen(hydra_options.infile_ptr, "r")) == NULL) - bail("File for IP addresses not found!"); + if ((ifp = fopen(hydra_options.infile_ptr, "r")) == NULL) { + fprintf(stderr, "[ERROR] File for targets not found: %s", hydra_options.infile_ptr); + exit(-1); + } hydra_brains.targets = countservers = countinfile = countlines(ifp, 0); - if (countinfile == 0) - bail("File for IP addresses is empty!"); + if (countinfile == 0) { + fprintf(stderr, "[ERROR] File for targets is empty: %s", hydra_options.infile_ptr); + exit(-1); + } hydra_targets = malloc(sizeof(hydra_targets) * (countservers + 2) + 8); if (hydra_targets == NULL) bail("Could not allocate enough memory for target data"); From 043c8d2aaae5a97f3b7b05664cf3eb3251f198a2 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 11 Jun 2014 12:32:18 +0200 Subject: [PATCH 09/12] fix for cisco-enable --- CHANGES | 1 + hydra.c | 6 ++++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index e9cfe5e..4a5d8d6 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,7 @@ Changelog for hydra ------------------- Release 8.1-pre +* Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting) * Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks! * Added xhydra gtk patch by Petar Kaleychev to support -e r reverse login attempt, thanks! * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) diff --git a/hydra.c b/hydra.c index 8a9a855..a6b120f 100644 --- a/hydra.c +++ b/hydra.c @@ -2758,8 +2758,10 @@ int main(int argc, char *argv[]) { } if (strcmp(hydra_options.service, "cisco-enable") == 0) { i = 2; - if (hydra_options.login == NULL) - hydra_options.login = empty_login; + if (hydra_options.login == NULL) { + //hydra_options.login = empty_login; + i = 1; // login will be the initial Username: login, or line Password: + } if (hydra_options.miscptr == NULL) { fprintf(stderr, "[WARNING] You did not supply the initial support to the Cisco via -l, assuming direct console access\n"); } From 92f8491e21e43aceb14016da30cc4ca19a1e1634 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 11 Jun 2014 12:38:07 +0200 Subject: [PATCH 10/12] fix for cisco-enable --- hydra.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hydra.c b/hydra.c index a6b120f..e27b760 100644 --- a/hydra.c +++ b/hydra.c @@ -503,7 +503,7 @@ void module_usage() { "Examples:\n" " hydra -P pass.txt target cisco-enable (direct console access)\n" " hydra -P pass.txt -m cisco target cisco-enable (Logon password cisco)\n" - " hydra -l foo -m bar -P pass.txt -m cisco target cisco-enable (AAA Login foo, password bar)\n"); + " hydra -l foo -m bar -P pass.txt target cisco-enable (AAA Login foo, password bar)\n"); find = 1; } if (!find && (strcmp(hydra_options.service, "cisco") == 0)) { From 499c57f877e1cc696c406c8c17919792adc368fa Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 10 Jul 2014 09:29:18 +0200 Subject: [PATCH 11/12] configure enhancements --- configure | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/configure b/configure index 82fd22d..4bb8f6f 100755 --- a/configure +++ b/configure @@ -3,17 +3,7 @@ # uname -s = Linux | OpenBSD | FreeBSD # uname -m = i636 or x86_64 -if [ "$1" = "-h" ]; then - echo Options: - echo " --prefix=path path to install hydra and its datafiles to" - echo " --with-oracle=prefix prefix for oracle include dir" - echo " --with-oracle-lib=prefix prefix for oracle lib dir" - echo " --disable-xhydra disable compilation of hydra GUI" - echo " --nostrip do not per default strip binaries before install" - echo " --help this here" - exit 0 -fi -if [ "$1" = "--help" ]; then +if [ "$1" = "-h" -o "$1" = "--help" ]; then echo Options: echo " --prefix=path path to install hydra and its datafiles to" echo " --with-oracle=prefix prefix for oracle include dir" @@ -30,7 +20,7 @@ rm -f Makefile.in SYSS=`uname -s 2> /dev/null` SYSO=`uname -o 2> /dev/null` SIXFOUR="" -if [ "$SYSS" = "Linux" -o "$SYSS" = "OpenBSD" -o "$SYSS" = "FreeBSD" -o "$SYSS" = "NetBSD" ]; then +if [ "$SYSS" = "Linux" -o "$SYSS" = "OpenBSD" -o "$SYSS" = "FreeBSD" -o "$SYSS" = "NetBSD" -o "$SYSS" = "Darwin" ]; then SF=`uname -m | grep 64` if [ `uname -m` = "s390x" ]; then SF=64 From 6d326078f1dfcac3c978806d662d3664852a0461 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Wed, 6 Aug 2014 12:37:16 +0200 Subject: [PATCH 12/12] configure_and_rdp_fixes --- CHANGES | 2 ++ configure | 6 ++++++ hydra-rdp.c | 3 +++ 3 files changed, 11 insertions(+) diff --git a/CHANGES b/CHANGES index 4a5d8d6..45c2b43 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,8 @@ Release 8.1-pre * Added xhydra gtk patch by Petar Kaleychev to support -e r reverse login attempt, thanks! * Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) * Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting) +* Updated configure to detect subversion packages on current Cygwin +* Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com) Release 8.0 diff --git a/configure b/configure index 4bb8f6f..85eea5b 100755 --- a/configure +++ b/configure @@ -313,6 +313,12 @@ for i in $LIBDIRS ; do APR_PATH="$i" fi fi + if [ "X" = "X$SVN_PATH" ]; then + if [ -f "$i/libsvn_client-1.dll.a" ]&&[ -f "$i/libapr-1.dll.a" ]&&[ -f "$i/libaprutil-1.dll.a" ]; then + SVN_PATH="$i" + APR_PATH="$i" + fi + fi if [ "X" = "X$SVN_PATH" ]; then if [ -f "$i/libsvn_client-1.dylib" ]&&[ -f "$i/libapr-1.dylib" ]&&[ -f "$i/libaprutil-1.dylib" ]; then SVN_PATH="$i" diff --git a/hydra-rdp.c b/hydra-rdp.c index f01ee96..9b747bd 100644 --- a/hydra-rdp.c +++ b/hydra-rdp.c @@ -2453,6 +2453,9 @@ void service_rdp(char *ip, int sp, unsigned char options, char *miscptr, FILE * int run = 1, next_run = 1; int myport = PORT_RDP; + if (port != 0) + myport = port; + hydra_register_socket(sp); if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) return;