github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-08-14 02:27:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

www-form: normalise webtarget

Browse source
This commit is contained in:
Karim Kanso 2020-11-11 15:55:23 +00:00
commit 981e19852b
1 changed files with 33 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

73
hydra-http-form.c
View file

@ -78,7 +78,7 @@ int32_t auth_flag = 0;
char cookie[4096] = "", cmiscptr[1024]; char cookie[4096] = "", cmiscptr[1024];
int32_t webport, freemischttpform = 0; int32_t webport;
char bufferurl[6096 + 24], cookieurl[6096 + 24] = "", userheader[6096 + 24] = "", *url, *variables, *optional1; char bufferurl[6096 + 24], cookieurl[6096 + 24] = "", userheader[6096 + 24] = "", *url, *variables, *optional1;
#define MAX_REDIRECT 8 #define MAX_REDIRECT 8
@ -1133,9 +1133,6 @@ void service_http_form(char *ip, int32_t sp, unsigned char options, char *miscpt
while (1) { while (1) {
if (run == 2) { if (run == 2) {
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) { if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {
if (freemischttpform)
free(miscptr);
freemischttpform = 0;
hydra_child_exit(1); hydra_child_exit(1);
} }
} }
@ -1157,9 +1154,6 @@ void service_http_form(char *ip, int32_t sp, unsigned char options, char *miscpt
} }
if (sock < 0) { if (sock < 0) {
hydra_report(stderr, "[ERROR] Child with pid %d terminating, cannot connect\n", (int32_t)getpid()); hydra_report(stderr, "[ERROR] Child with pid %d terminating, cannot connect\n", (int32_t)getpid());
if (freemischttpform)
free(miscptr);
freemischttpform = 0;
hydra_child_exit(1); hydra_child_exit(1);
} }
next_run = 2; next_run = 2;
@ -1171,30 +1165,19 @@ void service_http_form(char *ip, int32_t sp, unsigned char options, char *miscpt
case 3: /* clean exit */ case 3: /* clean exit */
if (sock >= 0) if (sock >= 0)
sock = hydra_disconnect(sock); sock = hydra_disconnect(sock);
if (freemischttpform)
free(miscptr);
freemischttpform = 0;
hydra_child_exit(0); hydra_child_exit(0);
break; break;
case 4: /* silent error exit */ case 4: /* silent error exit */
if (sock >= 0) if (sock >= 0)
sock = hydra_disconnect(sock); sock = hydra_disconnect(sock);
if (freemischttpform)
free(miscptr);
freemischttpform = 0;
hydra_child_exit(1); hydra_child_exit(1);
break; break;
default: default:
if (freemischttpform)
free(miscptr);
freemischttpform = 0;
hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n"); hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
hydra_child_exit(0); hydra_child_exit(0);
} }
run = next_run; run = next_run;
} }
if (freemischttpform)
free(miscptr);
} }
void service_http_get_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { void service_http_get_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {
@ -1240,35 +1223,21 @@ int32_t service_http_form_init(char *ip, int32_t sp, unsigned char options, char
ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
ptr_header_node ptr_head = NULL; ptr_header_node ptr_head = NULL;
char *ptr, *ptr2, *proxy_string; char *ptr, *ptr2, *proxy_string;
#ifdef AF_INET6
unsigned char addr6 [sizeof(struct in6_addr)];
#endif
if (use_proxy > 0 && proxy_count > 0) if (use_proxy > 0 && proxy_count > 0)
selected_proxy = random() % proxy_count; selected_proxy = random() % proxy_count;
if (webtarget != NULL && (webtarget = strstr(miscptr, "://")) != NULL) { if (webtarget) {
webtarget += strlen("://"); free(webtarget);
if ((ptr2 = index(webtarget, ':')) != NULL) { /* step over port if present */ webtarget = NULL;
*ptr2 = 0;
ptr2++;
ptr = ptr2;
if (*ptr == '/' || (ptr = index(ptr2, '/')) != NULL)
miscptr = ptr;
else
miscptr = slash; /* to make things easier to user */
} else if ((ptr2 = index(webtarget, '/')) != NULL) {
if (freemischttpform == 0) {
if ((miscptr = malloc(strlen(ptr2) + 1)) != NULL) {
freemischttpform = 1;
strcpy(miscptr, ptr2);
*ptr2 = 0;
}
}
} else
webtarget = NULL;
} }
if (cmdlinetarget != NULL && webtarget == NULL) if (cmdlinetarget != NULL)
webtarget = cmdlinetarget; webtarget = cmdlinetarget;
else if (webtarget == NULL && cmdlinetarget == NULL) else
webtarget = hydra_address2string(ip); webtarget = hydra_address2string(ip);
if (port != 0) if (port != 0)
webport = port; webport = port;
@ -1277,6 +1246,29 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
else else
webport = PORT_HTTP_SSL; webport = PORT_HTTP_SSL;
/* normalise the webtarget for ipv6/port number */
ptr = malloc(strlen(webtarget) + 1 /* null */ + 6 /* :65535 */
#ifdef AF_INET6
+ 2 /* [] */
#endif
);
#ifdef AF_INET6
/* let libc decide if target is an ipv6 address */
if (inet_pton(AF_INET6, webtarget, addr6)) {
ptr2 = ptr + sprintf(ptr, "[%s]", webtarget);
} else {
#endif
ptr2 = ptr + sprintf(ptr, "%s", webtarget);
#ifdef AF_INET6
}
#endif
if (options & OPTION_SSL && webport != PORT_HTTP_SSL ||
!(options & OPTION_SSL) && webport != PORT_HTTP) {
sprintf(ptr2, ":%d", webport);
}
webtarget = ptr;
ptr = ptr2 = NULL;
sprintf(bufferurl, "%.6096s", miscptr); sprintf(bufferurl, "%.6096s", miscptr);
url = bufferurl; url = bufferurl;
ptr = url; ptr = url;
@ -1411,6 +1403,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
normal_request = stringify_headers(&ptr_head); normal_request = stringify_headers(&ptr_head);
} }
} }
return ptr_head; return ptr_head;
} }