github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-07-06 04:51:40 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

http md5-digest fix

Browse source
This commit is contained in:
van Hauser 2019-03-16 18:20:08 -04:00
parent 1ad374b6a1
commit af808bc4d9
2 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGES
View file

@ -5,6 +5,7 @@ Release 8.9-dev
* your patch? :) * your patch? :)
* Fixed svn module memory leaks * Fixed svn module memory leaks
* Fixed rtsp module potential buffer overflow * Fixed rtsp module potential buffer overflow
* Fixed http module DIGEST-MD5 mode
* Added memcached module * Added memcached module

9
hydra-http.c
View file

@ -13,7 +13,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
char *login, *pass, *buffer, buffer2[500]; char *login, *pass, *buffer, buffer2[500];
char *header; char *header;
char *ptr, *fooptr; char *ptr, *fooptr;
int32_t complete_line = 0; int32_t complete_line = 0, buffer_size;
char tmpreplybuf[1024] = "", *tmpreplybufptr; char tmpreplybuf[1024] = "", *tmpreplybufptr;
if (strlen(login = hydra_get_next_login()) == 0) if (strlen(login = hydra_get_next_login()) == 0)
@ -26,7 +26,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
header = stringify_headers(&ptr_head); header = stringify_headers(&ptr_head);
if(!(buffer = malloc(strlen(header) + 500))) { buffer_size = strlen(header) + 500;
if(!(buffer = malloc(buffer_size))) {
free(header); free(header);
return 3; return 3;
} }
@ -63,8 +64,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
char *pbuffer; char *pbuffer;
pbuffer = hydra_strcasestr(http_buf, "WWW-Authenticate: Digest "); pbuffer = hydra_strcasestr(http_buf, "WWW-Authenticate: Digest ");
strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), sizeof(buffer)); strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), buffer_size - 1);
buffer[sizeof(buffer) - 1] = '\0'; buffer[buffer_size - 1] = '\0';
fooptr = buffer2; fooptr = buffer2;
sasl_digest_md5(fooptr, login, pass, buffer, miscptr, type, webtarget, webport, header); sasl_digest_md5(fooptr, login, pass, buffer, miscptr, type, webtarget, webport, header);