three fixes

2025-07-05 20:41:39 -07:00 · 2014-05-26 10:46:05 +02:00 · 2014-05-26 10:46:05 +02:00 · b2e43fc82d
commit b2e43fc82d
parent 71b71f34f3
6 changed files with 35 additions and 5 deletions
--- a/6
+++ b/6
@ -1,6 +1,12 @@
 Changelog for hydra
 -------------------

+Release 8.1-pre
+* Added xhydra gtk patch by Peter Kaleychev to support -e r reverse login attempt, thanks!
+* Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting)
+* Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting)
+
+
 Release 8.0
 ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
 * Added module for redis (submitted by Alejandro Ramos, thanks!)
--- a/hydra-cisco.c
+++ b/hydra-cisco.c
@ -24,6 +24,7 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
    return 1;
  }
  sleep(1);
+  buf = NULL;
  do {
    if (buf != NULL)
      free(buf);
@ -51,8 +52,11 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
    if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
      return 1;
    }
+    
+    buf = NULL;
    do {
-      free(buf);
+      if (buf != NULL)
+        free(buf);
      if ((buf = hydra_receive_line(s)) == NULL)
        return 3;
      if (buf[strlen(buf) - 1] == '\n')
@ -78,6 +82,7 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
      if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
        return 1;
      }
+      buf = NULL;
      do {
        if (buf != NULL)
          free(buf);
--- a/hydra-gtk/src/callbacks.c
+++ b/hydra-gtk/src/callbacks.c
@ -150,7 +150,7 @@ int hydra_get_options(char *options[]) {
    }
  }

-  /* empty passes / login as pass? */
+  /* empty passes / login as pass / reversed login? */
  memset(passLoginNull, 0, 4);
  widget = lookup_widget(GTK_WIDGET(wndMain), "chkPassNull");
  if (gtk_toggle_button_get_active((GtkToggleButton *) widget)) {
@ -164,6 +164,17 @@ int hydra_get_options(char *options[]) {
      passLoginNull[1] = 's';
    }
  }
+  /* The "Try reversed login" button was implemented by Petar Kaleychev <petar.kaleychev@gmail.com> */
+  widget = lookup_widget(GTK_WIDGET(wndMain), "chkPassReverse");
+  if (gtk_toggle_button_get_active((GtkToggleButton *) widget)) {
+    if (passLoginNull[0] == 0) {
+      passLoginNull[0] = 'r';
+    } else if (passLoginNull[1] == 0) {
+      passLoginNull[1] = 'r';
+    } else {
+      passLoginNull[2] = 'r';
+    }
+  }
  if (passLoginNull[0] != 0) {
    options[i++] = "-e";
    options[i++] = passLoginNull;
--- a/hydra-gtk/src/interface.c
+++ b/hydra-gtk/src/interface.c
@ -88,6 +88,7 @@ GtkWidget *create_wndMain(void) {
  GtkWidget *table6;
  GtkWidget *chkPassLogin;
  GtkWidget *chkPassNull;
+  GtkWidget *chkPassReverse;
  GtkWidget *label2;
  GtkWidget *table4;
  GtkWidget *frame9;
@ -528,7 +529,7 @@ GtkWidget *create_wndMain(void) {
  gtk_widget_show(label20);
  gtk_frame_set_label_widget(GTK_FRAME(frame8), label20);

-  table6 = gtk_table_new(1, 2, FALSE);
+  table6 = gtk_table_new(1, 3, FALSE);
  gtk_widget_set_name(table6, "table6");
  gtk_widget_show(table6);
  gtk_box_pack_start(GTK_BOX(vbox2), table6, TRUE, TRUE, 0);
@ -545,6 +546,12 @@ GtkWidget *create_wndMain(void) {
  gtk_table_attach(GTK_TABLE(table6), chkPassNull, 1, 2, 0, 1, (GtkAttachOptions) (GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions) (GTK_EXPAND), 0, 0);
  gtk_tooltips_set_tip(tooltips, chkPassNull, "Enable this option to try an empty password, in addition to the password/file", NULL);

+  chkPassReverse = gtk_check_button_new_with_mnemonic ("Try reversed login");
+  gtk_widget_set_name (chkPassReverse, "chkPassReverse");
+  gtk_widget_show (chkPassReverse);
+  gtk_table_attach (GTK_TABLE (table6), chkPassReverse, 2, 3, 0, 1, (GtkAttachOptions) (GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions) (GTK_EXPAND), 0, 0);
+  gtk_tooltips_set_tip (tooltips, chkPassReverse, "Enable this option to try an reverse password, in addition to the password/file", NULL);
+  
  label2 = gtk_label_new("Passwords");
  gtk_widget_set_name(label2, "label2");
  gtk_widget_show(label2);
@ -1049,6 +1056,7 @@ GtkWidget *create_wndMain(void) {
  GLADE_HOOKUP_OBJECT(wndMain, table6, "table6");
  GLADE_HOOKUP_OBJECT(wndMain, chkPassLogin, "chkPassLogin");
  GLADE_HOOKUP_OBJECT(wndMain, chkPassNull, "chkPassNull");
+  GLADE_HOOKUP_OBJECT(wndMain, chkPassReverse, "chkPassReverse");
  GLADE_HOOKUP_OBJECT(wndMain, label2, "label2");
  GLADE_HOOKUP_OBJECT(wndMain, table4, "table4");
  GLADE_HOOKUP_OBJECT(wndMain, frame9, "frame9");
--- a/hydra-http-form.c
+++ b/hydra-http-form.c
@ -460,7 +460,7 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
  }

  //if the last status is still 3xx, set it as a false
-  if (found != -1 && found == success_cond && redirected_flag == 0 && redirected_cpt >= 0) {
+  if (found != -1 && found == success_cond && (redirected_flag == 0 || success_cond == 1) && redirected_cpt >= 0) {
    hydra_report_found_host(port, ip, "www-form", fp);
    hydra_completed_pair_found();
  } else {
--- a/web/index.html
+++ b/web/index.html
@ -163,7 +163,7 @@

 [0x06] Compilation Help

-        Hydry compiles fine on all platforms that have gcc - Linux, all BSD, Mac OS/X, Cygwin on Windows, Solaris, etc.
+        Hydra compiles fine on all platforms that have gcc - Linux, all BSD, Mac OS/X, Cygwin on Windows, Solaris, etc.
        It should even compile on historical SunOS, Ultrix etc. platforms :-)
        
        There are many optional modules for network protocols like SSH, SVN etc. that require libraries.