From b34655617fee2b4e043211882bac26a8a4529a16 Mon Sep 17 00:00:00 2001 From: owein Date: Mon, 21 Oct 2019 20:37:25 +0200 Subject: [PATCH] !!! I did not test the escapes in the miscptr !!! --- hydra-http-form.c | 6 +++--- hydra.c | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/hydra-http-form.c b/hydra-http-form.c index 04260a4..e91db03 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1255,8 +1255,8 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { variables = strtok(NULL, ":"); cond = strtok(NULL, ":"); optional1 = strtok(NULL, "\n"); - if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set "" (don't know the difference...) - + if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set to blank + if (strstr(url, "\\:") != NULL) { if ((ptr = malloc(strlen(url))) != NULL) { strcpy(ptr, hydra_strrep(url, "\\:", ":")); @@ -1297,7 +1297,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) { success_cond = 0; } - fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); + //fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond); /* * Parse the user-supplied options. diff --git a/hydra.c b/hydra.c index a7fc7bb..e4fa4e7 100644 --- a/hydra.c +++ b/hydra.c @@ -493,6 +493,7 @@ void help(int32_t ext) { #ifdef HAVE_MATH_H " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -y disable use of symbols in bruteforce, see above\n" + " -r rainy mode for password generation (-x)\n" #endif " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -u loop around users, not passwords (effective! implied with -x)\n");