diff --git a/.vscode/tasks.json b/.vscode/tasks.json deleted file mode 100644 index 08d9005..0000000 --- a/.vscode/tasks.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "tasks": [ - { - "type": "cppbuild", - "label": "C/C++: gcc build active file", - "command": "/usr/bin/gcc", - "args": [ - "-fdiagnostics-color=always", - "-g", - "${file}", - "-o", - "${fileDirname}/${fileBasenameNoExtension}" - ], - "options": { - "cwd": "${fileDirname}" - }, - "problemMatcher": [ - "$gcc" - ], - "group": { - "kind": "build", - "isDefault": true - }, - "detail": "Task generated by Debugger." - } - ], - "version": "2.0.0" -} \ No newline at end of file diff --git a/Test b/Test deleted file mode 100755 index df20b3b..0000000 Binary files a/Test and /dev/null differ diff --git a/Test.c b/Test.c deleted file mode 100644 index 319fbd7..0000000 --- a/Test.c +++ /dev/null @@ -1,122 +0,0 @@ -#include -#include -#include - -// On définit ici la variable globale "variables" qui sera utilisée par build_multipart_body. -// On suppose qu'elle contient des paires clé=valeur séparées par '&'. -// Pour ce test, on utilise par exemple : -char *variables = "username=testuser&password=testpass"; - -// La fonction build_multipart_body construit le corps d'une requête multipart/form-data -// à partir de la chaîne globale "variables" et du boundary fourni. -char *build_multipart_body(char *multipart_boundary) { - if (!variables) - return NULL; // Pas de paramètres à traiter - - char *body = NULL; // Chaîne résultat - size_t body_size = 0; // Taille actuelle du corps - - // Dupliquer la chaîne "variables" afin de pouvoir la tokeniser (strtok modifie la chaîne) - char *vars_dup = strdup(variables); - if (!vars_dup) - return NULL; - - // Tokeniser la chaîne sur le caractère '&' - char *pair = strtok(vars_dup, "&"); - while (pair != NULL) { - // Pour chaque paire, rechercher le séparateur '=' - char *equal_sign = strchr(pair, '='); - if (!equal_sign) { - pair = strtok(NULL, "&"); - continue; - } - *equal_sign = '\0'; // Terminer la clé - char *key = pair; - char *value = equal_sign + 1; - - // Construire la section multipart pour ce champ. - // Format attendu : - // --\r\n - // Content-Disposition: form-data; name=""\r\n - // \r\n - // \r\n - int section_len = snprintf(NULL, 0, - "--%s\r\n" - "Content-Disposition: form-data; name=\"%s\"\r\n" - "\r\n" - "%s\r\n", - multipart_boundary, key, value); - - char *section = malloc(section_len + 1); - if (!section) { - free(body); - free(vars_dup); - return NULL; - } - snprintf(section, section_len + 1, - "--%s\r\n" - "Content-Disposition: form-data; name=\"%s\"\r\n" - "\r\n" - "%s\r\n", - multipart_boundary, key, value); - - // Réallouer le buffer "body" pour y ajouter cette section - size_t new_body_size = body_size + section_len; - char *new_body = realloc(body, new_body_size + 1); // +1 pour le '\0' - if (!new_body) { - free(section); - free(body); - free(vars_dup); - return NULL; - } - body = new_body; - if (body_size == 0) - strcpy(body, section); - else - strcat(body, section); - body_size = new_body_size; - free(section); - - // Passage à la paire suivante - pair = strtok(NULL, "&"); - } - free(vars_dup); - - // Ajouter la fermeture du multipart : - // ----\r\n - int closing_len = snprintf(NULL, 0, "--%s--\r\n", multipart_boundary); - char *closing = malloc(closing_len + 1); - if (!closing) { - free(body); - return NULL; - } - snprintf(closing, closing_len + 1, "--%s--\r\n", multipart_boundary); - - size_t final_size = body_size + closing_len; - char *final_body = realloc(body, final_size + 1); - if (!final_body) { - free(closing); - free(body); - return NULL; - } - body = final_body; - strcat(body, closing); - free(closing); - - return body; -} - -int main(void) { - // Définir un boundary pour le test - char boundary[] = "----THC-HydraBoundaryz2Z2z"; - // Appeler la fonction build_multipart_body - char *multipart_body = build_multipart_body(boundary); - if (multipart_body == NULL) { - fprintf(stderr, "Error building multipart body.\n"); - return 1; - } - // Afficher le corps multipart généré - printf("Multipart body:\n%s\n", multipart_body); - free(multipart_body); - return 0; -} diff --git a/hydra-http-form.c b/hydra-http-form.c index 1dd9521..0b42268 100644 --- a/hydra-http-form.c +++ b/hydra-http-form.c @@ -1602,6 +1602,7 @@ void usage_http_form(const char *service) { "and the condition string; seperate them too with colons:\n" " 1= 401 error response is interpreted as user/pass wrong\n" " 2= 302 page forward return codes identify a successful attempt\n" + " M= attack forms that use multipart format\n" " (c|C)=/page/uri to define a different page to gather initial " "cookies from\n" " (g|G)= skip pre-requests - only use this when no pre-cookies are required\n" diff --git a/peda-session-61558.txt b/peda-session-61558.txt deleted file mode 100644 index e50613c..0000000 --- a/peda-session-61558.txt +++ /dev/null @@ -1,3 +0,0 @@ -break main - -set exec-wrapper logging enabled diff --git a/peda-session-61747.txt b/peda-session-61747.txt deleted file mode 100644 index e50613c..0000000 --- a/peda-session-61747.txt +++ /dev/null @@ -1,3 +0,0 @@ -break main - -set exec-wrapper logging enabled diff --git a/peda-session-62215.txt b/peda-session-62215.txt deleted file mode 100644 index e50613c..0000000 --- a/peda-session-62215.txt +++ /dev/null @@ -1,3 +0,0 @@ -break main - -set exec-wrapper logging enabled diff --git a/peda-session-62317.txt b/peda-session-62317.txt deleted file mode 100644 index e50613c..0000000 --- a/peda-session-62317.txt +++ /dev/null @@ -1,3 +0,0 @@ -break main - -set exec-wrapper logging enabled diff --git a/peda-session-unknown.txt b/peda-session-unknown.txt deleted file mode 100644 index ddb86e5..0000000 --- a/peda-session-unknown.txt +++ /dev/null @@ -1,8 +0,0 @@ - -set exec-wrapper logging enabled - -set exec-wrapper logging enabled - -set exec-wrapper logging enabled - -set exec-wrapper logging enabled