diff --git a/hydra.c b/hydra.c index 29c3ba6..35f82b4 100644 --- a/hydra.c +++ b/hydra.c @@ -563,17 +563,21 @@ void module_usage() { " failed string looks like and put it in this parameter!\n" "The following parameters are optional:\n" " C=/page/uri to define a different page to gather initial cookies from\n" - " (h|H)=My-Hdr: foo to send a user defined HTTP header with each request\n" + " (h|H)=My-Hdr\\: foo to send a user defined HTTP header with each request\n" " ^USER^ and ^PASS^ can also be put into these headers!\n" " Note: 'h' will add the user-defined header at the end\n" " regardless it's already being sent by Hydra or not.\n" " 'H' will replace the value of that header if it exists, by the\n" " one supplied by the user, or add the header at the end\n" + "Note that if you are going to put colons (:) in your headers you should escape them with a backslash (\).\n" + " All colons that are not option separators should be escaped (see the examples above and below).\n" + " You can specify a header without escaping the colons, but that way you will not be able to put colons\n" + " in the header value itself, as they will be interpreted by hydra as option separators.\n" "\nExamples:\n" " \"/login.php:user=^USER^&pass=^PASS^:incorrect\"\n" " \"/login.php:user=^USER^&pass=^PASS^&colon=colon\\:escape:S=authlog=.*success\"\n" " \"/login.php:user=^USER^&pass=^PASS^&mid=123:authlog=.*failed\"\n" - " \"/:user=^USER&pass=^PASS^:failed:H=Authorization: Basic dT1w:H=Cookie: sessid=aaaa:h=X-User: ^USER^\"\n" + " \"/:user=^USER&pass=^PASS^:failed:H=Authorization\\: Basic dT1w:H=Cookie\\: sessid=aaaa:h=X-User\\: ^USER^\"\n" " \"/exchweb/bin/auth/owaauth.dll:destination=http%%3A%%2F%%2F%%2Fexchange&flags=0&username=%%5C^USER^&password=^PASS^&SubmitCreds=x&trusted=0:reason=:C=/exchweb\"\n", hydra_options.service); find = 1;