github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-07-05 20:41:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

rolled back the http-form parameters parsing.

Browse source 
help for bfg's rain is in bfg's help now
This commit is contained in:
owein 2019-11-19 16:49:54 +01:00
parent b34655617f
commit ccd3a99765
2 changed files with 19 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

23
hydra-http-form.c
View file

@ -1250,12 +1250,23 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
webport = PORT_HTTP_SSL; webport = PORT_HTTP_SSL;
sprintf(bufferurl, "%.6096s", miscptr); sprintf(bufferurl, "%.6096s", miscptr);
ptr = bufferurl; url = bufferurl;
url = strtok(ptr, ":"); ptr = url;
variables = strtok(NULL, ":"); while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\'))
cond = strtok(NULL, ":"); ptr++;
optional1 = strtok(NULL, "\n"); if (*ptr != 0)
if(optional1 == NULL) optional1 = "";//will crash if NULL or 0, so set to blank *ptr++ = 0;
variables = ptr;
while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\'))
ptr++;
if (*ptr != 0)
*ptr++ = 0;
cond = ptr;
while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\'))
ptr++;
if (*ptr != 0)
*ptr++ = 0;
optional1 = ptr;
if (strstr(url, "\\:") != NULL) { if (strstr(url, "\\:") != NULL) {
if ((ptr = malloc(strlen(url))) != NULL) { if ((ptr = malloc(strlen(url))) != NULL) {

5
hydra.c
View file

@ -493,7 +493,6 @@ void help(int32_t ext) {
#ifdef HAVE_MATH_H #ifdef HAVE_MATH_H
" -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n" " -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\n"
" -y disable use of symbols in bruteforce, see above\n" " -y disable use of symbols in bruteforce, see above\n"
" -r rainy mode for password generation (-x)\n"
#endif #endif
" -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n" " -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\n"
" -u loop around users, not passwords (effective! implied with -x)\n"); " -u loop around users, not passwords (effective! implied with -x)\n");
@ -555,8 +554,8 @@ void help_bfg() {
" valid CHARSET values are: 'a' for lowercase letters,\n" " valid CHARSET values are: 'a' for lowercase letters,\n"
" 'A' for uppercase letters, '1' for numbers, and for all others,\n" " 'A' for uppercase letters, '1' for numbers, and for all others,\n"
" just add their real representation.\n" " just add their real representation.\n"
" -y disable the use of the above letters as placeholders\n\n" " -y disable the use of the above letters as placeholders\n"
" -r use 'rain' to explode the linearity of the generation. " -r use a formula to explode the linearity of the generation, without loss.\n\n"
"Examples:\n" "Examples:\n"
" -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters\n" " -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters\n"
" -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n" " -x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n"