diff --git a/web/CHANGES b/web/CHANGES deleted file mode 100644 index 32d5458..0000000 --- a/web/CHANGES +++ /dev/null @@ -1,818 +0,0 @@ -Changelog for hydra -------------------- - -Release 8.9.1 -* Clarification for rdp error message -* CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed - - -Release 8.8 -* New web page: https://github.com/vanhauser-thc/thc-hydra -* added PROBLEMS file with known issues -* rdp: disabled the module as it does not support the current protocol. If you want to add it contact me -* ldap: fixed a dumb strlen on a potential null pointer -* http-get/http-post: - - now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch) - - 403/404 errors are now always registered as failed attempts -* mysql module: a non-default port was not working, fixed -* added -w timeout support to ssh module -* fixed various memory leaks in http-form module -* corrected hydra return code to be 0 on success -* added patch from debian maintainers which fixes spellings -* fixed weird crash on x64 systems -* many warning fixes by crondaemon - - -Release 8.6 -* added radmin2 module by catatonic prime - great work! -* smb module now checks if SMBv1 is supported by the server and if signing is required -* http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch) -* Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting) -* Added new command line option: - -c TIME: seconds between login attempts (over all threads, so -t 1 is recommended) -* Options put after -R (for loading a restore file) are now honored (and were disallowed before) -* merged several patches by Diadlo@github to make the code easier readable. thanks for that! -* merged a patch by Diadlo@github that moves the help output to the invididual module - - -Release 8.5 -* New command line option: - -b : format option for -o output file (json only so far, happy for patches supporting others :) ) - thanks to veggiespam for the patch -* ./configure now honors the CC enviroment variable if present -* Fix for the restore file crash on some x64 platforms (finally! thanks to lukas227!) -* Changed the format of the restore file to detect cross platform copies -* Fixed a bug in the NCP module -* Favor strrchr() over rindex() -* Added refactoring patch by diadlo -* Updated man page with missing command line options - - -Release 8.4 -! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix -* Proxy support re-implemented: - - HYDRA_PROXY[_HTTP] environment can be a text file with up to 64 entries - - HYDRA_PROXY_AUTH was deprecated, set login/password in HTTP_PROXY[_HTTP] -* New protocol: adam6500 - this one is work in progress, please test and report -* New protocol: rpcap - thanks to Petar Kaleychev -* New command line options: - -y : disables -x 1aA interpretation, thanks to crondaemon for the patch - -I : ignore an existing hydra.restore file (don't wait for 10 seconds) -* hydra-svn: works now with the current libsvn version -* hydra-ssh: initial check for password auth support now uses login supplied -* Fixed dpl4hydra to be able to update from the web again -* Fixed crash when -U was used without any service (thanks to thecarterb for reporting) -* Updated default password lists -* The protocols vnc, xmpp, telnet, imap, nntp and pcanywhere got accidentially long sleep commands due a patch in 8.2, fixed -* Added special error message for clueless users :) - - -Release 8.3 -* Support for upcoming OpenSSL 1.1 added. needs testing. -* Fixed hydra redo bug (issue #113) -* Updated xhydra for new hydra features and options -* Some more command line error checking -* Ensured unneeded sockets are closed - -Release 8.2 -* Added RTSP module, thanks to jjavi89 for supplying! -* Added patch for ssh that fixes hydra stopping to connect, thanks to ShantonRU for the patch -* Added new -O option to hydra to support SSL servers that do not suport TLS -* Added xhydra gtk patche by Petar Kaleychev to support modules that do not use usernames -* Added patch to redis for initial service checking by Petar Kaleychev - thanks a lot! -* Added support in hydra-http for http-post (content length 0) -* Fixed important bug in http-*://server/url command line processing -* Added SSL SNI support -* Fixed bug in HTTP Form redirection following - thanks for everyone who reported and especially to Hayden Young for setting up a test page for debugging -* Better library finding in ./configure for SVN + support for Darwin Homebrew (and further enhanced) -* Fixed http-form module crash that only occurs on *BSD/OSX systems. Thanks to zdk for reporting! -* Fixed for SSL connection to support TLSv1.2 etc. -* Support for different RSA keylengths, thanks to fann95 for the patch -* Fixed a bug where the cisco-enable module was not working with the password-only logon mode -* Fixed an out of memory bug in http-form -* Fixed imap PLAIN method -* Fixed -x option to bail if it would generate too many passwords (more than 4 billion) -* Added warning if HYDRA_PROXY_CONNECT environment is detected, that is an outdated setting -* Added --fhs switch to configure (for Linux distribution usage) -* ... your patch? - - -Release 8.1 -* David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best! -* Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks! -* Fixed the -M option, works now with many many targets :-) -* -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port" -* Found login:password combinations are now printed with the name specified (hostname or IP), not always IP -* Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting) -* Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks! -* Added xhydra gtk patches by Petar Kaleychev to support -h, -U, -f, -F, -q and -e r options, thanks! -* Added patch for teamspeak to better identify server errors and auth failures (thanks to Petar Kaleychev) -* Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting) -* Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting) -* Updated configure to detect subversion packages on current Cygwin -* Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com) - - -Release 8.0 -! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra -* Added module for redis (submitted by Alejandro Ramos, thanks!) -* Added patch which adds Unicode support for the SMB module (thanks to Max Kosmach) -* Added initial interactive password authentication test for ssh (thanks to Joshua Houghton) -* Added patch for xhydra that adds bruteforce generator to the GUI (thanks to Petar Kaleychev) -* Target on the command line can now be a CIDR definition, e.g. 192.168.0.0/24 -* with -M , you can now specify a port for each entry (use "target:port" per line) -* Verified that hydra compiles cleanly on QNX / Blackberry 10 :-) -* Bugfixes for -x option: - - password tries were lost when connection errors happened (thanks to Vineet Kumar for reporting) - - fixed crash when used together with -e option -* Fixed a bug that hydra would not compile without libssh (introduced in v7.6) -* Various bugfixes if many targets where attacked in parallel -* Cygwin's Postgresql is working again, hence configure detection re-enabled -* Added gcc compilation security options (if detected to be supported by configure script) -* Enhancements to the secure compilation options -* Checked code with cppcheck and fixed some minor issues. -* Checked code with Coverity. Fixed a lot of small and medium issues. - - -Release 7.6 -* Added a wizard script for hydra based on a script by Shivang Desai -* Added module for Siemens S7-300 (submitted by Alexander Timorin and Sergey Gordeychik, thanks!) -* HTTP HEAD/GET: MD5 digest auth was not working, fixed (thanks to Paul Kenyon) -* SMTP Enum: HELO is now always sent, better 500 error detection -* hydra main: - - fixed a bug in the IPv6 address parsing when a port was supplied - - added info message for pop3, imap and smtp protocol usage -* hydra GTK: missed some services, added -* dpl4hydra.sh: - - added Siemens S7-300 common passwords to default password list - - more broad searching in the list -* Performed code indention on all C files :-) -* Makefile patch to ensure .../etc directory is there (thanks to vonnyfly) - - -Release 7.5 -* Moved the license from GPLv3 to AGPLv3 (see LICENSE file) -* Added module for Asterisk Call Manager -* Added support for Android where some functions are not available -* hydra main: - - reduced the screen output if run without -h, full screen with -h - - fix for IPv6 and port parsing with service://[ipv6address]:port/OPTIONS - - fixed -o output (thanks to www417) - - warning if HYDRA_PROXY is defined but the module does not use it - - fixed an issue with large input files and long entries -* hydra library: - - SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems - - removed support for old OPENSSL libraries -* HTTP Form module: - - login and password values are now encoded if special characters are present - - ^USER^ and ^PASS^ are now also supported in H= header values - - if you the colon as a value in your option string, you can now escape it with \: - but do not encode a \ with \\ -* Mysql module: protocol 10 is now supported -* SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be - defined as an option "TLS" if required. This increases performance. -* Cisco module: fixed a small bug (thanks to Vitaly McLain) -* Postgres module: libraries on Cygwin are buggy at the moment, module is therefore - disabled on Cygwin - - -Release 7.4.3 FIX RELEASES for bugs introduced in 7.4 -* Quickfix for people who do not have libssh installed (won't compile otherwise) -* Quickfix for http-get/http-head and irc module which would not run due a new feature. -* Fix for the ssh module that breaks an endless loop if a service becomes unavailable (thanks to shark0der(at)gmail(dot)com for reporting) - - -Release 7.4 -* New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!) -* Added support for win8 and win2012 server to the RDP module -* Better target distribution if -M is used -* Added colored output (needs libcurses) -* Better library detection for current Cygwin and OS X -* Fixed the -W option -* Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested -* Fixed HTTP Form module false positive when no answer was received from the server -* Fixed SMB module return code for invalid hours logon and LM auth disabled -* Fixed http-{get|post-form} from xhydra -* Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz) -* Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-) -* Added debug mode option to usage (thanks to Anold Black) - - -Release 7.3 -* Hydra main: - - Added -F switch to quit all targets if one pair was found (for -M) - - Fixed a bug where hydra would terminate after reporting a successful - login when an account would accept any password - - Fixed a bug with very large wordlists (thanks to sheepdestroyer for reporting!) - - Enhanced the module help -* configure script: - - Added fix Oracle library inclusion, thanks to Brandon Archer! - - Added --nostrip option to prevent binary stripping (requested by Fedora - maintainer) -* Added a Makefile patch by the Debian maintainers to support their - SecurityHardeningBuildFlags for the wheezy build as requested -* dpl4hydra: added install directory support -* All code: message cleanups -* SNMP module - - originally already supported write and v2 although this was not in the - module help output. Added :-) - - added SNMPv3 MD5/SHA1 authentication support, though beta still -* HTTP module: - - fixed HTTP NTLM auth session - - implemented errata fix for HTTP digest md5-sess algorithm - - set default path to / -* HTTP Form module: - - set default path to / - - support HTTP/1.0 redirects - - fix failed condition check when pcre is not used -* IMAP module: fixed auth detection -* POP3 module: Updated auth and capability detection -* Oracle module: fixed bad handling -* Oracle listener module: fixed hash size handling -* Telnet/Cisco/Cisco-enable modules: support "press ENTER" prompts -* FTP module: - - Fixed a bug where 530 messages were incorrectly handled - - Clarification for the usage of ftps -* Mysql module: added patch from Redhat/Fedora that fixes compile problems -* Added IDN and PCRE support for Cygwin - - -Release 7.2 -* Speed-up http modules auth mechanism detection -* Fixed -C colonfile mode when empty login/passwords were used (thanks to - will(at)configitnow(dot)com for reporting) -* The -f switch was not working for postgres, afp, socks5, firebird and ncp, - thanks to Richard Whitcroft for reporting! -* Fixed NTLM auth in http-proxy/http-proxy-url module -* Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at -* Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com -* Fix http form module: optional headers and 3xx status redirect, thx to Gash -* Fix in configure script for --prefix option, thanks to dazzlepod -* Update of the dpl4hydra script by Roland Kessler, thanks! -* Small fix for hydra man page, thanks to brad(at)comstyle(dot)com - - -Release 7.1 -* Added HTTP Proxy URL enumeration module -* Added SOCKS4/SOCKS5 proxy support with authentication -* Added IPv6 support for SOCKS5 module -* Added -e r option to try the reversed login as password -* Rewrote -x functionality as the code caused too much trouble (thanks to - murder.net7(at)gmail.com for reporting one of the issues) -* Fixed a bug with multiple hosts (-M) and http modules against targets that - are virtual servers. Well spotted by Tyler Krpata! -* Fixed SVN IPv6 support and updated deprecated calls -* Fixed RDP failed child connection returned value and false positive issues - reported by Wangchaohui, thanks! -* Fixed restore file functionality, was not working together with -o option -* Fix in http-form module for bug introduced in 7.0 -* Fixed xhydra specific parameter value for http-proxy module -* minor enhancements - - -Release 7.0 -* New main engine for hydra: better performance, flexibility and stability -* New option -u - loop around users, not passwords -* Option -e now also works with -x and -C -* Added RDP module, domain can be passed as argument -* Added other_domain option to smb module to test trusted domains -* Small enhancement for http and http-proxy module for standard ignoring servers -* Lots of bugfixes, especially with many tasks, multiple targets and restore file -* Fixes for a few http-form issues -* Fix smb module NTLM hash use -* Fixed Firebird module deprecated API call -* Fixed for dpl4hydra to work on old sed implementations (OS/X ...) -* Fixed makefile to install dpl4hydra (thx @sitecrea) -* Fixed local buffer overflow in debug output function (required -d to be used) -* Fixed xhydra running warnings and correct quit action event - - -Release 6.5 -* Improved HTTP form module: getting cookie, fail or success condition, follow - multiple redirections, support cookie gathering URL, multiple user defined - headers -* Added interface support for IPv6, needed for connecting to link local fe80:: - addresses. Works only on Linux and OS/X. Information for Solaris and *BSD welcome -* Added -W waittime between connects option -* The -x bruteforce mode now allows for generated password amounts > 2 billion -* Fix if -L was used together with -x -* Fixes for http- modules when the http-...://target/options format was used -* Fixed a bug in the restore file write function that could lead to a crash -* Fixed XMPP module jabber init request and challenge response check, thx "F e L o R e T" -* Fix: if a proxy was used, unresolveable targets were disabled. now its fine -* Fix for service://host/ usage if a colon was used after the URI without a - port defined - - -Release 6.4 -* Update SIP module to extract and use external IP addr return from server error to bypass NAT -* Update SIP module to use SASL lib -* Update email modules to check clear mode when TLS mode failed -* Update Oracle Listener module to work with Oracle DB 9.2 -* Update LDAP module to support Windows 2008 active directory simple auth -* Fix to the connection adaptation engine which would loose planned attempts -* Fix make script for CentOS, reported by ya0wei -* Print error when a service limits connections and few pairs have to be tested -* Improved Mysql module to only init/close when needed -* Added patch from the FreeBSD maintainers -* Module usage help does not need a target to be specified anymore -* Configure script now honors /etc/ld.so.conf.d/ directory -* Add more SMB dialects - - -Release 6.3 -* Added patch by Petar Kaleychev which adds nice icons to cygwin hydra files -* Added patch by Gauillaume Rousse which fixes a warning display -* New Oracle module (for databases via OCI, for TNS Listener passwd, for SID enumeration) -* New SMTP user enum module (using VRFY, EXPN or RCPT command) -* Memory leak fix for -x bruteforcing option reported by Alex Lau -* Fix for svn module, for some versions it needs one more lib, thanks to the - Debian team for reporting! -* Fix ssh module, on connection refused a credential could be lost -* Fix http-form module, a redirect was not always followed -* QA on all modules for memory leaks -* Better gtk detection (to not even try xhydra compilation when its useless) -* First blant attempt for configuring to x64 systems (Linux and *BSD) -* Updated network password cracker comparison on the web page (for hydra and new ncrack) -* Indented all source code - - -Release 6.2 -* Added a patch by Jan Dlabal which adds password generation bruteforcing (no more password files :-) ) -* Forgot to rename ssh2 to ssh in xhydra, fixed -* Add support for CRAM-MD5 and DIGEST-MD5 auth to ldap module -* Fix SASL PLAIN auth method issue -* Add TLS negotiation support for smtp-auth, pop3, imap, ftp and ldap -* Added man pages from Debian maintainers -* Checked Teamspeak module, works on TS2 protocol -* Add support for SCRAM-SHA1 (RFC 5802), first auth cracker to support it, yeah ! -* New module: XMPP with TLS negotiation and LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1 support -* Add SCRAM-SHA1 auth to IMAP module -* Add module usage help (-U) -* Add support for RFC 4013: Internationalized Strings in SASL ("SASLPrep") -* Rename smtpauth module to smtp -* Add SASL + TLS support for NNTP -* Bugfix SASL DIGEST-MD5, response could be wrong sometime, mainly on 64bits systems -* Bugfix rlogin module, some auth failure could not be detected accurately -* Bugfix rsh module, some auth failure could not be detected accurately -* New module: IRC is not dead ! use to find general server password and /oper credential -* Add SSL support for VMware Authentication Daemon module -* Bugfix CVS module, should work now, why does nobody report this ?? -* Bugfix Telnet module, when line mode is not available -* Add support for new syntax ://[:][/] -* Add TLS support for SIP -* STILL OPEN: Fixed a problem in hydra where a login+pw test was lost when an arm/child was quitting - - -Release 6.1 -* More license updates for the files for the Debian guys -* Fix for the configure script to correctly detect postgresql -* Add checks for libssh v0.4 and support for ssh v1 -* Merge all latest crypto code in sasl files -* Fix SVN compilation issue on openSUSE (tested with v11.3) - - -Release 6.0 -* Added GPL exception clause to license to allow linking to OpenSSL - Debian people need this -* IPv6 support finally added. Note: sip and socks5 modules do not support IPv6 yet -* Changes to code and configure script to ensure clean compile on Solaris 11, - OSX, FreeBSD 8.1, Cygwin and Linux -* Bugfix for SIP module, thanks to yori(at)counterhackchallenges(dot)com -* Compile fixes for systems without OpenSSL or old OpenSSL installations -* Eliminated compile time warnings -* xhydra updates to support the new features (david@) -* Added CRAM-MD5, DIGEST-MD5 auth mechanism to the smtp-auth module (david@) -* Added LOGIN, PLAIN, CRAM-(MD5,SHA1,SHA256) and DIGEST-MD5 auth mechanisms to the imap and pop3 modules (david@) -* Added APOP auth to POP3 module (david@) -* Added NTLM and DIGEST-MD5 to http-auth module and DIGEST-MD5 to http-proxy module (david@) -* Fixed VNC module for None and VLC auth (david@) -* Fixes for LDAP module (david@) -* Bugfix Telnet module linemode option negotiation using win7 (david@) -* Bugfix SSH module when max auth connection is reached (david@) - - -Release 5.9 -* Update for the subversion module for newer SVN versions (thanks to David Maciejak @ GMAIL dot com) -* Another patch by David to add the PLAIN auth mechanism to the smtp-auth module -* mysql module now has two implementations and uses a library when found (again - thanks to David Maciejak @ GMAIL dot com - what would hydra be without him) -* camiloculpian @ gmail dot com submitted a logo for hydra - looks cool, thanks! -* better FTP 530 error code detection -* bugfix for the SVN module for non-standard ports (again david@) - - -Release 5.8 -* Added Apple Filing Protocol (thank to "never tired" David Maciejak @ GMAIL dot com) -* Fixed a big bug in the SSL option (-S) - - -Release 5.7 -* Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com) -* Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz -* Removed unnecessary compiler warnings -* Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be -* Fixed small local defined overflow in the teamspeak module. Does it still work anyway?? - - -Release 5.6 PRIVATE VERSION -########### -* Moved to GPLv3 License (lots of people wanted that) -* Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for - the 0.2 basis) -* Added firebird support (by David Maciejak @ GMAIL dot com) -* Added SIP MD5 auth patch (by Jean-Baptiste Aviat 100 -! Soon to come: v5.0 - some cool new features to arrive on your pentest - machine! - - -Release 4.6 -########### -* Snakebyte delivered a module for Teamspeak -* Snakebyte updated the rexec module for the Hydra Palm version -* Snakebyte updated xhydra to support the new Telnet success response option -* Clarified the Licence -* Updated the ldap module to support v3, note that "ldap" is now specified as - "ldap2" or "ldap3". Added wrong version detection. - - -Release 4.5 -########### -* The configure script now detects Cygwin automatically :-) -* The telnet module now handles the OPT special input. Specify the string - which is displayed after successfully a login. Use this if you have false - positives. -* Made smtp-auth module more flexible in EHLO/HELO handling -* Fixed some glitches in the SAP/R3 module (correct sysnr, better port - handling) thanks to ngregoire@exaprobe.com ! -* Fixed some glitches in the http/https module -* Fixed a big bug in snakebyte's snmp module -* Warning msg is now displayed if the deprecated icq module is used -* Added warning message to the ssh2 module during compilation as many people - use the newest libssh version which is broken. - - -Release 4.4 -########### -* Fixed another floating point exception *sigh* -* Fixed -C colon mode -* Added EHLO support for the smtp-auth module, required for some smtpd - - -Release 4.3 -########### -* Fixed a divide by zero bug in the status report function -* Added functionality for skipping accounts (cvs is so nice to report this) -* Snakebyte sent in a patch for cvs for skipping nonexisting accounts -* sent in a patch to fix proxy support for the HTTP module - without proxy authentication - - -Release 4.2 -########### -* Snakebyte sent in modules for SNMP and CVS - great work! -* Snakebyte also expanded the gtk gui to support the two new modules -* Justin sent in a module for smtp-auth ... thanks! -* master_up@post.cz sent in some few patches to fix small glitches -* Incorporated a check from the openbsd port - - -Release 4.1 -########### -* Snakebyte wrote a very nice GTK GUI for hydra! enjoy! -* due a bug, sometimes hydra would kill process -1 ... baaaad boy! -* found passwords are now also printed to stdout if -o option is used -* reported that hydra wouldn't complain on ssh2 option if - compiled without support, fixed -* made an official port for FreeBSD and sent me a - diff to exchange the MD4 of libdes to openssl -* noticed that hydra will crash on big wordlists as - the result of the mallocs there were not checked, fixed -* Snakebyte expanded his PalmOS Version of hydra to nntp and fixed vnc -* Increased the wait time for children from 5 to 15 seconds, as e.g. - snakebyte reported detection problems -* Fixed some display glitches - - -Release v4.0 -############ -# -# This is a summary of changes of the D1 to D5 beta releases and shows -# what makes v4.0 different from 3.1. -# Have fun. Lots of it. -# -# By the way: I need someone to program a nice GTK frontend for hydra, -# would YOU like to do that and receive the fame? Send an email to vh@thc.org ! -# -* For the first time there is not only a UNIX/source release but additionally: - ! Windows release (cygwin compile with dll's) - ! PalmPilot release - ! ARM processor release (for all your Zaurus, iPaq etc. running Linux) -* There are new service attack modules: - ! ms-sql - ! sap r/3 (requires a library) - ! ssh v2 (requires a library) -* Enhancements/Fixes to service attack modules: - ! vnc module didnt work correctly, fixed - ! mysql module supports newer versions now - ! http module received a minor fix and has better virtual host support now - ! http-proxy supports now an optional URL - ! socks5 checks now for false positives and daemons without authentication -* The core code (hydra.c) was rewritten from scratch - ! rewrote the internal distribution functions from scratch. code is now - safer, less error prone, easier to read. - ! multiple target support rewritten which now includes intelligent load - balancing based on success, error and load rate - ! intelligently detect maximum connect numbers for services (per server if - multiple targets are used) - ! intelligent restore file writing - ! Faster (up to 15%) - ! Full Cygwin and Cygwin IPv6 support -* added new tool: pw-inspector - it can be used to just try passwords which - matches the target's password policy -# -# This should be more than enough! :-) -# - -... the rest below is history ... - -########################################################################### -# -# New Hydra v4.0 code branch -# -Release D5 -* added patches by kan@dcit.cz which enhance the proxy module and provide - a small fix for the http module -* small beautifcations to make the compiler happy -! This is the final beta version before public release - - please test everything! - -Release D4 -* Tick made an update to his configure-arm -* snakebyte@gmx.de added imap, vnc and cisco module support to PalmPilot -* fixed VNC module -* enhanced mysql module to work also with 4.0.x (and all future protocol 10 - mysql protocol types) -* enhanced socks5 module to identify daemons which do not require - authentication, and false positive check (otherwise dante would report all - tries as successful) -* fixed a bug in configure for D3 which resulted in compile problems on - several platforms requiring libcrypto - -Release D3 -* added sapr3 attack module (requires libsdk.a and saprfc.h) -* added ssh2 attack module (requires libssh) -* snakebyte@gmx.de added telnet module support for PalmPilot -* fixed the mssql module, should work now -* fixed -e option bug -* fixed -C option bug (didnt work at all!!) -* fixed double detection (with -e option) plus added simple dictionary - double detection -* target port is now displayed on start - -Release D2 -* added better virtual host support to the www/http/https/ssl module - (based on a patch from alla@scanit.be) -* added ARM support (does not work for libdes yet, ssl works), done by - Tick -* added Palm support (well, in reality it is more a rewrite which can use - the hydra-modules), done by snakebyte -* added ms-sql attack module (code based on perl script form HD Moore - , thanks for contributing) - -Release D1 (3 March 2003) -* rewrote the internal distribution functions from scratch. code is now - safer, less error prone, easier to read. -* multiple target support rewritten which now includes intelligent load - balancing based on success, error and load rate -* intelligently detect maximum connect numbers for services (per server if - multiple targets are used) -* intelligent restore file writing -* Faster (up to 15%) -* Full Cygwin and Cygwin IPv6 support -* added new tool: pw-inspector - it can be used to just try passwords which - matches the target's password policy - -########################################################################### - -v3.0 (FEBRUARY 2004) PUBLIC RELEASE -* added a restore function to enable you to continue aborted/crashed - sessions. Just type "hydra -R" to continue a session. - NOTE: this does not work with the -M option! This feature is then disabled! -* added a module for http proxy authentication cracking ("http-proxy") :-) -* added HTTP and SSL/CONNECT proxy support. SSL/CONNECT proxy support works - for *all* TCP protocols, you just need to find a proxy which allows you to - CONNECT on port 23 ... - The environment variable HYDRA_PROXY_HTTP defines the web proxy. The - following syntax is valid: HYDRA_PROXY_HTTP="http://123.45.67.89:8080/" - Same for HYDRA_PROXY_CONNECT. - If you require authentication for the proxy, use the HYDRA_PROXY_AUTH - environment variable: - HYDRA_PROXY_AUTH="login:password" -* fixed parallel host scanning engine (thanks to m0j0.j0j0 for reporting) -* A status, speed and time to completion report is now printed every minute. -* finally updated the README - -v2.9 (FEBRUARY 2004) PRIVATE RELEASE -... - -v2.8 (JANUARY 2004) PRIVATE RELEASE -... - -v2.7 (JANUARY 2004) PUBLIC RELEASE -* small fix for the parallel host code (thanks to m0j0@foofus.net) - -v2.6 (DECEMBER 2003) PUBLIC RELEASE -* fixed a compiling problem for picky compilers. - -v2.5 (NOVEMBER 2003) PUBLIC RELEASE -* added a big patch from m0j0@foofus.net which adds: - - AAA authentication to the cisco-enable module - - Running the attacks on hosts in parallel - - new smbnt module, which uses lanman hashes for authentication, needs libdes - ! great work and thanks ! -* changed code to compile easily on FreeBSD -* changed configure to compile easily on MacOS X - Panther (cool OS btw ...) - -v2.4 (AUGUST 2003) PUBLIC RELEASE -* public release -=== 2.3 stuff=== -* added mysql module (thanks to mcbethh@u-n-f.com) -* small fix in vnc (thanks to the Nessus team) -* added credits for vnc-module (FX/Phenolite) -* new ./configure script for better Solaris and *BSD support (copied from amap) -* updated to new email/www addresses => www.thc.org - -v2.2 (OCTOBER 2002) PUBLIC RELEASE -* fixed a bug in the -P passwordfile handling ... uhhh ... thanks to all - the many people who reported that bug! -* added check if a password in -P passwordfile was already done via the - -e n|s switch - -v2.1 (APRIL 2002) PUBLIC RELEASE -* added ldap cracking mode (thanks to myself, eh ;-) -* added -e option to try null passwords ("-e n") and passwords equal to the - login ("-e s"). When specifying -e, -p/-P is optional (and vice versa) -* when a login is found, hydra will now go on with the next login - -v2.0 (APRIL 2002) PRIVATE RELEASE -! with v1.1.14 of Nessus, Hydra is a Nessus plugin! -* incorporated code to make hydra a nessus plugin (thanks to deraison@cvs.nessus.org !) -* added smb/samba/CIFS cracking mode (thanks to deraison@cvs.nessus.org !) -* added cisco-enable cracking mode (thanks to J.Marx@secunet.de !) -* minor enhancements and fixes - -v1.7 (MARCH 2002) PRIVATE RELEASE -* configure change to better detect OpenSSL -* ported to Solaris - -v1.6 (FEBRUARY 2002) PUBLIC RELEASE -* added socks5 support (thanks to bigbud@weed.tc !) - -v1.5 (DECEMBER 2001) PRIVATE RELEASE -* added -S option for SSL support (for all TCP based protocols) -* added -f option to stop attacking once a valid login/pw has been discovered -* made modules more hydra-mod compliant -* configure stuff thrown out - was not really used and too complicated, - wrote my own, lets hope it works everywhere ;-) - -v1.4 (DECEMBER 2001) PUBLIC RELEASE -* added REXEC cracking module -* added NNTP cracking module -* added VNC cracking module (plus the 3DES library, which is needed) - some - of the code ripped from FX/Phenolite :-) thanks a lot -* added PCNFS cracking module -* added ICQ cracking module (thanks to ocsic !!) -* for the pcnfs cracking module, I had to add the hydra_connect_udp function -* added several compactibility stuff to work with all the M$ crap - -v1.3 (September 2001) PUBLIC RELEASE -* uh W2K telnetd sends null bytes in negotiation mode. workaround implemented. -* Rewrote the finish functions which would sometimes hang. Shutdowns are faster - now as well. -* Fixed the line count (it was always one to much) -* Put more information in the outpufile (-o) -* Removed some configure crap. - -v1.2 (August 2001) PRIVATE RELEASE -* Fixed a BIG bug which resulted in accounts being checked serveral times. ugh -* Fixed the bug which showed the wrong password for a telnet hack. Works for - me. please test. -* Added http basic authentication cracking. Works for me. please test. -* Fixed the ftp cracker module for occasions where a long welcome message was - displayed for ftp. -* Removed some compiler warnings. - -v1.1 (May 2001) PUBLIC RELEASE -* Added wait+reconnect functionality to hydra-mod -* Additional wait+reconnect for cisco module -* Added small waittimes to all attack modules to prevent too fast reconnects -* Added cisco Username/Password support to the telnet module -* Fixed a deadlock in the modules, plus an additional one in the telnet module - -v1.0 (April 2001) PUBLIC RELEASE -* Verified that all service modules really work, no fix necessary ;-) - ... so let's make it public -* Changed the LICENCE - -v0.6 (April 2001) PRIVATE RELEASE -* Added hydra-cisco.c for the cisco 3 times "Password:" type -* Added hydra-imap.c for the imap service -* Fixed a bug in hydra-mod.c: empty logins resulted in an empty - hydra_get_next_password() :-(, additionally the blocking/recv works better - now. (no, not better - perfect ;-) -* Fixed a bug in hydra-telnet.c: too many false alarms for success due some - mis-thinking on my side and I also implemented a more flexible checking -* Fixed hydra-ftp.c to allow more weird reactions -* Fixed all ;-) memory leaks - -v0.5 (December 2000) PUBLIC RELEASE -* NOTE WE HAVE GOT A NEW WWW ADDRESS -> www.thehackerschoice.com -* added telnet protocol -* exchanged snprintf with sprintf(%.250s) to let it compile on more platforms - but still have buffer overflow protection. -* fixed a bug in Makefile.in (introduced by Plasmo ,-) - -v0.4 (August 2000) PUBLIC RELEASE -* Plasmoid added a ./configure script. thanks! - -v0.3 (August 2000) -* first release diff --git a/web/README b/web/README deleted file mode 100644 index 3847215..0000000 --- a/web/README +++ /dev/null @@ -1,530 +0,0 @@ - - H Y D R A - - (c) 2001-2019 by van Hauser / THC - https://github.com/vanhauser-thc/thc-hydra - many modules were written by David (dot) Maciejak @ gmail (dot) com - BFG code by Jan Dlabal - - Licensed under AGPLv3 (see LICENSE file) - - Please do not use in military or secret service organizations, - or for illegal purposes. - - - -INTRODUCTION ------------- -Number one of the biggest security holes are passwords, as every password -security study shows. -This tool is a proof of concept code, to give researchers and security -consultants the possibility to show how easy it would be to gain unauthorized -access from remote to a system. - -THIS TOOL IS FOR LEGAL PURPOSES ONLY! - -There are already several login hacker tools available, however, none does -either support more than one protocol to attack or support parallized -connects. - -It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, -FreeBSD/OpenBSD, QNX (Blackberry 10) and MacOS. - -Currently this tool supports the following protocols: - Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, - HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, - HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, - HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, - Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, - Rsh, RTSP, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, - SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, - VNC and XMPP. - -However the module engine for new services is very easy so it won't take a -long time until even more services are supported. -Your help in writing, enhancing or fixing modules is highly appreciated!! :-) - - - -WHERE TO GET ------------- -You can always find the newest release/production version of hydra at its -project page at https://github.com/vanhauser-thc/thc-hydra/releases -If you are interested in the current development state, the public development -repository is at Github: - svn co https://github.com/vanhauser-thc/thc-hydra - or - git clone https://github.com/vanhauser-thc/thc-hydra -Use the development version at your own risk. It contains new features and -new bugs. Things might not work! - - - -HOW TO COMPILE --------------- -To configure, compile and install hydra, just type: - -``` -./configure -make -make install -``` - -If you want the ssh module, you have to setup libssh (not libssh2!) on your -system, get it from http://www.libssh.org, for ssh v1 support you also need -to add "-DWITH_SSH1=On" option in the cmake command line. -IMPORTANT: If you compile on MacOS then you must do this - do not install libssh via brew! - -If you use Ubuntu/Debian, this will install supplementary libraries needed -for a few optional modules (note that some might not be available on your distribution): - -``` -apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev \ - libgtk2.0-dev libmysqlclient-dev libpq-dev libsvn-dev \ - firebird-dev -``` - -This enables all optional modules and features with the exception of Oracle, -SAP R/3, NCP and the apple filing protocol - which you will need to download and -install from the vendor's web sites. - -For all other Linux derivates and BSD based systems, use the system -software installer and look for similarly named libraries like in the -command above. In all other cases, you have to download all source libraries -and compile them manually. - - - -SUPPORTED PLATFORMS -------------------- -- All UNIX platforms (Linux, *BSD, Solaris, etc.) -- MacOS (basically a BSD clone) -- Windows with Cygwin (both IPv4 and IPv6) -- Mobile systems based on Linux, MacOS or QNX (e.g. Android, iPhone, Blackberry 10, Zaurus, iPaq) - - - -HOW TO USE ----------- -If you just enter `hydra`, you will see a short summary of the important -options available. -Type `./hydra -h` to see all available command line options. - -Note that NO login/password file is included. Generate them yourself. -A default password list is however present, use "dpl4hydra.sh" to generate -a list. - -For Linux users, a GTK GUI is available, try `./xhydra` - -For the command line usage, the syntax is as follows: - For attacking one target or a network, you can use the new "://" style: - hydra [some command line options] PROTOCOL://TARGET:PORT/MODULE-OPTIONS - The old mode can be used for these too, and additionally if you want to - specify your targets from a text file, you *must* use this one: - -``` -hydra [some command line options] [-s PORT] TARGET PROTOCOL [MODULE-OPTIONS] -``` - -Via the command line options you specify which logins to try, which passwords, -if SSL should be used, how many parallel tasks to use for attacking, etc. - -PROTOCOL is the protocol you want to use for attacking, e.g. ftp, smtp, -http-get or many others are available -TARGET is the target you want to attack -MODULE-OPTIONS are optional values which are special per PROTOCOL module - -FIRST - select your target - you have three options on how to specify the target you want to attack: - 1. a single target on the command line: just put the IP or DNS address in - 2. a network range on the command line: CIDR specification like "192.168.0.0/24" - 3. a list of hosts in a text file: one line per entry (see below) - -SECOND - select your protocol - Try to avoid telnet, as it is unreliable to detect a correct or false login attempt. - Use a port scanner to see which protocols are enabled on the target. - -THIRD - check if the module has optional parameters - hydra -U PROTOCOL - e.g. hydra -U smtp - -FOURTH - the destination port - this is optional! if no port is supplied the default common port for the - PROTOCOL is used. - If you specify SSL to use ("-S" option), the SSL common port is used by default. - - -If you use "://" notation, you must use "[" "]" brackets if you want to supply -IPv6 addresses or CIDR ("192.168.0.0/24") notations to attack: - hydra [some command line options] ftp://[192.168.0.0/24]/ - hydra [some command line options] -6 smtps://[2001:db8::1]/NTLM - -Note that everything hydra does is IPv4 only! -If you want to attack IPv6 addresses, you must add the "-6" command line option. -All attacks are then IPv6 only! - -If you want to supply your targets via a text file, you can not use the :// -notation but use the old style and just supply the protocol (and module options): - hydra [some command line options] -M targets.txt ftp -You can supply also the port for each target entry by adding ":" after a -target entry in the file, e.g.: - -``` -foo.bar.com -target.com:21 -unusual.port.com:2121 -default.used.here.com -127.0.0.1 -127.0.0.1:2121 -``` - -Note that if you want to attach IPv6 targets, you must supply the -6 option -and *must* put IPv6 addresses in brackets in the file(!) like this: - -``` -foo.bar.com -target.com:21 -[fe80::1%eth0] -[2001::1] -[2002::2]:8080 -[2a01:24a:133:0:00:123:ff:1a] -``` - -LOGINS AND PASSWORDS --------------------- -You have many options on how to attack with logins and passwords -With -l for login and -p for password you tell hydra that this is the only -login and/or password to try. -With -L for logins and -P for passwords you supply text files with entries. -e.g.: - -``` -hydra -l admin -p password ftp://localhost/ -hydra -L default_logins.txt -p test ftp://localhost/ -hydra -l admin -P common_passwords.txt ftp://localhost/ -hydra -L logins.txt -P passwords.txt ftp://localhost/ -``` - -Additionally, you can try passwords based on the login via the "-e" option. -The "-e" option has three parameters: - -``` -s - try the login as password -n - try an empty password -r - reverse the login and try it as password -``` - -If you want to, e.g. try "try login as password and "empty password", you -specify "-e sn" on the command line. - -But there are two more modes for trying passwords than -p/-P: -You can use text file which where a login and password pair is separated by a colon, -e.g.: - -``` -admin:password -test:test -foo:bar -``` - -This is a common default account style listing, that is also generated by the -dpl4hydra.sh default account file generator supplied with hydra. -You use such a text file with the -C option - note that in this mode you -can not use -l/-L/-p/-P options (-e nsr however you can). -Example: - -``` -hydra -C default_accounts.txt ftp://localhost/ -``` - -And finally, there is a bruteforce mode with the -x option (which you can not -use with -p/-P/-C): - -``` --x minimum_length:maximum_length:charset -``` - -the charset definition is `a` for lowercase letters, `A` for uppercase letters, -`1` for numbers and for anything else you supply it is their real representation. -Examples: - -``` --x 1:3:a generate passwords from length 1 to 3 with all lowercase letters --x 2:5:/ generate passwords from length 2 to 5 containing only slashes --x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers -``` - -Example: - -``` -hydra -l ftp -x 3:3:a ftp://localhost/ -``` - -SPECIAL OPTIONS FOR MODULES ---------------------------- -Via the third command line parameter (TARGET SERVICE OPTIONAL) or the -m -command line option, you can pass one option to a module. -Many modules use this, a few require it! - -To see the special option of a module, type: - - hydra -U - -e.g. - - ./hydra -U http-post-form - -The special options can be passed via the -m parameter, as 3rd command line -option or in the service://target/option format. - -Examples (they are all equal): - -``` -./hydra -l test -p test -m PLAIN 127.0.0.1 imap -./hydra -l test -p test 127.0.0.1 imap PLAIN -./hydra -l test -p test imap://127.0.0.1/PLAIN -``` - -RESTORING AN ABORTED/CRASHED SESSION ------------------------------------- -When hydra is aborted with Control-C, killed or crashes, it leaves a -"hydra.restore" file behind which contains all necessary information to -restore the session. This session file is written every 5 minutes. -NOTE: the hydra.restore file can NOT be copied to a different platform (e.g. -from little endian to big endian, or from Solaris to AIX) - -HOW TO SCAN/CRACK OVER A PROXY ------------------------------- -The environment variable HYDRA_PROXY_HTTP defines the web proxy (this works -just for the http services!). -The following syntax is valid: - -``` -HYDRA_PROXY_HTTP="http://123.45.67.89:8080/" -HYDRA_PROXY_HTTP="http://login:password@123.45.67.89:8080/" -HYDRA_PROXY_HTTP="proxylist.txt" -``` - -The last example is a text file containing up to 64 proxies (in the same -format definition as the other examples). - -For all other services, use the HYDRA_PROXY variable to scan/crack. -It uses the same syntax. eg: - -``` -HYDRA_PROXY=[connect|socks4|socks5]://[login:password@]proxy_addr:proxy_port -``` - -for example: - -``` -HYDRA_PROXY=connect://proxy.anonymizer.com:8000 -HYDRA_PROXY=socks4://auth:pw@127.0.0.1:1080 -HYDRA_PROXY=socksproxylist.txt -``` - -ADDITIONAL HINTS ----------------- -* sort your password files by likelihood and use the -u option to find - passwords much faster! -* uniq your dictionary files! this can save you a lot of time :-) - cat words.txt | sort | uniq > dictionary.txt -* if you know that the target is using a password policy (allowing users - only to choose a password with a minimum length of 6, containing a least one - letter and one number, etc. use the tool pw-inspector which comes along - with the hydra package to reduce the password list: - cat dictionary.txt | pw-inspector -m 6 -c 2 -n > passlist.txt - - -RESULTS OUTPUT --------------- - -The results are output to stdio along with the other information. Via the -o -command line option, the results can also be written to a file. Using -b, -the format of the output can be specified. Currently, these are supported: - -* `text` - plain text format -* `jsonv1` - JSON data using version 1.x of the schema (defined below). -* `json` - JSON data using the latest version of the schema, currently there - is only version 1. - -If using JSON output, the results file may not be valid JSON if there are -serious errors in booting Hydra. - - -JSON Schema ------------ -Here is an example of the JSON output. Notes on some of the fields: - -* `errormessages` - an array of zero or more strings that are normally printed - to stderr at the end of the Hydra's run. The text is very free form. -* `success` - indication if Hydra ran correctly without error (**NOT** if - passwords were detected). This parameter is either the JSON value `true` - or `false` depending on completion. -* `quantityfound` - How many username+password combinations discovered. -* `jsonoutputversion` - Version of the schema, 1.00, 1.01, 1.11, 2.00, - 2.03, etc. Hydra will make second tuple of the version to always be two - digits to make it easier for downstream processors (as opposed to v1.1 vs - v1.10). The minor-level versions are additive, so 1.02 will contain more - fields than version 1.00 and will be backward compatible. Version 2.x will - break something from version 1.x output. - -Version 1.00 example: -``` -{ - "errormessages": [ - "[ERROR] Error Message of Something", - "[ERROR] Another Message", - "These are very free form" - ], - "generator": { - "built": "2019-03-01 14:44:22", - "commandline": "hydra -b jsonv1 -o results.json ... ...", - "jsonoutputversion": "1.00", - "server": "127.0.0.1", - "service": "http-post-form", - "software": "Hydra", - "version": "v8.5" - }, - "quantityfound": 2, - "results": [ - { - "host": "127.0.0.1", - "login": "bill@example.com", - "password": "bill", - "port": 9999, - "service": "http-post-form" - }, - { - "host": "127.0.0.1", - "login": "joe@example.com", - "password": "joe", - "port": 9999, - "service": "http-post-form" - } - ], - "success": false -} -``` - - -SPEED ------ -through the parallelizing feature, this password cracker tool can be very -fast, however it depends on the protocol. The fastest are generally POP3 -and FTP. -Experiment with the task option (-t) to speed things up! The higher - the -faster ;-) (but too high - and it disables the service) - - - -STATISTICS ----------- -Run against a SuSE Linux 7.2 on localhost with a "-C FILE" containing -295 entries (294 tries invalid logins, 1 valid). Every test was run three -times (only for "1 task" just once), and the average noted down. - -``` - P A R A L L E L T A S K S -SERVICE 1 4 8 16 32 50 64 100 128 -------- -------------------------------------------------------------------- -telnet 23:20 5:58 2:58 1:34 1:05 0:33 0:45* 0:25* 0:55* -ftp 45:54 11:51 5:54 3:06 1:25 0:58 0:46 0:29 0:32 -pop3 92:10 27:16 13:56 6:42 2:55 1:57 1:24 1:14 0:50 -imap 31:05 7:41 3:51 1:58 1:01 0:39 0:32 0:25 0:21 -``` - -(*) -Note: telnet timings can be VERY different for 64 to 128 tasks! e.g. with -128 tasks, running four times resulted in timings between 28 and 97 seconds! -The reason for this is unknown... - -guesses per task (rounded up): - - 295 74 38 19 10 6 5 3 3 - -guesses possible per connect (depends on the server software and config): - - telnet 4 - ftp 6 - pop3 1 - imap 3 - - - -BUGS & FEATURES ---------------- -Hydra: -Email me or David if you find bugs or if you have written a new module. -vh@thc.org (and put "antispam" in the subject line) - - -You should use PGP to encrypt emails to vh@thc.org : - -``` ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v3.3.3 (vh@thc.org) - -mQINBFIp+7QBEADQcJctjohuYjBxq7MELAlFDvXRTeIqqh8kqHPOR018xKL09pZT -KiBWFBkU48xlR3EtV5fC1yEt8gDEULe5o0qtK1aFlYBtAWkflVNjDrs+Y2BpjITQ -FnAPHw0SOOT/jfcvmhNOZMzMU8lIubAVC4cVWoSWJbLTv6e0DRIPiYgXNT5Quh6c -vqhnI1C39pEo/W/nh3hSa16oTc5dtTLbi5kEbdzml78TnT0OASmWLI+xtYKnP+5k -Xv4xrXRMVk4L1Bv9WpCY/Jb6J8K8SJYdXPtbaIi4VjgVr5gvg9QC/d/QP2etmw3p -lJ1Ldv63x6nXsxnPq6MSOOw8+QqKc1dAgIA43k6SU4wLq9TB3x0uTKnnB8pA3ACI -zPeRN9LFkr7v1KUMeKKEdu8jUut5iKUJVu63lVYxuM5ODb6Owt3+UXgsSaQLu9nI -DZqnp/M6YTCJTJ+cJANN+uQzESI4Z2m9ITg/U/cuccN/LIDg8/eDXW3VsCqJz8Bf -lBSwMItMhs/Qwzqc1QCKfY3xcNGc4aFlJz4Bq3zSdw3mUjHYJYv1UkKntCtvvTCN -DiomxyBEKB9J7KNsOLI/CSst3MQWSG794r9ZjcfA0EWZ9u6929F2pGDZ3LiS7Jx5 -n+gdBDMe0PuuonLIGXzyIuMrkfoBeW/WdnOxh+27eemcdpCb68XtQCw6UQARAQAB -tB52YW4gSGF1c2VyICgyMDEzKSA8dmhAdGhjLm9yZz6JAjkEEwECACMCGwMCHgEC -F4AFAlIp/QcGCwkIAwcCBhUKCQgLAgUWAwIBAAAKCRDI8AEqhCFiv2R9D/9qTCJJ -xCH4BUbWIUhw1zRkn9iCVSwZMmfaAhz5PdVTjeTelimMh5qwK2MNAjpR7vCCd3BH -Z2VLB2Eoz9MOgSCxcMOnCDJjtCdCOeaxiASJt8qLeRMwdMOtznM8MnKCIO8X4oo4 -qH8eNj83KgpI50ERBCj/EMsgg07vSyZ9i1UXjFofFnbHRWSW9yZO16qD4F6r4SGz -dsfXARcO3QRI5lbjdGqm+g+HOPj1EFLAOxJAQOygz7ZN5fj+vPp+G/drONxNyVKp -QFtENpvqPdU9CqYh8ssazXTWeBi/TIs0q0EXkzqo7CQjfNb6tlRsg18FxnJDK/ga -V/1umTg41bQuVP9gGmycsiNI8Atr5DWqaF+O4uDmQxcxS0kX2YXQ4CSQJFi0pml5 -slAGL8HaAUbV7UnQEqpayPyyTEx1i0wK5ZCHYjLBfJRZCbmHX7SbviSAzKdo5JIl -Atuk+atgW3vC3hDTrBu5qlsFCZvbxS21PJ+9zmK7ySjAEFH/NKFmx4B8kb7rPAOM -0qCTv0pD/e4ogJCxVrqQ2XcCSJWxJL31FNAMnBZpVzidudNURG2v61h3ckkSB/fP -JnkRy/yxYWrdFBYkURImxD8iFD1atj1n3EI5HBL7p/9mHxf1DVJWz7rYQk+3czvs -IhBz7xGBz4nhpCi87VDEYttghYlJanbiRfNh3okCOAQTAQIAIgUCUin7tAIbAwYL -CQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQyPABKoQhYr8OIA//cvkhoKay88yS -AjMQypach8C5CvP7eFCT11pkCt1DMAO/8Dt6Y/Ts10dPjohGdIX4PkoLTkQDwBDJ -HoLO75oqj0CYLlqDI4oHgf2uzd0Zv8f/11CQQCtut5oEK72mGNzv3GgVqg60z2KR -2vpxvGQmDwpDOPP620tf/LuRQgBpks7uazcbkAE2Br09YrUQSCBNHy8kirHW5m5C -nupMrcvuFx7mHKW1z3FuhM8ijG7oRmcBWfVoneQgIT3l2WBniXg1mKFhuUSV8Erc -XIcc11qsKshyqh0GWb2JfeXbAcTW8/4IwrCP+VfAyLO9F9khP6SnCmcNF9EVJyR6 -Aw+JMNRin7PgvsqbFhpkq9N+gVBAufz3DZoMTEbsMTtW4lYG6HMWhza2+8G9XyaL -ARAWhkNVsmQQ5T6qGkI19thB6E/T6ZorTxqeopNVA7VNK3RVlKpkmUu07w5bTD6V -l3Ti6XfcSQqzt6YX2/WUE8ekEG3rSesuJ5fqjuTnIIOjBxr+pPxkzdoazlu2zJ9F -n24fHvlU20TccEWXteXj9VFzV/zbPEQbEqmE16lV+bO8U7UHqCOdE83OMrbNKszl -7LSCbFhCDtflUsyClBt/OPnlLEHgEE1j9QkqdFFy90l4HqGwKvx7lUFDnuF8LYsb -/hcP4XhqjiGcjTPYBDK254iYrpOSMZSIRgQQEQIABgUCUioGfQAKCRBDlBVOdiii -tuddAJ4zMrge4qzajScIQcXYgIWMXVenCQCfYTNQPGkHVyp3dMhJ0NR21TYoYMC5 -Ag0EUin7tAEQAK5/AEIBLlA/TTgjUF3im6nu/rkWTM7/gs5H4W0a04kF4UPhaJUR -gCNlDfUnBFA0QD7Jja5LHYgLdoHXiFelPhGrbZel/Sw6sH2gkGCBtFMrVkm3u7tt -x3AZlprqqRH68Y5xTCEjGRncCAmaDgd2apgisJqXpu0dRDroFYpJFNH3vw9N2a62 -0ShNakYP4ykVG3jTDC4MSl2q3BO5dzn8GYFHU0CNz6nf3gZR+48BG+zmAT77peTS -+C4Mbd6LmMmB0cuS2kYiFRwE2B69UWguLHjpXFcu9/85JJVCl2CIab7l5hpqGmgw -G/yW8HFK04Yhew7ZJOXJfUYlv1EZzR5bOsZ8Z9inC6hvFmxuCYCFnvkiEI+pOxPA -oeNOkMaT/W4W+au0ZVt3Hx+oD0pkJb5if0jrCaoAD4gpWOte6LZA8mAbKTxkHPBr -rA9/JFis5CVNI688O6eDiJqCCJjPOQA+COJI+0V+tFa6XyHPB4LxA46RxtumUZMC -v/06sDJlXMNpZbSd5Fq95YfZd4l9Vr9VrvKXfbomn+akwUymP8RDyc6Z8BzjF4Y5 -02m6Ts0J0MnSYfEDqJPPZbMGB+GAgAqLs7FrZJQzOZTiOXOSIJsKMYsPIDWE8lXv -s77rs0rGvgvQfWzPsJlMIx6ryrMnAsfOkzM2GChGNX9+pABpgOdYII4bABEBAAGJ -Ah8EGAECAAkFAlIp+7QCGwwACgkQyPABKoQhYr+hrg/9Er0+HN78y6UWGFHu/KVK -d8M6ekaqjQndQXmzQaPQwsOHOvWdC+EtBoTdR3VIjAtX96uvzCRV3sb0XPB9S9eP -gRrO/t5+qTVTtjua1zzjZsMOr1SxhBgZ5+0U2aoY1vMhyIjUuwpKKNqj2uf+uj5Y -ZQbCNklghf7EVDHsYQ4goB9gsNT7rnmrzSc6UUuJOYI2jjtHp5BPMBHh2WtUVfYP -8JqDfQ+eJQr5NCFB24xMW8OxMJit3MGckUbcZlUa1wKiTb0b76fOjt0y/+9u1ykd -X+i27DAM6PniFG8BfqPq/E3iU20IZGYtaAFBuhhDWR3vGY4+r3OxdlFAJfBG9XDD -aEDTzv1XF+tEBo69GFaxXZGdk9//7qxcgiya4LL9Kltuvs82+ZzQhC09p8d3YSQN -cfaYObm4EwbINdKP7cr4anGFXvsLC9urhow/RNBLiMbRX/5qBzx2DayXtxEnDlSC -Mh7wCkNDYkSIZOrPVUFOCGxu7lloRgPxEetM5x608HRa3hDHoe5KvUBmmtavB/aR -zlGuZP1S6Y7S13ytiULSzTfUxJmyGYgNo+4ygh0i6Dudf9NLmV+i9aEIbLbd6bni -1B/y8hBSx3SVb4sQVRe3clBkfS1/mYjlldtYjzOwcd02x599KJlcChf8HnWFB7qT -zB3yrr+vYBT0uDWmxwPjiJs= -=ytEf ------END PGP PUBLIC KEY BLOCK----- -``` diff --git a/web/index.html b/web/index.html deleted file mode 100644 index 6786d7f..0000000 --- a/web/index.html +++ /dev/null @@ -1,206 +0,0 @@ - - -THC-HYDRA - fast and flexible network login hacker - -
-
-
-
-
-
-
-

-
-
-
-
 THC-Hydra

-

- A very fast network logon cracker which support many different services.
- See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa

-

- Current Version: 8.6
- Last update 2017-07-21
-

-

-

-
-
- [0x00] News and Changelog
-
-
-        Check out the feature sets and services coverage page - including a speed comparison against ncrack and medusa (yes, we win :-) )
-        Development code is available at a public github repository: https://github.com/vanhauser-thc/thc-hydra
-        There is a new section below for online tutorials.
-        Read below for Linux compilation notes.
-        
-
-        CHANGELOG for 8.6
-        ===================
-        ! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
-        
-        ! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix
-        * added radmin2 module by catatonic prime - great work!
-        * smb module now checks if SMBv1 is supported by the server and if signing is required
-        * http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch)
-        * Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting)
-        * Added new command line option:
-          -c TIME: seconds between login attempts (over all threads, so -t 1 is recommended)
-        * Options put after -R (for loading a restore file) are now honored (and were disallowed before)
-        * merged several patches by Diadlo@github to make the code easier readable. thanks for that!
-        * merged a patch by Diadlo@github that moves the help output to the invididual module
-
-	You can also take a look at the full CHANGES file
-
-
- [0x01] Introduction
-
-	Welcome to the mini website of the THC Hydra project.
-
-	Number one of the biggest security holes are passwords, as every password security study shows.
-	Hydra is a parallized login cracker which supports numerous protocols to attack. New modules
-	are easy to add, beside that, it is flexible and very fast.
-
-        Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1, OpenBSD, OSX,
-        QNX/Blackberry, and is made available under GPLv3 with a special OpenSSL license expansion.
-
-	Currently this tool supports:
-	  Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST,
-	  HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-POST, HTTPS-HEAD,
-	  HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle,
-	  PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, S7-300, SAP/R3, SIP, SMB, SMTP,
-	  SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
-
-        For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.
-
-	This tool is a proof of concept code, to give researchers and security consultants the 
-	possiblity to show how easy it would be to gain unauthorized access from remote to a system.
-
-        The program was written van Hauser and is additiionally supported by David Maciejak.
-
-
- [0x02] Screenshots
-
-	
-	(1) Target selection
-
-	
-	(2) Login/Password setup
-
-	
-	(3) Hydra start and output
-
-
- [0x03] Documentation 
- 
-	Hydra comes with a rather long README file that describes the
-	details about the usage and special options.
-	
-	But sometimes detailed online help can vastly improve your efficency.
-	The following links on the global internet are a recommended read.
-	
-          General usage and options: http://www.aldeid.com/wiki/Thc-hydra
-                                     http://resources.infosecinstitute.com/online-dictionary-attack-with-hydra/
-
-          HTTP basic auth: https://www.owasp.org/index.php/Testing_for_Brute_Force_%28OWASP-AT-004%29
-                           http://www.sillychicken.co.nz/Security/how-to-brute-force-your-router-in-windows.html
-
-          HTTP form based auth: http://www.art0.org/security/performing-a-dictionary-attack-on-an-http-login-form-using-hydra
-                                http://insidetrust.blogspot.com/2011/08/using-hydra-to-dictionary-attack-web.html
-                                http://www.sillychicken.co.nz/Security/how-to-brute-force-http-forms-in-windows.html
-                                https://www.owasp.org/index.php/Testing_for_Brute_Force_%28OWASP-AT-004%29
-
-          Multiple protocols: http://wiki.bywire.org/Hydra
-                              http://www.attackvector.org/brute-force-with-thc-hydra/
-                              http://www.madirish.net/content/hydra-brute-force-utility
-          
-          Telnet: http://www.theprohack.com/2009/04/basics-of-cracking-ftp-and-telnet.html
-                  http://www.adeptus-mechanicus.com/codex/bflog/bflog.html
-	
-        For those people testing with DVWA, this is what you want:
-          hydra -l admin -p password   http-get-form "/dvwa/login.php:username=^USER^&password=^PASS^&submit=Login:Login failed"
-
-	If you find other good ones, just email them in ( vh(at)thc(dot)org ).
-
-
- [0x04] Disclaimer
-
-	1. Please do not use in military or secret service organizations or for illegal purposes.
-	2. The Affero General Public License Version 3 (AGPLv3) applies to this code.
-	3. A special license expansion for OpenSSL is included which is required for the Debian people
-
-
- [0x05] The Art of Downloading: Source and Binaries
- 
-	1. PRODUCTION/RELEASE VERSION:
-	   The source code of state-of-the-art Hydra: hydra-8.6.tar.gz
-	   (compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, Android, iPhone, Blackberry 10, etc.)
-
-        2. DEVELOPMENT VERSION:
-           You can download and compile the current development version of hydra always in its public GITHUB repository:
-           https://github.com/vanhauser-thc/thc-hydra by either
-             svn co https://github.com/vanhauser-thc/thc-hydra
-           or
-             git clone https://github.com/vanhauser-thc/thc-hydra.git
-           Note that this is the development state! New features - and new bugs. Things might not work!
-
-	3. The source code of an old, deprecated version of Hydra ONLY in case v7.x gives you problems on unusual and old platforms:
-	   hydra-5.9.1-src.tar.gz
-
-	4. The Win32/Cywin binary release: --- not anymore ---
-	   Install cygwin from http://www.cygwin.com
-	   and compile it yourself. If you do not have cygwin installed - how
-	   do you think you will do proper securiy testing? duh ...
-
-        5. ARM and Palm binaries here are old and not longer maintained:
-	     ARM:  hydra-5.0-arm.tar.gz
-             Palm: hydra-4.6-palm.zip
-
-
- [0x06] Compilation Help
-
-        Hydra compiles fine on all platforms that have gcc - Linux, all BSD, Mac OS/X, Cygwin on Windows, Solaris, etc.
-        It should even compile on historical SunOS, Ultrix etc. platforms :-)
-        
-        There are many optional modules for network protocols like SSH, SVN etc. that require libraries.
-        If they are not found, these optional libraries will not be supported in your binary.
-        
-        If you are on Linux, the following commands install all necessary libraries:
- 
-        Ubuntu/Debian:  apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev libgtk2.0-dev libmysqlclient-dev libpq-dev libsvn-dev firebird2.1-dev libncp-dev libncurses5-dev
-        Redhat/Fedora:  yum install openssl-devel pcre-devel ncpfs-devel postgresql-devel libssh-devel subversion-devel libncurses-devel
-        OpenSuSE:       zypper install libopenssl-devel pcre-devel libidn-devel ncpfs-devel libssh-devel postgresql-devel subversion-devel libncurses-devel
-        
-        This enables all optional modules and features with the exception of Oracle, SAP R/3 and the
-        Apple filing protocol - which you will need to download and install from the vendor's web sites.
-        For Oracle this is (install the basic and SDK packages): http://www.oracle.com/technetwork/database/features/instant-client/index.html
-
-        For all other Linux derivates and BSD based systems, use the system software installer and look for
-        similar named libraries like in the command above.
-        In all other cases you have to download all source libraries and compile them manually; 
-        the configure script output tells you what is missing and where to get it from.
-        
-
- [0x07] Development & Contributions
-
-	Your contributions are more than welcomed!
-	
-	If you find bugs, coded enhancements or wrote a new attack module for a service,
-	please send them to vh (at) thc (dot) org
-
-	Interesting attack modules would be:
-	OSPF, BGP, PIM, PPTP, ...
-	(or anything else you might be able to do (and is not there yet))
-	
-	Please note that you can also download and commit via github: https://github.com/vanhauser-thc/thc-hydra
-
- 
- Comments and suggestions are welcome.
-
- Yours sincerly,
-
- van Hauser
- The Hackers Choice
- http://www.thc.org/thc-hydra
-
-
- diff --git a/web/network_password_cracker_comparison.html b/web/network_password_cracker_comparison.html deleted file mode 100644 index ac3aa69..0000000 --- a/web/network_password_cracker_comparison.html +++ /dev/null @@ -1,917 +0,0 @@ - - - - - - - - - - - - State of network password cracker art - Comparison Of Features and Services - hydra - - - - - - - -
-
-
- -

Comparison of Features and Services Coverage

- - - -
-
-

Contents

- -
-

Introduction

-

Hydra is born more than 10 years ago, this page is used as a recap of the functionalities it provides, but also -the differences in feature sets, services coverage and code between the most -popular network authentication cracker tools available. Each feature is compared against -Hydra as of the current version. This table is updated as new -features are added to the project. If you find any inaccuracies - on this page please do not hesitate to contact us. -

Below, Yes means it is supported, No means it is not supported, Unknown means the support is partial -

-

- -

Code Comparison

-

This table just lists latest available versions and platforms compatibility.

- - - - - - - - - - -
Code - Hydra - Medusa - Ncrack -
Version - 8.6 - 2.2 - 0.4 alpha -
Last Update - July 2017 - November 2015 - April 2011 -
Supported Platforms - Linux, *BSD, Solaris, Mac OS X, any Unix, Windows (Cygwin) - Linux, *BSD, Solaris and Mac OS X - Linux, *BSD, Mac OS X, Windows -

- -

Features Table

-

This table lists the feature sets of each tools. -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Feature - Hydra - Medusa - Ncrack -
License - AGPLv3 - GPLv2 - GPLv2 + Nmap terms -
IPv6 Support -Yes -No -Yes -
Graphic User Interface -Yes -Yes -No -
Internationalized support (RFC 4013) -Yes -No -No -
HTTP proxy support -Yes -Yes -No -
SOCKS proxy support -Yes -No -No -
# of supported protocols - 51 - 22 - 7 -

- -

Services Coverage

-

This table lists the services coverage of each tools. For each services, many authentication methods are possible. If you require other ways or find issues in Hydra, please -contact us as the service depends on RFC implementations, some adjustements may be needed. -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Service - Details - Hydra - Medusa - Ncrack -
ADAM-6500 - -Yes -No -No -
AFP - -Yes -Yes -No -
Asterisk - -Yes -No -No -
Cisco Password - -Yes -No -No -
Cisco Enable - -Yes -No -No -
CVS - -Yes -Yes -No -
Firebird - -Yes -No -No -
FTP -Yes -Yes -Yes -
SSL supportAUTH TLS & FTP over SSL -AUTH TLS & FTP over SSL -No -
HTTP -Method(s)GET, HEAD, POST -GET -GET -
Basic AuthYes -Yes -Yes -
DIGEST-MD5 AuthYes -Yes -No -
NTLM AuthYes -Yes -No -
SSL supportHTTPS -HTTPS -HTTPS -
HTTP Form -Method(s)GET, POST -GET, POST -No -
SSL supportHTTPS -HTTPS -No -
HTTP Proxy -Basic AuthYes -No -No -
DIGEST-MD5 AuthYes -No -No -
NTLM AuthYes -No -No -
SSL supportHTTPS -No -No -
HTTP PROXY URL Enumeration - -Yes -No -No -
ICQ -v5 -Yes 1 -No -No -
IMAP -LOGIN supportYes -Yes -No -
AUTH LOGIN supportYes -No -No -
AUTH PLAIN supportYes -Yes -No -
AUTH CRAM-MD5 supportYes -No -No -
AUTH CRAM-SHA1 supportYes -No -No -
AUTH CRAM-SHA256 supportYes -No -No -
AUTH DIGEST-MD5 supportYes -No -No -
AUTH NTLM supportYes -Yes -No -
AUTH SCRAM-SHA1 supportYes -No -No -
SSL supportIMAPS & STARTTLS -IMAPS & STARTTLS -No -
IRC -General server password -Yes -No -No -
OPER mode password -Yes -No -No -
LDAP -v2, Simple supportYes -No -No -
v3, Simple supportYes -No -No -
v3, AUTH CRAM-MD5 supportYes -No -No -
v3, AUTH DIGEST-MD5 supportYes -No -No -
MS-SQL - -Yes -Yes -No -
MySQL -v3.x -Yes -Yes -No -
v4.x -Yes -Yes -No -
v5.x -Yes -Yes -No -
NCP - -Yes -Yes -No -
NNTP -USER support -Yes -Yes -No -
AUTH LOGIN support -Yes -No -No -
AUTH PLAIN support -Yes -No -No -
AUTH CRAM-MD5 support -Yes -No -No -
AUTH DIGEST-MD5 support -Yes -No -No -
AUTH NTLM support -Yes -No -No -
SSL support -STARTTLS & NNTP over SSL -No -No -
Oracle -DatabaseYes -Yes 2 -No -
TNS ListenerYes -No -No -
SID EnumerationYes -No -No -
PC-NFS -Yes -No -No -
pcAnywhere -Native Authentication -Yes 1 -Yes -No -
OS Based Authentication (MS) -No -Yes -No -
POP3 -USER supportYes -Yes -Yes -
APOP supportYes -No -No -
AUTH LOGIN supportYes -Yes -No -
AUTH PLAIN supportYes -Yes -No -
AUTH CRAM-MD5 supportYes -No -No -
AUTH CRAM-SHA1 supportYes -No -No -
AUTH CRAM-SHA256 supportYes -No -No -
AUTH DIGEST-MD5 supportYes -No -No -
AUTH NTLM supportYes -Yes -No -
SSL SupportPOP3S & STARTTLS -POP3S & STARTTLS -POP3S -
PostgreSQL - -Yes -Yes -No -
Asterisk - -Yes -No -No -
RDP -Windows Workstation -Yes -Yes 2 -Yes -
Windows Server -Yes -Yes 2 -Partial -
Domain Auth -Yes -Yes 2 -No -
REDIS - -Yes -No -No -
REXEC - -Yes -Yes -No -
RLOGIN - -Yes -Yes -No -
RPCAP - -Yes -No -No -
RSH - -Yes -Yes -No -
RTSP - -Yes -No -No -
SAP R/3 - -Yes 1 -No -No -
Siemens S7-300 - -Yes -No -No -
SIP -Yes 1 -No -No -
SSL supportSIP over SSL -No -No -
SMB -NetBIOS ModeYes -Yes -No -
W2K Native ModeYes -Yes -Yes -
Hash modeYes -Yes -No -
Clear Text AuthYes -Yes -No -
LMv1 AuthYes -Yes -Yes -
LMv2 AuthYes -Yes -Yes -
NTLMv1 AuthYes -Yes -Yes -
NTLMv2 AuthYes -Yes -Yes -
SMTP -AUTH LOGIN supportYes -Yes -No -
AUTH PLAIN supportYes -Yes -No -
AUTH CRAM-MD5 supportYes -No -No -
AUTH DIGEST-MD5 supportYes -No -No -
AUTH NTLM supportYes -Yes -No -
SSL supportSMTPS & STARTTLS -SMTPS & STARTTLS -No -
SMTP User Enum -VRFY cmdYes -Yes -No -
EXPN cmdYes -Yes -No -
RCPT TO cmdYes -Yes -No -
SNMP -v1 -Yes -Yes -No -
v2c -Yes -Yes -No -
v3 -Partial (MD5/SHA1 auth only)(MD5/SHA1 auth only) -No -No -
SOCKS -v5, Password Auth -Yes -No -No -
SSH -v1Yes -No -No -
v2Yes -Yes -Yes -
SSH Keys -v1, v2 -Yes -No -No -
Subversion (SVN) - -Yes -Yes -No -
TeamSpeak -TS2 -Yes 1 -No -No -
Telnet - -Yes -Yes -Yes -
XMPP -AUTH LOGIN supportYes -No -No -
AUTH PLAIN supportYes -No -No -
AUTH CRAM-MD5 supportYes -No -No -
AUTH DIGEST-MD5 supportYes -No -No -
AUTH SCRAM-SHA1 supportYes -No -No -
VMware Auth Daemon -v1.00 / v1.10 -Yes -Yes -No -
SSL support -Yes -Yes -No -
VNC -RFB 3.x password support -Yes -Yes -No -
RFB 3.x user+password support -No -Partial(UltraVNC only) -No -
RFB 4.x password support -Yes -Yes -No -
RFB 4.x user+password support -No -Partial(UltraVNC only) -No -

- -

Speed Comparison

-

This table gives some speed data (in second) for 2 popular services supported by each cracking tool (as of September 2011). The value displayed is the min value of 3 consecutive runs. -Each tool was configured to run 1, 4 and 16 task(s)/job(s) at a time. A login and password lists corresponding to 20 attempts was used. The smaller the value the better.

- - - - - - - - - - - - - - - - -
Speed (in s) - Hydra - Medusa - Ncrack -
1 Task / FTP module - 11.93 - 12.97 - 18.01 -
4 Tasks / FTP module - 4.20 - 5.24 - 9.01 -
16 Tasks / FTP module - 2.44 - 2.71 - 12.01 -
1 Task / SSH v2 module - 32.56 - 33.84 - 45.02 -
4 Tasks / SSH v2 module - 10.95 - Broken - Missed -
16 Tasks / SSH v2 module - 5.14 - Broken - Missed -

- - -

Notes

-
  1. These Hydra modules have not been checked with latest version of softwares/protocols available. -
    2. -
  2. Medusa support is relying on a script or a wrapper. -
- -
- -
-
-
-
- -
- -
- - diff --git a/web/webfiles/css/commonPrint.css b/web/webfiles/css/commonPrint.css deleted file mode 100644 index ecf146d..0000000 --- a/web/webfiles/css/commonPrint.css +++ /dev/null @@ -1,267 +0,0 @@ -/* -** MediaWiki Print style sheet for CSS2-capable browsers. -** Copyright Gabriel Wicke, http://www.aulinx.de/ -** -** Derived from the plone (http://plone.org/) styles -** Copyright Alexander Limi -*/ - -/* Thanks to A List Apart (http://alistapart.com/) for useful extras */ -a.stub, -a.new{ color:#ba0000; text-decoration:none; } - -#toc { - /*border:1px solid #2f6fab;*/ - border:1px solid #aaaaaa; - background-color:#f9f9f9; - padding:5px; -} -.tocindent { - margin-left: 2em; -} -.tocline { - margin-bottom: 0px; -} - -/* images */ -div.floatright { - float: right; - clear: right; - margin: 0; - position:relative; - border: 0.5em solid White; - border-width: 0.5em 0 0.8em 1.4em; -} -div.floatright p { font-style: italic;} -div.floatleft { - float: left; - margin: 0.3em 0.5em 0.5em 0; - position:relative; - border: 0.5em solid White; - border-width: 0.5em 1.4em 0.8em 0; -} -div.floatleft p { font-style: italic; } -/* thumbnails */ -div.thumb { - margin-bottom: 0.5em; - border-style: solid; border-color: White; - width: auto; - overflow: hidden; -} -div.thumb div { - border:1px solid #cccccc; - padding: 3px !important; - background-color:#f9f9f9; - font-size: 94%; - text-align: center; -} -div.thumb div a img { - border:1px solid #cccccc; -} -div.thumb div div.thumbcaption { - border: none; - padding: 0.3em 0 0.1em 0; -} -div.magnify { display: none; } -div.tright { - float: right; - clear: right; - border-width: 0.5em 0 0.8em 1.4em; -} -div.tleft { - float: left; - margin-right:0.5em; - border-width: 0.5em 1.4em 0.8em 0; -} -img.thumbborder { - border: 1px solid #dddddd; -} - -/* table standards */ -table.rimage { - float:right; - width:1pt; - position:relative; - margin-left:1em; - margin-bottom:1em; - text-align:center; -} - -body { - background: White; - /*font-size: 11pt !important;*/ - color: Black; - margin: 0; - padding: 0; -} - -.noprint, -div#jump-to-nav, -div.top, -div#column-one, -#colophon, -.editsection, -.toctoggle, -.tochidden, -div#f-poweredbyico, -div#f-copyrightico, -li#viewcount, -li#about, -li#disclaimer, -li#privacy { - /* Hides all the elements irrelevant for printing */ - display: none; -} - -ul { - list-style-type: square; -} - -#content { - background: none; - border: none ! important; - padding: 0 ! important; - margin: 0 ! important; -} -#footer { - background : white; - color : black; - border-top: 1px solid black; -} - -h1, h2, h3, h4, h5, h6 { - font-weight: bold; -} - -p, .documentDescription { - margin: 1em 0 ! important; - line-height: 1.2em; -} - -.tocindent p { - margin: 0 0 0 0 ! important; -} - -pre { - border: 1pt dashed black; - white-space: pre; - font-size: 8pt; - overflow: auto; - padding: 1em 0; - background : white; - color : black; -} - -table.listing, -table.listing td { - border: 1pt solid black; - border-collapse: collapse; -} - -a { - color: Black !important; - background: none !important; - padding: 0 !important; -} - -a:link, a:visited { - color: #520; - background: transparent; - text-decoration: underline; -} - -#content a.external.text:after, #content a.external.autonumber:after { - /* Expand URLs for printing */ - content: " (" attr(href) ") "; -} - -#globalWrapper { - width: 100% !important; - min-width: 0 !important; -} - -#content { - background : white; - color : black; -} - -#column-content { - margin: 0 !important; -} - -#column-content #content { - padding: 1em; - margin: 0 !important; -} -/* MSIE/Win doesn't understand 'inherit' */ -a, a.external, a.new, a.stub { - color: black ! important; - text-decoration: none ! important; -} - -/* Continue ... */ -a, a.external, a.new, a.stub { - color: inherit ! important; - text-decoration: inherit ! important; -} - -img { border: none; } -img.tex { vertical-align: middle; } -span.texhtml { font-family: serif; } - -#siteNotice { display: none; } - -table.gallery { - border: 1px solid #cccccc; - margin: 2px; - padding: 2px; - background-color:#ffffff; -} - -table.gallery tr { - vertical-align:top; -} - -div.gallerybox { - border: 1px solid #cccccc; - margin: 2px; - background-color:#f9f9f9; - width: 150px; -} - -div.gallerybox div.thumb { - text-align: center; - border: 1px solid #cccccc; - margin: 2px; -} - -div.gallerytext { - font-size: 94%; - padding: 2px 4px; -} - -/* -** Diff rendering -*/ -table.diff { background:white; } -td.diff-otitle { background:#ffffff; } -td.diff-ntitle { background:#ffffff; } -td.diff-addedline { - background:#ccffcc; - font-size: smaller; - border: solid 2px black; -} -td.diff-deletedline { - background:#ffffaa; - font-size: smaller; - border: dotted 2px black; -} -td.diff-context { - background:#eeeeee; - font-size: smaller; -} -.diffchange { - color: silver; - font-weight: bold; - text-decoration: underline; -} diff --git a/web/webfiles/css/index.css b/web/webfiles/css/index.css deleted file mode 100644 index f010367..0000000 --- a/web/webfiles/css/index.css +++ /dev/null @@ -1,2 +0,0 @@ -/* generated user stylesheet */ -a.new, #quickbar a.new { color: #CC2200; } diff --git a/web/webfiles/css/index_002.css b/web/webfiles/css/index_002.css deleted file mode 100644 index aba5a86..0000000 --- a/web/webfiles/css/index_002.css +++ /dev/null @@ -1 +0,0 @@ -/* CSS placed here will affect the print output */ \ No newline at end of file diff --git a/web/webfiles/css/index_003.css b/web/webfiles/css/index_003.css deleted file mode 100644 index bf5c91c..0000000 --- a/web/webfiles/css/index_003.css +++ /dev/null @@ -1 +0,0 @@ -/** CSS placed here will be applied to all skins */ \ No newline at end of file diff --git a/web/webfiles/css/index_004.css b/web/webfiles/css/index_004.css deleted file mode 100644 index 3b97146..0000000 --- a/web/webfiles/css/index_004.css +++ /dev/null @@ -1,20 +0,0 @@ -/** 
 */
-#footer { text-align: center; border: none; padding: 0; }
-#p-cactions li.selected { border-color: #708090; padding: 0 0 .2em 0; font-weight: bold; }
-pre
-{
-    generic-family: "Envy Code R", "Liberation Mono", Consolas, "Lucida Console", monospace;
-
-    /* border: 1px solid #dbdbdb; */
-
-    border: 1px solid #cfcfcf;
-    background-color: #fefefe;
-    line-height: 1.1em;
-    padding: 0.55em;
-/*
-    -moz-border-radius-topright: 0.5em;
-    -webkit-border-top-right-radius: 0.5em;
-    border-radius-topright: 0.5em;
-*/
-}
-/**
*/ \ No newline at end of file diff --git a/web/webfiles/css/main.css b/web/webfiles/css/main.css deleted file mode 100644 index a864cc9..0000000 --- a/web/webfiles/css/main.css +++ /dev/null @@ -1,1461 +0,0 @@ -/* -** MediaWiki 'monobook' style sheet for CSS2-capable browsers. -** Copyright Gabriel Wicke - http://wikidev.net/ -** License: GPL (http://www.gnu.org/copyleft/gpl.html) -** -** Loosely based on http://www.positioniseverything.net/ordered-floats.html by Big John -** and the Plone 2.0 styles, see http://plone.org/ (Alexander Limi,Joe Geldart & Tom Croucher, -** Michael Zeltner and Geir Bækholt) -** All you guys rock :) -*/ - -#column-content { - width: 100%; - float: right; - margin: 0 0 .6em -12.2em; - padding: 0; -} - -#content { - margin: 2.2em 0 0 2.2em; - padding: 0 1em 1.5em 1em; - background: white; - color: black; - border: 1px solid #aaa; - border-right: none; - line-height: 1.5em; - position: relative; - z-index: 2; -} - -#column-one { - padding-top: 30px; -} - -#content { - background: white; - color: black; - border: 1px solid #aaa; - border-right: none; - line-height: 1.5em; -} - -/* Font size: -** We take advantage of keyword scaling- browsers won't go below 9px -** More at http://www.w3.org/2003/07/30-font-size -** http://style.cleverchimp.com/font_size_intervals/altintervals.html -*/ - -body { - font: x-small sans-serif; - background-color: #ffffff; - font-family: Verdana, helvetica, sans-serif; - font-size: 10px; - color: black; - margin: 0; - padding: 0; -} - -/* scale back up to a sane default */ -#globalWrapper { - font-size: 127%; - width: 100%; - margin: 0; - padding: 0; -} -.visualClear { - clear: both; -} - -/* general styles */ - -table { - font-size: 100%; - color: black; - /* we don't want the bottom borders of

s to be visible through - floated tables */ - background-color: white; -} -fieldset table { - /* but keep table layouts in forms clean... */ - background: none; -} - -a:link, a:visited, a:active { text-decoration: underline; color: #173F99 } -a:hover { color: #505050 } - -a.stub { - color: #772233; -} -a.new, #p-personal a.new { - color: #ba0000; -} -a.new:visited, #p-personal a.new:visited { - color: #a55858; -} - -img { - border: none; - vertical-align: middle; -} -p { - margin: .4em 0 .5em 0; - line-height: 1.5em; -} -p img { - margin: 0; -} - -hr { - height: 1px; - color: #aaa; - background-color: #aaa; - border: 0; - margin: .2em 0 .2em 0; -} - -h1, h2, h3, h4, h5, h6 { - color: black; - background: none; - font-weight: normal; - margin: 0; - padding-top: .5em; - padding-bottom: .17em; - border-bottom: 1px solid #aaa; -} -h1 { font-size: 188%; } -h1 .editsection { font-size: 53%; } -h2 { font-size: 150%; } -h2 .editsection { font-size: 67%; } -h3, h4, h5, h6 { - border-bottom: none; - font-weight: bold; -} -h3 { font-size: 132%; } -h3 .editsection { font-size: 76%; font-weight: normal; } -h4 { font-size: 116%; } -h4 .editsection { font-size: 86%; font-weight: normal; } -h5 { font-size: 100%; } -h5 .editsection { font-weight: normal; } -h6 { font-size: 80%; } -h6 .editsection { font-size: 125%; font-weight: normal; } - -ul { - line-height: 1.5em; - list-style-type: square; - margin: .3em 0 0 1.5em; - padding: 0; - list-style-image: url(bullet.gif); -} -ol { - line-height: 1.5em; - margin: .3em 0 0 3.2em; - padding: 0; - list-style-image: none; -} -li { - margin-bottom: .1em; -} -dt { - font-weight: bold; - margin-bottom: .1em; -} -dl { - margin-top: .2em; - margin-bottom: .5em; -} -dd { - line-height: 1.5em; - margin-left: 2em; - margin-bottom: .1em; -} - -fieldset { - border: 1px solid #2f6fab; - margin: 1em 0 1em 0; - padding: 0 1em 1em; - line-height: 1.5em; -} -fieldset.nested { - margin: 0 0 0.5em 0; - padding: 0 0.5em 0.5em; -} -legend { - padding: .5em; - font-size: 95%; -} -form { - border: none; - margin: 0; -} - -textarea { - width: 100%; - padding: .1em; -} - -input.historysubmit { - padding: 0 .3em .3em .3em !important; - font-size: 94%; - cursor: pointer; - height: 1.7em !important; - margin-left: 1.6em; -} -select { - vertical-align: top; -} -abbr, acronym, .explain { - border-bottom: 1px dotted black; - color: black; - background: none; - cursor: help; -} -q { - font-family: Times, "Times New Roman", serif; - font-style: italic; -} -/* disabled for now -blockquote { - font-family: Times, "Times New Roman", serif; - font-style: italic; -}*/ -code { - background-color: #f9f9f9; -} -pre { - padding: 1em; - border: 1px dashed #2f6fab; - color: black; - background-color: #f9f9f9; - line-height: 1.1em; -} - -/* -** the main content area -*/ - -#siteSub { - display: none; -} -#jump-to-nav { - display: none; -} - -#contentSub, #contentSub2 { - font-size: 84%; - line-height: 1.2em; - margin: 0 0 1.4em 1em; - color: #7d7d7d; - width: auto; -} -span.subpages { - display: block; -} - -/* Some space under the headers in the content area */ -#bodyContent h1, #bodyContent h2 { - margin-bottom: .6em; -} -#bodyContent h3, #bodyContent h4, #bodyContent h5 { - margin-bottom: .3em; -} -.firstHeading { - margin-bottom: .1em; - /* These two rules hack around bug 2013 (fix for more limited bug 11325). - When bug 2013 is fixed properly, they should be removed. */ - line-height: 1.2em; - padding-bottom: 0; -} - -/* user notification thing */ -.usermessage { - background-color: #ffce7b; - border: 1px solid #ffa500; - color: black; - font-weight: bold; - margin: 2em 0 1em; - padding: .5em 1em; - vertical-align: middle; -} -#siteNotice { - text-align: center; - font-size: 95%; - padding: 0 .9em; -} -#siteNotice p { - margin: 0; - padding: 0; -} -.success { - color: green; - font-size: larger; -} -.error { - color: red; - font-size: larger; -} -.errorbox, .successbox { - font-size: larger; - border: 2px solid; - padding: .5em 1em; - float: left; - margin-bottom: 2em; - color: #000; -} -.errorbox { - border-color: red; - background-color: #fff2f2; -} -.successbox { - border-color: green; - background-color: #dfd; -} -.errorbox h2, .successbox h2 { - font-size: 1em; - font-weight: bold; - display: inline; - margin: 0 .5em 0 0; - border: none; -} - -.catlinks { - border: 1px solid #aaa; - background-color: #f9f9f9; - padding: 5px; - margin-top: 1em; - clear: both; -} -/* currently unused, intended to be used by a metadata box -in the bottom-right corner of the content area */ -.documentDescription { - /* The summary text describing the document */ - font-weight: bold; - display: block; - margin: 1em 0; - line-height: 1.5em; -} -.documentByLine { - text-align: right; - font-size: 90%; - clear: both; - font-weight: normal; - color: #76797c; -} - -/* emulate center */ -.center { - width: 100%; - text-align: center; -} -*.center * { - margin-left: auto; - margin-right: auto; -} -/* small for tables and similar */ -.small, .small * { - font-size: 94%; -} -table.small { - font-size: 100%; -} - -/* -** content styles -*/ - -#toc, -.toc, -.mw-warning { - border: 1px solid #aaa; - background-color: #f9f9f9; - padding: 5px; - font-size: 95%; -} -#toc h2, -.toc h2 { - display: inline; - border: none; - padding: 0; - font-size: 100%; - font-weight: bold; -} -#toc #toctitle, -.toc #toctitle, -#toc .toctitle, -.toc .toctitle { - text-align: center; -} -#toc ul, -.toc ul { - list-style-type: none; - list-style-image: none; - margin-left: 0; - padding-left: 0; - text-align: left; -} -#toc ul ul, -.toc ul ul { - margin: 0 0 0 2em; -} -#toc .toctoggle, -.toc .toctoggle { - font-size: 94%; -} - -.mw-warning { - margin-left: 50px; - margin-right: 50px; - text-align: center; -} - -/* images */ -div.floatright, table.floatright { - clear: right; - float: right; - position: relative; - margin: 0 0 .5em .5em; - border: 0; -/* - border: .5em solid white; - border-width: .5em 0 .8em 1.4em; -*/ -} -div.floatright p { font-style: italic; } -div.floatleft, table.floatleft { - float: left; - clear: left; - position: relative; - margin: 0 .5em .5em 0; - border: 0; -/* - margin: .3em .5em .5em 0; - border: .5em solid white; - border-width: .5em 1.4em .8em 0; -*/ -} -div.floatleft p { font-style: italic; } -/* thumbnails */ -div.thumb { - margin-bottom: .5em; - border-style: solid; - border-color: white; - width: auto; -} -div.thumbinner { - border: 1px solid #ccc; - padding: 3px !important; - background-color: #f9f9f9; - font-size: 94%; - text-align: center; - overflow: hidden; -} -html .thumbimage { - border: 1px solid #ccc; -} -html .thumbcaption { - border: none; - text-align: left; - line-height: 1.4em; - padding: 3px !important; - font-size: 94%; -} -div.magnify { - float: right; - border: none !important; - background: none !important; -} -div.magnify a, div.magnify img { - display: block; - border: none !important; - background: none !important; -} -div.tright { - clear: right; - float: right; - border-width: .5em 0 .8em 1.4em; -} -div.tleft { - float: left; - clear: left; - margin-right: .5em; - border-width: .5em 1.4em .8em 0; -} -img.thumbborder { - border: 1px solid #dddddd; -} -.hiddenStructure { - display: none; -} - -/* -** classes for special content elements like town boxes -** intended to be referenced directly from the wiki src -*/ - -/* -** User styles -*/ -/* table standards */ -table.rimage { - float: right; - position: relative; - margin-left: 1em; - margin-bottom: 1em; - text-align: center; -} -.toccolours { - border: 1px solid #aaa; - background-color: #f9f9f9; - padding: 5px; - font-size: 95%; -} - -/* -** edit views etc -*/ -.special li { - line-height: 1.4em; - margin: 0; - padding: 0; -} - -/* -** keep the whitespace in front of the ^=, hides rule from konqueror -** this is css3, the validator doesn't like it when validating as css2 -*/ -#bodyContent a.external, -#bodyContent a[href ^="gopher://"] { - background: url(external.png) center right no-repeat; - padding-right: 13px; -} -#bodyContent a[href ^="https://"], -.link-https { - background: url(lock_icon.gif) center right no-repeat; - padding-right: 16px; -} -#bodyContent a[href ^="mailto:"], -.link-mailto { - background: url(mail_icon.gif) center right no-repeat; - padding-right: 18px; -} -#bodyContent a[href ^="news://"] { - background: url(news_icon.png) center right no-repeat; - padding-right: 18px; -} -#bodyContent a[href ^="ftp://"], -.link-ftp { - background: url(file_icon.gif) center right no-repeat; - padding-right: 18px; -} -#bodyContent a[href ^="irc://"], -#bodyContent a.extiw[href ^="irc://"], -.link-irc { - background: url(discussionitem_icon.gif) center right no-repeat; - padding-right: 18px; -} -#bodyContent a.external[href $=".ogg"], #bodyContent a.external[href $=".OGG"], -#bodyContent a.external[href $=".mid"], #bodyContent a.external[href $=".MID"], -#bodyContent a.external[href $=".midi"], #bodyContent a.external[href $=".MIDI"], -#bodyContent a.external[href $=".mp3"], #bodyContent a.external[href $=".MP3"], -#bodyContent a.external[href $=".wav"], #bodyContent a.external[href $=".WAV"], -#bodyContent a.external[href $=".wma"], #bodyContent a.external[href $=".WMA"], -.link-audio { - background: url("audio.png") center right no-repeat; - padding-right: 13px; -} -#bodyContent a.external[href $=".ogm"], #bodyContent a.external[href $=".OGM"], -#bodyContent a.external[href $=".avi"], #bodyContent a.external[href $=".AVI"], -#bodyContent a.external[href $=".mpeg"], #bodyContent a.external[href $=".MPEG"], -#bodyContent a.external[href $=".mpg"], #bodyContent a.external[href $=".MPG"], -.link-video { - background: url("video.png") center right no-repeat; - padding-right: 13px; -} -#bodyContent a.external[href $=".pdf"], #bodyContent a.external[href $=".PDF"], -#bodyContent a.external[href *=".pdf#"], #bodyContent a.external[href *=".PDF#"], -#bodyContent a.external[href *=".pdf?"], #bodyContent a.external[href *=".PDF?"], -.link-document { - background: url("document.png") center right no-repeat; - padding-right: 12px; -} - -/* disable interwiki styling */ -#bodyContent a.extiw, -#bodyContent a.extiw:active { - color: #36b; - background: none; - padding: 0; -} -#bodyContent a.external { - color: #36b; -} -/* this can be used in the content area to switch off -special external link styling */ -#bodyContent .plainlinks a { - background: none !important; - padding: 0 !important; -} - -/* -** the personal toolbar -*/ - -#p-personal { - width: 100%; - white-space: nowrap; - padding: 0; - margin: 0; - position: absolute; - top: 9.2em; - z-index: 0; - border: none; - background: none; - overflow: visible; - line-height: 1.2em; -} - -#p-personal h5 { - display: none; -} -#p-personal .portlet, -#p-personal .pBody { - padding: 0; - margin: 0; - border: none; - z-index: 0; - overflow: visible; - background: none; -} -/* this is the ul contained in the portlet */ -#p-personal ul { - border: none; - line-height: 1.4em; - color: #2f6fab; - padding: 0 2em 0 3em; - margin: 0; - text-align: right; - text-transform: lowercase; - list-style: none; - z-index: 0; - background: none; - cursor: default; -} -#p-personal li { - z-index: 0; - border: none; - padding: 0; - display: inline; - color: #2f6fab; - margin-left: 1em; - line-height: 1.2em; - background: none; -} -#p-personal li.active { - font-weight: bold; -} -#p-personal li a { - text-decoration: none; - color: #005896; - padding-bottom: 0.2em; - background: none; -} -#p-personal li a:hover { - background-color: white; - padding-bottom: 0.2em; - text-decoration: none; -} - - -/* the icon in front of the user name, single quotes -in bg url to hide it from iemac */ -li#pt-userpage, -li#pt-anonuserpage, -li#pt-login { - background: url(user.gif) top left no-repeat; - padding-left: 20px; - text-transform: none; -} -#p-personal ul { - text-transform: lowercase; -} -#p-personal li.active { - font-weight: bold; -} -/* -** the page-related actions- page/talk, edit etc -*/ - -/* -** the page-related actions- page/talk, edit etc -*/ -#p-cactions { - position: absolute; - top: 10.5em; - left: 12.2em; - margin: 0; - white-space: nowrap; - width: 76%; - line-height: 1.1em; - overflow: visible; - background: none; - border-collapse: collapse; - padding-left: 1em; - list-style: none; - font-size: 95%; -} -#p-cactions .hiddenStructure { - display: none; -} -#p-cactions ul { - list-style: none; -} -#p-cactions li { - display: inline; - border: 1px solid #aaa; - border-bottom: none; - padding: 0 0 .1em 0; - margin: 0 .3em 0 0; - overflow: visible; - background: white; -} -#p-cactions li.selected { - border-color: #fabd23; - padding: 0 0 .2em 0; - font-weight: bold; -} -#p-cactions li a { - background-color: #fbfbfb; - color: #002bb8; - border: none; - padding: 0 .8em .3em; - text-decoration: none; - text-transform: lowercase; - position: relative; - z-index: 0; - margin: 0; -} -#p-cactions li.selected a { - z-index: 3; - background-color: #fff; - padding: 0 1em .2em!important; -} -#p-cactions .new a { - color: #ba0000; -} -#p-cactions li a:hover { - z-index: 3; - text-decoration: none; - background-color: #fff; -} -#p-cactions h5 { - display: none; -} -#p-cactions li.istalk { - margin-right: 0; -} -#p-cactions li.istalk a { - padding-right: .5em; -} -#p-cactions #ca-addsection a { - padding-left: .4em; - padding-right: .4em; -} -/* offsets to distinguish the tab groups */ -li#ca-talk { - margin-right: 1.6em; -} -li#ca-watch, li#ca-unwatch, li#ca-varlang-0, li#ca-print { - margin-left: 1.6em; -} - - -#p-cactions .pBody { - font-size: 1em; - background-color: transparent; - color: inherit; - border-collapse: inherit; - border: 0; - padding: 0; -} -#p-cactions .hiddenStructure { - display: none; -} -#p-cactions li a { - text-transform: lowercase; -} - -#p-lang { - position: relative; - z-index: 3; -} - -/* TODO: #t-iscite is only used by the Cite extension, come up with some - * system which allows extensions to add to this file on the fly - */ -#t-ispermalink, #t-iscite { - color: #999; -} -/* -** footer -*/ -#footer { - background-color: white; - border-top: 1px solid #fabd23; - border-bottom: 1px solid #fabd23; - margin: .6em 0 1em 0; - padding: .4em 0 1.2em 0; - text-align: center; - font-size: 90%; - margin-left: 20px; -} -#footer li { - display: inline; - margin: 0 1.3em; -} -#f-poweredbyico, #f-copyrightico { - margin: 0 8px; - position: relative; - top: -2px; /* Bump it up just a tad */ -} -#f-poweredbyico { - float: right; - height: 1%; -} -#f-copyrightico { - float: left; - height: 1%; -} - -/* js pref toc */ -#preftoc { - margin: 0; - padding: 0; - width: 100%; - clear: both; -} -#preftoc li { - background-color: #f0f0f0; - color: #000; -} -#preftoc li { - margin: 1px -2px 1px 2px; - float: left; - padding: 2px 0 3px 0; - border: 1px solid #fff; - border-right-color: #716f64; - border-bottom: 0; - position: relative; - white-space: nowrap; - list-style-type: none; - list-style-image: none; - z-index: 3; -} -#preftoc li.selected { - font-weight: bold; - background-color: #f9f9f9; - border: 1px solid #aaa; - border-bottom: none; - cursor: default; - top: 1px; - padding-top: 2px; - margin-right: -3px; -} -#preftoc > li.selected { - top: 2px; -} -#preftoc a, -#preftoc a:active { - display: block; - color: #000; - padding: 0 .7em; - position: relative; - text-decoration: none; -} -#preftoc li.selected a { - cursor: default; - text-decoration: none; -} -#prefcontrol { - padding-top: 2em; - clear: both; -} -#preferences { - margin: 0; - border: 1px solid #aaa; - clear: both; - padding: 1.5em; - background-color: #F9F9F9; -} -.prefsection { - border: none; - padding: 0; - margin: 0; -} -.prefsection fieldset { - border: 1px solid #aaa; - float: left; - margin-right: 2em; -} -.prefsection legend { - font-weight: bold; -} -.prefsection table, .prefsection legend { - background-color: #F9F9F9; -} -.mainLegend { - display: none; -} -div.prefsectiontip { - font-size: x-small; - padding: .2em 2em; - color: #666; -} -.btnSavePrefs { - font-weight: bold; - padding-left: .3em; - padding-right: .3em; -} - -.preferences-login { - clear: both; - margin-bottom: 1.5em; -} - -.prefcache { - font-size: 90%; - margin-top: 2em; -} - -div#userloginForm form, -div#userlogin form#userlogin2 { - margin: 0 3em 1em 0; - border: 1px solid #aaa; - clear: both; - padding: 1.5em 2em; - background-color: #f9f9f9; - float: left; -} -.rtl div#userloginForm form, -.rtl div#userlogin form#userlogin2 { - float: right; -} - -div#userloginForm table, -div#userlogin form#userlogin2 table { - background-color: #f9f9f9; -} - -div#userloginForm h2, -div#userlogin form#userlogin2 h2 { - padding-top: 0; -} - -div#userlogin .captcha, -div#userloginForm .captcha { - border: 1px solid #bbb; - padding: 1.5em 2em; - background-color: white; -} - -#loginend, #signupend { - clear: both; -} - -#userloginprompt, #languagelinks { - font-size: 85%; -} - -#login-sectiontip { - font-size: 85%; - line-height: 1.2; - padding-top: 2em; -} - -#userlogin .loginText, #userlogin .loginPassword { - width: 12em; -} - -#userloginlink a, #wpLoginattempt, #wpCreateaccount { - font-weight: bold; -} - -/* -** IE/Mac fixes, hope to find a validating way to move this -** to a separate stylesheet. This would work but doesn't validate: -** @import("IEMacFixes.css"); -*/ -/* tabs: border on the a, not the div */ -* > html #p-cactions li { border: none; } -* > html #p-cactions li a { - border: 1px solid #aaa; - border-bottom: none; -} -* > html #p-cactions li.selected a { border-color: #fabd23; } -/* footer icons need a fixed width */ -* > html #f-poweredbyico, -* > html #f-copyrightico { width: 88px; } -* > html #bodyContent, -* > html #bodyContent pre { - overflow-x: auto; - width: 100%; - padding-bottom: 25px; -} - -/* more IE fixes */ -/* float/negative margin brokenness */ -* html #footer {margin-top: 0;} -* html #column-content { - display: inline; - margin-bottom: 0; -} -* html div.editsection { font-size: smaller; } -#pagehistory li.selected { position: relative; } - -/* Mac IE 5.0 fix; floated content turns invisible */ -* > html #column-content { - float: none; -} -* > html #column-one { - position: absolute; - left: 0; - top: 0; -} -* > html #footer { - margin-left: 13.2em; -} -.redirectText { - font-size: 150%; - margin: 5px; -} - -.printfooter { - display: none; -} - -.not-patrolled { - background-color: #ffa; -} -div.patrollink { - clear: both; - font-size: 75%; - text-align: right; -} -span.newpage, span.minor, span.bot { - font-weight: bold; -} -span.unpatrolled { - font-weight: bold; - color: red; -} - -.sharedUploadNotice { - font-style: italic; -} - -span.updatedmarker { - color: black; - background-color: #0f0; -} - -table.gallery { - border: 1px solid #ccc; - margin: 2px; - padding: 2px; - background-color: white; -} - -table.gallery tr { - vertical-align: top; -} - -table.gallery td { - vertical-align: top; - background-color: #f9f9f9; - border: solid 2px white; -} -/* Keep this temporarily so that cached pages will display right */ -table.gallery td.galleryheader { - text-align: center; - font-weight: bold; -} -table.gallery caption { - font-weight: bold; -} - -div.gallerybox { - margin: 2px; -} - -div.gallerybox div.thumb { - text-align: center; - border: 1px solid #ccc; - margin: 2px; -} - -div.gallerytext { - overflow: hidden; - font-size: 94%; - padding: 2px 4px; -} - -span.comment { - font-style: italic; -} - -span.changedby { - font-size: 95%; -} - -.previewnote { - text-indent: 3em; - color: #c00; - border-bottom: 1px solid #aaa; - padding-bottom: 1em; - margin-bottom: 1em; -} - -.previewnote p { - margin: 0; - padding: 0; -} - -.editExternally { - border: 1px solid gray; - background-color: #ffffff; - padding: 3px; - margin-top: 0.5em; - float: left; - font-size: small; - text-align: center; -} -.editExternallyHelp { - font-style: italic; - color: gray; -} - -.toggle { - margin-left: 2em; - text-indent: -2em; -} - -/* Classes for EXIF data display */ -table.mw_metadata { - font-size: 0.8em; - margin-left: 0.5em; - margin-bottom: 0.5em; - width: 300px; -} - -table.mw_metadata caption { - font-weight: bold; -} - -table.mw_metadata th { - font-weight: normal; -} - -table.mw_metadata td { - padding: 0.1em; -} - -table.mw_metadata { - border: none; - border-collapse: collapse; -} - -table.mw_metadata td, table.mw_metadata th { - text-align: center; - border: 1px solid #aaaaaa; - padding-left: 0.1em; - padding-right: 0.1em; -} - -table.mw_metadata th { - background-color: #f9f9f9; -} - -table.mw_metadata td { - background-color: #fcfcfc; -} - -table.collapsed tr.collapsable { - display: none; -} - - -/* filetoc */ -ul#filetoc { - text-align: center; - border: 1px solid #aaaaaa; - background-color: #f9f9f9; - padding: 5px; - font-size: 95%; - margin-bottom: 0.5em; - margin-left: 0; - margin-right: 0; -} - -#filetoc li { - display: inline; - list-style-type: none; - padding-right: 2em; -} - -input#wpSummary { - width: 80%; -} - -/* @bug 1714 */ -input#wpSave, input#wpDiff { - margin-right: 0.33em; -} - -#wpSave { - font-weight: bold; -} - -/* Classes for article validation */ - -table.revisionform_default { - border: 1px solid #000000; -} - -table.revisionform_focus { - border: 1px solid #000000; - background-color:#00BBFF; -} - -tr.revision_tr_default { - background-color:#EEEEEE; -} - -tr.revision_tr_first { - background-color:#DDDDDD; -} - -p.revision_saved { - color: green; - font-weight:bold; -} - -#mw_trackbacks { - border: solid 1px #bbbbff; - background-color: #eeeeff; - padding: 0.2em; -} - - -/* Allmessages table */ - -#allmessagestable th { - background-color: #b2b2ff; -} - -#allmessagestable tr.orig { - background-color: #ffe2e2; -} - -#allmessagestable tr.new { - background-color: #e2ffe2; -} - -#allmessagestable tr.def { - background-color: #f0f0ff; -} - - -/* noarticletext */ -div.noarticletext { - border: 1px solid #ccc; - background: #fff; - padding: .2em 1em; - color: #000; -} - -div#searchTargetContainer { - left: 10px; - top: 10px; - width: 90%; - background: white; -} - -div#searchTarget { - padding: 3px; - margin: 5px; - background: #F0F0F0; - border: solid 1px blue; -} - -div#searchTarget ul li { - list-style: none; -} - -div#searchTarget ul li:before { - color: orange; - content: "\00BB \0020"; -} - -div#searchTargetHide { - float:right; - border:solid 1px black; - background:#DCDCDC; - padding:2px; -} - -#powersearch p { - margin-top:0px; -} - -div.multipageimagenavbox { - border: solid 1px silver; - padding: 4px; - margin: 1em; - background: #f0f0f0; -} - -div.multipageimagenavbox div.thumb { - border: none; - margin-left: 2em; - margin-right: 2em; -} - -div.multipageimagenavbox hr { - margin: 6px; -} - -table.multipageimage td { - text-align: center; -} - -/** Special:Version */ - -table#sv-ext, table#sv-hooks, table#sv-software { - margin: 1em; - padding:0em; -} - -#sv-ext td, #sv-hooks td, #sv-software td, -#sv-ext th, #sv-hooks th, #sv-software th { - border: 1px solid #A0A0A0; - padding: 0 0.15em 0 0.15em; -} -#sv-ext th, #sv-hooks th, #sv-software th { - background-color: #F0F0F0; - color: black; - padding: 0 0.15em 0 0.15em; -} -tr.sv-space{ - height: 0.8em; - border:none; -} -tr.sv-space td { display: none; } - -/* - Table pager (e.g. Special:Imagelist) - - remove underlines from the navigation link - - collapse borders - - set the borders to outsets (similar to Special:Allmessages) - - remove line wrapping for all td and th, set background color - - restore line wrapping for the last two table cells (description and size) -*/ -.TablePager { min-width: 80%; } -.TablePager_nav a { text-decoration: none; } -.TablePager { border-collapse: collapse; } -.TablePager, .TablePager td, .TablePager th { - border: 1px solid #aaaaaa; - padding: 0 0.15em 0 0.15em; -} -.TablePager th { background-color: #eeeeff } -.TablePager td { background-color: #ffffff } -.TablePager tr:hover td { background-color: #eeeeff } - -.imagelist td, .imagelist th { white-space: nowrap } -.imagelist .TablePager_col_links { background-color: #eeeeff } -.imagelist .TablePager_col_img_description { white-space: normal } -.imagelist th.TablePager_sort { background-color: #ccccff } - -.templatesUsed { margin-top: 1.5em; } - -.mw-summary-preview { - margin: 0.1em 0; -} - -/* Friendlier slave lag warnings */ -div.mw-lag-warn-normal, -div.mw-lag-warn-high { - padding: 3px; - text-align: center; - margin: 3px auto; -} -div.mw-lag-warn-normal { - border: 1px solid #FFCC66; - background-color: #FFFFCC; -} -div.mw-lag-warn-high { - font-weight: bold; - border: 2px solid #FF0033; - background-color: #FFCCCC; -} - -.MediaTransformError { - background-color: #ccc; - padding: 0.1em; -} -.MediaTransformError td { - text-align: center; - vertical-align: middle; - font-size: 90%; -} - -/** Special:Search stuff */ -div#mw-search-interwiki-caption { - text-align: center; - font-weight: bold; - font-size: 95%; -} - -.mw-search-interwiki-project { - font-size: 97%; - text-align: left; - padding-left: 0.2em; - padding-right: 0.15em; - padding-bottom: 0.2em; - padding-top: 0.15em; - background: #cae8ff; -} - -/* God-damned hack for the crappy layout */ -.os-suggest { - font-size: 127%; -} - - -.top { vertical-align: middle; text-align: center; padding: 0px; font-family: Verdana, helvitica, sans-serif; font-size: 12px; } - -.sidebar { - position: absolute; - padding-left: 3px; - top: 11.5em; -} - -.inspbox { - margin-left: 5px; - margin-top: 5px; - margin-bottom: 5px; - width: 145px; -} - -#footer { text-align: center; border: none; padding: 0; } -#p-cactions li.selected { border-color: #708090; padding: 0 0 .2em 0; font-weight: bold; } -pre -{ - generic-family: "Envy Code R", "Liberation Mono", Consolas, "Lucida Console", monospace; - - /* border: 1px solid #dbdbdb; */ - - border: 1px solid #cfcfcf; - background-color: #fefefe; - line-height: 1.1em; - padding: 0.55em; - -} diff --git a/web/webfiles/css/shared.css b/web/webfiles/css/shared.css deleted file mode 100644 index 7404a15..0000000 --- a/web/webfiles/css/shared.css +++ /dev/null @@ -1,320 +0,0 @@ -/** - * CSS in this file is used by *all* skins (that have any CSS at all). Be - * careful what you put in here, since what looks good in one skin may not in - * another, but don't ignore the poor non-Monobook users either. - */ -.mw-plusminus-null { color: #aaa; } - -.texvc { direction: ltr; unicode-bidi: embed; } -img.tex { vertical-align: middle; } -span.texhtml { font-family: serif; } - -/* add a bit of margin space between the preview and the toolbar */ -/* this replaces the ugly


we used to insert into the page source */ -#wikiPreview.ontop { margin-bottom: 1em; } - -/* Stop floats from intruding into edit area in previews */ -#toolbar, #wpTextbox1 { clear: both; } - -div#mw-js-message { - margin: 1em 5%; - padding: 0.5em 2.5%; - border: solid 1px #ddd; - background-color: #fcfcfc; -} - -/* Edit section links */ -.editsection { - float: right; - margin-left: 5px; -} - -/** - * File histories - */ -table.filehistory { - border:1px solid #ccc; - border-collapse:collapse; -} - -table.filehistory th, -table.filehistory td { - padding: 0 0.2em 0 0.2em; - vertical-align:top; - border:1px solid #ccc; -} -table.filehistory th { - text-align: left; -} -table.filehistory td.mw-imagepage-filesize, -table.filehistory th.mw-imagepage-filesize { - white-space:nowrap; -} - -table.filehistory td.filehistory-selected { - font-weight: bold; -} - -/* - * rev_deleted stuff - */ -li span.deleted, span.history-deleted { - text-decoration: line-through; - color: #888; - font-style: italic; -} - -/** - * Forms - */ -body.ltr td.mw-label { text-align: right; } -body.ltr td.mw-input { text-align: left; } -body.ltr td.mw-submit { text-align: left; } -body.rtl td.mw-label { text-align: left; } -body.rtl td.mw-input { text-align: right; } -body.rtl td.mw-submit { text-align: right; } - -td.mw-label { vertical-align: top; } -td.mw-submit { white-space: nowrap; } - -/** - * Image captions - */ -body.rtl .thumbcaption { text-align:right; } -body.rtl .magnify { float:left; } - -body.ltr .thumbcaption { text-align:left; } -body.ltr .magnify { float:right; } - -/** - * Hidden categories - */ -.mw-hidden-cats-hidden { display: none; } -.catlinks-allhidden { display: none; } - -/* Convenience links to edit block, delete and protect reasons */ -p.mw-ipb-conveniencelinks, p.mw-protect-editreasons, -p.mw-filedelete-editreasons, p.mw-delete-editreasons { - font-size: 90%; - float: right; -} - -/* Search results */ -div.searchresult { - font-size: 95%; - width:38em; -} -.mw-search-results li { - padding-bottom: 1em; - list-style:none; -} -.mw-search-result-data { - color: green; - font-size: 97%; -} - -td#mw-search-menu { - padding-left:6em; - font-size:85%; -} - -div#mw-search-interwiki { - float: right; - width: 18em; - border-style: solid; - border-color: #AAAAAA; - border-width: 1px; - margin-top: 2ex; -} - -div#mw-search-interwiki li { - font-size: 95%; -} - -.mw-search-interwiki-more { - float: right; - font-size: 90%; -} - -span.searchalttitle { - font-size: 95%; -} - -div.searchdidyoumean { - font-size: 127%; - margin-bottom: 1ex; - margin-top: 1ex; - /* Note that this color won't affect the link, as desired. */ - color: #c00; -} - -div.searchdidyoumean em { - font-weight: bold; -} - -.searchmatch { - font-weight: bold; -} - -div.searchresults { - border:1px solid darkblue; - padding-top: 10px; - padding-bottom: 10px; - padding-left: 20px; - padding-right: 20px; -} - -/* - * UserRights stuff - */ -.mw-userrights-disabled { - color: #888; -} - -table.mw-userrights-groups * td,table.mw-userrights-groups * th { - padding-right: 1.5em; -} - -/* - * OpenSearch ajax suggestions - */ -.os-suggest { - overflow: auto; - overflow-x: hidden; - position: absolute; - top: 0px; - left: 0px; - width: 0px; - background-color: white; - background-color: Window; - border-style: solid; - border-color: #AAAAAA; - border-width: 1px; - z-index:99; - visibility:hidden; - font-size:95%; -} - -table.os-suggest-results { - font-size: 95%; - cursor: pointer; - border: 0; - border-collapse: collapse; - width: 100%; -} - -td.os-suggest-result, td.os-suggest-result-hl { - white-space: nowrap; - background-color: white; - background-color: Window; - color: black; - color: WindowText; - padding: 2px; -} -td.os-suggest-result-hl, -td.os-suggest-result-hl-webkit { - background-color: #4C59A6; - color: white; -} -td.os-suggest-result-hl { - /* System colors are misimplemented in Safari 3.0 and earlier, - making highlighted text illegible... */ - background-color: Highlight; - color: HighlightText; -} - -.os-suggest-toggle { - position: relative; - left: 1ex; - font-size: 65%; -} -.os-suggest-toggle-def { - position: absolute; - top: 0px; - left: 0px; - font-size: 65%; - visibility: hidden; -} - -/* Page history styling */ -/* the auto-generated edit comments */ -.autocomment { color: gray; } -#pagehistory .history-user { - margin-left: 0.4em; - margin-right: 0.2em; -} -#pagehistory span.minor { font-weight: bold; } -#pagehistory li { border: 1px solid white; } -#pagehistory li.selected { - background-color: #f9f9f9; - border: 1px dashed #aaa; -} - -/* - * Special:ListGroupRights styling - * Special:Statistics styling -*/ - -table.mw-listgrouprights-table, -table.mw-statistics-table { - border: 1px solid #ccc; - border-collapse: collapse; -} - -table.mw-listgrouprights-table tr { - vertical-align: top; -} - -table.mw-listgrouprights-table td, table.mw-listgrouprights-table th, -table.mw-statistics-table td, table.mw-statistics-table th { - padding: 0.5em 0.2em 0.5em 0.2em; - border: 1px solid #ccc; -} - -td.mw-statistics-numbers { - text-align: right; -} - -/* Special:SpecialPages styling */ -h4.mw-specialpagesgroup { - background-color: #dcdcdc; - padding: 2px; - margin: .3em 0em 0em 0em; -} -.mw-specialpagerestricted { - font-weight: bold; -} - -#shared-image-dup, #shared-image-conflict { - font-style: italic; -} - -/* Special:EmailUser styling */ -table.mw-emailuser-table { - width: 98%; -} -td#mw-emailuser-sender, td#mw-emailuser-recipient { - font-weight: bold; -} - -/* - * Recreating deleted page warning - * Reupload file warning - * Page protection warning - * incl. log entries for these warnings - */ -div.mw-warning-with-logexcerpt { - padding: 3px; - margin-bottom: 3px; - border: 2px solid #2F6FAB; -} -div.mw-warning-with-logexcerpt ul li { - font-size: 90%; -} - -/* (show/hide) revision deletion links */ -span.mw-revdelundel-link, -strong.mw-revdelundel-link { - font-family: monospace; - font-size: smaller -} \ No newline at end of file diff --git a/web/webfiles/img/Cross.png b/web/webfiles/img/Cross.png deleted file mode 100644 index b96b6d2..0000000 Binary files a/web/webfiles/img/Cross.png and /dev/null differ diff --git a/web/webfiles/img/Tick.png b/web/webfiles/img/Tick.png deleted file mode 100644 index d5f75ba..0000000 Binary files a/web/webfiles/img/Tick.png and /dev/null differ diff --git a/web/webfiles/img/Unknown.png b/web/webfiles/img/Unknown.png deleted file mode 100644 index c67c7a6..0000000 Binary files a/web/webfiles/img/Unknown.png and /dev/null differ diff --git a/web/webfiles/img/gnu-fdl.png b/web/webfiles/img/gnu-fdl.png deleted file mode 100644 index 1371aba..0000000 Binary files a/web/webfiles/img/gnu-fdl.png and /dev/null differ diff --git a/web/webfiles/img/hydra_pass.jpg b/web/webfiles/img/hydra_pass.jpg deleted file mode 100644 index 96ea477..0000000 Binary files a/web/webfiles/img/hydra_pass.jpg and /dev/null differ diff --git a/web/webfiles/img/hydra_start.jpg b/web/webfiles/img/hydra_start.jpg deleted file mode 100644 index e618735..0000000 Binary files a/web/webfiles/img/hydra_start.jpg and /dev/null differ diff --git a/web/webfiles/img/hydra_target.jpg b/web/webfiles/img/hydra_target.jpg deleted file mode 100644 index 72c4bb3..0000000 Binary files a/web/webfiles/img/hydra_target.jpg and /dev/null differ diff --git a/web/webfiles/img/xhydra.png b/web/webfiles/img/xhydra.png deleted file mode 100644 index e52eaf3..0000000 Binary files a/web/webfiles/img/xhydra.png and /dev/null differ diff --git a/web/xhydra.png b/web/xhydra.png deleted file mode 100644 index e52eaf3..0000000 Binary files a/web/xhydra.png and /dev/null differ