fixed http-post

hydra-http-form.c

@@ -1330,7 +1330,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
     success_cond = 0;
   }
   
-  printf("miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond);
+  fprintf(stderr, "miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\n", miscptr, url, variables, ptr, optional1, cond, success_cond);
   
   /*
    * Parse the user-supplied options.

hydra.c

@@ -502,9 +502,8 @@ void help(int32_t ext) {
                     "passwords from FILE\n");
   PRINT_EXTEND(ext,
 #ifdef HAVE_MATH_H
-               "  -x MIN:MAX:CHARSET  password bruteforce generation, type "
+                    "  -x MIN:MAX:CHARSET  password bruteforce generation, type \"-x -h\" to get help\n"
-               "\"-x -h\" to get help\n"
+                    "  -y        disable use of symbols in bruteforce, see above\n"
-               "  -y        disable use of symbols in bruteforce, see above\n"
 #endif
                "  -e nsr    try \"n\" null password, \"s\" login as pass "
                "and/or \"r\" reversed login\n"
@@ -591,6 +590,7 @@ void help_bfg() {
          "others,\n"
          "             just add their real representation.\n"
          "  -y         disable the use of the above letters as placeholders\n\n"
+         "  -r         use 'rain' to explode the linearity of the generation.
          "Examples:\n"
          "   -x 3:5:a  generate passwords from length 3 to 5 with all "
          "lowercase letters\n"
@@ -3178,7 +3178,6 @@ int main(int argc, char *argv[]) {
         printf("[INFO] Using HTTP Proxy: %s\n", getenv("HYDRA_PROXY_HTTP"));
         use_proxy = 1;
       }
-
       if (strstr(hydra_options.miscptr, "\\:") != NULL) {
         fprintf(stderr, "[INFORMATION] escape sequence \\: detected in module "
                         "option, no parameter verification is performed.\n");
@@ -3207,8 +3206,13 @@ int main(int argc, char *argv[]) {
             fprintf(stderr, "[ERROR] Wrong syntax of optional argument: %s\n", optional1);
             exit(-1);
           }
+<<<<<<< HEAD
           switch (optional1[0]) {
           case 'C': // fall through
+=======
+          switch (optional1[0]){
+          case 'C':            // fall through
+>>>>>>> 6dfd77a (fixed http-post)
           case 'c':
             if (optional1[1] != '=' || optional1[2] != '/') {
               fprintf(stderr,
@@ -3344,6 +3348,16 @@ int main(int argc, char *argv[]) {
       hydra_options.max_use = MAXTASKS;
     }
     // script kiddie patch
+    if (hydra_options.server != NULL && (
+        hydra_strcasestr(hydra_options.server, ".outlook.com") != NULL || 
+        hydra_strcasestr(hydra_options.server, ".hotmail.com") != NULL || 
+        hydra_strcasestr(hydra_options.server, ".yahoo.") != NULL || 
+        hydra_strcasestr(hydra_options.server, ".gmx.") != NULL || 
+        hydra_strcasestr(hydra_options.server, ".web.de") != NULL || 
+        hydra_strcasestr(hydra_options.server, ".gmail.") != NULL || 
+        hydra_strcasestr(hydra_options.server, "googlemail.") != NULL
+       )) {
+      fprintf(stderr, "[WARNING] Google Mail and others have bruteforce and hydra detection and sends false positives. You are not doing anything illegal right?!\n");
       fprintf(stderr, "[WARNING] !read the above!\n");
       sleep(5);
     }