github/thc-hydra
1
0
Fork 0
mirror of https://github.com/vanhauser-thc/thc-hydra.git synced 2025-07-06 04:51:40 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

http-form parse option fix

Browse source
This commit is contained in:
van Hauser 2019-11-20 12:13:14 +01:00
parent b8c30ef0b0
commit d0c9d7ca3f
1 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hydra-http-form.c
View file

@ -393,6 +393,9 @@ char *stringify_headers(ptr_header_node *ptr_head) {
int32_t parse_options(char *miscptr, ptr_header_node *ptr_head) { int32_t parse_options(char *miscptr, ptr_header_node *ptr_head) {
char *ptr, *ptr2; char *ptr, *ptr2;
if (miscptr == NULL)
return 1;
/* /*
* Parse the user-supplied options. * Parse the user-supplied options.
* Beware of the backslashes (\)! * Beware of the backslashes (\)!
@ -1238,6 +1241,7 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
} else } else
webtarget = NULL; webtarget = NULL;
} }
if (cmdlinetarget != NULL && webtarget == NULL) if (cmdlinetarget != NULL && webtarget == NULL)
webtarget = cmdlinetarget; webtarget = cmdlinetarget;
else if (webtarget == NULL && cmdlinetarget == NULL) else if (webtarget == NULL && cmdlinetarget == NULL)
@ -1252,16 +1256,19 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
sprintf(bufferurl, "%.6096s", miscptr); sprintf(bufferurl, "%.6096s", miscptr);
url = bufferurl; url = bufferurl;
ptr = url; ptr = url;
while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\'))
ptr++; ptr++;
if (*ptr != 0) if (*ptr != 0)
*ptr++ = 0; *ptr++ = 0;
variables = ptr; variables = ptr;
while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\')) while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\'))
ptr++; ptr++;
if (*ptr != 0) if (*ptr != 0)
*ptr++ = 0; *ptr++ = 0;
if ((ptr2 = rindex(ptr, ':')) != NULL) { if ((ptr2 = rindex(ptr, ':')) != NULL) {
cond = ptr2 + 1; cond = ptr2 + 1;
*ptr2 = 0; *ptr2 = 0;
@ -1273,7 +1280,11 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
if (*ptr != 0) if (*ptr != 0)
*ptr++ = 0; *ptr++ = 0;
*/ */
optional1 = ptr; if (ptr == cond)
optional1 = NULL;
else
optional1 = ptr;
if (strstr(url, "\\:") != NULL) { if (strstr(url, "\\:") != NULL) {
if ((ptr = malloc(strlen(url))) != NULL) { if ((ptr = malloc(strlen(url))) != NULL) {
strcpy(ptr, hydra_strrep(url, "\\:", ":")); strcpy(ptr, hydra_strrep(url, "\\:", ":"));
@ -1292,6 +1303,9 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
cond = ptr; cond = ptr;
} }
} }
//printf("ptr: %s ptr2: %s cond: %s url: %s variables: %s optional1: %s\n", ptr, ptr2, cond, url, variables, optional1 == NULL ? "null" : optional1);
if (url == NULL || variables == NULL || cond == NULL /*|| optional1 == NULL */ ) if (url == NULL || variables == NULL || cond == NULL /*|| optional1 == NULL */ )
hydra_child_exit(2); hydra_child_exit(2);