mirror of
https://github.com/vanhauser-thc/thc-hydra.git
synced 2025-08-20 05:13:51 -07:00
bugfix for endless cookies
This commit is contained in:
van Hauser
parent
570e56b115
commit
d4af858c7d
1 changed files with 23 additions and 19 deletions
|
|
@ -52,9 +52,10 @@ Added fail or success condition, getting cookies, and allow 5 redirections by da
|
||||||
#include "hydra-mod.h"
|
#include "hydra-mod.h"
|
||||||
|
|
||||||
/* HTTP Header Types */
|
/* HTTP Header Types */
|
||||||
#define HEADER_TYPE_USERHEADER 'h'
|
#define HEADER_TYPE_USERHEADER 'h'
|
||||||
#define HEADER_TYPE_USERHEADER_REPL 'H'
|
#define HEADER_TYPE_USERHEADER_REPL 'H'
|
||||||
#define HEADER_TYPE_DEFAULT 'D'
|
#define HEADER_TYPE_DEFAULT 'D'
|
||||||
|
#define HEADER_TYPE_DEFAULT_REPL 'd'
|
||||||
|
|
||||||
extern char *HYDRA_EXIT;
|
extern char *HYDRA_EXIT;
|
||||||
char *buf;
|
char *buf;
|
||||||
|
|
@ -129,7 +130,9 @@ int add_header(ptr_header_node * ptr_head, char *header, char *value, char type)
|
||||||
if (new_header && new_value) {
|
if (new_header && new_value) {
|
||||||
if ((type == HEADER_TYPE_USERHEADER) ||
|
if ((type == HEADER_TYPE_USERHEADER) ||
|
||||||
(type == HEADER_TYPE_DEFAULT && !header_exists(ptr_head, new_header, HEADER_TYPE_USERHEADER_REPL)) ||
|
(type == HEADER_TYPE_DEFAULT && !header_exists(ptr_head, new_header, HEADER_TYPE_USERHEADER_REPL)) ||
|
||||||
(type == HEADER_TYPE_USERHEADER_REPL && !header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT))) {
|
(type == HEADER_TYPE_USERHEADER_REPL && !header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT)) ||
|
||||||
|
(type == HEADER_TYPE_DEFAULT_REPL && !header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT))
|
||||||
|
) {
|
||||||
/*
|
/*
|
||||||
* We are in one of the following scenarios:
|
* We are in one of the following scenarios:
|
||||||
* 1. A default header with no user-supplied headers that replace it.
|
* 1. A default header with no user-supplied headers that replace it.
|
||||||
|
|
@ -153,7 +156,7 @@ int add_header(ptr_header_node * ptr_head, char *header, char *value, char type)
|
||||||
// head is NULL, so the list is empty
|
// head is NULL, so the list is empty
|
||||||
*ptr_head = new_ptr;
|
*ptr_head = new_ptr;
|
||||||
}
|
}
|
||||||
} else if (type == HEADER_TYPE_USERHEADER_REPL && (existing_hdr = header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT))) {
|
} else if ((type == HEADER_TYPE_DEFAULT_REPL || type == HEADER_TYPE_USERHEADER_REPL) && (existing_hdr = header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT)) != NULL) {
|
||||||
// It's a user-supplied header that must replace a default one
|
// It's a user-supplied header that must replace a default one
|
||||||
// Replace the default header's value with this new value
|
// Replace the default header's value with this new value
|
||||||
free(existing_hdr->value);
|
free(existing_hdr->value);
|
||||||
|
|
@ -207,10 +210,10 @@ void hdrrepv(ptr_header_node * ptr_head, char *hdrname, char *new_value) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void cleanup(ptr_header_node * ptr_head) {
|
void cleanup(ptr_header_node *ptr_head) {
|
||||||
ptr_header_node cur_ptr = *ptr_head, next_ptr = cur_ptr;
|
ptr_header_node cur_ptr = *ptr_head, next_ptr = cur_ptr;
|
||||||
|
|
||||||
while (next_ptr) {
|
while (next_ptr != NULL) {
|
||||||
free(cur_ptr->header);
|
free(cur_ptr->header);
|
||||||
free(cur_ptr->value);
|
free(cur_ptr->value);
|
||||||
next_ptr = cur_ptr->next;
|
next_ptr = cur_ptr->next;
|
||||||
|
|
@ -472,7 +475,7 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
|
||||||
return 1;
|
return 1;
|
||||||
i = analyze_server_response(s); // ignore result
|
i = analyze_server_response(s); // ignore result
|
||||||
if (strlen(cookie) > 0)
|
if (strlen(cookie) > 0)
|
||||||
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT);
|
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT_REPL);
|
||||||
hydra_reconnect(s, ip, port, options);
|
hydra_reconnect(s, ip, port, options);
|
||||||
}
|
}
|
||||||
// now prepare for the "real" request
|
// now prepare for the "real" request
|
||||||
|
|
@ -508,7 +511,7 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
|
||||||
return 1;
|
return 1;
|
||||||
i = analyze_server_response(s); // ignore result
|
i = analyze_server_response(s); // ignore result
|
||||||
if (strlen(cookie) > 0)
|
if (strlen(cookie) > 0)
|
||||||
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT);
|
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT_REPL);
|
||||||
hydra_reconnect(s, ip, port, options);
|
hydra_reconnect(s, ip, port, options);
|
||||||
}
|
}
|
||||||
// now prepare for the "real" request
|
// now prepare for the "real" request
|
||||||
|
|
@ -540,8 +543,8 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
|
||||||
if (hydra_send(s, http_request, strlen(http_request), 0) < 0)
|
if (hydra_send(s, http_request, strlen(http_request), 0) < 0)
|
||||||
return 1;
|
return 1;
|
||||||
i = analyze_server_response(s); // ignore result
|
i = analyze_server_response(s); // ignore result
|
||||||
if (strlen(cookie) > 0 && !header_exists(&ptr_head, "Cookie", HEADER_TYPE_DEFAULT)) {
|
if (strlen(cookie) > 0) {
|
||||||
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT);
|
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT_REPL);
|
||||||
normal_request = stringify_headers(&ptr_head);
|
normal_request = stringify_headers(&ptr_head);
|
||||||
}
|
}
|
||||||
hydra_reconnect(s, ip, port, options);
|
hydra_reconnect(s, ip, port, options);
|
||||||
|
|
@ -579,8 +582,8 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
|
||||||
return 4;
|
return 4;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strlen(cookie) > 0 && !header_exists(&ptr_head, "Cookie", HEADER_TYPE_DEFAULT))
|
if (strlen(cookie) > 0)
|
||||||
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT);
|
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT_REPL);
|
||||||
|
|
||||||
//if page was redirected, follow the location header
|
//if page was redirected, follow the location header
|
||||||
redirected_cpt = MAX_REDIRECT;
|
redirected_cpt = MAX_REDIRECT;
|
||||||
|
|
@ -694,8 +697,8 @@ int start_http_form(int s, char *ip, int port, unsigned char options, char *misc
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
found = analyze_server_response(s);
|
found = analyze_server_response(s);
|
||||||
if (strlen(cookie) > 0 && !header_exists(&ptr_head, "Cookie", HEADER_TYPE_DEFAULT))
|
if (strlen(cookie) > 0)
|
||||||
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT);
|
add_header(&ptr_head, "Cookie", cookie, HEADER_TYPE_DEFAULT_REPL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -843,10 +846,11 @@ ptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {
|
||||||
miscptr = slash; /* to make things easier to user */
|
miscptr = slash; /* to make things easier to user */
|
||||||
} else if ((ptr2 = index(webtarget, '/')) != NULL) {
|
} else if ((ptr2 = index(webtarget, '/')) != NULL) {
|
||||||
if (freemischttpform == 0) {
|
if (freemischttpform == 0) {
|
||||||
freemischttpform = 1;
|
if ((miscptr = malloc(strlen(ptr2) + 1)) != NULL) {
|
||||||
miscptr = malloc(strlen(ptr2) + 1);
|
freemischttpform = 1;
|
||||||
strcpy(miscptr, ptr2);
|
strcpy(miscptr, ptr2);
|
||||||
*ptr2 = 0;
|
*ptr2 = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else
|
} else
|
||||||
webtarget = NULL;
|
webtarget = NULL;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue