Merge pull request vanhauser-thc#1 from vanhauser-thc/master

Updating local to upstream
ezhangle · Feb 6, 2016 · 62be0a4 · 62be0a4
2 parents c7c010e + 533fb17
commit 62be0a4
Show file tree

Hide file tree

Showing 8 changed files with 52 additions and 28 deletions.
diff --git a/CHANGES b/CHANGES
@@ -14,6 +14,8 @@ Release 8.2-pre
 * Fixed a bug where the cisco-enable module was not working with the password-only logon mode
 * Fixed an out of memory bug in http-form
 * Fixed imap PLAIN method
+* Added warning if HYDRA_PROXY_CONNECT environment is detected, that is an outdated setting
+* Added --fhs switch to configure (for Linux distribution usage)
 * ... your patch?
 
 

diff --git a/Makefile.am b/Makefile.am
@@ -1,5 +1,5 @@
 #
-# Makefile for Hydra - (c) 2001-2014 by van Hauser / THC <[email protected]>
+# Makefile for Hydra - (c) 2001-2016 by van Hauser / THC <[email protected]>
 #
 OPTS=-I. -O3
 # -Wall -g -pedantic

diff --git a/configure b/configure
@@ -6,6 +6,7 @@
 if [ "$1" = "-h" -o "$1" = "--help" ]; then
   echo Options:
   echo "  --prefix=path              path to install hydra and its datafiles to"
+  echo "  --fhs                      install according to the File System Hierarchy Standard"
   echo "  --with-oracle=prefix       prefix for oracle include dir"
   echo "  --with-oracle-lib=prefix   prefix for oracle lib dir"
   echo "  --with-ssl=prefix          prefix for SSL headers"
@@ -17,6 +18,7 @@ if [ "$1" = "-h" -o "$1" = "--help" ]; then
   exit 0
 fi
 
+FHS=""
 SIXFOUR=""
 DEBUG=""
 PREFIX=""
@@ -72,6 +74,12 @@ if [ '!' "X" = "X$*" ]; then
 		  NOSTRIP="yes"
 	  fi
     fi
+    if [ "X" = "X$FHS" ]; then
+  	  FHS_TMP=`echo "$1"|sed 's/.*--fhs//'`
+	  if [ -z "$FHS_TMP" ]; then
+		  FHS="yes"
+	  fi
+    fi
     if [ "X" = "X$DEBUG" ]; then
   	  DEBUG_TMP=`echo "$1"|sed 's/.*--debug//'`
 	  if [ -z "$DEBUG_TMP" ]; then
@@ -191,7 +199,7 @@ else
 fi
 
 SSLNEW=""
-if [ "X" = "X$WSSL_PATH" ]; then
+if [ "X" = "X$SSL_PATH" ]; then
       SSL_PATH="$i"
       SSLNEW=`grep SHA256_CTX $i/openssl/sha.h 2> /dev/null`
 else
@@ -1191,9 +1199,16 @@ else
     XHYDRA_SUPPORT="xhydra"
 fi
 
-echo "Hydra will be installed into .../bin of: $PREFIX"
-echo "  (change this by running ./configure --prefix=path)"
-echo
+if [ "X" != "X$FHS" ]; then
+  PREFIX=/usr
+  echo "Hydra will be installed into .../bin of: $PREFIX"
+  echo "  (according to the File System Hierarchy Standard)"
+  echo
+else
+  echo "Hydra will be installed into .../bin of: $PREFIX"
+  echo "  (change this by running ./configure --prefix=path)"
+  echo
+fi
 
 if [ "X" != "X$DEBUG" ]; then
    echo DEBUG: XDEFINES=$XDEFINES $MATH
@@ -1206,6 +1221,10 @@ if [ "X" != "X$DEBUG" ]; then
 fi
 
 echo "Writing Makefile.in ..."
+if [ "X" != "X$FHS" ]; then
+  echo "MANDIR = /share/man/man1" >> Makefile.in
+  echo "DATADIR = /share/hydra" >> Makefile.in
+fi
 echo "XDEFINES=$XDEFINES $MATH" >> Makefile.in
 echo "XLIBS=$XLIBS" >> Makefile.in
 echo "XLIBPATHS=$XLIBPATHS" >> Makefile.in

diff --git a/hydra-http-form.c b/hydra-http-form.c
@@ -432,7 +432,7 @@ char *html_encode(char *string) {
   if (index(ret, '&') != NULL)
     ret = hydra_strrep(ret, "&", "%26");
   if (index(ret, '#') != NULL)
-    ret = hydra_strrep(ret, "&", "%23");
+    ret = hydra_strrep(ret, "#", "%23");
 
   return ret;
 }

diff --git a/hydra-mod.c b/hydra-mod.c
@@ -480,7 +480,7 @@ int internal__hydra_connect_to_ssl(int socket) {
     } else {
 //    if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {
 #ifndef TLSv1_2_client_method
-#define TLSv1_2_client_method TLSv1_client_method
+  #define TLSv1_2_client_method TLSv1_client_method
 #endif
       if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) {
         if (verbose) {
@@ -774,6 +774,7 @@ int hydra_connect_to_ssl(int socket) {
 #ifdef LIBOPENSSL
   return (internal__hydra_connect_to_ssl(socket));
 #else
+  fprintf(stderr, "Error: not compiled with SSL\n");
   return -1;
 #endif
 }
@@ -786,7 +787,8 @@ int hydra_connect_ssl(char *host, int port) {
 #ifdef LIBOPENSSL
   return (internal__hydra_connect_ssl(host, port, SOCK_STREAM, 6));
 #else
-  return (internal__hydra_connect(host, port, SOCK_STREAM, 6));
+  fprintf(stderr, "Error: not compiled with SSL\n");
+  return -1;
 #endif
 }
 

diff --git a/hydra-ssh.c b/hydra-ssh.c
@@ -48,7 +48,7 @@ int start_ssh(int s, char *ip, int port, unsigned char options, char *miscptr, F
     if (ssh_connect(session) != 0) {
       //if the connection was drop, exit and let hydra main handle it
       if (verbose)
-        hydra_report(stderr, "[ERROR] could not connect to target port %d\n", port);
+        hydra_report(stderr, "[ERROR] could not connect to target port %d: %s\n", port, ssh_get_error(session));
       return 3;
     }
 
@@ -175,7 +175,7 @@ int service_ssh_init(char *ip, int sp, unsigned char options, char *miscptr, FIL
   ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
   ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");
   if (ssh_connect(session) != 0) {
-    fprintf(stderr, "[ERROR] could not connect to ssh://%s:%d\n", hydra_address2string(ip), port);
+    fprintf(stderr, "[ERROR] could not connect to ssh://%s:%d - %s\n", hydra_address2string(ip), port, ssh_get_error(session));
     return 2;
   } 
   rc = ssh_userauth_none(session, NULL);

diff --git a/hydra.c b/hydra.c
@@ -1,5 +1,5 @@
 /*
- * hydra (c) 2001-2014 by van Hauser / THC <[email protected]>
+ * hydra (c) 2001-2016 by van Hauser / THC <[email protected]>
  * http://www.thc.org
  *
  * Parallized network login hacker.
@@ -2173,7 +2173,7 @@ int main(int argc, char *argv[]) {
   struct sockaddr_in6 *ipv6 = NULL;
   struct sockaddr_in *ipv4 = NULL;
 
-  printf("%s %s (c) 2014 by %s - Please do not use in military or secret service organizations, or for illegal purposes.\n\n", PROGRAM, VERSION, AUTHOR);
+  printf("%s %s (c) 2016 by %s - Please do not use in military or secret service organizations, or for illegal purposes.\n\n", PROGRAM, VERSION, AUTHOR);
 #ifndef LIBPOSTGRES
   SERVICES = hydra_string_replace(SERVICES, "postgres ", "");
   strcat(unsupported, "postgres ");
@@ -2552,6 +2552,9 @@ int main(int argc, char *argv[]) {
         hydra_options.miscptr = argv[optind + 2];
     }
 
+    if (getenv("HYDRA_PROXY_CONNECT"))
+      fprintf(stderr, "[WARNING] The environment variable HYDRA_PROXY_CONNECT is not used! Use HYDRA_PROXY instead!\n");
+
     if (strcmp(hydra_options.service, "http") == 0 || strcmp(hydra_options.service, "https") == 0) {
       fprintf(stderr, "[ERROR] There is no service \"%s\", most likely you mean one of the many web modules, e.g. http-get or http-form-post. Read it up!\n", hydra_options.service);
       exit(-1);
@@ -2841,8 +2844,7 @@ int main(int argc, char *argv[]) {
         if (hydra_options.colonfile == NULL
             && ((hydra_options.login == NULL && hydra_options.loginfile == NULL) || (hydra_options.pass == NULL && hydra_options.passfile == NULL && hydra_options.bfg == 0))) {
           if (j > 3) {
-            fprintf(stderr,
-                    "[ERROR] you specified SNMPv3, defined hashing/encryption but only gave one of login or password list. Either supply both logins and passwords (this is what is usually used in SNMPv3), or remove the hashing/encryption option (unusual)\n");
+            fprintf(stderr, "[ERROR] you specified SNMPv3, defined hashing/encryption but only gave one of login or password list. Either supply both logins and passwords (this is what is usually used in SNMPv3), or remove the hashing/encryption option (unusual)\n");
             exit(-1);
           }
           fprintf(stderr, "[WARNING] you specified SNMPv3 but gave no logins, NoAuthNoPriv is assumed. This is an unusual case, you should know what you are doing\n");
@@ -3030,7 +3032,7 @@ int main(int argc, char *argv[]) {
             }
             break;
           default:
-            fprintf(stderr, "[ERROR] Unknown optional argument: %s", optional1);
+            fprintf(stderr, "[ERROR] Unknown optional argument: %s\n", optional1);
           }
         }
       }
@@ -3068,8 +3070,7 @@ int main(int argc, char *argv[]) {
     }
 
     if (hydra_options.ssl == 0 && hydra_options.port == 443)
-      fprintf(stderr,
-              "[WARNING] you specified port 443 for attacking a http service, however did not specify the -S ssl switch nor used https-..., therefore using plain HTTP\n");
+      fprintf(stderr, "[WARNING] you specified port 443 for attacking a http service, however did not specify the -S ssl switch nor used https-..., therefore using plain HTTP\n");
 
     if (hydra_options.loop_mode && hydra_options.colonfile != NULL)
       bail("The loop mode option (-u) works with all modes - except colon files (-C)\n");
@@ -3134,13 +3135,13 @@ int main(int argc, char *argv[]) {
     if (hydra_options.colonfile == NULL) {
       if (hydra_options.loginfile != NULL) {
         if ((lfp = fopen(hydra_options.loginfile, "r")) == NULL) {
-          fprintf(stderr, "[ERROR] File for logins not found: %s", hydra_options.loginfile);
+          fprintf(stderr, "[ERROR] File for logins not found: %s\n", hydra_options.loginfile);
           exit(-1);
         }
         hydra_brains.countlogin = countlines(lfp, 0);
         hydra_brains.sizelogin = size_of_data;
         if (hydra_brains.countlogin == 0) {
-          fprintf(stderr, "[ERROR] File for logins is empty: %s", hydra_options.loginfile);
+          fprintf(stderr, "[ERROR] File for logins is empty: %s\n", hydra_options.loginfile);
           exit(-1);
         }
         if (hydra_brains.countlogin > MAX_LINES) {
@@ -3163,13 +3164,13 @@ int main(int argc, char *argv[]) {
       }
       if (hydra_options.passfile != NULL) {
         if ((pfp = fopen(hydra_options.passfile, "r")) == NULL) {
-          fprintf(stderr, "[ERROR] File for passwords not found: %s", hydra_options.passfile);
+          fprintf(stderr, "[ERROR] File for passwords not found: %s\n", hydra_options.passfile);
           exit(-1);
         }
         hydra_brains.countpass = countlines(pfp, 0);
         hydra_brains.sizepass = size_of_data;
         if (hydra_brains.countpass == 0) {
-          fprintf(stderr, "[ERROR] File for passwords is empty: %s", hydra_options.passfile);
+          fprintf(stderr, "[ERROR] File for passwords is empty: %s\n", hydra_options.passfile);
           exit(-1);
         }
         if (hydra_brains.countpass > MAX_LINES) {
@@ -3210,13 +3211,13 @@ int main(int argc, char *argv[]) {
       }
     } else {
       if ((cfp = fopen(hydra_options.colonfile, "r")) == NULL) {
-        fprintf(stderr, "[ERROR] File for colon files (login:pass) not found: %s", hydra_options.colonfile);
+        fprintf(stderr, "[ERROR] File for colon files (login:pass) not found: %s\n", hydra_options.colonfile);
         exit(-1);
       }
       hydra_brains.countlogin = countlines(cfp, 1);
       hydra_brains.sizelogin = size_of_data;
       if (hydra_brains.countlogin == 0) {
-        fprintf(stderr, "[ERROR] File for colon files (login:pass) is empty: %s", hydra_options.colonfile);
+        fprintf(stderr, "[ERROR] File for colon files (login:pass) is empty: %s\n", hydra_options.colonfile);
         exit(-1);
       }
       if (hydra_brains.countlogin > MAX_LINES / 2) {
@@ -3255,12 +3256,12 @@ int main(int argc, char *argv[]) {
 
     if (hydra_options.infile_ptr != NULL) {
       if ((ifp = fopen(hydra_options.infile_ptr, "r")) == NULL) {
-        fprintf(stderr, "[ERROR] File for targets not found: %s", hydra_options.infile_ptr);
+        fprintf(stderr, "[ERROR] File for targets not found: %s\n", hydra_options.infile_ptr);
         exit(-1);
       }
       hydra_brains.targets = countservers = countinfile = countlines(ifp, 0);
       if (countinfile == 0) {
-        fprintf(stderr, "[ERROR] File for targets is empty: %s", hydra_options.infile_ptr);
+        fprintf(stderr, "[ERROR] File for targets is empty: %s\n", hydra_options.infile_ptr);
         exit(-1);
       }
       // if (countinfile > 60) fprintf(stderr, "[WARNING] the -M option is not working correctly at the moment for target lists > 60!\n");

diff --git a/ntlm.c b/ntlm.c
@@ -1172,7 +1172,7 @@ static void dumpRaw(FILE * fp, unsigned char *buf, size_t len) {
 
 static char *unicodeToString(char *p, size_t len) {
   int i;
-  static char buf[1024];
+  static char buf[4096];
 
   assert(len + 1 < sizeof buf);
 
@@ -1186,7 +1186,7 @@ static char *unicodeToString(char *p, size_t len) {
 }
 
 static unsigned char *strToUnicode(char *p) {
-  static unsigned char buf[1024];
+  static unsigned char buf[4096];
   size_t l = strlen(p);
   int i = 0;
 
@@ -1201,7 +1201,7 @@ static unsigned char *strToUnicode(char *p) {
 }
 
 static unsigned char *toString(char *p, size_t len) {
-  static unsigned char buf[1024];
+  static unsigned char buf[4096];
 
   assert(len + 1 < sizeof buf);