Commit 125a13a9 authored by Devon Kearns's avatar Devon Kearns

Imported Upstream version 7.5

parent 2ee15f24
Changelog for hydra
-------------------
Release 7.5
* Moved the license from GPLv3 to AGPLv3 (see LICENSE file)
* Added module for Asterisk Call Manager
* Added support for Android where some functions are not available
* hydra main:
- reduced the screen output if run without -h, full screen with -h
- fix for ipv6 and port parsing with service://[ipv6address]:port/OPTIONS
- fixed -o output (thanks to www417)
- warning if HYDRA_PROXY is defined but the module does not use it
- fixed an issue with large input files and long entries
* hydra library:
- SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
- removed support for old OPENSSL libraries
* HTTP Form module:
- login and password values are now encoded if special characters are present
- ^USER^ and ^PASS^ are now also supported in H= header values
- if you the colon as a value in your option string, you can now escape it with \: - but do not encode a \ with \\
* Mysql module: protocol 10 is now supported
* SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be
defined as an option "TLS" if required. This increases performance.
* Cisco module: fixed a small bug (thanks to Vitaly McLain)
* Postgres module: libraries on Cygwin are buggy at the moment, module is therefore
disabled on Cygwin
Release 7.4.x FIX RELEASES for bugs introduced in 7.4
* Quickfix for people who do not have libssh installed (won't compile otherwise)
* Quickfix for http-get/http-head and irc module which would not run due a new feature.
......
This diff is collapsed.
#
# Makefile for Hydra - (c) 2001-2012 by van Hauser / THC <vh@thc.org>
# Makefile for Hydra - (c) 2001-2013 by van Hauser / THC <vh@thc.org>
#
OPTS=-I. -O3
# -Wall -g -pedantic
......@@ -13,7 +13,7 @@ SRC = hydra-vnc.c hydra-pcnfs.c hydra-rexec.c hydra-nntp.c hydra-socks5.c \
hydra-snmp.c hydra-cvs.c hydra-smtp.c hydra-smtp-enum.c hydra-sapr3.c hydra-ssh.c \
hydra-sshkey.c hydra-teamspeak.c hydra-postgres.c hydra-rsh.c hydra-rlogin.c \
hydra-oracle-listener.c hydra-svn.c hydra-pcanywhere.c hydra-sip.c \
hydra-oracle.c hydra-vmauthd.c hydra-firebird.c hydra-afp.c hydra-ncp.c \
hydra-oracle.c hydra-vmauthd.c hydra-asterisk.c hydra-firebird.c hydra-afp.c hydra-ncp.c \
hydra-oracle-sid.c hydra-http-proxy.c hydra-http-form.c hydra-irc.c \
hydra-rdp.c crc32.c d3des.c bfg.c ntlm.c sasl.c hmacmd5.c hydra-mod.c
OBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \
......@@ -23,7 +23,7 @@ OBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \
hydra-snmp.o hydra-cvs.o hydra-smtp.o hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o \
hydra-sshkey.o hydra-teamspeak.o hydra-postgres.o hydra-rsh.o hydra-rlogin.o \
hydra-oracle-listener.o hydra-svn.o hydra-pcanywhere.o hydra-sip.o \
hydra-oracle-sid.o hydra-oracle.o hydra-vmauthd.o hydra-firebird.o hydra-afp.o hydra-ncp.o \
hydra-oracle-sid.o hydra-oracle.o hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o hydra-ncp.o \
hydra-http-proxy.o hydra-http-form.o hydra-irc.o \
hydra-rdp.o crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o
BINS = hydra pw-inspector
......
H Y D R A
(c) 2001-2012 by van Hauser / THC
(c) 2001-2013 by van Hauser / THC
<vh@thc.org> http://www.thc.org
co-maintained by David (dot) Maciejak @ gmail (dot) com
BFG code by Jan Dlabal <dlabaljan@gmail.com>
Licensed under GPLv3 (see LICENSE file)
Licensed under AGPLv3 (see LICENSE file)
......@@ -29,8 +29,8 @@ and OSX.
Currently this tool supports:
AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET,
HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET,
Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP,
HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET,
HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP,
MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere,
PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP,
......
......@@ -136,11 +136,12 @@ if [ "X" = "X$SSL_IPATH" ]; then
SSL_PATH=""
CRYPTO_PATH=""
fi
if [ -n "$SSL_PATH" ]; then
if [ -n "$SSL_PATH" -a "X" = "X$SSLNEW" ]; then
echo " ... found but OLD"
echo "NOTE: your OpenSSL package is outdated, update it!"
fi
if [ -n "$SSL_PATH" -a '!' "X" = "X$SSLNEW" ]; then
echo " ... found"
if [ "X" = "X$SSLNEW" ]; then
echo "NOTE: your OpenSSL package is outdated, update for more hydra feature!"
fi
fi
if [ "X" = "X$SSL_PATH" ]; then
echo " ... NOT found, SSL support disabled"
......@@ -263,7 +264,12 @@ if [ "X" = "X$PCRE_PATH" -o "X" = "X$PCRE_IPATH" ]; then
fi
echo "Checking for Postgres (libpq.so, libpq-fe.h) ..."
for i in $LIBDIRS ; do
if [ "$SYSO" = "Cygwin" ]; then
echo " ... DISABLED - postgres is buggy in Cygwin at the moment"
POSTGRES_PATH=""
POSTGRES_IPATH=""
else
for i in $LIBDIRS ; do
if [ "X" = "X$POSTGRES_PATH" ]; then
if [ -f "$i/libpq.so" -o -f "$i/libpq.dylib" -o -f "$i/libpq.a" ]; then
POSTGRES_PATH="$i"
......@@ -281,11 +287,11 @@ for i in $LIBDIRS ; do
POSTGRES_PATH="$i"
fi
fi
done
POSTGRES_IPATH=
for i in $INCDIRS \
/opt/p*sql*/include /usr/*p*sql*/include /usr/local/*psql*/include
do
done
POSTGRES_IPATH=
for i in $INCDIRS \
/opt/p*sql*/include /usr/*p*sql*/include /usr/local/*psql*/include
do
if [ "X" = "X$POSTGRES_IPATH" ]; then
if [ -f "$i/libpq-fe.h" ]; then
POSTGRES_IPATH="$i"
......@@ -297,15 +303,16 @@ do
POSTGRES_IPATH="$i/postgresql"
fi
fi
done
done
if [ -n "$POSTGRES_PATH" -a -n "$POSTGRES_IPATH" ]; then
if [ -n "$POSTGRES_PATH" -a -n "$POSTGRES_IPATH" ]; then
echo " ... found"
fi
if [ "X" = "X$POSTGRES_PATH" -o "X" = "X$POSTGRES_IPATH" ]; then
fi
if [ "X" = "X$POSTGRES_PATH" -o "X" = "X$POSTGRES_IPATH" ]; then
echo " ... NOT found, module postgres disabled"
POSTGRES_PATH=""
POSTGRES_IPATH=""
fi
fi
echo "Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) ..."
......@@ -794,6 +801,28 @@ if [ "$SYSS" = "SunOS" ]; then
echo
fi
echo "Checking for Android specialities ..."
TMPC=comptest$$
RINDEX=" not"
echo '#include <stdio.h>' > $TMPC.c
echo '#include <strings.h>' >> $TMPC.c
echo "int main() { char *x = rindex(\"test\", 'e'); if (x == NULL) return 0; else return 1; }" >> $TMPC.c
gcc -o $TMPC $TMPC.c > /dev/null 2>&1
test -x $TMPC && RINDEX=""
rm -f $TMPC $TMPC.c
echo " ... rindex()$RINDEX found"
if [ -n "$CRYPTO_PATH" ]; then
RSA=" not"
echo '#include <stdio.h>' > $TMPC.c
echo '#include <openssl/rsa.h>' >> $TMPC.c
echo "int main() { RSA *rsa = RSA_generate_key(1024, RSA_F4, NULL, NULL); if (rsa == NULL) return 0; else return 1; }" >> $TMPC.c
#echo "int main() { RSA *rsa; RSA_generate_key_ex(rsa, 1024, 0, NULL); if (rsa == NULL) return 0; else return 1; }" >> $TMPC.c
gcc -o $TMPC $TMPC.c -lssl -lcrypto > /dev/null 2>&1
test -x $TMPC && RSA=""
rm -f $TMPC $TMPC.c
echo " ... RSA_generate_key()$RSA found"
fi
echo
XDEFINES=""
XLIBS=""
......@@ -804,9 +833,8 @@ if [ -n "$FIREBIRD_PATH" -o -n "$PCRE_PATH" -o -n "$IDN_PATH" -o -n "$SSL_PATH"
XLIBPATHS="-L/usr/lib -L/usr/local/lib -L/lib"
fi
if [ -n "$SSL_PATH" ]; then
XDEFINES="$XDEFINES -DLIBOPENSSL"
if [ -n "$SSLNEW" ]; then
XDEFINES="$XDEFINES -DLIBOPENSSLNEW"
XDEFINES="$XDEFINES -DLIBOPENSSL"
fi
fi
if [ -n "$CURSES_PATH" ]; then
......@@ -845,6 +873,12 @@ fi
if [ -n "$SSH_PATH" ]; then
XDEFINES="$XDEFINES -DLIBSSH"
fi
if [ -n "$RINDEX" ]; then
XDEFINES="$XDEFINES -DNO_RINDEX"
fi
if [ -n "$RSA" ]; then
XDEFINES="$XDEFINES -DNO_RSA_LEGACY"
fi
OLDPATH=""
for i in $SSL_PATH $CRYPTO_PATH $SSH_PATH $NSL_PATH $SOCKET_PATH $RESOLV_PATH $SAPR3_PATH $POSTGRES_PATH $SVN_PATH $NCP_PATH $CURSES_PATH $ORACLE_PATH $AFP_PATH $MYSQL_PATH; do
if [ "$OLDPATH" = "$i" ]; then
......
......@@ -22,7 +22,7 @@
/* taken direct from rfc2104 implementation and modified for suitable use
* for ntlmv2.
*/
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
#include <string.h>
#include "hmacmd5.h"
......
//This plugin was written by david@
//
//This plugin is written for Asterisk Call Manager
//which is running by default on TCP/5038
//
#include "hydra-mod.h"
extern char *HYDRA_EXIT;
char *buf;
int start_asterisk(int s, char *ip, int port, unsigned char options, char *miscptr, FILE * fp) {
char *empty = "\"\"";
char *login, *pass, buffer[1024];
if (strlen(login = hydra_get_next_login()) == 0)
login = empty;
if (strlen(pass = hydra_get_next_password()) == 0)
pass = empty;
while (hydra_data_ready(s) > 0) {
if ((buf = hydra_receive_line(s)) == NULL)
return (1);
free(buf);
}
memset(buffer, 0, sizeof(buffer));
sprintf(buffer, "Action: Login\r\nUsername: %.250s\r\nSecret: %.250s\r\n\r\n", login, pass);
if (verbose || debug)
hydra_report(stderr, "[VERBOSE] C: %s\n", buffer);
if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
return 1;
}
if ((buf = hydra_receive_line(s)) == NULL)
return 1;
if (verbose || debug)
hydra_report(stderr, "[VERBOSE] S: %s\n", buf);
if (buf == NULL || (strstr(buf, "Response: ") == NULL)) {
hydra_report(stderr, "[ERROR] Asterisk Call Manager protocol error or service shutdown: %s\n", buf);
free(buf);
return 4;
}
if (strstr(buf, "Response: Success") != NULL) {
hydra_report_found_host(port, ip, "asterisk", fp);
hydra_completed_pair_found();
free(buf);
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return 3;
return 1;
}
free(buf);
hydra_completed_pair();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return 3;
return 2;
}
void service_asterisk(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
int run = 1, next_run = 1, sock = -1;
int myport = PORT_ASTERISK, mysslport = PORT_ASTERISK_SSL;
hydra_register_socket(sp);
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return;
while (1) {
switch (run) {
case 1: /* connect and service init function */
if (sock >= 0)
sock = hydra_disconnect(sock);
// usleep(300000);
if ((options & OPTION_SSL) == 0) {
if (port != 0)
myport = port;
sock = hydra_connect_tcp(ip, myport);
port = myport;
} else {
if (port != 0)
mysslport = port;
sock = hydra_connect_ssl(ip, mysslport);
port = myport;
}
if (sock < 0) {
if (verbose || debug)
hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
hydra_child_exit(1);
}
buf = hydra_receive_line(sock);
//fprintf(stderr, "%s\n",buf);
//banner should look like:
//Asterisk Call Manager/1.1
if (buf == NULL || strstr(buf, "Asterisk Call Manager/") == NULL) {
/* check the first line */
if (verbose || debug) hydra_report(stderr, "[ERROR] Not an Asterisk Call Manager protocol or service shutdown: %s\n", buf);
hydra_child_exit(2);
}
free(buf);
next_run = 2;
break;
case 2: /* run the cracking function */
next_run = start_asterisk(sock, ip, port, options, miscptr, fp);
break;
case 3: /* clean exit */
if (sock >= 0)
sock = hydra_disconnect(sock);
hydra_child_exit(0);
default:
hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
hydra_child_exit(2);
}
run = next_run;
}
}
int service_asterisk_init(char *ip, int sp, unsigned char options, char *miscptr, FILE *fp, int port) {
// called before the childrens are forked off, so this is the function
// which should be filled if initial connections and service setup has to be
// performed once only.
//
// fill if needed.
//
// return codes:
// 0 all OK
// -1 error, hydra will exit, so print a good error message here
return 0;
}
......@@ -23,7 +23,14 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
return 1;
}
buf = hydra_receive_line(s);
sleep(1);
do {
buf = hydra_receive_line(s);
if (buf[strlen(buf) - 1] == '\n')
buf[strlen(buf) - 1] = 0;
if (buf[strlen(buf) - 1] == '\r')
buf[strlen(buf) - 1] = 0;
} while (strlen(buf) <= 1);
if (strstr(buf, "assw") != NULL) {
hydra_completed_pair();
free(buf);
......@@ -41,7 +48,13 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
return 1;
}
buf = hydra_receive_line(s);
do {
buf = hydra_receive_line(s);
if (buf[strlen(buf) - 1] == '\n')
buf[strlen(buf) - 1] = 0;
if (buf[strlen(buf) - 1] == '\r')
buf[strlen(buf) - 1] = 0;
} while (strlen(buf) <= 1);
if (buf != NULL && strstr(buf, "assw") != NULL) {
hydra_completed_pair();
free(buf);
......@@ -59,12 +72,18 @@ int start_cisco(int s, char *ip, int port, unsigned char options, char *miscptr,
if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
return 1;
}
buf = hydra_receive_line(s);
do {
buf = hydra_receive_line(s);
if (buf[strlen(buf) - 1] == '\n')
buf[strlen(buf) - 1] = 0;
if (buf[strlen(buf) - 1] == '\r')
buf[strlen(buf) - 1] = 0;
} while (strlen(buf) <= 1);
}
}
if (buf != NULL && (strstr(buf, "assw") != NULL || strstr(buf, "ad ") != NULL || strstr(buf, "attempt") != NULL || strstr(buf, "fail") != NULL)) {
if (buf != NULL && (strstr(buf, "assw") != NULL || strstr(buf, "ad ") != NULL || strstr(buf, "attempt") != NULL || strstr(buf, "ailur") != NULL)) {
free(buf);
hydra_completed_pair();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
......
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
......@@ -218,6 +218,7 @@ GtkWidget *create_wndMain(void) {
gtk_widget_show(cmbProtocol);
gtk_table_attach(GTK_TABLE(table8), cmbProtocol, 1, 2, 4, 5, (GtkAttachOptions) (GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions) (GTK_EXPAND), 0, 0);
cmbProtocol_items = g_list_append(cmbProtocol_items, (gpointer) "afp");
cmbProtocol_items = g_list_append(cmbProtocol_items, (gpointer) "asterisk");
cmbProtocol_items = g_list_append(cmbProtocol_items, (gpointer) "cisco");
cmbProtocol_items = g_list_append(cmbProtocol_items, (gpointer) "cisco-enable");
cmbProtocol_items = g_list_append(cmbProtocol_items, (gpointer) "cvs");
......
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
This diff is collapsed.
......@@ -156,7 +156,7 @@ int start_http_proxy_urlenum(int s, char *ip, int port, unsigned char options, c
if (buf == NULL)
return 1;
} else {
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
if (hydra_strcasestr(buf, "Proxy-Authenticate: Digest") != NULL) {
char *pbuffer;
......
......@@ -140,7 +140,7 @@ int start_http_proxy(int s, char *ip, int port, unsigned char options, char *mis
if (buf == NULL)
return 1;
} else {
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
if (hydra_strcasestr(buf, "Proxy-Authenticate: Digest") != NULL) {
char *pbuffer;
......
......@@ -40,7 +40,7 @@ int start_http(int s, char *ip, int port, unsigned char options, char *miscptr,
hydra_report(stderr, "C:%s\n", buffer);
break;
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
case AUTH_DIGESTMD5:{
char *pbuffer;
......@@ -50,7 +50,7 @@ int start_http(int s, char *ip, int port, unsigned char options, char *miscptr,
sasl_digest_md5(buffer2, login, pass, buffer, miscptr, type, webtarget, webport, header);
if (buffer2 == NULL) {
return 4;
return 3;
}
if (debug)
......@@ -171,7 +171,7 @@ int start_http(int s, char *ip, int port, unsigned char options, char *miscptr,
http_auth_mechanism = AUTH_NTLM;
find_auth = 1;
}
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
if (hydra_strcasestr(buf, "WWW-Authenticate: Digest") != NULL) {
http_auth_mechanism = AUTH_DIGESTMD5;
find_auth = 1;
......
......@@ -107,7 +107,7 @@ int start_imap(int s, char *ip, int port, unsigned char options, char *miscptr,
sprintf(buffer, "%.250s\r\n", buffer);
break;
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
case AUTH_CRAMMD5:
case AUTH_CRAMSHA1:
case AUTH_CRAMSHA256:{
......@@ -344,7 +344,7 @@ int start_imap(int s, char *ip, int port, unsigned char options, char *miscptr,
void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
int run = 1, next_run = 1, sock = -1;
int myport = PORT_IMAP, mysslport = PORT_IMAP_SSL, disable_tls = 0;
int myport = PORT_IMAP, mysslport = PORT_IMAP_SSL, disable_tls = 1;
char *buffer1 = "1 CAPABILITY\r\n";
hydra_register_socket(sp);
......@@ -390,7 +390,19 @@ void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE *
if (buf == NULL) {
hydra_child_exit(2);
}
#ifdef LIBOPENSSLNEW
if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
int i;
for (i = 0; i < strlen(miscptr); i++)
miscptr[i] = (char) toupper((int) miscptr[i]);
if (strstr(miscptr, "TLS") || strstr(miscptr, "SSL")) {
disable_tls = 0;
}
}
#ifdef LIBOPENSSL
if (!disable_tls) {
/* check for STARTTLS, if available we may have access to more basic auth methods */
if (strstr(buf, "STARTTLS") != NULL) {
......@@ -420,7 +432,8 @@ void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE *
if (buf == NULL)
hydra_child_exit(2);
}
}
} else
hydra_report(stderr, "[ERROR] option to use TLS/SSL failed as it is not supported by the server\n");
}
#endif
......@@ -432,7 +445,7 @@ void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE *
if ((strstr(buf, "=LOGIN") == NULL) && (strstr(buf, "=NTLM") != NULL)) {
imap_auth_mechanism = AUTH_NTLM;
}
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
if ((strstr(buf, "=LOGIN") == NULL) && (strstr(buf, "=SCRAM-SHA-1") != NULL)) {
imap_auth_mechanism = AUTH_SCRAMSHA1;
}
......@@ -463,38 +476,34 @@ void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE *
free(buf);
if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
int i;
for (i = 0; i < strlen(miscptr); i++)
miscptr[i] = (char) toupper((int) miscptr[i]);
if (strncmp(miscptr, "CLEAR", 5) == 0)
if (strstr(miscptr, "CLEAR"))
imap_auth_mechanism = AUTH_CLEAR;
if (strncmp(miscptr, "LOGIN", 5) == 0)
if (strstr(miscptr, "LOGIN"))
imap_auth_mechanism = AUTH_LOGIN;
if (strncmp(miscptr, "PLAIN", 5) == 0)
if (strstr(miscptr, "PLAIN"))
imap_auth_mechanism = AUTH_PLAIN;
#ifdef LIBOPENSSLNEW
if (strncmp(miscptr, "CRAM-MD5", 8) == 0)
#ifdef LIBOPENSSL
if (strstr(miscptr, "CRAM-MD5"))
imap_auth_mechanism = AUTH_CRAMMD5;
if (strncmp(miscptr, "CRAM-SHA1", 9) == 0)
if (strstr(miscptr, "CRAM-SHA1"))
imap_auth_mechanism = AUTH_CRAMSHA1;
if (strncmp(miscptr, "CRAM-SHA256", 11) == 0)
if (strstr(miscptr, "CRAM-SHA256"))
imap_auth_mechanism = AUTH_CRAMSHA256;
if (strncmp(miscptr, "DIGEST-MD5", 10) == 0)
if (strstr(miscptr, "DIGEST-MD5"))
imap_auth_mechanism = AUTH_DIGESTMD5;
if (strncmp(miscptr, "SCRAM-SHA1", 10) == 0)
if (strstr(miscptr, "SCRAM-SHA1"))
imap_auth_mechanism = AUTH_SCRAMSHA1;
#endif
if (strncmp(miscptr, "NTLM", 4) == 0)
if (strstr(miscptr, "NTLM"))
imap_auth_mechanism = AUTH_NTLM;
}
......@@ -509,7 +518,7 @@ void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE *
case AUTH_PLAIN:
hydra_report(stderr, "[VERBOSE] using IMAP PLAIN AUTH mechanism\n");
break;
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
case AUTH_CRAMMD5:
hydra_report(stderr, "[VERBOSE] using IMAP CRAM-MD5 AUTH mechanism\n");
break;
......
......@@ -7,8 +7,6 @@ unsigned char *buf;
int counter;
int tls_required = 0;
char *strrep(char *string, char *oldpiece, char *newpiece);
int start_ldap(int s, char *ip, int port, unsigned char options, char *miscptr, FILE * fp, char version, int auth_method) {
char *empty = "";
char *login = "", *pass;
......@@ -37,7 +35,7 @@ int start_ldap(int s, char *ip, int port, unsigned char options, char *miscptr,
case AUTH_CLEAR:
length = 14 + strlen(login) + strlen(pass);
break;
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
case AUTH_CRAMMD5:
length = 14 + strlen(miscptr) + strlen("CRAM-MD5") + 2;
break;
......@@ -113,7 +111,7 @@ int start_ldap(int s, char *ip, int port, unsigned char options, char *miscptr,
free(buf);
return 3;
}
#ifdef LIBOPENSSLNEW
#ifdef LIBOPENSSL
/* one more step auth for CRAM and DIGEST */
if (ldap_auth_mechanism == AUTH_CRAMMD5) {
......@@ -127,7 +125,7 @@ int start_ldap(int s, char *ip, int port, unsigned char options, char *miscptr,
return 1;
counter++;
if (strstr(miscptr, "^USER^") != NULL) {
miscptr = strrep(miscptr, "^USER^", login);
miscptr = hydra_strrep(miscptr, "^USER^", login);
}
length = 12 + strlen(miscptr) + 4 + strlen("CRAM-MD5") + 2 + strlen(login) + 1 + strlen(buf2);
......@@ -175,7 +173,7 @@ int start_ldap(int s, char *ip, int port, unsigned char options, char *miscptr,
counter++;
if (strstr(miscptr, "^USER^") != NULL) {
miscptr = strrep(miscptr, "^USER^", login);
miscptr = hydra_strrep(miscptr, "^USER^", login);
}
sasl_digest_md5(buffer2, login, pass, ptr, miscptr, "ldap", NULL, 0, NULL);
......
......@@ -290,7 +290,7 @@ int internal__hydra_connect(char *host, int port, int protocol, int type) {
hydra_report(stderr, "[ERROR] SOCKS5 proxy read failed (%zu/2)\n", cnt);
err = 1;
}
if (buf[1] == SOCKS_NOMETHOD) {
if ((unsigned int) buf[1] == SOCKS_NOMETHOD) {
hydra_report(stderr, "[ERROR] SOCKS5 proxy authentication method negotiation failed\n");
err = 1;
}
......@@ -425,8 +425,16 @@ int internal__hydra_connect(char *host, int port, int protocol, int type) {
#ifdef LIBOPENSSL
RSA *ssl_temp_rsa_cb(SSL * ssl, int export, int keylength) {
if (rsa == NULL)
if (rsa == NULL) {
#ifdef NO_RSA_LEGACY
RSA *private = RSA_new();
BIGNUM *f4 = BN_new();
BN_set_word(f4, RSA_F4);
RSA_generate_key_ex(rsa,1024, f4, NULL);
#else
rsa = RSA_generate_key(1024, RSA_F4, NULL, NULL);
#endif
}
return rsa;
}
......@@ -452,6 +460,8 @@ int internal__hydra_connect_to_ssl(int socket) {
}
/* set the compatbility mode */
SSL_CTX_set_options(sslContext, SSL_OP_ALL);
SSL_CTX_set_options(sslContext, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(sslContext, SSL_OP_NO_TLSv1);
/* we set the default verifiers and dont care for the results */
(void) SSL_CTX_set_default_verify_paths(sslContext);
......@@ -810,7 +820,7 @@ int hydra_recv(int socket, char *buf, int length) {
}
int hydra_recv_nb(int socket, char *buf, int length) {
int ret;
int ret = -1;
char text[64];
if (hydra_data_ready_timed(socket, (long) waittime, 0) > 0) {
......@@ -932,6 +942,47 @@ int make_to_lower(char *buf) {
return 1;
}
char *hydra_strrep(char *string, char *oldpiece, char *newpiece) {
int str_index, newstr_index, oldpiece_index, end, new_len, old_len, cpy_len;
char *c, oldstring[1024];
static char newstring[1024];
if (string == NULL || oldpiece == NULL || newpiece == NULL || strlen(string) >= sizeof(oldstring) - 1 || (strlen(string) + strlen(newpiece) - strlen(oldpiece) >= sizeof(newstring) - 1 && strlen(string) > strlen(oldpiece) ))
return NULL;
strcpy(newstring, string);
strcpy(oldstring, string);
// while ((c = (char *) strstr(oldstring, oldpiece)) != NULL) {
c = (char *) strstr(oldstring, oldpiece);
new_len = strlen(newpiece);
old_len = strlen(oldpiece);
end = strlen(oldstring) - old_len;
oldpiece_index = c - oldstring;
newstr_index = 0;
str_index = 0;
while (c != NULL && str_index <= end) {