diff options
Diffstat (limited to 'network/hydra/hydra-libssh-0.2.patch')
| -rw-r--r-- | network/hydra/hydra-libssh-0.2.patch | 213 |
1 files changed, 213 insertions, 0 deletions
diff --git a/network/hydra/hydra-libssh-0.2.patch b/network/hydra/hydra-libssh-0.2.patch new file mode 100644 index 0000000000..b15f6ec135 --- /dev/null +++ b/network/hydra/hydra-libssh-0.2.patch @@ -0,0 +1,213 @@ +Les sous-répertoires hydra-5.4-src/arm et hydra-5.4-src-libssh0.2/arm sont identiques. +diff -u hydra-5.4-src/configure hydra-5.4-src-libssh0.2/configure +--- hydra-5.4-src/configure 2006-01-20 14:44:15.000000000 +0100 ++++ hydra-5.4-src-libssh0.2/configure 2008-10-31 22:32:47.000000000 +0100 +@@ -243,11 +243,11 @@ + + if [ -n "$SSH_PATH" ]; then + echo " ... found" +- echo 'NOTE: ensure that you have libssh v0.11 installed!! Get it from http://0xbadc0de.be !' ++ echo 'NOTE: ensure that you have libssh v0.2 or later installed!! Get it from http://0xbadc0de.be !' + fi + if [ "X" = "X$SSH_PATH" ]; then + echo " ... NOT found, module ssh2 disabled" +- echo 'Get it from http://0xbadc0de.be/ - use v0.11!' ++ echo 'Get it from http://0xbadc0de.be/ - use v0.2 or later' + fi + if [ "$SSH_IPATH" = "/usr/include" ]; then + SSH_IPATH="" +Seulement dans hydra-5.4-src-libssh0.2/: .hydra-ftp.c.swp +Les sous-répertoires hydra-5.4-src/hydra-gtk et hydra-5.4-src-libssh0.2/hydra-gtk sont identiques. +Seulement dans hydra-5.4-src-libssh0.2/: .hydra-mod.c.swp +diff -u hydra-5.4-src/hydra-ssh2.c hydra-5.4-src-libssh0.2/hydra-ssh2.c +--- hydra-5.4-src/hydra-ssh2.c 2007-03-22 15:04:29.000000000 +0100 ++++ hydra-5.4-src-libssh0.2/hydra-ssh2.c 2008-11-01 21:21:08.000000000 +0100 +@@ -7,12 +7,51 @@ + } + #else + +-#warning "If compilation of hydra-ssh2 fails, you are not using v0.11. Download from http://www.0xbadc0de.be/" ++#warning "If compilation of hydra-ssh2 fails, you are not using v0.2 or 0.2.1. Download from http://www.0xbadc0de.be/" + + #include <libssh/libssh.h> + + extern char *HYDRA_EXIT; + ++/* try to authenticate with one password */ ++static int ++try_password(SSH_SESSION *ssh_session, char *password){ ++ int auth_state; ++ int i; ++ /* printf("ssh-trying pass \"%s\"\n",password); */ ++ /* We try keyboard-interactive when it's supported. kbdint is ++ * what openssh tries first when logging somewhere. ++ */ ++ auth_state = ssh_userauth_kbdint(ssh_session, NULL, NULL); ++ if(auth_state == SSH_AUTH_INFO){ ++ i=0; ++ /* we feed 10 password responses at max. Keybint is challenge-response ++ * based so the server could ask unrelated questions ++ */ ++ while(auth_state == SSH_AUTH_INFO && i<10){ ++ ssh_userauth_kbdint_setanswer(ssh_session, i, password); ++ auth_state = ssh_userauth_kbdint(ssh_session, NULL, NULL); ++ i++; ++ } ++ /* Partial authentication is specific to SSH : the password is valid but ++ * an other authentication token is needed (generaly private key) ++ */ ++ if(auth_state == SSH_AUTH_PARTIAL) ++ auth_state = SSH_AUTH_SUCCESS; ++ if(auth_state == SSH_AUTH_INFO) ++ auth_state = SSH_AUTH_ERROR; ++ return auth_state; ++ } ++ if(auth_state == SSH_AUTH_ERROR) ++ return auth_state; ++ /* Keyboard-interactive is not supported so we run through the password ++ * method */ ++ auth_state = ssh_userauth_password(ssh_session, NULL, password); ++ if(auth_state == SSH_AUTH_PARTIAL) ++ auth_state = SSH_AUTH_SUCCESS; ++ return auth_state; ++} ++ + int + start_ssh2(int s, unsigned long int ip, int port, unsigned char options, char *miscptr, FILE * fp) + { +@@ -20,18 +59,19 @@ + char *login, *pass; + char *buf; + char *rc; ++ char buffer[64]; + struct sockaddr_in targetip; + SSH_SESSION *ssh_session; + SSH_OPTIONS *ssh_opt; + int auth_state; +- int i = 0; ++ char firstlogin[128]; + + if (strlen(login = hydra_get_next_login()) == 0) + login = empty; + if (strlen(pass = hydra_get_next_password()) == 0) + pass = empty; +- +- ssh_opt=options_new(); ++ snprintf(firstlogin,sizeof(firstlogin),"%s",login); ++ ssh_opt=ssh_options_new(); + memset(&targetip, 0, sizeof(targetip)); + memcpy(&targetip.sin_addr.s_addr, &ip, 4); + targetip.sin_family = AF_INET; +@@ -41,16 +81,21 @@ + buf = malloc(20); + inet_ntop(AF_INET, &targetip.sin_addr, buf, 20); + #endif +- options_set_wanted_method(ssh_opt,KEX_COMP_C_S,"none"); +- options_set_wanted_method(ssh_opt,KEX_COMP_S_C,"none"); +- options_set_port(ssh_opt, port); +- options_set_host(ssh_opt, buf); +- options_set_username(ssh_opt, login); +- +- if ((ssh_session = ssh_connect(ssh_opt)) == NULL) { ++ ssh_options_allow_ssh1(ssh_opt,1); ++// ssh_options_set_wanted_algos (ssh_opt,KEX_COMP_C_S,"none"); ++// ssh_options_set_wanted_algos (ssh_opt,KEX_COMP_S_C,"none"); ++ ssh_options_set_port(ssh_opt, port); ++ ssh_options_set_host(ssh_opt, buf); ++ ssh_options_set_username(ssh_opt, login); ++ ssh_session=ssh_new(); ++ ssh_set_options(ssh_session,ssh_opt); ++ /* printf("ssh-connecting with login \"%s\"\n",login); */ ++ if (ssh_connect(ssh_session) == SSH_ERROR) { + rc = ssh_get_error(ssh_session); + if ((rc != NULL) && (rc[0] != '\0')) { +- if (strncmp("connect:", ssh_get_error(ssh_session), strlen("connect:")) == 0) ++ snprintf(buffer,sizeof(buffer),"%s",rc); ++ ssh_disconnect(ssh_session); ++ if (strncmp("connect:", buffer, strlen("connect:")) == 0) + return 3; + else + return 4; +@@ -60,43 +105,54 @@ + free(buf); + buf = NULL; + #endif +- +- do { +- /* why this crap? */ +- auth_state = ssh_userauth_kbdint(ssh_session, login, NULL); +- while (i < 10 && auth_state == SSH_AUTH_INFO) { +- ssh_userauth_kbdint_setanswer(ssh_session, i, pass); +- auth_state = ssh_userauth_kbdint(ssh_session, login, NULL); +- i++; +- } +- +- if (auth_state == SSH_AUTH_SUCCESS || ssh_userauth_password(ssh_session, login, pass) == SSH_AUTH_SUCCESS) { +- ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */ +- hydra_report_found_host(port, ip, "ssh2", fp); +- hydra_completed_pair_found(); +- if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) +- return 2; +- /* free(ssh_opt); */ /* DOUBLE FREE ! */ ++ /* None method is important since it can flag passwordless servers */ ++ auth_state=ssh_userauth_none(ssh_session, login); ++ if(auth_state == SSH_AUTH_SUCCESS){ ++ /* passwordless server */ ++ hydra_report_found_host(port, ip, "ssh2", fp); ++ hydra_completed_pair_found(); ++ ssh_disconnect(ssh_session); ++ if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) ++ return 2; ++ else + return 1; +- } else { +- if (ssh_error_code(ssh_session) == 1) { +- hydra_completed_pair(); ++ } ++ ++ do { ++ auth_state=try_password(ssh_session, pass); ++ if (auth_state == SSH_AUTH_SUCCESS) { ++ ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */ ++ hydra_report_found_host(port, ip, "ssh2", fp); ++ hydra_completed_pair_found(); + if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) + return 2; ++ return 1; + } else { +- ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */ +- hydra_completed_pair(); /* really? */ +- if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) ++ if (auth_state == SSH_AUTH_DENIED) { ++ hydra_completed_pair(); ++ if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0){ ++ ssh_disconnect(ssh_session); + return 2; +- /* free(ssh_opt); */ /* DOUBLE FREE ! */ ++ } ++ /* set a new password to try */ ++ login=hydra_get_next_login(); ++ if(strcmp(login,firstlogin) != 0){ ++ /* we can't try a new login without a new session. */ ++ ssh_disconnect(ssh_session); ++ //hydra_completed_pair_skip(); ++ return 1; ++ } ++ pass=hydra_get_next_password(); ++ /* try again using same session */ ++ } else { ++ ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */ ++ /* there was an error. The password was not really tried.*/ ++ //hydra_completed_pair_skip(); + return 1; + } + } + } while(1); + +- /* not reached */ +- +- /* free(ssh_opt); */ /* risk of double free */ + return 1; + } + +Les sous-répertoires hydra-5.4-src/palm et hydra-5.4-src-libssh0.2/palm sont identiques. |