mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-22 19:44:21 +01:00
213 lines
8 KiB
Diff
213 lines
8 KiB
Diff
Les sous-répertoires hydra-5.4-src/arm et hydra-5.4-src-libssh0.2/arm sont identiques.
|
|
diff -u hydra-5.4-src/configure hydra-5.4-src-libssh0.2/configure
|
|
--- hydra-5.4-src/configure 2006-01-20 14:44:15.000000000 +0100
|
|
+++ hydra-5.4-src-libssh0.2/configure 2008-10-31 22:32:47.000000000 +0100
|
|
@@ -243,11 +243,11 @@
|
|
|
|
if [ -n "$SSH_PATH" ]; then
|
|
echo " ... found"
|
|
- echo 'NOTE: ensure that you have libssh v0.11 installed!! Get it from http://0xbadc0de.be !'
|
|
+ echo 'NOTE: ensure that you have libssh v0.2 or later installed!! Get it from http://0xbadc0de.be !'
|
|
fi
|
|
if [ "X" = "X$SSH_PATH" ]; then
|
|
echo " ... NOT found, module ssh2 disabled"
|
|
- echo 'Get it from http://0xbadc0de.be/ - use v0.11!'
|
|
+ echo 'Get it from http://0xbadc0de.be/ - use v0.2 or later'
|
|
fi
|
|
if [ "$SSH_IPATH" = "/usr/include" ]; then
|
|
SSH_IPATH=""
|
|
Seulement dans hydra-5.4-src-libssh0.2/: .hydra-ftp.c.swp
|
|
Les sous-répertoires hydra-5.4-src/hydra-gtk et hydra-5.4-src-libssh0.2/hydra-gtk sont identiques.
|
|
Seulement dans hydra-5.4-src-libssh0.2/: .hydra-mod.c.swp
|
|
diff -u hydra-5.4-src/hydra-ssh2.c hydra-5.4-src-libssh0.2/hydra-ssh2.c
|
|
--- hydra-5.4-src/hydra-ssh2.c 2007-03-22 15:04:29.000000000 +0100
|
|
+++ hydra-5.4-src-libssh0.2/hydra-ssh2.c 2008-11-01 21:21:08.000000000 +0100
|
|
@@ -7,12 +7,51 @@
|
|
}
|
|
#else
|
|
|
|
-#warning "If compilation of hydra-ssh2 fails, you are not using v0.11. Download from http://www.0xbadc0de.be/"
|
|
+#warning "If compilation of hydra-ssh2 fails, you are not using v0.2 or 0.2.1. Download from http://www.0xbadc0de.be/"
|
|
|
|
#include <libssh/libssh.h>
|
|
|
|
extern char *HYDRA_EXIT;
|
|
|
|
+/* try to authenticate with one password */
|
|
+static int
|
|
+try_password(SSH_SESSION *ssh_session, char *password){
|
|
+ int auth_state;
|
|
+ int i;
|
|
+ /* printf("ssh-trying pass \"%s\"\n",password); */
|
|
+ /* We try keyboard-interactive when it's supported. kbdint is
|
|
+ * what openssh tries first when logging somewhere.
|
|
+ */
|
|
+ auth_state = ssh_userauth_kbdint(ssh_session, NULL, NULL);
|
|
+ if(auth_state == SSH_AUTH_INFO){
|
|
+ i=0;
|
|
+ /* we feed 10 password responses at max. Keybint is challenge-response
|
|
+ * based so the server could ask unrelated questions
|
|
+ */
|
|
+ while(auth_state == SSH_AUTH_INFO && i<10){
|
|
+ ssh_userauth_kbdint_setanswer(ssh_session, i, password);
|
|
+ auth_state = ssh_userauth_kbdint(ssh_session, NULL, NULL);
|
|
+ i++;
|
|
+ }
|
|
+ /* Partial authentication is specific to SSH : the password is valid but
|
|
+ * an other authentication token is needed (generaly private key)
|
|
+ */
|
|
+ if(auth_state == SSH_AUTH_PARTIAL)
|
|
+ auth_state = SSH_AUTH_SUCCESS;
|
|
+ if(auth_state == SSH_AUTH_INFO)
|
|
+ auth_state = SSH_AUTH_ERROR;
|
|
+ return auth_state;
|
|
+ }
|
|
+ if(auth_state == SSH_AUTH_ERROR)
|
|
+ return auth_state;
|
|
+ /* Keyboard-interactive is not supported so we run through the password
|
|
+ * method */
|
|
+ auth_state = ssh_userauth_password(ssh_session, NULL, password);
|
|
+ if(auth_state == SSH_AUTH_PARTIAL)
|
|
+ auth_state = SSH_AUTH_SUCCESS;
|
|
+ return auth_state;
|
|
+}
|
|
+
|
|
int
|
|
start_ssh2(int s, unsigned long int ip, int port, unsigned char options, char *miscptr, FILE * fp)
|
|
{
|
|
@@ -20,18 +59,19 @@
|
|
char *login, *pass;
|
|
char *buf;
|
|
char *rc;
|
|
+ char buffer[64];
|
|
struct sockaddr_in targetip;
|
|
SSH_SESSION *ssh_session;
|
|
SSH_OPTIONS *ssh_opt;
|
|
int auth_state;
|
|
- int i = 0;
|
|
+ char firstlogin[128];
|
|
|
|
if (strlen(login = hydra_get_next_login()) == 0)
|
|
login = empty;
|
|
if (strlen(pass = hydra_get_next_password()) == 0)
|
|
pass = empty;
|
|
-
|
|
- ssh_opt=options_new();
|
|
+ snprintf(firstlogin,sizeof(firstlogin),"%s",login);
|
|
+ ssh_opt=ssh_options_new();
|
|
memset(&targetip, 0, sizeof(targetip));
|
|
memcpy(&targetip.sin_addr.s_addr, &ip, 4);
|
|
targetip.sin_family = AF_INET;
|
|
@@ -41,16 +81,21 @@
|
|
buf = malloc(20);
|
|
inet_ntop(AF_INET, &targetip.sin_addr, buf, 20);
|
|
#endif
|
|
- options_set_wanted_method(ssh_opt,KEX_COMP_C_S,"none");
|
|
- options_set_wanted_method(ssh_opt,KEX_COMP_S_C,"none");
|
|
- options_set_port(ssh_opt, port);
|
|
- options_set_host(ssh_opt, buf);
|
|
- options_set_username(ssh_opt, login);
|
|
-
|
|
- if ((ssh_session = ssh_connect(ssh_opt)) == NULL) {
|
|
+ ssh_options_allow_ssh1(ssh_opt,1);
|
|
+// ssh_options_set_wanted_algos (ssh_opt,KEX_COMP_C_S,"none");
|
|
+// ssh_options_set_wanted_algos (ssh_opt,KEX_COMP_S_C,"none");
|
|
+ ssh_options_set_port(ssh_opt, port);
|
|
+ ssh_options_set_host(ssh_opt, buf);
|
|
+ ssh_options_set_username(ssh_opt, login);
|
|
+ ssh_session=ssh_new();
|
|
+ ssh_set_options(ssh_session,ssh_opt);
|
|
+ /* printf("ssh-connecting with login \"%s\"\n",login); */
|
|
+ if (ssh_connect(ssh_session) == SSH_ERROR) {
|
|
rc = ssh_get_error(ssh_session);
|
|
if ((rc != NULL) && (rc[0] != '\0')) {
|
|
- if (strncmp("connect:", ssh_get_error(ssh_session), strlen("connect:")) == 0)
|
|
+ snprintf(buffer,sizeof(buffer),"%s",rc);
|
|
+ ssh_disconnect(ssh_session);
|
|
+ if (strncmp("connect:", buffer, strlen("connect:")) == 0)
|
|
return 3;
|
|
else
|
|
return 4;
|
|
@@ -60,43 +105,54 @@
|
|
free(buf);
|
|
buf = NULL;
|
|
#endif
|
|
-
|
|
- do {
|
|
- /* why this crap? */
|
|
- auth_state = ssh_userauth_kbdint(ssh_session, login, NULL);
|
|
- while (i < 10 && auth_state == SSH_AUTH_INFO) {
|
|
- ssh_userauth_kbdint_setanswer(ssh_session, i, pass);
|
|
- auth_state = ssh_userauth_kbdint(ssh_session, login, NULL);
|
|
- i++;
|
|
- }
|
|
-
|
|
- if (auth_state == SSH_AUTH_SUCCESS || ssh_userauth_password(ssh_session, login, pass) == SSH_AUTH_SUCCESS) {
|
|
- ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */
|
|
- hydra_report_found_host(port, ip, "ssh2", fp);
|
|
- hydra_completed_pair_found();
|
|
- if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
|
|
- return 2;
|
|
- /* free(ssh_opt); */ /* DOUBLE FREE ! */
|
|
+ /* None method is important since it can flag passwordless servers */
|
|
+ auth_state=ssh_userauth_none(ssh_session, login);
|
|
+ if(auth_state == SSH_AUTH_SUCCESS){
|
|
+ /* passwordless server */
|
|
+ hydra_report_found_host(port, ip, "ssh2", fp);
|
|
+ hydra_completed_pair_found();
|
|
+ ssh_disconnect(ssh_session);
|
|
+ if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
|
|
+ return 2;
|
|
+ else
|
|
return 1;
|
|
- } else {
|
|
- if (ssh_error_code(ssh_session) == 1) {
|
|
- hydra_completed_pair();
|
|
+ }
|
|
+
|
|
+ do {
|
|
+ auth_state=try_password(ssh_session, pass);
|
|
+ if (auth_state == SSH_AUTH_SUCCESS) {
|
|
+ ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */
|
|
+ hydra_report_found_host(port, ip, "ssh2", fp);
|
|
+ hydra_completed_pair_found();
|
|
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
|
|
return 2;
|
|
+ return 1;
|
|
} else {
|
|
- ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */
|
|
- hydra_completed_pair(); /* really? */
|
|
- if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
|
|
+ if (auth_state == SSH_AUTH_DENIED) {
|
|
+ hydra_completed_pair();
|
|
+ if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0){
|
|
+ ssh_disconnect(ssh_session);
|
|
return 2;
|
|
- /* free(ssh_opt); */ /* DOUBLE FREE ! */
|
|
+ }
|
|
+ /* set a new password to try */
|
|
+ login=hydra_get_next_login();
|
|
+ if(strcmp(login,firstlogin) != 0){
|
|
+ /* we can't try a new login without a new session. */
|
|
+ ssh_disconnect(ssh_session);
|
|
+ //hydra_completed_pair_skip();
|
|
+ return 1;
|
|
+ }
|
|
+ pass=hydra_get_next_password();
|
|
+ /* try again using same session */
|
|
+ } else {
|
|
+ ssh_disconnect(ssh_session); /* this automagically frees the ssh_opt buffer */
|
|
+ /* there was an error. The password was not really tried.*/
|
|
+ //hydra_completed_pair_skip();
|
|
return 1;
|
|
}
|
|
}
|
|
} while(1);
|
|
|
|
- /* not reached */
|
|
-
|
|
- /* free(ssh_opt); */ /* risk of double free */
|
|
return 1;
|
|
}
|
|
|
|
Les sous-répertoires hydra-5.4-src/palm et hydra-5.4-src-libssh0.2/palm sont identiques.
|