-
Notifications
You must be signed in to change notification settings - Fork 2k
/
CHANGES
890 lines (771 loc) · 41 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
Changelog for hydra
-------------------
Release 9.5
* many modules did not support -W (all those that used a library for the
connection). All (or most?) should be fixed now.
* http-form:
- The help for http-form was wrong. the condition variable must always be
the *last* parameter, not the third
- Proxy support was not working correctly
* smb2: fix for updated libsmb2 which resulted in correct guessing attempts
not being detected
* smtp: break early if the server does not allow authentication
* rdp: detect more return codes that say a user is disabled etc.
Release 9.4
* Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian
* Small fix for weird RTSP servers
* Added "2=" optional parameter to http-post-form module to tell hydra that
a "302" HTTP return code means success
* replaced wait3 with waitpid for better compatability
Release 9.3
* support Xcode compilation
* new module: cobaltstrike by ultimaiiii, thank you!
* fix for ssh to support -M or ip/range
* fix for rdp to detect empty passwords
* fix for http-form to no send empty headers
* fix for http on non-default ports when using with a proxy
* for vnc/cisco/... protocols that only check for a password, skip host
after the password is found
* fix to support IPv6 addresses in -M
* fix to test all entries in -C files, not exiting after the first found
* make disappearing targets faster to terminate on
* added "make uninstall"
Release 9.2
* fix for http-post-form optional parameters
* enable gcc 10 support for xhydra too :)
* msys support
* removed rain mode (-r) because of inefficiency
* IPv6 support for Host: header for http based modules
Release 9.1
* rdb: support for libfreerdp3 (thanks to animetauren)
* new module: smb2 which also supports smb3 (uses libsmbclient-dev) (thanks to Karim Kanso for the module!)
* oracle: added success condition (thanks to kazkansouh), compile on Cygwin (thanks to maaaaz)
* rtsp: fixed crash in MD5 auth
* svn: updated to support past and new API
* http: now supports F=/S= string matching conditions (thanks to poucz@github)
* http-proxy: buffer fix, 404 success condition (thanks to kazkansouh)
* mysql: changed not to use mysql db as a default. if the user has not access to this db auth fails ...
* sasl: buffer fix (thanks to TenGbps)
* fixed help for https modules (thanks to Jab2870)
* added -K command line switch to disable redo attempts (good for mass scanning)
* forgot to have the -m option in the hydra help output
* gcc-10 support and various cleanups by Jeroen Roovers, thanks!
* added .clang-format and formatted all code
Release 9.0
* rdp: Revamped rdp module to use FreeRDP library (thanks to loianhtuan@github for the patch!)
* Added memcached module
* Added mongodb module
* http: http module now supports a= option to select http authentication type
* JSON output does now truncate the file if exists.
* Fixed svn module memory leaks
* Fixed rtsp module potential buffer overflow
* Fixed http module DIGEST-MD5 mode
Release 8.9.1
* Clarification for rdp error message
* CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed
Release 8.8
* New web page: https://github.com/vanhauser-thc/thc-hydra
* added PROBLEMS file with known issues
* rdp: disabled the module as it does not support the current protocol. If you want to add it contact me
* ldap: fixed a dumb strlen on a potential null pointer
* http-get/http-post:
- now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch)
- 403/404 errors are now always registered as failed attempts
* mysql module: a non-default port was not working, fixed
* added -w timeout support to ssh module
* fixed various memory leaks in http-form module
* corrected hydra return code to be 0 on success
* added patch from debian maintainers which fixes spellings
* fixed weird crash on x64 systems
* many warning fixes by crondaemon
Release 8.6
* added radmin2 module by catatonic prime - great work!
* smb module now checks if SMBv1 is supported by the server and if signing is required
* http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch)
* Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting)
* Added new command line option:
-c TIME: seconds between login attempts (over all threads, so -t 1 is recommended)
* Options put after -R (for loading a restore file) are now honored (and were disallowed before)
* merged several patches by Diadlo@github to make the code easier readable. thanks for that!
* merged a patch by Diadlo@github that moves the help output to the invididual module
Release 8.5
* New command line option:
-b : format option for -o output file (json only so far, happy for patches supporting others :) ) - thanks to veggiespam for the patch
* ./configure now honors the CC enviroment variable if present
* Fix for the restore file crash on some x64 platforms (finally! thanks to lukas227!)
* Changed the format of the restore file to detect cross platform copies
* Fixed a bug in the NCP module
* Favor strrchr() over rindex()
* Added refactoring patch by diadlo
* Updated man page with missing command line options
Release 8.4
! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix
* Proxy support re-implemented:
- HYDRA_PROXY[_HTTP] environment can be a text file with up to 64 entries
- HYDRA_PROXY_AUTH was deprecated, set login/password in HTTP_PROXY[_HTTP]
* New protocol: adam6500 - this one is work in progress, please test and report
* New protocol: rpcap - thanks to Petar Kaleychev <[email protected]>
* New command line options:
-y : disables -x 1aA interpretation, thanks to crondaemon for the patch
-I : ignore an existing hydra.restore file (don't wait for 10 seconds)
* hydra-svn: works now with the current libsvn version
* hydra-ssh: initial check for password auth support now uses login supplied
* Fixed dpl4hydra to be able to update from the web again
* Fixed crash when -U was used without any service (thanks to thecarterb for reporting)
* Updated default password lists
* The protocols vnc, xmpp, telnet, imap, nntp and pcanywhere got accidentially long sleep commands due a patch in 8.2, fixed
* Added special error message for clueless users :)
Release 8.3
* Support for upcoming OpenSSL 1.1 added. needs testing.
* Fixed hydra redo bug (issue #113)
* Updated xhydra for new hydra features and options
* Some more command line error checking
* Ensured unneeded sockets are closed
Release 8.2
* Added RTSP module, thanks to jjavi89 for supplying!
* Added patch for ssh that fixes hydra stopping to connect, thanks to ShantonRU for the patch
* Added new -O option to hydra to support SSL servers that do not suport TLS
* Added xhydra gtk patche by Petar Kaleychev to support modules that do not use usernames
* Added patch to redis for initial service checking by Petar Kaleychev - thanks a lot!
* Added support in hydra-http for http-post (content length 0)
* Fixed important bug in http-*://server/url command line processing
* Added SSL SNI support
* Fixed bug in HTTP Form redirection following - thanks for everyone who reported and especially to Hayden Young for setting up a test page for debugging
* Better library finding in ./configure for SVN + support for Darwin Homebrew (and further enhanced)
* Fixed http-form module crash that only occurs on *BSD/OSX systems. Thanks to zdk for reporting!
* Fixed for SSL connection to support TLSv1.2 etc.
* Support for different RSA keylengths, thanks to fann95 for the patch
* Fixed a bug where the cisco-enable module was not working with the password-only logon mode
* Fixed an out of memory bug in http-form
* Fixed imap PLAIN method
* Fixed -x option to bail if it would generate too many passwords (more than 4 billion)
* Added warning if HYDRA_PROXY_CONNECT environment is detected, that is an outdated setting
* Added --fhs switch to configure (for Linux distribution usage)
* ... your patch?
Release 8.1
* David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best!
* Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks!
* Fixed the -M option, works now with many many targets :-)
* -M option now supports ports, add a colon in between: "host:port", or, if IPv6, "[ipv6ipaddress]:port"
* Found login:password combinations are now printed with the name specified (hostname or IP), not always IP
* Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting)
* Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks!
* Added xhydra gtk patches by Petar Kaleychev to support -h, -U, -f, -F, -q and -e r options, thanks!
* Added patch for teamspeak to better identify server errors and auth failures (thanks to Petar Kaleychev)
* Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting)
* Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting)
* Updated configure to detect subversion packages on current Cygwin
* Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com)
Release 8.0
! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra
* Added module for redis (submitted by Alejandro Ramos, thanks!)
* Added patch which adds Unicode support for the SMB module (thanks to Max Kosmach)
* Added initial interactive password authentication test for ssh (thanks to Joshua Houghton)
* Added patch for xhydra that adds bruteforce generator to the GUI (thanks to Petar Kaleychev)
* Target on the command line can now be a CIDR definition, e.g. 192.168.0.0/24
* with -M <targetfile>, you can now specify a port for each entry (use "target:port" per line)
* Verified that hydra compiles cleanly on QNX / Blackberry 10 :-)
* Bugfixes for -x option:
- password tries were lost when connection errors happened (thanks to Vineet Kumar for reporting)
- fixed crash when used together with -e option
* Fixed a bug that hydra would not compile without libssh (introduced in v7.6)
* Various bugfixes if many targets where attacked in parallel
* Cygwin's Postgresql is working again, hence configure detection re-enabled
* Added gcc compilation security options (if detected to be supported by configure script)
* Enhancements to the secure compilation options
* Checked code with cppcheck and fixed some minor issues.
* Checked code with Coverity. Fixed a lot of small and medium issues.
Release 7.6
* Added a wizard script for hydra based on a script by Shivang Desai <[email protected]>
* Added module for Siemens S7-300 (submitted by Alexander Timorin and Sergey Gordeychik, thanks!)
* HTTP HEAD/GET: MD5 digest auth was not working, fixed (thanks to Paul Kenyon)
* SMTP Enum: HELO is now always sent, better 500 error detection
* hydra main:
- fixed a bug in the IPv6 address parsing when a port was supplied
- added info message for pop3, imap and smtp protocol usage
* hydra GTK: missed some services, added
* dpl4hydra.sh:
- added Siemens S7-300 common passwords to default password list
- more broad searching in the list
* Performed code indention on all C files :-)
* Makefile patch to ensure .../etc directory is there (thanks to vonnyfly)
Release 7.5
* Moved the license from GPLv3 to AGPLv3 (see LICENSE file)
* Added module for Asterisk Call Manager
* Added support for Android where some functions are not available
* hydra main:
- reduced the screen output if run without -h, full screen with -h
- fix for IPv6 and port parsing with service://[ipv6address]:port/OPTIONS
- fixed -o output (thanks to www417)
- warning if HYDRA_PROXY is defined but the module does not use it
- fixed an issue with large input files and long entries
* hydra library:
- SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems
- removed support for old OPENSSL libraries
* HTTP Form module:
- login and password values are now encoded if special characters are present
- ^USER^ and ^PASS^ are now also supported in H= header values
- if you the colon as a value in your option string, you can now escape it with \: - but do not encode a \ with \\
* Mysql module: protocol 10 is now supported
* SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be
defined as an option "TLS" if required. This increases performance.
* Cisco module: fixed a small bug (thanks to Vitaly McLain)
* Postgres module: libraries on Cygwin are buggy at the moment, module is therefore
disabled on Cygwin
Release 7.4.3 FIX RELEASES for bugs introduced in 7.4
* Quickfix for people who do not have libssh installed (won't compile otherwise)
* Quickfix for http-get/http-head and irc module which would not run due a new feature.
* Fix for the ssh module that breaks an endless loop if a service becomes unavailable (thanks to shark0der(at)gmail(dot)com for reporting)
Release 7.4
* New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
* Added support for win8 and win2012 server to the RDP module
* Better target distribution if -M is used
* Added colored output (needs libcurses)
* Better library detection for current Cygwin and OS X
* Fixed the -W option
* Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
* Fixed HTTP Form module false positive when no answer was received from the server
* Fixed SMB module return code for invalid hours logon and LM auth disabled
* Fixed http-{get|post-form} from xhydra
* Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
* Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
* Added debug mode option to usage (thanks to Anold Black)
Release 7.3
* Hydra main:
- Added -F switch to quit all targets if one pair was found (for -M)
- Fixed a bug where hydra would terminate after reporting a successful
login when an account would accept any password
- Fixed a bug with very large wordlists (thanks to sheepdestroyer for reporting!)
- Enhanced the module help
* configure script:
- Added fix Oracle library inclusion, thanks to Brandon Archer!
- Added --nostrip option to prevent binary stripping (requested by Fedora
maintainer)
* Added a Makefile patch by the Debian maintainers to support their
SecurityHardeningBuildFlags for the wheezy build as requested
* dpl4hydra: added install directory support
* All code: message cleanups
* SNMP module
- originally already supported write and v2 although this was not in the
module help output. Added :-)
- added SNMPv3 MD5/SHA1 authentication support, though beta still
* HTTP module:
- fixed HTTP NTLM auth session
- implemented errata fix for HTTP digest md5-sess algorithm
- set default path to /
* HTTP Form module:
- set default path to /
- support HTTP/1.0 redirects
- fix failed condition check when pcre is not used
* IMAP module: fixed auth detection
* POP3 module: Updated auth and capability detection
* Oracle module: fixed bad handling
* Oracle listener module: fixed hash size handling
* Telnet/Cisco/Cisco-enable modules: support "press ENTER" prompts
* FTP module:
- Fixed a bug where 530 messages were incorrectly handled
- Clarification for the usage of ftps
* Mysql module: added patch from Redhat/Fedora that fixes compile problems
* Added IDN and PCRE support for Cygwin
Release 7.2
* Speed-up http modules auth mechanism detection
* Fixed -C colonfile mode when empty login/passwords were used (thanks to
will(at)configitnow(dot)com for reporting)
* The -f switch was not working for postgres, afp, socks5, firebird and ncp,
thanks to Richard Whitcroft for reporting!
* Fixed NTLM auth in http-proxy/http-proxy-url module
* Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at
* Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com
* Fix http form module: optional headers and 3xx status redirect, thx to Gash
* Fix in configure script for --prefix option, thanks to dazzlepod
* Update of the dpl4hydra script by Roland Kessler, thanks!
* Small fix for hydra man page, thanks to brad(at)comstyle(dot)com
Release 7.1
* Added HTTP Proxy URL enumeration module
* Added SOCKS4/SOCKS5 proxy support with authentication
* Added IPv6 support for SOCKS5 module
* Added -e r option to try the reversed login as password
* Rewrote -x functionality as the code caused too much trouble (thanks to
murder.net7(at)gmail.com for reporting one of the issues)
* Fixed a bug with multiple hosts (-M) and http modules against targets that
are virtual servers. Well spotted by Tyler Krpata!
* Fixed SVN IPv6 support and updated deprecated calls
* Fixed RDP failed child connection returned value and false positive issues
reported by Wangchaohui, thanks!
* Fixed restore file functionality, was not working together with -o option
* Fix in http-form module for bug introduced in 7.0
* Fixed xhydra specific parameter value for http-proxy module
* minor enhancements
Release 7.0
* New main engine for hydra: better performance, flexibility and stability
* New option -u - loop around users, not passwords
* Option -e now also works with -x and -C
* Added RDP module, domain can be passed as argument
* Added other_domain option to smb module to test trusted domains
* Small enhancement for http and http-proxy module for standard ignoring servers
* Lots of bugfixes, especially with many tasks, multiple targets and restore file
* Fixes for a few http-form issues
* Fix smb module NTLM hash use
* Fixed Firebird module deprecated API call
* Fixed for dpl4hydra to work on old sed implementations (OS/X ...)
* Fixed makefile to install dpl4hydra (thx @sitecrea)
* Fixed local buffer overflow in debug output function (required -d to be used)
* Fixed xhydra running warnings and correct quit action event
Release 6.5
* Improved HTTP form module: getting cookie, fail or success condition, follow
multiple redirections, support cookie gathering URL, multiple user defined
headers
* Added interface support for IPv6, needed for connecting to link local fe80::
addresses. Works only on Linux and OS/X. Information for Solaris and *BSD welcome
* Added -W waittime between connects option
* The -x bruteforce mode now allows for generated password amounts > 2 billion
* Fix if -L was used together with -x
* Fixes for http- modules when the http-...://target/options format was used
* Fixed a bug in the restore file write function that could lead to a crash
* Fixed XMPP module jabber init request and challenge response check, thx "F e L o R e T"
* Fix: if a proxy was used, unresolveable targets were disabled. now its fine
* Fix for service://host/ usage if a colon was used after the URI without a
port defined
Release 6.4
* Update SIP module to extract and use external IP addr return from server error to bypass NAT
* Update SIP module to use SASL lib
* Update email modules to check clear mode when TLS mode failed
* Update Oracle Listener module to work with Oracle DB 9.2
* Update LDAP module to support Windows 2008 active directory simple auth
* Fix to the connection adaptation engine which would loose planned attempts
* Fix make script for CentOS, reported by ya0wei
* Print error when a service limits connections and few pairs have to be tested
* Improved Mysql module to only init/close when needed
* Added patch from the FreeBSD maintainers
* Module usage help does not need a target to be specified anymore
* Configure script now honors /etc/ld.so.conf.d/ directory
* Add more SMB dialects
Release 6.3
* Added patch by Petar Kaleychev which adds nice icons to cygwin hydra files
* Added patch by Gauillaume Rousse which fixes a warning display
* New Oracle module (for databases via OCI, for TNS Listener passwd, for SID enumeration)
* New SMTP user enum module (using VRFY, EXPN or RCPT command)
* Memory leak fix for -x bruteforcing option reported by Alex Lau
* Fix for svn module, for some versions it needs one more lib, thanks to the
Debian team for reporting!
* Fix ssh module, on connection refused a credential could be lost
* Fix http-form module, a redirect was not always followed
* QA on all modules for memory leaks
* Better gtk detection (to not even try xhydra compilation when its useless)
* First blant attempt for configuring to x64 systems (Linux and *BSD)
* Updated network password cracker comparison on the web page (for hydra and new ncrack)
* Indented all source code
Release 6.2
* Added a patch by Jan Dlabal which adds password generation bruteforcing (no more password files :-) )
* Forgot to rename ssh2 to ssh in xhydra, fixed
* Add support for CRAM-MD5 and DIGEST-MD5 auth to ldap module
* Fix SASL PLAIN auth method issue
* Add TLS negotiation support for smtp-auth, pop3, imap, ftp and ldap
* Added man pages from Debian maintainers
* Checked Teamspeak module, works on TS2 protocol
* Add support for SCRAM-SHA1 (RFC 5802), first auth cracker to support it, yeah !
* New module: XMPP with TLS negotiation and LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1 support
* Add SCRAM-SHA1 auth to IMAP module
* Add module usage help (-U)
* Add support for RFC 4013: Internationalized Strings in SASL ("SASLPrep")
* Rename smtpauth module to smtp
* Add SASL + TLS support for NNTP
* Bugfix SASL DIGEST-MD5, response could be wrong sometime, mainly on 64bits systems
* Bugfix rlogin module, some auth failure could not be detected accurately
* Bugfix rsh module, some auth failure could not be detected accurately
* New module: IRC is not dead ! use to find general server password and /oper credential
* Add SSL support for VMware Authentication Daemon module
* Bugfix CVS module, should work now, why does nobody report this ??
* Bugfix Telnet module, when line mode is not available
* Add support for new syntax <service-name>://<target>[:<port-number>][/<parameters>]
* Add TLS support for SIP
* STILL OPEN: Fixed a problem in hydra where a login+pw test was lost when an arm/child was quitting
Release 6.1
* More license updates for the files for the Debian guys
* Fix for the configure script to correctly detect postgresql
* Add checks for libssh v0.4 and support for ssh v1
* Merge all latest crypto code in sasl files
* Fix SVN compilation issue on openSUSE (tested with v11.3)
Release 6.0
* Added GPL exception clause to license to allow linking to OpenSSL - Debian people need this
* IPv6 support finally added. Note: sip and socks5 modules do not support IPv6 yet
* Changes to code and configure script to ensure clean compile on Solaris 11,
OSX, FreeBSD 8.1, Cygwin and Linux
* Bugfix for SIP module, thanks to yori(at)counterhackchallenges(dot)com
* Compile fixes for systems without OpenSSL or old OpenSSL installations
* Eliminated compile time warnings
* xhydra updates to support the new features (david@)
* Added CRAM-MD5, DIGEST-MD5 auth mechanism to the smtp-auth module (david@)
* Added LOGIN, PLAIN, CRAM-(MD5,SHA1,SHA256) and DIGEST-MD5 auth mechanisms to the imap and pop3 modules (david@)
* Added APOP auth to POP3 module (david@)
* Added NTLM and DIGEST-MD5 to http-auth module and DIGEST-MD5 to http-proxy module (david@)
* Fixed VNC module for None and VLC auth (david@)
* Fixes for LDAP module (david@)
* Bugfix Telnet module linemode option negotiation using win7 (david@)
* Bugfix SSH module when max auth connection is reached (david@)
Release 5.9
* Update for the subversion module for newer SVN versions (thanks to David Maciejak @ GMAIL dot com)
* Another patch by David to add the PLAIN auth mechanism to the smtp-auth module
* mysql module now has two implementations and uses a library when found (again
thanks to David Maciejak @ GMAIL dot com - what would hydra be without him)
* camiloculpian @ gmail dot com submitted a logo for hydra - looks cool, thanks!
* better FTP 530 error code detection
* bugfix for the SVN module for non-standard ports (again david@)
Release 5.8
* Added Apple Filing Protocol (thank to "never tired" David Maciejak @ GMAIL dot com)
* Fixed a big bug in the SSL option (-S)
Release 5.7
* Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com)
* Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz
* Removed unnecessary compiler warnings
* Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be
* Fixed small local defined overflow in the teamspeak module. Does it still work anyway??
Release 5.6 PRIVATE VERSION
###########
* Moved to GPLv3 License (lots of people wanted that)
* Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for
the 0.2 basis)
* Added firebird support (by David Maciejak @ GMAIL dot com)
* Added SIP MD5 auth patch (by Jean-Baptiste Aviat <jba [at] hsc [dot] `french tld`)
* Removed Palm and ARM support
* Fix for cygwin which falsely detected postgres library when there was none.
* Several small bugfixes
Release 5.4
###########
* Fixes to the http modules as some Apache installations are picky
* The MySQL module also works with mysqld-5.0, updated
* Added AS/400 return code checks to pop3 module
* Fixed memory leaks in the http-form module.
* Implemented a proposal by Jean-Baptiste.BEAUFRETON (at) turbomeca.fr to
check for "530 user unknown" message in the ftp module
* Added a performance patch by alejandro.mendiondo (at) baicom.com. This one
needs stability testing!
* Beautification to remove compiler warnings of modern gcc
Release 5.3
###########
* Added NTLM support modules for pop3, imap, smtp-auth and http-proxy.
Work done by ilo (at) reversing.org. THANKS!
* Added a http form module, thanks to phil (at) irmplc.com
* Fixed a bug in the vnc module (thanks to kan (at) dcit.cz)
* Input files may *not* contain null bytes. I might fix that in the future
but currently I have enough other things on my todo sheet.
Thanks to didiln (at) gmail.com for reporting.
Release 5.2
###########
* Again again some fixes for the ssh2 module. This is the last try. If it
finally does not work reliable, I am throwing out that library!
Thanks to [email protected] for the patch
* Added a new module: VMWare-Auth! Thanks to [email protected]!
Release 5.1
###########
* Again some fixed for the ssh2 module. Sorry. And still it might not work
in all occasions. The libssh is not as mature as we all wish it would be :-(
* HYDRA_PROXY_AUTH was never used ... weird that nobody reported that. fixed.
* Fixed bug in the base64 encoding function
* Added an md5.h include which is needed since openssl 0.9.8
* Added an enhacement to the FTP module, thanks to [email protected]
* Fixed a bug when not using passwords and just -e n/s
Release 5.0
###########
! THIS IS A THC - TAX - 10TH ANNIVERSARY RELEASE ! HAVE FUN !
* Increadible speed-up for most modules :-)
* Added module for PC-Anywhere, thanks to david.maciejak(at)kyxar.fr!
* Added module for SVN, thanks to david.maciejak(at)kyxar.fr!
* Added --disable-xhydra option to configure, thanks to david.maciejak(at)kyxar.fr!
- he is becoming the top supporter :-)
* Added module for SIP (VoIP), thanks to gh0st(at)staatsfeind.org
* Added support for newer sap r/3 rfcsdk
* Added check to the telnet module to work with Cisco AAA
* Fix for the VNC module, thanks to xmag
* Small enhancement to the mysql plugin by pjohnson(at)bosconet.org
Release 4.7
###########
* Updated ssh2 support to libssh v0.11 - you *must* use this version if
you want to use ssh2! download from http://www.0xbadc0de.be/?part=libssh
This hopefully fixes problems on/against Sun machines.
After fixing, I also received a patch from david maciejak - thanks :-)
* Added an attack module for rlogin and rsh, thanks to
david.maciejak(at)kyxar.fr!
* Added an attack module for the postgres database, thanks to
diaul(at)devilopers.org! (and again: david maciejak sent on in as well)
* JoMo-Kun sent in an update for his smbnt module. cool new features:
win2k native mode, xp anonymous account detection, machine name as password
* Hopefully made VNC 3.7 protocol versions to work. please report.
* Switched http and https service module to http-head, http-get and
https-get, https-head. Some web servers want HEAD, others only GET
* An initial password for cisco-enable is now not required anymore. Some
people had console access without password, so this was necessary.
* Fixed a bug in xhydra which did not allow custom ports > 100
! Soon to come: v5.0 - some cool new features to arrive on your pentest
machine!
Release 4.6
###########
* Snakebyte delivered a module for Teamspeak
* Snakebyte updated the rexec module for the Hydra Palm version
* Snakebyte updated xhydra to support the new Telnet success response option
* Clarified the Licence
* Updated the ldap module to support v3, note that "ldap" is now specified as
"ldap2" or "ldap3". Added wrong version detection.
Release 4.5
###########
* The configure script now detects Cygwin automatically :-)
* The telnet module now handles the OPT special input. Specify the string
which is displayed after successfully a login. Use this if you have false
positives.
* Made smtp-auth module more flexible in EHLO/HELO handling
* Fixed some glitches in the SAP/R3 module (correct sysnr, better port
handling) thanks to [email protected] !
* Fixed some glitches in the http/https module
* Fixed a big bug in snakebyte's snmp module
* Warning msg is now displayed if the deprecated icq module is used
* Added warning message to the ssh2 module during compilation as many people
use the newest libssh version which is broken.
Release 4.4
###########
* Fixed another floating point exception *sigh*
* Fixed -C colon mode
* Added EHLO support for the smtp-auth module, required for some smtpd
Release 4.3
###########
* Fixed a divide by zero bug in the status report function
* Added functionality for skipping accounts (cvs is so nice to report this)
* Snakebyte sent in a patch for cvs for skipping nonexisting accounts
* <[email protected]> sent in a patch to fix proxy support for the HTTP module
without proxy authentication
Release 4.2
###########
* Snakebyte sent in modules for SNMP and CVS - great work!
* Snakebyte also expanded the gtk gui to support the two new modules
* Justin <[email protected]> sent in a module for smtp-auth ... thanks!
* [email protected] sent in some few patches to fix small glitches
* Incorporated a check from the openbsd port
Release 4.1
###########
* Snakebyte wrote a very nice GTK GUI for hydra! enjoy!
* due a bug, sometimes hydra would kill process -1 ... baaaad boy!
* found passwords are now also printed to stdout if -o option is used
* <[email protected]> reported that hydra wouldn't complain on ssh2 option if
compiled without support, fixed
* <[email protected]> made an official port for FreeBSD and sent me a
diff to exchange the MD4 of libdes to openssl
* <[email protected]> noticed that hydra will crash on big wordlists as
the result of the mallocs there were not checked, fixed
* Snakebyte expanded his PalmOS Version of hydra to nntp and fixed vnc
* Increased the wait time for children from 5 to 15 seconds, as e.g.
snakebyte reported detection problems
* Fixed some display glitches
Release v4.0
############
#
# This is a summary of changes of the D1 to D5 beta releases and shows
# what makes v4.0 different from 3.1.
# Have fun. Lots of it.
#
# By the way: I need someone to program a nice GTK frontend for hydra,
# would YOU like to do that and receive the fame? Send an email to [email protected] !
#
* For the first time there is not only a UNIX/source release but additionally:
! Windows release (cygwin compile with dll's)
! PalmPilot release
! ARM processor release (for all your Zaurus, iPaq etc. running Linux)
* There are new service attack modules:
! ms-sql
! sap r/3 (requires a library)
! ssh v2 (requires a library)
* Enhancements/Fixes to service attack modules:
! vnc module didnt work correctly, fixed
! mysql module supports newer versions now
! http module received a minor fix and has better virtual host support now
! http-proxy supports now an optional URL
! socks5 checks now for false positives and daemons without authentication
* The core code (hydra.c) was rewritten from scratch
! rewrote the internal distribution functions from scratch. code is now
safer, less error prone, easier to read.
! multiple target support rewritten which now includes intelligent load
balancing based on success, error and load rate
! intelligently detect maximum connect numbers for services (per server if
multiple targets are used)
! intelligent restore file writing
! Faster (up to 15%)
! Full Cygwin and Cygwin IPv6 support
* added new tool: pw-inspector - it can be used to just try passwords which
matches the target's password policy
#
# This should be more than enough! :-)
#
... the rest below is history ...
###########################################################################
#
# New Hydra v4.0 code branch
#
Release D5
* added patches by [email protected] which enhance the proxy module and provide
a small fix for the http module
* small beautifcations to make the compiler happy
! This is the final beta version before public release
- please test everything!
Release D4
* Tick made an update to his configure-arm
* [email protected] added imap, vnc and cisco module support to PalmPilot
* fixed VNC module
* enhanced mysql module to work also with 4.0.x (and all future protocol 10
mysql protocol types)
* enhanced socks5 module to identify daemons which do not require
authentication, and false positive check (otherwise dante would report all
tries as successful)
* fixed a bug in configure for D3 which resulted in compile problems on
several platforms requiring libcrypto
Release D3
* added sapr3 attack module (requires libsdk.a and saprfc.h)
* added ssh2 attack module (requires libssh)
* [email protected] added telnet module support for PalmPilot
* fixed the mssql module, should work now
* fixed -e option bug
* fixed -C option bug (didnt work at all!!)
* fixed double detection (with -e option) plus added simple dictionary
double detection
* target port is now displayed on start
Release D2
* added better virtual host support to the www/http/https/ssl module
(based on a patch from [email protected])
* added ARM support (does not work for libdes yet, ssl works), done by
Tick <[email protected]>
* added Palm support (well, in reality it is more a rewrite which can use
the hydra-modules), done by snakebyte <[email protected]>
* added ms-sql attack module (code based on perl script form HD Moore
<[email protected]>, thanks for contributing)
Release D1 (3 March 2003)
* rewrote the internal distribution functions from scratch. code is now
safer, less error prone, easier to read.
* multiple target support rewritten which now includes intelligent load
balancing based on success, error and load rate
* intelligently detect maximum connect numbers for services (per server if
multiple targets are used)
* intelligent restore file writing
* Faster (up to 15%)
* Full Cygwin and Cygwin IPv6 support
* added new tool: pw-inspector - it can be used to just try passwords which
matches the target's password policy
###########################################################################
v3.0 (FEBRUARY 2004) PUBLIC RELEASE
* added a restore function to enable you to continue aborted/crashed
sessions. Just type "hydra -R" to continue a session.
NOTE: this does not work with the -M option! This feature is then disabled!
* added a module for http proxy authentication cracking ("http-proxy") :-)
* added HTTP and SSL/CONNECT proxy support. SSL/CONNECT proxy support works
for *all* TCP protocols, you just need to find a proxy which allows you to
CONNECT on port 23 ...
The environment variable HYDRA_PROXY_HTTP defines the web proxy. The
following syntax is valid: HYDRA_PROXY_HTTP="http://123.45.67.89:8080/"
Same for HYDRA_PROXY_CONNECT.
If you require authentication for the proxy, use the HYDRA_PROXY_AUTH
environment variable:
HYDRA_PROXY_AUTH="login:password"
* fixed parallel host scanning engine (thanks to m0j0.j0j0 for reporting)
* A status, speed and time to completion report is now printed every minute.
* finally updated the README
v2.9 (FEBRUARY 2004) PRIVATE RELEASE
...
v2.8 (JANUARY 2004) PRIVATE RELEASE
...
v2.7 (JANUARY 2004) PUBLIC RELEASE
* small fix for the parallel host code (thanks to [email protected])
v2.6 (DECEMBER 2003) PUBLIC RELEASE
* fixed a compiling problem for picky compilers.
v2.5 (NOVEMBER 2003) PUBLIC RELEASE
* added a big patch from [email protected] which adds:
- AAA authentication to the cisco-enable module
- Running the attacks on hosts in parallel
- new smbnt module, which uses lanman hashes for authentication, needs libdes
! great work and thanks !
* changed code to compile easily on FreeBSD
* changed configure to compile easily on MacOS X - Panther (cool OS btw ...)
v2.4 (AUGUST 2003) PUBLIC RELEASE
* public release
=== 2.3 stuff===
* added mysql module (thanks to [email protected])
* small fix in vnc (thanks to the Nessus team)
* added credits for vnc-module (FX/Phenolite)
* new ./configure script for better Solaris and *BSD support (copied from amap)
* updated to new email/www addresses => www.thc.org
v2.2 (OCTOBER 2002) PUBLIC RELEASE
* fixed a bug in the -P passwordfile handling ... uhhh ... thanks to all
the many people who reported that bug!
* added check if a password in -P passwordfile was already done via the
-e n|s switch
v2.1 (APRIL 2002) PUBLIC RELEASE
* added ldap cracking mode (thanks to myself, eh ;-)
* added -e option to try null passwords ("-e n") and passwords equal to the
login ("-e s"). When specifying -e, -p/-P is optional (and vice versa)
* when a login is found, hydra will now go on with the next login
v2.0 (APRIL 2002) PRIVATE RELEASE
! with v1.1.14 of Nessus, Hydra is a Nessus plugin!
* incorporated code to make hydra a nessus plugin (thanks to [email protected] !)
* added smb/samba/CIFS cracking mode (thanks to [email protected] !)
* added cisco-enable cracking mode (thanks to [email protected] !)
* minor enhancements and fixes
v1.7 (MARCH 2002) PRIVATE RELEASE
* configure change to better detect OpenSSL
* ported to Solaris
v1.6 (FEBRUARY 2002) PUBLIC RELEASE
* added socks5 support (thanks to [email protected] !)
v1.5 (DECEMBER 2001) PRIVATE RELEASE
* added -S option for SSL support (for all TCP based protocols)
* added -f option to stop attacking once a valid login/pw has been discovered
* made modules more hydra-mod compliant
* configure stuff thrown out - was not really used and too complicated,
wrote my own, lets hope it works everywhere ;-)
v1.4 (DECEMBER 2001) PUBLIC RELEASE
* added REXEC cracking module
* added NNTP cracking module
* added VNC cracking module (plus the 3DES library, which is needed) - some
of the code ripped from FX/Phenolite :-) thanks a lot
* added PCNFS cracking module
* added ICQ cracking module (thanks to ocsic <[email protected]>!!)
* for the pcnfs cracking module, I had to add the hydra_connect_udp function
* added several compactibility stuff to work with all the M$ crap
v1.3 (September 2001) PUBLIC RELEASE
* uh W2K telnetd sends null bytes in negotiation mode. workaround implemented.
* Rewrote the finish functions which would sometimes hang. Shutdowns are faster
now as well.
* Fixed the line count (it was always one to much)
* Put more information in the outpufile (-o)
* Removed some configure crap.
v1.2 (August 2001) PRIVATE RELEASE
* Fixed a BIG bug which resulted in accounts being checked serveral times. ugh
* Fixed the bug which showed the wrong password for a telnet hack. Works for
me. please test.
* Added http basic authentication cracking. Works for me. please test.
* Fixed the ftp cracker module for occasions where a long welcome message was
displayed for ftp.
* Removed some compiler warnings.
v1.1 (May 2001) PUBLIC RELEASE
* Added wait+reconnect functionality to hydra-mod
* Additional wait+reconnect for cisco module
* Added small waittimes to all attack modules to prevent too fast reconnects
* Added cisco Username/Password support to the telnet module
* Fixed a deadlock in the modules, plus an additional one in the telnet module
v1.0 (April 2001) PUBLIC RELEASE
* Verified that all service modules really work, no fix necessary ;-)
... so let's make it public
* Changed the LICENCE
v0.6 (April 2001) PRIVATE RELEASE
* Added hydra-cisco.c for the cisco 3 times "Password:" type
* Added hydra-imap.c for the imap service
* Fixed a bug in hydra-mod.c: empty logins resulted in an empty
hydra_get_next_password() :-(, additionally the blocking/recv works better
now. (no, not better - perfect ;-)
* Fixed a bug in hydra-telnet.c: too many false alarms for success due some
mis-thinking on my side and I also implemented a more flexible checking
* Fixed hydra-ftp.c to allow more weird reactions
* Fixed all ;-) memory leaks
v0.5 (December 2000) PUBLIC RELEASE
* NOTE WE HAVE GOT A NEW WWW ADDRESS -> www.thehackerschoice.com
* added telnet protocol
* exchanged snprintf with sprintf(%.250s) to let it compile on more platforms
but still have buffer overflow protection.
* fixed a bug in Makefile.in (introduced by Plasmo ,-)
v0.4 (August 2000) PUBLIC RELEASE
* Plasmoid added a ./configure script. thanks!
v0.3 (August 2000)
* first release