コード例 #1
0
ファイル: hydra-ftp.c プロジェクト: crondaemon/thc-hydra
void service_ftp_core(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname, int32_t tls) {
  int32_t run = 1, next_run = 1, sock = -1;
  int32_t myport = PORT_FTP, mysslport = PORT_FTP_SSL;

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    hydra_child_exit(0);
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
//      usleepn(300);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport, hostname);
        port = mysslport;
      }
      if (sock < 0) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int32_t) getpid());
        hydra_child_exit(1);
      }
      usleepn(250);
      buf = hydra_receive_line(sock);
      if (buf == NULL || buf[0] != '2') {       /* check the first line */
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Not an FTP protocol or service shutdown: %s\n", buf);
        hydra_child_exit(2);
        if (buf != NULL)
          free(buf);
        hydra_child_exit(2);
      }

      while (buf != NULL && strncmp(buf, "220 ", 4) != 0 && strstr(buf, "\n220 ") == NULL) {
        free(buf);
        buf = hydra_receive_line(sock);
      }
      free(buf);

      //this mode is manually chosen, so if it fails we giving up
      if (tls) {
        if (hydra_send(sock, "AUTH TLS\r\n", strlen("AUTH TLS\r\n"), 0) < 0) {
          hydra_child_exit(2);
        }
        buf = hydra_receive_line(sock);
        if (buf == NULL) {
          if (verbose || debug)
            hydra_report(stderr, "[ERROR] Not an FTP protocol or service shutdown: %s\n", buf);
          hydra_child_exit(2);
        }
        if (buf[0] == '2') {
          if ((hydra_connect_to_ssl(sock, hostname) == -1) && verbose) {
            hydra_report(stderr, "[ERROR] Can't use TLS\n");
            hydra_child_exit(2);
          } else {
            if (verbose)
              hydra_report(stderr, "[VERBOSE] TLS connection done\n");
          }
        } else {
          hydra_report(stderr, "[ERROR] TLS negotiation failed %s\n", buf);
          hydra_child_exit(2);
        }
        free(buf);
      }

      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_ftp(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* error exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(2);
    case 4:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(2);
    }
    run = next_run;
  }
}
コード例 #2
0
ファイル: hydra-smtp.c プロジェクト: dummy3k/c-hydra
void service_smtp(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
  int run = 1, next_run = 1, sock = -1, i = 0;
  int myport = PORT_SMTP, mysslport = PORT_SMTP_SSL, disable_tls = 0;

  char *buffer1 = "EHLO hydra\r\n";
  char *buffer2 = "HELO hydra\r\n";

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = myport;
      }
      if (sock < 0) {
        hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }

      /* receive initial header */
      if ((buf = hydra_receive_line(sock)) == NULL)
        hydra_child_exit(2);
      if (strstr(buf, "220") == NULL) {
        hydra_report(stderr, "[WARNING] SMTP does not allow to connect: %s\n", buf);
        free(buf);
        hydra_child_exit(2);
      }
      while (strstr(buf, "220 ") == NULL) {
        free(buf);
        buf = hydra_receive_line(sock);
      }
      free(buf);

      /* send ehlo and receive/ignore reply */
      if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)
        hydra_child_exit(2);

      buf = smtp_read_server_capacity(sock);
      if (buf == NULL)
        hydra_child_exit(2);

#ifdef LIBOPENSSLNEW      
      if (!disable_tls) {
	/* if we got a positive answer */
	if (buf[0] == '2') {
          if (strstr(buf, "STARTTLS") != NULL) {
            hydra_send(sock, "STARTTLS\r\n", strlen("STARTTLS\r\n"), 0);
            free(buf);
            buf = hydra_receive_line(sock);
            if (buf[0] != '2') {
              if (verbose)
                hydra_report(stderr, "[VERBOSE] TLS negotiation failed\n");
            } else {
              free(buf);
              if ((hydra_connect_to_ssl(sock) == -1)) {
        	if (verbose)
                  hydra_report(stderr, "[ERROR] Can't use TLS\n");
                disable_tls = 1;
                run = 1;
                break;
              } else {
        	if (verbose)
                  hydra_report(stderr, "[VERBOSE] TLS connection done\n");
              }
              /* ask again capability request but in TLS mode */
              if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)
        	hydra_child_exit(2);
              buf = smtp_read_server_capacity(sock);
              if (buf == NULL)
        	hydra_child_exit(2);
            }
          }
	}
      }
#endif

      if (buf[0] != '2') {
        if (hydra_send(sock, buffer2, strlen(buffer2), 0) < 0)
          hydra_child_exit(2);

        free(buf);
        buf = smtp_read_server_capacity(sock);

        if (buf == NULL)
          hydra_child_exit(2);
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "NTLM") != NULL)) {
        smtp_auth_mechanism = AUTH_NTLM;
      }
#ifdef LIBOPENSSLNEW
      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "DIGEST-MD5") != NULL)) {
        smtp_auth_mechanism = AUTH_DIGESTMD5;
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "CRAM-MD5") != NULL)) {
        smtp_auth_mechanism = AUTH_CRAMMD5;
      }
#endif

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "PLAIN") != NULL)) {
        smtp_auth_mechanism = AUTH_PLAIN;
      }

      if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
        for (i = 0; i < strlen(miscptr); i++)
          miscptr[i] = (char) toupper((int) miscptr[i]);

        if (strncmp(miscptr, "LOGIN", 5) == 0)
          smtp_auth_mechanism = AUTH_LOGIN;

        if (strncmp(miscptr, "PLAIN", 5) == 0)
          smtp_auth_mechanism = AUTH_PLAIN;

#ifdef LIBOPENSSLNEW
        if (strncmp(miscptr, "CRAM-MD5", 8) == 0)
          smtp_auth_mechanism = AUTH_CRAMMD5;

        if (strncmp(miscptr, "DIGEST-MD5", 10) == 0)
          smtp_auth_mechanism = AUTH_DIGESTMD5;
#endif

        if (strncmp(miscptr, "NTLM", 4) == 0)
          smtp_auth_mechanism = AUTH_NTLM;

      }
      if (verbose) {
        switch (smtp_auth_mechanism) {
        case AUTH_LOGIN:
          hydra_report(stderr, "[VERBOSE] using SMTP LOGIN AUTH mechanism\n");
          break;
        case AUTH_PLAIN:
          hydra_report(stderr, "[VERBOSE] using SMTP PLAIN AUTH mechanism\n");
          break;
#ifdef LIBOPENSSLNEW
        case AUTH_CRAMMD5:
          hydra_report(stderr, "[VERBOSE] using SMTP CRAM-MD5 AUTH mechanism\n");
          break;
        case AUTH_DIGESTMD5:
          hydra_report(stderr, "[VERBOSE] using SMTP DIGEST-MD5 AUTH mechanism\n");
          break;
#endif
        case AUTH_NTLM:
          hydra_report(stderr, "[VERBOSE] using SMTP NTLM AUTH mechanism\n");
          break;
        }
      }
      free(buf);
      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_smtp(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* clean exit */
      if (sock >= 0) {
        sock = hydra_disconnect(sock);
      }
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(0);
    }
    run = next_run;
  }
}
コード例 #3
0
void service_pop3(char *ip, int sp, unsigned char options, char *miscptr, FILE *fp, int port) {
  int run = 1, next_run = 1, sock = -1, i;
  char *ptr = NULL;

  //extract data from the pool, ip is the key
  if (plist == NULL)
    if (service_pop3_init(ip, sp, options, miscptr, fp, port) != 0)
      hydra_child_exit(2);
  p = list_find(ip);
  if (p == NULL) {
    hydra_report(stderr, "[ERROR] Could not find ip %s in pool\n", hydra_address2string(ip));
    return;
  }
  if (list_remove(p) != 0)
    hydra_report(stderr, "[ERROR] Could not find ip %s in pool to free memory\n", hydra_address2string(ip));

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;


  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */

      if (sock >= 0)
         sock = hydra_disconnect(sock);
 //      usleep(300000);
       if ((options & OPTION_SSL) == 0) {
         sock = hydra_connect_tcp(ip, port);
       } else {
         sock = hydra_connect_ssl(ip, port);
       }
       if (sock < 0) {
         if (verbose || debug)
           hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
         hydra_child_exit(1);
       }
       buf = hydra_receive_line(sock);
       if (buf == NULL || buf[0] != '+') {       /* check the first line */
         if (verbose || debug) hydra_report(stderr, "[ERROR] Not an POP3 protocol or service shutdown: %s\n", buf);
         hydra_child_exit(2);
       }

       ptr = strstr(buf, "<");
       if (ptr != NULL && buf[0] == '+') {
         if (ptr[strlen(ptr) - 1] == '\n')
           ptr[strlen(ptr) - 1] = 0;
         if (ptr[strlen(ptr) - 1] == '\r')
           ptr[strlen(ptr) - 1] = 0;
         strcpy(apop_challenge, ptr);
       }
       free(buf);

#ifdef LIBOPENSSL
       if (!p->disable_tls) {
	 /* check for STARTTLS, if available we may have access to more basic auth methods */
         hydra_send(sock, "STLS\r\n", strlen("STLS\r\n"), 0);
	 buf = hydra_receive_line(sock);
	 if (buf[0] != '+') {
               hydra_report(stderr, "[ERROR] TLS negotiation failed, no answer received from STARTTLS request\n");
	 } else {
           free(buf);
           if ((hydra_connect_to_ssl(sock) == -1)) {
             if (verbose)
               hydra_report(stderr, "[ERROR] Can't use TLS\n");
             p->disable_tls = 1;
           }
	   else {
             if (verbose)
               hydra_report(stderr, "[VERBOSE] TLS connection done\n");
           }
	 }
       }
#endif

      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_pop3(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    case 4:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(2);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(0);
    }
    run = next_run;
  }
}
コード例 #4
0
int service_pop3_init(char *ip, int sp, unsigned char options, char *miscptr, FILE *fp, int port) {
  int myport = PORT_POP3, mysslport = PORT_POP3_SSL;
  char *ptr = NULL;
  int sock = -1;
  char *capa_str = "CAPA\r\n";
  char *quit_str = "QUIT\r\n";
  pool p;

  p.pop3_auth_mechanism=AUTH_CLEAR;
  p.disable_tls = 1;
  memcpy(p.ip, ip, 36);

  if (sock >= 0)
    sock = hydra_disconnect(sock);
//      usleep(300000);
  if ((options & OPTION_SSL) == 0) {
    if (port != 0)
      myport = port;
    sock = hydra_connect_tcp(p.ip, myport);
  } else {
    if (port != 0)
      mysslport = port;
    sock = hydra_connect_ssl(p.ip, mysslport);
  }
  if (sock < 0) {
    if (verbose || debug)
      hydra_report(stderr, "[ERROR] pid %d terminating, can not connect\n", (int) getpid());
    return -1;
  }
  buf = hydra_receive_line(sock);
  if (buf == NULL || buf[0] != '+') {       /* check the first line */
    if (verbose || debug)
      hydra_report(stderr, "[ERROR] Not an POP3 protocol or service shutdown: %s\n", buf);
    return -1;
  }

  ptr = strstr(buf, "<");
  if (ptr != NULL && buf[0] == '+') {
    if (ptr[strlen(ptr) - 1] == '\n')
      ptr[strlen(ptr) - 1] = 0;
    if (ptr[strlen(ptr) - 1] == '\r')
      ptr[strlen(ptr) - 1] = 0;
    strcpy(apop_challenge, ptr);
  }
  free(buf);

  /* send capability request */
  if (hydra_send(sock, capa_str, strlen(capa_str), 0) < 0) {  
    if (verbose || debug)
      hydra_report(stderr, "[ERROR] Can not send the CAPABILITY request\n");
    return -1;
  }

  buf = pop3_read_server_capacity(sock);

  if (buf == NULL) {
    hydra_report(stderr, "[ERROR] No answer from CAPABILITY request\n");
    return -1;
  }

  if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
    int i;

    for (i = 0; i < strlen(miscptr); i++)
      miscptr[i] = (char) toupper((int) miscptr[i]);

    if (strstr(miscptr, "TLS") || strstr(miscptr, "SSL")) {
      p.disable_tls = 0;
    }
  }


#ifdef LIBOPENSSL
  if (!p.disable_tls) {
    /* check for STARTTLS, if available we may have access to more basic auth methods */
    if (strstr(buf, "STLS") != NULL) {
      hydra_send(sock, "STLS\r\n", strlen("STLS\r\n"), 0);
      free(buf);
      buf = hydra_receive_line(sock);
      if (buf[0] != '+') {
          hydra_report(stderr, "[ERROR] TLS negotiation failed, no answer received from STARTTLS request\n");
      } else {
        free(buf);
        if ((hydra_connect_to_ssl(sock) == -1)) {
          if (verbose)
            hydra_report(stderr, "[ERROR] Can't use TLS\n");
          p.disable_tls = 1;
        } else {
          if (verbose)
            hydra_report(stderr, "[VERBOSE] TLS connection done\n");
        }
        if (!p.disable_tls) {
          /* ask again capability request but in TLS mode */
          if (hydra_send(sock, capa_str, strlen(capa_str), 0) < 0) {
            if (verbose || debug)
              hydra_report(stderr, "[ERROR] Can not send the CAPABILITY request\n");
            return -1;
          }
          buf = pop3_read_server_capacity(sock);
          if (buf == NULL) {
            hydra_report(stderr, "[ERROR] No answer from CAPABILITY request\n");
            return -1;
          }
	}
      }
    } else
      hydra_report(stderr, "[ERROR] option to use TLS/SSL failed as it is not supported by the server\n");
  }
#endif

  if (hydra_send(sock, quit_str, strlen(quit_str), 0) < 0) {
  //we dont care if the server is not receiving the quit msg
  }
  hydra_disconnect(sock);


  if (verbose)
    hydra_report(stderr, "[VERBOSE] CAPABILITY: %s", buf);

 /* example:
 +OK Capability list follows:
 TOP
 LOGIN-DELAY 180
 UIDL
 USER
 SASL PLAIN LOGIN
 */

 /* according to rfc 2449:
    The POP3 AUTH command [POP-AUTH] permits the use of [SASL]
    authentication mechanisms with POP3.  The SASL capability
    indicates that the AUTH command is available and that it supports
    an optional base64 encoded second argument for an initial client
    response as described in the SASL specification.  The argument to
    the SASL capability is a space separated list of SASL mechanisms
    which are supported.
 */

  /* which mean threre will *always* have a space before the LOGIN auth keyword */
  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "NTLM") != NULL)) {
    p.pop3_auth_mechanism = AUTH_NTLM;
  }
#ifdef LIBOPENSSL
  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "DIGEST-MD5") != NULL)) {
    p.pop3_auth_mechanism = AUTH_DIGESTMD5;
  }

  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "CRAM-SHA256") != NULL)) {
    p.pop3_auth_mechanism = AUTH_CRAMSHA256;
  }

  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "CRAM-SHA1") != NULL)) {
    p.pop3_auth_mechanism = AUTH_CRAMSHA1;
  }

  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "CRAM-MD5") != NULL)) {
    p.pop3_auth_mechanism = AUTH_CRAMMD5;
  }
#endif

  if ((strstr(buf, " LOGIN") == NULL) && (strstr(buf, "PLAIN") != NULL)) {
    p.pop3_auth_mechanism = AUTH_PLAIN;
  }

  if (strstr(buf, " LOGIN") != NULL) {
    p.pop3_auth_mechanism = AUTH_LOGIN;
  }

  if (strstr(buf, "SASL") == NULL) {
#ifdef LIBOPENSSL
    if (strlen(apop_challenge) == 0) {
      p.pop3_auth_mechanism = AUTH_CLEAR;
    } else {
      p.pop3_auth_mechanism = AUTH_APOP;
    }
#else
    p.pop3_auth_mechanism = AUTH_CLEAR;
#endif

  }
  free(buf);

  if ((miscptr != NULL) && (strlen(miscptr) > 0)) {

    if (strstr(miscptr, "CLEAR"))
      p.pop3_auth_mechanism = AUTH_CLEAR;

    if (strstr(miscptr, "LOGIN"))
      p.pop3_auth_mechanism = AUTH_LOGIN;

    if (strstr(miscptr, "PLAIN"))
      p.pop3_auth_mechanism = AUTH_PLAIN;

#ifdef LIBOPENSSL
    if (strstr(miscptr, "APOP"))
      p.pop3_auth_mechanism = AUTH_APOP;

    if (strstr(miscptr, "CRAM-MD5"))
      p.pop3_auth_mechanism = AUTH_CRAMMD5;

    if (strstr(miscptr, "CRAM-SHA1"))
      p.pop3_auth_mechanism = AUTH_CRAMSHA1;

    if (strstr(miscptr, "CRAM-SHA256"))
      p.pop3_auth_mechanism = AUTH_CRAMSHA256;

    if (strstr(miscptr, "DIGEST-MD5"))
      p.pop3_auth_mechanism = AUTH_DIGESTMD5;
#endif

    if (strstr(miscptr, "NTLM"))
      p.pop3_auth_mechanism = AUTH_NTLM;

  }

  if (verbose) {
    switch (p.pop3_auth_mechanism) {
    case AUTH_CLEAR:
      hydra_report(stderr, "[VERBOSE] using POP3 CLEAR LOGIN mechanism\n");
      break;
    case AUTH_LOGIN:
      hydra_report(stderr, "[VERBOSE] using POP3 LOGIN AUTH mechanism\n");
      break;
    case AUTH_PLAIN:
      hydra_report(stderr, "[VERBOSE] using POP3 PLAIN AUTH mechanism\n");
      break;
    case AUTH_APOP:
#ifdef LIBOPENSSL
      if (strlen(apop_challenge) == 0) {
        hydra_report(stderr, "[VERBOSE] APOP not supported by server, using clear login\n");
        p.pop3_auth_mechanism = AUTH_CLEAR;
      } else {
        hydra_report(stderr, "[VERBOSE] using POP3 APOP AUTH mechanism\n");
      }
#else
      p.pop3_auth_mechanism = AUTH_CLEAR;
#endif
      break;
#ifdef LIBOPENSSL
    case AUTH_CRAMMD5:
      hydra_report(stderr, "[VERBOSE] using POP3 CRAM-MD5 AUTH mechanism\n");
      break;
    case AUTH_CRAMSHA1:
      hydra_report(stderr, "[VERBOSE] using POP3 CRAM-SHA1 AUTH mechanism\n");
      break;
    case AUTH_CRAMSHA256:
      hydra_report(stderr, "[VERBOSE] using POP3 CRAM-SHA256 AUTH mechanism\n");
      break;
    case AUTH_DIGESTMD5:
      hydra_report(stderr, "[VERBOSE] using POP3 DIGEST-MD5 AUTH mechanism\n");
      break;
#endif
    case AUTH_NTLM:
      hydra_report(stderr, "[VERBOSE] using POP3 NTLM AUTH mechanism\n");
      break;

    }
  }

  if(!plist)
    plist=list_create(p);
  else 
    plist=list_insert(p);

  return 0;
}
コード例 #5
0
ファイル: hydra-ldap.c プロジェクト: fatman2021/hydra
void service_ldap(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port, char version, int auth_method) {
  int run = 1, next_run = 1, sock = -1;
  int myport = PORT_LDAP, mysslport = PORT_LDAP_SSL;

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
//      usleep(275000);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = mysslport;
      }
      if (sock < 0) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }
      counter = 1;
      if (tls_required) {
        /* Start TLS operation OID = 1.3.6.1.4.1.1466.20037 according to RFC 2830 */
        char confidentiality_required[] = "\x30\x1d\x02\x01\x01\x77\x18\x80\x16\x31\x2e\x33\x2e\x36\x2e\x31\x2e\x34\x2e\x31\x2e\x31\x34\x36\x36\x2e\x32\x30\x30\x33\x37";

        if (hydra_send(sock, confidentiality_required, strlen(confidentiality_required), 0) < 0)
          hydra_child_exit(1);

        if ((buf = (unsigned char*) hydra_receive_line(sock)) == NULL)
          hydra_child_exit(1);

        if ((buf[0] != 0 && buf[9] == 0) || (buf[0] != 32 && buf[9] == 32)) {
          /* TLS option negociation goes well, now trying to connect */
          if ((hydra_connect_to_ssl(sock) == -1) && verbose) {
            hydra_report(stderr, "[ERROR] Can't use TLS\n");
            hydra_child_exit(1);
          } else {
            if (verbose)
              hydra_report(stderr, "[VERBOSE] TLS connection done\n");
            counter++;
          }
        } else {
          hydra_report(stderr, "[ERROR] Can't use TLS %s\n", buf);
          hydra_child_exit(1);
        }
      }
      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_ldap(sock, ip, port, options, miscptr, fp, version, auth_method);
      counter++;
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(2);
    }
    run = next_run;
  }
}
コード例 #6
0
ファイル: hydra-imap.c プロジェクト: dummy3k/c-hydra
void service_imap(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
  int run = 1, next_run = 1, sock = -1;
  int myport = PORT_IMAP, mysslport = PORT_IMAP_SSL, disable_tls = 0;
  char *buffer1 = "1 CAPABILITY\r\n";

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
//      usleep(275000);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = mysslport;
      }
      if (sock < 0) {
        hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }
      buf = hydra_receive_line(sock);

      if ((buf == NULL) || (strstr(buf, "OK") == NULL && buf[0] != '*')) {      /* check the first line */
        if (verbose || debug) hydra_report(stderr, "[ERROR] Not an IMAP protocol or service shutdown:\n");
        if (buf != NULL)
          free(buf);
        hydra_child_exit(2);
      }
      free(buf);
      /* send capability request */
      if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)
        exit(-1);
      counter = 2;
      buf = imap_read_server_capacity(sock);

      if (buf == NULL) {
        hydra_child_exit(2);
      }
#ifdef LIBOPENSSLNEW
      if (!disable_tls) {
	/* check for STARTTLS, if available we may have access to more basic auth methods */
	if (strstr(buf, "STARTTLS") != NULL) {
          hydra_send(sock, "2 STARTTLS\r\n", strlen("2 STARTTLS\r\n"), 0);
          counter++;
          free(buf);
          buf = hydra_receive_line(sock);
          if (buf == NULL || (strstr(buf, " NO ") != NULL || strstr(buf, "failed") != NULL || strstr(buf, " BAD ") != NULL)) {
            if (verbose)
              hydra_report(stderr, "[VERBOSE] TLS negotiation failed\n");
          } else {
            free(buf);
            if ((hydra_connect_to_ssl(sock) == -1)) {
              if (verbose)
        	hydra_report(stderr, "[ERROR] Can't use TLS\n");
              disable_tls = 1;
              run = 1;
              break;
            } else {
              if (verbose)
        	hydra_report(stderr, "[VERBOSE] TLS connection done\n");
            }
            /* ask again capability request but in TLS mode */
            if (hydra_send(sock, "3 CAPABILITY\r\n", strlen("3 CAPABILITY\r\n"), 0) < 0)
              hydra_child_exit(2);
            buf = imap_read_server_capacity(sock);
            counter++;
            if (buf == NULL)
              hydra_child_exit(2);
          }
	}
      }
#endif

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "NTLM") != NULL)) {
        imap_auth_mechanism = AUTH_NTLM;
      }
#ifdef LIBOPENSSLNEW
      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "SCRAM-SHA-1") != NULL)) {
        imap_auth_mechanism = AUTH_SCRAMSHA1;
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "DIGEST-MD5") != NULL)) {
        imap_auth_mechanism = AUTH_DIGESTMD5;
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "CRAM-SHA256") != NULL)) {
        imap_auth_mechanism = AUTH_CRAMSHA256;
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "CRAM-SHA1") != NULL)) {
        imap_auth_mechanism = AUTH_CRAMSHA1;
      }

      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "CRAM-MD5") != NULL)) {
        imap_auth_mechanism = AUTH_CRAMMD5;
      }
#endif
      if ((strstr(buf, "LOGIN") == NULL) && (strstr(buf, "PLAIN") != NULL)) {
        imap_auth_mechanism = AUTH_PLAIN;
      }

      if (strstr(buf, "LOGIN") != NULL) {
        imap_auth_mechanism = AUTH_LOGIN;
      }
      free(buf);

      if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
        int i;

        for (i = 0; i < strlen(miscptr); i++)
          miscptr[i] = (char) toupper((int) miscptr[i]);

        if (strncmp(miscptr, "CLEAR", 5) == 0)
          imap_auth_mechanism = AUTH_CLEAR;

        if (strncmp(miscptr, "LOGIN", 5) == 0)
          imap_auth_mechanism = AUTH_LOGIN;

        if (strncmp(miscptr, "PLAIN", 5) == 0)
          imap_auth_mechanism = AUTH_PLAIN;

#ifdef LIBOPENSSLNEW
        if (strncmp(miscptr, "CRAM-MD5", 8) == 0)
          imap_auth_mechanism = AUTH_CRAMMD5;

        if (strncmp(miscptr, "CRAM-SHA1", 9) == 0)
          imap_auth_mechanism = AUTH_CRAMSHA1;

        if (strncmp(miscptr, "CRAM-SHA256", 11) == 0)
          imap_auth_mechanism = AUTH_CRAMSHA256;

        if (strncmp(miscptr, "DIGEST-MD5", 10) == 0)
          imap_auth_mechanism = AUTH_DIGESTMD5;

        if (strncmp(miscptr, "SCRAM-SHA1", 10) == 0)
          imap_auth_mechanism = AUTH_SCRAMSHA1;

#endif
        if (strncmp(miscptr, "NTLM", 4) == 0)
          imap_auth_mechanism = AUTH_NTLM;
      }

      if (verbose) {
        switch (imap_auth_mechanism) {
        case AUTH_CLEAR:
          hydra_report(stderr, "[VERBOSE] using IMAP CLEAR LOGIN mechanism\n");
          break;
        case AUTH_LOGIN:
          hydra_report(stderr, "[VERBOSE] using IMAP LOGIN AUTH mechanism\n");
          break;
        case AUTH_PLAIN:
          hydra_report(stderr, "[VERBOSE] using IMAP PLAIN AUTH mechanism\n");
          break;
#ifdef LIBOPENSSLNEW
        case AUTH_CRAMMD5:
          hydra_report(stderr, "[VERBOSE] using IMAP CRAM-MD5 AUTH mechanism\n");
          break;
        case AUTH_CRAMSHA1:
          hydra_report(stderr, "[VERBOSE] using IMAP CRAM-SHA1 AUTH mechanism\n");
          break;
        case AUTH_CRAMSHA256:
          hydra_report(stderr, "[VERBOSE] using IMAP CRAM-SHA256 AUTH mechanism\n");
          break;
        case AUTH_DIGESTMD5:
          hydra_report(stderr, "[VERBOSE] using IMAP DIGEST-MD5 AUTH mechanism\n");
          break;
        case AUTH_SCRAMSHA1:
          hydra_report(stderr, "[VERBOSE] using IMAP SCRAM-SHA1 AUTH mechanism\n");
          break;
#endif
        case AUTH_NTLM:
          hydra_report(stderr, "[VERBOSE] using IMAP NTLM AUTH mechanism\n");
          break;
        }
      }

      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_imap(sock, ip, port, options, miscptr, fp);
      counter++;
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(2);
    }
    run = next_run;
  }
}
コード例 #7
0
void service_nntp(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
  int i = 0, run = 1, next_run = 1, sock = -1;
  int myport = PORT_NNTP, mysslport = PORT_NNTP_SSL, disable_tls = 0;
  char *buffer1 = "CAPABILITIES\r\n";

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
//      usleep(300000);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = mysslport;
      }
      if (sock < 0) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }
//      usleep(300000);
      buf = hydra_receive_line(sock);
      if (buf == NULL || buf[0] != '2') {       /* check the first line */
        if (verbose || debug) hydra_report(stderr, "[ERROR] Not an NNTP protocol or service shutdown: %s\n", buf);
        hydra_child_exit(2);
      }
      free(buf);

      /* send capability request */
      if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)
        hydra_child_exit(2);
      buf = nntp_read_server_capacity(sock);

      if (buf == NULL) {
        hydra_child_exit(2);
      }
#ifdef LIBOPENSSL
      if (!disable_tls) {
	/* if we got a positive answer */
	if (strstr(buf, "STARTTLS") != NULL) {
          hydra_send(sock, "STARTTLS\r\n", strlen("STARTTLS\r\n"), 0);
          free(buf);
          buf = hydra_receive_line(sock);

          /* 382 Begin TLS negotiation now */
          if (buf == NULL || strstr(buf, "382") == NULL) {
            if (verbose)
              hydra_report(stderr, "[VERBOSE] TLS negotiation failed\n");
          } else {
            free(buf);
            if ((hydra_connect_to_ssl(sock) == -1)) {
              if (verbose)
        	hydra_report(stderr, "[ERROR] Can't use TLS\n");
              disable_tls = 1;
              run = 1;
              break;
            } else {
              if (verbose)
        	hydra_report(stderr, "[VERBOSE] TLS connection done\n");
            }
            /* ask again capability request but in TLS mode */
            if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)
              hydra_child_exit(2);
            /* we asking again cause often plain and login can only
               be negociate in SSL tunnel
             */
            buf = nntp_read_server_capacity(sock);
            if (buf == NULL) {
              hydra_child_exit(2);
            }
          }
	}
      }
#endif

/*  
AUTHINFO USER SASL
SASL PLAIN DIGEST-MD5 LOGIN NTLM CRAM-MD5
*/

#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "SASL\\s.*NTLM")) {
#else
      if (strstr(buf, "NTLM") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_NTLM;
      }
#ifdef LIBOPENSSL

#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "SASL\\s.*DIGEST-MD5")) {
#else
      if (strstr(buf, "DIGEST-MD5") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_DIGESTMD5;
      }
#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "SASL\\s.*CRAM-MD5")) {
#else
      if (strstr(buf, "CRAM-MD5") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_CRAMMD5;
      }
#endif
#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "SASL\\s.*PLAIN")) {
#else
      if (strstr(buf, "PLAIN") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_PLAIN;
      }
#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "SASL\\s.*LOGIN")) {
#else
      if (strstr(buf, "LOGIN") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_LOGIN;
      }
#ifdef HAVE_PCRE
      if (hydra_string_match(buf, "AUTHINFO\\sUSER")) {
#else
      if (strstr(buf, "AUTHINFO USER") != NULL) {
#endif
        nntp_auth_mechanism = AUTH_CLEAR;
      }

      if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
        for (i = 0; i < strlen(miscptr); i++)
          miscptr[i] = (char) toupper((int) miscptr[i]);

        if (strncmp(miscptr, "USER", 4) == 0)
          nntp_auth_mechanism = AUTH_CLEAR;

        if (strncmp(miscptr, "LOGIN", 5) == 0)
          nntp_auth_mechanism = AUTH_LOGIN;

        if (strncmp(miscptr, "PLAIN", 5) == 0)
          nntp_auth_mechanism = AUTH_PLAIN;

#ifdef LIBOPENSSL
        if (strncmp(miscptr, "CRAM-MD5", 8) == 0)
          nntp_auth_mechanism = AUTH_CRAMMD5;

        if (strncmp(miscptr, "DIGEST-MD5", 10) == 0)
          nntp_auth_mechanism = AUTH_DIGESTMD5;
#endif

        if (strncmp(miscptr, "NTLM", 4) == 0)
          nntp_auth_mechanism = AUTH_NTLM;

      }
      if (verbose) {
        switch (nntp_auth_mechanism) {
        case AUTH_CLEAR:
          hydra_report(stderr, "[VERBOSE] using NNTP AUTHINFO USER mechanism\n");
          break;
        case AUTH_LOGIN:
          hydra_report(stderr, "[VERBOSE] using NNTP LOGIN AUTH mechanism\n");
          break;
        case AUTH_PLAIN:
          hydra_report(stderr, "[VERBOSE] using NNTP PLAIN AUTH mechanism\n");
          break;
#ifdef LIBOPENSSL
        case AUTH_CRAMMD5:
          hydra_report(stderr, "[VERBOSE] using NNTP CRAM-MD5 AUTH mechanism\n");
          break;
        case AUTH_DIGESTMD5:
          hydra_report(stderr, "[VERBOSE] using NNTP DIGEST-MD5 AUTH mechanism\n");
          break;
#endif
        case AUTH_NTLM:
          hydra_report(stderr, "[VERBOSE] using NNTP NTLM AUTH mechanism\n");
          break;
        }
      }
      usleep(25000);
      free(buf);
      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_nntp(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(0);
    }
    run = next_run;
  }
}

int service_nntp_init(char *ip, int sp, unsigned char options, char *miscptr, FILE *fp, int port) {
  // called before the childrens are forked off, so this is the function
  // which should be filled if initial connections and service setup has to be
  // performed once only.
  //
  // fill if needed.
  // 
  // return codes:
  //   0 all OK
  //   -1  error, hydra will exit, so print a good error message here

  return 0;
}
コード例 #8
0
ファイル: hydra-vmauthd.c プロジェクト: fatman2021/hydra
void service_vmauthd(char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
  int run = 1, next_run = 1, sock = -1;
  int myport = PORT_VMAUTHD, mysslport = PORT_VMAUTHD_SSL;

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
//      usleep(300000);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = myport;
      }

      if (sock < 0) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }
      buf = hydra_receive_line(sock);
//fprintf(stderr, "%s\n",buf);
//220 VMware Authentication Daemon Version 1.00
//220 VMware Authentication Daemon Version 1.10: SSL Required
//220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC ,

      if (buf == NULL || strstr(buf, "220 VMware Authentication Daemon Version ") == NULL) {
        /* check the first line */
        if (verbose || debug) hydra_report(stderr, "[ERROR] Not an vmware authd protocol or service shutdown: %s\n", buf);
        hydra_child_exit(2);
      }
      if ((strstr(buf, "Version 1.00") == NULL) && (strstr(buf, "Version 1.10") == NULL)) {
        free(buf);
        hydra_report(stderr, "[ERROR] this vmware authd protocol is not supported, please report: %s\n", buf);
        hydra_child_exit(2);
      }
      //by default this service is waiting for ssl connections      
      if (strstr(buf, "SSL Required") != NULL) {
        if ((options & OPTION_SSL) == 0) {
          //reconnecting using SSL
          if (hydra_connect_to_ssl(sock) == -1) {
            free(buf);
            hydra_report(stderr, "[ERROR] Can't use SSL\n");
            hydra_child_exit(2);
          }
        }
      }
      free(buf);

      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_vmauthd(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(0);
    }
    run = next_run;
  }
}
コード例 #9
0
void service_xmpp(char *target, char *ip, int sp, unsigned char options, char *miscptr, FILE * fp, int port) {
  int run = 1, next_run = 1, sock = -1, tls = 0;
  char buffer[500];
  int myport = PORT_XMPP, mysslport = PORT_XMPP_SSL, disable_tls = 0;
  char *enddomain = NULL;

  //we have to pass the target here as the reverse dns resolution is not working for some servers
  //try to extract only the domain name from the target
  //so for o.nimbuzz.com will get nimbuzz.com
  //and hermes.jabber.org will get jabber.org

  domain = strchr(target, '.');
  if (!domain) {
    hydra_report(stderr, "[ERROR] can't extract the domain name, you have to specify a fqdn xmpp server, the domain name will be used in the jabber init request\n");
    hydra_child_exit(1);
  }

  enddomain = strrchr(target, '.');
  //check if target is not already a domain name aka only . char in the string
  if (enddomain && (enddomain == domain)) {
    domain = target;
  } else {
    //moving to pass the . char
    domain = domain + 1;
  }

  hydra_register_socket(sp);
  if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
    return;
  while (1) {
    switch (run) {
    case 1:                    /* connect and service init function */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      if ((options & OPTION_SSL) == 0) {
        if (port != 0)
          myport = port;
        sock = hydra_connect_tcp(ip, myport);
        port = myport;
      } else {
        if (port != 0)
          mysslport = port;
        sock = hydra_connect_ssl(ip, mysslport);
        port = mysslport;
      }
      if (sock < 0) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Child with pid %d terminating, can not connect\n", (int) getpid());
        hydra_child_exit(1);
      }
      memset(buffer, 0, sizeof(buffer));
      snprintf(buffer, sizeof(buffer), "%s%s%s", JABBER_CLIENT_INIT_STR, domain, JABBER_CLIENT_INIT_END_STR);
      if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {
        hydra_child_exit(1);
      }
      //some server is longer to answer
      usleep(300000);
      buf = hydra_receive_line(sock);

      if (buf == NULL)
        hydra_child_exit(1);

      if (strstr(buf, "<stream:stream") == NULL) {
        if (verbose || debug)
          hydra_report(stderr, "[ERROR] Not an xmpp protocol or service shutdown: %s\n", buf);
        free(buf);
        hydra_child_exit(1);
      }

      if (strstr(buf, "<stream:error")) {
        if (strstr(buf, "<host-unknown"))
          hydra_report(stderr, "[ERROR] %s host unknown, you have to specify a fqdn xmpp server, the domain name will be used in the jabber init request : %s\n", domain, buf);
        else
          hydra_report(stderr, "[ERROR] xmpp protocol : %s\n", buf);
        free(buf);
        hydra_child_exit(1);
      }

      /* try to identify which features is supported */
      if (strstr(buf, ":xmpp-tls") != NULL) {
        tls = 1;
      }

      if (strstr(buf, ":xmpp-sasl") != NULL) {
        if (strstr(buf, "<mechanism>SCRAM-SHA-1</mechanism>") != NULL) {
          xmpp_auth_mechanism = AUTH_SCRAMSHA1;
        }
        if (strstr(buf, "<mechanism>CRAM-MD5</mechanism>") != NULL) {
          xmpp_auth_mechanism = AUTH_CRAMMD5;
        }
        if (strstr(buf, "<mechanism>DIGEST-MD5</mechanism>") != NULL) {
          xmpp_auth_mechanism = AUTH_DIGESTMD5;
        }
        if (strstr(buf, "<mechanism>PLAIN</mechanism>") != NULL) {
          xmpp_auth_mechanism = AUTH_PLAIN;
        }
        if (strstr(buf, "<mechanism>LOGIN</mechanism>") != NULL) {
          xmpp_auth_mechanism = AUTH_LOGIN;
        }
      }
      if (xmpp_auth_mechanism == AUTH_ERROR) {
        /* no auth method identified */
        hydra_report(stderr, "[ERROR] no authentication methods can be identified %s\n", buf);
        free(buf);
        hydra_child_exit(1);
      }
      free(buf);

      if ((miscptr != NULL) && (strlen(miscptr) > 0)) {
        int i;

        for (i = 0; i < strlen(miscptr); i++)
          miscptr[i] = (char) toupper((int) miscptr[i]);

        if (strncmp(miscptr, "LOGIN", 5) == 0)
          xmpp_auth_mechanism = AUTH_LOGIN;

        if (strncmp(miscptr, "PLAIN", 5) == 0)
          xmpp_auth_mechanism = AUTH_PLAIN;

#ifdef LIBOPENSSL
        if (strncmp(miscptr, "CRAM-MD5", 8) == 0)
          xmpp_auth_mechanism = AUTH_CRAMMD5;

        if (strncmp(miscptr, "SCRAM-SHA1", 10) == 0)
          xmpp_auth_mechanism = AUTH_SCRAMSHA1;

        if (strncmp(miscptr, "DIGEST-MD5", 10) == 0)
          xmpp_auth_mechanism = AUTH_DIGESTMD5;
#endif
      }

      if (verbose) {
        switch (xmpp_auth_mechanism) {
        case AUTH_LOGIN:
          hydra_report(stderr, "[VERBOSE] using XMPP LOGIN AUTH mechanism\n");
          break;
        case AUTH_PLAIN:
          hydra_report(stderr, "[VERBOSE] using XMPP PLAIN AUTH mechanism\n");
          break;
#ifdef LIBOPENSSL
        case AUTH_CRAMMD5:
          hydra_report(stderr, "[VERBOSE] using XMPP CRAM-MD5 AUTH mechanism\n");
          break;
        case AUTH_SCRAMSHA1:
          hydra_report(stderr, "[VERBOSE] using XMPP SCRAM-SHA1 AUTH mechanism\n");
          break;
        case AUTH_DIGESTMD5:
          hydra_report(stderr, "[VERBOSE] using XMPP DIGEST-MD5 AUTH mechanism\n");
          break;
#endif
        }
      }
#ifdef LIBOPENSSL
      //check if tls is not wanted and if tls is available
      if (!disable_tls && tls) {
        char *STARTTLS = "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>";

        hydra_send(sock, STARTTLS, strlen(STARTTLS), 0);
        usleep(300000);
        buf = hydra_receive_line(sock);

        if (buf == NULL || strstr(buf, "<failure") != NULL) {
          if (verbose)
            hydra_report(stderr, "[VERBOSE] TLS negotiation failed\n");
        } else {
          free(buf);
          if ((hydra_connect_to_ssl(sock) == -1)) {
            if (verbose)
              hydra_report(stderr, "[ERROR] Can't use TLS\n");
            disable_tls = 1;
            run = 1;
            break;
          } else {
            if (verbose)
              hydra_report(stderr, "[VERBOSE] TLS connection done\n");
          }
          /* we have to resend the init stream */
          memset(buffer, 0, sizeof(buffer));
          snprintf(buffer, sizeof(buffer), "%s%s%s", JABBER_CLIENT_INIT_STR, domain, JABBER_CLIENT_INIT_END_STR);
          if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {
            hydra_child_exit(1);
          }
          //some server is longer to answer
          usleep(300000);
          buf = hydra_receive_line(sock);
          if ((buf == NULL) || (strstr(buf, "<stream:stream") == NULL))
            hydra_child_exit(1);
        }
        free(buf);
      }
#endif
      next_run = 2;
      break;
    case 2:                    /* run the cracking function */
      next_run = start_xmpp(sock, ip, port, options, miscptr, fp);
      break;
    case 3:                    /* clean exit */
      if (sock >= 0)
        sock = hydra_disconnect(sock);
      hydra_child_exit(0);
      return;
    default:
      hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
      hydra_child_exit(2);
    }
    run = next_run;
  }
}