thc-hydra
thc-hydra copied to clipboard
vanhauser-thc
Empty host
Hi. Problem is that the first 64 pairs pass correctly, all subsequent ones encounter on the 400 error (bad request). I assume that this is due to redirection to an empty host. Request: hydra host -L /home/Login/Login -P /home/Passtest https-form-post -t64 -m "/owa/auth.owa:destination=https%3A%2F%2Fhost%2Fowa%2F&flags=4&forcedownlevel=0&username=ciit/^USER^&password=^PASS^&passwordText=&isUtf8=1:S=private" -I -v example of verbose: [VERBOSE] Page redirected to http://:443/owa/auth/logon.aspx
from debug: [ Error 400. The r ] [ equest hostname ] [ is invalid.
. ] [ .</BODYHTTP request sent:[0A]POST /owa/auth.owa HTTP/1.0[0D][0A]Host: :443I also try in dvwa, the same.
What is the problem?how to fix it?
I have some thoughts on this. It looks like it's in the code 302. for me, the content in this answer is informative and I don't need 302 to be a success (like "2 ="), but at the same time it continued to work. If I understood the code correctly. The problem is that I am not strong in C, and the code is not mine. Is there any way to help me?
Now work. I change redirected_flag = 1; to 0. in 617 line. For me its work now
can you please submit the server reply that results in that error? I can not see what is going wrong otherwise. changing that line is not the right solution to the issue.
I agree, but this is the solution of my case.
here server reply for correct login and pass:
HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://Host/owa/ Server: Microsoft-IIS/8.5 request-id: ac584bdc-803e-49ca-a4d8-8640c56e096f X-AspNet-Version: 4.0.30319 Set-Cookie: here was cookie X-OWA-Version: 15.1.2375.18 X-Powered-By: ASP.NET X-FEServer: DLG-CORE-MAIL02 Date: Wed, 03 Aug 2022 06:35:42 GMT Connection: close Content-Length: 143
and reply for wrong pair:
HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Location: https://Host/owa/auth/logon.aspx?url=https%3a%2f%2fHost%2fowa%2f&reason=2 Server: Microsoft-IIS/8.5 request-id: 88b446f8-8e50-451d-8c5a-2302bb3a7573 X-OWA-Version: 15.1.2375.18 X-Powered-By: ASP.NET X-FEServer: DLG-CORE-MAIL02 Date: Wed, 03 Aug 2022 06:38:47 GMT Connection: close Content-Length: 212
I can not reproduce this. can you please email me the output of the following command to vh(at)thc(dot)org:
hydra -I -v -d -l foo -P /home/Passtest -t1 HOST https-form-post "/owa/auth.owa:destination=https%3A%2F%2Fhost%2Fowa%2F&flags=4&forcedownlevel=0&username=ciit/^USER^&password=^PASS^&passwordText=&isUtf8=1:S=private"
you can abort once the bug triggers. and replace the target host name with HOST (e.g. sed -i 's/target.com/TARGET/g' output.txt)
no I cannot reproduce this and I generate the exact page that your target is generating. are you using not a current version? did you compile from github?
difficult trying to fix a bug I cannot reproduce ... I tried something, can you please get the new github state, recompile and test?
Redirect now work correct, but now it doesn't find the right combinations.
but that is more likely an issue that S= or F= are not set correctly. analyze with -v -t 1 -d
as i say before it work correct for first 64(if i set -t 64), then i change one line and it work absolute correct for me. U sure that i must change f or s?
Ok, maybe u change request logic, i check debug and find that now it was different answer than before and set F and looks like it work. I test more later and I'll let you know. But for now looks like it work
you will know when you debug the issue with the command line options I mentioned. if you do not look what is happenening you wont know