Comments (14)
commented on July 20, 2024
2
Describe the bug
I can't run it at windows
Steps to reproduce the behavior:
nothing happened in windows 10
Screenshots
Crash back all the times
Desktop (please complete the following information):
- Windows OS 2020H2
- your new version
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
Can you paste the command you used ?
from thc-hydra-windows.
Reelix
commented on July 20, 2024
hydra -d -w 5 -L usernames.txt -e snr -o found.txt -M ips.txt ssh
It goes through around 60-70 IP's (A list of 1.5k) then crashes.
The final line being
[INFO] Testing if password authentication is supported by ssh://[email protected]:22
0 [main] hydra 603 cygwin_exception::open_stackdumpfile: Dumping stack trace to hydra.exe.stackdump
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
Could you try to run the same command with several pre-v9.0 releases, to see whether it crashes or not ?
https://github.com/maaaaz/thc-hydra-windows/releases
I suspect a change for the SSH library.
from thc-hydra-windows.
Reelix
commented on July 20, 2024
Could you try to run the same command with several pre-v9.0 releases, to see whether it crashes or not ?
8.5 doesn't have the issue - Should I try on the 8.7 dev release?
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
Yes, if you can.
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
@Reelix, here is a build of hydra v9.1 with another version of libssh, using the one from mingw64 project (https://packages.msys2.org/package/mingw-w64-x86_64-libssh).
Can you try the same command as the original one (which made you open this issue) ?
Thank you for taking time to debug this :-)
build_9.1_with_mingw64-libssh-0.9.4.zip
from thc-hydra-windows.
Reelix
commented on July 20, 2024
build_9.1_with_mingw64-libssh-0.9.4.zip - Crash
Exception: STATUS_ACCESS_VIOLATION at rip=7FF806B54BD5
rax=00000000007BB260 rbx=0000000200000000 rcx=00000000000008B0
rdx=00000000007BBB20 rsi=0000000000720000 rdi=0000000000000000
r8 =0000000028CE573A r9 =0000000000000000 r10=0000000000000000
r11=00000000006144BB r12=0000000000000000 r13=00000000007BBB20
r14=00000000007BBB10 r15=0000000000000001
rbp=0000000000000000 rsp=00000000FFFF6050
program=R:\Utilities\THC-Hydra\hydra.exe, pid 90, thread main
cs=0033 ds=002B es=002B fs=0053 gs=002B ss=002B
Stack trace:
Frame Function Args
00000000000 7FF806B54BD5 (00000720000, 00000000008, 00000000000, 00000000000)
00000000008 7FF806AC5D21 (000006008B0, 00000000000, 000006008B0, 00000000000)
00000000008 7FF806189C9C (000007BBB67, 00000000002, 000007BE3D0, 00000000008)
00000000008 00061AF5392 (7FFFCFC8C840, 00000000010, 00000000015, 0000063E6D0)
00000000008 00061AE5EC9 (00000000000, 00000000000, 0000063E6D0, 000FFFF62D0)
00000000010 00061AE1A29 (00061AE1E4C, B43B4FBBBA1D12DD, 00000000015, 7475B56CF4417878)
00000000010 00061AE0ADB (00000627100, 000FFFF63B0, 00000000015, 0000000000C)
00000000010 00061AE129B (000FFFF6500, 000000003C4, 00000000010, 00000000104)
00000000108 00061AE16CD (00000000300, 00061B140B3, 00000000000, 00061B140B3)
00061AE0BD0 00061AED137 (00000000002, 0000000105B, 00061ADCD20, 000006026A0)
00000000001 00061AE8BAC (00180321DB0, 0000000002E, 00000621560, 00800061420)
00061ACCA40 00061AEA34B (001801B974F, 00100450E60, 00000001388, 00061B15990)
0000000002E 00061ACD762 (00800061420, 008000595C0, 00000000016, 0000063BC74)
0000000002E 001004215EE (00000000130, 00000000001, 00000000130, 008000593F8)
0000000002E 001004040DF (0080007402E, 00800062710, 00800062750, 00100464250)
000FFFF78D0 001004416EA (00180058D51, 00180362090, 0000000000C, 00000000000)
000FFFFCCE0 0018004AE9D (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 00180048886 (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 00180048934 (00000000000, 00000000000, 00000000000, 00000000000)
End of stack trace
Urmmmm.... Neither 8.5 nor 9.1 give more than 2 false positives. You might want to double-check that build...
Since most of the results were simply "It's Hydra", I decided to run it anyways.
It stops early, although there is no stack trace
Edit: Seems the binary vanished even though my AV was disabled ._.
Thank you for taking time to debug this :-)
You help me by maintaining this repo far more than I help you :p
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
Arf, too bad for the crash I really don't know the cause: either compilation/linkage, or just a defect in the lib itself (parsing etc.).
Does the crash happen always for the same IP or is it random among your 1.5k list ? If it is always the same IP, it is a lib bug, and should be reported to the lib maintainer.
Then for the virustotal detection, I can't explain but I guess that the specific 8.7_dev version might have been massively used in attacks (compared to other versions), so that it got massively flagged.
As two last tries for today:
-
- here's a full build for v9.1 from MSYS (instead of Cygwin) (vanhauser-thc/thc-hydra#552)
build_9.1_with_full_msys.zip
- here's a full build for v9.1 from MSYS (instead of Cygwin) (vanhauser-thc/thc-hydra#552)
-
- here's a build for v9.1 from Cygwin but for an older
libsshversion (0.7.3)
build_9.1_cygwin_old_libssh_0.7.3.zip
- here's a build for v9.1 from Cygwin but for an older
Cheers.
from thc-hydra-windows.
Reelix
commented on July 20, 2024
build_9.1_with_full_msys.zip - Got significantly further! Past the initial checks where the other libs were - Crashed at a different location though.
[ATTEMPT] target x.x.x.218 - login "root" - pass "root" - 1 of 51 [child 25] (0/0)
[DEBUG] head_no[26] read n
[DEBUG] send_next_pair_init target 73, head 26, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin root, tpass , logincnt 0/17, passcnt 0/3, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 1, clogin root, cpass root, tlogin root, tpass , redo 0
[ATTEMPT] target x.x.x.103 - login "root" - pass "root" - 1 of 51 [child 26] (0/0)
[DEBUG] head_no[27] read n
[DEBUG] send_next_pair_init target 75, head 27, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin root, tpass , logincnt 0/17, passcnt 0/3, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 1, clogin root, cpass root, tlogin root, tpass , redo 0
[ATTEMPT] target x.x.x.236 - login "root" - pass "root" - 1 of 51 [child 27] (0/0)
[DEBUG] head_no[28] read n
[DEBUG] send_next_pair_init target 78, head 28, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin root, tpass , logincnt 0/17, passcnt 0/3, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 1, clogin root, cpass root, tlogin root, tpass , redo 0
[ATTEMPT] target x.x.x.236 - login "root" - pass "root" - 1 of 51 [child 28] (0/0)
[DEBUG] head_no[29] read n
[DEBUG] send_next_pair_init target 79, head 29, redo 0, redo_state 0, pass_state 0. loop_mode 0, curlogin (null), curpass (null), tlogin root, tpass , logincnt 0/17, passcnt 0/3, loop_cnt 1
[DEBUG] send_next_pair_mid done 1, pass_state 1, clogin root, cpass root, tlogin root, tpass , redo 0
[ATTEMPT] target x.x.x.95 - login "root" - pass "root" - 1 of 51 [child 29] (0/0)
*** stack smashing detected ***: terminated
0 [main] hydra 1247 cygwin_exception::open_stackdumpfile: Dumping stack trace to hydra.exe.stackdump
[ERROR] could not connect to target port 22: Timeout connecting to x.x.x.178
[ERROR] ssh protocol error
[DEBUG] pid 1255 called child_exit with code 2
[ERROR] could not connect to target port 22: Timeout connecting to x.x.x.236
Stack trace:
Frame Function Args
000FFFF6D18 00180063480 (000FFFF6F38, 00000000002, 00000000000, 000FFFFDE50)
000FFFFDE50 0018006563C (00000000064, 00000000000, 00000001BC4, 00000000000)
000FFFF7440 00180147028 (00000000000, 00100000000, 000FFFF774C, 00000000000)
000FFFF77A0 00180170764 (B0963194ED059279, 000FFFF77A0, 0018036C0E0, 00000000041)
000FFFF77A0 0018014332B (000FFFF7720, 0000000002C, 00000000001, 63617473202A2A2A)
000FFFF77A0 001801BF345 (000FFFF78B7, 00000000001, 00000000001, 000FFFF7790)
000FFFF77A0 0018013E3AB (000FFFF78B7, 00000000001, 00000000001, 000FFFF7790)
000FFFF77A0 001004018E4 (0000000001D, 0000000006E, 00000000001, 000FFFF78C0)
000FFFF7908 00100443D06 (00180058D61, 001802EE100, 000FFFFCC50, 0000000002F)
000FFFFCCE0 0018004AEAA (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 00180048846 (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 001800488F4 (00000000000, 00000000000, 00000000000, 00000000000)
End of stack trace
build_9.1_cygwin_old_libssh_0.7.3.zip - Same as the previous one. Got past the authentication check stage, then crashed.
[DEBUG] head_no 57 has pid 750
[DEBUG] child 58 got target 113 selected
[DEBUG] child 58 spawned for target 113 with pid 751
[DEBUG] head_no 58 has pid 751
[DEBUG] child 59 got target 114 selected
[DEBUG] child 59 spawned for target 114 with pid 752
[DEBUG] child 60 got target 115 selected
[DEBUG] head_no 59 has pid 752
[DEBUG] child 60 spawned for target 115 with pid 753
[DEBUG] child 61 got target 116 selected
[DEBUG] head_no 60 has pid 753
[DEBUG] child 61 spawned for target 116 with pid 754
[DEBUG] head_no 61 has pid 754
[DEBUG] child 62 got target 117 selected
[DEBUG] child 62 spawned for target 117 with pid 755
[DEBUG] head_no 62 has pid 755
[DEBUG] child 63 got target 118 selected
[DEBUG] child 63 spawned for target 118 with pid 756
[DEBUG] head_no 63 has pid 756
*** stack smashing detected ***: terminated
0 [main] hydra 692 cygwin_exception::open_stackdumpfile: Dumping stack trace to hydra.exe.stackdump
Stack trace:
Frame Function Args
000FFFF6D18 00180063180 (000FFFF6F38, 00000000002, 00000000000, 000FFFFDE50)
000FFFFDE50 0018006533C (00000000064, 00000000000, 00000002C38, 00000000000)
000FFFF7440 00180144978 (00000000000, 00100000000, 000FFFF774C, 00000000000)
000FFFF77A0 0018016DEF4 (A37242AB760A4706, 000FFFF77A0, 00180367660, 00000000281)
000FFFF77A0 00180140C7B (000FFFF7720, 0000000002C, 00000000001, 63617473202A2A2A)
000FFFF77A0 001801BCA75 (000FFFF78B7, 00000000001, 00000000001, 000FFFF7790)
000FFFF77A0 0018013BCFB (000FFFF78B7, 00000000001, 00000000001, 000FFFF7790)
000FFFF77A0 001004018E4 (00000000000, 00000000076, 00000000607, 000FFFF78C0)
00041100000 00100443316 (00180058D51, 00180362090, 0000000000C, 00000000000)
000FFFFCCE0 0018004AE9D (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 00180048886 (00000000000, 00000000000, 00000000000, 00000000000)
000FFFFFFF0 00180048934 (00000000000, 00000000000, 00000000000, 00000000000)
End of stack trace
Does the crash append always for the same IP or is it random among your 1.5k list ?
A different part always. Both these versions are getting further though.
from thc-hydra-windows.
maaaaz
commented on July 20, 2024
Ok, and if it crashed again, could you try from a linux version of hydra, for instance on a kali linux ?
from thc-hydra-windows.
Reelix
commented on July 20, 2024
I updated my previous post with the progress reports and stack traces. Both of the new builds got further than the password authentication phase that the report was initially opened for, although still crashed further on with the same *** stack smashing detected *** error with stack traces.
could you try from a linux version of hydra, for instance on a kali linux ?
I currently don't have an internal Linux-based VM setup in my work environment (Which is why I'm using a Windows build of Hydra), so that might be a little tricky. I have currently been mitigating the issue by simply splitting the original list into smaller chunks, in which case the issue doesn't appear.
from thc-hydra-windows.
alexunderlag
commented on July 20, 2024
Found a solution?
from thc-hydra-windows.
W1one
commented on July 20, 2024
I also encounter the same situation. It is suggested that you can try to solve it by setting the - T parameter to 30
from thc-hydra-windows.
Related Issues (20)
- RDP module not working HOT 4
- GPU HOT 3
- fork for children isnt working HOT 2
- Hydra closing instantly HOT 12
- Would you mind to provide source code? HOT 1
- Website at bottom of readme is no longer valid HOT 1
- Hydra v9.1-dev - stack smashing detected (With trace) HOT 1
- THC Hydra does not work ... HOT 3
- Hydra does not (always) open .... HOT 3
- Where's wordlist.txt? HOT 1
- how do you do that HOT 1
- Upgrade to 9.3 HOT 1
- The error text in https-post-form has Chinese in it, which will cause it to fail to run HOT 3
- Publish the build scripts HOT 1
- Proxy doesn't work
- bug HOT 1
- DYLIB error after fresh install HOT 1
- Please upgrade to 9.5 for Windows
- http-post-form seems to not be supported HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from thc-hydra-windows.