Results 1 to 3 of 3

Thread: hydra 5.4 http-post-form free() patch, help

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    May 2007
    Posts
    24

    Default hydra 5.4 http-post-form free() patch, help

    Hey everyone. I'm trying to test out hydra's http-post-form module. Now after a trial and error I found out hydra has a patch to fix a problem with it freeing incorrect pieces of memory. The patch from :

    hXXp : // packetstorm.linuxsecurity.com/groups/thc/hydra-http-form.patch

    contains :

    --- hydra-http-form.old 2008-02-06 09:42:49.000000000 +0000
    +++ hydra-http-form.c 2008-02-06 09:43:45.000000000 +0000
    @@ -149,7 +149,6 @@
    }

    if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
    - free(updvariables);
    free(upd2variables);
    return 1;
    }
    @@ -183,7 +182,6 @@
    */

    free(buf);
    - free(updvariables);
    free(upd2variables);

    if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)


    Now, when I check out http-post-form.c in nano, I can find those exact lines. However, they are exactly the same, except for the '-' sign in front of the two lines above. My question is how do I patch this, because the only difference is the minus sign, and adding that and compiling doesn't exactly work out?

    Thanks, any help is really appreciated.

  2. #2
    Member
    Join Date
    Jan 2010
    Posts
    140

    Default

    The reason the patch you posted has a '-' sign in front of it is that when the patch is applied to hydra-http-form.c then 'free(updvariables);' is deleted from that file. In this case, in order to apply the patch try:
    Code:
    # patch -p0 < hydra-http-form.patch
    Once applied you'll notice that hydra-http-form.c no longer contains the lines 'free(updvariables);'.

    For further clarrification, if a patch contains a '+' in it then that means you're adding a line to the file(s) being patched.

  3. #3
    Just burned his ISO
    Join Date
    May 2007
    Posts
    24

    Default

    larryhaja, thanks so much. that makes sense and worked perfectly. thanks for clearing that up.

    much appreciated.
    In a world without fences, who needs Gates?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •