Use library for mssql

README

@@ -96,7 +96,7 @@ for a few optional modules (note that some might not be available on your distri
 apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev \
                  libgtk2.0-dev libmysqlclient-dev libpq-dev libsvn-dev \
                  firebird-dev libmemcached-dev libgpg-error-dev \
-                 libgcrypt11-dev libgcrypt20-dev
+                 libgcrypt11-dev libgcrypt20-dev freetds-dev
 ```
 
 This enables all optional modules and features with the exception of Oracle,

configure

@@ -185,6 +185,32 @@ else
    echo "                                ... zlib not found, gzip support disabled"
 fi
 
+echo "Checking for sybdb (sybdb.h) ..."
+for i in $INCDIRS; do
+   if [ -f "$i/sybdb.h" ]; then
+	HAVE_SYBDB="y"
+   fi
+done
+
+if [ -n "$HAVE_SYBDB" ]; then
+   echo "                                ... found"
+else
+   echo "                                ... sybdb not found, MSSQL module will lack TDSv7 support"
+fi
+
+echo "Checking for sybfront (sybfront.h) ..."
+for i in $INCDIRS; do
+   if [ -f "$i/sybfront.h" ]; then
+	HAVE_SYBFRONT="y"
+   fi
+done
+
+if [ -n "$HAVE_SYBFRONT" ]; then
+   echo "                                ... found"
+else
+   echo "                                ... sybfront not found, MSSQL module will lack TDSv7 support"
+fi
+
 echo "Checking for openssl (libssl/libcrypto/ssl.h/sha.h) ..."
 if [ "X" != "X$DEBUG" ]; then
    echo DEBUG: SSL_LIB=$LIBDIRS `ls -d /*ssl /usr/*ssl /opt/*ssl /usr/local/*ssl /opt/local/*ssl /*ssl/lib /usr/*ssl/lib /opt/*ssl/lib /usr/local/*ssl/lib /opt/local/*ssl/lib 2> /dev/null`
@@ -1496,6 +1522,12 @@ fi
 if [ -n "$RSA" ]; then
     XDEFINES="$XDEFINES -DNO_RSA_LEGACY"
 fi
+if [ -n "$HAVE_SYBDB" ]; then
+    XDEFINES="$XDEFINES -DHAVE_SYBDB"
+fi
+if [ -n "$HAVE_SYBFRONT" ]; then
+    XDEFINES="$XDEFINES -DHAVE_SYBFRONT"
+fi
 if [ -n "$HAVE_ZLIB" ]; then
     XDEFINES="$XDEFINES -DHAVE_ZLIB"
 fi
@@ -1627,6 +1659,9 @@ fi
 if [ -n "$HAVE_ZLIB" ]; then
     XLIBS="$XLIBS -lz"
 fi
+if [ -n "$HAVE_SYBDB" ]; then
+    XLIBS="$XLIBS -lsybdb"
+fi
 if [ -n "$CURSES_PATH" ]; then
     XLIBS="$XLIBS -lcurses"
 fi
@@ -1804,4 +1839,4 @@ if [ "x$NOSTRIP" = "x" ]; then
 else
   cat Makefile.am | sed 's/^install:.*/install:	all/'  >> Makefile
 fi
-echo "now type \"make\""
+echo "now type \"make\""

hydra-mssql.c

@@ -1,10 +1,14 @@
 #include "hydra-mod.h"
-
-#define MSLEN 30
-
 extern char *HYDRA_EXIT;
 char *buf;
 
+#if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)
+#include <sybdb.h>
+#include <sybfront.h>
+#endif
+
+#define MSLEN 30
+
 unsigned char p_hdr[] = "\x02\x00\x02\x00\x00\x00\x02\x00\x00\x00"
                         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
                         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -56,6 +60,7 @@ unsigned char p_lng[] = "\x02\x01\x00\x47\x00\x00\x02\x00\x00\x00\x00"
 int32_t start_mssql(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {
   char *empty = "";
   char *login, *pass, buffer[1024];
+  char *ipaddr_str = hydra_address2string(ip);
   char ms_login[MSLEN + 1];
   char ms_pass[MSLEN + 1];
   unsigned char len_login, len_pass;
@@ -65,6 +70,42 @@ int32_t start_mssql(int32_t s, char *ip, int32_t port, unsigned char options, ch
     login = empty;
   if (strlen(pass = hydra_get_next_password()) == 0)
     pass = empty;
+#if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)
+  if ((strlen(login) > MSLEN) || (strlen(pass) > MSLEN)){
+
+    DBPROCESS *dbproc;
+    LOGINREC *attempt;
+
+    attempt = dblogin();
+
+    DBSETLUSER(attempt, login);
+    DBSETLPWD(attempt, pass);
+
+    // Connect without specifying a database
+    dbproc = dbopen(attempt, ipaddr_str);  
+
+    if (dbproc != NULL) {
+      dbclose(dbproc);
+      dbexit();
+      hydra_report_found_host(port, ip, "mssql", fp);
+      hydra_completed_pair_found();
+      if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
+        return 2;
+      return 1;
+    }
+
+    hydra_completed_pair();
+    if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
+      return 2;
+
+    return 1;
+
+  }
+#else
+  if ((strlen(login) > MSLEN) || (strlen(pass) > MSLEN)){
+    fprintf(stderr,"[WARNING] To crack credentials longer than 30 characters, install freetds and recompile\n");
+  }
+#endif
   if (strlen(login) > MSLEN)
     login[MSLEN - 1] = 0;
   if (strlen(pass) > MSLEN)
@@ -119,6 +160,10 @@ void service_mssql(char *ip, int32_t sp, unsigned char options, char *miscptr, F
   int32_t run = 1, next_run = 1, sock = -1;
   int32_t myport = PORT_MSSQL, mysslport = PORT_MSSQL_SSL;
 
+  #if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)
+  dbinit();
+  #endif
+
   hydra_register_socket(sp);
   if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
     return;