Monday, May 4, 2009

Installing thc-hydra on Ubuntu 8.10 Intrepid Ibex
********************************************************************

I had a hard time making hydra work on my Intrepid. And I wanted to write this post because while googling I found a lot of people facing similar errors. Especially making the GUI work on Ubuntu. I have provided the links from where I got clues. This includes making minor change in the code as well.(thanks to the author Mark who provided this info)

For those who are unaware of hydra, thc-hydra is a brute forcing tool used by penetration testers to check the security of their network. Hydra lets you create an attack on network services like ftp, telnet, http, smb and many more but most importantly ssh. Its a wonderful tool to analyse the security of your network.

I would only mention the errors that are faced in general. If you face some more errors then you may have to install additional packages depending on your configuration.

Theory

1.Download hydra source from here
http://freeworld.thc.org/thc-hydra/

2. You will need libgtk2.0-dev, if you want hydra GUI. Install it using apt-get

apt-get install libgtk2.0-dev

3. If you want ssh support (I bet you badly want it ;)) then download the library from here: http://0xbadc0de.be/libssh/libssh-0.2.tgz

For more details:
http://0xbadc0de.be

This may save you from the frustrating ssh errors that I saw after installing libssh 0.11 and through the default installation from the repository. (apt-get install libssh-dev)

This is when I read in the hydra messages that I need to install libssh0.11 from 0xbadc0de.be.
I faced this error (Error 1) when I tried installation after libssh 0.11 install. Somewhere I read that it has to do with symbolic links. But the libraries seemed to be at their right place. These errors vanish when you use libssh-dev from apt-get or libssh 0.2 from 0xbadc0de.be. I would recommend the latter one.

Error 1:
hydra error while loading shared libraries: libssh.so: cannot open shared object file: No such file or directory

I faced Error 2 when I installed libssh-dev from apt-get. May be it has something to do with the version. You dont see these errors when you install libssh0.2 from 0xbadc0de.be

Error 2:
hydra-ssh2.o: In function `start_ssh2':
hydra-ssh2.c:(.text+0x57): undefined reference to `options_new'
hydra-ssh2.c:(.text+0xaf): undefined reference to `options_set_wanted_method'
hydra-ssh2.c:(.text+0xc1): undefined reference to `options_set_wanted_method'
hydra-ssh2.c:(.text+0xcc): undefined reference to `options_set_port'
hydra-ssh2.c:(.text+0xd7): undefined reference to `options_set_host'
hydra-ssh2.c:(.text+0xe2): undefined reference to `options_set_username'
hydra-ssh2.c:(.text+0x12e): undefined reference to `ssh_error_code'
collect2: ld returned 1 exit status

Once you install libssh 0.2, you also need to download a patch provided by the author to make hydra 5.4 work with libssh 0.2. (This is much simpler and works like a charm :))

Get the patch from here:

http://0xbadc0de.be/libssh/hydra-libssh0.2.patch

4. OK, another problem that you may face (for sure) is that your GUI part (hydra-gtk) wont compile. Sort of:

/usr/include/bits/fcntl2.h:51: error: call to "__open_missing_mode" declared with attribute error: open with O_CREAT in second argument needs 3 arguments

Check out this link for details (needs minor tweak in code, and it worked for me. The errors vanished.):
http://www.hacktoolrepository.com/tool.pl?tid=37

5. This error/solution is displayed during hydra install, but anyways I am mentioning it: "cannot find -lpq"

run those commands:
make clean
./configure

Edit Makefile and and remove the "-lpq" and "-DLIBPOSTGRES" statements.

XDEFINES= -DLIBOPENSSL -DLIBPOSTGRES -DLIBSSH
XLIBS= -lssl -lpq -lssh -lcrypto

to

XDEFINES= -DLIBOPENSSL -DLIBSSH
XLIBS= -lssl -lssh -lcrypto

then,
make
make install

Installation Summary.

1. Download and extract thc-hydra source :

wget http://freeworld.thc.org/releases/hydra-5.4-src.tar.gz

tar -xvzf hydra-5.4-src.tar.gz

2. Download libssh0.2 and the patch:

wget http://0xbadc0de.be/libssh/libssh-0.2.tgz

wget http://0xbadc0de.be/libssh/hydra-libssh0.2.patch

3. Install libssh0.2:

tar -xvzf libssh-0.2.tgz
cd libssh-0.2
./configure
make
make install

4. Change directory to hydra source and apply the patch:

cd hydra-5.4-src
patch -p1 < /path/to/hydra-libssh0.2.patch

5. Install hydra (in case you dont get -lpq error or the gtk compile error, else edit the Makefile, or edit the hydra-gtk/src/callbacks.c code respectively)

./configure
make
make install

Run hydra command line by "hydra" or hydra GUI by "xhydra".

Happy Learning!!!

No comments:

Post a Comment