[Openvas-commits] r3493 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed May 27 15:49:33 CEST 2009


Author: jan
Date: 2009-05-27 15:49:32 +0200 (Wed, 27 May 2009)
New Revision: 3493

Removed:
   trunk/openvas-plugins/scripts/hydra_cisco.nasl
   trunk/openvas-plugins/scripts/hydra_cisco_enable.nasl
   trunk/openvas-plugins/scripts/hydra_cvs.nasl
   trunk/openvas-plugins/scripts/hydra_ftp.nasl
   trunk/openvas-plugins/scripts/hydra_http.nasl
   trunk/openvas-plugins/scripts/hydra_http_proxy.nasl
   trunk/openvas-plugins/scripts/hydra_icq.nasl
   trunk/openvas-plugins/scripts/hydra_imap.nasl
   trunk/openvas-plugins/scripts/hydra_ldap.nasl
   trunk/openvas-plugins/scripts/hydra_mssql.nasl
   trunk/openvas-plugins/scripts/hydra_mysql.nasl
   trunk/openvas-plugins/scripts/hydra_nntp.nasl
   trunk/openvas-plugins/scripts/hydra_options.nasl
   trunk/openvas-plugins/scripts/hydra_pcnfs.nasl
   trunk/openvas-plugins/scripts/hydra_pop3.nasl
   trunk/openvas-plugins/scripts/hydra_postgres.nasl
   trunk/openvas-plugins/scripts/hydra_rexec.nasl
   trunk/openvas-plugins/scripts/hydra_sapr3.nasl
   trunk/openvas-plugins/scripts/hydra_smb.nasl
   trunk/openvas-plugins/scripts/hydra_smtp_auth.nasl
   trunk/openvas-plugins/scripts/hydra_snmp.nasl
   trunk/openvas-plugins/scripts/hydra_socks5.nasl
   trunk/openvas-plugins/scripts/hydra_ssh2.nasl
   trunk/openvas-plugins/scripts/hydra_telnet.nasl
   trunk/openvas-plugins/scripts/hydra_vnc.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
* scripts/hydra_cisco_enable.nasl, scripts/hydra_cisco.nasl,
scripts/hydra_cvs.nasl, scripts/hydra_ftp.nasl,
scripts/hydra_http.nasl, scripts/hydra_http_proxy.nasl,
scripts/hydra_icq.nasl, scripts/hydra_imap.nasl,
scripts/hydra_ldap.nasl, scripts/hydra_mssql.nasl,
scripts/hydra_mysql.nasl, scripts/hydra_nntp.nasl,
scripts/hydra_options.nasl, scripts/hydra_pcnfs.nasl,
scripts/hydra_pop3.nasl, scripts/hydra_postgres.nasl,
scripts/hydra_rexec.nasl, scripts/hydra_sapr3.nasl,
scripts/hydra_smb.nasl, scripts/hydra_smtp_auth.nasl,
scripts/hydra_snmp.nasl, scripts/hydra_socks5.nasl,
scripts/hydra_ssh2.nasl, scripts/hydra_telnet.nasl,
scripts/hydra_vnc.nasl: Removed. These scripts
wrap the tool "hydra" (http://freeworld.thc.org/thc-hydra/).
Besides from being slightly out of date, this tool isn't Free Software.
In fact it says its GNU GPL and has some additional clauses. Those clauses
prevent the "use for any purpose", basically its some limits on commercial aspects
and thus render the tool proprietary. To prevent that users unintendingly violate the
misleading license and in order to not create recommended dependencies to
proprietary products, the scripts are removed. Should hydra eventually
become Free Software, the scripts can be reactivated from SVN.



Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/ChangeLog	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,4 +1,28 @@
-2009-05-22 Chandan S <schandan at secpod.com>
+2009-05-27  Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
+
+	* scripts/hydra_cisco_enable.nasl, scripts/hydra_cisco.nasl,
+	scripts/hydra_cvs.nasl, scripts/hydra_ftp.nasl,
+	scripts/hydra_http.nasl, scripts/hydra_http_proxy.nasl,
+	scripts/hydra_icq.nasl, scripts/hydra_imap.nasl,
+	scripts/hydra_ldap.nasl, scripts/hydra_mssql.nasl,
+	scripts/hydra_mysql.nasl, scripts/hydra_nntp.nasl,
+	scripts/hydra_options.nasl, scripts/hydra_pcnfs.nasl,
+	scripts/hydra_pop3.nasl, scripts/hydra_postgres.nasl,
+	scripts/hydra_rexec.nasl, scripts/hydra_sapr3.nasl,
+	scripts/hydra_smb.nasl, scripts/hydra_smtp_auth.nasl,
+	scripts/hydra_snmp.nasl, scripts/hydra_socks5.nasl,
+	scripts/hydra_ssh2.nasl, scripts/hydra_telnet.nasl,
+	scripts/hydra_vnc.nasl: Removed. These scripts
+	wrap the tool "hydra" (http://freeworld.thc.org/thc-hydra/).
+	Besides from being slightly out of date, this tool isn't Free Software.
+	In fact it says its GNU GPL and has some additional clauses. Those clauses
+	prevent the "use for any purpose", basically its some limits on commercial aspects
+	and thus render the tool proprietary. To prevent that users unintendingly violate the
+	misleading license and in order to not create recommended dependencies to
+	proprietary products, the scripts are removed. Should hydra eventually
+	become Free Software, the scripts can be reactivated from SVN.
+
+2009-05-26 Chandan S <schandan at secpod.com>
 	* scripts/secpod_limesurvey_detect.nasl,
 	scripts/secpod_bitweaver_detect.nasl,
 	scripts/secpod_limesurvey_info_disc_vuln.nasl,

Deleted: trunk/openvas-plugins/scripts/hydra_cisco.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_cisco.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_cisco.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,103 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15869);
- script_version ("1.2");
- name["english"] = "Hydra: Cisco";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find Cisco passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force Cisco authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_timeout(0);
- script_require_keys("Secret/hydra/passwords_file");
- script_require_ports("Services/telnet", 23);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd == NULL) exit(0);
-
-port = get_kb_item("Services/telnet");
-if (! port) port = 23;
-if (! get_port_state(port)) exit(0);
-soc = open_sock_tcp(port);
-if (! soc) exit(0);
-r = recv(socket: soc, length: 1024);
-close(soc);
-if ("Password:" >!< r) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-P"; argv[i++] = passwd;
-if (empty)
-{
-  argv[i++] = "-e"; argv[i++] = "n";
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "cisco";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*(login: *.*)? password: *(.*)$');
-  if (! isnull(v))
-  {
-    # l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, p, '\n');
-    set_kb_item(name: 'Hydra/cisco/'+port, value: p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to find the following CISCO passwords:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_cisco_enable.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_cisco_enable.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_cisco_enable.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,119 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15870);
- script_version ("1.2");
- name["english"] = "Hydra: Cisco enable";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find Cisco 'enable' passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force 'Cisco enable' authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- 
- script_add_preference(name: "Logon password : ", type: "entry", value: "");
-
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_timeout(0);
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/passwords_file");
- script_require_ports("Services/telnet", 23);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl", "hydra_cisco.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd == NULL) exit(0);
-
-port = get_kb_item("Services/telnet");
-if (! port) port = 23;
-if (! get_port_state(port)) exit(0);
-soc = open_sock_tcp(port);
-if (! soc) exit(0);
-r = recv(socket: soc, length: 1024);
-close(soc);
-if ("Password:" >!< r) exit(0);
-
-# Logon password is required
-pass = script_get_preference("Logon password : ");
-if (! pass)
-{
- l = get_kb_list("Hydra/cisco/"+port);
- if (isnull(l)) exit(0);
- foreach pass (l)
-   if (! pass)
-    break;
- if (! pass) exit(0);
-}
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-P"; argv[i++] = passwd;
-if (empty)
-{
-  argv[i++] = "-e"; argv[i++] = "n";
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "cisco-enable";
-argv[i++] = pass;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*(login: *.*)? password: *(.*)$');
-  if (! isnull(v))
-  {
-    # l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, p, '\n');
-    set_kb_item(name: "Hydra/cisco-enable/"+port, value: p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to find the following Cisco enable passwords:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_cvs.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_cvs.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_cvs.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,105 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15871);
- script_version ("1.2");
- name["english"] = "Hydra: CVS";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find CVS accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force CVS authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_timeout(0);
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/cvspserver", 2401);
- script_dependencies("hydra_options.nasl", "find_service.nes", "cvs_detect.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/cvspserver");
-if (! port) port = 2401;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "cvs";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/cvs/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following CVS accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_ftp.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_ftp.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_ftp.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,103 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15872);
- script_version ("1.2");
- name["english"] = "Hydra: FTP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find FTP accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force FTP authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/ftp", 21);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl", "find_service_3digits.nasl");
- exit(0);
-}
-
-#
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/ftp");
-if (! port) port = 21;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "ftp";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword:', p, '\n');
-    set_kb_item(name: 'Hydra/ftp/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following FTP accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_http.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_http.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_http.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,129 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15873);
- script_version ("1.3");
- script_xref(name: "OWASP", value: "OWASP-AUTHN-004");
- script_xref(name: "OWASP", value: "OWASP-AUTHN-006");
- script_xref(name: "OWASP", value: "OWASP-AUTHN-010");
- name["english"] = "Hydra: HTTP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find HTTP passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force HTTP authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- 
- script_add_preference(name: "Web page :", value: "", type: "entry");
-
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/www", 80);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/www");
-if (! port) port = 80;
-if (! get_port_state(port)) exit(0);
-if ( get_kb_item("Services/www/" + port + "/broken") ) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "http";
-
-opt = script_get_preference("Web page :");
-if (! opt)
-{
-  v = get_kb_list('www/'+port+'/content/auth_required');
-  if (!isnull(v)) opt = v[0];
-}
-if (! opt) exit(0);
-# Check that web page is forbidden
-soc = http_open_socket(port);
-if (! soc) exit(0);
-send(socket: soc, data: 
- strcat('GET ', opt, ' HTTP/1.1\r\nHost: ', get_host_name(), '\r\n\r\n'));
-r = recv_line(socket: soc, length: 512);
-http_close_socket(soc);
-if (r !~ "^HTTP/1\.[01] +403 ") exit(0);
-#
-argv[i++] = opt;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/http/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following HTTP accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_http_proxy.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_http_proxy.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_http_proxy.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,126 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15874);
- script_version ("1.2");
- name["english"] = "Hydra: HTTP proxy";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find HTTP proxy accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force HTTP proxy authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_add_preference(name: "Web site (optional) :", value: "", type: "entry");
-
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/http_proxy", 3128);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/http_proxy");
-if (! port) port = 3128;
-if (! get_port_state(port)) exit(0);
-
-# www.suse.com by default
-opt = script_get_preference("Site (optional) :");
-if (!opt) site = 'http://www.suse.com/';
-else if (opt !~ '^(http|ftp)://') site = strcat('http://', opt);
-else site = opt;
-host = ereg_replace(string: site, pattern: '^(ftp|http://)([^/]+@)?([^/]+)/.*',
-	replace: "\3");
-if (host == site)
- req = 'GET '+site+' HTTP/1.0\r\n\r\n';
-else
- req = 'GET '+site+' HTTP/1.1\r\nHost: '+host+'\r\n\r\n';
-s = open_sock_tcp(port);
-if (!s) exit(0);
-send(socket: s, data: req);
-r = recv_line(socket: s, length: 1024);
-close(s);
-if (r =~ "^HTTP/1\.[01] +[234]0[0-9] ") exit(0);	# Proxy is not protected
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "http-proxy";
-
-if (opt) argv[i++] = opt;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/http-proxy/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following accounts on the HTTP proxy:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_icq.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_icq.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_icq.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,104 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15875);
- script_version ("1.2");
- name["english"] = "Hydra: ICQ";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find ICQ accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force ICQ authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/icq", 5190);
- script_dependencies("hydra_options.nasl", "find_service.nes");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/icq");
-if (! port) port = 5190;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "icq";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/icq/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following ICQ accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_imap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_imap.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_imap.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,104 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15876);
- script_version ("1.2");
- name["english"] = "Hydra: IMAP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find IMAP accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force IMAP authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/imap", 143);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/imap");
-if (! port) port = 143;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "imap";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/imap/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following IMAP accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_ldap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_ldap.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_ldap.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,112 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15877);
- script_version ("1.3");
- name["english"] = "Hydra: LDAP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find LDAP accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force LDAP authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_add_preference(name: "DN : ", type: "entry", value: "");
-
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/ldap", 389);
- # find_service does not detect LDAP yet, so we rely upon amap
- # However find_services will detect the SSL layer for LDAPS
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl", "external_svc_ident.nasl", "ldap_detect.nasl");
- exit(0);
-}
-
-#
-
-thorough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< thorough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/ldap");
-if (! port) port = 389;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-dn = script_get_preference("DN : ");
-if (! dn) exit(0);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "ldap";
-argv[i++] = dn;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/ldap/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following accounts on the LDAP server:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_mssql.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_mssql.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_mssql.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,104 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15878);
- script_version ("1.2");
- name["english"] = "Hydra: MS SQL";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find MS SQL passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force MS SQL authentication with Hydra";
- script_summary(english:summary["english"]);
- script_timeout(0);
- script_category(ACT_ATTACK);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/mssql", 1433);
- script_dependencies("hydra_options.nasl", "find_service.nes", "mssqlserver_detect.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/mssql");
-if (! port) port = 1433;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "mssql";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/mssql/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following MS SQL accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_mysql.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_mysql.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_mysql.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,121 +0,0 @@
-#
-# This script was written by Michel Arboi <mikhail at nessus.org>
-#
-# GPL
-#
-# kst-4check
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(80012);
- script_version ("1.2");
- name["english"] = "Hydra: MySQL";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find MySQL accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force MySQL authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
-
- script_copyright(english:"This script is Copyright (C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/mysql", 3306);
- script_dependencies("hydra_options.nasl", "find_service1.nasl", "doublecheck_std_services.nasl", "mysql_version.nasl");
- exit(0);
-}
-
-#
-force = get_kb_item("/tmp/hydra/force_run");
-if (! force)
-{
- throrough = get_kb_item("global_settings/thorough_tests");
- if ("yes" >!< throrough) exit(0);
-}
-
-logins = get_kb_item("Secret/hydra/logins_file");
-if (logins == NULL) exit(0);
-
-port = get_kb_item("Services/mysql");
-if (! port) exit(0);
-if (! get_port_state(port)) exit(0);
-
-no_pass = get_kb_item('MySQL/no_passwd/'+port);
-if (no_pass) exit(0);
-
-# We should check that the server is up & running
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd)
-{
- argv[i++] = "-P"; argv[i++] = passwd;
-} else if (!s)
- exit(0);
-
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "mysql";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/mysql/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following accounts on the MySQL server:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_nntp.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_nntp.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_nntp.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,105 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-# No use to run this one if the other plugins cannot run!
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15879);
- script_version ("1.2");
- name["english"] = "Hydra: NNTP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find NNTP accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force NNTP authentication with Hydra";
- script_summary(english:summary["english"]);
- script_timeout(0);
- script_category(ACT_ATTACK);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/nntp", 119);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl", "find_service_3digits.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/nntp");
-if (! port) port = 119;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "nntp";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/nntp/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following NNTP accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_options.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_options.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_options.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,105 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-# No use to run this one if the other plugins cannot run!
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15868);
- script_version ("1.1");
- name["english"] = "Hydra (NASL wrappers options)";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin sets options for the Hydra(1) tests.
-Hydra finds passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force authentication protocols";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_SETTINGS);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
-
- script_add_preference(name: "Logins file : ", value: "", type: "file");
- script_add_preference(name: "Passwords file : ", value: "", type: "file");
- script_add_preference(name: "Number of parallel tasks :", value: "16", type: "entry");
- script_add_preference(name: "Timeout (in seconds) :", value: "30", type: "entry");
- script_add_preference(name: "Try empty passwords", type:"checkbox", value: "no");
- script_add_preference(name: "Try login as password", type:"checkbox", value: "no");
- script_add_preference(name: "Exit as soon as an account is found", type:"checkbox", value: "no");
- script_add_preference(name: "Add accounts found by other plugins to login file",
-	type:"checkbox", value: "yes");
-
- exit(0);
-}
-
-#
-
-function mk_login_file(logins)
-{
-  local_var	tmp1,tmp2, dir, list, i, u;
-  dir = get_tmp_dir();
-  if (! dir) return logins;	# Abnormal condition
-  for (i = 1; TRUE; i ++)
-  {
-    u = get_kb_item("SMB/Users/"+i);
-    if (! u) break;
-    list = strcat(list, u, '\n');
-  }
-# Add here results from other plugins
-  if (! list) return logins;
-  tmp1 = strcat(dir, 'hydra-'+ get_host_ip() + '-' + rand());
-  tmp2 = strcat(dir, 'hydra-'+ get_host_ip() + '-' + rand());
-  if (fwrite(data: list, file: tmp1) <= 0)	# File creation failed
-    return logins;
-  if (! logins) return tmp1;
-  pread(cmd: "sort", argv: make_list("sort", "-u", tmp1, logins, "-o", tmp2));
-  unlink(tmp1);
-  return tmp2;
-}
-
-
-p = script_get_preference_file_location("Passwords file : ");
-if (!p ) exit(0);
-set_kb_item(name: "Secret/hydra/passwords_file", value: p);
-
-# No login file is necessary for SNMP, VNC and Cisco; and a login file 
-# may be made from other plugins results. So we do not exit if this
-# option is void.
-a = script_get_preference("Add accounts found by other plugins to login file");
-p = script_get_preference_file_location("Logins file : ");
-if ("no" >!< a) p = mk_login_file(logins: p);
-set_kb_item(name: "Secret/hydra/logins_file", value: p);
-
-p = script_get_preference("Timeout (in seconds) :");
-t = int(p);
-if (t <= 0) t = 30;
-set_kb_item(name: "/tmp/hydra/timeout", value: t);
-
-p = script_get_preference("Number of parallel tasks :");
-t = int(p);
-if (t <= 0) t = 16;
-set_kb_item(name: "/tmp/hydra/tasks", value: t);
-
-p = script_get_preference("Try empty passwords");
-set_kb_item(name: "/tmp/hydra/empty_password", value: "yes" >< p);
-
-p = script_get_preference("Try login as password");
-set_kb_item(name: "/tmp/hydra/login_password", value: "yes" >< p);
-
-p = script_get_preference("Exit as soon as an account is found");
-set_kb_item(name: "/tmp/hydra/exit_ASAP", value: "yes" >< p);
-

Deleted: trunk/openvas-plugins/scripts/hydra_pcnfs.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_pcnfs.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_pcnfs.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,101 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15880);
- script_version ("1.2");
- name["english"] = "Hydra: PCNFS";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find PCNFS accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force PCNFS authentication with Hydra";
- script_summary(english:summary["english"]);
- script_timeout(0);
- script_category(ACT_ATTACK);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_udp_ports(640);
- script_dependencies("hydra_options.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = 640;
-if (! get_udp_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "pcnfs";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*)? password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/pcnfs/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following PC-NFS accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_pop3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_pop3.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_pop3.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,102 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15881);
- script_version ("1.2");
- name["english"] = "Hydra: POP3";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find POP3 accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force POP3 authentication with Hydra";
- script_summary(english:summary["english"]);
- script_timeout(0);
- script_category(ACT_ATTACK);
- 
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/pop3", 110);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/pop3");
-if (! port) port = 110;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "pop3";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following POP3 accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_postgres.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_postgres.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_postgres.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,122 +0,0 @@
-#
-# This script was written by Michel Arboi <mikhail at nessus.org>
-#
-# GPL
-#
-# kst-4check
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(80013);
- script_version ("1.3");
- name["english"] = "Hydra: Postgres";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find Postgres accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force Postgres authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_add_preference(name: "Database name (optional) : ", type: "entry", value: "");
-
- script_copyright(english:"This script is Copyright (C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/postgres", 5432);
- script_dependencies("hydra_options.nasl", "find_service1.nasl", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-force = get_kb_item("/tmp/hydra/force_run");
-if (! force)
-{
- throrough = get_kb_item("global_settings/thorough_tests");
- if ("yes" >!< throrough) exit(0);
-}
-
-logins = get_kb_item("Secret/hydra/logins_file");
-if (logins == NULL) exit(0);
-
-port = get_kb_item("Services/postgres");
-if (! port) exit(0);	# port = 5432;
-if (! get_port_state(port)) exit(0);
-
-nopass = get_kb_item('postgresql/no_pass/'+port);
-if (nopass) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-db = script_get_preference("Database name (optional) : ");
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd)
-{
- argv[i++] = "-P"; argv[i++] = passwd;
-} else if (! s)
- exit(0);
-
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "postgres";
-if (db) argv[i++] = db;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/postgres/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following accounts on the Postgres server:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_rexec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_rexec.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_rexec.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,104 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15882);
- script_version ("1.2");
- name["english"] = "Hydra: rexec";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find rexec accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force rexec authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/rexecd", 512);
- script_dependencies("hydra_options.nasl", "find_service.nes", "rexecd.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/rexecd");
-if (! port) port = 512;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "rexec";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/rexec/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following Rexec accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_sapr3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_sapr3.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_sapr3.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,111 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15883);
- script_version ("1.2");
- name["english"] = "Hydra: SAP R3";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find SAP R3 accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force SAP R3 authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_add_preference(name: "Client ID (between 0 and 99) : ", type: "entry", value: "");
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/sap-r3", 3299);
- script_dependencies("hydra_options.nasl", "find_service.nes", "external_svc_ident.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/sap-r3");
-if (! port) port = 3299;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-id = script_get_preference("Client ID (between 0 and 99) : ");
-if (! id) exit(0);
-id = int(id);
-if (id < 0 || id > 99) exit(0);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "sapr3";
-argv[i++] = id;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/sapr3/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following SAP R3 accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_smb.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_smb.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_smb.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,118 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if ( ! defined_func("script_get_preference_file_location")) exit(0);
-if ( ! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15884);
- script_version ("1.2");
- name["english"] = "Hydra: SMB";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find SMB accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force SMB authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_DESTRUCTIVE_ATTACK); # Because of accounts autolock
- script_timeout(0);
- script_add_preference(name: "Check local / domain accounts", 
-	value: "Local accounts; Domain Accounts; Either", type: "radio");
- script_add_preference(name: "Interpret passwords as NTLM hashes", 
-	value: "no", type: "checkbox");
-
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports(139,445);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("SMB/transport"); port = int(port);
-if (! port) port = 445;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "smbnt";	# what's "smb"?
-
-opt = "";
-p = script_get_preference("Check local / domain accounts");
-if ("Local" >< p) opt = "L";
-else if ("Domain" >< p) opt = "D";
-else opt = "B";
-
-p = script_get_preference("Interpret passwords as NTLM hashes");
-if ("yes" >< p) opt += "H";
-argv[i++] = opt;
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following SMB accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_smtp_auth.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_smtp_auth.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_smtp_auth.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,105 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15885);
- script_version ("1.2");
- name["english"] = "Hydra: SMTP AUTH";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find SMTP AUTH accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force SMTP AUTH authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/smtp", 25);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl", "find_service_3digits.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/smtp");
-if (! port) port = 25;
-if (! get_port_state(port)) exit(0);
-# NB: Hydra will exit if SMTP AUTH is not enabled
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "smtp-auth";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/smtp-auth/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following SMTP accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_snmp.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_snmp.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_snmp.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,98 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15886);
- script_version ("1.2");
- name["english"] = "Hydra: SNMP";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find SNMP passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force SNMP authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/passwords_file");
- script_require_udp_ports(161, 32789);
- script_dependencies("hydra_options.nasl", "snmp_settings.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd == NULL) exit(0);
-
-port = get_kb_item("SNMP/port");
-if (port) exit(0);
-# Yes! We exit if we know the port, and thus some common community name
-port = 161;
-if (! get_udp_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-P"; argv[i++] = passwd;
-if (empty)
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = "n";
-}
-if (exit_asap) argv[i++] = "-f";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "snmp";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*(login: *.*)? password: *(.*)$');
-  if (! isnull(v))
-  {
-    p = chomp(v[2]);
-    report = strcat(report, p, '\n');
-    set_kb_item(name: 'Hydra/snmp/'+port, value: p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following SNMP communities:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_socks5.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_socks5.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_socks5.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,105 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-# No use to run this one if the other plugins cannot run!
-if ( ! defined_func("script_get_preference_file_location")) exit(0);
-if ( ! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15887);
- script_version ("1.2");
- name["english"] = "Hydra: Socks5";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find Socks5 accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force Socks5 authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/socks5", 1080);
- script_dependencies("hydra_options.nasl", "find_service.nes", "socks.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/socks5");
-if (! port) port = 1080;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "socks5";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'login: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/socks5/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following accounts on the Socks5 server:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_ssh2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_ssh2.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_ssh2.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,103 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15888);
- script_version ("1.1");
- name["english"] = "Hydra: SSH2";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find SSH2 accounts & passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force SSH2 authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/ssh", 22);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-thorough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< thorough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/ssh");
-if (! port) port = 22;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "ssh2";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/ssh2/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following SSH accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_telnet.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_telnet.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_telnet.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,103 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra")) exit(0);
-
-
-if(description)
-{
- script_id(15889);
- script_version ("1.1");
- name["english"] = "Hydra: telnet";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find telnet passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force telnet authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/logins_file", "Secret/hydra/passwords_file");
- script_require_ports("Services/telnet", 23);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-thorough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< thorough) exit(0);
-logins = get_kb_item("Secret/hydra/logins_file");
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (logins == NULL || passwd == NULL) exit(0);
-
-port = get_kb_item("Services/telnet");
-if (! port) port = 23;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-login_pass = get_kb_item("/tmp/hydra/login_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-L"; argv[i++] = logins;
-argv[i++] = "-P"; argv[i++] = passwd;
-s = "";
-if (empty) s = "n";
-if (login_pass) s+= "s";
-if (s)
-{
-  argv[i++] = "-e"; argv[i++] = s;
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "telnet";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*login: *(.*) password: *(.*)$');
-  if (! isnull(v))
-  {
-    l = chomp(v[1]);
-    p = chomp(v[2]);
-    report = strcat(report, 'username: ', l, '\tpassword: ', p, '\n');
-    set_kb_item(name: 'Hydra/telnet/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to break the following Telnet accounts:\n' + report);

Deleted: trunk/openvas-plugins/scripts/hydra_vnc.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hydra_vnc.nasl	2009-05-27 13:19:40 UTC (rev 3492)
+++ trunk/openvas-plugins/scripts/hydra_vnc.nasl	2009-05-27 13:49:32 UTC (rev 3493)
@@ -1,97 +0,0 @@
-#
-# This script was written by Michel Arboi <arboi at alussinan.org>
-#
-# GPL
-#
-
-if (! defined_func("script_get_preference_file_location")) exit(0);
-if (! find_in_path("hydra") ) exit(0);
-
-
-if(description)
-{
- script_id(15890);
- script_version ("1.1");
- name["english"] = "Hydra: VNC";
- script_name(english:name["english"]);
- 
- desc["english"] = "
-This plugin runs Hydra to find VNC passwords by brute force.
-
-See the section 'plugins options' to configure it
-";
-
- script_description(english:desc["english"]);
- 
- summary["english"] = "Brute force VNC authentication with Hydra";
- script_summary(english:summary["english"]);
- 
- script_category(ACT_ATTACK);
- script_timeout(0);
- script_copyright(english:"This script is Copyright (C) 2004 Michel Arboi");
- script_family(english:"Brute force attacks");
- script_require_keys("Secret/hydra/passwords_file");
- script_require_ports("Services/vnc", 5900);
- script_dependencies("hydra_options.nasl", "find_service.nes", "doublecheck_std_services.nasl");
- exit(0);
-}
-
-#
-
-throrough = get_kb_item("global_settings/thorough_tests");
-if ("yes" >!< throrough) exit(0);
-passwd = get_kb_item("Secret/hydra/passwords_file");
-if (passwd == NULL) exit(0);
-
-port = get_kb_item("Services/vnc");
-if (! port) port = 5900;
-if (! get_port_state(port)) exit(0);
-
-timeout = get_kb_item("/tmp/hydra/timeout"); timeout = int(timeout);
-tasks = get_kb_item("/tmp/hydra/tasks"); task = int(tasks);
-
-empty = get_kb_item("/tmp/hydra/empty_password");
-exit_asap = get_kb_item("/tmp/hydra/exit_ASAP");
-tr = get_kb_item("Transports/TCP/"+port);
-
-i = 0;
-argv[i++] = "hydra";
-argv[i++] = "-s"; argv[i++] = port;
-argv[i++] = "-P"; argv[i++] = passwd;
-if (empty)
-{
-  argv[i++] = "-e"; argv[i++] = "n";
-}
-if (exit_asap) argv[i++] = "-f";
-if (tr >= ENCAPS_SSLv2) argv[i++] = "-S";
-
-if (timeout > 0)
-{
-  argv[i++] = "-w";
-  argv[i++] = timeout;
-}
-if (tasks > 0)
-{
-  argv[i++] = "-t";
-  argv[i++] = tasks;
-}
-
-argv[i++] = get_host_ip();
-argv[i++] = "vnc";
-
-report = "";
-results = pread(cmd: "hydra", argv: argv, nice: 5);
-foreach line (split(results))
-{
-  v = eregmatch(string: line, pattern: 'host:.*(login: *.*)? password: *(.*)$');
-  if (! isnull(v))
-  {
-    p = chomp(v[2]);
-    report = strcat(report, p, '\n');
-    set_kb_item(name: 'Hydra/vnc/'+port, value: l + '\t' + p);
-  }
-}
-
-if (report)
-  security_hole(port: port, 
-    data: 'Hydra was able to find the following VNC passwords:\n' + report);



More information about the Openvas-commits mailing list