Hi, trying Hydra to brute force SSH doesn't seem to work as it should. running with -v , it can successfully detect password logins work, but later on fails on each attempt, with 'Library not initialized.' error, so doesn't find valid credentials.
attached patch fixes it for me, however, don't really know why it's needed. had to add ssh_init() before starting each new session. Looking at the docs, I believe it should not be necessary: https://api.libssh.org/stable/group__libssh.html#ga3ebf8d6920e563f3b032e3cd5277598e Also I might remember wrongly, but at some earlier point in time, SSH brute force did work. Applying same treatment to sshkey brute force, as from the code, seems to probably have same issue, but not tested. Anyone with a better idea, or OK? cheers, Sebastian ? hydra-fix-ssh Index: Makefile =================================================================== RCS file: /cvs/ports/security/hydra/Makefile,v retrieving revision 1.61 diff -u -r1.61 Makefile --- Makefile 12 Jul 2019 20:49:03 -0000 1.61 +++ Makefile 12 Nov 2020 23:03:14 -0000 @@ -6,7 +6,7 @@ VERSION= 8.6 PKGNAME-main= hydra-${VERSION} PKGNAME-gui= hydra-gui-${VERSION} -REVISION-main= 0 +REVISION-main= 1 CATEGORIES= security Index: patches/patch-hydra-ssh_c =================================================================== RCS file: patches/patch-hydra-ssh_c diff -N patches/patch-hydra-ssh_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-hydra-ssh_c 12 Nov 2020 23:03:14 -0000 @@ -0,0 +1,16 @@ +$OpenBSD$ + +For some reason, this needs to be called to +Initialize global cryptographic data structures + +Index: hydra-ssh.c +--- hydra-ssh.c.orig ++++ hydra-ssh.c +@@ -39,6 +39,7 @@ int32_t start_ssh(int32_t s, char *ip, int32_t port, u + ssh_free(session); + } + ++ ssh_init(); + session = ssh_new(); + ssh_options_set(session, SSH_OPTIONS_PORT, &port); + ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip)); Index: patches/patch-hydra-sshkey_c =================================================================== RCS file: patches/patch-hydra-sshkey_c diff -N patches/patch-hydra-sshkey_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-hydra-sshkey_c 12 Nov 2020 23:03:14 -0000 @@ -0,0 +1,16 @@ +$OpenBSD$ + +For some reason, this needs to be called to +Initialize global cryptographic data structures + +Index: hydra-sshkey.c +--- hydra-sshkey.c.orig ++++ hydra-sshkey.c +@@ -39,6 +39,7 @@ int32_t start_sshkey(int32_t s, char *ip, int32_t port + ssh_free(session); + } + ++ ssh_init(); + session = ssh_new(); + ssh_options_set(session, SSH_OPTIONS_PORT, &port); + ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));
