#!/bin/sh echo "Don't forget to update this script with the change-log! Press ENTER to start..." read NAME="hydra" VERSION="5.8" SOURCE="http://freeworld.thc.org/releases/hydra-$VERSION-src.tar.gz" CONFIGURE="--prefix=/usr/local --disable-xhydra" DATE=`date '+%Y/%m/%d'` SCRIPT_NAME=$(basename $0) cp $0 /tmp/ export CFLAGS="-march=i486 -mtune=i686 -Os -pipe" export CXXFLAGS="-march=i486 -mtune=i686 -Os -pipe" export LDFLAGS="-Wl,-O1" echo "Downloading essential packages..." tce-load -wi compiletc squashfs-tools-4.x libssh libssh-dev postgresql postgresql-dev cd /tmp/ wget $SOURCE sudo rm -rf $NAME-$VERSION 2>/dev/null sudo rm /tmp/$NAME.tcz /tmp/$NAME.tcz.list /tmp/$NAME.tcz.md5.txt /tmp/$NAME.tcz.dep 2>/dev/null sudo rm -rf /tmp/$NAME 2>/dev/null sudo rm /tmp/$NAME-dev.tcz /tmp/$NAME-dev.tcz.list /tmp/$NAME-dev.tcz.md5.txt /tmp/$NAME-dev.tcz.dep 2>/dev/null sudo rm -rf /tmp/$NAME-dev 2>/dev/null tar xvfz $NAME-$VERSION-src.tar.gz cd $NAME-$VERSION-src echo " Starting ./configure $CONFIGURE" ./configure $CONFIGURE echo "Press ENTER to continue... " read make -j3 #This stupid installer does not support the DESTDIR=/tmp/$NAME echo " Starting make install" sudo make install sudo mkdir -p /tmp/$NAME/usr/local/bin sudo mv /usr/local/bin/hydra /tmp/$NAME/usr/local/bin/ sudo mv /usr/local/bin/pw-inspector /tmp/$NAME/usr/local/bin/ cd /tmp/$NAME sudo find . | xargs file | grep "executable" | grep ELF | grep "not stripped" | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null sudo find . | xargs file | grep "shared object" | grep ELF | grep "not stripped" | cut -f 1 -d : | xargs strip -g 2> /dev/null echo "Creating package..." cd /tmp/ sudo mksquashfs $NAME $NAME.tcz sudo md5sum $NAME.tcz > $NAME.tcz.md5.txt cd $NAME sudo find usr -not -type d > ../$NAME.tcz.list cd /tmp/ SIZE="`du -k $NAME.tcz|cut -f1`k" sudo echo "Title: $NAME.tcz Description: THC-Hydra Version: $VERSION Author: Van Hauser Original-site: http://freeworld.thc.org/thc-hydra/ Copying-policy: GPLv3 Size: $SIZE Extension_by: andriscom Comments: A very fast network logon cracker which support many different services. Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. Currently this tool supports: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, LDAP2, Cisco AAA (incorporated in telnet module). This tool is a proof of concept code, to give researchers and security consultants the possiblity to show how easy it would be to gain unauthorized access from remote to a system. Usage examples: hydra -L userlist -P password 192.168.0.1 smb hydra -L userlist -P password ftp.example.com ftp -f cat dictionary.txt | pw-inspector -m 6 -c 2 -n > passlist.txt Built with CFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with CXXFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with LDFLAGS: -Wl,-O1 Built with the following options: ./configure $CONFIGURE Source: $SOURCE Change-log: $DATE Version: $VERSION Current: $DATE Version: $VERSION " > $NAME.tcz.info sudo echo "libssh.tcz postgresql.tcz " > $NAME.tcz.dep cd /tmp/ mkdir packages 2>/dev/null sudo rm packages/$NAME.tar.gz 2>/dev/null tar zcf packages/$NAME.tar.gz $NAME.tcz* $NAME-dev.tcz* $NAME-doc.tcz* $NAME-locale.tcz* $SCRIPT_NAME echo " Run bcrypt on /tmp/packages/*.tar.gz... give password: tinycore" echo "Run the extension_audit.sh and reboot a clean system to try the packages!" echo "Send it to: tcesubmit@gmail.com"