Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RTSP 451 ERR unknown authentication protocol 9.5 dev #862

Open
francisuk1989 opened this issue Jun 27, 2023 · 2 comments
Open

RTSP 451 ERR unknown authentication protocol 9.5 dev #862

francisuk1989 opened this issue Jun 27, 2023 · 2 comments
Labels
help wanted

Comments

@francisuk1989
Copy link

francisuk1989 commented Jun 27, 2023
edited

Auth is not done via rtsp://admin:12345@192.168.5.150, Only the RTSP path like "/user=^USER^&^PASS^=&stream" works.
So normal to view the stream in VLC, I would enter rtsp://192.168.5.150/user=^USER^&^PASS^=&stream.

When trying to hydra, I get "[ERROR] unknown authentication protocol" what is on line 138 here
https://github.com/vanhauser-thc/thc-hydra/blob/master/hydra-rtsp.c#L138

RTSP status 451 is "Parameter Not Understood" https://www.websitepulse.com/kb/rtsp_status_codes so with a guess, there needs to be some instructions on how to do deal with the RTSP 451?

However im unsure as i dont know what this format would look like on rtsp /user=^USER^&^PASS^=&stream

[daz@linuxhex hydra]$ hydra -d -I -l admin -P testauth -o testout.txt 192.168.5.150 rtsp "/user=^USER^&^PASS^=&stream"
Hydra v9.5 (c) 2023 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

[DEBUG] RECV [pid:1468] (52 bytes):
0000:  5254 5350 2f31 2e30 2034 3531 2045 5252    [ RTSP/1.0 451 ERR ]
0010:  4f52 0d0a 5365 7276 6572 3a20 4832 3634    [ OR..Server: SMART ]
0020:  4456 5220 312e 300d 0a43 7365 713a 2032    [ DVR..Cseq: 2 ]
0030:  0d0a 0d0a                                  [ ....             ]
DEBUG_CONNECT_OK
[DEBUG] SEND [pid:1460] (54 bytes):
0000:  4445 5343 5249 4245 2072 7473 703a 2f2f    [ DESCRIBE rtsp:// ]
0010:  3933 2e34 322e 3735 2e31 3631 3a35 3534    [ 192.168.5.150:554 ]
0020:  2052 5453 502f 312e 300d 0a43 5365 713a    [  RTSP/1.0..CSeq: ]
0030:  2032 0d0a 0d0a                             [  2....           ]
[DEBUG] hydra_receive_line: waittime: 32, conwait: 0, socket: 8, pid: 1460
[ERROR] unknown authentication protocol
DEBUG_DISCONNECT
[ERROR] unknown authentication protocol
DEBUG_DISCONNECT

Without the debug option

[ERROR] unknown authentication protocol
[ERROR] unknown authentication protocol
[ERROR] unknown authentication protocol
[ERROR] unknown authentication protocol
[ERROR] unknown authentication protocol

Arch Linux
9.5 dev
@vanhauser-thc
Copy link
Owner

I do not know details of RTSP. it could be that the server needs more parameters (e.g. as headers)?
I would try to get a normal client working with the target then remove what is unneeded and add what is necessary to hydra-rtsp.c ...

@francisuk1989
Copy link
Author

francisuk1989 commented Jun 30, 2023
edited

I do not know details of RTSP. it could be that the server needs more parameters (e.g. as headers)? ...

can you give me an example of a parameter (e.g. as headers) maybe i can help? Isnt the parmeter "RTSP/1.0 451 ERROR" what hydra reads as 404 if the password isnt found?

line 28
https://github.com/vanhauser-thc/thc-hydra/blob/master/hydra-rtsp.c#L28

int32_t is_NotFound(char *s) {
  if (strcasestr(s, "451 ERROR") != NULL || strcasestr(s, "451 ERR") != NULL) {
    return 1;
  } else {
    return 0;
  }
}

Edit
Even giving the correct password, I still end up with RTSP/1.0 451 ERROR, Even with or without the rtsp path /

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vanhauser-thc @francisuk1989