C4l4M1TY / pyrit

Automatically exported from code.google.com/p/pyrit
0 stars 1 forks source link

Errors with large wordlists with svn r297 4.1-dev #266

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. attack passthrough with --all-handshakes and large wordlists

What is the expected output? What do you see instead?
Expected to see Success/Fail
Instead errors:

Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-6:
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-2:2549 PMKs per second.
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-5:1163 PMKs per second.
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-8:1142 PMKs per second.
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-4:
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Segmentation faults so far; 32671 PMKs per second.

What version of the product are you using? On what operating system?
4.1-dev r297 with Ubuntu 10.10 Maverick

Please provide any additional information below.

Using intel i7 965 HT disabled stock speed 
One GeForce GTX 480 running at stock speed
Different errors appear when trying to run again, command used:

pyrit --all-handshakes -r oct2203-02.cap -e "masters" -i Super-WPA 
attack_passthrough

Wordlist used can be found on isohunt torrent name:
WPA-PSK WORDLIST 3 final
its 4gb to dl

Original issue reported on code.google.com by haykey...@gmail.com on 22 Feb 2011 at 11:44

GoogleCodeExporter commented 8 years ago
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-1:850 PMKs per second.
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Exception in thread Thread-4:9863 PMKs per second.
Traceback (most recent call last):
  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/pckttools.py", line 709, in run
    solution = self.solve(results)
ValueError: All PMKs must be strings of 32 characters

Fatal Python error: Inconsistent interned string state.

another error.... 

Original comment by haykey...@gmail.com on 23 Feb 2011 at 3:38

GoogleCodeExporter commented 8 years ago
This is a rather strange error that I suspect to be caused by memory 
corruption. I've completed running a 4gb file through Pyrit on Ubuntu 10.10 
without problems. Even if there was some error with reading files larger than 
2**32-1 bytes, the errors you posted should not appear.

Can you run memcheck on that machine?

Original comment by lukas.l...@gmail.com on 23 Feb 2011 at 10:29

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
I have also processed the 4gb Custom-WPA wordlist and have not yet experienced 
this issue, and im using old x86 cpus.

Maybe this is related to the SandyBridge chipset defect or a corrupted wordlist?

Original comment by mrfantas...@aol.com on 23 Feb 2011 at 6:38

GoogleCodeExporter commented 8 years ago
Ive just run one round of memtest with no problems, going to try a 12+ session 
tonight + tomorrow to confirm the results.

For info purposes this is a:
Rampage II Extreme mobo with a asus GTX 480 and 6GB of 1333 mhz Kingston RAM
with Ubuntu 10.10 32bit

Original comment by haykey...@gmail.com on 23 Feb 2011 at 11:59

GoogleCodeExporter commented 8 years ago
You know, you should import the wordlist to a db/sql server, since pyrit 
automatically parses it for "bad words"

Using the import_wordlist option, once youve got all your wordlists loaded, you 
can then creat_essid and do pyrit batch, as opposed to doing a passthrough 
attack, if theres any problem with your word lists, pyrit db should catch it 
and illiminate the issue, I am assuming theres some sort of problem with your 
wordlist, you also might want to run some tests on your hard disk to ensure 
there is not a problem with corruption on your disks.

Original comment by mrfantas...@aol.com on 24 Feb 2011 at 3:22

GoogleCodeExporter commented 8 years ago
The errors you see ("ValueError: All PMKs must be strings of 32 characters") 
are actually just safeguards and should never get triggered under normal 
operation. This is especially true as under "passthrough"-modes, the Pairwise 
Master Keys are created as strings of 32 characters each and then passed to the 
EAPOLCracker (which throws the error above).

I strongly suspect some memory corruption issue (happening in RAM).

Original comment by lukas.l...@gmail.com on 24 Feb 2011 at 3:27

GoogleCodeExporter commented 8 years ago
Well I just concluded a 10+ hour session of memtest86 without errors, not sure 
what else it could be, I will try the import to server route and see what 
happens. 

Original comment by haykey...@gmail.com on 24 Feb 2011 at 10:52

GoogleCodeExporter commented 8 years ago
Are you aware of the flaw in intels sandy bridge platform? I dont know if this 
is relevant, but is your chipset part of the deffective shipment? 

Original comment by mrfantas...@aol.com on 25 Feb 2011 at 1:57

GoogleCodeExporter commented 8 years ago
How could I find that out?

Original comment by haykey...@gmail.com on 25 Feb 2011 at 2:38

GoogleCodeExporter commented 8 years ago
Now that I looked, I do not believe I have the sandy bridge chipset. I have 6 
SATA ports but all are 3GB/s. This mobo was bought late 2009. I am currently 
putting my wordlists into pyrit, will let everyone know how it works after 
this. 

Original comment by haykey...@gmail.com on 25 Feb 2011 at 2:48

GoogleCodeExporter commented 8 years ago
Ok so I got my ~960 million words imported into pyrit along with the masters 
essid; now when I run batch it ran well to about 60% but now I am getting 
segfaults and this error: 

hair@zod:~/monkeybusiness$ pyrit batch
Pyrit 0.4.1-dev (svn r297) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+

Connecting to storage at 'file://'...  connected.
Working on ESSID 'masters'
Traceback (most recent call last):far (64.5%); 37529 PMKs per second.
  File "/usr/local/bin/pyrit", line 6, in <module>
    pyrit_cli.Pyrit_CLI().initFromArgv()
  File "/usr/local/lib/python2.6/dist-packages/pyrit_cli.py", line 115, in initFromArgv
    func(self, **options)
  File "/usr/local/lib/python2.6/dist-packages/pyrit_cli.py", line 803, in batchprocess
    for results in dbiterator:
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/cpyrit.py", line 787, in next
    solvedResults
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/storage.py", line 486, in __setitem__
    f.write(PYR2_Buffer(essid, results).pack())
  File "/usr/local/lib/python2.6/dist-packages/cpyrit/storage.py", line 248, in pack
    pmkbuffer = ''.join(pmks)
OverflowError: join() result is too long for a Python string

Original comment by haykey...@gmail.com on 26 Feb 2011 at 6:06

GoogleCodeExporter commented 8 years ago
are you planning to batch process/precompute the pmks into a db?

Original comment by mrfantas...@aol.com on 26 Feb 2011 at 11:44

GoogleCodeExporter commented 8 years ago
yes...

Original comment by haykey...@gmail.com on 27 Feb 2011 at 12:22

GoogleCodeExporter commented 8 years ago
yeah were doin the same thing, and since, apparently pyrit "serve" is broken 
atm, we found that u can manually run pyrit batch on multiple nodes configured 
for the same sql db and they will all process different work units of the same 
db, working together in essence. So, just letting ya know, thats how we found 
we could actually use multiple nodes to compute the psk db

Original comment by mrfantas...@aol.com on 27 Feb 2011 at 1:25

GoogleCodeExporter commented 8 years ago
Ok i think this one might be solved, just gonna wait a bit longer for a good 
overnight run to see

Original comment by haykey...@gmail.com on 27 Feb 2011 at 10:43

GoogleCodeExporter commented 8 years ago
Still getting segfaults with pyrit batch command... maybe I will try the 
downloadable version of pyrit to see if it behaves differently...

Original comment by haykey...@gmail.com on 28 Feb 2011 at 5:31

GoogleCodeExporter commented 8 years ago
Pyrit serve has not been fixed yet as far as I know, svn 0.4.1 still has the 
issue

Original comment by mrfantas...@aol.com on 28 Feb 2011 at 6:23

GoogleCodeExporter commented 8 years ago
Personally, I think Precomputing the PMKs to file:// is pretty retarded, setup 
your config for sql instead, that way you have a solid foundation moving 
forward for expansion, at least with sql you can configure your hosts conf file 
and work on the same task with your nodes, and until they fix the pyrit serve 
command, this is the only way and your spinnning your wheels and going nowhere, 
trust bro, were in the same boat as you, and Im sure your going to eventually 
come to the same conclusion, just trying to save you some time.

Original comment by mrfantas...@aol.com on 28 Feb 2011 at 6:26

GoogleCodeExporter commented 8 years ago
I've had all sorts of issues with WPA-PSK WORDLIST file. For some reason it 
came in two files. I catted them into a new file and I no longer had any 
corruption issues. I recommend you do the same. I think the torrent is corrupt. 

Original comment by GrantWSa...@gmail.com on 1 Mar 2011 at 10:38

GoogleCodeExporter commented 8 years ago
It turns out my issues were likely RAM related, yesterday my RAM failed 
completely.

Original comment by haykey...@gmail.com on 13 Mar 2011 at 4:04

GoogleCodeExporter commented 8 years ago

Original comment by lukas.l...@gmail.com on 13 Mar 2011 at 5:57