Window Forwarding of x11 window contents inconsistent

[jabreity]

Describe the bug Using provide vagrantfile below as a basis, I am unable to reliably launch an x11 session on my local machine. It was working until last night. Thank you!

To Reproduce Steps to reproduce the behavior:

1. Install Fedora on two servers
2. Download Vagrantfile
3. On server 1, Install KVM/QEMU, Virsh
4. On server 2, install desktop environment, vagrant, and vagrant-libvirt plugin
5. Vagrant up the vagrantfile
6. Vagrant ssh into the host
7. run ./ghidra-master/Ghidra/RuntimeScripts/Linux/ghidraRun
8. yields error as follows:

openjdk version "21.0.4" 2024-07-16
OpenJDK Runtime Environment (build 21.0.4+7-Debian-1)
OpenJDK 64-Bit Server VM (build 21.0.4+7-Debian-1, mixed mode)
INFO  Using log config file: jar:file:/home/vagrant/ghidra-master/Ghidra/Framework/Generic/build/libs/Generic.jar!/generic.log4jdev.xml   (LoggingInitialization.java:50) 
INFO  Using log file: /root/.config/ghidra/ghidra_11.2_DEV_location_vagrant/application.log   (LoggingInitialization.java:51) 

Exception: java.lang.NoClassDefFoundError thrown from the UncaughtExceptionHandler in thread "Ghidra"

Expected behavior An x11 forwarded window session should spawn

Screenshots I have shared the recorded livestream of the failure here: https://www.twitch.tv/videos/2204803320

Attachments If applicable, please attach any files that caused problems or log files generated by the software.

Environment (please complete the following information):

• Using https://github.com/jabreity/NationalSecurityAgencyGhidra/blob/main/vagrantfile
  • Guest OS: Linux kali 6.6.15-amd64 #1 SMP PREEMPT_DYNAMIC Kali 6.6.15-2kali1 (2024-05-17) x86_64 GNU/Linux
• Client OS: Linux fedora 6.9.10-200.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jul 18 21:39:30 UTC 2024 x86_64 GNU/Linux
  • Java Version:
  • openjdk 21.0.4 2024-07-16
  • OpenJDK Runtime Environment (build 21.0.4+7-Debian-1)
  • OpenJDK 64-Bit Server VM (build 21.0.4+7-Debian-1, mixed mode, sharing)
  • Ghidra Version: ghidra_11.2_DEV
  • Ghidra Origin: Locally built from git clone of branch: master

Additional context I noticed there was likely a C2 session spawned on my local host during use of the application. YMMV.

For what it is worth, Ghidra runs within an x11 vnc session all day.

[dev747368]

ghidra-master/Ghidra/RuntimeScripts/Linux/ghidraRun

What you are describing does not seem to be a normal ghidra layout and is not expected to work when run this way.

Is there any reason you can't run ghidra from an extracted release.zip?

[jabreity]

I do DevSecOps automation for money normally, working with orgs such as Optiv and RedLegg. Every app which launches in an X11 session should work on a forwarded session. Ghidra builds fine. It's difficult to know if I'd want to work, perhaps closer to Elk Ridge again, on such projects if I don't have some kind of experience developing against the project.

A more direct response would be for the simple reason that I do development on an underpowered, 10 year old laptop, and use remote sessions to harness the much greater resources of a machine I'd care not to sit next to, located in the basement where I can't hear it as much. Similar to headless jobs running at a distance, this is a so-called 'headed' job running at a distance.

For what it is worth, it does run remotely when I extract the zipfile. Thank you! However, it does crash, taking out my local X11 session with it. I believe I'd like to use my own build to be certain.

[dev747368]

re: your own build. Sure, but instead of running stuff from the source code tree, you need to extract your locally built .zip file, and then run ghidra from that location.

re: running Ghidra over a remote X11 session. That should be fine. I do that all the time. (eg. ssh -Y remotehost)

[ryanmkurtz]

@jabreity For you to run Ghidra from the source tree via ./ghidra-master/Ghidra/RuntimeScripts/Linux/ghidraRun, you must first do a gradle jar so the java files can build. Did you do that step?

Where we stand with this open ticket?

[jabreity]

I'm reviewing tonight, I had to push it back a sprint.

On Tue, Aug 6, 2024 at 10:51 AM Ryan Kurtz @.***> wrote:

@jabreity https://github.com/jabreity For you to run Ghidra from the source tree via ./ghidra-master/Ghidra/RuntimeScripts/Linux/ghidraRun, you must first do a gradle jar so the java files can build. Did you do that step?

Where we stand with this open ticket?

— Reply to this email directly, view it on GitHub https://github.com/NationalSecurityAgency/ghidra/issues/6748#issuecomment-2271488519, or unsubscribe https://github.com/notifications/unsubscribe-auth/ATZ5JFOU5JZZGDEDTNIZ53LZQDPIFAVCNFSM6AAAAABLMBSPWOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENZRGQ4DQNJRHE . You are receiving this because you were mentioned.Message ID: @.***>