nmap / ncrack

Ncrack network authentication tool
Other
1.08k stars 237 forks source link

Stack trace of segment error when RESUME dump added #106

Open k79e opened 3 years ago

k79e commented 3 years ago

I find that small iplist can't trigger this problem. I used a 2800+ line file and can easy reproduce it.

ncrack[34392]: segfault at b7b ip 000055a9bcec5120 sp 00007fffff9022c8 error 4 in ncrack[55a9bceba000+59000] [332778.729618] Code: 8b 7b 10 eb 81 90 0f 1f 40 00 48 8b 57 50 48 8b 87 a8 01 00 00 48 2b 02 48 c1 f8 03 c3 90 66 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 8b 47 50 89 f6 48 8b 00 48 8d 04 f0 48 89 87 a8 01 00 00 c3 90


Starting Ncrack 0.8 ( http://ncrack.org ) at 2021-03-31 17:18 CST Segmentation fault *** Segmentation fault Register dump:

RAX: 000055f7c692b760 RBX: 000055f7c692b760 RCX: 00000000ffffff80 RDX: 000055f7c6dbe1d0 RSI: 0000000000000000 RDI: 0000000000000b2b RBP: 00007ffe7c6c5c00 R8 : 000000000000000f R9 : 000055f7c692a520 R10: fffffffffffff015 R11: 00007f828a1194a0 R12: 000055f7c691b100 R13: 000055f7c692b760 R14: 000055f7c51feba0 R15: 000055f7c692b7f0 RSP: 00007ffe7c6c4078

RIP: 000055f7c5170120 EFLAGS: 00010246

CS: 0033 FS: 0000 GS: 0000

Trap: 0000000e Error: 00000004 OldMask: 00000000 CR2: 00000b7b

FPUCW: 0000037f FPUSW: 00000000 TAG: 00000000 RIP: 00000000 RDP: 00000000

ST(0) 0000 0000000000000000 ST(1) 0000 0000000000000000 ST(2) 0000 0000000000000000 ST(3) 0000 0000000000000000 ST(4) 0000 0000000000000000 ST(5) 0000 0000000000000000 ST(6) 0000 0000000000000000 ST(7) 0000 0000000000000000 mxcsr: 1fa0 XMM0: 000000000000000000000000ffffff00 XMM1: 000000000000000000000000ffffff00 XMM2: 000000000000000000000000ffffff00 XMM3: 000000000000000000000000ffffff00 XMM4: 000000000000000000000000ffffff00 XMM5: 000000000000000000000000ffffff00 XMM6: 000000000000000000000000ffffff00 XMM7: 000000000000000000000000ffffff00 XMM8: 000000000000000000000000ffffff00 XMM9: 000000000000000000000000ffffff00 XMM10: 000000000000000000000000ffffff00 XMM11: 000000000000000000000000ffffff00 XMM12: 000000000000000000000000ffffff00 XMM13: 000000000000000000000000ffffff00 XMM14: 000000000000000000000000ffffff00 XMM15: 000000000000000000000000ffffff00

Backtrace: ncrack(+0x13120)[0x55f7c5170120] ncrack(+0xee4e)[0x55f7c516be4e] ncrack(+0xa04c)[0x55f7c516704c] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb)[0x7f8289d3409b] ncrack(+0xa2aa)[0x55f7c51672aa]

Memory map:

55f7c515d000-55f7c5165000 r--p 00000000 08:16 278643 /sft/ncrack/bin/ncrack 55f7c5165000-55f7c51be000 r-xp 00008000 08:16 278643 /sft/ncrack/bin/ncrack 55f7c51be000-55f7c51fb000 r--p 00061000 08:16 278643 /sft/ncrack/bin/ncrack 55f7c51fb000-55f7c51fd000 r--p 0009d000 08:16 278643 /sft/ncrack/bin/ncrack 55f7c51fd000-55f7c51ff000 rw-p 0009f000 08:16 278643 /sft/ncrack/bin/ncrack 55f7c51ff000-55f7c5200000 rw-p 00000000 00:00 0 55f7c6902000-55f7c6dca000 rw-p 00000000 00:00 0 [heap] 7f8289cd1000-7f8289cd4000 r--p 00000000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289cd4000-7f8289cdb000 r-xp 00003000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289cdb000-7f8289cdd000 r--p 0000a000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289cdd000-7f8289cde000 ---p 0000c000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289cde000-7f8289cdf000 r--p 0000c000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289cdf000-7f8289ce0000 rw-p 0000d000 08:01 708 /usr/lib/x86_64-linux-gnu/libnss_files-2.28.so 7f8289ce0000-7f8289cea000 rw-p 00000000 00:00 0 7f8289cea000-7f8289cf0000 r--p 00000000 08:01 714 /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 7f8289cf0000-7f8289cff000 r-xp 00006000 08:01 714 /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 7f8289cff000-7f8289d05000 r--p 00015000 08:01 714 /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 7f8289d05000-7f8289d06000 r--p 0001a000 08:01 714 /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 7f8289d06000-7f8289d07000 rw-p 0001b000 08:01 714 /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 7f8289d07000-7f8289d0b000 rw-p 00000000 00:00 0 7f8289d0b000-7f8289d0c000 r--p 00000000 08:01 698 /usr/lib/x86_64-linux-gnu/libdl-2.28.so 7f8289d0c000-7f8289d0d000 r-xp 00001000 08:01 698 /usr/lib/x86_64-linux-gnu/libdl-2.28.so 7f8289d0d000-7f8289d0e000 r--p 00002000 08:01 698 /usr/lib/x86_64-linux-gnu/libdl-2.28.so 7f8289d0e000-7f8289d0f000 r--p 00002000 08:01 698 /usr/lib/x86_64-linux-gnu/libdl-2.28.so 7f8289d0f000-7f8289d10000 rw-p 00003000 08:01 698 /usr/lib/x86_64-linux-gnu/libdl-2.28.so 7f8289d10000-7f8289d32000 r--p 00000000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289d32000-7f8289e7a000 r-xp 00022000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289e7a000-7f8289ec6000 r--p 0016a000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289ec6000-7f8289ec7000 ---p 001b6000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289ec7000-7f8289ecb000 r--p 001b6000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289ecb000-7f8289ecd000 rw-p 001ba000 08:01 696 /usr/lib/x86_64-linux-gnu/libc-2.28.so 7f8289ecd000-7f8289ed3000 rw-p 00000000 00:00 0 7f8289ed3000-7f8289ed6000 r--p 00000000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289ed6000-7f8289ee7000 r-xp 00003000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289ee7000-7f8289eea000 r--p 00014000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289eea000-7f8289eeb000 ---p 00017000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289eeb000-7f8289eec000 r--p 00017000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289eec000-7f8289eed000 rw-p 00018000 08:01 31 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1 7f8289eed000-7f8289efa000 r--p 00000000 08:01 699 /usr/lib/x86_64-linux-gnu/libm-2.28.so 7f8289efa000-7f8289f99000 r-xp 0000d000 08:01 699 /usr/lib/x86_64-linux-gnu/libm-2.28.so 7f8289f99000-7f828a06e000 r--p 000ac000 08:01 699 /usr/lib/x86_64-linux-gnu/libm-2.28.so 7f828a06e000-7f828a06f000 r--p 00180000 08:01 699 /usr/lib/x86_64-linux-gnu/libm-2.28.so 7f828a06f000-7f828a070000 rw-p 00181000 08:01 699 /usr/lib/x86_64-linux-gnu/libm-2.28.so 7f828a070000-7f828a0f9000 r--p 00000000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a0f9000-7f828a1a5000 r-xp 00089000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a1a5000-7f828a1e3000 r--p 00135000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a1e3000-7f828a1e4000 ---p 00173000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a1e4000-7f828a1ee000 r--p 00173000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a1ee000-7f828a1f0000 rw-p 0017d000 08:01 3369 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25 7f828a1f0000-7f828a1f4000 rw-p 00000000 00:00 0 7f828a1f4000-7f828a279000 r--p 00000000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a279000-7f828a417000 r-xp 00085000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a417000-7f828a4a6000 r--p 00223000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a4a6000-7f828a4a7000 ---p 002b2000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a4a7000-7f828a4d7000 r--p 002b2000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a4d7000-7f828a4d9000 rw-p 002e2000 08:01 1817 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 7f828a4d9000-7f828a4dd000 rw-p 00000000 00:00 0 7f828a4dd000-7f828a4fa000 r--p 00000000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a4fa000-7f828a547000 r-xp 0001d000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a547000-7f828a561000 r--p 0006a000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a561000-7f828a562000 ---p 00084000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a562000-7f828a56b000 r--p 00084000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a56b000-7f828a56f000 rw-p 0008d000 08:01 1818 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 7f828a577000-7f828a578000 r--p 00000000 08:01 36 /usr/lib/x86_64-linux-gnu/libSegFault.so 7f828a578000-7f828a57b000 r-xp 00001000 08:01 36 /usr/lib/x86_64-linux-gnu/libSegFault.so 7f828a57b000-7f828a57c000 r--p 00004000 08:01 36 /usr/lib/x86_64-linux-gnu/libSegFault.so 7f828a57c000-7f828a57d000 r--p 00004000 08:01 36 /usr/lib/x86_64-linux-gnu/libSegFault.so 7f828a57d000-7f828a57e000 rw-p 00005000 08:01 36 /usr/lib/x86_64-linux-gnu/libSegFault.so 7f828a57e000-7f828a580000 rw-p 00000000 00:00 0 7f828a580000-7f828a581000 r--p 00000000 08:01 33 /usr/lib/x86_64-linux-gnu/ld-2.28.so 7f828a581000-7f828a59f000 r-xp 00001000 08:01 33 /usr/lib/x86_64-linux-gnu/ld-2.28.so 7f828a59f000-7f828a5a7000 r--p 0001f000 08:01 33 /usr/lib/x86_64-linux-gnu/ld-2.28.so 7f828a5a7000-7f828a5a8000 r--p 00026000 08:01 33 /usr/lib/x86_64-linux-gnu/ld-2.28.so 7f828a5a8000-7f828a5a9000 rw-p 00027000 08:01 33 /usr/lib/x86_64-linux-gnu/ld-2.28.so 7f828a5a9000-7f828a5aa000 rw-p 00000000 00:00 0 7ffe7c6a7000-7ffe7c6c8000 rw-p 00000000 00:00 0 t 7ffe7c728000-7ffe7c72b000 r--p 00000000 00:00 0 [vvar] 7ffe7c72b000-7ffe7c72d000 r-xp 00000000 00:00 0 [vdso]

Here is dmp file (It's a tgz file with zip name) ncrack_dump_segerror when resume.tgz.zip