search

robertdavidgraham / masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
GNU Affero General Public License v3.0
23.08k stars 3.03k forks source link

segmentation issue pfring masscan #366

Open bml0aGlu opened 6 years ago

bml0aGlu commented 6 years ago

pcap: found library: libpcap.so pcap: pcap_dev_name: failed pcap: pcap_dev_description: failed pcap: pcap_dev_next: failed pcap: pcap_sendqueue_alloc: failed pcap: pcap_sendqueue_transmit: failed pcap: pcap_sendqueue_destroy: failed pcap: pcap_sendqueue_queue: failed initializing adapter

Segmentation fault: please post this backtrace to: https://github.com/robertdavidgraham/masscan/issues

2: [/lib64/libc.so.6(+0x35270) [0x7fb507069270]] ?? ??:0 1: [masscan() [0x4115f5]] handle_segfault at /root/nithin/masscan/src/pixie-backtrace.c:35

mzpqnxow commented 6 years ago

You might want to first ensure libpcap.so is on the system masscan is RUNNING on (not built on) and also make sure you didn’t somehow link masscan statically. Masscan was changed a while back to not link in libpcap at build time if I remember, raising the possibility for issues like this.

You can use ‘file’ on masscan and libpcap.so and make sure they’re the same ELF ABI (check to ensure matching 32/32 bit or 64/64 bit for both masscan and libpcap on the system.

It may be helpful to run:

‘sudo strace -o trace.log masscan

And then attach the results of egrep ‘(libpcap|dlopen|dlsym)’ trace.log to this bug report (or the whole trace.log, but it may be a bit large)

I’m typing this on mobile so if the grep is empty, it’s my mistake, just attach the whole trace.

This should be enough to start allowing us to troubleshoot things as it will tell us if masscan is able to dynamically open the pcap libs and resolve there

I don’t know enough about libpcap api stability to be sure but it’s also possible it’s finding an unexpected version of libpcap at runtime without the expected symbols; though, these symbol are pretty fundamental libpcap symbols so I’m not sure this is the issue. My hunch is 32/64 bit issue as mentioned above or missing libpcap.so on the running system and misleading error handling/output on the masscan side.

On Thu, Jul 26, 2018 at 19:28 nithin-reddy notifications@github.com wrote:

pcap: found library: libpcap.so pcap: pcap_dev_name: failed pcap: pcap_dev_description: failed pcap: pcap_dev_next: failed pcap: pcap_sendqueue_alloc: failed pcap: pcap_sendqueue_transmit: failed pcap: pcap_sendqueue_destroy: failed pcap: pcap_sendqueue_queue: failed initializing adapter Segmentation fault: please post this backtrace to: https://github.com/robertdavidgraham/masscan/issues

2: [/lib64/libc.so.6(+0x35270) [0x7fb507069270]] ?? ??:0 1: [masscan() [0x4115f5]] handle_segfault at /root/nithin/masscan/src/pixie-backtrace.c:35

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/robertdavidgraham/masscan/issues/366, or mute the thread https://github.com/notifications/unsubscribe-auth/AHpRZBDDDo-h7qPhR2c4HtgaS0KFFV-Fks5uKkKWgaJpZM4VipBU .