Problems with the spirit scan option (Segmentation fault)

[Omnividente]

The latest version was downloaded from github, the free and purchased versions were tested on different OS Centos 6, 7.8, Ubuntu 22.04. The problem is the following, very often when scanning with the scan options --local all, --local 10 --local 172, --range, the error "Segmentation fault (core dumped)" appears Sometimes the scanning starts after all.

Ubuntu 22.04

root@ubuntu:~# wget https://github.com/theaog/spirit/releases/download/v1.25/spirit.tgz >/dev/null 2>&1
root@ubuntu:~# tar --overwrite -zmxvf spirit.tgz -C .
spirit
go.sh
root@ubuntu:~# **./spirit scan --local all**
  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit (v1.25) upgrade by 12 Mar 23 00:00 UTC

INFO generating addresses for all ...
INFO created 17483836 addresses
INFO randomizing hosts...
Scanning...   0% [                    ]  [0s:0s]INFO starting scan using 1024 threads
^C
root@ubuntu:~# ./spirit scan --local all
  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit (v1.25) upgrade by 12 Mar 23 00:00 UTC

INFO generating addresses for all ...
Segmentation fault (core dumped)
root@ubuntu:~#

Centos 7

[root@localhost ~]# ./spirit scan --local all
  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit (v1.25) upgrade by 12 Mar 23 00:00 UTC

INFO generating addresses for all ...
Segmentation fault
[root@localhost ~]# ./spirit scan --local 192
  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit (v1.25) upgrade by 12 Mar 23 00:00 UTC

INFO generating addresses for 192 ...
Segmentation fault
[root@localhost ~]# ./spirit scan --local 192
  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit (v1.25) upgrade by 12 Mar 23 00:00 UTC

INFO generating addresses for 192 ...
INFO created 64516 addresses
INFO randomizing hosts...
Scanning...   0% [                    ]  [0s:0s]INFO starting scan using 1024 threads
^C
[root@localhost ~]#

As you can see from the logs above, on the same system, the same file, with the same startup parameters, sometimes works sometimes not.For example, on Ubuntu, this is clearly visible, the first time the scan started, the second time an error came out

PS The scan --local 192 option very rarely causes an error, so, I think that the error occurs when creating a list with a large number of ip addresses, this was not observed in versions 1.23 and below

[theaog]

the IP list is loaded in memory, I believe this might happen only if your system doesn't have enough memory to load a big list of IPs

[theaog]

I've also compiled a new version, please try w/ spirit upgrade not the bin from github and let me know if it happens again

[Omnividente]

[root@localhost ~]# ./spirit upgrade

  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

ERRO RPC: you have the latest version: v1.25
[root@localhost ~]# free
              total        used        free      shared  buff/cache   available
Mem:        3879652      261816     3488160        8528      129676     3432044
Swap:       4063228           0     4063228
[root@localhost ~]# ./spirit s --local all

  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit Pro (v1.25) upgrade by 04 Mar 23 00:00 UTC

INFO generating addresses for all ...
Segmentation fault
[root@localhost ~]#

[theaog]

try this bin: wget http://bashupload.com/BB8Ht/spirit should display an error instead of segmentation fault

[Omnividente]

[root@localhost spirittest]# ./spirit scan --local all

  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit Pro (v1.25) upgrade by 06 Mar 23 00:00 UTC

INFO generating addresses for all ...
INFO created 17483836 addresses
INFO randomizing hosts...
^C
[root@localhost spirittest]# ./spirit scan --local 10

  __    __    ___
 / _\  /  \  / __)   Spirit - Pentest Tools
/    \(  O )( (_ \   github.com/theaog/spirit
\_/\_/ \__/  \___/

Please note that using this software constitutes
your acceptance of our --terms of service.

Spirit Pro (v1.25) upgrade by 06 Mar 23 00:00 UTC

INFO generating addresses for 10 ...
INFO created 16387064 addresses
INFO randomizing hosts...
Scanning...   0% [                    ]  [0s:0s]INFO starting scan using 1024 threads
OPEN[1] 10.88.251.215:22   0% [                    ]  [15s:8184h37m27s]

Works fine now

[giulianopanini99]

same problem here ... i receive this error on parse and banner. what we should do ? we upgrade the spirit or we download this wget http://bashupload.com/BB8Ht/spirit the problem appeared since threads were limited to 2500 .. and when there are many ips we get segmentation fault ... I say leave it as it was before and who want to give a banner with 2500 threads should use ./spirit banner --threads 2500.

[theaog]

does this new bin produce the same errors?

[theaog]

the limit was introduced to avoid skipping IPs when the speed is too high, during tests I noticed that over 2500 threads, we lose around 50-100 hosts

[giulianopanini99]

if you have good root/internet .. you don't lose anything.. but if i try to scan forever in screen .. and after 2 hours of gathering the ip, it gives me an error when parsing or at the banner... what did I do? before this update was working fine

[giulianopanini99]

i dont know if this bin produce error ... i asked you what should i do.. we upgrade the spirit or we download this wget http://bashupload.com/BB8Ht/spirit ? i`m giuliano not Omnividente

[theaog]

try this bin I sent you, instead of segmentation fault it should write out an error, when it does show me the error so I can fix it.

[giulianopanini99]

--2023-03-03 14:27:14-- http://bashupload.com/BB8Ht/spirit Resolving bashupload.com (bashupload.com)... 116.203.186.178 Connecting to bashupload.com (bashupload.com)|116.203.186.178|:80... connected. HTTP request sent, awaiting response... 404 Not Found 2023-03-03 14:27:14 ERROR 404: Not Found.

[theaog]

somebody else watching this issue might have downloaded it, I re-uploaded: wget http://bashupload.com/eqoQU/spirit

[giulianopanini99]

./spirit banner

---

/ _\ / \ / ) Spirit - Pentest Tools / ( O )( ( \ github.com/theaog/spirit _/_/ _/ _/

Please note that using this software constitutes your acceptance of our --terms of service.

Segmentation fault (core dumped)

./spirit.1 banner --threads 100

---

/ _\ / \ / ) Spirit - Pentest Tools / ( O )( ( \ github.com/theaog/spirit _/_/ _/ _/

Please note that using this software constitutes your acceptance of our --terms of service.

INFO loaded 1990521 hosts from h.lst file WARN filtering out bad SSH versions: --filter=true Extract SSH Banners 0% [ ] [0s:0s]

so ./spirit is default spirit .. and spirit.1 is what i downloaded from bashupload ... this version dont crash ...

[giulianopanini99]

give us an ./spirit upgrade with that version from bashupload

[theaog]

you never get Segmentation fault (core dumped) w/ the bashupload version? just works all the time?

try also the latest spirit upgrade version. just compiled a new one.

[Omnividente]

you never get Segmentation fault (core dumped) w/ the bashupload version? just works all the time?

try also the latest spirit upgrade version. just compiled a new one.

I do not know if this error will appear further, but now I have checked the new version on about 10 servers of different operating systems and it started on all of them the first time

[theaog]

very nice, so may I consider the issue resolved?

[Omnividente]

For me yes P S Tell me how to see when my license ends?)

[theaog]

@Omnividente when you register a server it should tell you when the license expires:

> # ./spirit register my_license
[1] Congratulations! Your server has been licensed.
Your license expires on 2023-03-21 00:38:55.856369332 +0000 UTC