Segmentation Fault in ralabel 3.0.8

el draco eldraco at gmail.com
Fri Aug 15 09:16:21 EDT 2014 

Hi carter and list.
Sorry for the delay, I just came back from defcon and I'm going back
to my algorithms (btw, was anyone on defcon this year?)

Well, I use kali as my quick-and-dirty VM because it is already
configured with all the penetration test, libraries and forensic
tools, so I can play safely there. And most important, it uses the
apt-get system to update and install stuff. It is only a rebranded and
updated BackTrack. You can safely assume that BackTrack is dead now.


So, I just try it again in a live-cd and just booted Kali, and I keep
getting the segfault. I'm compiling straight out of the tar file, I
have no .debug or .devel tags. I also don't have any rarc.

I'm using kali 1.0.8 i386 iso file.

1- Just boot it and connect to internet.
2- Then I downloaded the argus clients dev 3.0.8 latest
wget http://qosient.com/argus/dev/argus-clients-latest.tar.gz
d4a7d167ba3f8452de3900bbf01fec46  argus-clients-latest.tar.gz

3- I compiled them without errors (./configure;make;make install)
4- Then I copied the 3 files i sent before and run:

5- ralabel -f ralabel.conf -r test.small.biargus -w test.small.biargus.labeled

And I get the segfault.

I hope you can reproduce it with kali also!

thanks!
sebas

On Wed, Aug 6, 2014 at 1:43 AM, Carter Bullard <carter at qosient.com> wrote:
> Hey Sebas,
> So no joy in getting your label configuration to die on
> Mac OS X, Ubuntu, FreeBsd, NetBsd …
>
> Your’s is compiled straight out of the tar file, no
> .debug or .devel tags ???  Do you have a rarc that
> could be setting an option that mine isn’t setting ???
>
> So whats with all the recent attention to Kali ???
> I like to pay attention to synchronistic events, and
> this is the second time Kali has come up in 2 days.
>
> Did they do something different ???  Still BackTrack
> or something new ???
>
> Hope all is most excellent,
>
> Carter
>
>
> On Aug 5, 2014, at 6:04 PM, el draco <eldraco at gmail.com> wrote:
>
> Hi Carter
> mmm... I only have debian systems around me, so I can not tell you if other
> systems are vulnerable.
> I'm heading for defcon now but tell me if I can try something else. If I can
> I will try on Kali later and see what happens.
>
> thanks
> sebas
>
>
>
> On Tue, Aug 5, 2014 at 6:37 PM, Carter Bullard <carter at qosient.com> wrote:
>>
>> Hey Sebas,
>> Not getting any problems on my systems here.
>> Will try to replicate on a Debian system.
>>
>> Carter
>>
>> On Aug 4, 2014, at 12:02 PM, el draco <eldraco at gmail.com> wrote:
>>
>> Hi list. Today I was running ralabel 3.0.8 for the first time and I got
>> this error.
>>
>> #### First computer ####
>>
>> ralabel -f ralabel.conf -r test.small.biargus -w
>> test.small.biargus.labeled
>> *** Error in `ralabel': munmap_chunk(): invalid pointer:
>> 0x0000000002c20f80 ***
>> ======= Backtrace: =========
>> /lib/x86_64-linux-gnu/libc.so.6(+0x7aa26)[0x7fc4cb169a26]
>> ralabel[0x432983]
>> ralabel[0x45a75b]
>> ralabel[0x460057]
>> ralabel[0x4037fe]
>> ralabel[0x403e4c]
>> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7fc4cb110995]
>> ralabel[0x4035f9]
>> ======= Memory map: ========
>> 00400000-00484000 r-xp 00000000 fe:01 53088964
>> /usr/local/bin/ralabel
>> 00683000-00693000 rw-p 00083000 fe:01 53088964
>> /usr/local/bin/ralabel
>> 00693000-011d0000 rw-p 00000000 00:00 0
>> 02c1f000-02c40000 rw-p 00000000 00:00 0
>> [heap]
>> 7fc4cae58000-7fc4cae6d000 r-xp 00000000 fe:01 47972390
>> /lib/x86_64-linux-gnu/libgcc_s.so.1
>> 7fc4cae6d000-7fc4cb06d000 ---p 00015000 fe:01 47972390
>> /lib/x86_64-linux-gnu/libgcc_s.so.1
>> 7fc4cb06d000-7fc4cb06e000 rw-p 00015000 fe:01 47972390
>> /lib/x86_64-linux-gnu/libgcc_s.so.1
>> 7fc4cb06e000-7fc4cb0ef000 rw-p 00000000 00:00 0
>> 7fc4cb0ef000-7fc4cb291000 r-xp 00000000 fe:01 47972376
>> /lib/x86_64-linux-gnu/libc-2.17.so
>> 7fc4cb291000-7fc4cb491000 ---p 001a2000 fe:01 47972376
>> /lib/x86_64-linux-gnu/libc-2.17.so
>> 7fc4cb491000-7fc4cb495000 r--p 001a2000 fe:01 47972376
>> /lib/x86_64-linux-gnu/libc-2.17.so
>> 7fc4cb495000-7fc4cb497000 rw-p 001a6000 fe:01 47972376
>> /lib/x86_64-linux-gnu/libc-2.17.so
>> 7fc4cb497000-7fc4cb49b000 rw-p 00000000 00:00 0
>> 7fc4cb49b000-7fc4cb4b2000 r-xp 00000000 fe:01 47972498
>> /lib/x86_64-linux-gnu/libz.so.1.2.8
>> 7fc4cb4b2000-7fc4cb6b1000 ---p 00017000 fe:01 47972498
>> /lib/x86_64-linux-gnu/libz.so.1.2.8
>> 7fc4cb6b1000-7fc4cb6b2000 r--p 00016000 fe:01 47972498
>> /lib/x86_64-linux-gnu/libz.so.1.2.8
>> 7fc4cb6b2000-7fc4cb6b3000 rw-p 00017000 fe:01 47972498
>> /lib/x86_64-linux-gnu/libz.so.1.2.8
>> 7fc4cb6b3000-7fc4cb6ca000 r-xp 00000000 fe:01 47972361
>> /lib/x86_64-linux-gnu/libpthread-2.17.so
>> 7fc4cb6ca000-7fc4cb8c9000 ---p 00017000 fe:01 47972361
>> /lib/x86_64-linux-gnu/libpthread-2.17.so
>> 7fc4cb8c9000-7fc4cb8ca000 r--p 00016000 fe:01 47972361
>> /lib/x86_64-linux-gnu/libpthread-2.17.so
>> 7fc4cb8ca000-7fc4cb8cb000 rw-p 00017000 fe:01 47972361
>> /lib/x86_64-linux-gnu/libpthread-2.17.so
>> 7fc4cb8cb000-7fc4cb8cf000 rw-p 00000000 00:00 0
>> 7fc4cb8cf000-7fc4cb9cb000 r-xp 00000000 fe:01 47972386
>> /lib/x86_64-linux-gnu/libm-2.17.so
>> 7fc4cb9cb000-7fc4cbbcb000 ---p 000fc000 fe:01 47972386
>> /lib/x86_64-linux-gnu/libm-2.17.so
>> 7fc4cbbcb000-7fc4cbbcc000 r--p 000fc000 fe:01 47972386
>> /lib/x86_64-linux-gnu/libm-2.17.so
>> 7fc4cbbcc000-7fc4cbbcd000 rw-p 000fd000 fe:01 47972386
>> /lib/x86_64-linux-gnu/libm-2.17.so
>> 7fc4cbbcd000-7fc4cbbee000 r-xp 00000000 fe:01 47972371
>> /lib/x86_64-linux-gnu/ld-2.17.so
>> 7fc4cbc19000-7fc4cbdd2000 rw-p 00000000 00:00 0
>> 7fc4cbde9000-7fc4cbdee000 rw-p 00000000 00:00 0
>> 7fc4cbdee000-7fc4cbdef000 r--p 00021000 fe:01 47972371
>> /lib/x86_64-linux-gnu/ld-2.17.so
>> 7fc4cbdef000-7fc4cbdf1000 rw-p 00022000 fe:01 47972371
>> /lib/x86_64-linux-gnu/ld-2.17.so
>> 7fff7ed38000-7fff7ed59000 rw-p 00000000 00:00 0
>> [stack]
>> 7fff7edfe000-7fff7ee00000 r-xp 00000000 00:00 0
>> [vdso]
>> ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
>> [vsyscall]
>> Aborted
>>
>> Info about my system:
>>
>> RaLabeler Version 3.0.8
>> Linux 3.9-1-amd64 #1 SMP Debian 3.9.8-1 x86_64 GNU/Linux
>> libpthread-stubs0:amd64               0.3-3
>> libgcc-4.8-dev:amd64                  4.8.2-16
>>
>>
>> #### Second Computer ####
>> In another computer the error is:
>> ralabel -f test.ralabel.conf -r test.small.biargus -w
>> test.small.biargus.labeled
>> *** Error in `ralabel': double free or corruption (!prev): 0x0a697920 ***
>> Aborted
>>
>> Info of the second computer:
>> Linux 3.14-1-686-pae #1 SMP Debian 3.14.12-1 (2014-07-11) i686 GNU/Linux
>> RaLabeler Version 3.0.8
>>
>>
>> #### General ####
>> The biargus file was generated with argus 3.0.8 also.
>> I'm attaching you all the files so you can test it.
>>
>>
>> thanks
>> sebas
>>
>>
>>
>>
>>
>>
>> <test.small.biargus><test.ralabel.conf><test.ralabel>
>>
>>
>
>

More information about the argus mailing list