Skip to content

FIX: FreeBSD ettercap Segmentation Fault

March 13, 2012

1. The problem is with regular ettercap ‘make install’ on FreeBSD ( 8.1-RELEASE FreeBSD and may be more… )

gw# ettercap -zT -ivlan28 -pu -P dns_spoof /192.168.28.122/ ; sysctl -a|grep forward

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on vlan28… (Ethernet)

vlan28 -> 00:30:48:8C:BE:EB 192.168.28.1 255.255.255.0

Privileges dropped to UID 65534 GID 65534…

28 plugins
39 protocol dissectors
53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Starting Unified sniffing…

Text only Interface activated…
Hit ‘h’ for inline help

Activating dns_spoof plugin…
Ooops ! This shouldn’t happen…
Segmentation Fault…

Please recompile in debug mode, reproduce the bug and send a bugreport

2. The solution (FIX) is to patch the C source and then make ettercap:

gw# pwd
/usr/ports/net-mgmt/ettercap
gw# make fetch
gw# make fetch

===> Vulnerability check disabled, database not found
===> License check disabled, port has not defined LICENSE
===> Found saved configuration for ettercap-0.7.3_10,1

gw# make extract

===> Vulnerability check disabled, database not found
===> License check disabled, port has not defined LICENSE
===> Found saved configuration for ettercap-0.7.3_10,1
===> Extracting for ettercap-0.7.3_10,1
=> SHA256 Checksum OK for ettercap-NG-0.7.3.tar.gz.

gw# cd work/ettercap-NG-0.7.3/src/protocols/

gw# vi ec_tcp.c

/* THE PATCH!!! edited by Sto
* opt_end = (u_char *)((int)tcp + tcp->off * 4);
*/
opt_end = (u_char *)(tcp + tcp->off * 4);

gw# cd ../../../../
gw# pwd
/usr/ports/net-mgmt/ettercap

gw# make install clean clean-depends

…………………

gw# ettercap -zTq -ivlan28 -pu -P dns_spoof /192.168.28.122/

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on vlan28… (Ethernet)

vlan28 -> 00:30:48:8C:BE:EB 192.168.28.1 255.255.255.0

Privileges dropped to UID 65534 GID 65534…

28 plugins
39 protocol dissectors
53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Starting Unified sniffing…

Text only Interface activated…
Hit ‘h’ for inline help

Activating dns_spoof plugin…

dns_spoof: [microsoft.com] spoofed to [198.182.196.56]

… happy sniffer days begins

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: