View Issue Details

IDProjectCategoryView StatusLast Update
0002284Kali Linux[All Projects] Kali Package Improvementpublic2016-03-08 14:45
Reporterkaraban Assigned Torhertzog  
PrioritylowSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version2016.2 
Summary0002284: Medusa crashes when attacking SSH service in multi-threaded (with -t for multi-logins or -T for multi-hots) manner.
DescriptionThe crash message:

medusa: ath.c:193: _gcry_ath_mutex_lock: Assertion `*lock == ((ath_mutex_t) 0)' failed.
Aborted

This is a known bug. The medusa developer once commented on it here --
http://lists.foofus.net/pipermail/foofus-tools-foofus.net/2009-March/000428.html

The solution can also be found on the page above. Basically you need to manually build the libssh2 with dependency on libssl-dev instead of libgcrypt-dev. And then have __only__ medusa use that manually-built library. I stress __only__ so that you don't introduce unexpected issues to other packages depending on stock Debian libssh2 library (which happens to depend on libgcrypt) by replacing it with manually-built one.
Steps To ReproduceStart ssh service on the target host.
Then start medusa on the attacker's host (with -t or -T switch for multi-threading!):
 medusa -h 10.1.1.1 -M ssh -u root -P /usr/share/wordlists/metasploit/unix_passwords.txt -t 10

Usually medusa crashes on the first minute. The more threads, the faster the crash.

Activities

rhertzog

2016-03-08 14:45

administrator   ~0004828

I believe that upstream has fixed this problem in medusa 2.2 and the work-around he wrote should be active in 2.2-0kali2 that I just uploaded to kali-dev/kali-rolling.

Feel free to reopen if it's not fixed in this version.

Issue History

Date Modified Username Field Change
2015-05-21 15:09 karaban New Issue
2015-05-21 15:46 rhertzog Assigned To => rhertzog
2015-05-21 15:46 rhertzog Status new => assigned
2016-03-08 14:45 rhertzog Note Added: 0004828
2016-03-08 14:45 rhertzog Status assigned => resolved
2016-03-08 14:45 rhertzog Fixed in Version => 2016.2
2016-03-08 14:45 rhertzog Resolution open => fixed