View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002284 | Kali Linux | Kali Package Improvement | public | 2015-05-21 15:09 | 2016-03-08 14:45 |
| Reporter | karaban | Assigned To | rhertzog | ||
| Priority | low | Severity | crash | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Fixed in Version | 2016.2 | ||||
| Summary | 0002284: Medusa crashes when attacking SSH service in multi-threaded (with -t for multi-logins or -T for multi-hots) manner. | ||||
| Description | The crash message: medusa: ath.c:193: _gcry_ath_mutex_lock: Assertion `*lock == ((ath_mutex_t) 0)' failed. This is a known bug. The medusa developer once commented on it here -- The solution can also be found on the page above. Basically you need to manually build the libssh2 with dependency on libssl-dev instead of libgcrypt-dev. And then have only medusa use that manually-built library. I stress only so that you don't introduce unexpected issues to other packages depending on stock Debian libssh2 library (which happens to depend on libgcrypt) by replacing it with manually-built one. | ||||
| Steps To Reproduce | Start ssh service on the target host. Usually medusa crashes on the first minute. The more threads, the faster the crash. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-05-21 15:09 | karaban | New Issue | |
| 2015-05-21 15:46 | rhertzog | Assigned To | => rhertzog |
| 2015-05-21 15:46 | rhertzog | Status | new => assigned |
| 2016-03-08 14:45 | rhertzog | Note Added: 0004828 | |
| 2016-03-08 14:45 | rhertzog | Status | assigned => resolved |
| 2016-03-08 14:45 | rhertzog | Fixed in Version | => 2016.2 |
| 2016-03-08 14:45 | rhertzog | Resolution | open => fixed |
