|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003097||Kali Linux||[All Projects] General Bug||public||2016-02-26 05:07||2016-07-11 08:55|
|Target Version||Fixed in Version||2016.2|
|Summary||0003097: OpenJDK glitches on Kali Linux 2.0|
|Description||I'm the developer of Armitage and Cobalt Strike.|
I'm seeing several issues with the OpenJDK Java 1.7 present on Kali 2.0 by default. The same problems apply with OpenJDK Java 1.8 as well.
1. Graphical glitches. Grapbical updates to my applications sometimes flicker or paint the wrong way. This is only present in OpenJDK
2. CPU/Memory Starvation. OpenJDK on Kali Linux 2.0 binds with Gnome's Accessibility Toolkit (ATK) using a Lib ATK Wrapper package. I worked with a user to track down and was able to reproduce an issue where my applications gradually consume more CPU and memory until they crash. We tracked down the thread consuming the CPU time and it's an ATK-created thread. Oracle's Java doesn't integrate with this package. Apparently, a bug in this package is creating issues for other Java apps too:
I suspect I'm being bit by the same bug (or something similar).
I'd like to ask for one of the following:
1. Supported steps to install an Oracle Java Virtual Machine on Kali Linux 2.0. I would use these supported steps to advise people who use my software on the Kali 2.0 platform.
2. Consideration for default non-OpenJDK Java package on Kali Linux 2.0.
|Steps To Reproduce||To reproduce the resource starvation with Armitage:|
0. I'm using Kali 2.0 rolling x64 (the VM downloaded from the site). Ran apt-get dist-upgrade and restarted earlier today.
1. Start Metasploit to pre-populate the database and all that jazz.
2. Start Armitage
= Graphical Glitches =
3. Go to Armitage -> Set Target View -> Table View
4. Go to Hosts -> Add Hosts
5. Type in six bogus addresses (e.g., 192.168.1.1, 192.168.1.2, etc.)
6. Highlight all of the entries and let Armitage sit.
Notice that the table occasionally flickers. This is an artifact present when OpenJDK is in use on Kali Linux 2.0.
= Resource Starvation =
7. Let Armitage run for about 45 minutes to one hour. Leave it active, but don't worry about interacting with it. You don't need to. Watch the CPU use of the application with top. You'll notice, it goes up over time... if you wait long enough, Armitage will become unusable.
8. Run ps -eLo pid,lwp,pcpu,args | grep [armitage PID]
The third column in this output is % CPU use. The second column is a light-weight-process ID. Find the light-weight-process using the most CPU (e.g., 29439) and convert this value to hex (e.g., 72ff). This hex value is your native thread ID.
9. Run jstack [armitage PID]
This will give back a list of threads running inside of Armitage. Look for a thread with the nid= to your hex value from step 8. This is the thread eating up all of the CPU.
Chances are you'll see that the hogging thread has a name Thread-X and no Java stacktrace associated with it. If you wait long enough and try multiple times, you might be lucky and see a Java stacktrace associated with this thread that indicates it's associated with the ATK wrapper. (e.g., part of the stack trace will include: org.GNOME.Accessibility.AtkWrapper.emitSignal(Native Method))
[this part takes a lot of patience...]
These steps also work to produce graphical glitches/resource starvation in Cobalt Strike. Despite the surface similarities, Cobalt Strike and Armitage share very little code in common nowadays. CS 3.0 was a complete rewrite.
Chances are other Java applications are effected by glitchy behavior with OpenJDK on Kali Linux 2.0 as well.
Oracle's Java 1.8.0 does not exhibit this behavior. I installed Oracle's Java from the PPA at:
|Additional Information||Note: the Steps to Reproduce should be run in order.|
Thanks for the detailed report. Since you pointed out the java ATK wrapper bug and since I saw it got fixed on the Debian side, I ensured that the fix is present in kali-rolling (version 0.33.3-6 of libatk-wrapper-java*).
You did your tests with Kali Linux 2, can you redo them with a Kali 2016.1 install fully upgraded to current Kali Rolling ? (We no longer support Kali 2.0)
Hopefully this will be enough to solve those issues as we have no plans to support Oracle JDK (if anything we prefer to fix OpenJDK).
|All of these tests were done with Kali 2016.1 Rolling. I thought it was called Kali 2.0 still too. :)|
|So what about libatk-wrapper-java* 0.33.3-6? Does this update solve (part of) the issues reported?|
Can you upgrade to latest version of kali-rolling and let us know if the problems are fixed or not?
|Ping. Can you let us know if the last version of libatk-wrapper-java fixed the issues you reported?|
|I believe that the latest version of libatk-wrapper-java should fix the issues reported here.|
|2016-02-26 05:07||rsmudge2||New Issue|
|2016-02-26 10:42||rhertzog||Assigned To||=> rhertzog|
|2016-02-26 10:42||rhertzog||Status||new => assigned|
|2016-02-26 11:05||rhertzog||Note Added: 0004765|
|2016-02-26 11:06||rhertzog||Status||assigned => feedback|
|2016-02-26 15:57||rsmudge2||Note Added: 0004769|
|2016-02-26 15:57||rsmudge2||Status||feedback => assigned|
|2016-02-27 13:25||rhertzog||Note Added: 0004777|
|2016-04-07 09:38||rhertzog||Note Added: 0005100|
|2016-04-07 09:38||rhertzog||Status||assigned => feedback|
|2016-05-09 10:24||rhertzog||Note Added: 0005212|
|2016-07-11 08:55||rhertzog||Note Added: 0005497|
|2016-07-11 08:55||rhertzog||Status||feedback => closed|
|2016-07-11 08:55||rhertzog||Resolution||open => fixed|
|2016-07-11 08:55||rhertzog||Fixed in Version||=> 2016.2|