2017-07-26 00:44 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0003097Kali Linux[All Projects] General Bugpublic2016-07-11 08:55
Reporterrsmudge2 
Assigned Torhertzog 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionfixed 
Product Version2016.1 
Target VersionFixed in Version2016.2 
Summary0003097: OpenJDK glitches on Kali Linux 2.0
DescriptionI'm the developer of Armitage and Cobalt Strike.

I'm seeing several issues with the OpenJDK Java 1.7 present on Kali 2.0 by default. The same problems apply with OpenJDK Java 1.8 as well.

1. Graphical glitches. Grapbical updates to my applications sometimes flicker or paint the wrong way. This is only present in OpenJDK

2. CPU/Memory Starvation. OpenJDK on Kali Linux 2.0 binds with Gnome's Accessibility Toolkit (ATK) using a Lib ATK Wrapper package. I worked with a user to track down and was able to reproduce an issue where my applications gradually consume more CPU and memory until they crash. We tracked down the thread consuming the CPU time and it's an ATK-created thread. Oracle's Java doesn't integrate with this package. Apparently, a bug in this package is creating issues for other Java apps too:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809087

I suspect I'm being bit by the same bug (or something similar).

I'd like to ask for one of the following:

1. Supported steps to install an Oracle Java Virtual Machine on Kali Linux 2.0. I would use these supported steps to advise people who use my software on the Kali 2.0 platform.

Or...

2. Consideration for default non-OpenJDK Java package on Kali Linux 2.0.
Steps To ReproduceTo reproduce the resource starvation with Armitage:

0. I'm using Kali 2.0 rolling x64 (the VM downloaded from the site). Ran apt-get dist-upgrade and restarted earlier today.

1. Start Metasploit to pre-populate the database and all that jazz.

2. Start Armitage

= Graphical Glitches =

3. Go to Armitage -> Set Target View -> Table View

4. Go to Hosts -> Add Hosts

5. Type in six bogus addresses (e.g., 192.168.1.1, 192.168.1.2, etc.)

6. Highlight all of the entries and let Armitage sit.

Notice that the table occasionally flickers. This is an artifact present when OpenJDK is in use on Kali Linux 2.0.

= Resource Starvation =

7. Let Armitage run for about 45 minutes to one hour. Leave it active, but don't worry about interacting with it. You don't need to. Watch the CPU use of the application with top. You'll notice, it goes up over time... if you wait long enough, Armitage will become unusable.

Why?

8. Run ps -eLo pid,lwp,pcpu,args | grep [armitage PID]

The third column in this output is % CPU use. The second column is a light-weight-process ID. Find the light-weight-process using the most CPU (e.g., 29439) and convert this value to hex (e.g., 72ff). This hex value is your native thread ID.

9. Run jstack [armitage PID]

This will give back a list of threads running inside of Armitage. Look for a thread with the nid= to your hex value from step 8. This is the thread eating up all of the CPU.

Chances are you'll see that the hogging thread has a name Thread-X and no Java stacktrace associated with it. If you wait long enough and try multiple times, you might be lucky and see a Java stacktrace associated with this thread that indicates it's associated with the ATK wrapper. (e.g., part of the stack trace will include: org.GNOME.Accessibility.AtkWrapper.emitSignal(Native Method))
[this part takes a lot of patience...]

These steps also work to produce graphical glitches/resource starvation in Cobalt Strike. Despite the surface similarities, Cobalt Strike and Armitage share very little code in common nowadays. CS 3.0 was a complete rewrite.

Chances are other Java applications are effected by glitchy behavior with OpenJDK on Kali Linux 2.0 as well.

Oracle's Java 1.8.0 does not exhibit this behavior. I installed Oracle's Java from the PPA at:

http://www.webupd8.org/2014/03/how-to-install-oracle-java-8-in-debian.html
Additional InformationNote: the Steps to Reproduce should be run in order.
Attached Files

-Relationships
+Relationships

-Notes

~0004765

rhertzog (administrator)

Thanks for the detailed report. Since you pointed out the java ATK wrapper bug and since I saw it got fixed on the Debian side, I ensured that the fix is present in kali-rolling (version 0.33.3-6 of libatk-wrapper-java*).

You did your tests with Kali Linux 2, can you redo them with a Kali 2016.1 install fully upgraded to current Kali Rolling ? (We no longer support Kali 2.0)

Hopefully this will be enough to solve those issues as we have no plans to support Oracle JDK (if anything we prefer to fix OpenJDK).

~0004769

rsmudge2 (reporter)

All of these tests were done with Kali 2016.1 Rolling. I thought it was called Kali 2.0 still too. :)

~0004777

rhertzog (administrator)

So what about libatk-wrapper-java* 0.33.3-6? Does this update solve (part of) the issues reported?

~0005100

rhertzog (administrator)

Can you upgrade to latest version of kali-rolling and let us know if the problems are fixed or not?

Thank you.

~0005212

rhertzog (administrator)

Ping. Can you let us know if the last version of libatk-wrapper-java fixed the issues you reported?

~0005497

rhertzog (administrator)

I believe that the latest version of libatk-wrapper-java should fix the issues reported here.
+Notes

-Issue History
Date Modified Username Field Change
2016-02-26 05:07 rsmudge2 New Issue
2016-02-26 10:42 rhertzog Assigned To => rhertzog
2016-02-26 10:42 rhertzog Status new => assigned
2016-02-26 11:05 rhertzog Note Added: 0004765
2016-02-26 11:06 rhertzog Status assigned => feedback
2016-02-26 15:57 rsmudge2 Note Added: 0004769
2016-02-26 15:57 rsmudge2 Status feedback => assigned
2016-02-27 13:25 rhertzog Note Added: 0004777
2016-04-07 09:38 rhertzog Note Added: 0005100
2016-04-07 09:38 rhertzog Status assigned => feedback
2016-05-09 10:24 rhertzog Note Added: 0005212
2016-07-11 08:55 rhertzog Note Added: 0005497
2016-07-11 08:55 rhertzog Status feedback => closed
2016-07-11 08:55 rhertzog Resolution open => fixed
2016-07-11 08:55 rhertzog Fixed in Version => 2016.2
+Issue History