Pyrit 0.3.1 segmentation fault

[scarleo]

Hi,

I get a Segmentation fault when running Pyrit 0.3.1-dev (svn r228) with a crunch wordlist piped through it.

Code:

./crunch 8 8 abcdefgh | pyrit -r /root/essid-01.cap -e '<ESSID>' -i - attack_passthrough

It runs through sometimes 70 million PMK and sometimes just a few million, then stops with the message Segmentation fault.

I googled some and found people had this problem in earlier versions (0.2.4) but that it should be fixed in newer versions. However it doesn't work on my NVIDIA GTX260. Anyone know what is wrong? I would be very greatful for some assistance.

BT4
Nvidia GeForce GTX 260
Intel Core 2 Quad
4 GB RAM

[purehate]

I would probablly say its your capfile. I would try striping it with tshark or with the pyrit strip option. As you can see using aircrack's test file it works fine.

root@bt:/pentest/wireless/aircrack-ng/test# /pentest/passwords/crunch/crunch 8 8 abcdefgh | pyrit -e test -i - -r wpa.cap attack_passthrough
Pyrit 0.3.1-dev (svn r228) (C) 2008-2010 Lukas Lueg pyrit - Project Hosting on Google Code
This code is distributed under the GNU General Public License v3+

Parsing file 'wpa.cap' (1/1)...
13 packets (13 802.11-packets), 1 APs

Picked AccessPoint 00:0d:93:eb:b0:8c automatically...
Tried 3140157 PMKs so far; 8068 PMKs per second.

[kidFromBigD]

I've got a box that has the same problem. For me, this goes back all the way to June 2009. So far I've only found workarounds for the seg-fault and no fixes. My CPU is an AMD dual core, 2G RAM, with a GTX-260 on board.

@pureh@te - I have seen the seg-fault consistently with large and very small .cap files. I do not think it's related to size or composition of the .cap file, IMHO.

So, here's what I've done to mitigate the problem:

0) Upgrade your version of python. The author of pyrit advised me to do this since I was running BT4pre-final when I saw most of my problems. Unfortunately, having upgraded to python 2.6 (from 2.5.2 delivered in BT4pf), I'm still seeing seg-faults.

1) Assign a NICE value to your pyrit and/or crunch processes. Using your example above I would try:

Code:

/usr/bin/nice -n -10 crunch 8 8 abcdefgh | /usr/bin/nice -n -10  pyrit -r /root/essid-01.cap -e '<ESSID>' -i - attack_passthrough

--> This tells the system to schedule the crunch and pyrit processes with higher priority. It does not solve the problem, but it does seem to help.

2) Wrap the pyrit commands in bash scripts so you can capture the return code value and loop back if it seg-faults.
--> If the pyrit command seg-faults, you will observe a return code of 139, or at least I do. Use this command to check the return code after pyrit has run:

Code:

echo $?

--> Now begin to take note of the various return codes from pyrit, and modify the bash scripts accordingly.

3) Report the problem to pyrit's code owner. I have tried, but so far he hasn't come up with a good fix.
--> Open a formal ticket against pyrit: Issues - pyrit - Project Hosting on Google Code
--> Begin a discussion thread here: Pyrit | Google Groups

Hope this helps. Trust me I feel your pain. Let us know how it goes, and if you have more questions.

[scarleo]

Thank you both for your tips. I've seen the thread abt upgrading Python at pyrit site. I will try both your suggestions next time it stops, this run seems to work fine, 126 million and counting without any changes. I will also file a ticket in pyrit list so they are aware of it.

kidFromBigD: You have the same GPU as me, could this be hardware/driver related?

[kidFromBigD]

@scarleo -- No, I don't think it has anything to do with our choice of GPU(GTX-260). Driver related? Perhaps.

I noticed that you are running pyrit in 'attack_passthrough' mode. Well, I run in 'passthrough' mode when I observe seg-faults.

What does it all mean? A bit more robustness needs to be added into pyrit ... IMHO.

Cheers!