PaulDotCom mailing list archives
Re: hamster and ferret problems
From: Joshua Wright <jwright () hasborg com>
Date: Wed, 29 Feb 2012 08:26:04 -0500
On 2/29/2012 7:22 AM, Robin Wood wrote:
Hi Is anyone still using Hamster and Ferret? I was trying to play with it but ferret just keeps seg faulting on me and so never gives any data to hamster. This is the crash: $ ./ferret -r sniff-2012-02-29-eth.pcap [0] ./ferret [1] -r [2] sniff-2012-02-29-eth.pcap -- FERRET 1.2.0 - 2008 (c) Errata Security -- build = Feb 28 2012 15:07:17 (64-bits) -- libpcap version 1.2.1 sniff-2012-02-29-eth.pcap proto="DNS", query="A", ip.src=[192.168.0.2], name="bsides.2bli2.com" unknown record type Segmentation fault From the debugging I've managed to do it looks like something to do with the unknown record type getting parsed somewhere and causing the problem but my C isn't good enough to work out what the unknown record is and how to kill it off before it gets parsed.
You need to compile it with the "-g3 -ggdb" flags, then run it inside gdb. Something like:
# gdb ferret gdb> run -r sniff-2012-02-29-eth.pcapWhen it crashes, issue a "bt" to show the backtrace of where it crashed. You can probably just comment out the DNS parser.
I use WiFiSheep on my Kindle Fire for an alternative catch-all-cookies sidejacking attack. Otherwise I use Firesheep with Firefox 3.6.12 and write my own handlers.
-Josh _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- hamster and ferret problems Robin Wood (Feb 29)
- Re: hamster and ferret problems Joshua Wright (Feb 29)
- Re: hamster and ferret problems Robin Wood (Feb 29)
- Re: hamster and ferret problems Joshua Wright (Feb 29)