[foofus-tools] Medusa Patch

Thu Dec 4 17:51:27 PST 2008

I found this in the mailing list archives.  Does anyone still have this
patch? 

-Rich

>From jmk at foofus.net  Wed Aug 20 09:13:24 2008

From: jmk at foofus.net (jmk)

Date: Wed, 20 Aug 2008 11:13:24 -0500

Subject: [foofus-tools] Medusa SSH Module Issue

In-Reply-To: <48AC2C55.7010300 at microsolved.com>

References: <48AC2C55.7010300 at microsolved.com>

Message-ID: <1219248804.8156.10.camel at localhost>

On Wed, 2008-08-20 at 10:38 -0400, Nathan Grandbois wrote:

> Synopsis:

> Medusa SSH scanning module fails after 3 login attempts with the 

> following error:

> ERROR: Failed to retrieve supported authentication modes. Aborting...

> ERROR: No supported authentication methods located.

<snip>

> Conclusions:

> IMHO I think that the thread responsible for reconnecting is failing. 

> Coincidentally, the number of failed attempts tried by medusa, is equal 

> to the number of failed attempts if done manually. I have googled and 

> googled for hints on this, but the only one I get is from some guy in 

> spanish who said it was a stupid problem that he fixed, without actually 

> giving the fix.

> 

> Please, any help would be greatly appreciated.

I've attached a patch with the changes since v1.4 was released. The

module should now restart the connection when the server tells it to go

away after a few failed attempts. Please let me know if this fixes the

problem for you.

> PS> In addition, if I put a successful password in the first three 

> passwords attempted, medusa takes a dump with the following error:

> *** glibc detected *** medusa: double free or corruption (!prev): 

> 0x0805aff0 ***

> Followed by a backtrace and memory map.

It seems that starting with libssh2 0.18, we're occasionally getting a

double free. As a quick fix/hack, I had just commented out the free() in

LIBSSH2_FREE_FUNC. The attached patch contains this hack. If that

doesn't fix the issue, send me a backtrace and I'll take a look at it.

Joe