ncrack icon indicating copy to clipboard operation
ncrack copied to clipboard

Published 20 hours ago verified publisher icon nmap

ncrack segmentation fault error specific to SSH service brute force

Open triznut opened this issue 6 years ago • 11 comments

I receive the following error message when trying to brute force SSH services:

ncrack -v --user root -P /usr/share/wordlists/rockyou-custom.txt 10.xx.xx.xx:22

Starting Ncrack 0.6 ( http://ncrack.org ) at 2018-03-27 10:40 MDT

Segmentation fault

Dmesg Log:

[ 300.771692] ncrack[2222]: segfault at 8 ip 00007f8ac720b849 sp 00007ffd7b8e7140 error 4 in libcrypto.so.1.1[7f8ac714a000+262000]

triznut avatar Mar 29 '18 18:03 triznut

Can you retry with the latest version of Ncrack (0.7 on github) compiled against OpenSSL 1.1?

ithilgore avatar Mar 31 '18 06:03 ithilgore

@ithilgore Problem still exists in Ncrack 0.7 compiled against OpenSSL 1.1

denevin avatar Jun 07 '18 03:06 denevin

I found a solution, try to save your file without .txt extension that's work for me, have a good day 👍

ghost avatar Jun 18 '18 19:06 ghost

Had the same issue today wit ncrack 0.5. (This is the version found in the fedora repos.)

I found that the wordlist needs to have a blank line at the end in order not to segfault.

doomguy avatar Nov 19 '18 15:11 doomguy

Just compiled ncrack 0.7 with openssl 1.1.0i-fips. Now I can't brute any ssh service anymore.

I tried 4 test cases in total:

  • wordlist without extension and without trailing blank line
  • wordlist without extension and with trailing blank line
  • wordlist with extension and without trailing blank line
  • wordlist with extension and with trailing blank line

I attached the dmesg log to this message. ncrack_segfault.txt

doomguy avatar Nov 19 '18 15:11 doomguy

I found a solution, try to save your file without .txt extension that's work for me, have a good day 👍

i tired to rename file and extension but still facing same issue .

root@pen:~# ncrack -v -T 5 --user admin -P wordlist.txt 192.168.8.110:22

Starting Ncrack 0.6 ( http://ncrack.org ) at 2018-11-25 04:29 EST

Segmentation fault

same7ammar avatar Nov 25 '18 09:11 same7ammar

ping, same issue here

Velby avatar May 14 '19 18:05 Velby

Is there anything new on this? I'm having the same issue.

TheConen avatar Aug 15 '19 13:08 TheConen

just updating ncrack will resolve the issue(apt-get -y install ncrack). ncrack version 0.6 seems all affected.

chanuniva avatar Nov 11 '19 14:11 chanuniva

Hey @ithilgore ,

This bug still persists on ncrack 0.8. As mentioned on this thread, it does not segfault when the password list has an empty line.

cldrn avatar Jan 25 '21 03:01 cldrn

still segfault:

  1. using password file without extension
  2. using password with a empty line
  3. patch with the pull request #108

seems defferent passwords cause segfault too ncrack version 0.8

yoke88 avatar May 25 '21 02:05 yoke88