Closed
Description
Nexus 4:
CyanogenMod 12.1
No MITM seems to work. Nothing bad in UI, just doesn't do anything.
With ga_'s assistance, i think I've narrowed it down to arpspoof crashing:
# strace arpspoof -i wlan0 target_ip gw_ip <
strace: Can't stat 'arpspoof': No such file or directory
trace ./arpspoof -i wlan0 target_ip gw_ip <
execve("./arpspoof", ["./arpspoof", "-i", "wlan0", "target_ip", "gw_ip"], [/* 23 vars */]) = 0
mprotect(0xb6f87000, 4096, PROT_READ) = 0
set_tid_address(0xb6f88bf4) = 21914
set_tls(0xb6f88e30, 0xb6f88e30, 0xb6f88e30, 0xb6f88c00, 0xb6f88bec) = 0
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb6f77000
madvise(0xb6f77000, 8192, MADV_MERGEABLE) = 0
sigaltstack({ss_sp=0xb6f77000, ss_flags=0, ss_size=8192}, NULL) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb6f76000
madvise(0xb6f76000, 4096, MADV_MERGEABLE) = 0
mprotect(0xb6f76000, 4096, PROT_READ) = 0
mprotect(0xb6f76000, 4096, PROT_READ|PROT_WRITE) = 0
mprotect(0xb6f76000, 4096, PROT_READ) = 0
mprotect(0xb6f76000, 4096, PROT_READ|PROT_WRITE) = 0
mprotect(0xb6f76000, 4096, PROT_READ) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x11} ---
+++ killed by SIGSEGV +++
Segmentation fault
The crash looks like this from the command line:
1|root@mako:/data/data/org.csploit.android/files/tools/arpspoof # ./arpspoof
dSploit ArpSpoofer.
1|root@mako:/data/data/org.csploit.android/files/tools/arpspoof #
That is, there is no obvious crash when you don't strace. MITM not working has been a problem for about 2 weeks. FWIW I tried setenforce 0 and it made no difference.
I should also add that logcat looks normal as far as itables stuff goes, but if you ps arpspoof it doesn't ever seem to be running.
ft