Skip to content

Segmentation fault ARM64 Raspberry PI running Kali Linux #13

New issue
New issue
Open
Open
Segmentation fault ARM64 Raspberry PI running Kali Linux#13
@h00die-gr3y

Description

@h00die-gr3y
h00die-gr3y
opened on Aug 21, 2023

Installed sshlog according to instructions.
Try to start the daemon and it fails with SEGV (segmentation fault)

systemctl start sshlog
# systemctl status sshlog
× sshlog.service - SSHLog Agent Service
     Loaded: loaded (/lib/systemd/system/sshlog.service; disabled; preset: disabled)
     Active: failed (Result: signal) since Mon 2023-08-21 11:49:46 UTC; 2s ago
   Duration: 1.494s
    Process: 350961 ExecStart=/usr/bin/sshlogd --logfile /var/log/sshlog/sshlogd.log (code=killed, signal=SEGV)
   Main PID: 350961 (code=killed, signal=SEGV)
        CPU: 1.487s

Aug 21 11:49:46 cerberus systemd[1]: sshlog.service: Scheduled restart job, restart counter is at 5.
Aug 21 11:49:46 cerberus systemd[1]: Stopped sshlog.service - SSHLog Agent Service.
Aug 21 11:49:46 cerberus systemd[1]: sshlog.service: Consumed 1.487s CPU time.
Aug 21 11:49:46 cerberus systemd[1]: sshlog.service: Start request repeated too quickly.
Aug 21 11:49:46 cerberus systemd[1]: sshlog.service: Failed with result 'signal'.
Aug 21 11:49:46 cerberus systemd[1]: Failed to start sshlog.service - SSHLog Agent Service.

Checked the /var/log/sshlog/sshlogd.log but no failures there.

2023-08-21 11:49:14,129 - plugin_manager.py:26 - INFO - Detected Plugin upload_file_path_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin upload_file_path_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin ignore_existing_logins_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin require_tty_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin username_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin username_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,130 - plugin_manager.py:26 - INFO - Detected Plugin command_exit_code_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin command_name_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin command_name_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin command_output_contains_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin command_output_contains_regex_filter with fields [{'name': 'filter_arg', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin slack_action with fields [{'name': 'slack_webhook_url', 'required': True}]
2023-08-21 11:49:14,131 - plugin_manager.py:26 - INFO - Detected Plugin webhook_action with fields [{'name': 'webhook_url', 'required': True}, {'name': 'do_get_request', 'required': False}]
2023-08-21 11:49:14,132 - plugin_manager.py:26 - INFO - Detected Plugin email_action with fields [{'name': 'sender', 'required': True}, {'name': 'recipient', 'required': True}, {'name': 'subject', 'required': True}, {'name': 'body', 'required': True}, {'name': 'smtp_server', 'required': True}, {'name': 'smtp_port', 'required': True}, {'name': 'username', 'required': False}, {'name': 'password', 'required': False}]
2023-08-21 11:49:14,132 - plugin_manager.py:26 - INFO - Detected Plugin run_command_action with fields [{'name': 'command', 'required': True}, {'name': 'args', 'required': False}, {'name': 'timeout', 'required': False}]
2023-08-21 11:49:14,132 - plugin_manager.py:26 - INFO - Detected Plugin statsd_action with fields [{'name': 'server_address', 'required': True}, {'name': 'port', 'required': False}, {'name': 'statsd_prefix', 'required': False}]
2023-08-21 11:49:14,132 - plugin_manager.py:26 - INFO - Detected Plugin eventlogfile_action with fields [{'name': 'log_file_path', 'required': True}, {'name': 'output_json', 'required': False}, {'name': 'max_size_mb', 'required': False}, {'name': 'number_of_log_files', 'required': False}]
2023-08-21 11:49:14,132 - plugin_manager.py:26 - INFO - Detected Plugin sessionlog_action with fields [{'name': 'log_directory', 'required': True}, {'name': 'timestamp_frequency_seconds', 'required': False}]
2023-08-21 11:49:14,133 - plugin_manager.py:26 - INFO - Detected Plugin syslog_action with fields [{'name': 'server_address', 'required': True}, {'name': 'port', 'required': False}, {'name': 'program_name', 'required': False}, {'name': 'udp', 'required': False}, {'name': 'output_json', 'required': False}, {'name': 'facility', 'required': False}, {'name': 'severity', 'required': False}]
2023-08-21 11:49:14,133 - plugin_manager.py:37 - INFO - Reading config file /etc/sshlog/sshlog.yaml
2023-08-21 11:49:14,133 - plugin_manager.py:39 - WARNING - Configuration file /etc/sshlog/sshlog.yaml does not exist.  Skipping
2023-08-21 11:49:14,133 - plugin_manager.py:37 - INFO - Reading config file /etc/sshlog/conf.d/log_events.yaml
2023-08-21 11:49:14,143 - plugin_manager.py:37 - INFO - Reading config file /etc/sshlog/conf.d/log_all_sessions.yaml
2023-08-21 11:49:14,151 - plugin_manager.py:162 - INFO - Initializing event plugin log_general_activity
2023-08-21 11:49:14,151 - plugin_manager.py:167 - INFO - Initializing filter plugin ignore_existing_logins
2023-08-21 11:49:14,151 - plugin_manager.py:175 - INFO - Initializing action plugin log_events
2023-08-21 11:49:14,151 - eventlogfile_action.py:19 - INFO - Initialized action log_events with log file path /var/log/sshlog/event.log
2023-08-21 11:49:14,153 - plugin_manager.py:162 - INFO - Initializing event plugin stream_terminal
2023-08-21 11:49:14,153 - plugin_manager.py:167 - INFO - Initializing filter plugin ignore_existing_logins
2023-08-21 11:49:14,153 - plugin_manager.py:175 - INFO - Initializing action plugin log_all_sessions
2023-08-21 11:49:14,153 - sessionlog_action.py:53 - INFO - Initialized action log_all_sessions with log directory /var/log/sshlog/sessions/

My configuration:

# uname -a
Linux cerberus 5.15.44-Re4son-v8l+ #1 SMP PREEMPT Debian kali-pi (2022-07-03) aarch64 GNU/Linux
# ssh -V
OpenSSH_9.3p2 Debian-1, OpenSSL 3.0.9 30 May 2023

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions