Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 571446

Summary: net-analyzer/dsniff broken broadcast for arpspoof
Product: Gentoo Linux Reporter: Lecia Curran <leciacu>
Component: Current packagesAssignee: Gentoo Netmon project <netmon>
Status: RESOLVED FIXED    
Severity: normal Keywords: PATCH
Priority: Normal    
Version: 10.1   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: Restore broadcast functionality

Description Lecia Curran 2016-01-10 08:08:27 UTC 
Created attachment 422438 [details, diff]
Restore broadcast functionality

Debian patch for arpspoof: 0002-arpspoof-allow-use-of-of-multiple-targets.patch
from dsniff_2.4b1+debian-22.1.debian.tar.gz introduces regression in arpspoof,
by blocking sending broadcast responses. 

Relevant snippet from 0002-arpspoof-allow-use-of-of-multiple-targets.patch:

-               arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
-                        (target_ip ? (u_int8_t *)&target_mac : NULL),
-                        target_ip);
+               while(target->ip) {
+                       arp_send(l, ARPOP_REPLY, NULL, spoof.ip,
+                               (target->ip ? (u_int8_t *)&target->mac : NULL),
+                               target->ip);



so if there are no targets(explicit list of hosts for arp poisoning) internal arp_send is never called for sending broadcast response.


The attached patch can be used to restore this functionality.
Comment 1 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-05-02 18:54:05 UTC 
Gone.
Comment 2 Larry the Git Cow gentoo-dev 2021-12-07 06:44:51 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ffd19f440039ff1c2b4e4e1234c1f9c89a7ae806

commit ffd19f440039ff1c2b4e4e1234c1f9c89a7ae806
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-12-07 02:56:16 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-12-07 06:44:25 +0000

    net-analyzer/dsniff: initial import (revival)
    
    Removed in 1aa904188ff115f14f6d5fac4e0483152a08ed37. Now
    using (substantial) Debian patchset.
    
    Closes: https://bugs.gentoo.org/643460
    Closes: https://bugs.gentoo.org/674192
    Closes: https://bugs.gentoo.org/571446
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/dsniff/Manifest                       |   2 +
 net-analyzer/dsniff/dsniff-2.4_beta1_p30.ebuild    |  73 ++++++++++++++
 .../files/dsniff-2.4_beta1_p30-httppostfix.patch   |  21 +++++
 .../dsniff-2.4_beta1_p30-libdir-configure.patch    | 105 +++++++++++++++++++++
 .../files/dsniff-2.4_beta1_p30-respect-AR.patch    |  22 +++++
 net-analyzer/dsniff/metadata.xml                   |  17 ++++
 6 files changed, 240 insertions(+)