View unanswered posts | View active topics It is currently Sun Dec 17, 2017 5:54 am



Post new topic Reply to topic  [ 6 posts ] 
 Trying with Kali. Stucked with: Manipulator webymsg error 
Author Message

Joined: Mon Sep 19, 2016 12:10 am
Posts: 4
Location: Brazil
Reply with quote
Post Trying with Kali. Stucked with: Manipulator webymsg error
Kali 2.0, fully updated. Xplico installed from regular repository.
Using only console:

# /usr/bin/xplico -m rltm -i eth0
xplico v1.1.2
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2014 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.
Limits changed
Configuration file (/opt/xplico/cfg/xplico_cli.cfg) found!
Error Opening file
Error Opening file GeoLiteCity.dat
Error Opening file GeoIP.dat
Error Opening file
Error Opening file GeoLiteCity.dat
Error Opening file GeoIP.dat
Error Opening file
Error Opening file GeoLiteCity.dat
Error Opening file GeoIP.dat
Error Opening file
Error Opening file GeoLiteCity.dat
Error Opening file GeoIP.dat

After about 20 seconds

Manipulator webymsg error
Dispatch to manipulator initialization error

What i am missing ?
(Beyond experience with Xploco :-)


Fri Oct 07, 2016 10:12 pm
Profile ICQ
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: Trying with Kali. Stucked with: Manipulator webymsg erro
Hi ttsoares,
may be a bug on webymsg manipulator.
webymsg was designed to manage Yahoo! Web Messenger, but I suppose that now Yahoo! Web Messenger is not the same.

Try to disable the manipulator. I don't know where on Kali there are the configuration files of Xplico may be on /opt/xplico/cfg/ try to find xplico_cli.cfg and comment the line:

Code:
MANIP=webymsg MPBIN=/opt/xplico/bin/mwebymsg


Have you the possibility to send me the pcap file?

Ciao.
Gianluca


Sun Oct 09, 2016 9:15 am
Profile WWW

Joined: Mon Sep 19, 2016 12:10 am
Posts: 4
Location: Brazil
Reply with quote
Post Re: Trying with Kali. Stucked with: Manipulator webymsg erro
Wonderful !! Some light did appear and it is from the author :-)

I did what you suggested and now something did change. The error disappeared and now the command

/usr/bin/xplico -m rltm -i eth0

seems to be downloading something and the last output line is:

Download GeoLiteCity.dat from http://geolite.maxmind.com/download/geoip/database/ and gunzip and see config files

it is doing something... i will wait until the prompt comes back.

As soon something happens here will post the results.

I am not yet analyzing captured traffic. Just want to see Xplico working while sniffing eth0.

THANK YOU !!

------------

I have many years of experience with GNU/Linux but am just starting at the security/forensics context.


Sun Oct 09, 2016 1:55 pm
Profile ICQ

Joined: Mon Sep 19, 2016 12:10 am
Posts: 4
Location: Brazil
Reply with quote
Post Re: Trying with Kali. Stucked with: Manipulator webymsg erro
Back again.

After several hours the process did not come back from that download.

I stop the process with Crtl-C and no message came back.

Would be useful to try strace the execution ?


Sun Oct 09, 2016 6:21 pm
Profile ICQ
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: Trying with Kali. Stucked with: Manipulator webymsg erro
Hi,

xplico doesn't download anything... the message is only a suggestion, you have to download the GeoliteCity DB and gunzip it (if you want).

xplico stops (freezes) because (this is an hypothesis) there is semaphore (only when xplico is used from CLI). Before start xplico remove this file: /dev/shm/sem.xplico_kml_sem

This file/semaphore can be not deleted if xplico (or a manipulator) crash ... and you find this situation.

Ciao.


Sun Oct 09, 2016 8:55 pm
Profile WWW

Joined: Mon Sep 19, 2016 12:10 am
Posts: 4
Location: Brazil
Reply with quote
Post Re: Trying with Kali. Stucked with: Manipulator webymsg erro
OK. This is in the case you are in the mood to keep looking at this:

- I downloaded from here: http://dev.maxmind.com/geoip/geoip2/geolite2/

This files
GeoLite2-City.mmdb.gz
GeoLite2-Country.mmdb.gz

Apart from decompressing, where to put those to please Xplico ?

That did not help trying to find the configuration where to put the files:

root@kali:/opt/xplico/cfg# grep -i -R GeoLite *

Finally, files as this /dev/shm/sem.xplico_kml_sem
usually vanish after a reboot... So i do not understand how it is related with the issue in question.

-------------------------

Could you suggest a Linux distribution where Xplico works readily after installed ?


Tue Oct 11, 2016 7:35 pm
Profile ICQ
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forums/DivisionCore.