Scapy causes Linux to lock up inside VMWare Fusion

Question

Using Scapy with Linux on VMWare Fusion with OS X 10.11.1 causes Linux guest to lock up.

The following example code reproduces this problem;

from scapy.all import *
pkt = IP(dst="8.8.8.8")/UDP(dport=53)/DNS(rd=1,qd=DNSQR(qname="iops.io"))
answer = sr1(pkt,verbose=1)

Attaching strace shows the following, then dies immediately after;

[00007f5bf1aa8620] open("/proc/net/dev", O_RDONLY) = 6
[00007f5bf1aa81f4] fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[00007f5bf1aa81f4] fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[00007f5bf1ab19ca] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bf21bf000
[00007f5bf1aa8810] read(6, "Inter-|   Receive               "..., 1024) = 570
[00007f5bf1aa8810] read(6, "", 7168)    = 0
[00007f5bf1aa8810] read(6, "", 8192)    = 0
[00007f5bf1aa8f60] close(6)             = 0
[00007f5bf1ab19f7] munmap(0x7f5bf21bf000, 4096) = 0
[00007f5bf1ab86b7] socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 6
[00007f5bf1aae337] ioctl(6, SIOCGIFINDEX, {ifr_name="eth0", ifr_index=2}) = 0
[00007f5bf1d91400] close(6)             = 0
[00007f5bf1ab865a] setsockopt(3, SOL_PACKET, PACKET_ADD_MEMBERSHIP, "\2\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0", 16

The crash dump summary shows some useful information;

Process:               vmware-vmx [2221]
Path:                  /Applications/VMware Fusion.app/Contents/Library/vmware-vmx

Exception Type:        EXC_CRASH (SIGABRT)
Exception Codes:       0x0000000000000000, 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY

Application Specific Information:
*** single-threaded process forked ***
crashed on child side of fork pre-exec

Thread 0 Crashed:: Dispatch queue: authorization-connection-queue
0   libsystem_kernel.dylib          0x00007fff87adf0ae __pthread_kill + 10
1   libsystem_pthread.dylib         0x00007fff98742500 pthread_kill + 90
2   vmware-vmx                      0x000000010e12e533 0x10d9cf000 + 7730483
3   vmware-vmx                      0x000000010e12e6e7 0x10d9cf000 + 7730919
4   vmware-vmx                      0x000000010da11009 0x10d9cf000 + 270345
5   vmware-vmx                      0x000000010e12d980 0x10d9cf000 + 7727488
6   libsystem_platform.dylib        0x00007fff851c152a _sigtramp + 26
7   ???                             000000000000000000 0 + 0
8   libxpc.dylib                    0x00007fff9771dd2c xpc_connection_resume + 192
9   com.apple.security              0x00007fff8b87cb3e __get_authorization_connection_block_invoke + 124
10  libdispatch.dylib               0x00007fff9166c3c3 _dispatch_client_callout + 8
11  libdispatch.dylib               0x00007fff9166d9aa _dispatch_barrier_sync_f_invoke + 74
12  com.apple.security              0x00007fff8b87caa4 get_authorization_connection + 33
13  com.apple.security              0x00007fff8b87b86b AuthorizationCreate + 140
14  vmware-vmx                      0x000000010ddd15c3 0x10d9cf000 + 4203971
15  vmware-vmx                      0x000000010ddd1866 0x10d9cf000 + 4204646
16  vmware-vmx                      0x000000010db17cb3 0x10d9cf000 + 1346739
17  vmware-vmx                      0x000000010dbda9d7 0x10d9cf000 + 2144727
18  libsystem_pthread.dylib         0x00007fff9873f9b1 _pthread_body + 131
19  libsystem_pthread.dylib         0x00007fff9873f92e _pthread_start + 168
20  libsystem_pthread.dylib         0x00007fff9873d385 thread_start + 13

According to docs, PACKET_ADD_MEMBERSHIP is used to configure promiscuous mode.

score 0 · Answer 1 · edited May 23 '17 at 11:44

0

This is due to promisc restrictions within VMWare Fusion, see thread here.

As a temporary work around you can untick the "Require authentication to enter promiscuous mode" box in "Preferences > Network", but should only be used if you trust every guest VM.

edited May 23 '17 at 11:44

Community

1
1

answered Dec 11 '15 at 15:26

SleepyCal

5,739
5
33
47

Scapy causes Linux to lock up inside VMWare Fusion

1 Answers1