#51227 closed defect (invalid)
Is Aicraken a valid part of Aircrack-ng?
| Reported by: | roadrnnr83@… | Owned by: | ryandesign (Ryan Carsten Schmidt) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 2.3.4 |
| Keywords: | Cc: | yoskat | |
| Port: | aircrack-ng |
Description
Sophos stopped the install of Aircrack-ng because it detected what it claimed was malware: Aicraken. Is this a component of Aircrack-ng?
Terminal:
---> Computing dependencies for aircrack-ng
---> Staging aircrack-ng into destroot
Error: org.macports.destroot for port aircrack-ng returned: command execution failed
Please see the log file for port aircrack-ng for details:
/opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_security_aircrack-ng/aircrack-ng/main.log
To report a bug, follow the instructions in the guide:
http://guide.macports.org/#project.tickets
Error: Processing of port aircrack-ng failed
Unfortunately, I didn't screenshot the Sophos dialog warning.
aircrack-ng @1.2-rc3_1
OS 10.11.4
Attachments (2)
Change History (15)
comment:1 Changed 8 years ago by mf2k (Frank Schima)
| Priority: | High → Normal |
|---|
comment:2 Changed 8 years ago by mf2k (Frank Schima)
| Keywords: | malware removed |
|---|---|
| Owner: | changed from macports-tickets@… to ryandesign@… |
| Port: | aircrack-ng added |
In the future, please fill in the Port field and Cc the port maintainers (port info --maintainers aircrack-ng), if any.
comment:3 Changed 8 years ago by mf2k (Frank Schima)
I also have Sophos installed and it did not detect any issue.
comment:4 Changed 8 years ago by ryandesign (Ryan Carsten Schmidt)
Please clean and try again and provide a screenshot or any other information you can about this problem. I have no experience with Sophos.
comment:5 Changed 8 years ago by roadrnnr83@…
Attached MacPorts log file is from:
/opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_security_aircrack-ng
From /Library/Logs/Sophos Anti-Virus.log :
com.sophos.intercheck: 2016-04-25 07:48:37 -0600 PUA: 'Aicraken' (Hacking tool) detected in /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_security_aircrack-ng/aircrack-ng/work/aircrack-ng-1.2-rc3/src/aircrack-ng com.sophos.intercheck: Access to the file denied com.sophos.intercheck:
Text from Sophos block dialog:
Adware or PUA detected by Sophos Anti-Virus
Adware or PUA Aicraken (Hacking tool) has been blocked and listed in Quarantine Manager
comment:6 Changed 8 years ago by ryandesign (Ryan Carsten Schmidt)
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Of course, aircrack is a hacking tool: its purpose is to crack wifi network passwords. It's up to the user whether they will use that capability for good or evil.
Maybe there is a malware called "aicraken", which includes a copy of aircrack which it uses to do bad things. And maybe Sophos cannot differentiate between this "aicraken" malware and a deliberately-installed copy of aircrack.
You should be able to install aircrack with MacPorts by disabling Sophos. If so, you should let Sophos know about this problem so they can fix it.
comment:7 follow-up: 8 Changed 7 years ago by yoskat
Hey, I've the same problem than you but it's not cause Sophos ! Do you find a solution to install it ? Or if someone else can help me.
Thank you
---> Computing dependencies for aircrack-ng
---> Staging aircrack-ng into destroot
Error: org.macports.destroot for port aircrack-ng returned: command execution failed
Please see the log file for port aircrack-ng for details:
/opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_security_aircrack-ng/aircrack-ng/main.log
To report a bug, follow the instructions in the guide:
http://guide.macports.org/#project.tickets
Error: Processing of port aircrack-ng failed
comment:8 follow-up: 9 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)
| Cc: | yoskat added |
|---|
Replying to yoskat:
Hey, I've the same problem than you but it's not cause Sophos !
Then it's not the same problem. :) Please attach your main.log file so that we can see what the problem is.
Changed 7 years ago by yoskat
| Attachment: | main.2.log added |
|---|
comment:9 Changed 7 years ago by yoskat
Okay I did it, my main.log looks like yours that's why I told you that! Thanks for answering!
comment:10 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)
That log looks nothing like the problem this ticket is about, and is also from an incomplete build attempt. Please run sudo port clean aircrack-ng. If you're still not able to install it, file a new ticket.
comment:11 Changed 7 years ago by yoskat
Okay The download was gone this afternoon and aircrack-ng was on my computer but he disappear. Now I've a new problem, I'll try a last, if you can help a last time, Thank you.
MacBook-Pro-de-Maxime-2:~ maximelanglois$ sudo port install aircrack-ng ---> Computing dependencies for aircrack-ng ---> Cleaning aircrack-ng ---> Scanning binaries for linking errors Warning: Error parsing file /opt/local/bin/aircrack-ng: Error opening or reading file ---> No broken files found.
comment:12 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)
This ticket is about an inability to install aircrack-ng due to Sophos. Since you're experiencing a different problem, you should post about it somewhere else, such as in a new ticket if you believe there is a bug in MacPorts or on the macports-users mailing list if you believe there is a problem specific to your computer that you need help fixing.
comment:13 Changed 7 years ago by yoskat
Okay no worries I'll find a solution, I haven't sophos but I think it's Kapersky or Trend micro, because when it worked I stopped all protection (Kapersky and Trend). ANd when I restatrd protection it doesn't work. So you think I don't need to download it again beacause I've it, just he don't want I open it ? Thank you.
The Priority field is for use by Macports team members only.