#1 IM Sniffer aborting execution

open
nobody
None
5
2006-07-18
2006-07-18
Luiz Poleto
No

Everytime i start the imsniff (either as a daemon or
not) it runs for a few hours, then stop running.
I can't find anything in /var/log/messages regarding
imsniff and I don't see any imsniff logs.
I'm using Gentoo Linux (I've tried with kernel 2.14 and
2.16) and I also know that I'm not the only one having
this problem.

Thanks,
Poleto

Discussion

  • Zeque
    Zeque
    2006-07-19

    Logged In: YES
    user_id=1558535

    Hi,

    I have the same problem. It's when somebody restart the
    session, then imsniff die. I tried recompiling imsniff, but
    it's the same problem.

    Thanks,

    Zeque

     
  • Logged In: NO

    It happens with Windows as well

     
  • Logged In: NO

    Same problem here with Redhat. It just aborts.

     
  • Logged In: NO

    I can confirm that this also occurs on my machine. (Ubuntu i386 Edgy)

    The imsniff.log in the debug directory shows the following last lines: (personal data obfuscated by X's)

    Thu Feb 1 22:56:29 2007 | 1 | Event for an unknown nick: is leaving the SB at 192.168.1.13:48647
    Thu Feb 1 22:56:29 2007 | 0 | No switchboard or unknown owner, can't log
    Thu Feb 1 22:56:29 2007 | 1 | Event for an unknown nick: is leaving the SB at 207.46.106.36:1863
    Thu Feb 1 22:56:29 2007 | 0 | No switchboard or unknown owner, can't log
    Thu Feb 1 22:56:42 2007 | 1 | Unknown content-type: text/x-msmsgsinitialmdatanotification; charset=UTF-8
    Thu Feb 1 22:56:42 2007 | 1 | Unknown content-type: text/x-msmsgsinitialmdatanotification; charset=UTF-8
    Thu Feb 1 22:58:55 2007 | 0 | debuglogdir = /home/chris/debug
    Thu Feb 1 22:58:55 2007 | 0 | Parsing interface eth0
    Thu Feb 1 22:58:55 2007 | 0 | interface = eth0
    Thu Feb 1 22:59:06 2007 | 0 | No known partipants in SB owned by XXXXMEXXXX@hotmail.com, can't log
    Thu Feb 1 22:59:06 2007 | 0 | No known partipants in SB owned by XXXXMEXXXX@hotmail.com, can't log
    Thu Feb 1 22:59:07 2007 | 0 | Unable to parse FLN correcty
    Thu Feb 1 22:59:08 2007 | 0 | Line read: FLN XXXX@hotmail.com 1 0
    Thu Feb 1 22:59:08 2007 | 0 | Token 0: FLN
    Thu Feb 1 22:59:08 2007 | 0 | Token 1: XXXX@hotmail.com
    Thu Feb 1 22:59:08 2007 | 0 | Token 2: 1
    Thu Feb 1 22:59:08 2007 | 0 | Token 3: 0
    Thu Feb 1 22:59:08 2007 | 0 | Unable to parse FLN correcty
    Thu Feb 1 22:59:08 2007 | 0 | Line read: FLN XXXX@hotmail.com 1 0
    Thu Feb 1 22:59:08 2007 | 0 | Token 0: FLN
    Thu Feb 1 22:59:08 2007 | 0 | Token 1: XXXX@hotmail.com
    Thu Feb 1 22:59:08 2007 | 0 | Token 2: 1
    Thu Feb 1 22:59:08 2007 | 0 | Token 3: 0
    Thu Feb 1 22:59:45 2007 | 1 | Unknown content-type: text/x-msnmsgr-datacast
    Thu Feb 1 22:59:45 2007 | 1 | Unknown content-type: text/x-msnmsgr-datacast
    Thu Feb 1 22:59:52 2007 | 0 | No known partipants in SB owned by XXXXMEXXXX@hotmail.com, can't log
    Thu Feb 1 22:59:52 2007 | 0 | No known partipants in SB owned by XXXXMEXXXX@hotmail.com, can't log
    Thu Feb 1 22:59:55 2007 | 0 | Set SB log name to: /home/chris/chats/XXXXMEXXXX@hotmail.com/XXXX@hotmail.com.log
    Thu Feb 1 23:00:05 2007 | 1 | Unknown content-type: text/x-msnmsgr-datacast
    Thu Feb 1 23:00:05 2007 | 1 | Unknown content-type: text/x-msnmsgr-datacast
    Thu Feb 1 23:02:20 2007 | 1 | Event for an unknown nick: is leaving the SB at 192.168.1.13:4271
    Thu Feb 1 23:02:20 2007 | 0 | No switchboard or unknown owner, can't log
    Thu Feb 1 23:02:20 2007 | 1 | Event for an unknown nick: is leaving the SB at 192.168.1.13:4271
    Thu Feb 1 23:02:20 2007 | 0 | No switchboard or unknown owner, can't log

    Maybe this is to do with differences in the newer MSN9 protocol?
    This is a great app and it is a great shame it is plagued by such issues.

     
  • Logged In: YES
    user_id=1740660
    Originator: NO

    The same with me on FC6.

     
  • Juliano Morona
    Juliano Morona
    2007-03-21

    Logged In: YES
    user_id=1741661
    Originator: NO

    The same with me on Mandriva 2005, 2006 and 2007

     
  • Logged In: NO

    Try this....

    Source: http://www.vivaolinux.com.br/dicas/verDica.php?codigo=7357

    PS: Brazilian Portuguese Site

    msn_conntrack.cpp

    void add_user_to_sb (struct msn_connection *conn, u_char *user)
    {
    if (conn!=NULL && conn->users!=NULL)
    {
    int i=0;
    while (i<conn->num_users)
    {
    if (strcmp ((char *) conn->users[i], (char *) user)==0)
    return; // Don't duplicate
    i++;
    }
    }

    log_debug (5, "Adding user [%s] to SB",user);
    + if (!conn) {
    + conn = (struct msn_connection *) malloc (sizeof (struct msn_connection));
    + if (!conn)
    + return;
    + if (msn_conns_first==NULL)
    + msn_conns_first=conn;

    + memset (conn,0,sizeof (struct msn_connection)); // All zeros is fine
    + if (msn_conns_last != NULL)
    + {
    + msn_conns_last->next=conn;
    + conn->previous=msn_conns_last;
    + }
    + msn_conns_last=conn;

    + conn->users=NULL;
    + conn->num_users=0;
    + conn->log_full_path=NULL;

    + }

    conn->users=(u_char **) realloc (conn->users, sizeof (u_char *) * (conn->num_users+1));
    log_debug (5, "Done realloc");
    if (conn->users!=NULL)
    {
    conn->users[conn->num_users]=(u_char *) malloc (strlen ((char *) user) +1 );
    log_debug (5, "Done malloc");
    strcpy ((char *) conn->users[conn->num_users],(char *) user);
    log_debug (5, "Done strcpy");
    conn->num_users++;
    }
    log_debug (5, "Done, number of users now = %d",conn->num_users);
    }

    util.cpp

    int get_tokens (u_char *line, u_char ***tokens, int max_tokens)
    {
    log_debug (5, "entry in get_tokens");
    int capacity = (max_tokens==0)?50:max_tokens;
    /* First, delete the tokens if there are any ... */
    free_array(tokens);
    *tokens=(u_char **) malloc (sizeof (u_char *) * (capacity +1)); // Final one is NULL
    if (*tokens==NULL)
    return OUT_OF_MEMORY;
    int num=0; /* Number of tokens added so far */
    u_char *now = line;
    u_char *newtoken;

    char tmp[255];

    for (;;)
    {
    size_t i;
    /* Skip spaces and control stuff */
    while (*now<=' ' && *now!=0)
    {
    now++;
    }

    if (*now==0) /* End of line */
    break;

    i=0;
    if (max_tokens==num+1 && max_tokens!=0)
    i=strlen ((char *) now);
    else
    {
    while (now[i]>' ') /* Look ahead, how long is the next token? */
    i++;
    }
    newtoken=(u_char *) malloc (i+1);
    memcpy (newtoken, now, i);
    now = now + i;
    newtoken[i]=0;

    if (num==capacity)
    {
    capacity += 10;
    *tokens = (u_char **) realloc (*tokens, sizeof (u_char *) * (capacity +1));
    if (*tokens==NULL) /* A bit unstable now I'm afraid */
    return OUT_OF_MEMORY;
    }

    (*tokens)[num]=newtoken;

    if (num==7)
    {
    + break;
    - exit (7);
    }
    num++;
    }

    (*tokens)[num]=NULL;
    return num;
    }

     
  • Logged In: YES
    user_id=1915590
    Originator: NO

    Try this....

    Source: http://www.vivaolinux.com.br/dicas/verDica.php?codigo=7357

    PS: Brazilian Portuguese Site

    msn_conntrack.cpp

    void add_user_to_sb (struct msn_connection *conn, u_char *user)
    {
    if (conn!=NULL && conn->users!=NULL)
    {
    int i=0;
    while (i<conn->num_users)
    {
    if (strcmp ((char *) conn->users[i], (char *) user)==0)
    return; // Don't duplicate
    i++;
    }
    }

    log_debug (5, "Adding user [%s] to SB",user);
    + if (!conn) {
    + conn = (struct msn_connection *) malloc (sizeof (struct msn_connection));
    + if (!conn)
    + return;
    + if (msn_conns_first==NULL)
    + msn_conns_first=conn;

    + memset (conn,0,sizeof (struct msn_connection)); // All zeros is fine
    + if (msn_conns_last != NULL)
    + {
    + msn_conns_last->next=conn;
    + conn->previous=msn_conns_last;
    + }
    + msn_conns_last=conn;

    + conn->users=NULL;
    + conn->num_users=0;
    + conn->log_full_path=NULL;

    + }

    conn->users=(u_char **) realloc (conn->users, sizeof (u_char *) * (conn->num_users+1));
    log_debug (5, "Done realloc");
    if (conn->users!=NULL)
    {
    conn->users[conn->num_users]=(u_char *) malloc (strlen ((char *) user) +1 );
    log_debug (5, "Done malloc");
    strcpy ((char *) conn->users[conn->num_users],(char *) user);
    log_debug (5, "Done strcpy");
    conn->num_users++;
    }
    log_debug (5, "Done, number of users now = %d",conn->num_users);
    }

    util.cpp

    int get_tokens (u_char *line, u_char ***tokens, int max_tokens)
    {
    log_debug (5, "entry in get_tokens");
    int capacity = (max_tokens==0)?50:max_tokens;
    /* First, delete the tokens if there are any ... */
    free_array(tokens);
    *tokens=(u_char **) malloc (sizeof (u_char *) * (capacity +1)); // Final one is NULL
    if (*tokens==NULL)
    return OUT_OF_MEMORY;
    int num=0; /* Number of tokens added so far */
    u_char *now = line;
    u_char *newtoken;

    char tmp[255];

    for (;;)
    {
    size_t i;
    /* Skip spaces and control stuff */
    while (*now<=' ' && *now!=0)
    {
    now++;
    }

    if (*now==0) /* End of line */
    break;

    i=0;
    if (max_tokens==num+1 && max_tokens!=0)
    i=strlen ((char *) now);
    else
    {
    while (now[i]>' ') /* Look ahead, how long is the next token? */
    i++;
    }
    newtoken=(u_char *) malloc (i+1);
    memcpy (newtoken, now, i);
    now = now + i;
    newtoken[i]=0;

    if (num==capacity)
    {
    capacity += 10;
    *tokens = (u_char **) realloc (*tokens, sizeof (u_char *) * (capacity +1));
    if (*tokens==NULL) /* A bit unstable now I'm afraid */
    return OUT_OF_MEMORY;
    }

    (*tokens)[num]=newtoken;

    if (num==7)
    {
    + break;
    - exit (7);
    }
    num++;
    }

    (*tokens)[num]=NULL;
    return num;
    }

     
  • Logged In: NO

    there is a fix, in http://www.vivaolinux.com.br/dicas/verDica.php?codigo=7357
    just portuguese, sorry, but dit the file msn_conntrack.cpp and add lines begining with "+"
    and too edit file util.cpp and change in the function get_tokens() the line with the "-" by the "+"(exit() by break)

     
  • Denis McMahon
    Denis McMahon
    2008-07-04

    Logged In: YES
    user_id=1174130
    Originator: NO

    I had this propblem too, grabbed the source and have hacked it a bit. It compiles and runs on my debian / ubuntu system, but don't know about any others. Trying to see if I can get my changes added as a fork or something - new to sourceforge so wish me luck.