[MacPorts] #51227: Is Aicraken a valid part of Aircrack-ng?
#51227: Is Aicraken a valid part of Aircrack-ng? --------------------------+-------------------------------- Reporter: roadrnnr83@… | Owner: macports-tickets@… Type: defect | Status: new Priority: High | Milestone: Component: ports | Version: 2.3.4 Keywords: malware | Port: --------------------------+-------------------------------- Sophos stopped the install of Aircrack-ng because it detected what it claimed was malware: Aicraken. Is this a component of Aircrack-ng? Terminal: {{{ ---> Computing dependencies for aircrack-ng ---> Staging aircrack-ng into destroot Error: org.macports.destroot for port aircrack-ng returned: command execution failed Please see the log file for port aircrack-ng for details: /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports .org_release_tarballs_ports_security_aircrack-ng/aircrack-ng/main.log To report a bug, follow the instructions in the guide: http://guide.macports.org/#project.tickets Error: Processing of port aircrack-ng failed }}} Unfortunately, I didn't screenshot the Sophos dialog warning. aircrack-ng @1.2-rc3_1 OS 10.11.4 -- Ticket URL: <https://trac.macports.org/ticket/51227> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------------- Reporter: roadrnnr83@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: malware Port: | ---------------------------+-------------------------------- Changes (by mf2k@…): * priority: High => Normal Comment: The Priority field is for use by Macports team members only. -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:1> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------- Reporter: roadrnnr83@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: Port: aircrack-ng | ---------------------------+-------------------------- Changes (by mf2k@…): * owner: macports-tickets@… => ryandesign@… * keywords: malware => * port: => aircrack-ng Comment: In the future, please fill in the Port field and Cc the port maintainers ({{{port info --maintainers nco}}}), if any. -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:2> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------- Reporter: roadrnnr83@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: Port: aircrack-ng | ---------------------------+-------------------------- Comment (by mf2k@…): I also have Sophos installed it did not detect any issue. -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:3> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------- Reporter: roadrnnr83@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: Port: aircrack-ng | ---------------------------+-------------------------- Comment (by ryandesign@…): Please clean and try again and provide a screenshot or any other information you can about this problem. I have no experience with Sophos. -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:4> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------- Reporter: roadrnnr83@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: Port: aircrack-ng | ---------------------------+-------------------------- Comment (by roadrnnr83@…): Attached MacPorts log file is from: /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports .org_release_tarballs_ports_security_aircrack-ng From /Library/Logs/Sophos Anti-Virus.log : {{{ com.sophos.intercheck: 2016-04-25 07:48:37 -0600 PUA: 'Aicraken' (Hacking tool) detected in /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports .org_release_tarballs_ports_security_aircrack-ng/aircrack-ng/work /aircrack-ng-1.2-rc3/src/aircrack-ng com.sophos.intercheck: Access to the file denied com.sophos.intercheck: }}} Text from Sophos block dialog: '''Adware or PUA detected by Sophos Anti-Virus''' Adware or PUA Aicraken (Hacking tool) has been blocked and listed in Quarantine Manager -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:5> MacPorts <https://www.macports.org/> Ports system for OS X
#51227: Is Aicraken a valid part of Aircrack-ng? ---------------------------+-------------------------- Reporter: roadrnnr83@… | Owner: ryandesign@… Type: defect | Status: closed Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: invalid | Keywords: Port: aircrack-ng | ---------------------------+-------------------------- Changes (by ryandesign@…): * status: new => closed * resolution: => invalid Comment: Of course, aircrack is a hacking tool: its purpose is to crack wifi network passwords. It's up to the user whether they will use that capability for good or evil. Maybe there is a malware called "aicraken", which includes a copy of aircrack which it uses to do bad things. And maybe Sophos cannot differentiate between this "aicraken" malware and a deliberately-installed copy of aircrack. You should be able to install aircrack with MacPorts by disabling Sophos. If so, you should let Sophos know about this problem so they can fix it. -- Ticket URL: <https://trac.macports.org/ticket/51227#comment:6> MacPorts <https://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts