2017-07-26 00:41 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0003025Kali Linux[All Projects] Kali Package Bugpublic2016-08-22 15:23
Reporterjoy4u 
Assigned Tosbrun 
PriorityhighSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
Product Version2016.1 
Target VersionFixed in Version2016.2 
Summary0003025: Problem in Dradis While Opening in Browser
DescriptionI am using kali linux 2016.1 on VirtualBox and when opening dradis after running service dradis start in console and in browser https://127.0.0.1:3004 i am getting Internal Server Error with the following error

uninitialized constant Rack::Handler::WEBrick::QUERY_STRING
Attached Files

-Relationships
+Relationships

-Notes

~0004636

crash (reporter)

Guys i Think that is some problem with rails and stuff.

If you run without rails instaled:

root@anubis:/usr/lib/dradis# ./dradis server
/usr/lib/ruby/2.2.0/rubygems/dependency.rb:315:in `to_specs': Could not find 'rails' (>= 0) among 95 total gem(s) (Gem::LoadError)
Checked in 'GEM_PATH=/root/.gem/ruby/2.2.0:/var/lib/gems/2.2.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.2.0:/usr/share/rubygems-integration/2.2.0:/usr/share/rubygems-integration/2.2:/usr/share/rubygems-integration/all', execute `gem env` for more information
    from /usr/lib/ruby/2.2.0/rubygems/dependency.rb:324:in `to_spec'
    from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_gem.rb:64:in `gem'
    from /usr/lib/dradis/lib/tasks/thorfile.rb:71:in `server'
    from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in `run'
    from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in `invoke_command'
    from /usr/lib/ruby/vendor_ruby/thor.rb:359:in `dispatch'
    from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in `start'
    from ./dradis:8:in `<main>'


After install rails:

root@anubis:/usr/lib/dradis# ./dradis server
/usr/lib/dradis/lib/tasks/thorfile.rb:75:in `load': cannot load such file -- /usr/share/rubygems-integration/all/gems/rails-4.2.5/bin/rails (LoadError)
    from /usr/lib/dradis/lib/tasks/thorfile.rb:75:in `server'
    from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in `run'
    from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in `invoke_command'
    from /usr/lib/ruby/vendor_ruby/thor.rb:359:in `dispatch'
    from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in `start'
    from ./dradis:8:in `<main>'

If you try run rails server command after install rails packt:

root@anubis:/usr/lib/dradis/script# ./rails server
/usr/lib/ruby/vendor_ruby/bundler/runtime.rb:34:in `block in setup': You have already activated json 1.8.3, but your Gemfile requires json 1.8.2. Prepending `bundle exec` to your command may solve this. (Gem::LoadError)
    from /usr/lib/ruby/vendor_ruby/bundler/runtime.rb:19:in `setup'
    from /usr/lib/ruby/vendor_ruby/bundler.rb:127:in `setup'
    from /usr/lib/ruby/vendor_ruby/bundler/setup.rb:8:in `<top (required)>'
    from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'
    from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'
    from /usr/lib/dradis/config/boot.rb:4:in `<top (required)>'
    from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'
    from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require'
    from ./rails:40:in `<main>'

~0004669

expphoto (reporter)

Same issue for me.

~0004678

rhertzog (administrator)

The problem is non-trivial to solve. The full backtrace is this one (or close to it, as this is with a newer dradis snapshot):

root@kali-rolling:/usr/lib/dradis# bundle exec script/rails server
=> Booting Thin
=> Rails 4.1.9 application starting in development on https://127.0.0.1:3004
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
Thin web server (v1.6.3 codename Protein Powder)
Maximum connections set to 1024
Listening on 127.0.0.1:3004, CTRL+C to stop
Unexpected error while processing request: uninitialized constant Rack::MethodOverride::REQUEST_METHOD
    /usr/lib/ruby/vendor_ruby/rack/methodoverride.rb:14:in `call'
    /usr/lib/ruby/vendor_ruby/rack/runtime.rb:18:in `call'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/activesupport-4.1.9/lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
    /usr/lib/ruby/vendor_ruby/rack/lock.rb:17:in `call'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/actionpack-4.1.9/lib/action_dispatch/middleware/static.rb:84:in `call'
    /usr/lib/ruby/vendor_ruby/rack/sendfile.rb:113:in `call'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/engine.rb:514:in `call'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/application.rb:144:in `call'
    /usr/lib/ruby/vendor_ruby/rack/content_length.rb:15:in `call'
    /usr/lib/ruby/vendor_ruby/thin/connection.rb:86:in `block in pre_process'
    /usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in `catch'
    /usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in `pre_process'
    /usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
    /usr/lib/ruby/vendor_ruby/thin/connection.rb:39:in `receive_data'
    /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
    /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
    /usr/lib/ruby/vendor_ruby/thin/backends/base.rb:73:in `start'
    /usr/lib/ruby/vendor_ruby/thin/server.rb:162:in `start'
    /usr/lib/ruby/vendor_ruby/rack/handler/thin.rb:19:in `run'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/rack-1.5.5/lib/rack/server.rb:265:in `start'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands/server.rb:69:in `start'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands/commands_tasks.rb:81:in `block in server'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands/commands_tasks.rb:76:in `tap'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands/commands_tasks.rb:76:in `server'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands/commands_tasks.rb:40:in `run_command!'
    /usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/railties-4.1.9/lib/rails/commands.rb:17:in `<top (required)>'
    script/rails:41:in `require'
    script/rails:41:in `<main>'

We can see that it mixes usage of bundled rack files (/usr/lib/dradis/vendor/bundle/ruby/2.2.0/gems/rack-1.5.5) and system rack files (/usr/lib/ruby/vendor_ruby/rack/) which doesn't give good results as one is version 1.5.5 and the other is version 1.6.4...

I was hoping that bundle would avoid this but apparently not. Short of using rvm to have a fully separate ruby setup, I don't see a good way to solve this... alternatively we package dradis properly to use the system gems in their latest versions (but we're not support if dradis is compatible with all the latest versions of everything it uses).

~0005087

joy4u (reporter)

Currently updated my Kali Linux 2016.1 using apt-get update, apt-get upgrade and apt-get disk-upgrade.

After that when I am starting Dradis using service dradis start. And going to the browser http://127.0.0.1:3004 it says unable to connect.

And checking the status using service dradis status it gives the following result.

dradis.service - Dradis web application
Loaded: loaded (/lib/systemd/system/dradis.service; disabled; vendor preset:
Active: failed (Result: exit-code) since Tue 2016-04-05 19:32:52 IST; 8s ago
Process: 2563 ExecStart=/usr/bin/bundle exec script/rails server webrick (code
Process: 2560 ExecStartPre=/bin/sh -c test -e /var/lib/dradis/secretkey || (um
Main PID: 2563 (code=exited, status=1/FAILURE)
Apr 05 19:32:51 kali systemd[1]: Starting Dradis web application...
Apr 05 19:32:51 kali systemd[1]: Started Dradis web application.
Apr 05 19:32:52 kali bundle[2563]: /usr/lib/ruby/vendor_ruby/bundler/resolver.rb
Apr 05 19:32:52 kali bundle[2563]: from /usr/lib/ruby/vendor_ruby/bundle
Apr 05 19:32:52 kali bundle[2563]: from /usr/lib/ruby/vendor_ruby/bundle
Apr 05 19:32:52 kali systemd[1]: dradis.service: Main process exited, code=exite
Apr 05 19:32:52 kali systemd[1]: dradis.service: Unit entered failed state.
Apr 05 19:32:52 kali systemd[1]: dradis.service: Failed with result 'exit-code'.

~0005258

Phexcom (reporter)

https://127.0.0.1:3004/

Internal Server Error
uninitialized constant Rack::Handler::WEBrick::QUERY_STRING
WEBrick/1.3.1 (Ruby/2.3.1/2016-04-26) OpenSSL/1.0.2g at 127.0.0.1:3004

~0005319

ExploitTech (reporter)

same issue with me also showing at the web interface internal service
"Internal Server Error
uninitialized constant Rack::Handler::WEBrick::QUERY_STRING
WEBrick/1.3.1 (Ruby/2.3.1/2016-04-26) OpenSSL/1.0.2g at 127.0.0.1:3004 "

after upgrading

~0005368

crash (reporter)

Last edited: 2016-06-15 08:03

View 2 revisions

Hi Guys! After the last update 14/06/2016 Dradis backs to work again.

Some infos:
The port was changed to 3000.
You must to access http://127.0.0.1:3000 - NO SSL
Set new password

root@Anubis:~# systemctl status dradis
● dradis.service - Dradis web application
   Loaded: loaded (/lib/systemd/system/dradis.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-06-14 09:59:25 CEST; 16s ago
 Main PID: 1467 (ruby2.3)
   CGroup: /system.slice/dradis.service
           └─1467 /usr/bin/ruby2.3 bin/rails server

Jun 14 09:59:25 Anubis systemd[1]: Started Dradis web application.

root@Anubis:~# netstat -naupt | grep ruby
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 1467/ruby2.3

~0005369

Phexcom (reporter)

@crash That's not a fix and it's working for me because Beef Framework is already running on that port 3000

~0005371

crash (reporter)

@Phexcom Yes its a fix. The dradis team changed the configuration, not Kali team.

Just check in https://github.com/dradis/dradis-ce/blob/412d0ccb4264852d2c44f53fc523d989d74d8e81/README.md

"You can browse to the app at http://localhost:3000/"

Just change your beef port or dradis port.

~0005372

Phexcom (reporter)

That README.md file was last updated 2 months ago on April 8. I tried but Can't still get it working

~0005373

ExploitTech (reporter)

@crash it not working at all i change beef-xss port and and replace it with dradis it brought some kind of directory error but beef-xss ran on another port so if you can post a step to step procedure we all be very greatfull thank you very much.

~0005374

crash (reporter)

Last edited: 2016-06-16 09:48

View 3 revisions

@ExploitTech
I just updated my Kali with normal process.

root@Anubis:~# systemctl start dradis
root@Anubis:~# systemctl status dradis
● dradis.service - Dradis web application
   Loaded: loaded (/lib/systemd/system/dradis.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-06-15 08:51:45 CEST; 9s ago
 Main PID: 6734 (ruby2.3)
   CGroup: /system.slice/dradis.service
           └─6734 /usr/bin/ruby2.3 bin/rails server

Jun 15 08:51:45 Anubis systemd[1]: Started Dradis web application.
root@Anubis:~# netstat -anutp | grep ruby
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 6734/ruby2.3

root@Anubis:~# apt-cache show dradis
Package: dradis
Version: 3.1.0~rc2+git20160609-0kali1
Architecture: amd64
Maintainer: Raphaël Hertzog <hertzog@debian.org>
Installed-Size: 123327
Depends: libc6 (>= 2.17), libgcc1 (>= 1:3.4), libgmp10, libmysqlclient18, libruby2.3 (>= 2.3.0~preview2), libsqlite3-0 (>= 3.6.11), libstdc++6 (>= 4.1.1), zlib1g (>= 1:1.2.3.3), adduser, ruby | ruby-interpreter, bundler, ruby-sqlite3, init-system-helpers (>= 1.18~)
Homepage: http://dradisframework.org
Priority: optional
Section: web
Filename: pool/main/d/dradis/dradis_3.1.0~rc2+git20160609-0kali1_amd64.deb
Size: 40233056
SHA256: 9942607f7575e930939ba0532dc9d80e3df993a10be4dcb31792fcff985353bc
SHA1: 1a55f4fb4e621286d33613aac83e79d6dd2dc926
MD5sum: 90cad8028f435fad5af705d3f69a157b


I did a small test intenally, seems that it is working normally.

Also, if you are able to connect in dradis webinternface it is working.
If, you are facing problems inside dradis, it is another problem.

Post your erros please.

* I dont know till the moment what is relation with dradis and beef.

Update: I just finished the process in a fresh install, working perfect.

~0005375

ExploitTech (reporter)

@crash yea thumbs up it working perfectly made some errors in configuring the ports thanks (happy hunting LOL!!!!!!!!!)

~0005376

crash (reporter)

To fix in the menu(XFCE4):

vi /usr/share/applications/kali-dradis.desktop

Change the line:
Exec=sh -c "service dradis start; xdg-open https://127.0.0.1:3004"

To:
Exec=sh -c "service dradis start; xdg-open http://127.0.0.1:3000"

~0005378

sbrun (manager)

fixed with new version 3.1.0~rc2+git20160609-0kali1
the menu is fixed with package kali-menu version 2016.2.14
+Notes

-Issue History
Date Modified Username Field Change
2016-01-29 10:49 joy4u New Issue
2016-01-29 11:26 crash Note Added: 0004636
2016-02-05 21:53 expphoto Note Added: 0004669
2016-02-06 09:09 rhertzog Assigned To => sbrun
2016-02-06 09:09 rhertzog Status new => assigned
2016-02-08 16:18 rhertzog Note Added: 0004678
2016-04-05 14:06 joy4u Note Added: 0005087
2016-05-18 23:50 Phexcom Note Added: 0005258
2016-06-04 21:30 ExploitTech Note Added: 0005319
2016-06-15 08:02 crash Note Added: 0005368
2016-06-15 08:03 crash Note Edited: 0005368 View Revisions
2016-06-15 19:00 Phexcom Note Added: 0005369
2016-06-15 19:20 crash Note Added: 0005371
2016-06-15 19:49 Phexcom Note Added: 0005372
2016-06-15 23:28 ExploitTech Note Added: 0005373
2016-06-16 06:59 crash Note Added: 0005374
2016-06-16 07:41 crash Note Edited: 0005374 View Revisions
2016-06-16 09:48 crash Note Edited: 0005374 View Revisions
2016-06-16 10:02 ExploitTech Note Added: 0005375
2016-06-16 10:49 crash Note Added: 0005376
2016-06-16 14:35 sbrun Note Added: 0005378
2016-06-16 14:35 sbrun Status assigned => resolved
2016-06-16 14:35 sbrun Resolution open => fixed
2016-06-16 14:35 sbrun Fixed in Version => 2016.2
+Issue History