2017-12-17 09:43 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0003446Kali Linux[All Projects] Kali Package Bugpublic2016-07-28 09:35
Reporterpgrohe 
Assigned Tosbrun 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
Product Version2016.1 
Target VersionFixed in Version2016.2 
Summary0003446: Metasploit Framework - pattern_create.rb fails with Gem::LoadError for rex-text after Kali dist-upgrade
DescriptionThe pattern_create.rb script that comes with Metasploit fails to execute after doing a dist-upgrade on a fresh install of the latest Kali Linux 64 bit ISO.

Prior to dist-upgrade pattern_create.rb runs correctly.

After dist-upgrade, the following error is generated:

root@kali:/usr/share/metasploit-framework/tools/exploit# ./pattern_create.rb 500
/usr/lib/ruby/2.3.0/rubygems/dependency.rb:319:in `to_specs': Could not find 'rex-text' (>= 0) among 101 total gem(s) (Gem::LoadError)
Checked in 'GEM_PATH=/root/.gem/ruby/2.3.0:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all', execute `gem env` for more information
    from /usr/lib/ruby/2.3.0/rubygems/dependency.rb:328:in `to_spec'
    from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:65:in `gem'
    from ./pattern_create.rb:11:in `<main>'


Fix
----
Running 'gem install rex-text' resolved the issue for me. I'm not too familiar with Ruby gem / environment management so I'm unsure if this is a clean way of resolving the problem. Ideally this would not be required and it would work 'out of of the box' after the dist-upgrade.


NOTE - I'm unclear whether this is a Kali packaging issue or this is a Metasploit codebase issue. Please advise if this needs to go to Metasploit's bug tracker.
Steps To ReproduceSteps to Reproduce
1 - Download latest Kali 2016 64 bit iso
2 - Install from ISO
3 - Open terminal and change to directory /usr/share/metasploit-framework/tools/exploit
4 - Run the command: ./pattern_create.rb 500
5 - Observer succesful execution of pattern_create.rb Ruby script
6 - Do a dist-upgrade by executing the command: apt-get update && apt-get dist-upgrade. Wait for everything to complete.
7 - Execute the command: ./pattern_create.rb 500
8 - Note gem error (see Description above for full error output)
Additional Informationroot@kali:/usr/share/metasploit-framework/tools/exploit# gem query --local

*** LOCAL GEMS ***

addressable (2.4.0)
ansi (1.5.0)
atomic (1.1.16)
bigdecimal (1.2.8)
buftok (0.2.0)
bundler (1.12.5)
celluloid (0.16.0)
celluloid-io (0.16.2)
daemons (1.1.9)
data_objects (0.10.16)
did_you_mean (1.0.0)
diff-lcs (1.2.5)
dm-core (1.2.1)
dm-do-adapter (1.2.0)
dm-migrations (1.2.0)
dm-serializer (1.2.2)
dm-sqlite-adapter (1.2.0)
do_mysql (0.10.16)
do_postgres (0.10.16)
do_sqlite3 (0.10.16)
docile (1.1.5)
domain_name (0.5.20160216)
em-websocket (0.5.1)
equalizer (0.0.10)
erubis (2.7.0)
ethon (0.9.0)
eventmachine (1.0.7)
execjs (2.6.0)
faraday (0.9.2)
ffi (1.9.10)
geoip (1.4.0)
hitimes (1.2.1)
http (1.0.2)
http-cookie (1.0.2)
http-form_data (1.0.1)
http_parser.rb (0.6.0)
httpclient (2.7.1)
io-console (0.4.5)
json (1.8.3)
librex (0.0.68)
libv8 (3.16.14.13)
memoizable (0.4.2)
mime (0.4.3)
mime-types (2.6.1)
mini_exiftool (2.7.2)
minitest (5.9.0)
mojo_magick (0.5.6)
molinillo (0.5.0)
msfrpc-client (1.0.1)
msgpack (0.7.4)
multi_json (1.11.2)
multipart-post (1.2.0)
naught (1.0.0)
net-http-digest_auth (1.4)
net-http-persistent (2.9.4)
net-telnet (0.1.1)
nio4r (1.2.1)
nokogiri (1.6.8)
oj (2.17.1)
parseconfig (1.0.2)
pkg-config (1.1.7)
power_assert (0.2.7)
psych (2.0.17)
qr4r (0.4.0)
rack (1.6.4)
rack-protection (1.5.3)
rainbow (2.1.0)
rake (10.5.0)
rchardet (1.6.1)
rdoc (4.2.1)
ref (2.0.0)
rexec (1.6.3)
rqrcode (0.4.2)
rspec-expectations (3.4.0)
rspec-support (3.4.1)
ruby-progressbar (1.6.0)
rubydns (1.0.3)
rubyzip (1.1.7)
simple_oauth (0.3.1)
simplecov (0.11.1)
simplecov-html (0.10.0)
sinatra (1.4.7)
snmp (1.2.0)
spider (0.4.4)
sqlite3 (1.3.11)
term-ansicolor (1.3.0)
terminal-table (1.4.5)
test-unit (3.1.7)
therubyracer (0.12.2)
thin (1.6.3)
thor (0.19.1)
thread_safe (0.3.5)
tilt (2.0.1)
timers (4.1.1)
tins (1.1.0)
twitter (5.16.0)
typhoeus (1.0.2)
uglifier (2.7.2)
unf (0.1.4)
unf_ext (0.0.7.2)
yajl-ruby (1.2.0)


Attached Files

-Relationships
+Relationships

-Notes

~0005589

pgrohe (reporter)

I tried this again from a fresh install.

Just want to add that after doing the dist-upgrade, simply running 'bundle install' from /usr/share/metasploit-framework/ does not resolve the issue even though rex-text is mentioned in the output when running 'bundle install'.

Output of 'bundle install' from /usr/share/metasploit-framework

Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will
break this application for all non-root users on this machine.
Using rake 11.2.2
Using i18n 0.7.0
Using json 1.8.3
Using minitest 5.9.0
Using thread_safe 0.3.5
Using builder 3.2.2
Using erubis 2.7.0
Using mini_portile2 2.1.0
Using pkg-config 1.1.7
Using rack 1.6.4
Using arel 6.0.3
Using addressable 2.4.0
Using bcrypt 3.1.11
Using bit-struct 0.15.0
Using docile 1.1.5
Using multipart-post 2.0.0
Using filesize 0.1.1
Using rkelly-remix 0.0.6
Using metasm 1.0.2
Using thor 0.19.1
Using pg 0.18.4
Using pg_array_parser 0.0.9
Using rubyntlm 0.6.0
Using rubyzip 1.2.0
Using metasploit-payloads 1.1.13
Using metasploit_payloads-mettle 0.0.5
Using msgpack 1.0.0
Using network_interface 0.0.1
Using openssl-ccm 1.2.1
Using pcaprub 0.12.4
Using patch_finder 1.0.2
Using rb-readline-r7 0.5.2.0
Using redcarpet 3.3.4
Using rex-java 0.1.2
Using rex-text 0.1.1
Using rex-registry 0.1.0
Using robots 0.10.1
Using sqlite3 1.3.11
Using sshkey 1.8.0
Using simplecov-html 0.10.0
Using bundler 1.12.5
Using tzinfo 1.2.2
Using nokogiri 1.6.8
Using rack-test 0.6.3
Using faraday 0.9.2
Using jsobfu 0.4.1
Using packetfu 1.1.11
Using rex-random_identifier 0.1.0
Using rex-zip 0.1.0
Using simplecov 0.12.0
Using activesupport 4.2.7
Using tzinfo-data 1.2016.6
Using loofah 2.0.3
Using recog 2.0.21
Using sawyer 0.7.0
Using rex-powershell 0.1.0
Using rails-deprecated_sanitizer 1.0.3
Using activemodel 4.2.7
Using rails-html-sanitizer 1.0.3
Using octokit 4.3.0
Using rails-dom-testing 1.0.7
Using activerecord 4.2.7
Using actionview 4.2.7
Using arel-helpers 2.3.0
Using postgres_ext 3.0.0
Using actionpack 4.2.7
Using railties 4.2.7
Using metasploit-concern 2.0.1
Using metasploit-model 2.0.0
Using metasploit_data_models 2.0.0
Using metasploit-credential 2.0.3
Using metasploit-framework 4.12.14 from source at `.`
Bundle complete! 14 Gemfile dependencies, 72 gems now installed.
Gems in the groups development and test were not installed.
Bundled gems are installed into ./vendor/bundle.

~0005592

rhertzog (administrator)

Running the ruby script directly means running outside of the bundle... so it doesn't find the gem. You should try to execute it through "bundle exec tools/exploit/pattern_create.rb 500". Does it work that way when run from /usr/share/metasploit-framework/ ?

Version 4.12.11 added “gem 'rex-text'” line and only that line in this script. I'm not sure why. It might be worth asking upstream the reason for this.

~0005593

rhertzog (administrator)

Here's the change I mentioned:
http://git.kali.org/gitweb/?p=packages/metasploit-framework.git;a=commitdiff;h=41be45450076022d23720d3a27f86d355a04f82f#patch110

~0005594

pgrohe (reporter)

Running 'bundle exec tools/exploit/pattern_create.rb 500' from /usr/share/metasploit-framework does work.

Note that it looks like they added a -l switch to specify length of the patterns now, so the command above will complain about missing arguments to pattern_create.rb, but the script does execute without the gem error.

~0005595

pgrohe (reporter)

Last edited: 2016-07-25 19:43

View 5 revisions

Works from the msfconsole prompt as well. You'll need to specify the full path to pattern_create.rb when running it.

So if I understand correctly the gems required for this script are in a seperate, isolated Ruby environment (bundle?) for metasploit-framework and are not 'visible' to Ruby when just running from the terminal? Like virtualenv in Python.

Not that big a deal to have to 'bundle exec' or run from msfconsole I guess but it is a change from how these scripts could be executed previously.

Regarding following up with upstream about the reasons for this, is that something I should do? What is the upstream being referred to in this case? Raise an issue on metasploit-framework github?

~0005596

rhertzog (administrator)

I filed this ticket against metasploit: https://github.com/rapid7/metasploit-framework/issues/7123

~0005597

rhertzog (administrator)

@pgrohe, yes bundler is ruby's virtualenv. Let's see what upstream has to say on the issue I filed.

~0005610

sbrun (manager)

the new version 4.12.15-0kali2 fixes this issue (we change the ruby interpreter of the tools/exploit/*.rb files)
+Notes

-Issue History
Date Modified Username Field Change
2016-07-25 16:11 pgrohe New Issue
2016-07-25 18:14 pgrohe Note Added: 0005589
2016-07-25 19:19 rhertzog Note Added: 0005592
2016-07-25 19:21 rhertzog Note Added: 0005593
2016-07-25 19:21 rhertzog Assigned To => sbrun
2016-07-25 19:21 rhertzog Status new => assigned
2016-07-25 19:28 pgrohe Note Added: 0005594
2016-07-25 19:37 pgrohe Note Added: 0005595
2016-07-25 19:40 pgrohe Note Edited: 0005595 View Revisions
2016-07-25 19:43 pgrohe Note Edited: 0005595 View Revisions
2016-07-25 19:43 pgrohe Note Edited: 0005595 View Revisions
2016-07-25 19:43 pgrohe Note Edited: 0005595 View Revisions
2016-07-25 19:50 rhertzog Note Added: 0005596
2016-07-25 19:52 rhertzog Note Added: 0005597
2016-07-28 09:35 sbrun Note Added: 0005610
2016-07-28 09:35 sbrun Status assigned => resolved
2016-07-28 09:35 sbrun Resolution open => fixed
2016-07-28 09:35 sbrun Fixed in Version => 2016.2
+Issue History