An empty Hash {} for the s variable implies the add_web_site call failed.

I wasn't able to reproduce this issue on the latest version of Metasploit from master branch.

I added a puts s.inspect:

diff --git a/plugins/wmap.rb b/plugins/wmap.rb
index be8a981..faa940c 100644
--- a/plugins/wmap.rb
+++ b/plugins/wmap.rb
@@ -130,6 +130,7 @@ class Plugin::Wmap < Msf::Plugin
           site = args.shift
           if site
             s = add_web_site(site)
+            puts s.inspect
             if s
               print_status("Site created.")
             else

Simple tests always received data from the s = add_web_site(site) call; unless the database was disconnected, in which case it returned nil:

msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------


msf5 > wmap_sites -a http://1.1.1.1
#<Mdm::WebSite id: 8, service_id: 394, created_at: "2019-02-11 12:35:27", updated_at: "2019-02-11 12:35:27", vhost: "1.1.1.1", comments: nil, options: {}>
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host     Vhost    Port  Proto  # Pages  # Forms
     --  ----     -----    ----  -----  -------  -------
     0   1.1.1.1  1.1.1.1  80    http   0        0


msf5 > wmap_sites -d 0
[*] Deleted 1.1.1.1 on 1.1.1.1 at index 0
msf5 > db_disconnect 
Successfully disconnected from the data service: local_db_service.
msf5 > wmap_sites -a http://1.1.1.1
nil
[-] Unable to create site
msf5 > 

There were some changes made to the wmap plugin a few months ago. It's possible that these changes haven't found their way into the Metasploit package for Kali, but they should be in the package by now.

Is your Metasploit package for Kali up to date? Is Metasploit connected to a database?

Hi,

I have the same problem.

I run metasploit on fedora, installed via dnf. The version is metasploit v5.0.9-dev.

msf5 > wmap_sites -a http://127.0.0.1
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------


msf5 > db_status 
[*] Connected to remote_data_service: (https://localhost:5443). Connection type: http. Connection name: local-https-data-service.

So, the database is connected, and the target site exists.

I tried to update, remove and re-install, it still does not work.

Do you have any idea how I can fix that?

Many thanks !

Hi, I had this problem today.
I make sure my database is connecting.
So, I try to reinstall metasploit-framework.
After that, It work.
Maybe you can try to reinstall.

Thanks for advice.

msf5 > db_status
[*] Connected to remote_data_service: (https://localhost:5443). Connection type: http. Connection name: local-https-data-service.

So the database is connecting.

$ sudo dnf remove metasploit-framework
$ sudo dnf install metasploit-framework

I reinstalled metasploit-framework

$ /opt/metasploit-framework/bin/msfconsole
msf5 > load wmap
msf5 > wmap_sites -a http://127.0.0.1
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------

It still doesn't work, yet I had no errors during any of these commands.

Do you think I miss some extra steps ?

try to use @bcoles 's method to test the plugin
add a line: 'puts s.inspect' after the function add_web_site
the file can find at /opt/metasploit-framework/embedded/framework/plugins/wmap.rb
and open the msfconsole do the same step again
see the result.

Nice try, but I edited the script, and nothing changes.

msf5 >  wmap_sites -a http://127.0.0.1
#<Metasploit::Framework::DataService::RemoteHTTPDataService::SuccessResponse:0x000000000a40fe48 @response=#<Net::HTTPOK 200 OK readbody=true>, @expected=true>
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------

There's probable a couple of different issues here.

FWIW, I can't produce either on master on Ruby 2.3.

[WMAP 1.5.1] ===  et [  ] metasploit.com 2012
[*] Successfully loaded plugin: wmap
msf5 > wmap_sites -a http://127.0.0.1/
#<Mdm::WebSite id: 10, service_id: 396, created_at: "2019-03-06 14:59:40", updated_at: "2019-03-06 14:59:40", vhost: "127.0.0.1", comments: nil, options: {}>
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host       Vhost      Port  Proto  # Pages  # Forms
     --  ----       -----      ----  -----  -------  -------
     0   127.0.0.1  127.0.0.1  80    http   0        0


msf5 > wmap_sites -d 0
[*] Deleted 127.0.0.1 on 127.0.0.1 at index 0
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------


msf5 > service apache2 stop
[*] exec: service apache2 stop

Stopping web server: apache2 ... waiting .
msf5 > service apache2 status
[*] exec: service apache2 status

Apache2 is NOT running.
msf5 > wmap_sites -a http://127.0.0.1/
nil
[-] Unable to create site
msf5 > 

Are you suggesting the problem is because my site is down ?

I don't think so, I can access it (locally).

And I tried adding a public site :

msf5 >  wmap_sites -a https://www.google.com
#<Metasploit::Framework::DataService::RemoteHTTPDataService::SuccessResponse:0x000000000a163b90 @response=#<Net::HTTPOK 200 OK readbody=true>, @expected=true>
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------

Anyway, thanks for trying ;)

But what amazes me most is, when I shutdown my server, and then :

msf5 >  wmap_sites -a http://127.0.0.1
#<Metasploit::Framework::DataService::RemoteHTTPDataService::SuccessResponse:0x00007f33c0feb050 @response=#<Net::HTTPOK 200 OK readbody=true>, @expected=true>
[*] Site created.

It still doesn't show an error of unreachable target.

Are you suggesting the problem is because my site is down ?

I'm suggesting that the issue you're encountering may be different to the OP's; presuming of course that the OP's assessment is correct: Here the variable `s` always has no member, which is a `{}` returned by the function report_web_site().

This is contrary to the Hash object output both you and I received (Metasploit::Framework::DataService and Mdm::WebSite respectviely). However, the OP never replied with the requested output from s.inspect, so I'm not certain if your issue is the same as the OP's.

Your output gets us in the right direction. Thanks.

I can't reproduce this issue using PostgreSQL as a database. I'm guessing the issue here is related to the DataService which is fairly new to the framework. The wmap plugin is comparatively very old and certainly hasn't been maintained or updated in line with changes to the framework.

ok, thanks for your feedback. Would you recommend a modern alternative to wmap ?

cc @busterb - DataService related?

Mostly to audit a pesonnal website. An Apache server with a database.

Hi, I had the same problem as OP (found this thread from google).

Running db_disconnect and then manually db_connecting to the postgres database fixed the problem.

Copying what I did for anybody else finding this:

````
msf5 > db_status
[*] Connected to remote_data_service: (https://localhost:5443). Connection type: http. Connection name: local-https-data-service.
msf5 > db_disconnect
Successfully disconnected from the data service: remote_data_service: (https://localhost:5443).
msf5 > db_connect REDACTED:[email protected]:5432/msf_database
[-] Connection already established. Only one connection is allowed at a time.
[-] Run db_disconnect first if you wish to connect to a different data service.

Current connection information:
[*] Connected to msf. Connection type: postgresql.
msf5 > load wmap

.-.-.-..-.-.-..---..---.
| | | || | | || | || |-'
-----'-'-'-'-^-'-'
[WMAP 1.5.1] === et [ ] metasploit.com 2012
[] Successfully loaded plugin: wmap
msf5 > wmap_sites -a http://www.REDACTED.com
[] Site created.
msf5 > wmap_sites -l

[*] Available sites

 Id  Host             Vhost            Port  Proto  # Pages  # Forms
 --  ----             -----            ----  -----  -------  -------
 0   X.X.X.X          X.X.X.X          80    http   0        0

````

Worked for me too, many thanks !

@bcoles yep noted

This is still an issue in latest master. The suggested workaround of reconnecting to the database doesn't work, and won't, because an exception is always being thrown in lib/msf/core/db_manager/host.rb.

Error handling request: undefined method `hosts' for #<Hash:0x00007fa21d7cf940>.
[..]metasploit-framework/lib/msf/core/db_manager/host.rb:116:in `block in get_host'

This is because, for whatever reason, wspace isn't a Mdm::Workspace object, but is instead a Hash (and therefore, no attribute or method of hosts is available).

Why Msf::Util::DBManager.process_opts_workspace returns a Hash, or why Msf::DBManager::Host.get_host thinks its getting a Mdm::Workspace is a mystery.

That said, I have a workaround that makes things work.

diff --git a/lib/msf/core/db_manager/host.rb b/lib/msf/core/db_manager/host.rb
index d96037be40..6fc158d19c 100644
--- a/lib/msf/core/db_manager/host.rb
+++ b/lib/msf/core/db_manager/host.rb
@@ -112,6 +112,12 @@ module Msf::DBManager::Host
   ::ActiveRecord::Base.connection_pool.with_connection {
     wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework)

+    if wspace.kind_of? Hash
+      opts[:workspace] = opts[:name] if opts[:workspace].nil?
+      opts[:workspace] = "default" if opts[:name].nil? || opts[:workspace].nil?
+      wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework)
+    end
+
     address = Msf::Util::Host.normalize_host(address)
     return wspace.hosts.find_by_address(address)
   }

This ensures that wspace is a Mdm::Workspace instance. There are times when the opts don't contain opts[:workspace], so an attempt is made to use opts[:name] instead. If that doesn't exist, then "default" is used (which will probably not work well if you're using different workspaces).

It goes without saying that after you apply the fix you'll want to exit msfconsole and run msfdb restart to ensure the changes are actually loaded. After that, it should work without any db_disconnects or whatever.

I'm running on macOS and have same problem.

Modifying /opt/metasploit-framework/embedded/framework/lib/msf/core/db_manager/host.rb per previous comment, issuing msfdb restart and msfconsole did NOT resolve the problem for me. db_status says I'm connected

I'm also running on macOS and have the same issue.

I added the code suggested by @bcoles and @elbowdonkey, tried the database disconnect/reconnect trick, but have had no luck. Here's what my output looks like

msf5 > version
Framework: 5.0.53-dev-f51ffbf092c11896a8e8e231bc7c3eed26762abd
Console  : 5.0.53-dev-f51ffbf092c11896a8e8e231bc7c3eed26762abd
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------


msf5 > wmap_sites -a http://127.0.0.1:8000
#<Metasploit::Framework::DataService::RemoteHTTPDataService::SuccessResponse:0x00007ff994f3d410 @response=#<Net::HTTPOK 200 OK readbody=true>>
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

     Id  Host  Vhost  Port  Proto  # Pages  # Forms
     --  ----  -----  ----  -----  -------  -------


wmap_targets -t http://127.0.0.1:8000
[-] No matching host for 127.0.0.1
msf5 >

Same here on Ubuntu:
skip@M3800:~/msf$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.3 LTS"
skip@M3800:~/msf$
skip@M3800:~/msf$ msfconsole -q
msf5 > version
Framework: 5.0.54-dev-
Console : 5.0.54-dev-
msf5 > load wmap
`.-.-.-..-.-.-..---..---.` `| | | || | | || | || |-'` -----'-'-'-'-^-'-'
[WMAP 1.5.1] === et [ ] metasploit.com 2012
[*] Successfully loaded plugin: wmap
msf5 > wmap_sites -l
[*] Available sites
===============
` Id Host Vhost Port Proto # Pages # Forms` ` -- ---- ----- ---- ----- ------- -------`
`msf5 > wmap_sites -a http://127.0.0.1:8000` `[*] Site created.` `msf5 > wmap_sites -l` `[*] Available sites` `===============`
Id Host Vhost Port Proto # Pages # Forms
-- ---- ----- ---- ----- ------- -------

msf5 > wmap_targets -t http://127.0.0.1:8000
[-] No matching host for 127.0.0.1
msf5 > quit
``

Same as the rest, on Mac Mojave.

Same again here - on CentOS.

[scanner@Scannner2 root]$ lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.6.1810 (Core)
Release: 7.6.1810
Codename: Core

msf5 > version
Framework: 5.0.64-dev-
Console : 5.0.64-dev-

msf5 > load wmap
.-.-.-..-.-.-..---..---.
| | | || | | || | || |-'
-----'-'-'-'-^-'-'` [WMAP 1.5.1] === et [ ] metasploit.com 2012`

[*] Successfully loaded plugin: wmap

msf5 > wmap_sites -l
[*] Available sites
===============

Id Host Vhost Port Proto # Pages # Forms
-- ---- ----- ---- ----- ------- -------

msf5 > wmap_sites -a http://127.0.0.1:8000
[*] Site created.
msf5 > wmap_sites -l
[*] Available sites
===============

Id Host Vhost Port Proto # Pages # Forms
-- ---- ----- ---- ----- ------- -------

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.