Metasploit-framework: parrern_create.rb could not find 'rex-text'

Created on 7 May 2020  Â·  6Comments  Â·  Source: rapid7/metasploit-framework

Steps to reproduce

in kali with metasploit Framework Version: 5.0.88-dev- running the command as root
/opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb -l 3000

I am trying to follow along with a guide to produce some random text for buffer overflow, not used this command before, when i do i get an error;

Traceback (most recent call last):                                                                                   
        3: from /opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb:16:in `<main>'          
        2: from /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_gem.rb:62:in `gem'                                      
        1: from /usr/lib/ruby/2.7.0/rubygems/dependency.rb:323:in `to_spec'                                          
/usr/lib/ruby/2.7.0/rubygems/dependency.rb:311:in `to_specs': Could not find 'rex-text' (>= 0) among 90 total gem(s) 
(Gem::MissingSpecError)                                                                                              
Checked in 'GEM_PATH=/root/.gem/ruby/2.7.0:/var/lib/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/share/rubygems-integrati│
on/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0', execute `gem env`│
for more information

Expected behaviour

give out a string of text

You might also want to check the last ~1k lines of
/opt/metasploit/apps/pro/engine/config/logs/framework.log or
~/.msf4/logs/framework.log for relevant stack traces

confirmed
Source
picture benjaminholloway

Most helpful comment

@benjaminholloway I think this is happening as the tool has been invoked using the system's Ruby install, rather than the embedded Ruby that came with metasploit-framework. Could you confirm if the following command works as a work around? I've added /opt/metasploit-framework/embedded/bin/ruby before the tool you wanted to use:

/opt/metasploit-framework/embedded/bin/ruby /opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb -l 3000

picture adfoster-r7 on 7 May 2020
🚀1 😄1

All 6 comments

@benjaminholloway I think this is happening as the tool has been invoked using the system's Ruby install, rather than the embedded Ruby that came with metasploit-framework. Could you confirm if the following command works as a work around? I've added /opt/metasploit-framework/embedded/bin/ruby before the tool you wanted to use:

/opt/metasploit-framework/embedded/bin/ruby /opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb -l 3000

adfoster-r7 picture adfoster-r7 on 7 May 2020
🚀1 😄1

@jmartin-r7 Is this something you've come across before? I tried checking if this was a duplicate issue, but couldn't find any references. I was thinking we might want to update metasploit ommibus to have similar framework wrappers for the standalone tools?

Or maybe replacing the shebang within the top of each tool would be enough, i.e. for pattern_create.rb:

- #!/usr/bin/env ruby
+ #!/opt/metasploit-framework/embedded/bin/ruby

Happy to raise an issue over at metasploit-omnibus if that's a better place to discuss this :+1:

adfoster-r7 picture adfoster-r7 on 7 May 2020

adfoster-r7 you are my hero. that works, thank you very much,

temporary fix - /opt/metasploit-framework/embedded/bin/ruby /opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb -l 3000

I am pretty new with computers, this is the first time I have used this command, I think I understand your second comment, however when I change
- #!/usr/bin/env ruby
for
+ #!/opt/metasploit-framework/embedded/bin/ruby
in the pattern_create.rb
i get a different error,

/opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb -l 3000
/opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb: line 8: msfbase: command not found
/opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb: line 9: syntax error near unexpected to ken `msfbase'
/opt/metasploit-framework/embedded/framework/tools/exploit/pattern_create.rb: line 9: `while File.symlink?(msfbase)'

Should I raise the issue with metasploit? Im sure it will sound more eloquent from you.
Thank you.

benjaminholloway picture benjaminholloway on 7 May 2020

@adfoster-r7 we have run into a similar issue in the past. Adding wrappers for tools or some other adjustment in metasploit-omnibus is likely the right place to fix this.

jmartin-r7 picture jmartin-r7 on 7 May 2020
👍1

To add clarification this is likely related to how the ruby version and bundler impact the load path. In the past we have found starting things from the embedded framework directory where the metasploit-framework.gemspec is located tends to prompt correct gemset enforcement by bundler.

jmartin-r7 picture jmartin-r7 on 7 May 2020

Thanks for the extra context! I've created a separate issue in the metasploit ommibus repo to keep track of this now https://github.com/rapid7/metasploit-omnibus/issues/126

adfoster-r7 picture adfoster-r7 on 7 May 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

handsomebeast picture handsomebeast  Â·  3Comments
felipee07 picture felipee07  Â·  3Comments
jecoliho picture jecoliho  Â·  3Comments
bcoles picture bcoles  Â·  3Comments
wvu-r7 picture wvu-r7  Â·  3Comments