WPScan and Gem Nokogiri [SOLVED]

Started by drego85, December 13, 2013, 03:03:15 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

drego85

December 13, 2013, 03:03:15 PM Last Edit: December 16, 2013, 10:15:20 AM by raffaele
Hi Guys,
I'll tell you my story with WPScan and Nokogiri, I hope we can find a solution. :)

By starting WPScan gave me this error:

Quote
drego85@bb-machine:/~$ sudo wpscan
sh: 0: getcwd() failed: No such file or directory

[!] Warning: This tool is located in /opt/backbox/wpscan
Remember to give the full absolute path when specifying a file

wpscan.rb:154: odd number list for Hash
     show_progression: true,
                      ^
wpscan.rb:154: syntax error, unexpected ':', expecting '}'
     show_progression: true,
                      ^
wpscan.rb:154: Can't assign to true
wpscan.rb:155: syntax error, unexpected ':', expecting '='
     exclude_content:  wpscan_options.exclude_content_based
                     ^
wpscan.rb:156: syntax error, unexpected '}', expecting kEND
wpscan.rb:191: syntax error, unexpected ':', expecting ')'
         file: wpscan_options.enumerate_all_...
              ^
wpscan.rb:191: syntax error, unexpected ',', expecting kEND
wpscan.rb:193: syntax error, unexpected ')', expecting kEND
wpscan.rb:213: syntax error, unexpected ':', expecting ')'
         file: wpscan_options.enumerate_all_...
              ^
wpscan.rb:213: syntax error, unexpected ',', expecting kEND
wpscan.rb:215: syntax error, unexpected ')', expecting kEND
wpscan.rb:234: syntax error, unexpected ':', expecting ')'
         file: DATA_DIR + '/timthumbs.txt',
              ^
wpscan.rb:234: syntax error, unexpected ',', expecting kEND
wpscan.rb:236: syntax error, unexpected ')', expecting kEND
wpscan.rb:259: syntax error, unexpected ':', expecting ')'
         range: wpscan_options.enumerate_usernames_range,
               ^
wpscan.rb:260: syntax error, unexpected ':', expecting '='
         show_progression: false
                          ^
wpscan.rb:274: syntax error, unexpected ':', expecting ')'
       wp_users.output(margin_left: ' ' * 4)
                                   ^
wpscan.rb:274: syntax error, unexpected ')', expecting kEND
wpscan.rb:279: syntax error, unexpected ':', expecting ')'
...User.new(wp_target.uri, login: wpscan_options.username)
                             ^
wpscan.rb:279: syntax error, unexpected ')', expecting kEND
wpscan.rb:300: syntax error, unexpected ':', expecting ')'
                            show_progression: true,
                                             ^
wpscan.rb:300: Can't assign to true
wpscan.rb:301: syntax error, unexpected ':', expecting '='
                            verbose: wpscan_options.verbose)
                                    ^
wpscan.rb:301: syntax error, unexpected ')', expecting kEND
wpscan.rb:303: syntax error, unexpected ':', expecting ')'
       wp_users.output(show_password: true, margin_left: ' ' * 2)
                                     ^
wpscan.rb:303: Can't assign to true
       wp_users.output(show_password: true, margin_left: ' ' * 2)
                                           ^
wpscan.rb:303: syntax error, unexpected ':', expecting '='
       wp_users.output(show_password: true, margin_left: ' ' * 2)
                                                        ^
wpscan.rb:303: syntax error, unexpected ')', expecting kEND
wpscan.rb:315: syntax error, unexpected kRESCUE, expecting kEND
 rescue => e
       ^
wpscan.rb:327: syntax error, unexpected $end, expecting kEND

Now I have try to reinstall WPScan:

Quote
sudo apt-get install wpscan --reinstall

and it gave me error:

QuoteLettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze      
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti NUOVI saranno installati:
 wpscan
0 aggiornati, 1 installati, 0 da rimuovere e 0 non aggiornati.
È necessario scaricare 0 B/4940 kB di archivi.
Dopo quest'operazione, verranno occupati 5007 kB di spazio su disco.
Selezionato il pacchetto wpscan non precedentemente selezionato.
(Lettura del database... 263096 file e directory attualmente installati.)
Estrazione di wpscan (da .../wpscan_2.1-0backbox5_all.deb)...
Elaborazione dei trigger per desktop-file-utils...
Configurazione di wpscan (2.1-0backbox5)...
Extracting wpscan...
Installing Ruby Gems...
Fetching gem metadata from https://rubygems.org/.........
Fetching gem metadata from https://rubygems.org/..
Resolving dependencies...
Using addressable (2.3.5)
Using safe_yaml (0.9.7)
Using crack (0.4.1)
Using diff-lcs (1.2.5)
Using docile (1.1.1)
Using ffi (1.3.1)
Using mime-types (1.25.1)
Using ethon (0.5.10)
Using json (1.8.1)
Using mini_portile (0.5.2)
Using multi_json (1.8.2)
Installing nokogiri (1.6.0)
Gem::InstallError: nokogiri requires Ruby version >= 1.9.2.
An error occurred while installing nokogiri (1.6.0), and Bundler cannot
continue.
Make sure that `gem install nokogiri -v '1.6.0'` succeeds before bundling.
dpkg: errore nell'elaborare wpscan (--configure):
il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 5
Si sono verificati degli errori nell'elaborazione:
wpscan
E: Sub-process /usr/bin/dpkg returned an error code (1)

Ok, I have also tried:

Quote
sudo apt-get remove wpscan && sudo apt-get autoremove && sudo apt-get autoclean && sudo reboot

When the system is rebooted I installed WPScan, but it gave me the same error as before.

I think ...Should I install a newer version of Ruby!

The command "rvm list" reminds me that I have installed Ruby 1.8, and not the version 1.9.2 request.

Ok, I decided to install the latest version of Ruby!


Quote
sudo apt-get update
sudo apt-get install git make libcurl4-openssl-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
sudo apt-get install curl

\curl -sSL https://get.rvm.io | bash -s stable --ruby

source ~/.rvm/scripts/rvm

rvm autolibs enable
rvm requirements
rvm list
rvm --default use 2.0.0

Ok,
Now everything must go!

Quotesudo apt-get install wpscan

.... .... ....

QuoteGem::InstallError: nokogiri requires Ruby version >= 1.9.2.
An error occurred while installing nokogiri (1.6.0), and Bundler cannot
continue.
Make sure that `gem install nokogiri -v '1.6.0'` succeeds before bundling.

IS NOT POSSIBLE!  :o :o

Ok,
I can try install WPScan by GIT Repository in my HOME folder (It is bold, there is a reason)!

Quotegit clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install --without test development

Beautiful, work everything!

But...

I can try install WPScan by GIT Repository in original folder /opt/backbox/wpscan:

Quote
cd /opt/backbox/
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install --without test development

Disaster:

QuoteInstalling nokogiri (1.6.0)
Gem::InstallError: nokogiri requires Ruby version >= 1.9.2.
An error occurred while installing nokogiri (1.6.0), and Bundler cannot
continue.
Make sure that `gem install nokogiri -v '1.6.0'` succeeds before bundling.
dpkg: errore nell'elaborare wpscan (--configure):
il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 5
Si sono verificati degli errori nell'elaborazione:
wpscan
E: Sub-process /usr/bin/dpkg returned an error code (1)

Why if I installed in the "original" folder Nokogiri goes wrong but if I install it in my home everything is fine?

Andrea

PS Sorry for my English...
Andrea Draghetti
Personal Blog

weVeg

#1
December 13, 2013, 03:18:47 PM
Hi, have you checked that: "Make sure that `gem install nokogiri -v '1.6.0'` succeeds before bundling." ??
Other I don't know! I don't have this trouble, all works fine!
m2c
una voce libera è sempre liberatrice
under_r00t

drego85

#2
December 13, 2013, 04:40:54 PM
Quote from: weVeg on December 13, 2013, 03:18:47 PM
Hi, have you checked that: "Make sure that `gem install nokogiri -v '1.6.0'` succeeds before bundling." ??
Other I don't know! I don't have this trouble, all works fine!
m2c

Oh yeah, sorry I forgot, of course I checked! Nokogiri is installed!
Andrea Draghetti
Personal Blog

weVeg

#3
December 13, 2013, 07:08:57 PM
Quote from: drego85 on December 13, 2013, 04:40:54 PM
Oh yeah, sorry I forgot, of course I checked! Nokogiri is installed!
I was sure that you did it, but you know, sometimes happen to forget simple step =)
Bye!
una voce libera è sempre liberatrice
under_r00t

TH3CR4CK3R

#4
December 14, 2013, 06:05:06 AM
I have had this issue before. It seems to come from installing newer versions of ruby. The way I was able to "temp" fix it was to delete /usr/bin/ruby1.8   and  /usr/bin/ruby   ,, and replace them with soft links to /usr/bin/ruby1.9.1

then gems would install without issues for all tools.

ZEROF

#5
December 14, 2013, 06:34:59 PM
Hi all,

Wpscan was update in our repo, now all looks fine. Test it ;).

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

raffaele

#6
December 14, 2013, 07:44:56 PM
In BackBox 3.x ruby1.8 is not necessary! Please remove it:

Code Select
sudo apt-get purge ruby1.8
raffaele@backbox:~$ Get root or die tryin'

drego85

#7
December 16, 2013, 08:45:07 AM
Quote from: ZEROF on December 14, 2013, 06:34:59 PM
Hi all,

Wpscan was update in our repo, now all looks fine. Test it ;).

Great job guys,
now work everything!

QuoteConfigurazione di wpscan (2.2+git20131214-0backbox1)...
Installing Ruby Gems...
Fetching gem metadata from https://rubygems.org/.........
Fetching gem metadata from https://rubygems.org/..
Resolving dependencies...
Using ffi (1.9.3)
Using mime-types (1.25.1)
Using ethon (0.6.1)
Using json (1.8.1)
Using mini_portile (0.5.2)
Using nokogiri (1.6.1)
Using ruby-progressbar (1.3.2)
Using terminal-table (1.4.5)
Using typhoeus (0.6.6)
Using bundler (1.3.5)
Your bundle is complete!
Gems in the group test were not installed.
Use `bundle show [gemname]` to see where a bundled gem is installed.
Andrea Draghetti
Personal Blog
Print
Go Up Pages1
User actions