Fixing SET 5.0.3 & Metasploit 4.6.0

Social EngineeringA quick post to share with you my feedback about an issue I faced after a SET (“Social Engineering Toolkit“) upgrade to the latest version (5.0.3). SET is a wonderful tool that you must master.  I’m using SET on a EC2 instance because it does not interfere with my other IP addresses and I can enable all ports without any issue (nothing else is running on this instance). Note that Amazon has a specific policy to make pentesting from their infrastructure, have a look here).

My current environment is:

  • Ubuntu 12.04-LST (fully patched)
  • SET 5.0.2 (installed from the git repository)
  • Metasploit 4.6

After the SET upgrade, I faced the following error when launching Metasploit from SET (full error dumped to allow the Google crawler to do its job)

set:phishing> Setup a listener [yes|no]:yes
/opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require': no such file to load -- active_support/concern (LoadError)
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/core/module_manager/cache.rb:4
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/core/module_manager.rb:27
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/core/framework.rb:66
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/core.rb:34 
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/ui/console/driver.rb:2
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/ui/console.rb:11
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3/lib/msf/ui.rb:11
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `fastlib_original_require'
 from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
 from /opt/metasploit/apps/pro/msf3//msfconsole:136

Metasploit was running fine when started manually from the command line. Google found a thread on a forum about the same kind of problem. The suggestion was to setup the right environment for Metasploit using the setenv.sh script. Note: Be sure to execute the script using ‘source‘ otherwise a new shell will be spawned and closed immediately without changing your environment:

# source /opt/metasploit/scripts/setenv.sh
# se-toolkit

Same issue, I tried to load ‘active_support/concern’ manually, it worked:

# ruby
require('active_support/concern')
^D
#

Finally, I upgraded the installed Ruby gems with the following command:

# gem update `gem list | cut -d ' ' -f 1`

And the problem was solved! Don’t ask me why, I did not dive into the code and I’m not a Ruby guru it worked for me. If you are facing the same problem, think about upgrading your Gems. Just sharing…

Here is my list of installed Gems:

# gem list

*** LOCAL GEMS ***

actionmailer (3.2.13, 3.2.11)
actionpack (3.2.13, 3.2.11)
activemodel (3.2.13, 3.2.11)
activerecord (3.2.13, 3.2.11)
activeresource (3.2.13, 3.2.11)
activesupport (3.2.13, 3.2.11)
acts_as_list (0.2.0, 0.1.5)
arel (4.0.0, 3.0.2)
authlogic (3.3.0, 3.1.0)
bigdecimal (1.1.0)
bson (1.8.5, 1.6.4)
bson_ext (1.6.1)
builder (3.2.0, 3.0.4)
bundler (1.3.5, 1.1.2)
carrierwave (0.8.0, 0.7.0)
chunky_png (1.2.8, 1.2.6)
coderay (1.0.9, 1.0.8)
compass (0.12.2)
daemons (1.1.9, 1.1.8)
erubis (2.7.0)
eventmachine (0.12.10)
formtastic (2.2.1, 2.1.1)
fssm (0.2.10, 0.2.9)
hike (1.2.2, 1.2.1)
i18n (0.6.4, 0.6.1)
ice_cube (0.10.0, 0.9.1)
io-console (0.3)
journey (1.0.4)
jquery-rails (2.2.1, 2.1.3)
json (1.7.7, 1.6.6, 1.6.5, 1.5.4)
kaminari (0.14.1, 0.14.0)
libv8 (3.16.14.1, 3.11.8.17 x86_64-linux, 3.3.10.4 x86_64-linux)
liquid (2.5.0, 2.3.0)
mail (2.5.3, 2.4.4)
method_source (0.8.1)
mime-types (1.22)
minitest (4.7.2, 2.5.1)
msgpack (0.4.6 ruby)
multi_json (1.7.2, 1.5.0)
nokogiri (1.5.2 ruby)
pg (0.13.2 ruby)
polyglot (0.3.3)
pry (0.9.12, 0.9.10)
rack (1.4.5, 1.4.1 ruby)
rack-cache (1.2)
rack-ssl (1.3.3, 1.3.2)
rack-test (0.6.2)
rails (3.2.13, 3.2.11)
railties (3.2.13, 3.2.11)
rake (10.0.4, 10.0.3, 0.9.2.2)
rdoc (4.0.1, 3.12, 3.9.4)
ref (1.0.4)
robots (0.10.1)
sass (3.2.7, 3.2.1)
slop (3.4.4, 3.3.3)
sprockets (2.9.2, 2.2.2)
state_machine (1.2.0, 1.1.2)
therubyracer (0.9.10)
thin (1.3.1)
thor (0.18.1, 0.16.0)
tilt (1.3.7, 1.3.3)
treetop (1.4.12)
tzinfo (0.3.37, 0.3.35)

One comment

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.