Friday, November 21, 2008

Intrepid Metasploit Ruby 1.8.7 Fix

Just a quick one here, if you use Ubuntu and have updated to the latest Intrepid release, you undoubtedly know that Metasploit hoses over short-name constants. The fix has been released already to Jaunty (the next Ubuntu release 9.04), however is still in intrepid-proposed for Intrepid. If you need Metasploit to work and can't wait for the release next week of the committed version to the normal repositories. If your seeing the following exploit failed message in Metasploit: "Exploit failed: uninitialized constant Msf::ModuleSet::NDR" or variances of that you have the issue. Additionally, when you load up metasploit you may see the following message:

*** This version of the Ruby interpreter has significant problems, we
*** strongly recommend that you switch to version 1.8.6 until these *
*** issues have been corrected. Alternatively, you can download,*
*** build, and install the latest Ruby snapshot from: *
*** - *
*** For more information, please see the following URL: *
*** - *

Heres a workaround:

Go to the software updates under Administration, click the "Updates" tab and select Proposed updates (intrepid-proposed)

If you don't want it to install everything in intrepid proposed you can do selective intrepid-proposed, to do this create a new file under /etc/apt/ and call it preferences and add the following:

Package: *
Pin: release a=intrepid-updates
Pin-Priority: 900

Package: *
Pin: release a=intrepid-proposed
Pin-Priority: 400

From there, simply go into synaptic package manager, reload the packages, and do a search for ruby1.8, mark for upgrade, install, and metasploit should be working without the short-name constants. The name of the new package is ruby1.8_1.8.7.72-1ubuntu1 (or 0.1).


1 comment:

Михайлов Анатолий said...

You can use Ruby 1.8.6 patch 111 in Ubuntu 8.10
See the article: