Pcaprub module problem

[cemx11]

Hi, have a little problem with the pcaprub module of the metasploid framework. When a try to run any of the auxiliary programs that use pcaprub module fail and get the following error message.





msf auxiliary(ipidseq) > run
[*] The Pcaprub module is not available: no such file to load -- pcaprub
[-] Auxiliary failed: RuntimeError Pcaprub not available
[-] Call stack:
[-] /opt/framework3/msf3/lib/msf/core/exploit/capture.rb:378:in `check_pcaprub_loaded'
[-] /opt/framework3/msf3/lib/msf/core/exploit/capture.rb:75:in `open_pcap'
[-] (eval):68:in `run_host'
[-] /opt/framework3/msf3/lib/msf/core/auxiliary/scanner.rb:92:in `block in run'
[-] /opt/framework3/msf3/lib/msf/core/thread_manager.rb:64:in `call'
[-] /opt/framework3/msf3/lib/msf/core/thread_manager.rb:64:in `block in spawn'[*] Auxiliary module execution completed



i hope somebody can help me. Thanks

[YaKhOo]

i was having probleme updating MSF
found this on a blog
cd /pentest/exploits/framework3/external/pcaprub/
then ruby extconf.rb
make && make install

this solve my proble hope this help you

edit : i found it in this blog : linux-backtrack.com/2011/05/metasploit-pcaprub-fix-in-bt5/

[AstroByte]

See link for solution: http://blog.carlosgarciaprado.com/?t...rub-pentesting

[cemx11]

Hi everybody,

I actually try that a million times with no result... so anybody with another idea, i try bt4 with and old version of metasploid in which it works perfectly... Thanks for your help

[cemx11]

Hi, Thanks for your answer but i al ready have try that solution with no results, i already test the module pcaprub with the test_pcaprub.rb file successfully but again when i try to run the auxiliary i get the same error, Any ideas? maybe something with the system permission or with the sockets...

[deStan]

Yes, i vave the same issue. I tired the auxiliary(synflood) and here is the result:

msf auxiliary(synflood) > run[*] The Pcaprub module is not available: no such file to load -- pcaprub
[-] Auxiliary failed: RuntimeError Pcaprub not available
[-] Call stack:
[-] /opt/framework3/msf3/lib/msf/core/exploit/capture.rb:378:in `check_pcaprub_loaded'
[-] /opt/framework3/msf3/lib/msf/core/exploit/capture.rb:75:in `open_pcap'
[-] (eval):52:in `run'[*] Auxiliary module execution completed

I tried the above fix but it doens't seem to work.

[SwissCheese]

Same here, tried the "fix" but it didn't work. I went back to my BT4 r2 image thinking the problem was BT5. It worked for a little bit until I updated MSF. Then the same problem... could it be a bug introduced in MSF?

[scottm99]

I think so, might want to report this on the MSF framework mailing list. At least one of the BackTrack guys (purehate, I think) watches the MSF mailing list.

To muddy the waters on this a little further I just tested and am able to use pcaprub-required modules (e.g. auxiliary/scanner/discovery/arp_sweep) outside of the gui (i.e. when booting BT5 & getting to a command prompt before running startx). So, the pcaprub fix mentioned by AstroByte, and me here does seem to work. This feels like a bug (maybe path problem) in either BT5 or in MSF; I can't tell yet.

[Abbot]

Same problem here with running psnuffles. Cannot find any resolution for this problem. Those solutions mentioned earlier does not work.

Edit:

I have seen that somebody tried to post it as a bug on Metasploit issue tracker, however that post has "rejected" status and the following explation:
"You must run msfconsole with the same ruby you used to rub the test_pcaprub. Its likely you are using the bundled Ruby which will not see the installed pcaprub module."
Anybody can explain what to do next?

[Befepgs]

Starting msfconsole like this solved it for me:

Code:

# ruby /pentest/exploits/framework3/msfconsole
                                  _       _
             _                   | |     (_)_
 ____   ____| |_  ____  ___ ____ | | ___  _| |_
|    \ / _  )  _)/ _  |/___)  _ \| |/ _ \| |  _)
| | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__
|_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___)
                           |_|


       =[ metasploit v3.8.0-dev [core:3.8 api:1.0]
+ -- --=[ 691 exploits - 358 auxiliary - 39 post
+ -- --=[ 222 payloads - 27 encoders - 8 nops
       =[ svn r12729 updated today (2011.05.26)

msf > use scanner/ip/ipidseq
msf auxiliary(ipidseq) > set RHOSTS 127.0.0.1
RHOSTS => 127.0.0.1
msf auxiliary(ipidseq) > run
[*] 127.0.0.1's IPID sequence class: Incremental!
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ipidseq) >