metasploit更新后msfconsole报错You must use Bundler 2 or greater with this lockfile.

在Kali上进行metasploit的更新:

apt-get update
apt-get install -y metasploit-framework

执行msfconsole,报错:

You must use Bundler 2 or greater with this lockfile.

看到这里后,去搜索,按网上的方法

gem update --system
gem install bundler -v 2.0.1

成功安装2.0.1版本的bundler后,可是执行msfconsole还是同样报错,这里得找Gemfile.lock的路径

cd /usr/share/metasploit-framework/
bundler update
# 报错如下
Traceback (most recent call last):
    2: from /usr/local/bin/bundler:23:in `<main>'
    1: from /usr/local/lib/site_ruby/2.5.0/rubygems.rb:308:in `activate_bin_path'
/usr/local/lib/site_ruby/2.5.0/rubygems.rb:289:in `find_spec_for_exe': can't find gem bundler (>= 0.a) with executable bundler (Gem::GemNotFoundException)

最后pcat经过一番摸索,发现最主要的是:安装的bundler版本需要大于等于Gemfile.lock中要求的版本

cd /usr/share/metasploit-framework/
cat Gemfile.lock | grep -A 1 "BUNDLED"

得到bundler的版本

BUNDLED WITH
   2.1.4

重新安装这个版本

gem update --system
gem install bundler -v 2.1.4

之后msfconsole就可以正常运行。

 

-= UPDATE 2020.05.02 =-

有好友反映按照pcat上面的方法更新后,运行msfconsole还会报错:

/usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb:10: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb:10: warning: constant Gem::ConfigMap is deprecated
Could not find json-2.3.0 in any of the sources
Run `bundle install` to install missing gems.

pcat经过测试后发现gem的版本最近更新得很高,为3.1.2,而且还带来很多warning。

# 例如
NOTE: Gem::Specification#rubyforge_project= is deprecated with no replacement. It will be removed on or after 2019-12-01.

经搜索github上有一个做法是:

gem update --system 3.0.6

这是不可取的,这是把gem的版本降低,虽然降了后可以运行msfconsole,但是bundler、wpscan等运行也会报错。

经多番测试,发现只有把gem更新到3.2.0才可以,直接更新是不行的,必须源码安装:

# 源码安装gem 3.2.0
git clone https://github.com/rubygems/rubygems
cd rubygems
ruby setup.rb

# 再进行修复
apt install ruby-dev -y
apt install libpq-dev libpcap-dev libsqlite3-dev -y
cd /usr/share/metasploit-framework/
sed -i 's#https://rubygems.org#https://gems.ruby-china.com#' Gemfile
bundler install --no-deployment
gem install json -v '2.3.0'

这样msfconsole就可以使用了。

不过ruby新版有不少warning:

/usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb:10: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb:29: warning: constant Gem::ConfigMap is deprecated
/usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb:30: warning: constant Gem::ConfigMap is deprecated

# 解决方法
sed -i "s#Gem::ConfigMap\[:arch\]#RbConfig::CONFIG\['arch'\]#g;s#Gem::ConfigMap\[:ruby_version\]#RbConfig::CONFIG\['ruby_version'\]#g" /usr/lib/ruby/vendor_ruby/rubygems/defaults/operating_system.rb
/usr/share/rubygems-integration/all/gems/mime-types-3.2.2/lib/mime/types/logger.rb:30: warning: `_1' is reserved for numbered parameter; consider another name
/usr/share/rubygems-integration/all/gems/mime-types-3.2.2/lib/mime/types/logger.rb:30: warning: `_2' is reserved for numbered parameter; consider another name
/usr/share/rubygems-integration/all/gems/mime-types-3.2.2/lib/mime/types/logger.rb:30: warning: `_3' is reserved for numbered parameter; consider another name

# 暂时没好的解决方法
# 如果不想显示warning
export RUBYOPT='-W0'

rubygems最近修改得不少,要想等到一个相对稳定的版本,还需要一段时间。

 

posted @ 2020-03-15 22:54  pcat  阅读(1562)  评论(1编辑  收藏