Metasploit (i love you) is, it goes without saying, the penetration testing framework of choice of a wide spectrum of professionals (and script-kiddies).
One of the reasons is that everything works “out of the box”, kind of a plug and play evil hacker toolbox.
But playing with it in Backtrack I found that some of the dependencies are not installed, in particular the Pcap wrapper.
msf auxiliary(ipidseq) > run
[-] Auxiliary failed: RuntimeError Pcaprub is not available
[-] Call stack:
[-] (eval):65:in `run_host'
[-] /opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:114:in `join'
[-] /opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:114:in `run'
[*] Auxiliary module execution completed
This is really an annoyance if you take into account that several auxiliary modules make use of the Pcap library.
Fortunately, get this working is really easy, just locate the external/pcaprub directory under the framework root dir and compile/install this ruby module.
root@bt:/pentest/exploits/framework3/external/pcaprub# ls
LICENSE README extconf.rb pcaprub.c test_pcaprub.rb
root@bt:/pentest/exploits/framework3/external/pcaprub#
checking for pcap_open_live() in -lpcap... yes
checking for pcap_setnonblock() in -lpcap... yes
creating Makefile
cc -I. -I. -I/usr/lib/ruby/1.8/i486-linux -I. -D_FILE_OFFSET_BITS=64 -fPIC -fno-strict-aliasing -g -g -O2 -fPIC -c pcaprub.c
cc -shared -o pcaprub.so pcaprub.o -L. -L/usr/lib -L. -Wl,-Bsymbolic-functions -rdynamic -Wl,-export-dynamic -lruby1.8 -lpcap -lpcap -lpthread -ldl -lcrypt -lm -lc
root@bt:/pentest/exploits/framework3/external/pcaprub# make install
/usr/bin/install -c -m 0755 pcaprub.so /usr/local/lib/site_ruby/1.8/i486-linux
And there you go! Keep exploiting! :)
