search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.29k stars 14.01k forks source link

The nmap executable could not be found #17653

Closed stephenbond closed 1 year ago

stephenbond commented 1 year ago

Summary

Get the following error when running db_nmap.

msf6 > db_nmap -sVC 192.168.1.1
[-] The nmap executable could not be found

Relevant information

Nmap and metasploit-framework are recently installed with snap and located in /snap/bin/ which is in my PATH environment variable:

$ echo $PATH
/home/ste/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
bcoles commented 1 year ago

Is the same path set from within Metasploit? ie:

msf6 > echo $PATH
[*] exec: echo $PATH

/var/lib/gems/3.0.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin
stephenbond commented 1 year ago

ah thanks, it does not appear to be on the path:

msf6 > echo $PATH [*] exec: echo $PATH

/snap/metasploit-framework/515/opt/metasploit-framework/embedded/lib/ruby/gems/3.0.0/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin/../embedded/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin:/snap/metasploit-framework/515/usr/sbin:/snap/metasploit-framework/515/usr/bin:/snap/metasploit-framework/515/sbin:/snap/metasploit-framework/515/bin:/snap/metasploit-framework/515/opt/metasploit-framework/embedded/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games

How do i set the Metasploit path please?

bcoles commented 1 year ago

How are you running msfconsole ? You path looks suspiciously like it has been launched with snap.

How do i set the Metasploit path please?

Metasploit should inherit environment variables from the shell in which it is launched.

# PATH="/tmp/asdf:$PATH" bundle exec ./msfconsole 
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
/usr/lib/x86_64-linux-gnu/ruby/3.0.0/stringio.so: warning: already initialized constant StringIO::VERSION

        +-------------------------------------------------+
        |               _                                 |
        |              /  \                               |
        |             /|oo \        M E T A S P L O I T   |
        |            (_|  /_)                             |
        |             _`@/_ \    _    F R A M E W O R K   |
        |            |     | \   \\                       |
        |            | (*) |  \   ))    Boston, MA, USA   |
        |   ______   |__U__| /  \//                       |
        |  / FIDO \   _//|| _\   /   FidoNet 1:617/1337   |
        | (________) (_/(_|(____/                         |
        |                  (jm)                           |
        +-------------------------------------------------+

       =[ metasploit v6.3.3-dev-e7da4c4612                ]
+ -- --=[ 2314 exploits - 1204 auxiliary - 409 post       ]
+ -- --=[ 968 payloads - 45 encoders - 11 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: Writing a custom module? After editing your 
module, why not try the reload command
Metasploit Documentation: https://docs.metasploit.com/

msf6 > echo $PATH
[*] exec: echo $PATH

/var/lib/gems/3.0.0/bin:/tmp/asdf:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin
msf6 >
stephenbond commented 1 year ago

Hi, this is how i am running - it was installed with snap, so i think that is how it is running, it seems to not be inheriting...

ste@sb-ubuntu:~$ echo $PATH
/home/ste/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/snap/bin

ste@sb-ubuntu:~$ msfconsole

                                   .,,.                  .
                                .\$$$$$L..,,==aaccaacc%#s$b.       d8,    d8P
                     d8P        #$$$$$$$$$$$$$$$$$$$$$$$$$$$b.    `BP  d888888p
                  d888888P      '7$$$$\""""''^^`` .7$$$|D*"'```         ?88'
  d8bd8b.d8p d8888b ?88' d888b8b            _.os#$|8*"`   d8P       ?8b  88P
  88P`?P'?P d8b_,dP 88P d8P' ?88       .oaS###S*"`       d8P d8888b $whi?88b 88b
 d88  d8 ?8 88b     88b 88b  ,88b .osS$$$$*" ?88,.d88b, d88 d8P' ?88 88P `?8b
d88' d88b 8b`?8888P'`?8b`?88P'.aS$$$$Q*"`    `?88'  ?88 ?88 88b  d88 d88
                          .a#$$$$$$"`          88b  d8P  88b`?8888P'
                       ,s$$$$$$$"`             888888P'   88n      _.,,,ass;:
                    .a$$$$$$$P`               d88P'    .,.ass%#S$$$$$$$$$$$$$$'
                 .a$###$$$P`           _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$'
              ,a$$###$$P`  _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS'
           .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$'
_______________________________________________________________   ,&$$$$$$'_____
                                                                 ll&&$$$$'
                                                              .;;lll&&&&'
                                                            ...;;lllll&'
                                                          ......;;;llll;;;....
                                                           ` ......;;;;... .  .

       =[ metasploit v6.3.2-dev-                          ]
+ -- --=[ 2283 exploits - 1201 auxiliary - 409 post       ]
+ -- --=[ 965 payloads - 45 encoders - 11 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: View advanced module options with 
advanced
Metasploit Documentation: https://docs.metasploit.com/

msf6 > echo $PATH
[*] exec: echo $PATH

/snap/metasploit-framework/515/opt/metasploit-framework/embedded/lib/ruby/gems/3.0.0/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin/../embedded/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin:/snap/metasploit-framework/515/usr/sbin:/snap/metasploit-framework/515/usr/bin:/snap/metasploit-framework/515/sbin:/snap/metasploit-framework/515/bin:/snap/metasploit-framework/515/opt/metasploit-framework/embedded/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
msf6 >
stephenbond commented 1 year ago

Should i log this as a bug or is there a fix/workaround. I have googled for the answer but nothing obvious...

bcoles commented 1 year ago

I have googled for the answer but nothing obvious...

The easiest solution would likely be to simply symlink /usr/bin/nmap to /snap/bin/nmap.

Have you tried setting the PATH as per above? PATH="$PATH:/snap/bin/" msfconsole

What is in your msfconsole file (which msfconsole) ? Is it some form of snap wrapper? If so, you may be able to initialise the path there.

Should i log this as a bug or is there a fix/workaround.

I'm not sure why the snap package clears the environment path upon initialisation.

This is a snap specific issue and would need to be fixed outside of Metasploit. The snap package is not maintained by the Metasploit team. Nmap is not shipped with Metasploit.

stephenbond commented 1 year ago

The easiest solution would likely be to simply symlink /usr/bin/nmap to /snap/bin/nmap.

Hmm I tried this now, thought it would work, but appears not.

ste@sb-ubuntu:~$ ls -l /usr/bin/nmap
lrwxrwxrwx 1 root root 14 Feb 17 10:18 /usr/bin/nmap -> /snap/bin/nmap

ste@sb-ubuntu:~$ msfconsole

msf6 > db_nmap 127.0.0.1
[-] The nmap executable could not be found

Have you tried setting the PATH as per above? PATH="$PATH:/snap/bin/" msfconsole

ste@sb-ubuntu:~$ PATH="$PATH:/snap/bin/" msfconsole
[?] Would you like to init the webservice? (Not Required) [no]: 
[?] Would you like to delete your existing data and configurations? []: no
Clearing http web data service credentials in msfconsole
Running the 'init' command for the database:
Existing database found, attempting to start it
Starting database at /home/ste/snap/metasploit-framework/common/.msf4/db...success

                                   ___          ____
                               ,-""   `.      < HONK >
                             ,'  _   e )`-._ /  ----
                            /  ,' `-._<.===-'
                           /  /
                          /  ;
              _          /   ;
 (`._    _.-"" ""--..__,'    |
 <_  `-""                     \
  <`-                          :
   (__   <__.                  ;
     `-.   '-.__.      _.'    /
        \      `-.__,-'    _,'
         `._    ,    /__,-'
            ""._\__,'< <____
                 | |  `----.`.
                 | |        \ `.
                 ; |___      \-``
                 \   --<
                  `.`.<
                    `-'

       =[ metasploit v6.3.2-dev-                          ]
+ -- --=[ 2283 exploits - 1201 auxiliary - 409 post       ]
+ -- --=[ 965 payloads - 45 encoders - 11 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: When in a module, use back to go 
back to the top level prompt
Metasploit Documentation: https://docs.metasploit.com/

msf6 > echo $PATH
[*] exec: echo $PATH

/snap/metasploit-framework/515/opt/metasploit-framework/embedded/lib/ruby/gems/3.0.0/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin/../embedded/bin:/snap/metasploit-framework/515/opt/metasploit-framework/bin:/snap/metasploit-framework/515/usr/sbin:/snap/metasploit-framework/515/usr/bin:/snap/metasploit-framework/515/sbin:/snap/metasploit-framework/515/bin:/snap/metasploit-framework/515/opt/metasploit-framework/embedded/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
msf6 > db_nmap 127.0.0.1
[-] The nmap executable could not be found
msf6 >

What is in your msfconsole file (which msfconsole) ? Is it some form of snap wrapper? If so, you may be able to initialise the path there.

ste@sb-ubuntu:~$ which msfconsole
/snap/bin/msfconsole
stephenbond commented 1 year ago

Are there any other possibilities to get this working before I uninstall the snap version and reinstall with apt.

bcoles commented 1 year ago

Are there any other possibilities to get this working before I uninstall the snap version and reinstall with apt.

snap is intended for containerisation. I suspect even with a working system path you would still not be able to view /snap/bin/nmap from within msfconsole (ls -la /snap/bin/nmap).

I'm not familiar enough with snap to offer additional guidance. You will likely need to configure the metasploit snap package to allow filesystem access to the nmap snap. Alternatively, install nmap natively.

bcoles commented 1 year ago

I've asked the snap package maintainer if bundling nmap if a viable option (#17074). Closing this issue.

JitPatro commented 1 year ago

I added nmap in Metasploit snap. 

msf6 > db_nmap -sVC 10.10.10.131 -Pn
[*] Nmap: Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-20 15:37 IST
[*] Nmap: Nmap scan report for 10.10.10.131
[*] Nmap: Host is up (0.00026s latency).
...

To make sure everything works perfectly, you need to provide the right network permissions to Metasploit snap with this command:-

snap connect metasploit-framework:network-control :network-control

If I had known about this issue, I could've fixed it sooner. I understand users will obviously look for answers in Official Metasploit Repo rather than the snap repo I maintain. If Metasploit devs were willing to maintain the snap, then I'll submit the code. The Metasploit snap package is getting close to 4000 installations.