ruby wpxf.rb.

[devil67]

$ruby wpxf.rb /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require': /home/derento/Scrivania/wordpress-exploit-framework/lib/wpxf/net/http_server.rb:92: syntax error, unexpected '.' (SyntaxError) @http_server_thread&.exit ^ from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:inrequire' from /home/derento/Scrivania/wordpress-exploit-framework/lib/wpxf/core.rb:58:in <top (required)>' from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:inrequire' from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require' from /home/derento/Scrivania/wordpress-exploit-framework/env.rb:43:in<top (required)>' from wpxf.rb:4:in require_relative' from wpxf.rb:4:in

'

[phyushin]

Hi Devil67, It looks like you're running ruby version 2.2.0 the readme says it needs at least 2.4.3 to run: Ensure that you have Ruby >= 2.4.3 installed... Can you install a later version of ruby and try again?

If you're using RVM I think the command is Rvm install ruby=2.4.3

Let me know how you get on

• Phyu

[phyushin]

sorry the command is rvm install ruby-2.4.3

[devil67]

no have rvm installed because i have Linux backbox 4.4.0-121-generic #145~14.04.1-Ubuntu SMP Mon Apr 16 18:40:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

[rastating]

For instructions on installing RVM, see https://rvm.io/

[devil67]

rvm install ruby-2.4.3 Searching for binary rubies, this might take some time. Found remote file https://rubies.travis-ci.org/ubuntu/14.04/x86_64/ruby-2.4.3.tar.bz2 Checking requirements for ubuntu. Requirements installation successful. ruby-2.4.3 - #configure ruby-2.4.3 - #download % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0Warning: Failed to create the file bin-ruby-2.4.3.tar.bz2.part: Permesso Warning: negato 0 14.1M 0 16360 0 0 9037 0 0:27:23 0:00:01 0:27:22 37013 curl: (23) Failed writing body (0 != 16360) There was an error(23). Checking fallback: ftp://rubies.travis-ci.org/ubuntu/14.04/x86_64/ruby-2.4.3.tar.bz2?rvm=1.29.3 Checking fallback: https://www.mirrorservice.org/sites/rubies.travis-ci.org/ubuntu/14.04/x86_64/ruby-2.4.3.tar.bz2?rvm=1.29.3 No fallback URL could be found, try increasing timeout with:

echo "export rvm_max_time_flag=20" >> ~/.rvmrc

Downloading https://rubies.travis-ci.org/ubuntu/14.04/x86_64/ruby-2.4.3.tar.bz2 failed

[rastating]

It looks like your user does not have the required permissions - try running with sudo.

[devil67]

sudo -E rvm install ruby-2.4.3 sudo: rvm: command not found Thanks rastating but i got this

[rastating]

Sounds like you may have not added the appropriate lines into your .bashrc file. I'd recommend taking a look on Stack Overflow for instances of other people having the same problem.

This sounds quite similar: https://stackoverflow.com/questions/30426132/sudo-rvm-command-not-found-rvmsudo-doesnt-work-either-ubuntu-13-10

[devil67]

rvm |head -1 Ruby enVironment Manager 1.29.3 (manual) (c) 2009-2017 Michal Papis, Piotr Kuczynski, Wayne E. Seguin

[devil67]

but when i try sudo rvm install ruby-2.4.3 sudo: rvm: command not found

[devil67]

i try this sudo -s | )| || | _| | __| |/ \ / \ _ | | || | / | |/ / _` | | | | | | | '_| | |) | _| (| < (| | || | || | |
|____/ || _||__,|_/ \/|_|

┌─[✗]─[root@backbox]─[~/Scrivania] └──╼ #rvm install ruby-2.4.3 Comand "rvm" no found

[devil67]

i try rvmsudo rvm install ruby-2.4.3 Warning: can not check /etc/sudoers for secure_path, falling back to call via /usr/bin/env, this breaks rules from /etc/sudoers. Run:

export rvmsudo_secure_path=1

to avoid the warning, put it in shell initialization file to make it persistent.

In case there is no secure_path in /etc/sudoers. Run:

export rvmsudo_secure_path=0

to avoid the warning, put it in shell initialization file to make it persistent. curl: /usr/local/lib/libcurl.so.4: no version information available (required by curl) Searching for binary rubies, this might take some time. Found remote file https://rubies.travis-ci.org/ubuntu/14.04/x86_64/ruby-2.4.3.tar.bz2 Checking requirements for ubuntu. Requirements installation successful. ruby-2.4.3 - #configure ruby-2.4.3 - #download curl: /usr/local/lib/libcurl.so.4: no version information available (required by curl) % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 14.1M 100 14.1M 0 0 674k 0 0:00:21 0:00:21 --:--:-- 791k No checksum for downloaded archive, recording checksum in user configuration. ruby-2.4.3 - #validate archive ruby-2.4.3 - #extract ruby-2.4.3 - #validate binary ruby-2.4.3 - #setup ruby-2.4.3 - #gemset created /home/derento/.rvm/gems/ruby-2.4.3@global ruby-2.4.3 - #importing gemset /usr/share/rvm/gemsets/global.gems................................... ruby-2.4.3 - #generating global wrappers........ ruby-2.4.3 - #gemset created /home/derento/.rvm/gems/ruby-2.4.3 ruby-2.4.3 - #importing gemsetfile /usr/share/rvm/gemsets/default.gems evaluated to empty gem list ruby-2.4.3 - #generating default wrappers........

[devil67]

Required ruby-2.5.1 is not installed. To install do: 'rvm install "ruby-2.5.1"'

[rastating]

If you've got 2.4.3 installed, it should work OK. Ruby 2.5.1 is the latest stable release that is recommended. If you want to install Ruby 2.5.1, repeat the steps you used to install 2.4.3.

If you'd prefer to stick to 2.4.3, then just run WPXF as normal.

[devil67]

ruby wpxf.rb

Failed to load required dependency: colorize

You must run "bundle install" prior to using WordPress Exploit Framework. If bundler is not present on your system, you can install it by running "gem install bundler"

bundle install /usr/lib/ruby/2.2.0/rubygems/dependency.rb:315:in to_specs': Could not find 'bundler' (>= 0) among 18 total gem(s) (Gem::LoadError) Checked in 'GEM_PATH=/home/derento/.rvm/gems/ruby-2.4.3:/home/derento/.rvm/gems/ruby-2.4.3@global', executegem envfor more information from /usr/lib/ruby/2.2.0/rubygems/dependency.rb:324:into_spec' from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_gem.rb:64:in gem' from /usr/local/bin/bundle:22:in

'

gem env /usr/share/rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/commands/environment_command.rb:154: warning: Insecure world writable dir /usr/bin in PATH, mode 040777 RubyGems Environment:

• RUBYGEMS VERSION: 2.6.14
• RUBY VERSION: 2.4.3 (2017-12-14 patchlevel 205) [x86_64-linux]
• INSTALLATION DIRECTORY: /home/derento/.rvm/gems/ruby-2.4.3
• USER INSTALLATION DIRECTORY: /home/derento/.gem/ruby/2.4.0
• RUBY EXECUTABLE: /usr/share/rvm/rubies/ruby-2.4.3/bin/ruby
• EXECUTABLE DIRECTORY: /home/derento/.rvm/gems/ruby-2.4.3/bin
• SPEC CACHE DIRECTORY: /home/derento/.gem/specs
• SYSTEM CONFIGURATION DIRECTORY: /etc
• RUBYGEMS PLATFORMS:
  • ruby
  • x86_64-linux
• GEM PATHS:
  • /home/derento/.rvm/gems/ruby-2.4.3
  • /home/derento/.rvm/gems/ruby-2.4.3@global
• GEM CONFIGURATION:
  • :update_sources => true
  • :verbose => true
  • :backtrace => false
  • :bulk_threshold => 1000
• REMOTE SOURCES:
  • https://rubygems.org/
• SHELL PATH:
  • /home/derento/.rvm/gems/ruby-2.4.3/bin
  • /home/derento/.rvm/gems/ruby-2.4.3@global/bin
  • /usr/share/rvm/rubies/ruby-2.4.3/bin
  • /usr/share/rvm/bin
  • /home/derento/.rvm/gems/ruby-2.5.1/bin
  • /home/derento/.rvm/gems/ruby-2.5.1@global/bin
  • /usr/games
  • /usr/games
  • /usr/local/sbin
  • /usr/local/bin
  • /usr/sbin
  • /usr/bin
  • /sbin
  • /bin
  • /usr/games
  • /usr/local/games

[rastating]

As per the error message:

You must run "bundle install" prior to using WordPress Exploit Framework.
If bundler is not present on your system, you can install it by running "gem install bundler"

Follow these instructions and you should be up and running.

[devil67]

bundle install /usr/lib/ruby/2.2.0/rubygems/dependency.rb:315:in to_specs': Could not find 'bundler' (>= 0) among 18 total gem(s) (Gem::LoadError) Checked in 'GEM_PATH=/home/derento/.rvm/gems/ruby-2.4.3:/home/derento/.rvm/gems/ruby-2.4.3@global', executegem envfor more information from /usr/lib/ruby/2.2.0/rubygems/dependency.rb:324:into_spec' from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_gem.rb:64:in gem' from /usr/local/bin/bundle:22:in

'

gem install bundler ERROR: While executing gem ... (Gem::FilePermissionError) You don't have write permissions for the /home/derento/.rvm/gems/ruby-2.4.3 directory.

sudo gem install bundler Successfully installed bundler-1.16.1 Parsing documentation for bundler-1.16.1 Done installing documentation for bundler after 8 seconds 1 gem installed ruby wpxf.rb

Failed to load required dependency: colorize

You must run "bundle install" prior to using WordPress Exploit Framework. If bundler is not present on your system, you can install it by running "gem install bundler"

[devil67]

sudo bundle install Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this application for all non-root users on this machine. Using bundler 1.16.1 Using colorize 0.8.1 Using diff-lcs 1.3 Using ffi 1.9.18 Using ethon 0.11.0 Using mime-types-data 3.2016.0521 Using mime-types 3.1 Using mini_portile2 2.3.0 Using nokogiri 1.8.2 Using require_all 2.0.0 Using rspec-support 3.7.0 Using rspec-core 3.7.0 Using rspec-expectations 3.7.0 Using rspec-mocks 3.7.0 Using rspec 3.7.0 Using rubyzip 1.2.1 Using slop 4.6.2 Using typhoeus 1.3.0 Bundle complete! 8 Gemfile dependencies, 18 gems now installed. Use bundle info [gemname] to see where a bundled gem is installed.

[devil67]

ruby --version ruby 2.4.3p205 (2017-12-14 revision 61247) [x86_64-linux]