On 14.0-RELEASE with no ruby or metasploit installed ... # pkg install metasploit and, after successful installation ... # msfconsole /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/resolver.rb:116:in `rescue in solve_versions': Could not find compatible versions (Bundler::SolveFailure) Because every version of metasploit-framework depends on octokit ~> 4.0 and octokit ~> 4.0 could not be found in locally installed gems, metasploit-framework cannot be used. So, because Gemfile depends on metasploit-framework >= 0, version solving has failed. from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/resolver.rb:79:in `solve_versions' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/resolver.rb:32:in `start' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/definition.rb:570:in `start_resolution' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/definition.rb:301:in `resolve' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/definition.rb:523:in `materialize' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/definition.rb:200:in `specs' from /usr/local/lib/ruby/gems/3.1/gems/bundler-2.4.20/lib/bundler/definition.rb:266:in `specs_for' The 'octokit' error message is nonsense. # gem list | grep 'octo' octokit (8.0.0, 7.2.0) I don't know ruby well enough to chase this any further.
^Triage: fix Summary and assign.
Duplicate bug of 262289 - security/metasploit: Can not launch metasploit Same documentation fix is still appliable and needs to be checked-in. This port requires the addition of seperate gems to include the win32api. As an unprivileged non-root user, please run "bundle install" from the /usr/local/share/metasploit directory cd /usr/local/share/metasploit && bundle install
After further investigation, the fix will likely require more than just a doc update. The reason that the bundle install command referenced works because it is installing newer versions of the rubygem dependencies than are referenced by the Metasploit port. I am attempting to update all of the referenced deps on my dev system to determine if that resolves the issue. Some of those dependent ports will likely need to be upgraded as well and if so, I will submit port update patches for each as needed. Thank you for your patience P.S. if you need a workaround in the meantime and wish to run msfconsole as a non-priv user, there are some steps required: As the non-priv user, you will need to set your Ruby GEM_HOME Path to your home dir: export GEM_HOME="$(ruby -e 'puts Gem.user_dir')" export PATH="$GEM_HOME/bin:$PATH" Then, run "bundle install" from the /usr/local/share/metasploit directory: cd /usr/local/share/metasploit && bundle install
Created attachment 247455 [details] security/metasploit: Adding patch files for Metasploit framework gemspec [Patch 1/2] Adding patch files for Metasploit framework gemspec
Created attachment 247456 [details] security/metasploit: Update for Metasploit to version 6.3.50 and updates to all metasploit specific rubygems Updates to Metasploit and all metasploit specific ruby gems modified: security/metasploit modified: security/rubygem-metasploit-aggregator modified: security/rubygem-metasploit-concern modified: security/rubygem-metasploit-credential modified: security/rubygem-metasploit-model modified: security/rubygem-metasploit-payloads modified: security/rubygem-metasploit_data_models modified: security/rubygem-metasploit_payloads-mettle modified: security/rubygem-nexpose modified: security/rubygem-recog modified: security/rubygem-rex-arch modified: security/rubygem-rex-bin_tools modified: security/rubygem-rex-core modified: security/rubygem-rex-encoder modified: security/rubygem-rex-exploitation modified: security/rubygem-rex-java modified: security/rubygem-rex-mime modified: security/rubygem-rex-nop modified: security/rubygem-rex-ole modified: security/rubygem-rex-powershell modified: security/rubygem-rex-random_identifier modified: security/rubygem-rex-registry modified: security/rubygem-rex-rop_builder modified: security/rubygem-rex-socket modified: security/rubygem-rex-sslscan modified: security/rubygem-rex-struct2 modified: security/rubygem-rex-text modified: security/rubygem-rex-zip
Permission requested from antoine@FreeBSD.org to take over port maintainer for the related specific Metasploit rubygem ports as these will most likely update in conjunction with Metasploit itself.
(In reply to tanawts from comment #6) I think it should be the reverse, in the past years I handled most of the updates.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=71bb03491b119a3181a4158f39c8305dafbd58c0 commit 71bb03491b119a3181a4158f39c8305dafbd58c0 Author: Antoine Brodin <antoine@FreeBSD.org> AuthorDate: 2024-01-05 10:04:30 +0000 Commit: Antoine Brodin <antoine@FreeBSD.org> CommitDate: 2024-01-05 10:05:25 +0000 security/metasploit: fix runtime PR: 276006 MFH: 2024Q1 security/metasploit/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
A commit in branch 2024Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=b18c1349d4e4784b92291da5e864fc3a36599bf4 commit b18c1349d4e4784b92291da5e864fc3a36599bf4 Author: Antoine Brodin <antoine@FreeBSD.org> AuthorDate: 2024-01-05 10:04:30 +0000 Commit: Antoine Brodin <antoine@FreeBSD.org> CommitDate: 2024-01-05 10:12:04 +0000 security/metasploit: fix runtime PR: 276006 MFH: 2024Q1 (cherry picked from commit 71bb03491b119a3181a4158f39c8305dafbd58c0) security/metasploit/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
I believe this ticket is now remediate by the affiliated code check in that was committed. I don't seem to have the permissions to mark ticket status to closed/resolved