ptf is unable to install metasploit on my Ubuntu 16.04 and 17.04, because it can't locate the package metasploit-framework. It gives me this error :

E: Unable to locate package metasploit-framework

So there is clearly a problem with this metasploit repository.

On Debian 9 I'm getting an odd error when trying to start PTF

root@pentestframework:~/ptf# ./ptf 
[*] You can always type ./ptf --no-network-connection to skip the Internet check..
[*] Checking for an Internet connection...
[*] Trying to update myself first.. Then starting framework.
Already up-to-date.
[!] [!] DANGER WILL ROBINSON. DANGER WILL ROBINSON. Error has occurred.
[!] [!] It's not possible its due to my coding skillz, it must be you? :-)
[!] [!] Printing that error. Get that error. You get it: ['ascii' codec can't encode characters in position 36-47: ordinal not in range(128)]

i get the following issue when i try to install (screenshot). i got most of the way through it, and believe it is something i run into sometimes where i have to manually select the directory. it is possible that it stems from a cup of coffee on the motherboard, as it will not install an os either, but the fix is generally me hardcoding the directory into the script or whatever. i juat cannot seem to locate this one. if you could point me to the correct file, i can fix it. thanx so much and i look foward to trying the tool out.

When installing metasploit module from inside ptf, I am receiving the output located below. I have attempted to change the mkdir command to just cp the file, but still receive the getcwd() error. From the looks of it the metasploit directory just gets removed when the module is run and hits the After Commands portion. I have removed metasploit, postgresql and ptf and started again on an Ubuntu 16 x64 machine, but still no success. Should I be focusing on the After Commands or trying to find old remnants of metasploit that may be causing this issue?

[_] Sending after command: mkdir /root/.msf4 cp /opt/database.yml /root/.msf4/ mkdir: cannot create directory '/root/.msf4': File exists mkdir: cannot create directory '/opt/database.yml': File exists mkdir: cannot create directory '/root/.msf4/': File exists [_] Sending after command: rm -rf /pentest/exploitation/metasploit 2> /dev/null [_] Sending after command: rm -rf /usr/local/bin/msf_ sh: 0: getcwd() failed: No such file or directory [_] Completed running after commands routine.. [_] Running updatedb to tidy everything up.

Bettercap official repository has moved from https://github.com/evilsocket/bettercap to https://github.com/bettercap/bettercap , so it's better to change it inside PTF.

This affects https://github.com/trustedsec/ptf/blob/f3b9902a25cbfdc8de992d61222ac0bc80570dd2/modules/wireless/fluxion.py.

Looks like some copies exist on GitHub, but A) I'm not sure if they're actually legit copies and B) I'm not sure if you want to switch to one of them.

The author mentioned more info in one of those copies: https://github.com/wi-fi-analyzer/fluxion/issues/3

And kinda-sorta complained about another copy: https://github.com/MuhammadOmar125/fluxion/issues/1

Can anyone help me out to completely remove the PTF, lot's of configuration on my apache server is broken after installation, ptf works fine, updated all modules and tested it but now I need to roll-back my apache2 state so if anyone can explain shortly how to completely remove it, would be gratefull.

cheers komodo

See https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/doc/README-DISTROS

Instead of the painful build chain with fallbacks in the above documentation, I ran the following command:

./configure CPPFLAGS='-DJOHN_SYSTEMWIDE -DJOHN_SYSTEMWIDE_EXEC="\"/usr/local/bin\"" -DJOHN_SYSTEMWIDE_HOME="\"/usr/local/share/john\""'  &&
make -s clean && make -sj`nproc` strip &&
rm -rf ../run/*.dSYM &&
sudo mv ../run/{john,john-*,*2john,unshadow,unique,undrop,unafs,base64conv,tgtsnarf,mkvcalcproba,genmkvpwd,calc_stat,raw2dyna,cprepair,SIPdump} /usr/local/bin &&
sudo mkdir -p /usr/local/share/john &&
sudo cp -a ../run/* /usr/local/share/john &&
sudo mv /usr/local/share/john/*.{pl,py,rb} /usr/local/share/john/{relbench,benchmark-unify,mailer,makechr} /usr/local/bin

It's based on the above, but without the fallback options, building with nproc instead of a static 8 threads, and building for the native architecture.

This supports running as a limited user (not a huge deal) and means we don't have to pushd to the run directory in a wrapper script (and therefore we can use relative paths).

jeff@desktop:/tmp$ ls -l hash pwlist.txt 
-rw-rw-r-- 1 jeff jeff   686 May  2 11:36 hash
-rw-rw-r-- 1 jeff jeff 10498 May  2 11:41 pwlist.txt
jeff@desktop:/tmp$ john hash -w:pwlist.txt
john: /usr/local/cuda-8.0/targets/x86_64-linux/lib/libOpenCL.so.1: no version information available (required by john)
Warning: detected hash type "netntlmv2", but the string is also recognized as "ntlmv2-opencl"
Use the "--format=ntlmv2-opencl" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 1 password hash (netntlmv2, NTLMv2 C/R [MD4 HMAC-MD5 32/64])
Will run 32 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
<redacted>          (Administrator)
1g 0:00:00:00 DONE (2017-05-02 11:41) 50.00g/s 50000p/s 50000c/s 50000C/s arizonA1..28961020
Use the "--show" option to display all of the cracked passwords reliably
Session completed

hey there, when i run the framework.py it says

Traceback (most recent call last):
  File "framework.py", line 7, in <module>
    from src.core import *
ImportError: No module named src.core

instead using from src.core import * why don't you just use from core import * ? after change the import section into from core import * it's runs like what i thought

Hey 👋

efa0cd5b2b89e255469fe6d22c4aee0651e098b2ea93bcb1547abb0872c74830c5b6a781cb29804f broke the small feature that we introduced in c3e8a9d9c79f3dda28793cc40bbde1b98374a3eb. The feature allowed the user to omit the category name, so I could type use crackmapexec instead of use modules/post-exploitation/crackmapexec.

Here's the result now:

ptf> use crackmapexec
[!] [!] DANGER WILL ROBINSON. DANGER WILL ROBINSON. Error has occurred.
[!] [!] It's not possible its due to my coding skillz, it must be you? :-)
[!] [!] Printing that error. Get that error. You get it: module not found

If I revert efa0cd5b2b89e255469fe6d22c4aee0651e098b2ea93bcb1547abb0872c74830c5b6a781cb29804f, it works again. Would you be willing to accept a patch to revive the feature and immortalize it in the docs?

It's okay to say no.

Thanks a lot for the recent quar-time updates by the way.

🐼

Edit: fixed commitish

Re Open

It seems that ptf> use modules/install_update_all, broke the wafw00f install in Kali Linux Rolling.

The only way or running wafw00f successfully is going to:

/pentest/intelligence-gathering/waffit/wafw00f/ and running main.py

ls on the folder:

/pentest/intelligence-gathering/waffit/wafw00f# ls -ltrn total 48 drwxr-xr-x 2 0 0 4096 jul 28 00:39 tests drwxr-xr-x 2 0 0 4096 jul 28 00:39 plugins -rw-r--r-- 1 0 0 628 jul 28 00:39 manager.py -rwxr-xr-x 1 0 0 20390 jul 28 00:39 main.py drwxr-xr-x 2 0 0 4096 jul 28 00:39 lib -rw-r--r-- 1 0 0 46 jul 28 00:39 init.py drwxr-xr-x 2 0 0 4096 jul 28 00:39 bin -rw-r--r-- 1 0 0 177 jul 28 00:39 init.pyc

If I run it using the command wafw00f directly in that folder or any folder the error I get is:

/pentest/intelligence-gathering/waffit/wafw00f# wafw00f Traceback (most recent call last): File "/usr/local/bin/wafw00f", line 4, in import('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f') File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 2928, in @_call_aside File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 2914, in _call_aside f(_args, *_kwargs) File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 2941, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 637, in _build_master return cls._build_from_requirements(requires) File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 650, in _build_from_requirements dists = ws.resolve(reqs, Environment()) File "/usr/local/lib/python2.7/dist-packages/pkg_resources/init.py", line 829, in resolve raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'pluginbase==0.3' distribution was not found and is required by wafw00f

The version of ZAP installed is behind the master branch that addressed this

References: https://www.blumira.com/analysis-log4shell-local-trigger/ https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/

https://github.com/zaproxy/zaproxy/pull/6979. https://github.com/zaproxy/zaproxy/issues/6980

Unsure what magic was done, but the magic needs updating to the most recent URL to pull a newer version via wget.