syntax error: "rescue StandardError"

[havardMoe]

I seem to get this error no matter which of the existing scenarios I try to initialize.
Is it a version error, does this look familiar to anyone?

==> random_server: Running provisioner: puppet...
==> random_server: Running Puppet with environment production...
==> random_server: Warning: Facter: Error loading fact /tmp/vagrant-puppet/modules-2788a4ec9eecc2ca7f170aa62adbc174/vcsrepo/lib/facter/vcsrepo_svn_ver.rb: /tmp/vagrant-puppet/modules-2788a4ec9eecc2ca7f170aa62adbc174/vcsrepo/lib/facter/vcsrepo_svn_ver.rb:15: syntax error, unexpected keyword_rescue, expecting keyword_end
==> random_server:   rescue StandardError
==> random_server:         ^

Then afterwards:

==> random_server: Error: Could not autoload puppet/parser/functions/parsejson: cannot load such file -- puppet/util/json
==> random_server: Error: Evaluation Error: Error while evaluating a Function Call, Could not autoload puppet/parser/functions/parsejson: cannot load such file -- puppet/util/json at /tmp/vagrant-puppet/modules-2788a4ec9eecc2ca7f170aa62adbc174/secgen_functions/functions/get_parameters.pp:4:24 on node debian-9.0.0-amd64
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
Non-zero exit status...
Error provisioning VMs, destroying VMs and exiting SecGen.

[havardMoe]

Seems like it is a syntax-error for the ruby-file .../vcsrepo/lib/facter/vcsrepo_svn_ver.rb.
But I have no idea why this generated ruby-file will have a syntax error

[gtk2105]

Hi havardMoe, did you have any luck with this issue? I have tried building SecGen on both Ubuntu22/Ubuntu20 Server and Desktop but seem to result in this issue you have posted.

[havardMoe]

nop. I sadly got stuck and had to go elsewhere for my vulnerable boxes

[sadkris]

Found your solution. In issue #562 for vcsrepo, the solution mentioned is to downgrade git to 2.25.1. That version isn't included in the current apt repositories, so you have to either add focal to your sources list, or compile that version of git from the apt sources. Apparently, they released a patch to a CVE for git that broke vcs a lot, and downgrading to that version fixes most issues.

[gtk2105]

@sadkris awesome finding! That has seemed to have fixed the rescue StandardError.

Onto the next problem with Modules failing to run. Such as when running the command:
ruby secgen.rb --scenario scenarios/ctf/flawed_fortress.xml run

This results in error:
Module failed to run (bundle exec ruby modules/generators/compression/zip/secgen_local/local.rb) Failed to resolve scenario.

[sadkris]

Might be wrong, but try running bundle install. Had a bunch of those issues just now, and that fixed it inexplicably

[sadkris]

That is indeed wrong. Gonna look into it more, but I just put up a pull request for my branch that fixes a lot of problems with the templates. Undocumented still is the git fix, but I'll try to automate it eventually.

[gtk2105]

Are you running the Ubuntu Server straight on Hardware, or through Virtualization? I understand that SecGen can use Virtualbox on the VM, and was wondering if there could be issues if we were to run a VM.

Essentially Windows > Virtual Box VM for Ubuntu (SecGen) > Generated VMs

[sadkris]

Using Ubuntu Focal on VMWare right now

[gtk2105]

I have been running Ubuntu Focal Desktop on an Intel NUC, I am currently looking at running a Virtual Machine (Ubuntu Focal Desktop) with nested virtualization enabled.
I will run a Windows 10 Environment and then Virtualize Ubuntu using Virtualbox with nested virtualization.

That way I can take advantage of using snapshots for trial and error.

[gtk2105]

Update:

All of the following was conducted on a new Ubuntu Focal Desktop VM hosted on a Windows Environment. The SecGen environment was configured in accordance with the instructions posted on https://github.com/cliffe/SecGen revision [3fd6b74bf54e49a7067b68afbbcb2d04cbb610f7]

Completed Successfully

I have successfully run the following commands from SecGen directory:

• ruby secgen.rb run which generated one VM being SecGen-default-scenario-escalation

Completed with Errors

I also ran these commands from the SecGen directory, however resulted in errors:

• ruby secgen.rb --scenario scenarios/ctf/hackme_crackme.xml run which failed with error

There was an error while executing VBoxManage, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.
Command: ["startvm", "e912860c-e065-4c25-8129-6890d0762629", "--type", "headless"]
Stderr: VBoxManage: error: Failed to construct device 'ichac97' instance #0 (VERR_CFGM_NOT_ENOUGH_SPACE)
VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component ConsoleWrap, interface IConsole

• ruby secgen.rb --scenario scenarios/ctf/post_it.xml run which failed with error

[Output omitted]
[Librarian] Conflict between puppetlabs-stdlib (>= 4.13.1, < 6.0.0) https://forgeapi.puppetlabs.com (from puppet-download_file) and puppetlabs-stdlib/8.5.0 https://forgeapi.puppetlabs.com
Could not resolve the dependencies.
[Output omitted]
Non-zero exit status...
Failed to prepare puppet modules!

• ruby secgen.rb --scenario scenarios/ctf/ptsd.xml run which failed with error

[Output omitted]
[Librarian] Conflict between puppetlabs-stdlib/0.1.1 https://forgeapi.puppetlabs.com and puppetlabs-stdlib (>= 5.0.0, < 9.0.0) https://forgeapi.puppetlabs.com (from SecGen-modules_utilities_unix_system_accounts_newer_accounts-accounts)
[Librarian] Backtracking from puppetlabs-stdlib/0.1.1 https://forgeapi.puppetlabs.com
[Librarian] Failed to resolve puppetlabs-stdlib (>= 0) https://forgeapi.puppetlabs.com (from Puppetfile)
Could not resolve the dependencies.
[Output omitted]
Non-zero exit status...
Failed to prepare puppet modules!

It seems as if the ptsd scenario was stepping down all the puppetlab-stdlib versions starting at 8.5.0 and then backtracking down.

• ruby secgen.rb --scenario scenarios/ctf/encoding_challenges.xml run which failed with error

==> system: Warning: Facter: Error loading fact /tmp/vagrant-puppet/modules-9c23c2ed18f78cfd3a1ee95b68b23e2c/vcsrepo/lib/facter/vcsrepo_svn_ver.rb: /tmp/vagrant-puppet/modules-9c23c2ed18f78cfd3a1ee95b68b23e2c/vcsrepo/lib/facter/vcsrepo_svn_ver.rb:15: syntax error, unexpected keyword_rescue, expecting keyword_end
==> system: rescue StandardError
==> system: ^
==> system: Error: Could not autoload puppet/parser/functions/parsejson: cannot load such file -- puppet/util/json
==> system: Error: Evaluation Error: Error while evaluating a Function Call, Could not autoload puppet/parser/functions/parsejson: cannot load such file -- puppet/util/json at /tmp/vagrant-puppet/modules-9c23c2ed18f78cfd3a1ee95b68b23e2c/secgen_functions/functions/get_parameters.pp:4:24 on node secgen-encoding-challenges-system.lan
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
Non-zero exit status...
Error provisioning VMs, destroying VMs and exiting SecGen.
Loading vagrant (destroy -f) in /home/user1/SecGen/projects/SecGen20230127_143222
==> system: Forcing shutdown of VM...
==> system: Destroying VM and associated drives...

[Pflegusch]

I'm also struggling to get SecGen to work right now. I've been trying to get it to work in a Ubuntu 22.04 and 20.04 environment running on a Win 10 host with Hyper-V, but had no success. I only had partly success in a Kali Linux environment, but it would only work sometimes. Now I've been trying to get it to work on normal Ubuntu 22.04 environment with no virtualization but I still have no luck. Will try to use the downgrade git fix mentioned above now

@gtk2105 have you figured it out by now?

[gtk2105]

@Pflegusch not quite, what I have noticed and believe I read somewhere is that the Virtual Box VMs aren't being kept up to date, this could be a strong reason as to why a lot of scenarios fail.

[sadkris]

Yeah, that's the issue, check my pull request for details. The current plan is to go into them and update them when I have the chance, then upload the images and replace the links with my own whenever I have free time.

[sadkris]

#232 (comment)

[cliffe]

Hi folks,

Thanks for your interest in the project. Sorry it can be a faf to get SecGen installed. I think the install instructions have been updated, and make sure you manually update the base boxes as described in the troubleshooting section of the README.

Closing this issue as I'm cleaning up the SecGen issue tracker.

You might be interested in our hosted solution: https://hacktivity.leedsbeckett.ac.uk/