Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to start demo app #2

Open
romanianstrife opened this issue Apr 5, 2019 · 5 comments
Open

Unable to start demo app #2

romanianstrife opened this issue Apr 5, 2019 · 5 comments

Comments

@romanianstrife
Copy link

I ran

bundle install

then I got the error

 /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/application.rb:585:in `validate_secret_key_base': Missing `secret_key_base` for 'production' environment, set this string with `rails credentials:edit` (ArgumentError)

so I ran

rails credentials:edit

then I got the error

root@none:/var/www/Rails-doubletap-RCE/demo-5.2.1# rails s -b 0.0.0.0 -e production
=> Booting Puma
=> Rails 5.2.1 application starting in production
=> Run rails server -h for more startup options
Exiting
Traceback (most recent call last):
104: from bin/rails:4:in <main>' 103: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in require'
102: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:253:in load_dependency' 101: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in block in require'
100: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:29:in require' 99: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:20:in require_with_bootsnap_lfi'
98: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/loaded_features_index.rb:83:in register' 97: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:21:in block in require_with_bootsnap_lfi'
96: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:21:in require' 95: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands.rb:18:in

'
94: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/command.rb:46:in invoke' 93: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/command/base.rb:65:in perform'
92: from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor.rb:387:in dispatch' 91: from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor/invocation.rb:126:in invoke_command'
90: from /usr/local/rvm/gems/ruby-2.5.1/gems/thor-0.20.3/lib/thor/command.rb:27:in run' 89: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands/server/server_command.rb:142:in perform'
88: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands/server/server_command.rb:142:in tap' 87: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands/server/server_command.rb:147:in block in perform'
86: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands/server/server_command.rb:53:in start' 85: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/server.rb:283:in start'
84: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/server.rb:354:in wrapped_app' 83: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/commands/server/server_command.rb:27:in app'
82: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/server.rb:219:in app' 81: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/server.rb:319:in build_app_and_options_from_config'
80: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/builder.rb:40:in parse_file' 79: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/builder.rb:49:in new_from_string'
78: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/builder.rb:49:in eval' 77: from config.ru:in '
76: from config.ru:in new' 75: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/builder.rb:55:in initialize'
74: from /usr/local/rvm/gems/ruby-2.5.1/gems/rack-2.0.6/lib/rack/builder.rb:55:in instance_eval' 73: from config.ru:3:in block in '
72: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:44:in require_relative' 71: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in require'
70: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:253:in load_dependency' 69: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in block in require'
68: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:29:in require' 67: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:20:in require_with_bootsnap_lfi'
66: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/loaded_features_index.rb:83:in register' 65: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:21:in block in require_with_bootsnap_lfi'
64: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:21:in require' 63: from /var/www/Rails-doubletap-RCE/demo-5.2.1/config/environment.rb:5:in '
62: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/application.rb:361:in initialize!' 61: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/initializable.rb:60:in run_initializers'
60: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:205:in tsort_each' 59: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:226:in tsort_each'
58: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in each_strongly_connected_component' 57: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in call'
56: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in each' 55: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:349:in block in each_strongly_connected_component'
54: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:431:in each_strongly_connected_component_from' 53: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:350:in block (2 levels) in each_strongly_connected_component'
52: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:228:in block in tsort_each' 51: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/initializable.rb:61:in block in run_initializers'
50: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/initializable.rb:32:in run' 49: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/initializable.rb:32:in instance_exec'
48: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/application/finisher.rb:69:in block in <module:Finisher>' 47: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/application/finisher.rb:69:in each'
46: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:356:in eager_load!' 45: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:475:in eager_load!'
44: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:475:in each' 43: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:477:in block in eager_load!'
42: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:477:in each' 41: from /usr/local/rvm/gems/ruby-2.5.1/gems/railties-5.2.1/lib/rails/engine.rb:478:in block (2 levels) in eager_load!'
40: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:244:in require_dependency' 39: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/active_support.rb:82:in depend_on'
38: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:330:in depend_on' 37: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/active_support.rb:47:in require_or_load'
36: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/active_support.rb:16:in allow_bootsnap_retry' 35: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/active_support.rb:48:in block in require_or_load'
34: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:352:in require_or_load' 33: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:37:in load_interlock'
32: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies/interlock.rb:13:in loading' 31: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/concurrency/share_lock.rb:151:in exclusive'
30: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies/interlock.rb:14:in block in loading' 29: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:37:in block in load_interlock'
28: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:369:in block in require_or_load' 27: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:471:in load_file'
26: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:657:in new_constants_in' 25: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:472:in block in load_file'
24: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:50:in load' 23: from /usr/local/rvm/gems/ruby-2.5.1/gems/bootsnap-1.4.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:50:in load'
22: from /usr/local/rvm/gems/ruby-2.5.1/gems/activestorage-5.2.1/app/models/active_storage/blob.rb:16:in <main>' 21: from /usr/local/rvm/gems/ruby-2.5.1/gems/activestorage-5.2.1/app/models/active_storage/blob.rb:206:in class:Blob'
20: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:51:in run_load_hooks' 19: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:51:in each'
18: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:52:in block in run_load_hooks' 17: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:67:in execute_hook'
16: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:62:in with_execution_control' 15: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:71:in block in execute_hook'
14: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:71:in instance_eval' 13: from /usr/local/rvm/gems/ruby-2.5.1/gems/activestorage-5.2.1/lib/active_storage/engine.rb:81:in block (2 levels) in class:Engine'
12: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/erb.rb:876:in result' 11: from /usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/erb.rb:876:in eval'
10: from (erb):12:in <main>' 9: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/core_ext/module/delegation.rb:271:in method_missing'
8: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/encrypted_configuration.rb:38:in options' 7: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/encrypted_configuration.rb:33:in config'
6: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/encrypted_configuration.rb:21:in read' 5: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/encrypted_file.rb:42:in read'
4: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/encrypted_file.rb:79:in decrypt' 3: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/messages/rotator.rb:21:in decrypt_and_verify'
2: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/message_encryptor.rb:157:in decrypt_and_verify' 1: from /usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/message_encryptor.rb:183:in _decrypt'
/usr/local/rvm/gems/ruby-2.5.1/gems/activesupport-5.2.1/lib/active_support/message_encryptor.rb:206:in `rescue in _decrypt': ActiveSupport::MessageEncryptor::InvalidMessage (ActiveSupport::MessageEncryptor::InvalidMessage)
@romanianstrife
Copy link
Author

Any idea on how I can get this demo app to run?

@mpgn
Copy link
Owner

mpgn commented Apr 5, 2019

Try this: rails/rails#31397 (comment)

@romanianstrife
Copy link
Author

Now I am getting

/usr/local/rvm/gems/ruby-2.5.1/gems/execjs-2.7.0/lib/execjs/runtimes.rb:58:in `autodetect': Could not find a JavaScript runtime. See https://github.com/rails/execjs for a list of available runtimes. (ExecJS::RuntimeUnavailable)

and I already went there and installed therubyracer

any ideas?

@tijldeneut
Copy link

tijldeneut commented Jul 7, 2019
edited
Loading

FYI, full installation based on current commit (tested on Debian 9/10/Kali):

apt update && apt install -y git curl
curl -sSL https://get.rvm.io -o rvm.sh && bash rvm.sh && source /etc/profile.d/rvm.sh
rvm install ruby-2.5.1
git clone https://github.com/mpgn/Rails-doubletap-RCE && cd Rails-doubletap-RCE/demo-5.2.1
sed -i "s/# gem 'mini_racer/gem 'mini_racer/g" Gemfile
bundle install
rm config/credentials.yml.enc && EDITOR=vi rails credentials:edit ## --> Just save & exit 'ZZ'
rails s -b 0.0.0.0 -e production

@tijldeneut
Copy link

And to make the exploit work, change the IP address & port and run this to bypass proxy requirement:
sed -i "s/, $proxy_addr, $proxy_port//g" exploit.rb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mpgn @tijldeneut @romanianstrife