From nobody Sun Sep 19 11:22:59 2021
X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 63DBD17DA1A6
	for <freebsd-ports@mlmmj.nyi.freebsd.org>; Sun, 19 Sep 2021 11:23:10 +0000 (UTC)
	(envelope-from mbeis.bsd@xs4all.nl)
Received: from lb3-smtp-cloud9.xs4all.net (lb3-smtp-cloud9.xs4all.net [194.109.24.30])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.xs4all.net", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4HC50F1VHHz4bwL
	for <freebsd-ports@freebsd.org>; Sun, 19 Sep 2021 11:23:09 +0000 (UTC)
	(envelope-from mbeis.bsd@xs4all.nl)
Received: from cust-4d3d4e1c ([IPv6:fc0c:c15c:9b91:d718:ab52:6970:6e3e:f35f])
	by smtp-cloud9.xs4all.net with ESMTPA
	id RuuRmoWJDcSrkRuuTm8NNy; Sun, 19 Sep 2021 13:23:02 +0200
Date: Sun, 19 Sep 2021 13:22:59 +0200 (CEST)
From: Marco Beishuizen <mbeis.bsd@xs4all.nl>
Reply-To: Marco Beishuizen <mbeis.bsd@xs4all.nl>
To: freebsd-ports@freebsd.org
Subject: security/metasploit: package ... is not in GOROOT
Message-ID: <123eeb3e-e6cc-e9ec-c31-99e0386e108c@xs4all.nl>
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-ports
List-Help: <mailto:ports+help@freebsd.org>
List-Post: <mailto:ports@freebsd.org>
List-Subscribe: <mailto:ports+subscribe@freebsd.org>
List-Unsubscribe: <mailto:ports+unsubscribe@freebsd.org>
Sender: owner-freebsd-ports@freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
X-CMAE-Envelope: MS4xfGEXvntkcwG1Q7ByzS8lnGKCGYv/hH3WhQv4zpYvuBERW34243BJnlKncL/wibOl20KEgNxrEZ3d4/NtyKb1eKQnaBPTBag4/1T4+uEC9dhbSKY5ESq/
 sEBIx5uCsOqp7Dy3hO9p9Ilr1aQJalDX1Q/LOr1LbXtX7sM6ll2FwWvQXElfJ8FjWmCmi/OTJCagQg==
X-Rspamd-Queue-Id: 4HC50F1VHHz4bwL
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=pass (policy=none) header.from=xs4all.nl;
	spf=pass (mx1.freebsd.org: domain of mbeis.bsd@xs4all.nl designates 194.109.24.30 as permitted sender) smtp.mailfrom=mbeis.bsd@xs4all.nl
X-Spamd-Result: default: False [-3.89 / 15.00];
	 HAS_REPLYTO(0.00)[mbeis.bsd@xs4all.nl];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 RWL_MAILSPIKE_GOOD(0.00)[194.109.24.30:from];
	 FREEMAIL_FROM(0.00)[xs4all.nl];
	 R_SPF_ALLOW(-0.20)[+ip4:194.109.24.0/24];
	 TO_DN_NONE(0.00)[];
	 NEURAL_HAM_SHORT(-0.99)[-0.987];
	 DMARC_POLICY_ALLOW(-0.50)[xs4all.nl,none];
	 RCVD_IN_DNSWL_LOW(-0.10)[194.109.24.30:from];
	 RCVD_TLS_LAST(0.00)[];
	 R_DKIM_NA(0.00)[];
	 FREEMAIL_ENVFROM(0.00)[xs4all.nl];
	 MIME_TRACE(0.00)[0:+];
	 MID_RHS_MATCH_FROM(0.00)[];
	 ASN(0.00)[asn:3265, ipnet:194.109.0.0/16, country:NL];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	 REPLYTO_EQ_FROM(0.00)[];
	 FROM_HAS_DN(0.00)[];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 MIME_GOOD(-0.10)[text/plain];
	 FREEMAIL_REPLYTO(0.00)[xs4all.nl];
	 RCPT_COUNT_ONE(0.00)[1];
	 FROM_EQ_ENVFROM(0.00)[];
	 RCVD_COUNT_TWO(0.00)[2]
X-ThisMailContainsUnwantedMimeParts: N

Hi,

I'm trying to create an portupdate for metasploit. The created patch is 
working fine and the new metasploit works, but when starting metasploit I 
get some warnings:

[...]
[!] The following modules could not be loaded!..|
[!] 
/usr/local/share/metasploit/modules/auxiliary/scanner/msmail/exchange_enum.go
[!] 
/usr/local/share/metasploit/modules/auxiliary/scanner/msmail/onprem_enum.go
[!] 
/usr/local/share/metasploit/modules/auxiliary/scanner/msmail/host_id.go
[!] Please see /home/marco/.msf4/logs/framework.log for details.
[...]

Checking framework.log reveals that:

[...]
/usr/local/share/metasploit/modules/auxiliary/scanner/msmail/exchange_enum.go:8:2: 
package metasploit/module is not in GOROOT 
(/usr/local/go/src/metasploit/module)
/usr/local/share/metasploit/modules/auxiliary/scanner/msmail/exchange_enum.go:9:2: 
package msmail is not in GOROOT
(/usr/local/go/src/msmail)
[...]

So metasploit is searching in /usr/local/go while the go modules are 
installed in /usr/local/share/metasploit/modules.

I added "USES=go", "SHEBANG_LANG=go" and the relative paths to 
"SHEBANG_FILES", but it keeps giving the warnings. The Makefile so 
far is:

[...]
# Created by: Yonatan <onatan@gmail.com>

PORTNAME=	metasploit
PORTVERSION=	6.1.6
CATEGORIES=	security

MAINTAINER=	tanawts@gmail.com
COMMENT=	Exploit-Framework for Penetration-Testing

LICENSE=	BSD3CLAUSE
LICENSE_FILE=	${WRKSRC}/COPYING

RUN_DEPENDS=	nmap:security/nmap \
 		${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \
 		rubygem-activerecord52>=5.2.2:databases/rubygem-activerecord52 \
 		rubygem-activesupport52>=5.2.2:devel/rubygem-activesupport52 \
 		rubygem-actionpack52>=5.2.2:www/rubygem-actionpack52 \
 		rubygem-bcrypt>=0:security/rubygem-bcrypt \
 		rubygem-bson>=0:devel/rubygem-bson \
 		rubygem-bundler>=0:sysutils/rubygem-bundler \
 		rubygem-jsobfu>=0:www/rubygem-jsobfu \
 		rubygem-json>=0:devel/rubygem-json \
 		rubygem-metasm>=0:devel/rubygem-metasm \
 		rubygem-metasploit-aggregator>=0:security/rubygem-metasploit-aggregator \
 		rubygem-metasploit-concern>=0:security/rubygem-metasploit-concern \
 		rubygem-metasploit-credential>=0:security/rubygem-metasploit-credential \
 		rubygem-metasploit_data_models>=0:security/rubygem-metasploit_data_models \
 		rubygem-metasploit-model>=0:security/rubygem-metasploit-model \
 		rubygem-metasploit-payloads>=2.0.24:security/rubygem-metasploit-payloads \
 		rubygem-metasploit_payloads-mettle>=1.0.2:security/rubygem-metasploit_payloads-mettle \
 		rubygem-msgpack>=0:devel/rubygem-msgpack \
 		rubygem-network_interface>=0:net/rubygem-network_interface \
 		rubygem-rubyntlm>=0:net/rubygem-rubyntlm \
 		rubygem-nokogiri>=0:textproc/rubygem-nokogiri \
 		rubygem-packetfu>=0:net/rubygem-packetfu \
 		rubygem-pcaprub>=0:net/rubygem-pcaprub \
 		rubygem-pg>=0:databases/rubygem-pg \
 		rubygem-railties52>=5.2.2:www/rubygem-railties52 \
 		rubygem-recog>=0:security/rubygem-recog \
 		rubygem-openssl-ccm>=0:security/rubygem-openssl-ccm \
 		rubygem-octokit>=0:net/rubygem-octokit \
 		rubygem-redcarpet>=0:textproc/rubygem-redcarpet \
 		rubygem-patch_finder>=0:devel/rubygem-patch_finder \
 		rubygem-puma>=0:www/rubygem-puma \
 		rubygem-thin>=0:www/rubygem-thin \
 		rubygem-sinatra>=0:www/rubygem-sinatra \
 		rubygem-warden>=0:devel/rubygem-warden \
 		rubygem-em-http-request>=0:www/rubygem-em-http-request \
 		rubygem-tzinfo-data>=0:devel/rubygem-tzinfo-data \
 		rubygem-sshkey>=0:security/rubygem-sshkey \
 		rubygem-bit-struct>=0:devel/rubygem-bit-struct \
 		rubygem-windows_error>=0:devel/rubygem-windows_error \
 		rubygem-xmlrpc>=0:net/rubygem-xmlrpc \
 		rubygem-pdf-reader>=0:print/rubygem-pdf-reader \
 		rubygem-ruby-macho>=0:devel/rubygem-ruby-macho \
 		rubygem-dnsruby>=0:dns/rubygem-dnsruby \
 		rubygem-mqtt>=0:net/rubygem-mqtt \
 		rubygem-net-ldap>=0:net/rubygem-net-ldap \
 		rubygem-net-ssh>=0:security/rubygem-net-ssh \
 		rubygem-ed25519>=0:security/rubygem-ed25519 \
 		rubygem-bcrypt_pbkdf>=0:security/rubygem-bcrypt_pbkdf \
 		rubygem-ruby_smb>=0:net/rubygem-ruby_smb \
 		rubygem-rex-arch>=0:security/rubygem-rex-arch \
 		rubygem-rex-bin_tools>=0:security/rubygem-rex-bin_tools \
 		rubygem-rex-core>=0:security/rubygem-rex-core \
 		rubygem-rex-encoder>=0:security/rubygem-rex-encoder \
 		rubygem-rex-exploitation>=0:security/rubygem-rex-exploitation \
 		rubygem-rex-java>=0:security/rubygem-rex-java \
 		rubygem-rex-mime>=0:security/rubygem-rex-mime \
 		rubygem-rex-nop>=0:security/rubygem-rex-nop \
 		rubygem-rex-ole>=0:security/rubygem-rex-ole \
 		rubygem-rex-powershell>=0:security/rubygem-rex-powershell \
 		rubygem-rex-random_identifier>=0:security/rubygem-rex-random_identifier \
 		rubygem-rex-registry>=0:security/rubygem-rex-registry \
 		rubygem-rex-rop_builder>=0:security/rubygem-rex-rop_builder \
 		rubygem-rex-socket>=0:security/rubygem-rex-socket \
 		rubygem-rex-sslscan>=0:security/rubygem-rex-sslscan \
 		rubygem-rex-struct2>=0:security/rubygem-rex-struct2 \
 		rubygem-rex-text>=0:security/rubygem-rex-text \
 		rubygem-rex-zip>=0:security/rubygem-rex-zip \
 		rubygem-rubyzip>=0:archivers/rubygem-rubyzip \
 		rubygem-sqlite3>=0:databases/rubygem-sqlite3 \
 		rubygem-tzinfo>=0:devel/rubygem-tzinfo \
 		rubygem-filesize>=0:devel/rubygem-filesize \
 		rubygem-openvas-omp>=0:security/rubygem-openvas-omp \
 		rubygem-nessus_rest>=0:security/rubygem-nessus_rest \
 		rubygem-nexpose>=0:security/rubygem-nexpose \
 		rubygem-xdr>=0:converters/rubygem-xdr \
 		rubygem-faker>=0:devel/rubygem-faker \
 		rubygem-concurrent-ruby>=0:devel/rubygem-concurrent-ruby \
 		rubygem-hrr_rb_ssh>=0:security/rubygem-hrr_rb_ssh \
 		rubygem-irb>=0:devel/rubygem-irb \
 		rubygem-aws-sdk-s3>=0:devel/rubygem-aws-sdk-s3 \
 		rubygem-aws-sdk-ec2>=0:devel/rubygem-aws-sdk-ec2 \
 		rubygem-aws-sdk-iam>=0:devel/rubygem-aws-sdk-iam \
 		rubygem-faye-websocket>=0:www/rubygem-faye-websocket \
 		rubygem-eventmachine>=0:devel/rubygem-eventmachine \
 		rubygem-zeitwerk>=0:devel/rubygem-zeitwerk

USES=		cpe go python shebangfix
USE_RUBY=	yes
SHEBANG_LANG=	go
SHEBANG_FILES=	data/exploits/CVE-2017-17562/build.sh \
 		data/exploits/CVE-2017-17562/install-deps.sh \
 		data/exploits/CVE-2017-7494/build.sh \
 		data/exploits/CVE-2017-7494/install-deps.sh \
 		data/exploits/CVE-2021-3156/nss_generic2.py \
 		data/exploits/CVE-2021-3156/nss_u14.py \
 		data/exploits/CVE-2021-3156/nss_u16.py \
 		data/exploits/CVE-2021-3156/userspec_c7.py \
 		data/exploits/CVE-2021-3156/userspec_generic.py \
 		docker/entrypoint.sh \
 		external/source/exploits/CVE-2020-9850/payload/loader/make.py \
 		external/source/exploits/CVE-2020-9850/payload/sbx/build-threadexec.sh \
 		external/source/exploits/CVE-2020-9850/payload/sbx/build-webkit.sh \
 		external/source/exploits/CVE-2020-9850/payload/sbx/embed.py \
 		external/source/shellcode/windows/build.sh \
 		external/source/shellcode/windows/x64/build.py \
 		external/source/shellcode/windows/x86/build.py \
 		external/source/shellcode/windows/x86/src/hash.py \
 		external/source/msfJavaToolkit/compile.sh \
 		external/source/msfJavaToolkit/testKeytool.rb \
 		external/source/msfJavaToolkit/testCompilation.rb \
 		external/source/metsvc/test.rb \
 		docker/bin/msfvenom \
 		docker/bin/msfconsole \
 		modules/auxiliary/example.py \
 		modules/auxiliary/admin/http/cisco_7937g_ssh_privesc.py \
 		modules/auxiliary/admin/http/grafana_auth_bypass.py \
 		modules/auxiliary/admin/teradata/teradata_odbc_sql.py \
 		modules/auxiliary/dos/cisco/cisco_7937g_dos.py \
 		modules/auxiliary/dos/cisco/cisco_7937g_dos_reboot.py \
 		modules/auxiliary/dos/http/slowloris.py \
 		modules/auxiliary/dos/tcp/claymore_dos.py \
 		modules/auxiliary/gather/get_user_spns.py \
 		modules/auxiliary/gather/mikrotik_winbox_fileread.py \
 		modules/auxiliary/gather/office365userenum.py \
 		modules/auxiliary/scanner/http/onion_omega2_login.py \
 		modules/auxiliary/scanner/http/rdp_web_login.py \
 		modules/auxiliary/scanner/msmail/exchange_enum.go \
 		modules/auxiliary/scanner/msmail/host_id.go \
 		modules/auxiliary/scanner/msmail/onprem_enum.go \
 		modules/auxiliary/scanner/smb/impacket/dcomexec.py \
 		modules/auxiliary/scanner/smb/impacket/secretsdump.py \
 		modules/auxiliary/scanner/smb/impacket/wmiexec.py \
 		modules/auxiliary/scanner/ssl/bleichenbacher_oracle.py \
 		modules/auxiliary/scanner/teradata/teradata_odbc_login.py \
 		modules/auxiliary/scanner/wproxy/att_open_proxy.py \
 		modules/exploits/example.py \
 		modules/exploits/linux/smtp/haraka.py \
 		tools/dev/import-dev-keys.sh \
 		tools/dev/update_joomla_components.py \
 		tools/dev/sign-dev-keys.sh \
 		tools/hardware/killerbee_msfrelay.py \
 		tools/modules/aws-aggregator-userdata.sh

USE_GITHUB=	yes
GH_ACCOUNT=	rapid7
GH_PROJECT=	metasploit-framework

CPE_VENDOR=	rapid7

NO_ARCH=	yes
NO_ARCH_IGNORE=	template_x64_bsd.bin template_x86_bsd.bin CVE-2013-2171.bin
STRIP=

post-patch:
 	${REINPLACE_CMD} 's,git ls-files,find . ! -type d | sed "s|^./||", ; \
 		/rb-readline/d' \
 		${WRKSRC}/metasploit-framework.gemspec
 	${REINPLACE_CMD} "/concurrent-ruby/s|,'1.0.5'||" ${WRKSRC}/metasploit-framework.gemspec

do-build:
 	${RM} ${WRKSRC}/Gemfile.lock
 	${TOUCH} ${WRKSRC}/Gemfile.lock
 	${REINPLACE_CMD} "/^group :coverage/,/^end/d ; /^group :development/,/^end/d ; /^group :test/,/^end/d ; /git:/d ; /sqlite3/s|, '~>1.3.0'||" \
 		${WRKSRC}/Gemfile

do-install:
 	@${MKDIR} ${STAGEDIR}${DATADIR}
 	cd ${WRKSRC} && ${PAX} -rw . ${STAGEDIR}${DATADIR}
.for f in msfconsole msfd msfdb msfrpc msfrpcd msfvenom
 	${RLN} ${STAGEDIR}${DATADIR}/${f} ${STAGEDIR}${PREFIX}/bin/${f}
.endfor

post-install:
 	@${FIND} ${STAGEDIR} ! -type d | \
 		${SED} 's,${STAGEDIR}${PREFIX}/,, ; /Gemfile.lock/s|^|@(,,0666) |' >> ${TMPPLIST}
 	@${FIND} -ds ${STAGEDIR}${DATADIR} -type d -empty | \
 		${SED} 's,${STAGEDIR}${PREFIX}/,, ; s,^,@dir ,' >> ${TMPPLIST}

.include <bsd.port.mk>
[...]

So does anyone here has an idea what's wrong?

Thanks in advance,

Regards,
Marco

-- 
This week only, all our fiber-fill jackets are marked down!