Tuesday, December 23, 2014

Kali (Debian) error when updating/upgrading

It has been a good bit since I've had time to write anything here, and one of the things keeping me busy is my attempts to prepare to take the OSCP. What an incredibly fun course, albeit a little frustrating at times. One of the things that has really been driving me nuts, with more than just OSCP work, is that of time being wasted on oddball problems.

My most recent pain in the rear came tonight when I finally decided it was time to figure out why my msfupdate wasn't actually performing an update. Each time I ran it over the last month, I noted the failure and kept pushing on with whatever target I was going after. Tonight, much to my chagrin, has been all but wasted on WAITING for 115 updates to download and be applied to my Kali VM. This was after I found a solution to the error I was getting when I attempted to run apt-get upgrade -f:

dpkg: error: parsing file '/var/lib/dpkg/available' near line 14392 package 'libpurple-bin':

which returned an error code of (2). After my looking and searching around, I learned the following:
  • libpurple-bin is part(all?) of pidgin, the Instant Messenger program...that I do not use on that particular Kali VM
  • the actual line, 14392, of /var/lib/dpkg/available ended  up containing garbage
  • in the same directory, unknown to me until I looked, was available-old, which had the same date/time stamp as 'available' but a different size (smaller)
So, with some quick copy commands, I made the following changes:
  • mv /var/lib/dpkg/available /var/lib/dpkg/available_ERR_Line_14932.orig
  • cp /var/lib/dpkg/available-old /var/lib/dpkg/available
I then was able to re-run apt-get upgrade -f, and after approximately 30 more minutes, it was time to reboot the VM and see if it all works, AND if my MSF was newer than September 2014. Success!

In trying to find the problem, I noticed that there were a LOT of posts with related errors dealing with /var/lib/dpkg/status, or in a few cases, the entire /var/lib/dpkg directory. Before doing what one forum poster did, which was accidentally removing the entire directory, I'd suggest the following for anyone who faces this annoying error:
  • first, check to see if the system already has a backup of whatever dpkg file is giving you pains
  • if there isn't a backup of the last working file you need, you can try to fix the issue by copying said file from either the latest installation media or from another VM of the same flavor
After getting a "good" copy of the file in place, I'd suggest at a minimum running these few commands:
  • sudo dpkg --configure -a
  • apt-get clean
  • apt-get update -f
  • apt-get upgrade -f

Hope this helps the next nerd to have this issue! Now, back to PHP reverse shells! :-)