search

lukaspustina / wpscan-analyze

Analyzes wpscan json output and checks for vulnerabilities
MIT License
21 stars 3 forks source link

json input error: "data has wrong format" #12

Open maxferrario-msf opened 2 years ago

maxferrario-msf commented 2 years ago

Hi, I started having this error since a few months ago: as wpscan-analyze didn't change, I guess something in wpscan's (or its dependencies') json output did.

wpscan-analyze --wpscan /tmp/wpscan.json -vvvvv
wpscan-analyze version=1.0.4, log level=Level(Trace)
DEBUG wpscan_analyze: args = Args {
    wpscan: "/tmp/wpscan.json",
    output_format: Human,
    output_detail: NotOkay,
    no_color: true,
    silent: false,
    verbosity: 5,
}
INFO  wpscan_analyze: Loading wpscan file
Error: Error { inner:

data has wrong format }

I'm using wpscan-analyze version 1.0.4 and wpscan version 3.8.21 with ruby 2.5.3 (on Centos 7.9)

I see that this has happened before (issue #1) and you ver able to fix the issue by examining the output file: I've anonymzed mine, so if you need it please let me know.

Thanks a lot for your work, Massimo

lukaspustina commented 2 years ago

Hi @maxferrario-msf. I hope I can help. As you said yourself, this is usually a change in the format or a field has been not set that I expect to exist. Please upload your anonymized file to https://upload.centerdevice.de/5e9030dc-11dc-45df-bde8-e258742ac582 and I'll try to take a look at it asap. Please give me a few days though.

maxferrario-msf commented 2 years ago

Hi Lukas, thanks for your quick reply: I've just uploaded the json file. No hurry, I have absolutely no problem with your timing: I manage a limited number of sites and can scan them manually with wpscan in the meantime ;) Thanks again for your really useful tool, Massimo

[edit: I deleted the e-mail message thread leaving only my last answer]

lukaspustina commented 2 years ago

@maxferrario-msf Please excuse my slow reaction. I just found a slot to check your file. Interestingly, I don't get any error while parsing your file -- see below.

Could you double check the file, please?

[17:18:16 lukas@kuchen] ~SRC/wpscan-analyze git:(master) →  cargo run -- -f ~/Downloads/wpscan.json
    Finished dev [unoptimized + debuginfo] target(s) in 0.03s
     Running `target/debug/wpscan-analyze -f /Users/lukas/Downloads/wpscan.json`
wpscan-analyze version=1.0.4, log level=Level(Warn)
+--------------------------------+--------------+---------------+--------------------+------------+------------+
| Component                      | Version      | Version State | Vulnerabilities    | Processing | Result     |
+--------------------------------+--------------+---------------+--------------------+------------+------------+
| WordPress                      | 5.9.1        |    Latest     | No vulnerabilities |     Ok     |     Ok     |
| Main Theme                     | 1.1611569002 |    Latest     | No vulnerabilities |     Ok     |     Ok     |
| Plugin: webp-express           | -            |    Latest     | 2 vulnerabilities  |     Ok     | Vulnerable |
| Plugin: happy-elementor-addons | -            |    Latest     | 1 vulnerabilities  |     Ok     | Vulnerable |
| Plugin: wp-data-access         | -            |    Latest     | 1 vulnerabilities  |     Ok     | Vulnerable |
| Plugin: wpcf7-redirect         | -            |    Latest     | 5 vulnerabilities  |     Ok     | Vulnerable |
| Plugin: elementor-pro          | -            |    Latest     | 2 vulnerabilities  |     Ok     | Vulnerable |
+--------------------------------+--------------+---------------+--------------------+------------+------------+
Analyzer result summary: outdated=0, unknown=0, vulnerabilities=11, failed=0
maxferrario-msf commented 2 years ago

Hi Lukas, I tried again and get the same result. Could a difference in libraries between our systems explain the difference? I'm using a centos 7.9.2009 box, maybe I could try on ubuntu and see if I get a similar result.

lukaspustina commented 2 years ago

No, I don't think so. The error clearly states that the format cannot be parsed.

Just to be absolutely safe: The sha256 of the file I received is ae0370f3aa5c32f5b909e2cedc2e550131177a5d2761a4387b73992f26ced7af. Yours too?

maxferrario-msf commented 2 years ago

Sorry, I cannot find the file I sent you... Can you please upload it on my onedrive? wpscanhttps://msfintl-my.sharepoint.com/:f:/g/personal/massimo_ferrario_rome_msf_org/EgGcbCsynQFMmRZwl7_pCvMBbE3G7iTOpCK7ugFcuicLqQ

From: Lukas Pustina @.> Sent: venerdì 25 marzo 2022 18:16 To: lukaspustina/wpscan-analyze @.> Cc: Massimo Ferrario @.>; Mention @.> Subject: Re: [lukaspustina/wpscan-analyze] json input error: "data has wrong format" (Issue #12)

No, I don't think so. The error clearly states that the format cannot be parsed.

Just to be absolutely safe: The sha256 of the file I received is ae0370f3aa5c32f5b909e2cedc2e550131177a5d2761a4387b73992f26ced7af. Yours too?

— Reply to this email directly, view it on GitHubhttps://github.com/lukaspustina/wpscan-analyze/issues/12#issuecomment-1079235076, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ADZ56OGLMWER45EAWJNQDJTVBXYE3ANCNFSM5PQSB2YQ. You are receiving this because you were mentioned.Message ID: @.***>

lukaspustina commented 2 years ago

Done.

amrutadotorg commented 2 years ago

Hi Lukas, I'm getting the same error only if --enumerate u is added. Would you like to see the json file?

lukaspustina commented 2 years ago

That seems to be right. I've never trained wpscan-analyze for enumeration of users.

maxferrario-msf commented 2 years ago

Same result: $ /home/msf/.cargo/bin/wpscan-analyze --wpscan Lukas_P_wpscan.json wpscan-analyze version=1.0.4, log level=Level(Warn) Error: Error { inner:

data has wrong format }

From: Lukas Pustina @.> Sent: sabato 26 marzo 2022 08:13 To: lukaspustina/wpscan-analyze @.> Cc: Massimo Ferrario @.>; Mention @.> Subject: Re: [lukaspustina/wpscan-analyze] json input error: "data has wrong format" (Issue #12)

Done.

— Reply to this email directly, view it on GitHubhttps://github.com/lukaspustina/wpscan-analyze/issues/12#issuecomment-1079627958, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ADZ56OFSV7NBHJ3EHXMRXA3VB22IFANCNFSM5PQSB2YQ. You are receiving this because you were mentioned.Message ID: @.***>

lukaspustina commented 2 years ago

@maxferrario-msf I'm not sure what the current state is, since this issue is so old. But have you tried running wpscan-analyse on Ubuntu and verified the checksums?

maxferrario-msf commented 2 years ago

Hi Lukas, unfortunately I do not have the original file to check it checksum, so I installed wpscan and wpscan-analyze (using your package repository) on a new ubuntu server 22.04 and tried again. I've got the same error:


$ wpscan-analyze -f /tmp/wpscan.json --no-color -vvvvvvvv
wpscan-analyze version=1.0.4, log level=Level(Trace)
DEBUG wpscan_analyze: args = Args {
    wpscan: "/tmp/wpscan-lasciti.medicisenzafrontiere.it.json",
    output_format: Human,
    output_detail: NotOkay,
    no_color: true,
    silent: false,
    verbosity: 8
}
INFO  wpscan_analyze: Loading wpscan file
Error: Error { inner:

data has wrong format }

If you want / have time, we could work on this issue starting from this new json file.

Thanks, Massimo