Closed tristanlatr closed 4 years ago
lukaspustina
commented
4 years ago I'm struggling with the format -- see closed issues. In general, I agree that wpscan-analyse should remain useful in this case. Can you provide a stripped down example, I could use for testing?
tristanlatr
commented
4 years ago {
"start_time": 1596635904,
"start_memory": 42876928,
"target_url": "http://wpexemple.com/",
"target_ip": "104.28.9.89",
"effective_url": "https://wpexemple.com/",
"interesting_findings": [
{
"url": "https://wpexemple.com/",
"to_s": "Headers",
"type": "headers",
"found_by": "Headers (Passive Detection)",
"confidence": 100,
"confirmed_by": {
},
"references": {
},
"interesting_entries": [
"cf-cache-status: DYNAMIC",
"cf-request-id: 046083920a0000ca5bcf9cd200000001",
"expect-ct: max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"",
"server: cloudflare",
"cf-ray: 5be108634e39ca5b-YUL"
]
}
],
"version": null,
"main_theme": {
"slug": "truemag",
"location": "http://wpexemple.com/wp-content/themes/truemag/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"style_url": "https://wpexemple.com/wp-content/themes/truemag/style.css?ver=5aaa791018f4cca5751aa0251961ac9b",
"style_name": "truemag",
"style_uri": "http://demo.cactusthemes.com/",
"description": "an advanced solution for Video hosting websites, Video portfolio and Magazine",
"author": "CactusThemes",
"author_uri": "http://themeforest.net/user/cactusthemes",
"template": null,
"license": "ThemeForest License",
"license_uri": "license.txt",
"tags": "dark, light, one-column, left-sidebar, right-sidebar, responsive-layout, translation-ready, threaded-comments, editor-style, post-formats, rtl-language-support, sticky-post, theme-options",
"text_domain": null,
"found_by": "Css Style In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Css Style In 404 Page (Passive Detection)": {
"confidence": 70,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "4.0.5",
"confidence": 80,
"found_by": "Style (Passive Detection)",
"interesting_entries": [
"https://wpexemple.com/wp-content/themes/truemag/style.css?ver=5aaa791018f4cca5751aa0251961ac9b, Match: 'Version: 4.0.5'"
],
"confirmed_by": {
}
},
"parents": [
]
},
"plugins": {
"advance-search-form": {
"slug": "advance-search-form",
"location": "http://wpexemple.com/wp-content/plugins/advance-search-form/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"cactus-channel": {
"slug": "cactus-channel",
"location": "http://wpexemple.com/wp-content/plugins/cactus-channel/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"cactus-video": {
"slug": "cactus-video",
"location": "http://wpexemple.com/wp-content/plugins/cactus-video/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"contact-form-7": {
"slug": "contact-form-7",
"location": "http://wpexemple.com/wp-content/plugins/contact-form-7/",
"latest_version": "5.2",
"last_updated": "2020-07-04T14:20:00.000Z",
"outdated": true,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "5.1.9",
"confidence": 20,
"found_by": "Query Parameter (Passive Detection)",
"interesting_entries": [
"https://wpexemple.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9",
"https://wpexemple.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.9"
],
"confirmed_by": {
}
}
},
"ithemes-security-pro": {
"slug": "ithemes-security-pro",
"location": "http://wpexemple.com/wp-content/plugins/ithemes-security-pro/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"js_composer": {
"slug": "js_composer",
"location": "http://wpexemple.com/wp-content/plugins/js_composer/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
},
"Body Tag (Passive Detection)": {
"confidence": 40,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "6.0.3",
"confidence": 80,
"found_by": "Body Tag (Passive Detection)",
"interesting_entries": [
"https://wpexemple.com/, Match: 'js-comp-ver-6.0.3'"
],
"confirmed_by": {
"Query Parameter (Passive Detection)": {
"confidence": 20,
"interesting_entries": [
"https://wpexemple.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.3",
"https://wpexemple.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.3"
]
}
}
}
},
"post-views-counter": {
"slug": "post-views-counter",
"location": "http://wpexemple.com/wp-content/plugins/post-views-counter/",
"latest_version": "1.3.2",
"last_updated": "2020-05-27T09:48:00.000Z",
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "1.3.2",
"confidence": 10,
"found_by": "Query Parameter (Passive Detection)",
"interesting_entries": [
"https://wpexemple.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.2"
],
"confirmed_by": {
}
}
},
"revslider": {
"slug": "revslider",
"location": "http://wpexemple.com/wp-content/plugins/revslider/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
},
"Meta Generator (Passive Detection)": {
"confidence": 40,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "5.4.8.3",
"confidence": 90,
"found_by": "Meta Generator (Passive Detection)",
"interesting_entries": [
"https://wpexemple.com/, Match: 'Powered by Slider Revolution 5.4.8.3'"
],
"confirmed_by": {
"Query Parameter (Passive Detection)": {
"confidence": 30,
"interesting_entries": [
"https://wpexemple.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3",
"https://wpexemple.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3",
"https://wpexemple.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3"
]
}
}
}
},
"share-this": {
"slug": "share-this",
"location": "http://wpexemple.com/wp-content/plugins/share-this/",
"latest_version": "7.8",
"last_updated": "2016-10-17T20:30:00.000Z",
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"simple-twitter-tweets": {
"slug": "simple-twitter-tweets",
"location": "http://wpexemple.com/wp-content/plugins/simple-twitter-tweets/",
"latest_version": "4.4",
"last_updated": "2016-03-24T14:12:00.000Z",
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"truemag-movie": {
"slug": "truemag-movie",
"location": "http://wpexemple.com/wp-content/plugins/truemag-movie/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"truemag-rating": {
"slug": "truemag-rating",
"location": "http://wpexemple.com/wp-content/plugins/truemag-rating/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"video-ads": {
"slug": "video-ads",
"location": "http://wpexemple.com/wp-content/plugins/video-ads/",
"latest_version": null,
"last_updated": null,
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"wp-pagenavi": {
"slug": "wp-pagenavi",
"location": "http://wpexemple.com/wp-content/plugins/wp-pagenavi/",
"latest_version": "2.93.3",
"last_updated": "2020-03-29T04:29:00.000Z",
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
},
"wti-like-post": {
"slug": "wti-like-post",
"location": "http://wpexemple.com/wp-content/plugins/wti-like-post/",
"latest_version": "1.4.6",
"last_updated": "2020-05-29T19:11:00.000Z",
"outdated": false,
"readme_url": null,
"directory_listing": null,
"error_log_url": null,
"found_by": "Urls In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Urls In 404 Page (Passive Detection)": {
"confidence": 80,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": null
}
},
"config_backups": {
},
"vuln_api": {
"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up"
},
"stop_time": 1596635909,
"elapsed": 4,
"requests_done": 6,
"cached_requests": 3,
"data_sent": 2929,
"data_sent_humanised": "2.86 KB",
"data_received": 546167,
"data_received_humanised": "533.366 KB",
"used_memory": 211091456,
"used_memory_humanised": "201.312 MB"
}Okay thanks. I will check this during the week-end.
lukaspustina
commented
4 years ago I've changed the format parsing and a banner is not requirement anymore. Please check against master, if this suits you and comment or close the issue accordingly.
lukaspustina
commented
4 years ago @tristanlatr Have you had the chance to check the change?
tristanlatr
commented
4 years ago Hello,
Sorry for the late reply and thanks for the follow-up. I'm not using wpscan-analyze anymore actually and preferred a full python implementation.
I checked the master branch and built the software from source. All the raised issues seems to be fixed !
Thanks
If the json file is generated with
wpscan --no-banner ..., the analysis will fail.