search

tristanlatr / WPWatcher

Wordpress Watcher is a wrapper for WPScan that manages scans on multiple sites and reports by email and/or syslog. Schedule scans and get notified when vulnerabilities, outdated plugins and other risks are found.
https://wpwatcher.readthedocs.io
Apache License 2.0
46 stars 18 forks source link

KeyError: 'wpscan_output' after sleeping 1 day #32

Closed tristanlatr closed 4 years ago

tristanlatr commented 4 years ago 
INFO - Scanning site wp.exemple.com/site
ERROR - WPScan command '/usr/local/rvm/gems/default/wrappers/wpscan --no-banner --random-user-agent --disable-tls-checks --format json --detection-mode aggressive --enumerate p,t,cb,dbe,u,m --api-token *** --url wp.exemple.com/site' failed with exit code 4 scan_aborted: Your API limit has been reached
INFO - API limit has been reached after 7 sites, sleeping 1 day, 0:00:00 and continuing the scans...
INFO - Scanning site wp.exemple.com/site
INFO - Updating WPScan
INFO - ** WPScan INFO wp.exemple.com/site ** Wordpress Version: 5.3.4 Release Date: 2020-06-10 Status: Latest
INFO - ** WPScan INFO wp.exemple.com/site ** Plugin: fusion-builder Location: wp.exemple.com/site/wp-content/plugins/fusion-builder/ The version could not be determined
INFO - ** WPScan INFO wp.exemple.com/site ** Plugin: fusion-core Location: wp.exemple.com/site/wp-content/plugins/fusion-core/ The version could not be determined
INFO - ** WPScan INFO wp.exemple.com/site ** Plugin: wp-timelines Location: wp.exemple.com/site/wp-content/plugins/wp-timelines/ The version could not be determined
INFO - ** WPScan INFO wp.exemple.com/site ** Theme: twentytwenty Location: wp.exemple.com/site/wp-content/themes/twentytwenty/ Latest Version: 1.4 Readme: wp.exemple.com/site/wp-content/themes/twentytwenty/readme.txt The version could not be determined Style URL: wp.exemple.com/site/wp-content/themes/twentytwenty/style.css Style Name: Twenty Twenty Style URI: https://wordpress.org/themes/twentytwenty/ Author: the WordPress team Author URI: https://wordpress.org/
INFO - ** WPScan INFO wp.exemple.com/site ** XML-RPC seems to be enabled: wp.exemple.com/site/xmlrpc.php URL: wp.exemple.com/site/xmlrpc.php  References: - Url: http://codex.wordpress.org/XML-RPC_Pingback_API - Metasploit: auxiliary/scanner/http/wordpress_ghost_scanner - Metasploit: auxiliary/dos/http/wordpress_xmlrpc_dos - Metasploit: auxiliary/scanner/http/wordpress_xmlrpc_login - Metasploit: auxiliary/scanner/http/wordpress_pingback_access
INFO - ** WPScan INFO wp.exemple.com/site ** Readme URL: wp.exemple.com/site/readme.html
INFO - ** WPScan INFO wp.exemple.com/site ** Wp_Cron URL: wp.exemple.com/site/wp-cron.php  References: - Url: https://www.iplocation.net/defend-wordpress-from-ddos - Url: https://github.com/wpscanteam/wpscan/issues/1299
INFO - ** WPScan INFO wp.exemple.com/site ** User Identified: aurelienceagv
INFO - ** WPScan INFO wp.exemple.com/site ** WPVulnDB API Infos Plan: free Requests Done During Scan: 6 Requests Remaining: 44
INFO - ** WPScan INFO wp.exemple.com/site ** Target URL: wp.exemple.com/site/ Target IP: 184.86.34.161 Effective URL: wp.exemple.com/site/
INFO - ** WPScan INFO wp.exemple.com/site ** Enlapsed: 570 seconds
WARNING - ** WPScan WARNING wp.exemple.com/site ** Plugin: wordpress-seo Warning: The version is out of date Location: wp.exemple.com/site/wp-content/plugins/wordpress-seo/ Latest Version: 14.5 Current Version: 13.1
INFO - WPScan_output_httpsici.radio-canada.cagillesvilleneuve_2020-07-14T03-07-00 attached
INFO - Email sent: WPWatcher WARNING report - wp.exemple.com/site - 2020-07-14T03-07-00 to alert@lol.ca
INFO - Progress - [==========================   ] 88% - 8 / 9
Traceback (most recent call last):
  File "/usr/local/bin/wpwatcher", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/cli.py", line 175, in main
    WPWatcherCLI()
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/cli.py", line 50, in __init__
    exit_code,_=wpwatcher.run_scans_and_notify()
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/core.py", line 193, in run_scans_and_notify
    new_reports=self.run_scans_wrapper(self.wp_sites)
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/core.py", line 176, in run_scans_wrapper
    try: self.new_reports.append(f.result())
  File "/usr/lib64/python3.6/concurrent/futures/_base.py", line 432, in result
    return self.__get_result()
  File "/usr/lib64/python3.6/concurrent/futures/_base.py", line 384, in __get_result
    raise self._exception
  File "/usr/lib64/python3.6/concurrent/futures/thread.py", line 56, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/core.py", line 163, in scan_site_wrapper
    wp_report= self.scanner.scan_site(wp_site,  last_wp_report)
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/scan.py", line 356, in scan_site
    if self.mail.notify(wp_site, wp_report, last_wp_report):
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/notification.py", line 58, in notify
    self._notify(wp_site, wp_report, last_wp_report)
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/notification.py", line 165, in _notify
    self.send_report(wp_report, to)
  File "/usr/local/lib/python3.6/site-packages/wpwatcher/notification.py", line 93, in send_report
    wp_report['wpscan_output'] = re.sub(r'(\x1b|\[[0-9][0-9]?m)','', str(wp_report['wpscan_output']))
KeyError: 'wpscan_output'
tristanlatr commented 4 years ago

Fails if attach_wpscan_output=Yes