Closed vida1j closed 6 years ago
What's the output of curl -I https://data.wpscan.org
?
root@kali:~# curl -I https://data.wpscan.org HTTP/2 200 server: nginx date: Sun, 01 Jul 2018 16:06:48 GMT content-type: text/html content-length: 0 x-amz-id-2: 1+6mGbGI/Nb/0K8ypO5kSD1S29/K4Jf0o14OAgfIR7zS2ovF+uQrL90DXjx9VIbIHEmPC0eAUco= x-amz-request-id: AADD0CB8311F86CB last-modified: Fri, 05 Feb 2016 15:47:27 GMT etag: "d41d8cd98f00b204e9800998ecf8427e" x-sucuri-cache: MISS x-sucuri-id: 16004
I can't scan any site without database, that's why I download data.zip and extract to wpscan folder. And I skip update, then I can use scanning. Today, I tried to update again, I got this ...
root@kali:~# wpscan --update --verbose
_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 2.9.4
Sponsored by Sucuri - https://sucuri.net
@_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
_______________________________________________________________
[i] Updating the Database ...
[+] Checking: local_vulnerable_files.xml
[i] Already Up-To-Date
[+] Checking: local_vulnerable_files.xsd
[i] Already Up-To-Date
[+] Checking: timthumbs.txt
[i] Already Up-To-Date
[+] Checking: user-agents.txt
[i] Already Up-To-Date
[+] Checking: wp_versions.xml
[i] Already Up-To-Date
[+] Checking: wp_versions.xsd
[i] Already Up-To-Date
[+] Checking: wordpresses.json
[i] Already Up-To-Date
[+] Checking: plugins.json
[i] Needs to be updated
[i] Backup Created
[i] Downloading new file: https://data.wpscan.org/plugins.json
[i] Downloaded File Checksum: caef052044dc7e24c8297def3fdcae15c0f4b9de3ac0a01c64c9bada6d39bb1dd2a22e04f6cff4968a50dfe5fa081923288b7a42f42a8f81a133140f790ff1b0
[i] Database File Checksum : a9941fc53c53f59665339ddc1604b4f8a3b930530f7fb94ed76b88508477447d14585947fddb6d2b16a6c96a4bc7bc1f23ea35c1005225b50a4126d1bfd15a20
[i] Restoring Backup due to error
[i] Deleting Backup
[!] plugins.json: checksums do not match (local: caef052044dc7e24c8297def3fdcae15c0f4b9de3ac0a01c64c9bada6d39bb1dd2a22e04f6cff4968a50dfe5fa081923288b7a42f42a8f81a133140f790ff1b0 remote: a9941fc53c53f59665339ddc1604b4f8a3b930530f7fb94ed76b88508477447d14585947fddb6d2b16a6c96a4bc7bc1f23ea35c1005225b50a4126d1bfd15a20)
[!] Current Version: 2.9.4
[!] Downloaded File Content:
{"theme-my-login":{"latest_version":"7.0.7","last_updated":"2018-06-24T21:56:00.000Z","popular":true,"vulnerabilities":[{"id":6043,"title":"Theme My Login 6.3.9 - Local File Inclusion","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2015-05-15T13:47:24.000Z","published_date":null,"references":{"url":["http://packetstormsecurity.com/files/127302/","http://seclists.org/fulldisclosure/2014/Jun/172","http://www.securityfocus.com/bid/68254/","https://security.dxw.com/advisories/lfi-in-theme-my-l
.........
","popular":false,"vulnerabilities":[]},"sf-adminbar-tools":{"latest_version":"3.0.4","last_updated":"2016-11-27T20:49:00.000Z","popular":false,"vulnerabilities":[]},"sf-archiver":{"latest_version":"3.0.2","last_updated":"2016-04-03T17:57:00.000Z","popular":false,"vulnerabilities":[]},"sf-author-url-control":{"latest_version":"1.2","last_updated":"2016-04-03T20:36:00.000Z","popular":false,"vulnerabilities":[]},"sf-contact-form":{"latest_version":"0.2.0","last_updated":"2009-05-24T05:32:00.000Z",
[!] Some hints to help you with this issue:
[!] -) Try updating again using --verbose
[!] -) If you see SSL/TLS related error messages you have to fix your local TLS setup
[!] -) Windows is still not supported
root@kali:~#
After trying many times, I can update now. Thanks
Hello Its some times that i have problem with my wpscan update it gives me error on plugin update just like below: (wpscan Version 2.9.5-dev cloned 10 minute before)
[i] Updating the Database ...
[+] Checking: local_vulnerable_files.xml
[i] Already Up-To-Date
[+] Checking: local_vulnerable_files.xsd
[i] Already Up-To-Date
[+] Checking: timthumbs.txt
[i] Already Up-To-Date
[+] Checking: user-agents.txt
[i] Already Up-To-Date
[+] Checking: wp_versions.xml
[i] Already Up-To-Date
[+] Checking: wp_versions.xsd
[i] Already Up-To-Date
[+] Checking: wordpresses.json
[i] Already Up-To-Date
[+] Checking: plugins.json
[i] Needs to be updated
[i] Backup Created
[i] Downloading new file: https://data.wpscan.org/plugins.json
[i] Downloaded File Checksum: 59d25e6977cb0a295bc72e8a718fdc2d5744860fda4a683d17169af38479e64a0e6c4b3811c792a508817fdcd74ffb40114f7a4f7d9f745b8cbc6b79fb85288b
[i] Database File Checksum : 093b1e6c131e2b1709e6cfc5075aad49e41216757184389a7bd9935a765f5e919962044524bf1935dabe0f60e9c476b80ccaee0af2b837111525185d448a5ef1
[i] Restoring Backup due to error
[i] Deleting Backup
[!] plugins.json: checksums do not match (local: 59d25e6977cb0a295bc72e8a718fdc2d5744860fda4a683d17169af38479e64a0e6c4b3811c792a508817fdcd74ffb40114f7a4f7d9f745b8cbc6b79fb85288b remote: 093b1e6c131e2b1709e6cfc5075aad49e41216757184389a7bd9935a765f5e919962044524bf1935dabe0f60e9c476b80ccaee0af2b837111525185d448a5ef1)
[!] Current Version: 2.9.5-dev
[!] Downloaded File Content:
{"theme-my-login":{"latest_version":"7.0.10","last_updated":"2018-08-02T22:18:00.000Z","popular":true,"vulnerabilities":[{"id":6043,"title":"Theme My Login 6.3.9 - Local File Inclusion","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2015-05-15T13:47:24.000Z","published_date":null,"references":{"url":["http://packetstormsecurity.com/files/127302/","http://seclists.org/fulldisclosure/2014/Jun/172","http://www.securityfocus.com/bid/68254/","https://security.dxw.com/advisories/lfi-in-theme-my-
.........
"2016-08-18T20:19:00.000Z","popular":false,"vulnerabilities":[]},"spammer-blocker":{"latest_version":"1.5","last_updated":"2012-06-02T21:58:00.000Z","popular":false,"vulnerabilities":[]},"spammer-silent-treatment":{"latest_version":"0.1","last_updated":"2012-04-02T14:49:00.000Z","popular":false,"vulnerabilities":[]},"spammer-tarpit":{"latest_version":null,"last_updated":null,"popular":false,"vulnerabilities":[]},"spammers-suck":{"latest_version":null,"last_updated":null,"popular":false,"vulnerab
What i should to do now?
After I update wpscan today(apt-get update && apt-get upgrade), I couldn't update database The following error occurs... Network Connection is good.
Please help me..
Wpscan Version => 2.9.4 OS => Linux kali 4.15.0-kali2-686-pae #1 SMP Debian 4.15.11-1kali1 (2018-03-21) i686 GNU/Linux