search

wpscanteam / wpscan

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
https://wpscan.com/wordpress-cli-scanner
Other
8.6k stars 1.27k forks source link

Unable to detect Wordpress #1253

Closed sullo closed 5 years ago

sullo commented 5 years ago

This is an oddball. / redirects to jetblog.jet.com, however, x.jet.com also has a wordpress installation. I can't make wpscan understand that a site is there, however.

Trying: ruby bin/wpscan --url https://x.jet.com:443/ --detection-mode aggressive -e ap --ignore-main-redirect --random-user-agent -vv

(Also, *.jet.com is in bug bounty: https://bugcrowd.com/jet)

Your environment

_______________________________________________________________
        __          _______   _____
        \ \        / /  __ \ / ____|
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team
                       Version 3.4.0
          Sponsored by Sucuri - https://sucuri.net
      @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
_______________________________________________________________

Scan Aborted: The remote website is up, but does not seem to be running WordPress.
Trace: /var/lib/gems/2.5.0/gems/wpscan-3.4.0/app/controllers/core.rb:74:in `check_wordpress_state'
/var/lib/gems/2.5.0/gems/wpscan-3.4.0/app/controllers/core.rb:59:in `before_scan'
/var/lib/gems/2.5.0/gems/cms_scanner-0.0.41.0/lib/cms_scanner/controllers.rb:42:in `each'
/var/lib/gems/2.5.0/gems/cms_scanner-0.0.41.0/lib/cms_scanner/controllers.rb:42:in `run'
/var/lib/gems/2.5.0/gems/cms_scanner-0.0.41.0/lib/cms_scanner.rb:137:in `run'
bin/wpscan:15:in `block in <main>'
/var/lib/gems/2.5.0/gems/cms_scanner-0.0.41.0/lib/cms_scanner.rb:128:in `initialize'
bin/wpscan:5:in `new'
bin/wpscan:5:in `<main>'
ethicalhack3r commented 5 years ago

Managed to get it working with a couple extra flags, --force to ignore the "is WordPress" check and then specify the wp-content directory with --wp-content-dir /wp-content/.

So the full command looks like this:

wpscan --url https://x.jet.com/ --detection-mode aggressive -e ap --ignore-main-redirect --random-user-agent --force --wp-content-dir /wp-content/
ethicalhack3r commented 5 years ago

P.S. I think you might need to add --plugins-detection aggressive for what it looks like you're trying to do.

sullo commented 5 years ago

Thanks!

So why isn't '--detection-mode aggressive' not enough and '--plugins-detection aggressive ' is needed? IMHO, this is getting a little complicated to just brute force plugins :/

On Fri, Nov 23, 2018 at 4:17 AM Ryan Dewhurst notifications@github.com wrote:

Closed #1253 https://github.com/wpscanteam/wpscan/issues/1253.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/wpscanteam/wpscan/issues/1253#event-1983687314, or mute the thread https://github.com/notifications/unsubscribe-auth/ABaBRKUiileiHm34W1_rccC3cTX9edcvks5ux70dgaJpZM4YwGXZ .

--

http://cirt.net | http://richsec.com/