Closed NitroCao closed 4 years ago
See the --exclude-content-based
option to exclude those.
Also, --themes-threshold
(with a default of 20) is there to warn you when there are too themes detected which are likely false positive and suggest to use the option mentioned above. Setting it to 500 defeat its purpose.
The point is the site doesn't use these themes. In this case, I know which themes need be excluded cause I increased the value of --themes-threshold
, but what if other sites which are first to be scanned? How do I know which themes need to be excluded? Or can --exclude-content-based
exclude the responses of specific status codes?
--exclude-content-based REGEXP_OR_STRING Exclude all responses matching the Regexp (case insensitive) during parts of the enumeration.
Both the headers and body are checked. Regexp delimiters are not required.
Both the headers and body are checked
So yes, responses with a specific status code can be excluded.
wpscan treat the responses of 500 status code as vulnerable themes
scan command:
docker run --rm -v /tmp/test_wpscan:/wpscan/.wpscan/db wpscanteam/wpscan --force --ignore-main-redirect --disable-tls-checks -f json -e vt,vp --api-token mytoken --themes-threshold 500 --url https://mysite.org
scan result:I tested some of the urls, the responses are indeed
500
status code.Your environment