Closed nazarii-piontko closed 3 years ago
Yes, not working in the new Docker release. The older version is works.
docker run -it --rm wpscanteam/wpscan --url https://random.ltd --enumerate u1-100
-> /wpscan/.wpscan/db is not writable
docker run -it --rm wpscanteam/wpscan:3.8.18 --url https://random.ltd --enumerate u1-100
-> works
the file permissions on the referenced image look ok to me. Did you mount your home directory into the container or smth like this?
No, I did not mount anything, the command I've used, specified above. As already mentioned, the earlier version works fine, I've checked it as well.
Do you still have the image version that causes problems? If so can you please run a
docker run --rm -it --entrypoint "" wpscanteam/wpscan:TAG /bin/sh
and screenshot or paste the folder permissions of /wpscan/.wpscan/db
here?
Unfortunately, I do not have this image anymore. Maybe @icetee still has it?
Also, I tried with a new latest image (digest 21cbe4b5a992
) and can confirm it works for me now.
Interesting situation, the latest version works on my laptop (Ubuntu 21.04, kernel 5.11.0-25-generic
), but does not work on my server (Debian 10, kernel 4.19.0-13-cloud-amd64
).
Error: Scan Aborted: /wpscan/.wpscan/db is not writable (uid: 1000, gid: 1000)
Permissions of db directory:
total 17M
drwxr-sr-x 2 wpscan wpscan 4.0K Aug 4 15:52 .
drwxr-sr-x 3 wpscan wpscan 4.0K Aug 4 15:52 ..
-rw-r--r-- 1 wpscan wpscan 25 Aug 4 15:52 .last_update
-rw-r--r-- 1 wpscan wpscan 3.3K Aug 4 15:52 LICENSE
-rw-r--r-- 1 wpscan wpscan 2.4K Aug 4 15:52 config_backups.txt
-rw-r--r-- 1 wpscan wpscan 1.1K Aug 4 15:52 db_exports.txt
-rw-r--r-- 1 wpscan wpscan 2.5M Aug 4 15:52 dynamic_finders.yml
-rw-r--r-- 1 wpscan wpscan 11.1M Aug 4 15:52 metadata.json
-rw-r--r-- 1 wpscan wpscan 49 Aug 4 15:52 sponsor.txt
-rw-r--r-- 1 wpscan wpscan 123.2K Aug 4 15:52 timthumbs-v3.txt
-rw-r--r-- 1 wpscan wpscan 3.2M Aug 4 15:52 wp_fingerprints.json
It works with 3.8.18
tag.
Has 3.8.18 WPScan.DB.Updater? repo_directory.writable
does not pass verification.
Do you have another (probably older) version of Docker installed on your Debian server? Maybe this is some kind of docker glitch with older versions and images built using buildkit? The writeable?
call was also there in 3.8.18 but the latest image was not built on dockerhub anymore
Yes, you are right, the docker version was 20.10.1. After upgrade to the latest docker version (20.10.8), it starts to work. I guess, it is important to have the latest containerd.io version rather than docker itself.
This is quite strange behavior. But at least we know some reason for that :) You may close the issue.
It is not possible to run wpscan with Docker with the latest tag (digest
fcf3baeeecfa
).Error output:
docker run command:
docker run --rm --network host wpscanteam/wpscan:latest --url "WORDPRESS_URL_HERE" --enumerate "vp,vt,cb,dbe" --plugins-threshold 100 --themes-threshold 50 --format json --throttle 100 --no-banner
P.S. real wordpress URL is replaced by
WORDPRESS_URL_HERE