Invalid byte sequence in UTF-8

wpscanteam / wpscan

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

https://wpscan.com/wordpress-cli-scanner

Other

8.57k stars 1.26k forks source link

Invalid byte sequence in UTF-8 #1666

Closed layderv closed 2 years ago

layderv commented 3 years ago

The password attack phase in password_attack.rb uses dependencies that do not correctly handle bytes such as \xff.

The traces I see come from:

ruby-progressbar/format/string.rb:8
ruby-progressbar/format/formatter.rb:11
xmlrpc/create.rb:54

They are all due to gsub. Is this an issue to be handled within wpscan or should I create issues for those dependencies?

If this is to be handled within wpscan, let me know where and I will try to fix it.

erwanlr commented 3 years ago

Are you sure your wordlist does not mix encoding ? - https://github.com/wpscanteam/wpscan/issues/190#issuecomment-18087644

layderv commented 3 years ago

Thank you I didn't see that issue. Can I fix it somehow, instead of having to change the input file?

erwanlr commented 2 years ago

If the file is mixing encoding, it should be converted before being given to WPScan