search

wpscanteam / wpscan

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
https://wpscan.com/wordpress-cli-scanner
Other
8.59k stars 1.26k forks source link

clock_gettime (Errno::EPERM) #1677

Closed Sascha-Block closed 3 years ago

Sascha-Block commented 3 years ago

Subject of the issue

When I want to run WPScan from a Raspberry PI running as Docker Image not working.

Your environment

Steps to reproduce

Installing lastest WPScan Version:

docker pull wpscanteam/wpscan

Executing Docker WPS Image with command:

docker run -it --rm wpscanteam/wpscan --url https://a-word-press-domain.com/ --enumerate u

Expected behavior

Execution of command with response of usernames. When using an official docker image, the environment should be encapsulated independently that the application is working as expected independently from the configuration of the device the container is running on.

Actual behavior


/usr/local/lib/ruby/3.0.0/rubygems/specification.rb:102:in `initialize': Operation not permitted - clock_gettime (Errno::EPERM)
    from /usr/local/lib/ruby/3.0.0/rubygems/specification.rb:102:in `now'
    from /usr/local/lib/ruby/3.0.0/rubygems/specification.rb:102:in `<class:Specification>'
    from /usr/local/lib/ruby/3.0.0/rubygems/specification.rb:36:in `<top (required)>'
    from /usr/local/lib/ruby/3.0.0/rubygems.rb:1362:in `require'
    from /usr/local/lib/ruby/3.0.0/rubygems.rb:1362:in `<top (required)>'
    from <internal:gem_prelude>:2:in `require'
    from <internal:gem_prelude>:2:in `<internal:gem_prelude>'

### What have you already tried
`sudo apt update` plus 
`sudo apt upgrade` 
`sudo yarn install`
`sudo yarn upgrade`
firefart commented 3 years ago

you either need to upgrade your docker installation or run it with the --privileged flag. this is no error in wpscan, this is an error in your docker setup which we can't provide any support for, sorry.

Sascha-Block commented 3 years ago

@FireFart Thx, that helped. Maybe you should expand your documentation like followed:

Running WPScan maybe needs making use of the --privileged flag. The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do.

Instead try: docker run -it --privileged --rm wpscanteam/wpscan --url ttps://wordpress-domain.com// --enumerate u