Closed geetard closed 9 years ago
erwanlr
commented
9 years ago Hi,
It means that your cURL doesn't support HTTPS.
You can check with curl --version which will show the supported protocols.
I can't provide a solution as it depends why this support is not enabled (missing lib / not compiled with SSL / TLS ?)
geetard
commented
9 years ago yes it is exactly as you say, :( is there anything I could try?
curl --version curl 7.21.7 (x86_64-unknown-linux-gnu) libcurl/7.42.1 zlib/1.2.8 Protocols: dict file ftp gopher http imap pop3 rtsp smtp telnet tftp Features: IPv6 Largefile libz
Ahhhh i checked the installed log and it seems that somehow cUrl was installed without SSL support:
curl version: 7.21.7 Host setup: x86_64-unknown-linux-gnu Install prefix: /usr/local Compiler: gcc SSL support: no (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls} ) SSH support: no (--with-libssh2) zlib support: enabled krb4 support: no (--with-krb4*) GSSAPI support: no (--with-gssapi) SPNEGO support: no (--with-spnego) TLS-SRP support: no (--enable-tls-srp) resolver: default (--enable-ares / --enable-threaded-resolver) ipv6 support: enabled IDN support: no (--with-libidn) Build libcurl: Shared=yes, Static=yes Built-in manual: enabled Verbose errors: enabled (--disable-verbose) SSPI support: no (--enable-sspi) ca cert bundle: /etc/ssl/certs/ca-certificates.crt ca cert path: no LDAP support: no (--enable-ldap / --with-ldap-lib / --with-lber-lib) LDAPS support: no (--enable-ldaps) RTSP support: enabled RTMP support: no (--with-librtmp) Protocols: DICT FILE FTP GOPHER HTTP IMAP POP3 RTSP SMTP TELNET TFTP
checking for lber.h... no checking for ldap.h... no checking for ldapssl.h... no checking for ldap_ssl.h... no checking for LDAP libraries... cannot find LDAP libraries configure: WARNING: Cannot find libraries for LDAP support: LDAP disabled checking whether to enable IPv6... yes checking if struct sockaddr_in6 has sin6_scope_id member... yes checking if argv can be written to... yes checking if GSS-API support is requested... no checking whether to enable Windows native SSL/TLS (Windows native builds only)... no checking whether to enable iOS/Mac OS X native SSL/TLS... no checking for pkg-config... /usr/bin/pkg-config checking for openssl options with pkg-config... no checking for CRYPTO_lock in -lcrypto... no checking for CRYPTO_add_lock in -lcrypto... no checking for ssl_version in -laxtls... no configure: WARNING: SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more. configure: WARNING: Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-axtls, --with-winssl, or --with-darwinssl to address this. checking default CA cert bundle/path... /etc/ssl/certs/ca-certificates.crt
My Openssl directory: /usr/lib/ssl
cjmz
commented
9 years ago Hello.
I've a problem to update wpscan. When I use:
sudo ruby wpscan.rb --update
It returns:
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 2.7
Sponsored by Sucuri - https://sucuri.net@WPScan, @ethicalhack3r, @erwan_lr, pvdl, @FireFart
[i] Updating the Database ...
[!] Unable to get https://wpvulndb.com/data/local_vulnerable_files.xml.sha512 (Couldn't connect to server)
My curl version is:
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
Anyone can help me??
Thanks!!!
cjmz
commented
9 years ago I've discovered the problem. When i installed the CURL, I was ignoring steps.
Grab the sources from http://curl.haxx.se/download.html Decompress the archive Open the folder with the extracted files Run ./configure Run make Run sudo make install Run sudo ldconfig
1amUnvalid
commented
6 years ago Try this service ntp restart wpscan --update
M4NCRYPT97
commented
5 years ago @cjmz Depends upon your operating system. If you're on Mac.
brew reinstall openssl
wpscan --updateif using linux
sudo apt-get remove --purge openssl
whereis openssl
delete the files.
then
sudo apt-get install openssl
wpscan --updateThanks <3
M4NCRYPT97
commented
4 years ago @VirusMachine
man your method removed all the packages from my system
Can you show me response? Also which operating system you're using?
Hello all, I'm very new to this, and after all I have pulled through to install Wpscan, and due to my own short coming, there is a (hopefully last problem that I encounter), I can't get the WPscan to update its database:
~/wpscan$ ruby wpscan.rb
@WPScan, @ethicalhack3r, @erwan_lr, pvdl, @FireFart
[i] It seems like you have not updated the database for some time. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]y [i] Updating the Database ...
[!] Unable to get https://wpvulndb.com/data/local_vulnerable_files.xml.sha512 (Unsupported protocol)
Initially it was something like:
[!] Unable to get https://wpvulndb.com/data/local_vulnerable_files.xml.sha512 (Couldn't connect to server)
But then I installed the newest cURL, and the 7.21.0, and then the 7.21.7, it changed to that (Unsupported protocol)
Is there any solution to this? Thanks so much...