Merge pull request #96 from secureCodeBox/bugfix-wpscan

Bugfix wpscan

Author: J12934

.github/workflows/ci.yaml

@@ -211,6 +211,17 @@ jobs:
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
+      - uses: docker/build-push-action@v1
+        name: "Build & Push wpscan Parser Image"
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          repository: scbexperimental/parser-wpscan
+          path: ./scanners/wpscan/parser/
+          tag_with_ref: true
+          tag_with_sha: true
+          build_args: baseImageTag=ci-local
+
   hookImages:
     name: "Build / Hooks"
     runs-on: ubuntu-latest

scanners/wpscan/examples/old-wordpress/findings.yaml

@@ -0,0 +1,101 @@
+[
+  {
+    "name": "WordPress Service",
+    "description": "WordPress Service Information",
+    "category": "WordPress Service",
+    "location": "http://old-wordpress.demo-apps.svc.cluster.local/",
+    "osi_layer": "APPLICATION",
+    "severity": "INFORMATIONAL",
+    "reference": {},
+    "confidence": 100,
+    "attributes": {
+      "ip_address": "10.99.82.140",
+      "wpscan_version": "3.8.7",
+      "wpscan_requests": 4777,
+      "wp_version": "4.0.31",
+      "wp_release_date": "2020-06-10",
+      "wp_release_status": "latest",
+      "wp_interesting_entries": [
+        "http://old-wordpress.demo-apps.svc.cluster.local/, Match: 'WordPress 4.0.31'"
+      ],
+      "wp_found_by": "Meta Generator (Passive Detection)",
+      "wp_confirmed_by": {
+        "Atom Generator (Aggressive Detection)": {
+          "confidence": 80,
+          "interesting_entries": [
+            "http://old-wordpress.demo-apps.svc.cluster.local/?feed=atom, <generator uri=\"https://wordpress.org/\" version=\"4.0.31\">WordPress</generator>"
+          ]
+        }
+      },
+      "wp_vulnerabilities": []
+    },
+    "id": "35e61c23-d525-4509-a024-d1aef37a1623"
+  },
+  {
+    "name": "WordPress finding 'headers'",
+    "description": "Headers",
+    "category": "WordPress headers",
+    "location": "http://old-wordpress.demo-apps.svc.cluster.local/",
+    "osi_layer": "APPLICATION",
+    "severity": "INFORMATIONAL",
+    "confidence": 100,
+    "reference": {},
+    "attributes": {
+      "wp_interesting_entries": [
+        "Server: nginx/1.7.7",
+        "X-Powered-By: PHP/5.4.34-0+deb7u1"
+      ],
+      "wp_found_by": "Headers (Passive Detection)",
+      "wp_confirmed_by": {}
+    },
+    "id": "ca074030-2e55-4a10-bf8f-039c1b8978d9"
+  },
+  {
+    "name": "WordPress finding 'xmlrpc'",
+    "description": "XML-RPC seems to be enabled: http://old-wordpress.demo-apps.svc.cluster.local/xmlrpc.php",
+    "category": "WordPress xmlrpc",
+    "location": "http://old-wordpress.demo-apps.svc.cluster.local/xmlrpc.php",
+    "osi_layer": "APPLICATION",
+    "severity": "INFORMATIONAL",
+    "confidence": 100,
+    "reference": {},
+    "attributes": {
+      "wp_interesting_entries": [],
+      "wp_found_by": "Direct Access (Aggressive Detection)",
+      "wp_confirmed_by": {}
+    },
+    "id": "9b521d88-4018-4069-971d-7a020eebab51"
+  },
+  {
+    "name": "WordPress finding 'readme'",
+    "description": "WordPress readme found: http://old-wordpress.demo-apps.svc.cluster.local/readme.html",
+    "category": "WordPress readme",
+    "location": "http://old-wordpress.demo-apps.svc.cluster.local/readme.html",
+    "osi_layer": "APPLICATION",
+    "severity": "INFORMATIONAL",
+    "confidence": 100,
+    "reference": {},
+    "attributes": {
+      "wp_interesting_entries": [],
+      "wp_found_by": "Direct Access (Aggressive Detection)",
+      "wp_confirmed_by": {}
+    },
+    "id": "7160e807-b6bb-4994-9477-22cac8e2f549"
+  },
+  {
+    "name": "WordPress finding 'wp_cron'",
+    "description": "The external WP-Cron seems to be enabled: http://old-wordpress.demo-apps.svc.cluster.local/wp-cron.php",
+    "category": "WordPress wp_cron",
+    "location": "http://old-wordpress.demo-apps.svc.cluster.local/wp-cron.php",
+    "osi_layer": "APPLICATION",
+    "severity": "INFORMATIONAL",
+    "confidence": 60,
+    "reference": {},
+    "attributes": {
+      "wp_interesting_entries": [],
+      "wp_found_by": "Direct Access (Aggressive Detection)",
+      "wp_confirmed_by": {}
+    },
+    "id": "828bf907-da73-4076-994b-a46652b1f972"
+  }
+]

scanners/wpscan/examples/old-wordpress/scan.yaml

@@ -0,0 +1,13 @@
+apiVersion: "execution.experimental.securecodebox.io/v1"
+kind: Scan
+metadata:
+  name: "wpscan-old-wordpress-internal"
+spec:
+  scanType: "wpscan"
+  parameters:
+    - "--url"
+    - old-wordpress.demo-apps.svc.cluster.local
+    - "-e"
+    - "vp"
+    - "--plugins-detection"
+    - "mixed"

scanners/wpscan/examples/old-wordpress/wpscan-results.json

@@ -0,0 +1,134 @@
+{
+  "banner": {
+    "description": "WordPress Security Scanner by the WPScan Team",
+    "version": "3.8.7",
+    "authors": [
+      "@_WPScan_",
+      "@ethicalhack3r",
+      "@erwan_lr",
+      "@firefart"
+    ],
+    "sponsor": "Sponsored by Automattic - https://automattic.com/"
+  },
+  "start_time": 1600682567,
+  "start_memory": 42774528,
+  "target_url": "http://old-wordpress.demo-apps.svc.cluster.local/",
+  "target_ip": "10.99.82.140",
+  "effective_url": "http://old-wordpress.demo-apps.svc.cluster.local/",
+  "interesting_findings": [
+    {
+      "url": "http://old-wordpress.demo-apps.svc.cluster.local/",
+      "to_s": "Headers",
+      "type": "headers",
+      "found_by": "Headers (Passive Detection)",
+      "confidence": 100,
+      "confirmed_by": {
+
+      },
+      "references": {
+
+      },
+      "interesting_entries": [
+        "Server: nginx/1.7.7",
+        "X-Powered-By: PHP/5.4.34-0+deb7u1"
+      ]
+    },
+    {
+      "url": "http://old-wordpress.demo-apps.svc.cluster.local/xmlrpc.php",
+      "to_s": "XML-RPC seems to be enabled: http://old-wordpress.demo-apps.svc.cluster.local/xmlrpc.php",
+      "type": "xmlrpc",
+      "found_by": "Direct Access (Aggressive Detection)",
+      "confidence": 100,
+      "confirmed_by": {
+
+      },
+      "references": {
+        "url": [
+          "http://codex.wordpress.org/XML-RPC_Pingback_API"
+        ],
+        "metasploit": [
+          "auxiliary/scanner/http/wordpress_ghost_scanner",
+          "auxiliary/dos/http/wordpress_xmlrpc_dos",
+          "auxiliary/scanner/http/wordpress_xmlrpc_login",
+          "auxiliary/scanner/http/wordpress_pingback_access"
+        ]
+      },
+      "interesting_entries": [
+
+      ]
+    },
+    {
+      "url": "http://old-wordpress.demo-apps.svc.cluster.local/readme.html",
+      "to_s": "WordPress readme found: http://old-wordpress.demo-apps.svc.cluster.local/readme.html",
+      "type": "readme",
+      "found_by": "Direct Access (Aggressive Detection)",
+      "confidence": 100,
+      "confirmed_by": {
+
+      },
+      "references": {
+
+      },
+      "interesting_entries": [
+
+      ]
+    },
+    {
+      "url": "http://old-wordpress.demo-apps.svc.cluster.local/wp-cron.php",
+      "to_s": "The external WP-Cron seems to be enabled: http://old-wordpress.demo-apps.svc.cluster.local/wp-cron.php",
+      "type": "wp_cron",
+      "found_by": "Direct Access (Aggressive Detection)",
+      "confidence": 60,
+      "confirmed_by": {
+
+      },
+      "references": {
+        "url": [
+          "https://www.iplocation.net/defend-wordpress-from-ddos",
+          "https://github.com/wpscanteam/wpscan/issues/1299"
+        ]
+      },
+      "interesting_entries": [
+
+      ]
+    }
+  ],
+  "version": {
+    "number": "4.0.31",
+    "release_date": "2020-06-10",
+    "status": "latest",
+    "found_by": "Meta Generator (Passive Detection)",
+    "confidence": 100,
+    "interesting_entries": [
+      "http://old-wordpress.demo-apps.svc.cluster.local/, Match: 'WordPress 4.0.31'"
+    ],
+    "confirmed_by": {
+      "Atom Generator (Aggressive Detection)": {
+        "confidence": 80,
+        "interesting_entries": [
+          "http://old-wordpress.demo-apps.svc.cluster.local/?feed=atom, <generator uri=\"https://wordpress.org/\" version=\"4.0.31\">WordPress</generator>"
+        ]
+      }
+    },
+    "vulnerabilities": [
+
+    ]
+  },
+  "main_theme": null,
+  "plugins": {
+
+  },
+  "vuln_api": {
+    "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up"
+  },
+  "stop_time": 1600682792,
+  "elapsed": 225,
+  "requests_done": 4777,
+  "cached_requests": 4,
+  "data_sent": 1459447,
+  "data_sent_humanised": "1.392 MB",
+  "data_received": 18563423,
+  "data_received_humanised": "17.703 MB",
+  "used_memory": 299765760,
+  "used_memory_humanised": "285.879 MB"
+}