dradis-wpscan 3.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/issue_template.md +16 -0
- data/.github/pull_request_template.md +36 -0
- data/.gitignore +10 -0
- data/.rspec +2 -0
- data/CHANGELOG.md +13 -0
- data/CONTRIBUTING.md +3 -0
- data/Gemfile +23 -0
- data/LICENSE +339 -0
- data/README.md +27 -0
- data/Rakefile +1 -0
- data/dradis-wpscan.gemspec +34 -0
- data/lib/dradis-wpscan.rb +7 -0
- data/lib/dradis/plugins/wpscan.rb +11 -0
- data/lib/dradis/plugins/wpscan/engine.rb +13 -0
- data/lib/dradis/plugins/wpscan/field_processor.rb +21 -0
- data/lib/dradis/plugins/wpscan/gem_version.rb +19 -0
- data/lib/dradis/plugins/wpscan/importer.rb +193 -0
- data/lib/dradis/plugins/wpscan/version.rb +13 -0
- data/lib/tasks/thorfile.rb +23 -0
- data/output.json +323 -0
- data/spec/fixtures/files/invalid.json +25 -0
- data/spec/fixtures/files/sample.json +481 -0
- data/spec/spec_helper.rb +9 -0
- data/spec/wpscan_upload_spec.rb +58 -0
- data/templates/evidence.fields +1 -0
- data/templates/evidence.sample +481 -0
- data/templates/evidence.template +2 -0
- data/templates/scan_info.fields +8 -0
- data/templates/scan_info.sample +30 -0
- data/templates/scan_info.template +34 -0
- data/templates/vulnerability.fields +6 -0
- data/templates/vulnerability.sample +481 -0
- data/templates/vulnerability.template +18 -0
- metadata +168 -0
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,58 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe 'wpscan upload plugin' do
|
4
|
+
describe "Importer" do
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
# Stub template service
|
8
|
+
templates_dir = File.expand_path('../../templates', __FILE__)
|
9
|
+
expect_any_instance_of(Dradis::Plugins::TemplateService)
|
10
|
+
.to receive(:default_templates_dir).and_return(templates_dir)
|
11
|
+
|
12
|
+
# Init services
|
13
|
+
plugin = Dradis::Plugins::Wpscan
|
14
|
+
|
15
|
+
@content_service = Dradis::Plugins::ContentService::Base.new(plugin: plugin)
|
16
|
+
|
17
|
+
@importer = plugin::Importer.new(
|
18
|
+
content_service: @content_service
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
it 'raises an error note when the json is not valid' do
|
23
|
+
expect(@content_service).to receive(:create_note) do |args|
|
24
|
+
expect(args[:text]).to include("ERROR: No 'target_url' field present in the provided JSON data")
|
25
|
+
OpenStruct.new(args)
|
26
|
+
end.once
|
27
|
+
|
28
|
+
@importer.import(file: 'spec/fixtures/files/invalid.json')
|
29
|
+
end
|
30
|
+
|
31
|
+
it "creates nodes, issues, notes and an evidences as needed" do
|
32
|
+
expect(@content_service).to receive(:create_node) do |args|
|
33
|
+
# puts "create_node: #{ args.inspect }"
|
34
|
+
expect(args[:label]).to eq('http://www.redacted.com/')
|
35
|
+
expect(args[:type]).to eq(:host)
|
36
|
+
OpenStruct.new(args)
|
37
|
+
end.once
|
38
|
+
expect(@content_service).to receive(:create_note) do |args|
|
39
|
+
# puts "create_note: #{ args.inspect }"
|
40
|
+
expect(args[:text]).to include("#[Title]#\nWPScan Scan Information")
|
41
|
+
expect(args[:node].label).to eq('http://www.redacted.com/')
|
42
|
+
OpenStruct.new(args)
|
43
|
+
end.once
|
44
|
+
expect(@content_service).to receive(:create_issue) do |args|
|
45
|
+
# puts "create_issue: #{ args.inspect }"
|
46
|
+
OpenStruct.new(args)
|
47
|
+
end.exactly(10).times
|
48
|
+
expect(@content_service).to receive(:create_evidence) do |args|
|
49
|
+
# puts "create_evidence: #{ args.inspect }"
|
50
|
+
OpenStruct.new(args)
|
51
|
+
end.exactly(5).times
|
52
|
+
|
53
|
+
# Run the import
|
54
|
+
@importer.import(file: 'spec/fixtures/files/sample.json')
|
55
|
+
end
|
56
|
+
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
evidence.evidence
|
@@ -0,0 +1,481 @@
|
|
1
|
+
{
|
2
|
+
"banner":{
|
3
|
+
"description":"WordPress Security Scanner by the WPScan Team",
|
4
|
+
"version":"3.7.5",
|
5
|
+
"authors":[
|
6
|
+
"@_WPScan_",
|
7
|
+
"@ethicalhack3r",
|
8
|
+
"@erwan_lr",
|
9
|
+
"@_FireFart_"
|
10
|
+
],
|
11
|
+
"sponsor":"WPScan.io - Online WordPress Vulnerability Scanner"
|
12
|
+
},
|
13
|
+
"start_time":1573480650,
|
14
|
+
"start_memory":49602560,
|
15
|
+
"target_url":"http://www.redacted.com/",
|
16
|
+
"effective_url":"http://www.redacted.com/",
|
17
|
+
"interesting_findings":[
|
18
|
+
{
|
19
|
+
"url":"http://www.redacted.com/",
|
20
|
+
"to_s":"http://www.redacted.com/",
|
21
|
+
"type":"headers",
|
22
|
+
"found_by":"Headers (Passive Detection)",
|
23
|
+
"confidence":100,
|
24
|
+
"confirmed_by":{
|
25
|
+
|
26
|
+
},
|
27
|
+
"references":{
|
28
|
+
|
29
|
+
},
|
30
|
+
"interesting_entries":[
|
31
|
+
"Server: nginx"
|
32
|
+
]
|
33
|
+
},
|
34
|
+
{
|
35
|
+
"url":"http://www.redacted.com/robots.txt",
|
36
|
+
"to_s":"http://www.redacted.com/robots.txt",
|
37
|
+
"type":"robots_txt",
|
38
|
+
"found_by":"Robots Txt (Aggressive Detection)",
|
39
|
+
"confidence":100,
|
40
|
+
"confirmed_by":{
|
41
|
+
|
42
|
+
},
|
43
|
+
"references":{
|
44
|
+
|
45
|
+
},
|
46
|
+
"interesting_entries":[
|
47
|
+
"/wp-admin/",
|
48
|
+
"/wp-admin/admin-ajax.php"
|
49
|
+
]
|
50
|
+
},
|
51
|
+
{
|
52
|
+
"url":"http://www.redacted.com/xmlrpc.php",
|
53
|
+
"to_s":"http://www.redacted.com/xmlrpc.php",
|
54
|
+
"type":"xmlrpc",
|
55
|
+
"found_by":"Headers (Passive Detection)",
|
56
|
+
"confidence":100,
|
57
|
+
"confirmed_by":{
|
58
|
+
"Link Tag (Passive Detection)":{
|
59
|
+
"confidence":30
|
60
|
+
},
|
61
|
+
"Direct Access (Aggressive Detection)":{
|
62
|
+
"confidence":100
|
63
|
+
}
|
64
|
+
},
|
65
|
+
"references":{
|
66
|
+
"url":[
|
67
|
+
"http://codex.wordpress.org/XML-RPC_Pingback_API"
|
68
|
+
],
|
69
|
+
"metasploit":[
|
70
|
+
"auxiliary/scanner/http/wordpress_ghost_scanner",
|
71
|
+
"auxiliary/dos/http/wordpress_xmlrpc_dos",
|
72
|
+
"auxiliary/scanner/http/wordpress_xmlrpc_login",
|
73
|
+
"auxiliary/scanner/http/wordpress_pingback_access"
|
74
|
+
]
|
75
|
+
},
|
76
|
+
"interesting_entries":[
|
77
|
+
|
78
|
+
]
|
79
|
+
},
|
80
|
+
{
|
81
|
+
"url":"http://www.redacted.com/readme.html",
|
82
|
+
"to_s":"http://www.redacted.com/readme.html",
|
83
|
+
"type":"readme",
|
84
|
+
"found_by":"Direct Access (Aggressive Detection)",
|
85
|
+
"confidence":100,
|
86
|
+
"confirmed_by":{
|
87
|
+
|
88
|
+
},
|
89
|
+
"references":{
|
90
|
+
|
91
|
+
},
|
92
|
+
"interesting_entries":[
|
93
|
+
|
94
|
+
]
|
95
|
+
},
|
96
|
+
{
|
97
|
+
"url":"http://www.redacted.com/wp-cron.php",
|
98
|
+
"to_s":"http://www.redacted.com/wp-cron.php",
|
99
|
+
"type":"wp_cron",
|
100
|
+
"found_by":"Direct Access (Aggressive Detection)",
|
101
|
+
"confidence":60,
|
102
|
+
"confirmed_by":{
|
103
|
+
|
104
|
+
},
|
105
|
+
"references":{
|
106
|
+
"url":[
|
107
|
+
"https://www.iplocation.net/defend-wordpress-from-ddos",
|
108
|
+
"https://github.com/wpscanteam/wpscan/issues/1299"
|
109
|
+
]
|
110
|
+
},
|
111
|
+
"interesting_entries":[
|
112
|
+
|
113
|
+
]
|
114
|
+
}
|
115
|
+
],
|
116
|
+
"version":{
|
117
|
+
"number":"4.7.2",
|
118
|
+
"release_date":"2017-01-26",
|
119
|
+
"status":"insecure",
|
120
|
+
"found_by":"Meta Generator (Passive Detection)",
|
121
|
+
"confidence":60,
|
122
|
+
"interesting_entries":[
|
123
|
+
"http://www.redacted.com/, Match: 'WordPress 4.7.2'"
|
124
|
+
],
|
125
|
+
"confirmed_by":{
|
126
|
+
|
127
|
+
},
|
128
|
+
"vulnerabilities":[
|
129
|
+
{
|
130
|
+
"title":"WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata",
|
131
|
+
"fixed_in":"4.7.3",
|
132
|
+
"references":{
|
133
|
+
"cve":[
|
134
|
+
"2017-6814"
|
135
|
+
],
|
136
|
+
"url":[
|
137
|
+
"https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/",
|
138
|
+
"https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7",
|
139
|
+
"https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html",
|
140
|
+
"https://seclists.org/oss-sec/2017/q1/563"
|
141
|
+
],
|
142
|
+
"wpvulndb":[
|
143
|
+
"8765"
|
144
|
+
]
|
145
|
+
}
|
146
|
+
},
|
147
|
+
{
|
148
|
+
"title":"WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation",
|
149
|
+
"fixed_in":"4.7.3",
|
150
|
+
"references":{
|
151
|
+
"cve":[
|
152
|
+
"2017-6815"
|
153
|
+
],
|
154
|
+
"url":[
|
155
|
+
"https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/",
|
156
|
+
"https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e"
|
157
|
+
],
|
158
|
+
"wpvulndb":[
|
159
|
+
"8766"
|
160
|
+
]
|
161
|
+
}
|
162
|
+
}
|
163
|
+
]
|
164
|
+
},
|
165
|
+
"main_theme":{
|
166
|
+
"slug":"liquorice",
|
167
|
+
"location":"http://www.redacted.com/wp-content/themes/liquorice/",
|
168
|
+
"latest_version":"2.3",
|
169
|
+
"last_updated":"2013-05-30T00:00:00.000Z",
|
170
|
+
"outdated":false,
|
171
|
+
"readme_url":"http://www.redacted.com/wp-content/themes/liquorice/readme.txt",
|
172
|
+
"directory_listing":false,
|
173
|
+
"error_log_url":null,
|
174
|
+
"style_url":"http://www.redacted.com/wp-content/themes/liquorice/style.css",
|
175
|
+
"style_name":"Liquorice",
|
176
|
+
"style_uri":"http://www.nudgedesign.ca/wordpress-themes/liquorice",
|
177
|
+
"description":"A simple and clean vintage looking theme for you to build on using Google's font API Lobster font. Custom background feature enabled.",
|
178
|
+
"author":"Nudge Design",
|
179
|
+
"author_uri":"http://www.nudgedesign.ca",
|
180
|
+
"template":null,
|
181
|
+
"license":"GNU General Public License v2.0",
|
182
|
+
"license_uri":"http://www.gnu.org/licenses/gpl-2.0.html",
|
183
|
+
"tags":"custom-background, two-columns, fixed-width, right-sidebar, light, brown, orange, blue",
|
184
|
+
"text_domain":null,
|
185
|
+
"found_by":"Css Style In Homepage (Passive Detection)",
|
186
|
+
"confidence":100,
|
187
|
+
"interesting_entries":[
|
188
|
+
|
189
|
+
],
|
190
|
+
"confirmed_by":{
|
191
|
+
"Css Style In 404 Page (Passive Detection)":{
|
192
|
+
"confidence":70,
|
193
|
+
"interesting_entries":[
|
194
|
+
|
195
|
+
]
|
196
|
+
}
|
197
|
+
},
|
198
|
+
"vulnerabilities":[
|
199
|
+
|
200
|
+
],
|
201
|
+
"version":{
|
202
|
+
"number":"2.3",
|
203
|
+
"confidence":80,
|
204
|
+
"found_by":"Style (Passive Detection)",
|
205
|
+
"interesting_entries":[
|
206
|
+
"http://www.redacted.com/wp-content/themes/liquorice/style.css, Match: 'Version: 2.3'"
|
207
|
+
],
|
208
|
+
"confirmed_by":{
|
209
|
+
|
210
|
+
}
|
211
|
+
},
|
212
|
+
"parents":[
|
213
|
+
|
214
|
+
]
|
215
|
+
},
|
216
|
+
"plugins":{
|
217
|
+
"all-in-one-seo-pack":{
|
218
|
+
"slug":"all-in-one-seo-pack",
|
219
|
+
"location":"http://www.redacted.com/wp-content/plugins/all-in-one-seo-pack/",
|
220
|
+
"latest_version":"3.2.10",
|
221
|
+
"last_updated":"2019-10-17T15:07:00.000Z",
|
222
|
+
"outdated":true,
|
223
|
+
"readme_url":null,
|
224
|
+
"directory_listing":null,
|
225
|
+
"error_log_url":null,
|
226
|
+
"found_by":"Comment (Passive Detection)",
|
227
|
+
"confidence":30,
|
228
|
+
"interesting_entries":[
|
229
|
+
|
230
|
+
],
|
231
|
+
"confirmed_by":{
|
232
|
+
|
233
|
+
},
|
234
|
+
"vulnerabilities":[
|
235
|
+
{
|
236
|
+
"title":"All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)",
|
237
|
+
"fixed_in":"3.2.7",
|
238
|
+
"references":{
|
239
|
+
"cve":[
|
240
|
+
"2019-16520"
|
241
|
+
],
|
242
|
+
"url":[
|
243
|
+
"https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-04_WordPress_Plugin_All_in_One_SEO_Pack"
|
244
|
+
],
|
245
|
+
"wpvulndb":[
|
246
|
+
"9915"
|
247
|
+
]
|
248
|
+
}
|
249
|
+
}
|
250
|
+
],
|
251
|
+
"version":{
|
252
|
+
"number":"3.1",
|
253
|
+
"confidence":100,
|
254
|
+
"found_by":"Comment (Passive Detection)",
|
255
|
+
"interesting_entries":[
|
256
|
+
"http://www.redacted.com/, Match: 'All in One SEO Pack 3.1 by'"
|
257
|
+
],
|
258
|
+
"confirmed_by":{
|
259
|
+
"Readme - Stable Tag (Aggressive Detection)":{
|
260
|
+
"confidence":80,
|
261
|
+
"interesting_entries":[
|
262
|
+
"http://www.redacted.com/wp-content/plugins/all-in-one-seo-pack/readme.txt"
|
263
|
+
]
|
264
|
+
}
|
265
|
+
}
|
266
|
+
}
|
267
|
+
},
|
268
|
+
"qtranslate":{
|
269
|
+
"slug":"qtranslate",
|
270
|
+
"location":"http://www.redacted.com/wp-content/plugins/qtranslate/",
|
271
|
+
"latest_version":null,
|
272
|
+
"last_updated":null,
|
273
|
+
"outdated":false,
|
274
|
+
"readme_url":null,
|
275
|
+
"directory_listing":null,
|
276
|
+
"error_log_url":null,
|
277
|
+
"found_by":"Urls In Homepage (Passive Detection)",
|
278
|
+
"confidence":100,
|
279
|
+
"interesting_entries":[
|
280
|
+
|
281
|
+
],
|
282
|
+
"confirmed_by":{
|
283
|
+
"Urls In 404 Page (Passive Detection)":{
|
284
|
+
"confidence":80,
|
285
|
+
"interesting_entries":[
|
286
|
+
|
287
|
+
]
|
288
|
+
}
|
289
|
+
},
|
290
|
+
"vulnerabilities":[
|
291
|
+
{
|
292
|
+
"title":"qTranslate 2.5.34 - Setting Manipulation CSRF",
|
293
|
+
"fixed_in":null,
|
294
|
+
"references":{
|
295
|
+
"cve":[
|
296
|
+
"2013-3251"
|
297
|
+
],
|
298
|
+
"wpvulndb":[
|
299
|
+
"6846"
|
300
|
+
]
|
301
|
+
}
|
302
|
+
},
|
303
|
+
{
|
304
|
+
"title":"qTranslate <= 2.5.39 - Cross-Site Scripting (XSS)",
|
305
|
+
"fixed_in":null,
|
306
|
+
"references":{
|
307
|
+
"cve":[
|
308
|
+
"2015-5535"
|
309
|
+
],
|
310
|
+
"url":[
|
311
|
+
"https://seclists.org/bugtraq/2015/Jul/139",
|
312
|
+
"https://www.immuniweb.com/advisory/HTB23265"
|
313
|
+
],
|
314
|
+
"wpvulndb":[
|
315
|
+
"8120"
|
316
|
+
]
|
317
|
+
}
|
318
|
+
}
|
319
|
+
],
|
320
|
+
"version":null
|
321
|
+
}
|
322
|
+
},
|
323
|
+
"db_exports":{
|
324
|
+
"http://www.redacted.com/redacted.sql":{
|
325
|
+
"found_by":"Direct Access (Aggressive Detection)",
|
326
|
+
"confidence":100,
|
327
|
+
"interesting_entries":[
|
328
|
+
|
329
|
+
],
|
330
|
+
"confirmed_by":{
|
331
|
+
|
332
|
+
}
|
333
|
+
},
|
334
|
+
"http://www.redacted.com/dump.sql":{
|
335
|
+
"found_by":"Direct Access (Aggressive Detection)",
|
336
|
+
"confidence":100,
|
337
|
+
"interesting_entries":[
|
338
|
+
|
339
|
+
],
|
340
|
+
"confirmed_by":{
|
341
|
+
|
342
|
+
}
|
343
|
+
}
|
344
|
+
},
|
345
|
+
"timthumbs":{
|
346
|
+
"http://www.redacted.com/wordpress-5.2.4/timthumb.php":{
|
347
|
+
"confirmed_by":{
|
348
|
+
|
349
|
+
},
|
350
|
+
"confidence":100,
|
351
|
+
"interesting_entries":[
|
352
|
+
|
353
|
+
],
|
354
|
+
"version":{
|
355
|
+
"found_by":"Bad Request (Aggressive Detection)",
|
356
|
+
"interesting_entries":[
|
357
|
+
"http://www.redacted.com/wordpress-5.2.4/timthumb.php, Match: 'TimThumb version : 2.8.13'"
|
358
|
+
],
|
359
|
+
"number":"2.8.13",
|
360
|
+
"confirmed_by":{
|
361
|
+
|
362
|
+
},
|
363
|
+
"confidence":90
|
364
|
+
},
|
365
|
+
"vulnerabilities":[
|
366
|
+
|
367
|
+
],
|
368
|
+
"found_by":"Known Locations (Aggressive Detection)"
|
369
|
+
},
|
370
|
+
"http://www.redacted.com/wordpress-5.2.4/thumb.php":{
|
371
|
+
"interesting_entries":[
|
372
|
+
|
373
|
+
],
|
374
|
+
"confidence":100,
|
375
|
+
"confirmed_by":{
|
376
|
+
|
377
|
+
},
|
378
|
+
"vulnerabilities":[
|
379
|
+
{
|
380
|
+
"title":"Timthumb <= 2.8.13 WebShot Remote Code Execution",
|
381
|
+
"fixed_in":"2.8.14",
|
382
|
+
"references":{
|
383
|
+
"cve":[
|
384
|
+
"2014-4663"
|
385
|
+
],
|
386
|
+
"url":[
|
387
|
+
"http://seclists.org/fulldisclosure/2014/Jun/117",
|
388
|
+
"https://github.com/wpscanteam/wpscan/issues/519"
|
389
|
+
]
|
390
|
+
}
|
391
|
+
}
|
392
|
+
],
|
393
|
+
"found_by":"Known Locations (Aggressive Detection)",
|
394
|
+
"version":{
|
395
|
+
"confirmed_by":{
|
396
|
+
|
397
|
+
},
|
398
|
+
"confidence":90,
|
399
|
+
"number":"2.8.13",
|
400
|
+
"interesting_entries":[
|
401
|
+
"http://www.redacted.com/wordpress-5.2.4/thumb.php, Match: 'TimThumb version : 2.8.13'"
|
402
|
+
],
|
403
|
+
"found_by":"Bad Request (Aggressive Detection)"
|
404
|
+
}
|
405
|
+
}
|
406
|
+
},
|
407
|
+
"config_backups":{
|
408
|
+
"http://www.redacted.com/wp-config.txt":{
|
409
|
+
"found_by":"Direct Access (Aggressive Detection)",
|
410
|
+
"confidence":100,
|
411
|
+
"interesting_entries":[
|
412
|
+
|
413
|
+
],
|
414
|
+
"confirmed_by":{
|
415
|
+
|
416
|
+
}
|
417
|
+
}
|
418
|
+
},
|
419
|
+
"users": {
|
420
|
+
"marie": {
|
421
|
+
"id": null,
|
422
|
+
"found_by": "Rss Generator (Passive Detection)",
|
423
|
+
"confidence": 100,
|
424
|
+
"interesting_entries": [
|
425
|
+
|
426
|
+
],
|
427
|
+
"confirmed_by": {
|
428
|
+
"Wp Json Api (Aggressive Detection)": {
|
429
|
+
"confidence": 100,
|
430
|
+
"interesting_entries": [
|
431
|
+
"http://www.lagardelanguages.com/wp-json/wp/v2/users/?per_page=100&page=1"
|
432
|
+
]
|
433
|
+
},
|
434
|
+
"Oembed API - Author URL (Aggressive Detection)": {
|
435
|
+
"confidence": 90,
|
436
|
+
"interesting_entries": [
|
437
|
+
"http://www.lagardelanguages.com/wp-json/oembed/1.0/embed?url=http://www.lagardelanguages.com/&format=json"
|
438
|
+
]
|
439
|
+
},
|
440
|
+
"Rss Generator (Aggressive Detection)": {
|
441
|
+
"confidence": 50,
|
442
|
+
"interesting_entries": [
|
443
|
+
|
444
|
+
]
|
445
|
+
},
|
446
|
+
"Author Id Brute Forcing - Author Pattern (Aggressive Detection)": {
|
447
|
+
"confidence": 100,
|
448
|
+
"interesting_entries": [
|
449
|
+
|
450
|
+
]
|
451
|
+
},
|
452
|
+
"Login Error Messages (Aggressive Detection)": {
|
453
|
+
"confidence": 100,
|
454
|
+
"interesting_entries": [
|
455
|
+
|
456
|
+
]
|
457
|
+
}
|
458
|
+
}
|
459
|
+
}
|
460
|
+
},
|
461
|
+
"password_attack": {
|
462
|
+
"marie": {
|
463
|
+
"password": "your-password"
|
464
|
+
}
|
465
|
+
},
|
466
|
+
"vuln_api":{
|
467
|
+
"plan":"enterprise",
|
468
|
+
"requests_done_during_scan":2,
|
469
|
+
"requests_remaining":"Unlimited"
|
470
|
+
},
|
471
|
+
"stop_time":1573480662,
|
472
|
+
"elapsed":12,
|
473
|
+
"requests_done":456,
|
474
|
+
"cached_requests":8,
|
475
|
+
"data_sent":96169,
|
476
|
+
"data_sent_humanised":"93.915 KB",
|
477
|
+
"data_received":479810,
|
478
|
+
"data_received_humanised":"468.564 KB",
|
479
|
+
"used_memory":212566016,
|
480
|
+
"used_memory_humanised":"202.719 MB"
|
481
|
+
}
|