dradis-wpscan 3.17.0 → 3.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ecf7d2783c66e0c0a0484df51099b874a3fd0678a46212bed83fbc62dd6835d7
-  data.tar.gz: 1ebee50a3920ee0cdaeb12c82edafe796dd3dc3b9343ca85038641682bfd2cdd
+  metadata.gz: d70372e9b9c470fe88b070b5702d50576d2719c3f49ccc080909c008f5879350
+  data.tar.gz: 28805d43efc595a284b014e6d9c510072531f1be51c0fe616993842106e1e028
 SHA512:
-  metadata.gz: c9c4c53ac5215a4cdf6a3f14eb533637b3e865197edf631b90899c6e359eef9ad20af21a3b5d68cb982c497b3826ccf89034c210dae7026d856c8d662159aacf
-  data.tar.gz: 27661d131e2b7893ec868167ecd6109d264a72148ca86ec802340bec56669b60b51295a85239f751b130298033f1d8f52d21347f1cf7638c6a40edf9ce3f3e45
+  metadata.gz: 026c535d683df1b6d7d2fa5521ef69122a54ce720fc44efdae46a1005d3280494bc0e6c44b68e0b22b1f972b5d1219f470cb160c9e3737b8025bcb50594749a7
+  data.tar.gz: d944e7db613e7782f67c86efe0ad40e9e6959ef3ab156d0193a68eadda671179a0a3b0d674a5ed3f6e386e598afa51792815bc19c3bfa250c095f92b87acabf6

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## Dradis Framework 3.18 (July, 2020) ##
+
+*  Fix WPScan Plugin Manager by adding an evidence.sample
+
+
 ## Dradis Framework 3.17 (May, 2020) ##
 
 *  No changes.

data/lib/dradis/plugins/wpscan/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 3
-        MINOR = 17
+        MINOR = 18
         TINY = 0
         PRE = nil
 

data/templates/evidence.sample

@@ -0,0 +1,481 @@
+{ 
+   "banner":{ 
+      "description":"WordPress Security Scanner by the WPScan Team",
+      "version":"3.7.5",
+      "authors":[ 
+         "@_WPScan_",
+         "@ethicalhack3r",
+         "@erwan_lr",
+         "@_FireFart_"
+      ],
+      "sponsor":"WPScan.io - Online WordPress Vulnerability Scanner"
+   },
+   "start_time":1573480650,
+   "start_memory":49602560,
+   "target_url":"http://www.redacted.com/",
+   "effective_url":"http://www.redacted.com/",
+   "interesting_findings":[ 
+      { 
+         "url":"http://www.redacted.com/",
+         "to_s":"http://www.redacted.com/",
+         "type":"headers",
+         "found_by":"Headers (Passive Detection)",
+         "confidence":100,
+         "confirmed_by":{ 
+
+         },
+         "references":{ 
+
+         },
+         "interesting_entries":[ 
+            "Server: nginx"
+         ]
+      },
+      { 
+         "url":"http://www.redacted.com/robots.txt",
+         "to_s":"http://www.redacted.com/robots.txt",
+         "type":"robots_txt",
+         "found_by":"Robots Txt (Aggressive Detection)",
+         "confidence":100,
+         "confirmed_by":{ 
+
+         },
+         "references":{ 
+
+         },
+         "interesting_entries":[ 
+            "/wp-admin/",
+            "/wp-admin/admin-ajax.php"
+         ]
+      },
+      { 
+         "url":"http://www.redacted.com/xmlrpc.php",
+         "to_s":"http://www.redacted.com/xmlrpc.php",
+         "type":"xmlrpc",
+         "found_by":"Headers (Passive Detection)",
+         "confidence":100,
+         "confirmed_by":{ 
+            "Link Tag (Passive Detection)":{ 
+               "confidence":30
+            },
+            "Direct Access (Aggressive Detection)":{ 
+               "confidence":100
+            }
+         },
+         "references":{ 
+            "url":[ 
+               "http://codex.wordpress.org/XML-RPC_Pingback_API"
+            ],
+            "metasploit":[ 
+               "auxiliary/scanner/http/wordpress_ghost_scanner",
+               "auxiliary/dos/http/wordpress_xmlrpc_dos",
+               "auxiliary/scanner/http/wordpress_xmlrpc_login",
+               "auxiliary/scanner/http/wordpress_pingback_access"
+            ]
+         },
+         "interesting_entries":[ 
+
+         ]
+      },
+      { 
+         "url":"http://www.redacted.com/readme.html",
+         "to_s":"http://www.redacted.com/readme.html",
+         "type":"readme",
+         "found_by":"Direct Access (Aggressive Detection)",
+         "confidence":100,
+         "confirmed_by":{ 
+
+         },
+         "references":{ 
+
+         },
+         "interesting_entries":[ 
+
+         ]
+      },
+      { 
+         "url":"http://www.redacted.com/wp-cron.php",
+         "to_s":"http://www.redacted.com/wp-cron.php",
+         "type":"wp_cron",
+         "found_by":"Direct Access (Aggressive Detection)",
+         "confidence":60,
+         "confirmed_by":{ 
+
+         },
+         "references":{ 
+            "url":[ 
+               "https://www.iplocation.net/defend-wordpress-from-ddos",
+               "https://github.com/wpscanteam/wpscan/issues/1299"
+            ]
+         },
+         "interesting_entries":[ 
+
+         ]
+      }
+   ],
+   "version":{ 
+      "number":"4.7.2",
+      "release_date":"2017-01-26",
+      "status":"insecure",
+      "found_by":"Meta Generator (Passive Detection)",
+      "confidence":60,
+      "interesting_entries":[ 
+         "http://www.redacted.com/, Match: 'WordPress 4.7.2'"
+      ],
+      "confirmed_by":{ 
+
+      },
+      "vulnerabilities":[ 
+         { 
+            "title":"WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata",
+            "fixed_in":"4.7.3",
+            "references":{ 
+               "cve":[ 
+                  "2017-6814"
+               ],
+               "url":[ 
+                  "https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/",
+                  "https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7",
+                  "https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html",
+                  "https://seclists.org/oss-sec/2017/q1/563"
+               ],
+               "wpvulndb":[ 
+                  "8765"
+               ]
+            }
+         },
+         { 
+            "title":"WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation",
+            "fixed_in":"4.7.3",
+            "references":{ 
+               "cve":[ 
+                  "2017-6815"
+               ],
+               "url":[ 
+                  "https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/",
+                  "https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e"
+               ],
+               "wpvulndb":[ 
+                  "8766"
+               ]
+            }
+         }
+      ]
+   },
+   "main_theme":{ 
+      "slug":"liquorice",
+      "location":"http://www.redacted.com/wp-content/themes/liquorice/",
+      "latest_version":"2.3",
+      "last_updated":"2013-05-30T00:00:00.000Z",
+      "outdated":false,
+      "readme_url":"http://www.redacted.com/wp-content/themes/liquorice/readme.txt",
+      "directory_listing":false,
+      "error_log_url":null,
+      "style_url":"http://www.redacted.com/wp-content/themes/liquorice/style.css",
+      "style_name":"Liquorice",
+      "style_uri":"http://www.nudgedesign.ca/wordpress-themes/liquorice",
+      "description":"A simple and clean vintage looking theme for you to build on using Google's font API Lobster font. Custom background feature enabled.",
+      "author":"Nudge Design",
+      "author_uri":"http://www.nudgedesign.ca",
+      "template":null,
+      "license":"GNU General Public License v2.0",
+      "license_uri":"http://www.gnu.org/licenses/gpl-2.0.html",
+      "tags":"custom-background, two-columns, fixed-width, right-sidebar, light, brown, orange, blue",
+      "text_domain":null,
+      "found_by":"Css Style In Homepage (Passive Detection)",
+      "confidence":100,
+      "interesting_entries":[ 
+
+      ],
+      "confirmed_by":{ 
+         "Css Style In 404 Page (Passive Detection)":{ 
+            "confidence":70,
+            "interesting_entries":[ 
+
+            ]
+         }
+      },
+      "vulnerabilities":[ 
+
+      ],
+      "version":{ 
+         "number":"2.3",
+         "confidence":80,
+         "found_by":"Style (Passive Detection)",
+         "interesting_entries":[ 
+            "http://www.redacted.com/wp-content/themes/liquorice/style.css, Match: 'Version: 2.3'"
+         ],
+         "confirmed_by":{ 
+
+         }
+      },
+      "parents":[ 
+
+      ]
+   },
+   "plugins":{ 
+      "all-in-one-seo-pack":{ 
+         "slug":"all-in-one-seo-pack",
+         "location":"http://www.redacted.com/wp-content/plugins/all-in-one-seo-pack/",
+         "latest_version":"3.2.10",
+         "last_updated":"2019-10-17T15:07:00.000Z",
+         "outdated":true,
+         "readme_url":null,
+         "directory_listing":null,
+         "error_log_url":null,
+         "found_by":"Comment (Passive Detection)",
+         "confidence":30,
+         "interesting_entries":[ 
+
+         ],
+         "confirmed_by":{ 
+
+         },
+         "vulnerabilities":[ 
+            { 
+               "title":"All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)",
+               "fixed_in":"3.2.7",
+               "references":{ 
+                  "cve":[ 
+                     "2019-16520"
+                  ],
+                  "url":[ 
+                     "https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-04_WordPress_Plugin_All_in_One_SEO_Pack"
+                  ],
+                  "wpvulndb":[ 
+                     "9915"
+                  ]
+               }
+            }
+         ],
+         "version":{ 
+            "number":"3.1",
+            "confidence":100,
+            "found_by":"Comment (Passive Detection)",
+            "interesting_entries":[ 
+               "http://www.redacted.com/, Match: 'All in One SEO Pack 3.1 by'"
+            ],
+            "confirmed_by":{ 
+               "Readme - Stable Tag (Aggressive Detection)":{ 
+                  "confidence":80,
+                  "interesting_entries":[ 
+                     "http://www.redacted.com/wp-content/plugins/all-in-one-seo-pack/readme.txt"
+                  ]
+               }
+            }
+         }
+      },
+      "qtranslate":{ 
+         "slug":"qtranslate",
+         "location":"http://www.redacted.com/wp-content/plugins/qtranslate/",
+         "latest_version":null,
+         "last_updated":null,
+         "outdated":false,
+         "readme_url":null,
+         "directory_listing":null,
+         "error_log_url":null,
+         "found_by":"Urls In Homepage (Passive Detection)",
+         "confidence":100,
+         "interesting_entries":[ 
+
+         ],
+         "confirmed_by":{ 
+            "Urls In 404 Page (Passive Detection)":{ 
+               "confidence":80,
+               "interesting_entries":[ 
+
+               ]
+            }
+         },
+         "vulnerabilities":[ 
+            { 
+               "title":"qTranslate 2.5.34 - Setting Manipulation CSRF",
+               "fixed_in":null,
+               "references":{ 
+                  "cve":[ 
+                     "2013-3251"
+                  ],
+                  "wpvulndb":[ 
+                     "6846"
+                  ]
+               }
+            },
+            { 
+               "title":"qTranslate <= 2.5.39 - Cross-Site Scripting (XSS)",
+               "fixed_in":null,
+               "references":{ 
+                  "cve":[ 
+                     "2015-5535"
+                  ],
+                  "url":[ 
+                     "https://seclists.org/bugtraq/2015/Jul/139",
+                     "https://www.immuniweb.com/advisory/HTB23265"
+                  ],
+                  "wpvulndb":[ 
+                     "8120"
+                  ]
+               }
+            }
+         ],
+         "version":null
+      }
+   },
+   "db_exports":{ 
+      "http://www.redacted.com/redacted.sql":{ 
+         "found_by":"Direct Access (Aggressive Detection)",
+         "confidence":100,
+         "interesting_entries":[ 
+
+         ],
+         "confirmed_by":{ 
+
+         }
+      },
+      "http://www.redacted.com/dump.sql":{ 
+         "found_by":"Direct Access (Aggressive Detection)",
+         "confidence":100,
+         "interesting_entries":[ 
+
+         ],
+         "confirmed_by":{ 
+
+         }
+      }
+   },
+   "timthumbs":{ 
+      "http://www.redacted.com/wordpress-5.2.4/timthumb.php":{ 
+         "confirmed_by":{ 
+
+         },
+         "confidence":100,
+         "interesting_entries":[ 
+
+         ],
+         "version":{ 
+            "found_by":"Bad Request (Aggressive Detection)",
+            "interesting_entries":[ 
+               "http://www.redacted.com/wordpress-5.2.4/timthumb.php, Match: 'TimThumb version : 2.8.13'"
+            ],
+            "number":"2.8.13",
+            "confirmed_by":{ 
+
+            },
+            "confidence":90
+         },
+         "vulnerabilities":[ 
+
+         ],
+         "found_by":"Known Locations (Aggressive Detection)"
+      },
+      "http://www.redacted.com/wordpress-5.2.4/thumb.php":{ 
+         "interesting_entries":[ 
+
+         ],
+         "confidence":100,
+         "confirmed_by":{ 
+
+         },
+         "vulnerabilities":[ 
+            { 
+               "title":"Timthumb <= 2.8.13 WebShot Remote Code Execution",
+               "fixed_in":"2.8.14",
+               "references":{ 
+                  "cve":[ 
+                     "2014-4663"
+                  ],
+                  "url":[ 
+                     "http://seclists.org/fulldisclosure/2014/Jun/117",
+                     "https://github.com/wpscanteam/wpscan/issues/519"
+                  ]
+               }
+            }
+         ],
+         "found_by":"Known Locations (Aggressive Detection)",
+         "version":{ 
+            "confirmed_by":{ 
+
+            },
+            "confidence":90,
+            "number":"2.8.13",
+            "interesting_entries":[ 
+               "http://www.redacted.com/wordpress-5.2.4/thumb.php, Match: 'TimThumb version : 2.8.13'"
+            ],
+            "found_by":"Bad Request (Aggressive Detection)"
+         }
+      }
+   },
+   "config_backups":{ 
+      "http://www.redacted.com/wp-config.txt":{ 
+         "found_by":"Direct Access (Aggressive Detection)",
+         "confidence":100,
+         "interesting_entries":[ 
+
+         ],
+         "confirmed_by":{ 
+
+         }
+      }
+   },
+   "users": {
+    "marie": {
+      "id": null,
+      "found_by": "Rss Generator (Passive Detection)",
+      "confidence": 100,
+      "interesting_entries": [
+
+      ],
+      "confirmed_by": {
+        "Wp Json Api (Aggressive Detection)": {
+          "confidence": 100,
+          "interesting_entries": [
+            "http://www.lagardelanguages.com/wp-json/wp/v2/users/?per_page=100&page=1"
+          ]
+        },
+        "Oembed API - Author URL (Aggressive Detection)": {
+          "confidence": 90,
+          "interesting_entries": [
+            "http://www.lagardelanguages.com/wp-json/oembed/1.0/embed?url=http://www.lagardelanguages.com/&format=json"
+          ]
+        },
+        "Rss Generator (Aggressive Detection)": {
+          "confidence": 50,
+          "interesting_entries": [
+
+          ]
+        },
+        "Author Id Brute Forcing - Author Pattern (Aggressive Detection)": {
+          "confidence": 100,
+          "interesting_entries": [
+
+          ]
+        },
+        "Login Error Messages (Aggressive Detection)": {
+          "confidence": 100,
+          "interesting_entries": [
+
+          ]
+        }
+      }
+    }
+  },
+  "password_attack": {
+    "marie": {
+      "password": "your-password"
+    }
+  },
+   "vuln_api":{ 
+      "plan":"enterprise",
+      "requests_done_during_scan":2,
+      "requests_remaining":"Unlimited"
+   },
+   "stop_time":1573480662,
+   "elapsed":12,
+   "requests_done":456,
+   "cached_requests":8,
+   "data_sent":96169,
+   "data_sent_humanised":"93.915 KB",
+   "data_received":479810,
+   "data_received_humanised":"468.564 KB",
+   "used_memory":212566016,
+   "used_memory_humanised":"202.719 MB"
+}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dradis-wpscan
 version: !ruby/object:Gem::Version
-  version: 3.17.0
+  version: 3.18.0
 platform: ruby
 authors:
 - Christian Mehlmauer
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-02 00:00:00.000000000 Z
+date: 2020-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -130,6 +130,7 @@ files:
 - spec/spec_helper.rb
 - spec/wpscan_upload_spec.rb
 - templates/evidence.fields
+- templates/evidence.sample
 - templates/evidence.template
 - templates/scan_info.fields
 - templates/scan_info.sample
@@ -156,7 +157,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: WPScan add-on for the Dradis Framework.