Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan Aborted: undefined method `each' for 404:Integer #1817

Open
royisy opened this issue Nov 27, 2023 · 3 comments · May be fixed by #1818
Open

Scan Aborted: undefined method `each' for 404:Integer #1817

royisy opened this issue Nov 27, 2023 · 3 comments · May be fixed by #1818
Labels
bug priority: low

Comments

@royisy
Copy link

royisy commented Nov 27, 2023

Subject of the issue

WPScan crashes when it scans websites that return only a string of numbers like 404 as a response.

Your environment

  • Version of WPScan: 3.8.22
  • Version of Ruby: ruby 3.1.2p20
  • Operating System (OS): Ubuntu

Steps to reproduce

Create a custom 404 page that returns only a 404 string or just 1.
Run WPScan with --rua -e u option. (wpscan --rua -e u --url http://localhost:8000/)

Expected behavior

The scan should complete without any errors.

Actual behavior

It appears that WPScan crashes when it sends two requests that expect a JSON response.
Below are the URLs and their corresponding stack traces.

http://localhost:8000/wp-json/wp/v2/users/?per_page=100&page=1

Scan Aborted: undefined method `each' for 404:Integer
Trace: /var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:45:in `users_from_response'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:28:in `block in aggressive'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:21:in `loop'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:21:in `aggressive'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/base_finders.rb:31:in `run_finder'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:16:in `block (2 levels) in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `block in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:21:in `find'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:12:in `find'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/lib/wpscan/target.rb:102:in `users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration/enum_methods.rb:196:in `enum_users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration.rb:20:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `block in run'
/usr/lib/ruby/2.7.0/timeout.rb:78:in `timeout'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:45:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:24:in `run'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:17:in `block in <top (required)>'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:15:in `initialize'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `new'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `<top (required)>'
/usr/local/bin/wpscan:23:in `load'
/usr/local/bin/wpscan:23:in `<main>'

http://localhost:8000/wp-json/oembed/1.0/embed?url=http://localhost:8000/&format=json

Scan Aborted: no implicit conversion of String into Integer
Trace: /var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:39:in `[]'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:39:in `user_details_from_oembed_data'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:22:in `aggressive'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/base_finders.rb:31:in `run_finder'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:16:in `block (2 levels) in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `block in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:21:in `find'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:12:in `find'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/lib/wpscan/target.rb:102:in `users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration/enum_methods.rb:196:in `enum_users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration.rb:20:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `block in run'
/usr/lib/ruby/2.7.0/timeout.rb:78:in `timeout'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:45:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:24:in `run'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:17:in `block in <top (required)>'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:15:in `initialize'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `new'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `<top (required)>'
/usr/local/bin/wpscan:23:in `load'
/usr/local/bin/wpscan:23:in `<main>'

What have you already tried

Things you have tried (where relevant):

  • Update WPScan to the latest version [ ]
  • Update Ruby to the latest version [ ]
  • Ensure you can reach the target site using cURL [x]
  • Proxied WPScan through a HTTP proxy to view the raw traffic [x]
  • Ensure you are using a supported Operating System (Linux and macOS) [x]
@alexsanford alexsanford added the needs triage Reproduce it if it's a bug, set a priority. label Nov 27, 2023
@alexsanford alexsanford linked a pull request Nov 30, 2023 that will close this issue
Open
@alexsanford
Copy link
Contributor

Not sure what the config for the WP site would be that would make this happen, but I've managed to reproduce it in a contrived setup. Fixed in #1818

Do you mind testing the PR?

@alexsanford alexsanford added bug priority: low and removed needs triage Reproduce it if it's a bug, set a priority. labels Nov 30, 2023
@royisy
Copy link
Author

royisy commented Dec 1, 2023

@alexsanford
Thank you, it finished without the errors with the fix.

The WP sites caused this error used custom themes and their 404 page just returned integer strings.

@alexsanford
Copy link
Contributor

Thank you, it finished without the errors with the fix.

Great! We'll get that merged and released soon.

The WP sites caused this error used custom themes and their 404 page just returned integer strings.

It's interesting that they did so for wp-json URLs as well. Seems like that would break a lot of stuff in WP 😕

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug priority: low
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix/handle invalid wp json response wpscanteam/wpscan
2 participants
@alexsanford @royisy