Open
Description
Subject of the issue
WPScan crashes when it scans websites that return only a string of numbers like 404 as a response.
Your environment
- Version of WPScan: 3.8.22
- Version of Ruby: ruby 3.1.2p20
- Operating System (OS): Ubuntu
Steps to reproduce
Create a custom 404 page that returns only a 404 string or just 1.
Run WPScan with --rua -e u option. (wpscan --rua -e u --url http://localhost:8000/)
Expected behavior
The scan should complete without any errors.
Actual behavior
It appears that WPScan crashes when it sends two requests that expect a JSON response.
Below are the URLs and their corresponding stack traces.
http://localhost:8000/wp-json/wp/v2/users/?per_page=100&page=1
Scan Aborted: undefined method `each' for 404:Integer
Trace: /var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:45:in `users_from_response'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:28:in `block in aggressive'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:21:in `loop'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/wp_json_api.rb:21:in `aggressive'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/base_finders.rb:31:in `run_finder'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:16:in `block (2 levels) in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `block in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:21:in `find'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:12:in `find'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/lib/wpscan/target.rb:102:in `users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration/enum_methods.rb:196:in `enum_users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration.rb:20:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `block in run'
/usr/lib/ruby/2.7.0/timeout.rb:78:in `timeout'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:45:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:24:in `run'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:17:in `block in <top (required)>'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:15:in `initialize'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `new'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `<top (required)>'
/usr/local/bin/wpscan:23:in `load'
/usr/local/bin/wpscan:23:in `<main>'
http://localhost:8000/wp-json/oembed/1.0/embed?url=http://localhost:8000/&format=json
Scan Aborted: no implicit conversion of String into Integer
Trace: /var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:39:in `[]'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:39:in `user_details_from_oembed_data'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/finders/users/oembed_api.rb:22:in `aggressive'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/base_finders.rb:31:in `run_finder'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:16:in `block (2 levels) in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:15:in `block in run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/same_type_finders.rb:14:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:21:in `find'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/finders/independent_finder.rb:12:in `find'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/lib/wpscan/target.rb:102:in `users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration/enum_methods.rb:196:in `enum_users'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/app/controllers/enumeration.rb:20:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `each'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:50:in `block in run'
/usr/lib/ruby/2.7.0/timeout.rb:78:in `timeout'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/controllers.rb:45:in `run'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:24:in `run'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:17:in `block in <top (required)>'
/var/lib/gems/2.7.0/gems/cms_scanner-0.13.8/lib/cms_scanner/scan.rb:15:in `initialize'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `new'
/var/lib/gems/2.7.0/gems/wpscan-3.8.22/bin/wpscan:6:in `<top (required)>'
/usr/local/bin/wpscan:23:in `load'
/usr/local/bin/wpscan:23:in `<main>'
What have you already tried
Things you have tried (where relevant):
- Update WPScan to the latest version [ ]
- Update Ruby to the latest version [ ]
- Ensure you can reach the target site using cURL [x]
- Proxied WPScan through a HTTP proxy to view the raw traffic [x]
- Ensure you are using a supported Operating System (Linux and macOS) [x]