faraday icon indicating copy to clipboard operation
faraday copied to clipboard
verified publisher icon infobyte

WPScan vulnerabilities are not reported to Faraday Server

Open elenasarim opened this issue 6 years ago • 4 comments

Hello,

I use the community version of Faraday. It is installed in Kali Linux, in the same machine I have installed the Faraday client as well. However, I could not access the Web Gui remotely so I changed the /home/faraday/.faraday/config/server.ini to the following:

[faraday_server]
port=5985
bind_address=0.0.0.0

Whenever I run faraday client and execute wpscan --url www.mydomain.com I can see the list of vulnerabilities but these are not transferred to my workspace. In fact, they are not even recognized by the faraday client. faraday_client faraday_server

Finally, please note that whenever I execute faraday-client, before opening the gui, I notice the following logs on the terminal:


2019-10-29 16:18:26,068 - faraday.client.model.api - INFO {MainThread} [api.py:117 - _setUpAPIServer()]  XMLRPC API server configured on ('localhost', 9876)
2019-10-29 16:18:26,082 - faraday.client.apis.rest.api - INFO {MainThread} [api.py:65 - startAPIs()]  REST API server configured on ('localhost', 9977)

What do you think?

elenasarim avatar Oct 29 '19 14:10 elenasarim

Hi, We think that the stdout of the wpscan has changed and the plugin is not supporting the latest version. Could you tell us the version of wpscan? Can you retry using the --debug flag on the faraday-client? Thanks!

llazzaro avatar Nov 04 '19 15:11 llazzaro

Some issue with WPScan v. 3.7.5

geosphere avatar Dec 10 '19 15:12 geosphere

Can you try to output a json with wpscan and then upload it from the webui?

llazzaro avatar Jan 03 '20 01:01 llazzaro