-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
False Negative #1833
Comments
I have tested wpscan with a few different websites now on kali OS and on ParrotOS and on every occasion it has told me that the website is not running wordpress even though I can confirm that it does |
Can you reproduce this issue with some other website that is no the website you have been bug bountied? Have you tried |
I figured it out, it is working fine now, I haven't tried stealthy, I think the user agent could have possibly been the issue, I will let you know if it happens again.
…________________________________
From: Akira Taguchi ***@***.***>
Sent: Monday, May 6, 2024 8:48 AM
To: wpscanteam/wpscan ***@***.***>
Cc: MartinDeBeer ***@***.***>; Author ***@***.***>
Subject: Re: [wpscanteam/wpscan] False Negative (Issue #1833)
Can you reproduce this issue with some other website that is no the website you have been bug bountied? Have you tried --stealthy?
—
Reply to this email directly, view it on GitHub<#1833 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ATARRCY34TAG6X5CFQZQVGTZA4RSXAVCNFSM6AAAAABE4OT6DWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOJVGMYDAMZQHE>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Good to hear you got your issue solved! Could you close this issue? Thanks again for taking the time to report this issue <3 |
Before submitting an issue, please make sure you fully read any potential error messages output and did some research on your own.
Subject of the issue
I just tried to scan a website for a bug bounty, but it keeps telling me that the site is not written in WordPress even though I can see that it is by going into the source code.
Your environment
Current Version: 3.8.25
ruby 3.1.2p20
kali OS
Steps to reproduce
website
website
--force -e vp,vt,cb,dbe it with --wp-content-dir, use the --scope option or make sure the --urlwebsite
--force -e vp,vt,cb,dbe --wp-content-dirwebsite
/wp-contentExpected behavior
There are at least 2 of the plugins that I checked on the wpscan website if they are vulnerable and the website said they are
Actual behavior
Scan Aborted: The remote website is up, but does not seem to be running WordPress.
Scan Aborted: Unable to identify the wp-content dir, please supply value given is the correct one
Could not detect version, no plugins found, no themes found, no config backups found and no DB exports found
What have you already tried
Tell us what you have already tried to do to fix the issue you are having.
Things you have tried (where relevant):
The text was updated successfully, but these errors were encountered: