Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request: machine readable reporting mechanism #198

Closed
sempervictus opened this issue May 22, 2013 · 22 comments
Closed

Feature Request: machine readable reporting mechanism #198

sempervictus opened this issue May 22, 2013 · 22 comments
Milestone

Comments

@sempervictus
Copy link

@sempervictus sempervictus commented May 22, 2013

Wonderful tool guys, very useful to show clients the low hanging fruit of their developers labors... :)

Are there any plans to include output reporting to XML/JSON/SomeFormat?
The data collected could be very useful when imported into SIEMs or Metasploit.

We can already run wpscan through MSF a few ways:
Called from inside framework using PR 1723, the http proxy in 1831, or the good old socks proxy. Primarily these mechanisms increase our reach through L3 forwarding, but can also provide useful data for the pentest through request/response/service/host logging. Although we can now log all of the pages and associated response (and request) headers to the DB, it would be much more useful if we could also import vulnerability and informational data from the scan.

I can take a stab at doing this as a PR, but my schedule wont allow this for a while to come.

@fgeek
Copy link
Contributor

@fgeek fgeek commented May 22, 2013

I can help implementing this if there is not functionality already. What SIEM-product are you using? If it is open-source or there is good API I could figure out if there is a way to import scan results automatically.

@froschi
Copy link

@froschi froschi commented May 27, 2013

I came up with the same requirement only a couple of days ago - have a machine-parsable kind of output, ideally written to a filename I'd provide. JSON would be nice. Alternatively, I would take something like a --quiet switch which omits the banner and the progress bar. In particular, the progress bar. Emails from wpscan output piped into a text file are currently ... well, unreadable ;-)

For me, I do not need something piped into a SIEM directly. Just some structured output which allows for further processing afterwards. I don't have time to provide code, but I could probably come up with a rough and dirty spec for JSON output, if you'd like.

@kbron
Copy link

@kbron kbron commented Jul 23, 2013

i here looking for the same thing - a way to automatically send the output to the metasploit db, something like db_nmap but db_wpscan

thank you

@fgeek
Copy link
Contributor

@fgeek fgeek commented Jul 23, 2013

In my opinion we should make specs of the output reporting (fileformat, internals) and tools to use that format to cover different use cases (SIEM imports etc). Users could also make their own tools.

@yeukhon
Copy link

@yeukhon yeukhon commented Jan 3, 2014

This was in progress: #290
But the branch seems to be inactive at the moment. Any of you working on it?

@ethicalhack3r
Copy link
Member

@ethicalhack3r ethicalhack3r commented Oct 5, 2015

This has been implemented in WPScan v3 which is currently closed source while we finish some things off

@merlindorin
Copy link

@merlindorin merlindorin commented Oct 28, 2015

👍

@merlindorin
Copy link

@merlindorin merlindorin commented Dec 15, 2015

Do you have a release date for this issue? I'll be glad to move my output parser to something cleaner ^^

@markri
Copy link

@markri markri commented Dec 17, 2015

Also waiting for this. Also mailed ethicalhack3r with some suggestions for output, but never got a reply?

Meanwhile I was really in need for some automatic checking, so wrote a tiny script which helps me for now. @iam-merlin If you're willing to script all things together this might help you https://gist.github.com/markri/4dbc52e4e9d749875835#file-wpsecurity_filter

As referenced in https://markri.nl/?p=23

@merlindorin
Copy link

@merlindorin merlindorin commented Dec 17, 2015

@markri thank you for your feedback, big thank. I just move a part of my original code to a zf2 module for reference. If you are interesting : https://github.com/eoko/wpscan

As you can see, I just put port to zf2 some of my handler ... to replace them to a cleaner code that will come with this issue.

By the way, do you handle wpscan update? I didn't found --no-interactive flag :/

@theabraxas
Copy link

@theabraxas theabraxas commented Nov 21, 2016

Any further development on this?

@markri
Copy link

@markri markri commented Nov 21, 2016

@theabraxas I just received a ping about this issue. Although I like wpscan for being easy to use, I already moved away from wpscan, because its a blackbox sanner (which may give false positives, and generates lots of load on the server). Because of this I wrote a whitebox scanner and released it under http://wp-sec.org which has different output options including JSON. Maybe this can be of help?

@macbroadcast
Copy link

@macbroadcast macbroadcast commented Nov 21, 2016

Hello @markri , nice work , is it possible to check a remote WP site with wp-sec or just local installations ? thanks

@FireFart
Copy link
Member

@FireFart FireFart commented Nov 21, 2016

@macbroadcast the tool uses the local only way because that way it can detect all installed plugins. There are also several worpdress plugins available which check your site on a daily basis for new vulns and show a warning in the dashboard if any are found

@sempervictus
Copy link
Author

@sempervictus sempervictus commented Dec 12, 2016

I've addressed this in #1029, at least to the point of exporting everything printed to JSON. Enhancements and comments welcome...

@erwanlr
Copy link
Member

@erwanlr erwanlr commented Feb 3, 2017

Done in v3: https://github.com/wpscanteam/wpscan-v3

-f json
--format json

can be used along with --output/-o file-path

@erwanlr erwanlr closed this Feb 3, 2017
@merlindorin
Copy link

@merlindorin merlindorin commented Feb 3, 2017

offer a 🍺 to this man!
thx

@vikasprogrammer
Copy link

@vikasprogrammer vikasprogrammer commented Sep 11, 2017

Any updates on this?

@FireFart
Copy link
Member

@FireFart FireFart commented Sep 11, 2017

you can use wpscanv3 if you want machine readable output

@vikasprogrammer
Copy link

@vikasprogrammer vikasprogrammer commented Sep 11, 2017

Is it maintained similar to wpscan main repo?

@FireFart
Copy link
Member

@FireFart FireFart commented Sep 11, 2017

it uses the same vulnerability data but it's still in beta state

@vikasprogrammer
Copy link

@vikasprogrammer vikasprogrammer commented Sep 11, 2017

Sure, thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
You can’t perform that action at this time.