WordPress.org

Make WordPress Core

Opened 10 months ago

Closed 10 months ago

Last modified 10 months ago

#46270 closed defect (bug) (invalid)

Wrong number detection if redirection WPscan

Reported by: enderphan Owned by:
Milestone: Priority: normal
Severity: major Version:
Component: General Keywords:
Focuses: Cc:
PR Number:

Description

Webstie: www.quanta.im

Command line:

sudo wpscan --url quanta.im

Issue: Different answer for redirection gives different output

It asks for redirection: [Yes] answer

[i] The remote host tried to redirect to: https://www.quanta.im/
? Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] Y
[+] WordPress version 4.9.8 identified from advanced fingerprinting (Released on 2018-08-02)
[!] 7 vulnerabilities identified from the version number

It asks for redirection: [No] answer

[i] The remote host tried to redirect to: https://www.quanta.im/
? Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]N
[+] URL: http://quanta.im/
[+] Started: Mon Feb 18 11:49:26 2019
[+] Interesting header: CF-RAY: 4aadde046bc4a356-HKG
[+] Interesting header: SERVER: cloudflare
[+] WordPress version 5.0.3 identified from meta generator (Released on 2019-01-09)

Change History (2)

#1 follow-up: @Clorith
10 months ago

  • Component changed from Build/Test Tools to General
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Hi there, and welcome to WordPress trac!

This issue tracker is intended for bugs and enhancements to the core WordPress software, while WPScan is a third party tool, so we can't really help you with it here. It looks to be maintained on Github at https://github.com/wpscanteam/wpscan so they may be able to help you there, remember to search in case the issue you are experiencing has been covered before by someone though!

#2 in reply to: ↑ 1 @enderphan
10 months ago

Thanks so much. I've navigated my answer to the correct place. :)

Hi there, and welcome to WordPress trac!

This issue tracker is intended for bugs and enhancements to the core WordPress software, while WPScan is a third party tool, so we can't really help you with it here. It looks to be maintained on Github at https://github.com/wpscanteam/wpscan so they may be able to help you there, remember to search in case the issue you are experiencing has been covered before by someone though!

Note: See TracTickets for help on using tickets.