memory_usage fails on windows devices since it uses "ps" - A Linux / Mac command

[Reelix]

Line of code: https://github.com/wpscanteam/CMSScanner/blob/master/lib/cms_scanner/helper.rb#L11

Might want an OS-neutral, language-specific method of getting the processes memory usage.

[erwanlr]

Unfortunately, there is no OS-neutral way to get that as far as I know. If you do, feel free to share/send PR.

[erwanlr]

v0.6.1 released.

Could you please try it ?

All you have to do is update the CMSScanner gem with gem update cms_scanner, then run wpscan as usual

[Reelix]

Using CMSScanner with WPScan

Without sys-proctable

Error message is there telling the user what to do, but very messily.

After sys-proctable gem installation

It doesn't seem to like

ruby\gems\2.6.0\gems\sys-proctable-1.2.2\lib\windows\sys\proctable.rb

Line 95

def self.ps(**kwargs)	

Being called with the pid

If you change

ruby\gems\2.6.0\gems\get_process_mem-0.2.4\lib\get_process_mem.rb

Line 113

From

size = ProcTable.ps(pid).working_set_size

To

size = ProcTable.ps(pid: pid).working_set_size

It's happy.

This seems to be an issue with the third party gem files though.

Note that it seems to be fixed on the authors github over at

https://github.com/schneems/get_process_mem/blob/master/lib/get_process_mem.rb

Although their latest v0.2.4 release does not include the fix.

[erwanlr]

Unless you installed CMSScanner, and then uninstalled sys-proctable, the first scenario should not occur as the sys-proctable should be installed along with CMSScanner (https://github.com/wpscanteam/CMSScanner/blob/master/cms_scanner.gemspec#L32)

I've opened an issue related to the second one: zombocom/get_process_mem#38

[Reelix]

Unless you installed CMSScanner, and then uninstalled sys-proctable, the first scenario should not occur as the sys-proctable should be installed along with CMSScanner

It seems as though it should, but if I go

gem uninstall sys-proctable
gem uninstall cms_scanner (Accept prompt)
gem install cms_scanner
wpscan

It still throws the error. Hopefully just a weird caching issue my side. Guess we wait for schneems now :)

[erwanlr]

That's weird then, if I remove the ffi and cms_scanner then install cms_scanner, ffi will be fetched and installed (as I am not on a windows platform)

$ gem install cms_scanner
Fetching ffi-1.11.1.gem
Fetching cms_scanner-0.6.1.gem
Building native extensions. This could take a while...
Successfully installed ffi-1.11.1
Successfully installed cms_scanner-0.6.1
2 gems installed

Could be caching issue, or Gem.win_platform? returning false for some reason ?. If you have the Interactive Ruby Shell (type irb in a terminal), could you run Gem.win_platform? and RUBY_PLATFORM.downcase please ?

Here is an example on MacOSX:

$ irb
2.6.5 :001 > Gem.win_platform?
 => false
2.6.5 :002 > RUBY_PLATFORM.downcase
 => "x86_64-darwin18"

[Reelix]

The result - Only cms_scanner gets installed

[erwanlr]

Still no news from get_process_mem so I've updated the dependencies to include the correct version of sys-proctable (1.1.5), which is also now installed regardless of the OS (that will save the trouble of Windows users to have to install it manually).

However, as the 1.1.5 is quite old (from 2017), I hope it will work.

I've released v0.6.2, could you please try like last time ? (just update the cms_scanner gem and run wpscan as usual

[Reelix]

Not happy about something

I should probably point out that the small change I made in #115 was based off get_process_mem including only the necessary code to get things working :p

[erwanlr]

I just installed Ruby (2.6.5) on a Windows7 via https://rubyinstaller.org/downloads/, then installed wpscan and it worked:

The error you have is weird, as it means that the pid given (which is by default Process.pid) is not a Numeric (such as Integer etc):

• https://github.com/djberg96/sys-proctable/blob/sys-proctable-1.1.5/lib/windows/sys/proctable.rb#L96
• https://github.com/schneems/get_process_mem/blob/5825b19bf082411e87b03a6a1c5c7bc2fb9996c2/lib/get_process_mem.rb#L48

So I wonder how previous stuff worked somehow where this error should have come up.

Even though #115 seemed to work for you (which, based on the above error, should not), it was not considering Linux method to get the memory via /proc/, as well as mixing stuff up (gem requirement, platform and loading error in a ruby file)

[Reelix]

After mass uninstalling all the dependencies and wpscan itself then reinstalling wpscan, it does indeed seem that the latest commit did indeed solve the issue! Congrats :D

[erwanlr]

Thank you for confirming! that's awesome :)