SHARE
TWEET

Untitled

a guest Jan 16th, 2019 70 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [+] URL: http://www.ibw.com.ni/
  2. [+] Started: Wed Jan 16 07:16:14 2019
  3.  
  4. Interesting Finding(s):
  5.  
  6. [+] http://www.ibw.com.ni/
  7.  | Interesting Entry: Server: Apache
  8.  | Found By: Headers (Passive Detection)
  9.  | Confidence: 100%
  10.  
  11. [+] http://www.ibw.com.ni/robots.txt
  12.  | Interesting Entries:
  13.  |  - /old-site
  14.  |  - /css
  15.  |  - /cgi-bin
  16.  |  - /cal
  17.  |  - /wp-admin/
  18.  |  - /wp-admin/admin-ajax.php
  19.  |  - /category/
  20.  |  - /wp-content/*.js
  21.  |  - /wp-content/*.css
  22.  |  - /wp-includes/*.js
  23.  |  - /wp-includes/*.css
  24.  |  - /wp-content/plugins/
  25.  |  - /wp-content/themes/
  26.  |  - /wp-includes/
  27.  |  - /*/attachment/
  28.  |  - /tag/*/page/
  29.  |  - /tag/*/feed/
  30.  |  - /comments/
  31.  |  - /xmlrpc.php
  32.  |  - /?attachment_id*
  33.  |  - /thank/
  34.  |  - /thank-you/
  35.  | Found By: Robots Txt (Aggressive Detection)
  36.  | Confidence: 100%
  37.  
  38. [+] http://www.ibw.com.ni/xmlrpc.php
  39.  | Found By: Link Tag (Passive Detection)
  40.  | Confidence: 30%
  41.  | References:
  42.  |  - http://codex.wordpress.org/XML-RPC_Pingback_API
  43.  |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  44.  |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  45.  |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  46.  |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  47.  
  48. [+] This site has 'Must Use Plugins': http://www.ibw.com.ni/wp-content/mu-plugins/
  49.  | Found By: Direct Access (Aggressive Detection)
  50.  | Confidence: 80%
  51.  | Reference: http://codex.wordpress.org/Must_Use_Plugins
  52.  
  53. [+] WordPress version 4.8.1 identified.
  54.  | Detected By: Rss Generator (Aggressive Detection)
  55.  |  - http://www.ibw.com.ni/feed/, <generator>https://wordpress.org/?v=4.8.1</generator>
  56.  |  - http://www.ibw.com.ni/comments/feed/, <generator>https://wordpress.org/?v=4.8.1</generator>
  57.  |
  58.  | [!] 25 vulnerabilities identified:
  59.  |
  60.  | [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
  61.  |     Fixed in: 4.8.2
  62.  |     References:
  63.  |      - https://wpvulndb.com/vulnerabilities/8905
  64.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  65.  |      - https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
  66.  |      - https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
  67.  |
  68.  | [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
  69.  |     Fixed in: 4.8.2
  70.  |     References:
  71.  |      - https://wpvulndb.com/vulnerabilities/8910
  72.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
  73.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  74.  |      - https://core.trac.wordpress.org/changeset/41398
  75.  |
  76.  | [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
  77.  |     Fixed in: 4.8.2
  78.  |     References:
  79.  |      - https://wpvulndb.com/vulnerabilities/8911
  80.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
  81.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  82.  |      - https://core.trac.wordpress.org/changeset/41457
  83.  |
  84.  | [!] Title: WordPress 4.4-4.8.1 - Path Traversal in Customizer
  85.  |     Fixed in: 4.8.2
  86.  |     References:
  87.  |      - https://wpvulndb.com/vulnerabilities/8912
  88.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14722
  89.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  90.  |      - https://core.trac.wordpress.org/changeset/41397
  91.  |
  92.  | [!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
  93.  |     Fixed in: 4.8.2
  94.  |     References:
  95.  |      - https://wpvulndb.com/vulnerabilities/8913
  96.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
  97.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  98.  |      - https://core.trac.wordpress.org/changeset/41448
  99.  |
  100.  | [!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
  101.  |     Fixed in: 4.8.2
  102.  |     References:
  103.  |      - https://wpvulndb.com/vulnerabilities/8914
  104.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
  105.  |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  106.  |      - https://core.trac.wordpress.org/changeset/41395
  107.  |      - https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
  108.  |
  109.  | [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
  110.  |     References:
  111.  |      - https://wpvulndb.com/vulnerabilities/8807
  112.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
  113.  |      - https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
  114.  |      - http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
  115.  |      - https://core.trac.wordpress.org/ticket/25239
  116.  |
  117.  | [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
  118.  |     Fixed in: 4.8.3
  119.  |     References:
  120.  |      - https://wpvulndb.com/vulnerabilities/8941
  121.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
  122.  |      - https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
  123.  |      - https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
  124.  |      - https://twitter.com/ircmaxell/status/923662170092638208
  125.  |      - https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
  126.  |
  127.  | [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
  128.  |     Fixed in: 4.8.4
  129.  |     References:
  130.  |      - https://wpvulndb.com/vulnerabilities/8966
  131.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
  132.  |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  133.  |      - https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
  134.  |
  135.  | [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
  136.  |     Fixed in: 4.8.4
  137.  |     References:
  138.  |      - https://wpvulndb.com/vulnerabilities/8967
  139.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
  140.  |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  141.  |      - https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
  142.  |
  143.  | [!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
  144.  |     Fixed in: 4.8.4
  145.  |     References:
  146.  |      - https://wpvulndb.com/vulnerabilities/8968
  147.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
  148.  |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  149.  |      - https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
  150.  |
  151.  | [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
  152.  |     Fixed in: 4.8.4
  153.  |     References:
  154.  |      - https://wpvulndb.com/vulnerabilities/8969
  155.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
  156.  |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  157.  |      - https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
  158.  |
  159.  | [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
  160.  |     Fixed in: 4.8.5
  161.  |     References:
  162.  |      - https://wpvulndb.com/vulnerabilities/9006
  163.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
  164.  |      - https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
  165.  |      - https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
  166.  |      - https://core.trac.wordpress.org/ticket/42720
  167.  |
  168.  | [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
  169.  |     References:
  170.  |      - https://wpvulndb.com/vulnerabilities/9021
  171.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
  172.  |      - https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
  173.  |      - https://github.com/quitten/doser.py
  174.  |      - https://thehackernews.com/2018/02/wordpress-dos-exploit.html
  175.  |
  176.  | [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
  177.  |     Fixed in: 4.8.6
  178.  |     References:
  179.  |      - https://wpvulndb.com/vulnerabilities/9053
  180.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
  181.  |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  182.  |      - https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
  183.  |
  184.  | [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
  185.  |     Fixed in: 4.8.6
  186.  |     References:
  187.  |      - https://wpvulndb.com/vulnerabilities/9054
  188.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
  189.  |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  190.  |      - https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
  191.  |
  192.  | [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
  193.  |     Fixed in: 4.8.6
  194.  |     References:
  195.  |      - https://wpvulndb.com/vulnerabilities/9055
  196.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
  197.  |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  198.  |      - https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
  199.  |
  200.  | [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
  201.  |     Fixed in: 4.8.7
  202.  |     References:
  203.  |      - https://wpvulndb.com/vulnerabilities/9100
  204.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
  205.  |      - https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
  206.  |      - http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
  207.  |      - https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
  208.  |      - https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
  209.  |      - https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
  210.  |
  211.  | [!] Title: WordPress <= 5.0 - Authenticated File Delete
  212.  |     Fixed in: 4.8.8
  213.  |     References:
  214.  |      - https://wpvulndb.com/vulnerabilities/9169
  215.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  216.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  217.  |
  218.  | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  219.  |     Fixed in: 4.8.8
  220.  |     References:
  221.  |      - https://wpvulndb.com/vulnerabilities/9170
  222.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  223.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  224.  |      - https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  225.  |
  226.  | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  227.  |     Fixed in: 4.8.8
  228.  |     References:
  229.  |      - https://wpvulndb.com/vulnerabilities/9171
  230.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  231.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  232.  |
  233.  | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  234.  |     Fixed in: 4.8.8
  235.  |     References:
  236.  |      - https://wpvulndb.com/vulnerabilities/9172
  237.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  238.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  239.  |
  240.  | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  241.  |     Fixed in: 4.8.8
  242.  |     References:
  243.  |      - https://wpvulndb.com/vulnerabilities/9173
  244.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  245.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  246.  |      - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  247.  |
  248.  | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  249.  |     Fixed in: 4.8.8
  250.  |     References:
  251.  |      - https://wpvulndb.com/vulnerabilities/9174
  252.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  253.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  254.  |
  255.  | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  256.  |     Fixed in: 4.8.8
  257.  |     References:
  258.  |      - https://wpvulndb.com/vulnerabilities/9175
  259.  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  260.  |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  261.  |      - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
  262.  
  263. [+] WordPress theme in use: structure
  264.  | Location: http://www.ibw.com.ni/wp-content/themes/structure/
  265.  | Style URL: http://www.ibw.com.ni/wp-content/themes/structure/style.css
  266.  | Style Name: IBW
  267.  | Style URI: http://structure.thememove.com
  268.  | Description: The best construction WordPress theme...
  269.  | Author: ThemeMove Team
  270.  | Author URI: http://thememove.com
  271.  |
  272.  | Detected By: Css Style (Passive Detection)
  273.  | Confirmed By: Urls In Homepage (Passive Detection)
  274.  |
  275.  | Version: 4.0 (80% confidence)
  276.  | Detected By: Style (Passive Detection)
  277.  |  - http://www.ibw.com.ni/wp-content/themes/structure/style.css, Match: 'Version: 4.0'
  278.  
  279. [+] Enumerating All Plugins
  280. [+] Checking Plugin Versions
  281.  
  282. [i] Plugin(s) Identified:
  283.  
  284. [+] contact-form-7
  285.  | Location: http://www.ibw.com.ni/wp-content/plugins/contact-form-7/
  286.  | Last Updated: 2018-12-18T18:05:00.000Z
  287.  | [!] The version is out of date, the latest version is 5.1.1
  288.  |
  289.  | Detected By: Urls In Homepage (Passive Detection)
  290.  |
  291.  | [!] 1 vulnerability identified:
  292.  |
  293.  | [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
  294.  |     Fixed in: 5.0.4
  295.  |     References:
  296.  |      - https://wpvulndb.com/vulnerabilities/9127
  297.  |      - https://contactform7.com/2018/09/04/contact-form-7-504/
  298.  |      - https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
  299.  |      - https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
  300.  |      - https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
  301.  |      - https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
  302.  |      - https://www.ripstech.com/php-security-calendar-2018/#day-18
  303.  |
  304.  | Version: 5.0.2 (100% confidence)
  305.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  306.  |  - http://www.ibw.com.ni/wp-content/plugins/contact-form-7/readme.txt
  307.  | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  308.  |  - http://www.ibw.com.ni/wp-content/plugins/contact-form-7/readme.txt
  309.  
  310. [+] essential-grid
  311.  | Location: http://www.ibw.com.ni/wp-content/plugins/essential-grid/
  312.  |
  313.  | Detected By: Urls In Homepage (Passive Detection)
  314.  |
  315.  | The version could not be determined.
  316.  
  317. [+] js_composer
  318.  | Location: http://www.ibw.com.ni/wp-content/plugins/js_composer/
  319.  |
  320.  | Detected By: Urls In Homepage (Passive Detection)
  321.  | Confirmed By:
  322.  |  Meta Generator (Passive Detection)
  323.  |  Body Tag (Passive Detection)
  324.  |
  325.  | Version: 4.12 (60% confidence)
  326.  | Detected By: Body Tag (Passive Detection)
  327.  |  - http://www.ibw.com.ni/, Match: 'js-comp-ver-4.12'
  328.  
  329. [+] mailchimp-for-wp
  330.  | Location: http://www.ibw.com.ni/wp-content/plugins/mailchimp-for-wp/
  331.  | Last Updated: 2018-12-31T10:01:00.000Z
  332.  | [!] The version is out of date, the latest version is 4.3.3
  333.  |
  334.  | Detected By: Urls In Homepage (Passive Detection)
  335.  |
  336.  | [!] 1 vulnerability identified:
  337.  |
  338.  | [!] Title: MailChimp for WordPress <= 4.1.6 - Authenticated Cross-Site Scripting (XSS)
  339.  |     Fixed in: 4.1.7
  340.  |     References:
  341.  |      - https://wpvulndb.com/vulnerabilities/9026
  342.  |      - https://plugins.trac.wordpress.org/changeset/1726656/mailchimp-for-wp
  343.  |      - https://www.ripstech.com/php-security-calendar-2018/#day-12
  344.  |
  345.  | Version: 4.1.6 (100% confidence)
  346.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  347.  |  - http://www.ibw.com.ni/wp-content/plugins/mailchimp-for-wp/readme.txt
  348.  | Confirmed By: Change Log (Aggressive Detection)
  349.  |  - http://www.ibw.com.ni/wp-content/plugins/mailchimp-for-wp/CHANGELOG.md, Match: '#### 4.1.6 - July 31, 2017'
  350.  
  351. [+] mobile-menu
  352.  | Location: http://www.ibw.com.ni/wp-content/plugins/mobile-menu/
  353.  | Last Updated: 2019-01-06T17:14:00.000Z
  354.  | [!] The version is out of date, the latest version is 2.7.2
  355.  |
  356.  | Detected By: Urls In Homepage (Passive Detection)
  357.  |
  358.  | Version: 2.4 (100% confidence)
  359.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  360.  |  - http://www.ibw.com.ni/wp-content/plugins/mobile-menu/readme.txt
  361.  | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  362.  |  - http://www.ibw.com.ni/wp-content/plugins/mobile-menu/readme.txt
  363.  
  364. [+] optin-forms
  365.  | Location: http://www.ibw.com.ni/wp-content/plugins/optin-forms/
  366.  | Last Updated: 2019-01-02T20:32:00.000Z
  367.  | [!] The version is out of date, the latest version is 1.2.9.1
  368.  |
  369.  | Detected By: Urls In Homepage (Passive Detection)
  370.  |
  371.  | Version: 1.2.8.3 (100% confidence)
  372.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  373.  |  - http://www.ibw.com.ni/wp-content/plugins/optin-forms/readme.txt
  374.  | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  375.  |  - http://www.ibw.com.ni/wp-content/plugins/optin-forms/readme.txt
  376.  
  377. [+] revslider
  378.  | Location: http://www.ibw.com.ni/wp-content/plugins/revslider/
  379.  |
  380.  | Detected By: Urls In Homepage (Passive Detection)
  381.  | Confirmed By:
  382.  |  Div Data Version (Passive Detection)
  383.  |  Meta Generator (Passive Detection)
  384.  |
  385.  | Version: 5.4.8 (100% confidence)
  386.  | Detected By: Div Data Version (Passive Detection)
  387.  |  - http://www.ibw.com.ni/, Match: '5.4.8'
  388.  | Confirmed By: Meta Generator (Passive Detection)
  389.  |  - http://www.ibw.com.ni/, Match: 'Powered by Slider Revolution 5.4.8'
  390.  
  391. [+] wp-google-map-gold
  392.  | Location: http://www.ibw.com.ni/wp-content/plugins/wp-google-map-gold/
  393.  |
  394.  | Detected By: Urls In Homepage (Passive Detection)
  395.  |
  396.  | The version could not be determined.
  397.  
  398. [+] wp-job-manager
  399.  | Location: http://www.ibw.com.ni/wp-content/plugins/wp-job-manager/
  400.  | Last Updated: 2018-12-10T09:14:00.000Z
  401.  | [!] The version is out of date, the latest version is 1.31.3
  402.  |
  403.  | Detected By: Urls In Homepage (Passive Detection)
  404.  |
  405.  | [!] 2 vulnerabilities identified:
  406.  |
  407.  | [!] Title: WP Job Manager <= 1.29.2 - Unauthenticated Object Injection
  408.  |     Fixed in: 1.29.3
  409.  |     References:
  410.  |      - https://wpvulndb.com/vulnerabilities/9042
  411.  |      - https://medium.com/websec/wp-job-manager-1-29-2-preauth-poi-unserialize-of-user-supplied-data-d90eafa6923b
  412.  |      - https://github.com/Automattic/WP-Job-Manager/commit/e599ba5dbd96d8eea24ff33c4f0b71879b0a57d5#diff-580ccc67d45d3769b54696bca2beb42b
  413.  |      - https://medium.com/websec/wordpress-4-8-3-wrecking-ball-b172e2511fad
  414.  |      - https://hackerone.com/reports/308489
  415.  |
  416.  | [!] Title: WP Job Manager <= 1.31.2 - Phar Deserialization
  417.  |     Fixed in: 1.31.3
  418.  |     References:
  419.  |      - https://wpvulndb.com/vulnerabilities/9193
  420.  |      - https://www.ripstech.com/php-security-calendar-2018/#Day21
  421.  |
  422.  | Version: 1.28.0 (100% confidence)
  423.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  424.  |  - http://www.ibw.com.ni/wp-content/plugins/wp-job-manager/readme.txt
  425.  | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  426.  |  - http://www.ibw.com.ni/wp-content/plugins/wp-job-manager/readme.txt
  427.  
  428. [+] wp-notification-bars
  429.  | Location: http://www.ibw.com.ni/wp-content/plugins/wp-notification-bars/
  430.  | Last Updated: 2018-12-04T09:18:00.000Z
  431.  | [!] The version is out of date, the latest version is 1.0.5
  432.  |
  433.  | Detected By: Urls In Homepage (Passive Detection)
  434.  |
  435.  | Version: 1.0.2 (100% confidence)
  436.  | Detected By: Readme - Stable Tag (Aggressive Detection)
  437.  |  - http://www.ibw.com.ni/wp-content/plugins/wp-notification-bars/readme.txt
  438.  | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  439.  |  - http://www.ibw.com.ni/wp-content/plugins/wp-notification-bars/readme.txt
  440.  
  441. [+] Enumerating Config Backups
  442.  Checking Config Backups - Time: 00:00:19 <=================================================================================================================> (21 / 21) 100.00% Time: 00:00:19
  443.  
  444. [i] No Config Backups Found.
  445. ///////////////////////////////////////////////////////////////////////////
  446. [i] User(s) Identified:
  447.  
  448. [+] admin
  449.  | Detected By: Wp Json Api (Aggressive Detection)
  450.  |  - http://www.ibw.com.ni/wp-json/wp/v2/users/
  451.  | Confirmed By:
  452.  |  Oembed API - Author URL (Aggressive Detection)
  453.  |   - http://www.ibw.com.ni/wp-json/oembed/1.0/embed?url=http://www.ibw.com.ni/&format=json
  454.  |  Author Id Brute Forcing - Author Pattern (Aggressive Detection)
  455.  
  456. [+] tfmadmin
  457.  | Detected By: Wp Json Api (Aggressive Detection)
  458.  |  - http://www.ibw.com.ni/wp-json/wp/v2/users/
  459.  | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
  460.  
  461. [+] ibwnicaragua2017
  462.  | Detected By: Wp Json Api (Aggressive Detection)
  463.  |  - http://www.ibw.com.ni/wp-json/wp/v2/users/
  464.  | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
  465.  
  466. [+] robertoblandino
  467.  | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
  468. /////////////////////////////////////////////////////////////////////////////////
  469. [+] Finished: Wed Jan 16 07:19:02 2019
  470. [+] Requests Done: 17
  471. [+] Memory used: 27.164 MB
  472. [+] Elapsed time: 00:00:17
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top