Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 3.8.4
- Sponsored by Automattic - https://automattic.com/
- @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
- _______________________________________________________________
- [+] URL: http://www.sindhwildlife.gov.pk/ [162.241.230.68]
- [+] Started: Sat Aug 22 05:36:35 2020
- Interesting Finding(s):
- [+] Headers
- | Interesting Entries:
- | - Server: Apache
- | - Upgrade: h2,h2c
- | - host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
- | - X-Endurance-Cache-Level: 2
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://www.sindhwildlife.gov.pk/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] XML-RPC seems to be enabled: http://www.sindhwildlife.gov.pk/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://www.sindhwildlife.gov.pk/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] This site has 'Must Use Plugins': http://www.sindhwildlife.gov.pk/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] Upload directory has listing enabled: http://www.sindhwildlife.gov.pk/wp-content/uploads/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] The external WP-Cron seems to be enabled: http://www.sindhwildlife.gov.pk/wp-cron.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 60%
- | References:
- | - https://www.iplocation.net/defend-wordpress-from-ddos
- | - https://github.com/wpscanteam/wpscan/issues/1299
- [+] WordPress version 5.3.2 identified (Insecure, released on 2019-12-18).
- | Found By: Rss Generator (Passive Detection)
- | - http://www.sindhwildlife.gov.pk/feed/, <generator>https://wordpress.org/?v=5.3.2</generator>
- | - http://www.sindhwildlife.gov.pk/comments/feed/, <generator>https://wordpress.org/?v=5.3.2</generator>
- [+] WordPress theme in use: twentytwenty
- | Location: http://www.sindhwildlife.gov.pk/wp-content/themes/twentytwenty/
- | Last Updated: 2020-08-11T00:00:00.000Z
- | Readme: http://www.sindhwildlife.gov.pk/wp-content/themes/twentytwenty/readme.txt
- | [!] The version is out of date, the latest version is 1.5
- | Style URL: http://www.sindhwildlife.gov.pk/wp-content/themes/twentytwenty/style.css?ver=1.0
- | Style Name: Twenty Twenty
- | Style URI: https://wordpress.org/themes/twentytwenty/
- | Description: Our default theme for 2020 is designed to take full advantage of the flexibility of the block editor...
- | Author: the WordPress team
- | Author URI: https://wordpress.org/
- |
- | Found By: Css Style In 404 Page (Passive Detection)
- |
- | Version: 1.0 (80% confidence)
- | Found By: Style (Passive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/themes/twentytwenty/style.css?ver=1.0, Match: 'Version: 1.0'
- [+] Enumerating All Plugins (via Passive Methods)
- [+] Checking Plugin Versions (via Passive and Aggressive Methods)
- [i] Plugin(s) Identified:
- [+] addon-elements-for-elementor-page-builder
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/addon-elements-for-elementor-page-builder/
- | Latest Version: 1.6.4
- | Last Updated: 2020-04-28T06:36:00.000Z
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] bdthemes-element-pack-lite
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/bdthemes-element-pack-lite/
- | Latest Version: 2.2.0
- | Last Updated: 2020-08-14T07:03:00.000Z
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] contact-form-7
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/contact-form-7/
- | Last Updated: 2020-08-05T20:53:00.000Z
- | [!] The version is out of date, the latest version is 5.2.1
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | Version: 5.1.6 (10% confidence)
- | Found By: Query Parameter (Passive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
- [+] elementor
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/elementor/
- | Last Updated: 2020-07-21T14:07:00.000Z
- | [!] The version is out of date, the latest version is 2.9.14
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | Version: 2.8.2 (100% confidence)
- | Found By: Query Parameter (Passive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.8.2
- | Confirmed By:
- | Javascript Comment (Aggressive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/elementor/assets/js/admin-feedback.js, Match: 'elementor - v2.8.2'
- | Style Comment (Aggressive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/elementor/assets/css/admin.min.css, Match: 'elementor - v2.8.2'
- [+] elementskit-lite
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/elementskit-lite/
- | Latest Version: 1.5.10
- | Last Updated: 2020-08-12T06:59:00.000Z
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] header-footer-elementor
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/header-footer-elementor/
- | Latest Version: 1.5.3
- | Last Updated: 2020-08-13T10:20:00.000Z
- |
- | Found By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] jetsticky-for-elementor
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/jetsticky-for-elementor/
- | Latest Version: 1.0.1
- | Last Updated: 2019-08-29T14:34:00.000Z
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] pt-elementor-addons-lite
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/pt-elementor-addons-lite/
- | Latest Version: 1.4.3
- | Last Updated: 2020-03-02T10:21:00.000Z
- |
- | Found By: Urls In Homepage (Passive Detection)
- | Confirmed By: Urls In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] smooth-back-to-top-button
- | Location: http://www.sindhwildlife.gov.pk/wp-content/plugins/smooth-back-to-top-button/
- | Last Updated: 2020-05-22T06:13:00.000Z
- | [!] The version is out of date, the latest version is 1.0.2
- |
- | Found By: Urls In 404 Page (Passive Detection)
- |
- | Version: 1.0.1 (30% confidence)
- | Found By: Query Parameter (Passive Detection)
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/smooth-back-to-top-button/assets/css/sbttb-fonts.css?ver=1.0.1
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/smooth-back-to-top-button/assets/css/smooth-back-to-top-button.css?ver=1.0.1
- | - http://www.sindhwildlife.gov.pk/wp-content/plugins/smooth-back-to-top-button/assets/js/smooth-back-to-top-button.js?ver=1.0.1
- [+] Enumerating Config Backups (via Passive and Aggressive Methods)
- Checking Config Backups - Time: 00:00:00 <> (0 / 21) 0.00% ET Checking Config Backups - Time: 00:00:00 <> (1 / 21) 4.76% ET Checking Config Backups - Time: 00:00:00 <> (3 / 21) 14.28% ET Checking Config Backups - Time: 00:00:00 <> (4 / 21) 19.04% ET Checking Config Backups - Time: 00:00:00 <> (5 / 21) 23.80% ET Checking Config Backups - Time: 00:00:00 <> (6 / 21) 28.57% ET Checking Config Backups - Time: 00:00:00 <> (7 / 21) 33.33% ET Checking Config Backups - Time: 00:00:01 <> (9 / 21) 42.85% ET Checking Config Backups - Time: 00:00:01 <> (10 / 21) 47.61% E Checking Config Backups - Time: 00:00:01 <> (11 / 21) 52.38% E Checking Config Backups - Time: 00:00:01 <> (12 / 21) 57.14% E Checking Config Backups - Time: 00:00:01 <> (13 / 21) 61.90% E Checking Config Backups - Time: 00:00:01 <> (14 / 21) 66.66% E Checking Config Backups - Time: 00:00:01 <> (15 / 21) 71.42% E Checking Config Backups - Time: 00:00:02 <> (17 / 21) 80.95% E Checking Config Backups - Time: 00:00:03 <> (18 / 21) 85.71% E Checking Config Backups - Time: 00:00:03 <> (19 / 21) 90.47% E Checking Config Backups - Time: 00:00:03 <> (20 / 21) 95.23% E Checking Config Backups - Time: 00:00:04 <> (21 / 21) 100.00% Time: 00:00:04
- [i] No Config Backups Found.
- [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
- [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
- [+] Finished: Sat Aug 22 05:37:24 2020
- [+] Requests Done: 72
- [+] Cached Requests: 6
- [+] Data Sent: 22.2 KB
- [+] Data Received: 705.86 KB
- [+] Memory used: 180.305 MB
- [+] Elapsed time: 00:00:48
Add Comment
Please, Sign In to add comment