Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [+] URL: http://www.bfp.com.ni/
- [+] Effective URL: https://www.bfp.com.ni/
- [+] Started: Wed Jan 16 07:21:43 2019
- Interesting Finding(s):
- [+] https://www.bfp.com.ni/
- | Interesting Entries:
- | - Server: Microsoft-IIS/8.5
- | - X-Powered-By: PHP/5.6.31
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://www.bfp.com.ni/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://www.bfp.com.ni/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] This site has 'Must Use Plugins': http://www.bfp.com.ni/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] WordPress version 4.9.9 identified.
- | Detected By: Rss Generator (Passive Detection)
- | - https://www.bfp.com.ni/feed/, <generator>https://wordpress.org/?v=4.9.9</generator>
- | - https://www.bfp.com.ni/comments/feed/, <generator>https://wordpress.org/?v=4.9.9</generator>
- [+] WordPress theme in use: jupiter
- | Location: http://www.bfp.com.ni/wp-content/themes/jupiter/
- | Style URL: http://www.bfp.com.ni/wp-content/themes/jupiter/style.css
- | Style Name: Jupiter
- | Style URI: http://demos.artbees.net/jupiter5
- | Description: A Beautiful, Professional and Ultimate Wordpress Theme Made by Artbees. Jupiter is a Clean, Flexible...
- | Author: Artbees
- | Author URI: http://themeforest.net/user/artbees
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 5.9.7 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://www.bfp.com.ni/wp-content/themes/jupiter/style.css, Match: 'Version: 5.9.7'
- [+] Enumerating All Plugins
- [+] Checking Plugin Versions
- [i] Plugin(s) Identified:
- [+] contact-form-7
- | Location: http://www.bfp.com.ni/wp-content/plugins/contact-form-7/
- | Last Updated: 2018-12-18T18:05:00.000Z
- | [!] The version is out of date, the latest version is 5.1.1
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 5.0.5 (100% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - https://www.bfp.com.ni/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
- | - https://www.bfp.com.ni/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
- | Confirmed By:
- | Readme - Stable Tag (Aggressive Detection)
- | - http://www.bfp.com.ni/wp-content/plugins/contact-form-7/readme.txt
- | Readme - ChangeLog Section (Aggressive Detection)
- | - http://www.bfp.com.ni/wp-content/plugins/contact-form-7/readme.txt
- [+] js_composer
- | Location: http://www.bfp.com.ni/wp-content/plugins/js_composer/
- |
- | Detected By: Meta Generator (Passive Detection)
- | Confirmed By: Body Tag (Passive Detection)
- |
- | Version: 5.2.1 (60% confidence)
- | Detected By: Body Tag (Passive Detection)
- | - https://www.bfp.com.ni/, Match: 'js-comp-ver-5.2.1'
- [+] js_composer_theme
- | Location: http://www.bfp.com.ni/wp-content/plugins/js_composer_theme/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] revslider
- | Location: http://www.bfp.com.ni/wp-content/plugins/revslider/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By:
- | Comment (Passive Detection)
- | Div Data Version (Passive Detection)
- | Meta Generator (Passive Detection)
- |
- | Version: 5.4.5.1 (100% confidence)
- | Detected By: Comment (Passive Detection)
- | - https://www.bfp.com.ni/, Match: 'START REVOLUTION SLIDER 5.4.5.1'
- | Confirmed By: Div Data Version (Passive Detection)
- | - https://www.bfp.com.ni/, Match: '5.4.5.1'
- [+] wordpress-seo
- | Location: http://www.bfp.com.ni/wp-content/plugins/wordpress-seo/
- | Last Updated: 2019-01-08T09:18:00.000Z
- | [!] The version is out of date, the latest version is 9.4
- |
- | Detected By: Comment (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: Yoast SEO <= 9.1 - Authenticated Race Condition
- | Fixed in: 9.2
- | References:
- | - https://wpvulndb.com/vulnerabilities/9150
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19370
- | - https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
- | - https://www.youtube.com/watch?v=nL141dcDGCY
- | - http://packetstormsecurity.com/files/150497/
- | - https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa
- |
- | Version: 9.1 (100% confidence)
- | Detected By: Comment (Passive Detection)
- | - https://www.bfp.com.ni/, Match: 'optimized with the Yoast SEO plugin v9.1 -'
- | Confirmed By:
- | Readme - Stable Tag (Aggressive Detection)
- | - http://www.bfp.com.ni/wp-content/plugins/wordpress-seo/readme.txt
- | Readme - ChangeLog Section (Aggressive Detection)
- | - http://www.bfp.com.ni/wp-content/plugins/wordpress-seo/readme.txt
- [+] Enumerating Config Backups
- Checking Config Backups - Time: 00:00:11 <===> (21 / 21) 100.00% Time: 00:00:11
- [i] No Config Backups Found.
- ///////////////////////////////////////////////////////////////////////////////////
- [i] User(s) Identified:
- [+] desarrollo-kakao-2
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] mercadeobfp
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] tiadmin
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] vuriesgo
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] karlagutierrez
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] jessicalopez
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- ////////////////////////////////////////////////////////////////////////////////////
- [+] Finished: Wed Jan 16 07:25:37 2019
- [+] Requests Done: 14
- [+] Memory used: 28.254 MB
- [+] Elapsed time: 00:01:12
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement