Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@kali:~# wpscan --url https://www.nordfront.dk --enumerate u
- _______________________________________________________________
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 3.7.5
- Sponsored by Automattic - https://automattic.com/
- @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
- _______________________________________________________________
- [+] URL: https://www.nordfront.dk/
- [+] Started: Tue Jan 21 12:49:47 2020
- Interesting Finding(s):
- [+] https://www.nordfront.dk/
- | Interesting Entries:
- | - cf-cache-status: DYNAMIC
- | - expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
- | - server: cloudflare
- | - cf-ray: 558b206a6b9ddc4b-LHR
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] https://www.nordfront.dk/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] https://www.nordfront.dk/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] https://www.nordfront.dk/wp-cron.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 60%
- | References:
- | - https://www.iplocation.net/defend-wordpress-from-ddos
- | - https://github.com/wpscanteam/wpscan/issues/1299
- [+] WordPress version 4.9.3 identified (Insecure, released on 2018-02-05).
- | Found By: Rss Generator (Passive Detection)
- | - https://www.nordfront.dk/feed/, <generator>https://wordpress.org/?v=4.9.3</generator>
- | Confirmed By: Emoji Settings (Passive Detection)
- | - https://www.nordfront.dk/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.9.3'
- [+] WordPress theme in use: nordfront2
- | Location: https://www.nordfront.dk/wp-content/themes/nordfront2/
- | Style URL: https://www.nordfront.dk/wp-content/themes/nordfront2/style.css
- |
- | Found By: Css Style In Homepage (Passive Detection)
- | Confirmed By: Css Style In 404 Page (Passive Detection)
- |
- | The version could not be determined.
- [+] Enumerating Users (via Passive and Aggressive Methods)
- Brute Forcing Author IDs - Time: 00:00:07 <=================> (10 / 10) 100.00% Time: 00:00:07
- [i] User(s) Identified:
- [+] Redaktionen
- | Found By: Rss Generator (Passive Detection)
- [+] anders-dahl
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By: Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- [+] fredrik-vejdeland
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] guestwriter
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By: Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- [+] haakon-forwald
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] henrik-jarsbo
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- [+] jacob-dk
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- [+] klas-lund
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] paulina-forslund
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] redaktionen
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] robert-eklund
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] simon-lindberg
- | Found By: Wp Json Api (Aggressive Detection)
- | - https://www.nordfront.dk/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Yoast Seo Author Sitemap (Aggressive Detection)
- | - https://www.nordfront.dk/author-sitemap.xml
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] Kristin G Andresen
- | Found By: Rss Generator (Aggressive Detection)
- [+] Lars
- | Found By: Rss Generator (Aggressive Detection)
- [+] Thomas P
- | Found By: Rss Generator (Aggressive Detection)
- [+] Norden
- | Found By: Rss Generator (Aggressive Detection)
- [+] jonas
- | Found By: Rss Generator (Aggressive Detection)
- [+] Herman von Snaps
- | Found By: Rss Generator (Aggressive Detection)
- [+] robin-hermansson
- | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] robin-palmblad
- | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] henrik-asferg
- | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
- [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
- [+] Finished: Tue Jan 21 12:50:33 2020
- [+] Requests Done: 122
- [+] Cached Requests: 8
- [+] Data Sent: 42.721 KB
- [+] Data Received: 3.263 MB
- [+] Memory used: 161.603 MB
- [+] Elapsed time: 00:00:45
- root@kali:~#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement