Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [+] URL: http://www.cootel.com.ni/
- [+] Started: Wed Jan 16 07:10:11 2019
- Interesting Finding(s):
- [+] http://www.cootel.com.ni/
- | Interesting Entries:
- | - Server: Apache/2.2.15 (CentOS)
- | - X-Powered-By: PHP/5.3.3
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://www.cootel.com.ni/cootel/xmlrpc.php
- | Found By: Link Tag (Passive Detection)
- | Confidence: 100%
- | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://www.cootel.com.ni/cootel/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] Upload directory has listing enabled: http://www.cootel.com.ni/cootel/cootel/wp-content/uploads/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] WordPress version 4.7.12 identified.
- | Detected By: Rss Generator (Passive Detection)
- | - http://www.cootel.com.ni/feed/, <generator>https://wordpress.org/?v=4.7.12</generator>
- | - http://www.cootel.com.ni/comments/feed/, <generator>https://wordpress.org/?v=4.7.12</generator>
- [+] WordPress theme in use: dt-the7
- | Location: http://www.cootel.com.ni/cootel/wp-content/themes/dt-the7/
- | Style URL: http://www.cootel.com.ni/cootel/wp-content/themes/dt-the7/style.css?ver=3.1.3
- | Style Name: The7
- | Style URI: http://dream-theme.com/the7/
- | Description: Put simply, The7 is the world's most advanced WordPress theme. It features 630+ design customization...
- | Author: Dream-Theme
- | Author URI: http://dream-theme.com/
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 3.1.3 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/themes/dt-the7/style.css?ver=3.1.3, Match: 'Version: 3.1.3'
- [+] Enumerating All Plugins
- [+] Checking Plugin Versions
- [i] Plugin(s) Identified:
- [+] contact-form-7
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/contact-form-7/
- | Last Updated: 2018-12-18T18:05:00.000Z
- | [!] The version is out of date, the latest version is 5.1.1
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
- | Fixed in: 5.0.4
- | References:
- | - https://wpvulndb.com/vulnerabilities/9127
- | - https://contactform7.com/2018/09/04/contact-form-7-504/
- | - https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
- | - https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
- | - https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
- | - https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
- | - https://www.ripstech.com/php-security-calendar-2018/#day-18
- |
- | Version: 4.8 (100% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.8
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.8
- | Confirmed By:
- | Readme - Stable Tag (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/contact-form-7/readme.txt
- | Readme - ChangeLog Section (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/contact-form-7/readme.txt
- [+] google-analytics-for-wordpress
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/google-analytics-for-wordpress/
- | Last Updated: 2018-12-31T18:08:00.000Z
- | [!] The version is out of date, the latest version is 7.3.3
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By: Monster Insights Comment (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: Google Analytics by Monster Insights <= 7.1.0 - Authenticated Stored Cross-Site Scripting (XSS)
- | Fixed in: 7.2.0
- | References:
- | - https://wpvulndb.com/vulnerabilities/9157
- | - https://www.ripstech.com/php-security-calendar-2018/
- |
- | Version: 6.2.0 (100% confidence)
- | Detected By: Monster Insights Comment (Passive Detection)
- | - http://www.cootel.com.ni/, Match: 'Google Analytics by MonsterInsights plugin v6.2.0 -'
- | Confirmed By:
- | Query Parameter (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=6.2.0
- | Readme - Stable Tag (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/google-analytics-for-wordpress/readme.txt
- [+] js_composer
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/js_composer/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By:
- | Meta Generator (Passive Detection)
- | Body Tag (Passive Detection)
- |
- | Version: 4.11.2 (80% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2
- | Confirmed By: Body Tag (Passive Detection)
- | - http://www.cootel.com.ni/, Match: 'js-comp-ver-4.11.2'
- [+] LayerSlider
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/LayerSlider/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: LayerSlider <= 6.2.0 - CSRF / Authenticated Stored XSS & SQL Injection
- | Fixed in: 6.2.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/8822
- | - http://wphutte.com/layer-slider-6-1-6-csrf-to-xss-to-sqli-with-poc/
- | - https://support.kreaturamedia.com/docs/layersliderwp/documentation.html#release-log
- |
- | Version: 5.6.2 (50% confidence)
- | Detected By: Locale Translation File (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/LayerSlider/locales/LayerSlider-en_US.po, Match: 'Project-Id-Version: LayerSlider WP 5.6.2'
- [+] osm
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/osm/
- | Last Updated: 2018-09-29T11:55:00.000Z
- | [!] The version is out of date, the latest version is 4.1.2
- |
- | Detected By: Comment (Passive Detection)
- |
- | Version: 3.9.4 (100% confidence)
- | Detected By: Comment (Passive Detection)
- | - http://www.cootel.com.ni/, Match: 'OSM plugin V3.9.4'
- | Confirmed By: Readme - Stable Tag (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/osm/readme.txt
- [+] revslider
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/revslider/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By: Meta Generator (Passive Detection)
- |
- | Version: 5.1.4 (100% confidence)
- | Detected By: Meta Generator (Passive Detection)
- | - http://www.cootel.com.ni/, Match: 'Powered by Slider Revolution 5.1.4'
- | Confirmed By:
- | Query Parameter (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.1.4
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.1.4
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.1.4
- | Release Log (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/revslider/release_log.html, Match: 'Version 5.1.4 StarPath (28th November 2015)'
- [+] Ultimate_VC_Addons
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/Ultimate_VC_Addons/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: Ultimate Addons for Visual Composer <= 3.16.11 - Authenticated XSS, CSRF, RCE
- | Fixed in: 3.16.12
- | References:
- | - https://wpvulndb.com/vulnerabilities/8821
- | - http://wphutte.com/ultimate-addons-for-visual-composer-v3-16-10-xss-csrf-rce/
- | - https://codecanyon.net/item/ultimate-addons-for-visual-composer/6892199
- |
- | The version could not be determined.
- [+] wp-store-locator
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/wp-store-locator/
- | Last Updated: 2018-12-26T08:52:00.000Z
- | [!] The version is out of date, the latest version is 2.2.20
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.2.8 (100% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.8
- | Confirmed By:
- | Readme - Stable Tag (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/wp-store-locator/readme.txt
- | Translation File (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/wp-store-locator/languages/wpsl.pot, Match: '"Project-Id-Version: WP Store Locator v2.2.8'
- [+] wp2yt-uploader
- | Location: http://www.cootel.com.ni/cootel/wp-content/plugins/wp2yt-uploader/
- | Latest Version: 2.0.4.5 (up to date)
- | Last Updated: 2015-10-20T13:59:00.000Z
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.0.4.5 (80% confidence)
- | Detected By: Readme - Stable Tag (Aggressive Detection)
- | - http://www.cootel.com.ni/cootel/wp-content/plugins/wp2yt-uploader/readme.txt
- [+] Enumerating Config Backups
- Checking Config Backups - Time: 00:00:24 <===> (21 / 21) 100.00% Time: 00:00:24
- ///////////////////////////////////////////////////////////
- [i] User(s) Identified:
- [+] mapa
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] agente-cootel
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] cootel
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] leonort
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- //////////////////////////////////////////////////////////////
- [+] Finished: Wed Jan 16 07:14:43 2019
- [+] Requests Done: 17
- [+] Memory used: 15.312 MB
- [+] Elapsed time: 00:00:25
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement