_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 3.8.24
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________
�[32m[+]�[0m URL: http://internal.thm/blog/ [10.10.180.69]
�[32m[+]�[0m Started: Wed Oct 4 13:15:17 2023
Interesting Finding(s):
�[32m[+]�[0m Headers
| Interesting Entry: Server: Apache/2.4.29 (Ubuntu)
| Found By: Headers (Passive Detection)
| Confidence: 100%
�[32m[+]�[0m XML-RPC seems to be enabled: http://internal.thm/blog/xmlrpc.php
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
| References:
| - http://codex.wordpress.org/XML-RPC_Pingback_API
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
| - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/
�[32m[+]�[0m WordPress readme found: http://internal.thm/blog/readme.html
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
�[32m[+]�[0m The external WP-Cron seems to be enabled: http://internal.thm/blog/wp-cron.php
| Found By: Direct Access (Aggressive Detection)
| Confidence: 60%
| References:
| - https://www.iplocation.net/defend-wordpress-from-ddos
| - https://github.com/wpscanteam/wpscan/issues/1299
�[32m[+]�[0m WordPress version 5.4.2 identified (Insecure, released on 2020-06-10).
| Found By: Rss Generator (Passive Detection)
| - http://internal.thm/blog/index.php/feed/, https://wordpress.org/?v=5.4.2
| - http://internal.thm/blog/index.php/comments/feed/, https://wordpress.org/?v=5.4.2
�[32m[+]�[0m WordPress theme in use: twentyseventeen
| Location: http://internal.thm/blog/wp-content/themes/twentyseventeen/
| Last Updated: 2023-03-29T00:00:00.000Z
| Readme: http://internal.thm/blog/wp-content/themes/twentyseventeen/readme.txt
| �[33m[!]�[0m The version is out of date, the latest version is 3.2
| Style URL: http://internal.thm/blog/wp-content/themes/twentyseventeen/style.css?ver=20190507
| Style Name: Twenty Seventeen
| Style URI: https://wordpress.org/themes/twentyseventeen/
| Description: Twenty Seventeen brings your site to life with header video and immersive featured images. With a fo...
| Author: the WordPress team
| Author URI: https://wordpress.org/
|
| Found By: Css Style In Homepage (Passive Detection)
|
| Version: 2.3 (80% confidence)
| Found By: Style (Passive Detection)
| - http://internal.thm/blog/wp-content/themes/twentyseventeen/style.css?ver=20190507, Match: 'Version: 2.3'
�[32m[+]�[0m Enumerating All Plugins (via Passive Methods)
�[34m[i]�[0m No plugins Found.
�[32m[+]�[0m Enumerating Config Backups (via Passive and Aggressive Methods)
Checking Config Backups -: |===============================================================================================================================================================|
�[34m[i]�[0m No Config Backups Found.
�[32m[+]�[0m Performing password attack on Xmlrpc against 1 user/s
Progress: |
[SUCCESS] - admin / my2boys
Progress: |
�[31m[!]�[0m Valid Combinations Found:
| Username: admin, Password: my2boys
�[33m[!]�[0m No WPScan API Token given, as a result vulnerability data has not been output.
�[33m[!]�[0m You can get a free API token with 25 daily requests by registering at https://wpscan.com/register
�[32m[+]�[0m Finished: Wed Oct 4 13:17:37 2023
�[32m[+]�[0m Requests Done: 4073
�[32m[+]�[0m Cached Requests: 5
�[32m[+]�[0m Data Sent: 2.053 MB
�[32m[+]�[0m Data Received: 2.656 MB
�[32m[+]�[0m Memory used: 296.645 MB
�[32m[+]�[0m Elapsed time: 00:02:20