Wordpress hack scan: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
=WPSCAN=
+
=WPSCAN (Plugin: simple-file-list)=
 
*wpscan --url http://opfer.secure.local                          4 ⨯
 
*wpscan --url http://opfer.secure.local                          4 ⨯
 
<pre>_______________________________________________________________
 
<pre>_______________________________________________________________

Version vom 1. September 2023, 09:00 Uhr

WPSCAN (Plugin: simple-file-list)

_______________________________________________________________
         __          _______   _____
         \ \        / /  __ \ / ____|
          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
            \  /\  /  | |     ____) | (__| (_| | | | |
             \/  \/   |_|    |_____/ \___|\__,_|_| |_|

         WordPress Security Scanner by the WPScan Team
                         Version 3.8.22
       Sponsored by Automattic - https://automattic.com/
       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[+] URL: http://opfer.secure.local/ [10.0.10.104]
[+] Started: Fri Sep  1 10:57:49 2023                                       
                                                                               
Interesting Finding(s):                                                               
                                                                                      
[+] Headers                                                                                    
 | Interesting Entry: Server: Apache/2.4.29 (Ubuntu)                                           
 | Found By: Headers (Passive Detection)                                                            
 | Confidence: 100%

[+] XML-RPC seems to be enabled: http://opfer.secure.local/xmlrpc.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/

[+] WordPress readme found: http://opfer.secure.local/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] This site has 'Must Use Plugins': http://opfer.secure.local/wp-content/mu-plugins/
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 80%
 | Reference: http://codex.wordpress.org/Must_Use_Plugins

[+] Upload directory has listing enabled: http://opfer.secure.local/wp-content/uploads/
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] The external WP-Cron seems to be enabled: http://opfer.secure.local/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

[+] WordPress version 6.1.1 identified (Insecure, released on 2022-11-15).
 | Found By: Emoji Settings (Passive Detection)
 |  - http://opfer.secure.local/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=6.1.1'
 | Confirmed By: Meta Generator (Passive Detection)
 |  - http://opfer.secure.local/, Match: 'WordPress 6.1.1'

[+] WordPress theme in use: twentyseventeen
 | Location: http://opfer.secure.local/wp-content/themes/twentyseventeen/
 | Last Updated: 2023-03-29T00:00:00.000Z
 | Readme: http://opfer.secure.local/wp-content/themes/twentyseventeen/readme.txt
 | [!] The version is out of date, the latest version is 3.2
 | Style URL: http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208
 | Style Name: Twenty Seventeen
 | Style URI: https://wordpress.org/themes/twentyseventeen/
 | Description: Twenty Seventeen brings your site to life with header video and immersive featured images. With a fo...
 | Author: the WordPress team
 | Author URI: https://wordpress.org/
 |
 | Found By: Css Style In Homepage (Passive Detection)
 |
 | Version: 2.9 (80% confidence)
 | Found By: Style (Passive Detection)
 |  - http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208, Match: 'Version: 2.9'

[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] simple-file-list
 | Location: http://opfer.secure.local/wp-content/plugins/simple-file-list/
 | Last Updated: 2023-08-18T17:35:00.000Z
 | [!] The version is out of date, the latest version is 6.1.8
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | Version: 4.2.2 (100% confidence)
 | Found By: Readme - Stable Tag (Aggressive Detection)
 |  - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt
 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
 |  - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt

[+] Enumerating Config Backups (via Passive and Aggressive Methods)
 Checking Config Backups - Time: 00:00:00 <=====================> (137 / 137) 100.00% Time: 00:00:00

[i] No Config Backups Found.

[!] No WPScan API Token given, as a result vulnerability data has not been output.
[!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

[+] Finished: Fri Sep  1 10:57:57 2023
[+] Requests Done: 172
[+] Cached Requests: 5
[+] Data Sent: 44.345 KB
[+] Data Received: 451.429 KB
[+] Memory used: 267.125 MB
[+] Elapsed time: 00:00:07
Abgerufen von „http://wiki.ixheim.de/index.php?title=Wordpress_hack_scan&oldid=49036