Wordpress hack scan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→WPSCAN) |
|||
| (3 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| − | + | =WPSCAN (Plugin: simple-file-list)= | |
| − | + | *wpscan --url http://opfer.secure.local | |
| − | + | <pre>_______________________________________________________________ | |
| − | =WPSCAN= | ||
| − | *wpscan --url | ||
| − | <pre> | ||
| − | _______________________________________________________________ | ||
__ _______ _____ | __ _______ _____ | ||
\ \ / / __ \ / ____| | \ \ / / __ \ / ____| | ||
| Zeile 19: | Zeile 15: | ||
_______________________________________________________________ | _______________________________________________________________ | ||
| − | [+] URL: | + | [+] URL: http://opfer.secure.local/ [10.0.10.104] |
| − | [+] Started: | + | [+] Started: Fri Sep 1 10:57:49 2023 |
| − | + | ||
| − | Interesting Finding(s): | + | Interesting Finding(s): |
| − | + | ||
| − | [+] Headers | + | [+] Headers |
| − | | Interesting Entry: Server: Apache/2.4. | + | | Interesting Entry: Server: Apache/2.4.29 (Ubuntu) |
| − | | Found By: Headers (Passive Detection) | + | | Found By: Headers (Passive Detection) |
| Confidence: 100% | | Confidence: 100% | ||
| − | [+] XML-RPC seems to be enabled: | + | [+] XML-RPC seems to be enabled: http://opfer.secure.local/xmlrpc.php |
| Found By: Direct Access (Aggressive Detection) | | Found By: Direct Access (Aggressive Detection) | ||
| Confidence: 100% | | Confidence: 100% | ||
| Zeile 39: | Zeile 35: | ||
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/ | | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/ | ||
| − | [+] WordPress readme found: | + | [+] WordPress readme found: http://opfer.secure.local/readme.html |
| Found By: Direct Access (Aggressive Detection) | | Found By: Direct Access (Aggressive Detection) | ||
| Confidence: 100% | | Confidence: 100% | ||
| − | [+] This site has 'Must Use Plugins': | + | [+] This site has 'Must Use Plugins': http://opfer.secure.local/wp-content/mu-plugins/ |
| Found By: Direct Access (Aggressive Detection) | | Found By: Direct Access (Aggressive Detection) | ||
| Confidence: 80% | | Confidence: 80% | ||
| Reference: http://codex.wordpress.org/Must_Use_Plugins | | Reference: http://codex.wordpress.org/Must_Use_Plugins | ||
| − | [+] Upload directory has listing enabled: | + | [+] Upload directory has listing enabled: http://opfer.secure.local/wp-content/uploads/ |
| Found By: Direct Access (Aggressive Detection) | | Found By: Direct Access (Aggressive Detection) | ||
| Confidence: 100% | | Confidence: 100% | ||
| − | [+] The external WP-Cron seems to be enabled: | + | [+] The external WP-Cron seems to be enabled: http://opfer.secure.local/wp-cron.php |
| Found By: Direct Access (Aggressive Detection) | | Found By: Direct Access (Aggressive Detection) | ||
| Confidence: 60% | | Confidence: 60% | ||
| Zeile 59: | Zeile 55: | ||
| - https://github.com/wpscanteam/wpscan/issues/1299 | | - https://github.com/wpscanteam/wpscan/issues/1299 | ||
| − | [+] WordPress version | + | [+] WordPress version 6.1.1 identified (Insecure, released on 2022-11-15). |
| Found By: Emoji Settings (Passive Detection) | | Found By: Emoji Settings (Passive Detection) | ||
| − | | - | + | | - http://opfer.secure.local/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=6.1.1' |
| Confirmed By: Meta Generator (Passive Detection) | | Confirmed By: Meta Generator (Passive Detection) | ||
| − | | - | + | | - http://opfer.secure.local/, Match: 'WordPress 6.1.1' |
[+] WordPress theme in use: twentyseventeen | [+] WordPress theme in use: twentyseventeen | ||
| − | | Location: | + | | Location: http://opfer.secure.local/wp-content/themes/twentyseventeen/ |
| − | | Last Updated: | + | | Last Updated: 2023-03-29T00:00:00.000Z |
| − | | Readme: | + | | Readme: http://opfer.secure.local/wp-content/themes/twentyseventeen/readme.txt |
| − | | [!] The version is out of date, the latest version is 3. | + | | [!] The version is out of date, the latest version is 3.2 |
| − | | Style URL: | + | | Style URL: http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208 |
| Style Name: Twenty Seventeen | | Style Name: Twenty Seventeen | ||
| Style URI: https://wordpress.org/themes/twentyseventeen/ | | Style URI: https://wordpress.org/themes/twentyseventeen/ | ||
| Zeile 81: | Zeile 77: | ||
| Version: 2.9 (80% confidence) | | Version: 2.9 (80% confidence) | ||
| Found By: Style (Passive Detection) | | Found By: Style (Passive Detection) | ||
| − | | - | + | | - http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208, Match: 'Version: 2.9' |
[+] Enumerating All Plugins (via Passive Methods) | [+] Enumerating All Plugins (via Passive Methods) | ||
| Zeile 89: | Zeile 85: | ||
[+] simple-file-list | [+] simple-file-list | ||
| − | | Location: | + | | Location: http://opfer.secure.local/wp-content/plugins/simple-file-list/ |
| − | | Last Updated: | + | | Last Updated: 2023-08-18T17:35:00.000Z |
| − | | [!] The version is out of date, the latest version is | + | | [!] The version is out of date, the latest version is 6.1.8 |
| | | | ||
| Found By: Urls In Homepage (Passive Detection) | | Found By: Urls In Homepage (Passive Detection) | ||
| Zeile 97: | Zeile 93: | ||
| Version: 4.2.2 (100% confidence) | | Version: 4.2.2 (100% confidence) | ||
| Found By: Readme - Stable Tag (Aggressive Detection) | | Found By: Readme - Stable Tag (Aggressive Detection) | ||
| − | | - | + | | - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt |
| Confirmed By: Readme - ChangeLog Section (Aggressive Detection) | | Confirmed By: Readme - ChangeLog Section (Aggressive Detection) | ||
| − | | - | + | | - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt |
[+] Enumerating Config Backups (via Passive and Aggressive Methods) | [+] Enumerating Config Backups (via Passive and Aggressive Methods) | ||
| − | Checking Config Backups - Time: 00:00: | + | Checking Config Backups - Time: 00:00:00 <=====================> (137 / 137) 100.00% Time: 00:00:00 |
[i] No Config Backups Found. | [i] No Config Backups Found. | ||
| Zeile 109: | Zeile 105: | ||
[!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register | [!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register | ||
| − | [+] Finished: | + | [+] Finished: Fri Sep 1 10:57:57 2023 |
[+] Requests Done: 172 | [+] Requests Done: 172 | ||
[+] Cached Requests: 5 | [+] Cached Requests: 5 | ||
| − | [+] Data Sent: | + | [+] Data Sent: 44.345 KB |
| − | [+] Data Received: | + | [+] Data Received: 451.429 KB |
| − | [+] Memory used: | + | [+] Memory used: 267.125 MB |
| − | [+] Elapsed time: 00:00: | + | [+] Elapsed time: 00:00:07 |
</pre> | </pre> | ||
Aktuelle Version vom 1. September 2023, 09:00 Uhr
WPSCAN (Plugin: simple-file-list)
- wpscan --url http://opfer.secure.local
_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 3.8.22
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________
[+] URL: http://opfer.secure.local/ [10.0.10.104]
[+] Started: Fri Sep 1 10:57:49 2023
Interesting Finding(s):
[+] Headers
| Interesting Entry: Server: Apache/2.4.29 (Ubuntu)
| Found By: Headers (Passive Detection)
| Confidence: 100%
[+] XML-RPC seems to be enabled: http://opfer.secure.local/xmlrpc.php
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
| References:
| - http://codex.wordpress.org/XML-RPC_Pingback_API
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
| - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/
[+] WordPress readme found: http://opfer.secure.local/readme.html
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
[+] This site has 'Must Use Plugins': http://opfer.secure.local/wp-content/mu-plugins/
| Found By: Direct Access (Aggressive Detection)
| Confidence: 80%
| Reference: http://codex.wordpress.org/Must_Use_Plugins
[+] Upload directory has listing enabled: http://opfer.secure.local/wp-content/uploads/
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
[+] The external WP-Cron seems to be enabled: http://opfer.secure.local/wp-cron.php
| Found By: Direct Access (Aggressive Detection)
| Confidence: 60%
| References:
| - https://www.iplocation.net/defend-wordpress-from-ddos
| - https://github.com/wpscanteam/wpscan/issues/1299
[+] WordPress version 6.1.1 identified (Insecure, released on 2022-11-15).
| Found By: Emoji Settings (Passive Detection)
| - http://opfer.secure.local/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=6.1.1'
| Confirmed By: Meta Generator (Passive Detection)
| - http://opfer.secure.local/, Match: 'WordPress 6.1.1'
[+] WordPress theme in use: twentyseventeen
| Location: http://opfer.secure.local/wp-content/themes/twentyseventeen/
| Last Updated: 2023-03-29T00:00:00.000Z
| Readme: http://opfer.secure.local/wp-content/themes/twentyseventeen/readme.txt
| [!] The version is out of date, the latest version is 3.2
| Style URL: http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208
| Style Name: Twenty Seventeen
| Style URI: https://wordpress.org/themes/twentyseventeen/
| Description: Twenty Seventeen brings your site to life with header video and immersive featured images. With a fo...
| Author: the WordPress team
| Author URI: https://wordpress.org/
|
| Found By: Css Style In Homepage (Passive Detection)
|
| Version: 2.9 (80% confidence)
| Found By: Style (Passive Detection)
| - http://opfer.secure.local/wp-content/themes/twentyseventeen/style.css?ver=20201208, Match: 'Version: 2.9'
[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)
[i] Plugin(s) Identified:
[+] simple-file-list
| Location: http://opfer.secure.local/wp-content/plugins/simple-file-list/
| Last Updated: 2023-08-18T17:35:00.000Z
| [!] The version is out of date, the latest version is 6.1.8
|
| Found By: Urls In Homepage (Passive Detection)
|
| Version: 4.2.2 (100% confidence)
| Found By: Readme - Stable Tag (Aggressive Detection)
| - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt
| Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
| - http://opfer.secure.local/wp-content/plugins/simple-file-list/readme.txt
[+] Enumerating Config Backups (via Passive and Aggressive Methods)
Checking Config Backups - Time: 00:00:00 <=====================> (137 / 137) 100.00% Time: 00:00:00
[i] No Config Backups Found.
[!] No WPScan API Token given, as a result vulnerability data has not been output.
[!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register
[+] Finished: Fri Sep 1 10:57:57 2023
[+] Requests Done: 172
[+] Cached Requests: 5
[+] Data Sent: 44.345 KB
[+] Data Received: 451.429 KB
[+] Memory used: 267.125 MB
[+] Elapsed time: 00:00:07