2 :80
===============================================================
2021/04/30 14:33:12 Starting gobuster in directory enumeration mode
===============================================================
http://10.10.10.37/wiki (Status: 301) [Size: 309] [--> http://10.10.10.37/wiki/]
http://10.10.10.37/wp-content (Status: 301) [Size: 315] [--> http://10.10.10.37/wp-content/]
http://10.10.10.37/plugins (Status: 301) [Size: 312] [--> http://10.10.10.37/plugins/]
http://10.10.10.37/wp-includes (Status: 301) [Size: 316] [--> http://10.10.10.37/wp-includes/]
http://10.10.10.37/javascript (Status: 301) [Size: 315] [--> http://10.10.10.37/javascript/]
http://10.10.10.37/wp-admin (Status: 301) [Size: 313] [--> http://10.10.10.37/wp-admin/]
http://10.10.10.37/phpmyadmin (Status: 301) [Size: 315] [--> http://10.10.10.37/phpmyadmin/]
$ wpscan --url 10.10.10.37
Server: Apache/2.4.18 (Ubuntu)
[+] Upload directory has listing enabled: http://10.10.10.37/wp-content/uploads/
[+] WordPress version 4.8 identified (Insecure, released on 2017-06-08).
[+] WordPress theme in use: twentyseventeen
[i] User(s) Identified:
[+] notch
| Found By: Author Posts - Author Pattern (Passive Detection)
| Confirmed By:
| Wp Json Api (Aggressive Detection)
| - http://10.10.10.37/index.php/wp-json/wp/v2/users/?per_page=100&page=1
| Author Id Brute Forcing - Author Pattern (Aggressive Detection)
| Login Error Messages (Aggressive Detection)
[+] Notch
| Found By: Rss Generator (Passive Detection)
| Confirmed By: Login Error Messages (Aggressive Detection)
http://10.10.10.37/plugins has 2 files >
BlockyCore.jar
griefprevention-1.11.2-3.1.1.298.jar
Using jd-gui <.jar> to check contents
public class BlockyCore {
public String sqlHost = "localhost";
public String sqlUser = "root";
public String sqlPass = "8YsqfCTnvxAUeduzjNSXe22";
}
Last updated