2 :80

===============================================================
2021/04/30 14:33:12 Starting gobuster in directory enumeration mode
===============================================================
http://10.10.10.37/wiki                 (Status: 301) [Size: 309] [--> http://10.10.10.37/wiki/]
http://10.10.10.37/wp-content           (Status: 301) [Size: 315] [--> http://10.10.10.37/wp-content/]
http://10.10.10.37/plugins              (Status: 301) [Size: 312] [--> http://10.10.10.37/plugins/]
http://10.10.10.37/wp-includes          (Status: 301) [Size: 316] [--> http://10.10.10.37/wp-includes/]
http://10.10.10.37/javascript           (Status: 301) [Size: 315] [--> http://10.10.10.37/javascript/]
http://10.10.10.37/wp-admin             (Status: 301) [Size: 313] [--> http://10.10.10.37/wp-admin/]
http://10.10.10.37/phpmyadmin           (Status: 301) [Size: 315] [--> http://10.10.10.37/phpmyadmin/]
$ wpscan --url 10.10.10.37

Server: Apache/2.4.18 (Ubuntu)
[+] Upload directory has listing enabled: http://10.10.10.37/wp-content/uploads/
[+] WordPress version 4.8 identified (Insecure, released on 2017-06-08).
[+] WordPress theme in use: twentyseventeen
[i] User(s) Identified:

[+] notch
 | Found By: Author Posts - Author Pattern (Passive Detection)
 | Confirmed By:
 |  Wp Json Api (Aggressive Detection)
 |   - http://10.10.10.37/index.php/wp-json/wp/v2/users/?per_page=100&page=1
 |  Author Id Brute Forcing - Author Pattern (Aggressive Detection)
 |  Login Error Messages (Aggressive Detection)

[+] Notch
 | Found By: Rss Generator (Passive Detection)
 | Confirmed By: Login Error Messages (Aggressive Detection)
http://10.10.10.37/plugins has 2 files > 
BlockyCore.jar
griefprevention-1.11.2-3.1.1.298.jar

Using jd-gui <.jar> to check contents

public class BlockyCore {
  public String sqlHost = "localhost";
  public String sqlUser = "root";
  public String sqlPass = "8YsqfCTnvxAUeduzjNSXe22";
}

Last updated