wordpress渗透测试系列(一)
初步的信息收集命令:
wpscan --url http://192.168.3.234:8081渗透结果
[+] robots.txt available under: 'http://192.168.3.234:8081/robots.txt'
[!] The WordPress 'http://192.168.3.234:8081/readme.html' file exists exposing a version number
[!] Full Path Disclosure (FPD) in 'http://192.168.3.234:8081/wp-includes/rss-functions.php':
[+] Interesting header: LINK: <http://127.0.0.1:8081/index.php/wp-json/>; rel="https://api.w.org/"
[+] Interesting header: SERVER: Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.5.30
[+] Interesting header: X-POWERED-BY: PHP/5.5.30
[+] XML-RPC Interface available under: http://192.168.3.234:8081/xmlrpc.php
[+] WordPress version 4.9.5
[+] WordPress theme in use: twentyseventeen - v1.5
[+] Name: twentyseventeen - v1.5
|Latest version: 1.3 (up to date)
|Last updated: 2017-06-08T00:00:00.000Z
|Location: http://192.168.3.234:8081/wp-content/themes/twentyseventeen/
|Readme: http://192.168.3.234:8081/wp-content/themes/twentyseventeen/readme.txt
|Style URL: http://192.168.3.234:8081/wp-content/themes/twentyseventeen/style.css
|Referenced style.css: http://127.0.0.1:8081/wp-content/themes/twentyseventeen/style.css
|Theme Name: Twenty Seventeen
|Theme URI: https://wordpress.org/themes/twentyseventeen/
|Description: Twenty Seventeen brings your site to life with header video and immersive featured images. With a...
|Author: the WordPress team
|Author URI: https://wordpress.org/
[+] Enumerating plugins from passive detection ...
[+] No plugins found
[+] Finished: Thu Apr 26 19:33:00 2018
[+] Requests Done: 68
[+] Memory used: 16.43 MB
[+] Elapsed time: 00:00:37
页:
[1]