[+] URL: https://192.168.56.139:12380/blogblog/ [192.168.56.139] [+] Started: Sat Jun 20 04:02:20 2020
Interesting Finding(s):
[+] Headers | Interesting Entries: | - Server: Apache/2.4.18 (Ubuntu) | - Dave: Soemthing doesn't look right here | Found By: Headers (Passive Detection) | Confidence: 100%
[+] XML-RPC seems to be enabled: https://192.168.56.139:12380/blogblog/xmlrpc.php | Found By: Headers (Passive Detection) | Confidence: 100% | Confirmed By: | - Link Tag (Passive Detection), 30% confidence | - Direct Access (Aggressive Detection), 100% confidence | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
[+] https://192.168.56.139:12380/blogblog/readme.html | Found By: Direct Access (Aggressive Detection) | Confidence: 100%
[+] Registration is enabled: https://192.168.56.139:12380/blogblog/wp-login.php?action=register | Found By: Direct Access (Aggressive Detection) | Confidence: 100%
[+] Upload directory has listing enabled: https://192.168.56.139:12380/blogblog/wp-content/uploads/ | Found By: Direct Access (Aggressive Detection) | Confidence: 100%
[+] The external WP-Cron seems to be enabled: https://192.168.56.139:12380/blogblog/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299
[+] WordPress version 4.2.1 identified (Insecure, released on 2015-04-27). | Found By: Rss Generator (Passive Detection) | - https://192.168.56.139:12380/blogblog/?feed=rss2, <generator>http://wordpress.org/?v=4.2.1</generator> | - https://192.168.56.139:12380/blogblog/?feed=comments-rss2, <generator>http://wordpress.org/?v=4.2.1</generator>
[+] WordPress theme in use: bhost | Location: https://192.168.56.139:12380/blogblog/wp-content/themes/bhost/ | Last Updated: 2019-12-08T00:00:00.000Z | Readme: https://192.168.56.139:12380/blogblog/wp-content/themes/bhost/readme.txt | [!] The version is out of date, the latest version is 1.4.4 | Style URL: https://192.168.56.139:12380/blogblog/wp-content/themes/bhost/style.css?ver=4.2.1 | Style Name: BHost | Description: Bhost is a nice , clean , beautifull, Responsive and modern design free WordPress Theme. This theme ... | Author: Masum Billah | Author URI: http://getmasum.net/ | | Found By: Css Style In Homepage (Passive Detection) | | Version: 1.2.9 (80% confidence) | Found By: Style (Passive Detection) | - https://192.168.56.139:12380/blogblog/wp-content/themes/bhost/style.css?ver=4.2.1, Match: 'Version: 1.2.9'
[!] No WPVulnDB API Token given, as a result vulnerability data has not been output. [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up