Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Linux Format Vulnerable Wordpress

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
RyanF109



Joined: Mon Jan 02, 2012 7:53 pm
Posts: 16

PostPosted: Sat Apr 13, 2013 5:07 pm    Post subject: Linux Format Vulnerable Wordpress Reply with quote

I was very interested in the hacking tutorial in this month's Linux Format, as I run a wordpress site.

I'm having difficulty following the LF wordpress tutorial. I've booted the virtual machine and another virtual 12.04 ubuntu machine

I eventually managed to get wpscan working (no thanks to there being no wpscan on the disk as promised) and now I'm getting a different output than the one it tells me I should get.

Quote:
____________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_| v2.1rNA

WordPress Security Scanner by the WPScan Team
Sponsored by the RandomStorm Open Source Initiative
_____________________________________________________

| URL: http://192.168.1.6/
| Started on Sat Apr 13 17:01:19 2013

[!] The WordPress 'http://192.168.1.6/readme.html' file exists
[+] XML-RPC Interface available under http://192.168.1.6/xmlrpc.php
[+] WordPress version 3.0 identified from meta generator

[!] We have identified 3 vulnerabilities from the version number :
|
| * Title: XSS vulnerability in swfupload in WordPress
| * Reference: http://seclists.org/fulldisclosure/2012/Nov/51
|
| * Title: XMLRPC Pingback API Internal/External Port Scanning
| * Reference: https://github.com/FireFart/WordpressPingbackPortScanner
|
| * Title: WordPress XMLRPC pingback additional issues
| * Reference: http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html

[+] The WordPress theme in use is twentyten v1.0

| Name: twentyten v1.0
| Location: http://192.168.1.6/wp-content/themes/twentyten/

[+] Enumerating plugins from passive detection ...
No plugins found Sad

[+] Enumerating usernames ...

We did not enumerate any usernames Sad
Try supplying your own username with the --username option


Help? Sad
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast