Membership level: Free member
Enumerate Wordpress Users (wpscan --url https://portalweb.unas.edu.pe/ --enumerate u --random-user-agent --force --max-scan-duration 60)
URL: https://portalweb.unas.edu.pe/ [209.45.18.116]
Started: Mon Jul 21 09:13:00 2025

Interesting Finding(s):

Headers
 | Interesting Entries:
 |  - Server: Supersayayin Ultrainstinto
 |  - X-Powered-By: PHP/7.4.30
 |  - X-Drupal-Cache: HIT
 |  - Content-Language: es
 |  - Permissions-Policy: interest-cohort=()
 |  - X-Generator: Drupal 7 (http://drupal.org)
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

robots.txt found: https://portalweb.unas.edu.pe/robots.txt
 | Interesting Entries:
 |  - /misc/*.css$
 |  - /misc/*.css?
 |  - /misc/*.js$
 |  - /misc/*.js?
 |  - /misc/*.gif
 |  - /misc/*.jpg
 |  - /misc/*.jpeg
 |  - /misc/*.png
 |  - /modules/*.css$
 |  - /modules/*.css?
 |  - /modules/*.js$
 |  - /modules/*.js?
 |  - /modules/*.gif
 |  - /modules/*.jpg
 |  - /modules/*.jpeg
 |  - /modules/*.png
 |  - /profiles/*.css$
 |  - /profiles/*.css?
 |  - /profiles/*.js$
 |  - /profiles/*.js?
 |  - /profiles/*.gif
 |  - /profiles/*.jpg
 |  - /profiles/*.jpeg
 |  - /profiles/*.png
 |  - /themes/*.css$
 |  - /themes/*.css?
 |  - /themes/*.js$
 |  - /themes/*.js?
 |  - /themes/*.gif
 |  - /themes/*.jpg
 |  - /themes/*.jpeg
 |  - /themes/*.png
 |  - /includes/
 |  - /misc/
 |  - /modules/
 |  - /profiles/
 |  - /scripts/
 |  - /themes/
 |  - /CHANGELOG.txt
 |  - /cron.php
 |  - /INSTALL.mysql.txt
 |  - /INSTALL.pgsql.txt
 |  - /INSTALL.sqlite.txt
 |  - /install.php
 |  - /INSTALL.txt
 |  - /LICENSE.txt
 |  - /MAINTAINERS.txt
 |  - /update.php
 |  - /UPGRADE.txt
 |  - /xmlrpc.php
 |  - /admin/
 |  - /comment/reply/
 |  - /filter/tips/
 |  - /node/add/
 |  - /search/
 |  - /user/register/
 |  - /user/password/
 |  - /user/login/
 |  - /user/logout/
 |  - /?q=admin/
 |  - /?q=comment/reply/
 |  - /?q=filter/tips/
 |  - /?q=node/add/
 |  - /?q=search/
 |  - /?q=user/password/
 |  - /?q=user/register/
 |  - /?q=user/login/
 |  - /?q=user/logout/
 | Found By: Robots Txt (Aggressive Detection)
 | Confidence: 100%

XML-RPC seems to be enabled: https://portalweb.unas.edu.pe/xmlrpc.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/


Fingerprinting the version -: |================================================|
 The WordPress version could not be detected.

WordPress theme in use: business_responsive_theme
 | Location: https://portalweb.unas.edu.pe/sites/all/themes/business_responsive_theme/
 | Readme: https://portalweb.unas.edu.pe/sites/all/themes/business_responsive_theme/README.txt
 | Style URL: "https://portalweb.unas.edu.pe/sites/all/themes/business_responsive_theme/style.css?sqwp5r
 |
 | Found By: Css Style In Homepage (Passive Detection)
 | Confirmed By: Css Style In 404 Page (Passive Detection)
 |
 | The version could not be determined.

Enumerating Users (via Passive and Aggressive Methods)

 Brute Forcing Author IDs -: |======================== No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Mon Jul 21 09:13:59 2025
Requests Done: 766
Cached Requests: 9
Data Sent: 192.871 KB
Data Received: 1.357 MB
Memory used: 199.281 MB
Elapsed time: 00:00:58

Scan Aborted: Max Scan Duration Reached
Color Scheme
Target
portalweb.unas.edu.pe
Scan method
Enumerate Wordpress Users
Run command
wpscan --url https://portalweb.unas.edu.pe/ --enumerate u --random-user-agent --force --max-scan-duration 60
Scan time
58s
Quick report
Order full scan ($19/one time)
Scan date
21 Jul 2025 12:14
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration: