Starting Nmap 7.40 ( https://nmap.org ) at 2017-01-20 01:21 PKTNmap scan repor

1. Starting Nmap 7.40 ( https://nmap.org ) at 2017-01-20 01:21 PKT
2.  
3. Nmap scan report for 192.168.1.9
4.  
5. Host is up (0.00044s latency).
6.  
7. PORT STATE SERVICE
8.  
9. 80/tcp open http
10.  
11. MAC Address: 08:00:27:EF:AE:68 (Oracle VirtualBox virtual NIC)
12.  
13.  
14. Nmap done: 1 IP address (1 host up) scanned in 0.53 seconds
15.  
16. PORT STATE SERVICE REASON
17.  
18. 80/tcp open http syn-ack
19.  
20. | http-method-tamper:
21.  
22. | VULNERABLE:
23.  
24. | Authentication bypass by HTTP verb tampering
25.  
26. | State: VULNERABLE (Exploitable)
27.  
28. | Description:
29.  
30. | This web server contains password protected resources vulnerable to authentication bypass
31.  
32. | vulnerabilities via HTTP verb tampering. This is often found in web servers that only limit access to the
33.  
34. | common HTTP methods and in misconfigured .htaccess files.
35.  
36. |
37.  
38. | Extra information:
39.  
40. |
41.  
42. | URIs suspected to be vulnerable to HTTP verb tampering:
43.  
44. | /method-tamper/protected/pass.txt [POST]