Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [+] [16] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 3fe201a5149d8890580c4d9ccd500f7de68deba73500c08d8481eca0582829b3
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/data/
- [~] Element: server
- [~] Method: GET
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/data/
- [~] ID: Code: 403
- [~] Regular expression:
- [+] [17] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: bca7f0304f05d172bc4efb77d84961aded358bacae8fa038f3b0ee1134c092b4
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/administrator/
- [~] Element: server
- [~] Method: GET
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/administrator/
- [~] ID: Code: 403
- [~] Regular expression:
- [+] [18] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 2d8a0355cc1b766e99c925cc6370b90687e53751d90c1a02f8fb641d2c92e420
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/
- [~] Element: server
- [~] Method: TRACE
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/
- [~] ID: Code: 405
- [~] Regular expression:
- [+] [19] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 71db2090c40e9a6ffb6519dfc7a4af9614ab37067a7bc237696e3df397073011
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/Arachni-7db2c
- [~] Element: server
- [~] Method: PUT
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/Arachni-7db2c
- [~] ID: Code: 405
- [~] Regular expression:
- [+] [20] Trusted -- HttpOnly cookie
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 604a45c7d671568474fc81cba3c2a697c9773a90d0013bae04abcdd435bb43f0
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/
- [~] Element: cookie
- [~] Method: GET
- [~] Tags:
- [~] Variable: bblastactivity
- [~] Description:
- [~] HTTP by itself is a stateless protocol.
- Therefor the server is unable to determine which requests
- are performed by which client, and which clients are
- authenticated or unauthenticated. The use of HTTP cookies
- within the headers, allows a web server to identify each
- individual client, and can therefor determine which clients
- hold valid authentication from those that do not. These are
- known as session cookies. When a cookie is set by the server
- there are several flags that can be set to configure the
- properties of the cookie, and how it is handled by the browser.
- The HttpOnly flag assists in the prevention of client side
- scripts (such as JavaScript) accessing, and using the cookie.
- This can help preventing XSS attacks targeting the cookies
- holding the clients session token (Setting the HttpOnly flag
- does not prevent, or remediate against XSS vulnerabilities
- themselves).
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [~] OWASP - https://www.owasp.org/index.php/HttpOnly
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/
- [~] Regular expression:
- [+] [21] Trusted -- HttpOnly cookie
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 0026dde47e245e82864e8d9f06cbb979c243dceeea8f92343a86f444806ea27c
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/
- [~] Element: cookie
- [~] Method: GET
- [~] Tags:
- [~] Variable: bblastvisit
- [~] Description:
- [~] HTTP by itself is a stateless protocol.
- Therefor the server is unable to determine which requests
- are performed by which client, and which clients are
- authenticated or unauthenticated. The use of HTTP cookies
- within the headers, allows a web server to identify each
- individual client, and can therefor determine which clients
- hold valid authentication from those that do not. These are
- known as session cookies. When a cookie is set by the server
- there are several flags that can be set to configure the
- properties of the cookie, and how it is handled by the browser.
- The HttpOnly flag assists in the prevention of client side
- scripts (such as JavaScript) accessing, and using the cookie.
- This can help preventing XSS attacks targeting the cookies
- holding the clients session token (Setting the HttpOnly flag
- does not prevent, or remediate against XSS vulnerabilities
- themselves).
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [~] OWASP - https://www.owasp.org/index.php/HttpOnly
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/
- [~] Regular expression:
- [+] [22] Trusted -- Insecure cookie
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 11539ec3689960a8bb6242d258017686481ce7339b8706a8bd825269c99e0716
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/
- [~] Element: cookie
- [~] Method: GET
- [~] Tags:
- [~] Variable: bblastactivity
- [~] Description:
- [~] HTTP by itself is a stateless protocol.
- Therefore the server is unable to determine which requests
- are performed by which client, and which clients are
- authenticated or unauthenticated. The use of HTTP cookies
- within the headers, allows a web server to identify each
- individual client, and can therefore determine which clients
- hold valid authentication from those that do not. These are
- known as session cookies. Because these cookies are used to
- store a client's session (authenticated or unauthenticated),
- it is important that the cookie is passed via an encrypted
- channel. When a cookie is set by the server (send from the
- server to the client in the header of response) there are
- several flags that can be set to determine the properties of
- the cookie, and how it is to handle by the browser. One of
- these flags is known as the 'secure' flag. When the secure
- flag is set, the browser will prevent it being send over any
- clear text channel (HTTP), and only allow it to be sent when
- an encrypted channel is used (HTTPS). Arachni discovered
- that a cookie, and possible session token was set by the
- server without the secure flag being set. Although the
- initial setting of this cookie was via an HTTPS connection,
- any HTTP link to the same server will result in the cookie
- being send in clear text.
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [~] OWASP - https://www.owasp.org/index.php/SecureFlag
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/
- [~] Regular expression:
- [+] [23] Trusted -- Insecure cookie
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 8121cc9139c5937eeb20d394808bb9765dcd11234f1da0b03d5b8429ce637999
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/
- [~] Element: cookie
- [~] Method: GET
- [~] Tags:
- [~] Variable: bblastvisit
- [~] Description:
- [~] HTTP by itself is a stateless protocol.
- Therefore the server is unable to determine which requests
- are performed by which client, and which clients are
- authenticated or unauthenticated. The use of HTTP cookies
- within the headers, allows a web server to identify each
- individual client, and can therefore determine which clients
- hold valid authentication from those that do not. These are
- known as session cookies. Because these cookies are used to
- store a client's session (authenticated or unauthenticated),
- it is important that the cookie is passed via an encrypted
- channel. When a cookie is set by the server (send from the
- server to the client in the header of response) there are
- several flags that can be set to determine the properties of
- the cookie, and how it is to handle by the browser. One of
- these flags is known as the 'secure' flag. When the secure
- flag is set, the browser will prevent it being send over any
- clear text channel (HTTP), and only allow it to be sent when
- an encrypted channel is used (HTTPS). Arachni discovered
- that a cookie, and possible session token was set by the
- server without the secure flag being set. Although the
- initial setting of this cookie was via an HTTPS connection,
- any HTTP link to the same server will result in the cookie
- being send in clear text.
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [~] OWASP - https://www.owasp.org/index.php/SecureFlag
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/
- [~] Regular expression:
- [+] [24] Trusted -- Insecure cookie
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 5a92cf32bf2a6e498ff943e95e0214138a4d47455e5511a96a6545461ebcb708
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/
- [~] Element: cookie
- [~] Method: GET
- [~] Tags:
- [~] Variable: bbsessionhash
- [~] Description:
- [~] HTTP by itself is a stateless protocol.
- Therefore the server is unable to determine which requests
- are performed by which client, and which clients are
- authenticated or unauthenticated. The use of HTTP cookies
- within the headers, allows a web server to identify each
- individual client, and can therefore determine which clients
- hold valid authentication from those that do not. These are
- known as session cookies. Because these cookies are used to
- store a client's session (authenticated or unauthenticated),
- it is important that the cookie is passed via an encrypted
- channel. When a cookie is set by the server (send from the
- server to the client in the header of response) there are
- several flags that can be set to determine the properties of
- the cookie, and how it is to handle by the browser. One of
- these flags is known as the 'secure' flag. When the secure
- flag is set, the browser will prevent it being send over any
- clear text channel (HTTP), and only allow it to be sent when
- an encrypted channel is used (HTTPS). Arachni discovered
- that a cookie, and possible session token was set by the
- server without the secure flag being set. Although the
- initial setting of this cookie was via an HTTPS connection,
- any HTTP link to the same server will result in the cookie
- being send in clear text.
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [~] OWASP - https://www.owasp.org/index.php/SecureFlag
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/
- [~] Regular expression:
- [+] [25] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 16b09c0269d704236335efe32bd3efdfff3da6a7ee3eab7c7682f1ca03d96f3f
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/forum/Arachni-7db2c
- [~] Element: server
- [~] Method: PUT
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/forum/Arachni-7db2c
- [~] ID: Code: 405
- [~] Regular expression:
- [+] [26] Trusted -- HTML object
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: c5437e9fcff9773de9ed246f65409f836abcef012925e01aa0a7b43b5f4098a6
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/js/ufo.js
- [~] Element: body
- [~] Method: GET
- [~] Tags:
- [~] Description:
- [~] Logs the existence of HTML object tags.
- Since Arachni can't execute things like Java Applets and Flash
- this serves as a heads-up to the penetration tester to review
- the objects in question using a different method.
- [~] CWE: http://cwe.mitre.org/data/definitions/200.html
- [~] Requires manual verification?: false
- [~] References:
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/js/ufo.js
- [~] Regular expression: (?mi-x:<object(.*)>(.*)<\/object>)
- [~] Matched string: classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"' + _objAtt + ' width="' + _fo.width + '" height="' + _fo.height + '" codebase="' + _p + '//download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=' + _fo.majorversion + ',0,' + _fo.build + ',0"><param name="movie" value="' + _fo.movie + '" /
- [~] Variation 2:
- [~] URL: http://pmsclan.com/js/ufo.js
- [~] Regular expression: (?mi-x:<object(.*)>(.*)<\/object>)
- [~] Matched string: ' + _objPar + '
- [+] [27] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 8aecd4e4bee930ec05aa75910167814dba1659d59b38559bb3fd1dcdd0f2ba03
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/js/?%3E%22'%3E%3Cmy_tag_7db2cb1a171eda8e5e5b3f3f4dfa522a1ff16d8796d6e82669b5c9d652ab7f19/%3E=
- [~] Element: server
- [~] Method: GET
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/js/?%3E%22'%3E%3Cmy_tag_7db2cb1a171eda8e5e5b3f3f4dfa522a1ff16d8796d6e82669b5c9d652ab7f19/%3E=
- [~] ID: Code: 403
- [~] Regular expression:
- [+] [28] Trusted -- Interesting response
- [~] ~~~~~~~~~~~~~~~~~~~~
- [~] ID Hash: 5c88eb93b19ab8aaa8e9997f469823ee3e1217afb03cb081a862bf2bf597b464
- [~] Severity: Informational
- [~] URL: http://pmsclan.com/js/Arachni-7db2c
- [~] Element: server
- [~] Method: PUT
- [~] Tags: interesting, response, server
- [~] Description:
- [~] The server responded with a non 200 (OK) nor 404
- (Not Found) status code. This is a non-issue, however exotic HTTP
- response status codes can provide useful insights into the behavior
- of the web application and assist with the penetration test.
- [~] Requires manual verification?: false
- [~] References:
- [~] w3.org - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
- [*] Variations
- [~] ----------
- [~] Variation 1:
- [~] URL: http://pmsclan.com/js/Arachni-7db2c
- [~] ID: Code: 405
- [~] Regular expression:
- [+] Plugin data:
- [~] ---------------
- [*] Health map
- [~] ~~~~~~~~~~~~~~
- [~] Description: Generates a simple list of safe/unsafe URLs.
- [~] Legend:
- [+] No issues
- [-] Has issues
- [-] http://pmsclan.com/
- [+] http://pmsclan.com/favicon.ico
- [-] http://pmsclan.com/forum/
- [+] http://pmsclan.com/forum/forumdisplay.php
- [+] http://pmsclan.com/forum/index.php
- [+] http://pmsclan.com/forum/login.php
- [+] http://pmsclan.com/forum/search.php
- [-] http://pmsclan.com/js/ufo.js
- [-] http://pmsclan.com/forum/login.php?do=login
- [-] http://pmsclan.com/forum/archive/
- [-] http://pmsclan.com/robots.txt
- [-] http://pmsclan.com/cgi-bin/
- [-] http://pmsclan.com/cache/
- [-] http://pmsclan.com/classes/
- [-] http://pmsclan.com/data/
- [-] http://pmsclan.com/administrator/
- [-] http://pmsclan.com/Arachni-7db2c
- [-] http://pmsclan.com/forum/Arachni-7db2c
- [-] http://pmsclan.com/js/?%3E%22'%3E%3Cmy_tag_7db2cb1a171eda8e5e5b3f3f4dfa522a1ff16d8796d6e82669b5c9d652ab7f19/%3E=
- [-] http://pmsclan.com/js/Arachni-7db2c
- [~] Total: 20
- [+] Without issues: 5
- [-] With issues: 15 ( 75% )
- [*] Resolver
- [~] ~~~~~~~~~~~~~~
- [~] Description: Resolves vulnerable hostnames to IP addresses.
- [~] pmsclan.com: 216.58.155.70
- [*] Uniformity (Lack of central sanitization)
- [~] ~~~~~~~~~~~~~~
- [~] Description: Analyzes the scan results and logs issues which persist across different pages.
- This is usually a sign for a lack of a central/single point of input sanitization,
- a bad coding practise.
- [~] Relevant issues:
- [~] --------------------
- [+] Unencrypted password form in form variable 'vb_login_password' using GET at the following pages:
- [~] http://pmsclan.com/ (Issue #3 - Hash ID: 94277c626f906fb11e1b8aac662022ef42f6038373ac7626132f5cae248c4f49 )
- [~] http://pmsclan.com/forum/ (Issue #5 - Hash ID: c30432a029a25c047826a157a6117dac0fafdf2a42c60ef25859717ec12d9c1e )
- [~] 100.0% [============================================================>] 100%
- [~] Est. remaining time: 00:00:00
- [~] Crawler has discovered 18 pages.
- [~] Sent 13472 requests.
- [~] Received and analyzed 13472 responses.
- [~] In 02:51:45
- [~] Average: 1 requests/second.
- [~] Currently auditing http://pmsclan.com/js/ufo.js
- [~] Burst response time total 0
- [~] Burst response count total 0
- [~] Burst average response time 0
- [~] Burst average 0 requests/second
- [~] Timed-out requests 468
- [~] Original max concurrency 20
- [~] Throttled max concurrency 20
- by n0 1dentity - Phoenix. Get shitted on PMSCLAN.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement