Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Greetings Anonymous,
- Here's a little update on our targets...
- 7dog.com --
- ---------------------------------------------------------------------------
- + Target IP: 216.17.104.76
- + Target Hostname: 7dog.com
- + Target Port: 80
- + Start Time: 2012-10-06 19:04:13
- ---------------------------------------------------------------------------
- + Server: Apache
- + Retrieved x-powered-by header: PHP/5.2.17
- + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-3931: /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-3931: /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-2799: /cgi-bin/dose.pl?daily&somefile.txt&|ls|: DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
- + OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + OSVDB-3233: /icons/README: Apache default file found.
- + 6448 items checked: 35 error(s) and 12 item(s) reported on remote host
- -------------------------------------------------------------------------------
- zoo-movs.com --
- ---------------------------------------------------------------------------
- + Target IP: 69.65.42.164
- + Target Hostname: ZOO-MOVS.COM
- + Target Port: 80
- + Start Time: 2012-10-06 18:58:36
- ---------------------------------------------------------------------------
- + Server: Apache
- + Retrieved x-powered-by header: PHP/5.2.17
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + OSVDB-3268: /icons/: Directory indexing found.
- + OSVDB-3233: /icons/README: Apache default file found.
- + 6448 items checked: 10 error(s) and 6 item(s) reported on remote host
- ---------------------------------------------------------------------------
- animalsexporn.com --
- ---------------------------------------------------------------------------
- + Target IP: 85.17.87.129
- + Target Hostname: animalsexporn.net
- + Target Port: 80
- + Start Time: 2012-10-09 18:01:55
- ---------------------------------------------------------------------------
- + Server: Apache/2
- + Retrieved x-powered-by header: PHP/5.2.17
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Number of sections in the version string differ from those in the database, the server reports: apache/2 while the database has: 2.2.17. This may cause false positives.
- + Apache/2 appears to be outdated (current is at least Apache/2.2.17). Apache 1.3.42 (final release) and 2.0.64 are also current.
- + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + OSVDB-3233: /icons/README: Apache default file found.
- + 6448 items checked: 9 error(s) and 6 item(s) reported on remote host
- ---------------------------------------------------------------------------
- beastnow.com --
- ---------------------------------------------------------------------------
- + Target IP: 178.237.36.44
- + Target Hostname: beastnow.com
- + Target Port: 80
- + Start Time: 2012-10-09 17:58:23
- ---------------------------------------------------------------------------
- + Server: Apache/2.2.3 (CentOS)
- + Root page / redirects to: http://www.beastnow.com/
- + Apache/2.2.3 appears to be outdated (current is at least Apache/2.2.17). Apache 1.3.42 (final release) and 2.0.64 are also current.
- + OSVDB-637: Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-3268: /icons/: Directory indexing found.
- + OSVDB-3233: /icons/README: Apache default file found.
- + 6448 items checked: 1 error(s) and 9 item(s) reported on remote host
- ------------------------------------------------------------------------------------
- More to come soon... Deface if you like.
- Expect us.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement