API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 22nd, 2018
830
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.83 KB | None | 0 0
raw download clone embed print report
  1. █[1]█
  2.  
  3.  
  4.  
  5. █[2]█
  6.  
  7.  
  8.  
  9. █[3]█
  10.  
  11.  
  12.  
  13. ╔════════════════════════════════════════════════════════════════╗
  14. ║ YUKI-CHAN STARTED ║
  15. ╚════════════════════════════════════════════════════════════════╝
  16.  
  17. ╔════════════════════════════════════════════════════════════════╗
  18. ║ Let's Find Who The Hell Is This Owner ║
  19. ╚════════════════════════════════════════════════════════════════╝
  20.  
  21. whois looking up (if not run maybe not installed in your OS)
  22. Domain Name: VENTUREWORLDS.ONLINE
  23. Registry Domain ID: D58405088-CNIC
  24. Registrar WHOIS Server: whois.namecheap.com
  25. Registrar URL:
  26. Updated Date: 2018-02-02T09:58:39.0Z
  27. Creation Date: 2017-12-22T13:40:10.0Z
  28. Registry Expiry Date: 2018-12-22T23:59:59.0Z
  29. Registrar: Namecheap
  30. Registrar IANA ID: 1068
  31. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  32. Registry Registrant ID: C169633953-CNIC
  33. Registrant Name: WhoisGuard Protected
  34. Registrant Organization: WhoisGuard, Inc.
  35. Registrant Street: P.O. Box 0823-03411
  36. Registrant City: Panama
  37. Registrant State/Province: Panama
  38. Registrant Postal Code:
  39. Registrant Country: PA
  40. Registrant Phone: +507.8365503
  41. Registrant Fax: +51.17057182
  42. Registrant Email: 1834e138b0e64d4a8d93e132f7c2fe6f.protect@whoisguard.com
  43. Registry Admin ID: C169633958-CNIC
  44. Admin Name: WhoisGuard Protected
  45. Admin Organization: WhoisGuard, Inc.
  46. Admin Street: P.O. Box 0823-03411
  47. Admin City: Panama
  48. Admin State/Province: Panama
  49. Admin Postal Code:
  50. Admin Country: PA
  51. Admin Phone: +507.8365503
  52. Admin Fax: +51.17057182
  53. Admin Email: 1834e138b0e64d4a8d93e132f7c2fe6f.protect@whoisguard.com
  54. Registry Tech ID: C169633963-CNIC
  55. Tech Name: WhoisGuard Protected
  56. Tech Organization: WhoisGuard, Inc.
  57. Tech Street: P.O. Box 0823-03411
  58. Tech City: Panama
  59. Tech State/Province: Panama
  60. Tech Postal Code:
  61. Tech Country: PA
  62. Tech Phone: +507.8365503
  63. Tech Fax: +51.17057182
  64. Tech Email: 1834e138b0e64d4a8d93e132f7c2fe6f.protect@whoisguard.com
  65. Name Server: AMY.NS.CLOUDFLARE.COM
  66. Name Server: OWEN.NS.CLOUDFLARE.COM
  67. DNSSEC: unsigned
  68. Registry Billing ID: C169633968-CNIC
  69. Billing Name: WhoisGuard Protected
  70. Billing Organization: WhoisGuard, Inc.
  71. Billing Street: P.O. Box 0823-03411
  72. Billing City: Panama
  73. Billing State/Province: Panama
  74. Billing Postal Code:
  75. Billing Country: PA
  76. Billing Phone: +507.8365503
  77. Billing Fax: +51.17057182
  78. Billing Email: 1834e138b0e64d4a8d93e132f7c2fe6f.protect@whoisguard.com
  79. Registrar Abuse Contact Email: abuse@namecheap.com
  80. Registrar Abuse Contact Phone: +1.6613102107
  81. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  82. >>> Last update of WHOIS database: 2018-04-22T17:26:02.0Z <<<
  83.  
  84. For more information on Whois status codes, please visit https://icann.org/epp
  85.  
  86. This whois service is provided by CentralNic Ltd and only contains
  87. information pertaining to Internet domain names registered by our
  88. our customers. By using this service you are agreeing (1) not to use any
  89. information presented here for any purpose other than determining
  90. ownership of domain names, (2) not to store or reproduce this data in
  91. any way, (3) not to use any high-volume, automated, electronic processes
  92. to obtain data from this service. Abuse of this service is monitored and
  93. actions in contravention of these terms will result in being permanently
  94. blacklisted. All data is (c) CentralNic Ltd https://www.centralnic.com/
  95.  
  96. Access to the whois service is rate limited. For more information, please
  97. see https://registrar-console.centralnic.com/pub/whois_guidance.
  98.  
  99. whois looking up finished
  100.  
  101. nslooking up (if not run maybe not installed in your OS)
  102. Server: 1.1.1.1
  103. Address: 1.1.1.1#53
  104.  
  105. Non-authoritative answer:
  106. Name: ventureworlds.online
  107. Address: 104.24.110.217
  108. Name: ventureworlds.online
  109. Address: 104.24.111.217
  110. Name: ventureworlds.online
  111. Address: 2400:cb00:2048:1::6818:6ed9
  112. Name: ventureworlds.online
  113. Address: 2400:cb00:2048:1::6818:6fd9
  114.  
  115. nslooking up finished
  116.  
  117. scanning with nmap (if not run maybe not installed in your OS)
  118. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-22 13:26 EDT
  119. Initiating Ping Scan at 13:26
  120. Scanning ventureworlds.online (104.24.110.217) [4 ports]
  121. Completed Ping Scan at 13:26, 0.00s elapsed (1 total hosts)
  122. Initiating Parallel DNS resolution of 1 host. at 13:26
  123. Completed Parallel DNS resolution of 1 host. at 13:26, 0.08s elapsed
  124. Initiating SYN Stealth Scan at 13:26
  125. Scanning ventureworlds.online (104.24.110.217) [1000 ports]
  126. Discovered open port 80/tcp on 104.24.110.217
  127. Discovered open port 443/tcp on 104.24.110.217
  128. Discovered open port 8080/tcp on 104.24.110.217
  129. Completed SYN Stealth Scan at 13:26, 4.93s elapsed (1000 total ports)
  130. Initiating OS detection (try #1) against ventureworlds.online (104.24.110.217)
  131. Retrying OS detection (try #2) against ventureworlds.online (104.24.110.217)
  132. Nmap scan report for ventureworlds.online (104.24.110.217)
  133. Host is up (0.010s latency).
  134. Other addresses for ventureworlds.online (not scanned): 104.24.111.217 2400:cb00:2048:1::6818:6ed9 2400:cb00:2048:1::6818:6fd9
  135. Not shown: 997 filtered ports
  136. PORT STATE SERVICE
  137. 80/tcp open http
  138. 443/tcp open https
  139. 8080/tcp open http-proxy
  140. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  141. Device type: bridge|general purpose
  142. Running (JUST GUESSING): Oracle Virtualbox (98%), QEMU (93%)
  143. OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu
  144. Aggressive OS guesses: Oracle Virtualbox (98%), QEMU user mode network gateway (93%)
  145. No exact OS matches for host (test conditions non-ideal).
  146.  
  147. Read data files from: /usr/bin/../share/nmap
  148. OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  149. Nmap done: 1 IP address (1 host up) scanned in 8.94 seconds
  150. Raw packets sent: 2051 (93.496KB) | Rcvd: 36 (2.008KB)
  151. scanning with nmap finished
  152.  
  153. starting the harvester for gathering email and subdomain information
  154.  
  155. *******************************************************************
  156. * *
  157. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
  158. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  159. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
  160. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
  161. * *
  162. * TheHarvester Ver. 2.7 *
  163. * Coded by Christian Martorella *
  164. * Edge-Security Research *
  165. * cmartorella@edge-security.com *
  166. *******************************************************************
  167.  
  168.  
  169. [-] Searching in Google:
  170. Searching 0 results...
  171. Searching 100 results...
  172. Searching 200 results...
  173. Searching 300 results...
  174. Searching 400 results...
  175. Searching 500 results...
  176.  
  177.  
  178. [+] Emails found:
  179. ------------------
  180. No emails found
  181.  
  182. [+] Hosts found in search engines:
  183. ------------------------------------
  184. No hosts found
  185. the harvester finished
  186.  
  187. starting metagoofil for gathering document maybe important
  188.  
  189. ******************************************************
  190. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
  191. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
  192. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
  193. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
  194. * |___/ *
  195. * Metagoofil Ver 2.2 *
  196. * Christian Martorella *
  197. * Edge-Security.com *
  198. * cmartorella_at_edge-security.com *
  199. ******************************************************
  200.  
  201. [-] Starting online search...
  202.  
  203. [-] Searching for doc files, with a limit of 200
  204. Searching 100 results...
  205. Searching 200 results...
  206. Results: 0 files found
  207. Starting to download 50 of them:
  208. ----------------------------------------
  209.  
  210.  
  211. [-] Searching for pdf files, with a limit of 200
  212. Searching 100 results...
  213. Searching 200 results...
  214. Results: 0 files found
  215. Starting to download 50 of them:
  216. ----------------------------------------
  217.  
  218.  
  219. [-] Searching for xls files, with a limit of 200
  220. Searching 100 results...
  221. Searching 200 results...
  222. Results: 0 files found
  223. Starting to download 50 of them:
  224. ----------------------------------------
  225.  
  226.  
  227. [-] Searching for csv files, with a limit of 200
  228. Searching 100 results...
  229. Searching 200 results...
  230. Results: 0 files found
  231. Starting to download 50 of them:
  232. ----------------------------------------
  233.  
  234.  
  235. [-] Searching for txt files, with a limit of 200
  236. Searching 100 results...
  237. Searching 200 results...
  238. Results: 0 files found
  239. Starting to download 50 of them:
  240. ----------------------------------------
  241.  
  242. processing
  243. user
  244. email
  245.  
  246. [+] List of users found:
  247. --------------------------
  248.  
  249. [+] List of software found:
  250. -----------------------------
  251.  
  252. [+] List of paths and servers found:
  253. ---------------------------------------
  254.  
  255. [+] List of e-mails found:
  256. ----------------------------
  257. metagoofil finished
  258.  
  259. starting dnsrecon for gathering DNS record
  260. [*] Performing General Enumeration of Domain: ventureworlds.online
  261. [*] Checking for Zone Transfer for ventureworlds.online name servers
  262. [*] Resolving SOA Record
  263. [+] SOA amy.ns.cloudflare.com 173.245.58.101
  264. [*] Resolving NS Records
  265. [*] NS Servers found:
  266. [*] NS amy.ns.cloudflare.com 173.245.58.101
  267. [*] NS amy.ns.cloudflare.com 2400:cb00:2049:1::adf5:3a65
  268. [*] NS owen.ns.cloudflare.com 173.245.59.219
  269. [*] NS owen.ns.cloudflare.com 2400:cb00:2049:1::adf5:3bdb
  270. [*] Removing any duplicate NS server IP Addresses...
  271. [*]
  272. [*] Trying NS server 2400:cb00:2049:1::adf5:3a65
  273. [-] Zone Transfer Failed for 2400:cb00:2049:1::adf5:3a65!
  274. [-] Port 53 TCP is being filtered
  275. [*]
  276. [*] Trying NS server 2400:cb00:2049:1::adf5:3bdb
  277. [-] Zone Transfer Failed for 2400:cb00:2049:1::adf5:3bdb!
  278. [-] Port 53 TCP is being filtered
  279. [*]
  280. [*] Trying NS server 173.245.59.219
  281. [+] 173.245.59.219 Has port 53 TCP Open
  282. [-] Zone Transfer Failed!
  283. [-] No answer or RRset not for qname
  284. [*]
  285. [*] Trying NS server 173.245.58.101
  286. [+] 173.245.58.101 Has port 53 TCP Open
  287. [-] Zone Transfer Failed!
  288. [-] No answer or RRset not for qname
  289. [*] Checking for Zone Transfer for ventureworlds.online name servers
  290. [*] Resolving SOA Record
  291. [+] SOA amy.ns.cloudflare.com 173.245.58.101
  292. [*] Resolving NS Records
  293. [*] NS Servers found:
  294. [*] NS amy.ns.cloudflare.com 173.245.58.101
  295. [*] NS amy.ns.cloudflare.com 2400:cb00:2049:1::adf5:3a65
  296. [*] NS owen.ns.cloudflare.com 173.245.59.219
  297. [*] NS owen.ns.cloudflare.com 2400:cb00:2049:1::adf5:3bdb
  298. [*] Removing any duplicate NS server IP Addresses...
  299. [*]
  300. [*] Trying NS server 2400:cb00:2049:1::adf5:3a65
  301. [-] Zone Transfer Failed for 2400:cb00:2049:1::adf5:3a65!
  302. [-] Port 53 TCP is being filtered
  303. [*]
  304. [*] Trying NS server 2400:cb00:2049:1::adf5:3bdb
  305. [-] Zone Transfer Failed for 2400:cb00:2049:1::adf5:3bdb!
  306. [-] Port 53 TCP is being filtered
  307. [*]
  308. [*] Trying NS server 173.245.59.219
  309. [+] 173.245.59.219 Has port 53 TCP Open
  310. [-] Zone Transfer Failed!
  311. [-] No answer or RRset not for qname
  312. [*]
  313. [*] Trying NS server 173.245.58.101
  314. [+] 173.245.58.101 Has port 53 TCP Open
  315. [-] Zone Transfer Failed!
  316. [-] No answer or RRset not for qname
  317. [-] DNSSEC is not configured for ventureworlds.online
  318. [*] SOA amy.ns.cloudflare.com 173.245.58.101
  319. [*] NS amy.ns.cloudflare.com 173.245.58.101
  320. [*] Bind Version for 173.245.58.101 20171212
  321. [*] NS amy.ns.cloudflare.com 2400:cb00:2049:1::adf5:3a65
  322. [*] NS owen.ns.cloudflare.com 173.245.59.219
  323. [*] Bind Version for 173.245.59.219 20171212
  324. [*] NS owen.ns.cloudflare.com 2400:cb00:2049:1::adf5:3bdb
  325. [-] Could not Resolve MX Records for ventureworlds.online
  326. [*] A ventureworlds.online 104.24.110.217
  327. [*] A ventureworlds.online 104.24.111.217
  328. [*] AAAA ventureworlds.online 2400:cb00:2048:1::6818:6ed9
  329. [*] AAAA ventureworlds.online 2400:cb00:2048:1::6818:6fd9
  330. [*] Enumerating SRV Records
  331. [-] No SRV Records Found for ventureworlds.online
  332. [+] 0 Records Found
  333. [*] Performing Google Search Enumeration
  334. [-] Google has detected the search as 'bot activity, stopping search...
  335. dnsrecon finished
  336.  
  337.  
  338. ; <<>> DiG 9.11.2-5-Debian <<>> -x ventureworlds.online
  339. ;; global options: +cmd
  340. ;; Got answer:
  341. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22301
  342. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  343.  
  344. ;; OPT PSEUDOSECTION:
  345. ; EDNS: version: 0, flags:; udp: 1536
  346. ;; QUESTION SECTION:
  347. ;online.ventureworlds.in-addr.arpa. IN PTR
  348.  
  349. ;; AUTHORITY SECTION:
  350. in-addr.arpa. 2196 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013348 1800 900 604800 3600
  351.  
  352. ;; Query time: 23 msec
  353. ;; SERVER: 1.1.1.1#53(1.1.1.1)
  354. ;; WHEN: Sun Apr 22 13:26:38 EDT 2018
  355. ;; MSG SIZE rcvd: 130
  356.  
  357.  
  358. ____ _ _ _ _ _____
  359. / ___| _ _| |__ | (_)___| |_|___ / _ __
  360. \___ \| | | | '_ \| | / __| __| |_ \| '__|
  361. ___) | |_| | |_) | | \__ \ |_ ___) | |
  362. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
  363.  
  364. # Coded By Ahmed Aboul-Ela - @aboul3la
  365.  
  366. [-] Enumerating subdomains now for ventureworlds.online
  367. [-] Searching now in Baidu..
  368. [-] Searching now in Yahoo..
  369. [-] Searching now in Google..
  370. [-] Searching now in Bing..
  371. [-] Searching now in Ask..
  372. [-] Searching now in Netcraft..
  373. [-] Searching now in DNSdumpster..
  374. [-] Searching now in Virustotal..
  375. [-] Searching now in ThreatCrowd..
  376. [-] Searching now in SSL Certificates..
  377. [-] Searching now in PassiveDNS..
  378. [-] Total Unique Subdomains Found: 4
  379. www.ventureworlds.online
  380. iu.ventureworlds.online
  381. log.ventureworlds.online
  382. zeeplay.ventureworlds.online
  383.  
  384. ╔════════════════════════════════════════════════════════════════╗
  385. ║ Got It :v wkwkwkwkwk ║
  386. ╚════════════════════════════════════════════════════════════════╝
  387.  
  388. ╔════════════════════════════════════════════════════════════════╗
  389. ║ Web Application Firewall Scanning Starting ║
  390. ╚════════════════════════════════════════════════════════════════╝
  391.  
  392. scanning WAF with wafw00f
  393.  
  394. ^ ^
  395. _ __ _ ____ _ __ _ _ ____
  396. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  397. | V V // o // _/ | V V // 0 // 0 // _/
  398. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  399. <
  400. ...'
  401.  
  402. WAFW00F - Web Application Firewall Detection Tool
  403.  
  404. By Sandro Gauci && Wendel G. Henrique
  405.  
  406. Checking http://ventureworlds.online
  407. The site http://ventureworlds.online is behind a CloudFlare
  408. Number of requests: 1
  409. scanning finished next...
  410.  
  411. try bypass WAF with wafninja
  412. ./yuki.sh: line 139: ./wafninja: Permission denied
  413.  
  414.  
  415. ╔════════════════════════════════════════════════════════════════╗
  416. ║ Web Application Firewall Scanning Finished ║
  417. ╚════════════════════════════════════════════════════════════════╝
  418.  
  419. ╔════════════════════════════════════════════════════════════════╗
  420. ║ XSS Scanning Starting ║
  421. ╚════════════════════════════════════════════════════════════════╝
  422.  
  423.  
  424. XssPy - Finding XSS made easier
  425. Author: Faizan Ahmad (Fsecurify)
  426. Email: fsecurify@gmail.com
  427. Usage: XssPy.py website.com (Not www.website.com OR http://www.website.com)
  428. Comprehensive Scan: python XssPy.py -u website.com -e
  429. Verbose logging: python XssPy.py -u website.com -v
  430. Cookies: python XssPy.py -u website.complex -c name=val name=val
  431.  
  432. Description: XssPy is a python tool for finding Cross Site Scripting
  433. vulnerabilities in websites. This tool is the first of its kind.
  434. Instead of just checking one page as most of the tools do, this tool
  435. traverses the website and find all the links and subdomains first.
  436. After that, it starts scanning each and every input on each and every
  437. page that it found while its traversal. It uses small yet effective
  438. payloads to search for XSS vulnerabilities. XSS in many high
  439. profile websites and educational institutes has been found
  440. by using this very tool.
  441.  
  442. [13:27:11] Doing a short traversal.
  443. [13:27:11] Number of links to test are: 0
  444. [13:27:11] Started finding XSS
  445. [13:27:11] No link found, exiting
  446. ╔════════════════════════════════════════════════════════════════╗
  447. ║ XSS Scanning Finished ║
  448. ╚════════════════════════════════════════════════════════════════╝
  449.  
  450. ╔════════════════════════════════════════════════════════════════╗
  451. ║ Web / CMS Vulnerability Scanning Starting ║
  452. ╚════════════════════════════════════════════════════════════════╝
  453. checking web with whatweb (if not run maybe not installed in your OS)
  454. ./yuki.sh: line 159: ./Module/WhatWeb/whatweb: Permission denied
  455.  
  456.  
  457. checking web with spaghetti
  458. _____ _ _ _ _
  459. | __|___ ___ ___| |_ ___| |_| |_|_|
  460. |__ | . | .'| . | | -_| _| _| |
  461. |_____| _|__,|_ |_|_|___|_| |_| |_|
  462. |_| |___| v0.1.0
  463.  
  464. || Spaghetti - Web Application Security Scanner
  465. || Codename - "Pasta"
  466. || Momo Outaadi (M4ll0k)
  467. || https://github.com/m4ll0k/Spaghetti
  468.  
  469. [+] Target: http://ventureworlds.online
  470. [+] IP: Host name lookup failure
  471. [+] Starting: 22/04/2018 13:27:12
  472.  
  473. [+] Server: cloudflare
  474. [+] Firewall: CloudFlare Web Application Firewall (CloudFlare)
  475. [+] Uncommon header 'Cache-Control' found, with contents: no-cache
  476. [+] Uncommon header 'X-Frame-Options' found, with contents: SAMEORIGIN
  477.  
  478. ╔════════════════════════════════════════════════════════════════╗
  479. ║ Scan Wordpress Starting ║
  480. ╚════════════════════════════════════════════════════════════════╝
  481. start scanning wpscan.rb (if not run maybe not installed in your OS)
  482. _______________________________________________________________
  483. __ _______ _____
  484. \ \ / / __ \ / ____|
  485. \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
  486. \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
  487. \ /\ / | | ____) | (__| (_| | | | |
  488. \/ \/ |_| |_____/ \___|\__,_|_| |_|
  489.  
  490. WordPress Security Scanner by the WPScan Team
  491. Version 2.9.3
  492. Sponsored by Sucuri - https://sucuri.net
  493. @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
  494. _______________________________________________________________
  495.  
  496.  
  497. [!] The remote website is up, but does not seem to be running WordPress.
  498.  
  499. If Your OS Doesn't Have WPScan
  500. Dont Worry Dude I Have Alternative Scanner For You
  501. Next Time Use Kali Linux if you want this tool work perfectly
  502.  
  503.  
  504. _ _______
  505. | | | | ___ \
  506. | | | | |_/ /__ ___ __ _ _ __ _ __ ___ _ __
  507. | |/\| | __/ __|/ __/ _` | '_ \| '_ \ / _ \ '__|
  508. \ /\ / | \__ \ (_| (_| | | | | | | | __/ |
  509. \/ \/\_| |___/\___\__,_|_| |_|_| |_|\___|_|
  510.  
  511. Wpscanner@WordPress Users Scanner
  512.  
  513. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  514. > GITHUB : www.github.com/KyxRecon >
  515. > SITE : www.kyxhack.blogspot.mx >
  516. > >
  517. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  518.  
  519. [+]: Scanning http://ventureworlds.online/
  520. [ERROR]: Could not find anything, or something went wrong!
  521. [+] Expected folder returned status '503', expected file returned not found status.
  522. [+] It is possible that http://ventureworlds.online/ is not running wordpress. If you disagree, please specify a --method.
  523. __ ______ ____ _
  524. \ \ / / _ \/ ___| ___| | ___ _
  525. \ \ /\ / /| |_) \___ \ / _ \ |/ / | | |
  526. \ V V / | __/ ___) | __/ <| |_| |
  527. \_/\_/ |_| |____/ \___|_|\_\\__,_|
  528.  
  529. || WPSeku - Wordpress Security Scanner
  530. || Version 0.2.1
  531. || Momo Outaadi (M4ll0k)
  532. || https://github.com/m4ll0k/WPSeku
  533.  
  534. [+] Target: http://ventureworlds.online
  535. [+] Starting: 22/04/2018 13:27:15
  536.  
  537.  
  538. [*] Checking sitemap...
  539. [-] sitemap.xml not available
  540. [*] Checking license...
  541. [-] license.txt not available
  542. [*] Checking robots...
  543. [*] Checking crossdomain...
  544. [-] crossdomain.xml not available
  545. [*] Checking readme...
  546. [-] readme.html not available
  547. [*] Checking .htaccess...
  548. [-] .htaccess not available
  549. [*] Checking xmlrpc...
  550. [-] XML-RPC not available
  551. [*] Checking Full Path Disclosure...
  552. [-] Full Path Disclosure not available
  553. [*] Checking wp-config...
  554. [-] wp-config not available
  555. [*] Checking wp-config-sample...
  556. [-] wp-config-sample not available
  557. [*] Checking wp-config backup...
  558. [-] wp-config.php~ backup not available
  559. [-] wp-config.backup backup not available
  560. [-] wp-config.bck backup not available
  561. [-] wp-config.old backup not available
  562. [-] wp-config.save backup not available
  563. [-] wp-config.bak backup not available
  564. [-] wp-config.copy backup not available
  565. [-] wp-config.tmp backup not available
  566. [-] wp-config.txt backup not available
  567. [-] wp-config.zip backup not available
  568. [-] wp-config.db backup not available
  569. [-] wp-config.dat backup not available
  570. [-] wp-config.tar.gz backup not available
  571. [-] wp-config.back backup not available
  572. [-] wp-config.test backup not available
  573. [-] wp-config.temp backup not available
  574. [-] wp-config.orig backup not available
  575. [*] Checking dir listing...
  576. [-] dir /wp-admin not listing enabled
  577. [-] dir /wp-includes not listing enabled
  578. [-] dir /wp-content/uploads not listing enabled
  579. [-] dir /wp-content/plugins not listing enabled
  580. [-] dir /wp-content/themes not listing enabled
  581. [*] Interesting headers...
  582.  
  583. Cache-Control: no-cache
  584. Connection: close
  585. Content-Type: text/html; charset=UTF-8
  586. Date: Sun, 22 Apr 2018 17:27:20 GMT
  587. Server: cloudflare
  588. Set-Cookie: __cfduid=d1203ac24e9200b84a3c945598df7b8031524418040; expires=Mon, 22-Apr-19 17:27:20 GMT; path=/; domain=.ventureworlds.online; HttpOnly
  589. Transfer-Encoding: chunked
  590. X-Frame-Options: SAMEORIGIN
  591.  
  592. [*] Checking WAF...
  593. [*] Checking wp-login protection...
  594. [*] Checking wordpress version...
  595. [*] Enumeration themes...
  596. | Not found themes
  597. [*] Enumeration plugins...
  598. [*] Enumeration usernames...
  599. | Not found usernames
  600. ╔════════════════════════════════════════════════════════════════╗
  601. ║ Scan Wordpress Finished ║
  602. ╚════════════════════════════════════════════════════════════════╝
  603.  
  604.  
  605. ╔════════════════════════════════════════════════════════════════╗
  606. ║ Scan Joomla Starting ║
  607. ╚════════════════════════════════════════════════════════════════╝
  608. start scanning
  609. ./yuki.sh: line 187: ./joomscan: Permission denied
  610. ^C
  611. Shutting down...
  612. ╔════════════════════════════════════════════════════════════════╗
  613. ║ Scan Joomla Finished ║
  614. ╚════════════════════════════════════════════════════════════════╝
  615.  
  616. ╔════════════════════════════════════════════════════════════════╗
  617. ║ Scan Other CMS Starting ║
  618. ╚════════════════════════════════════════════════════════════════╝
  619.  
  620.  
  621. scan drupal cms
  622. [+] Expected folder returned status '503', expected file returned not found status.
  623. [+] It is possible that http://ventureworlds.online/ is not running drupal. If you disagree, please specify a --method.
  624. scan dupal cms finished next....
  625.  
  626. scan silverstripe cms
  627. [+] Expected folder returned status '503', expected file returned not found status.
  628. [+] It is possible that http://ventureworlds.online/ is not running silverstripe. If you disagree, please specify a --method.
  629. scan silverstripe cms finished next.....
  630.  
  631. scan moodle cms
  632. [+] Expected folder returned status '503', expected file returned not found status.
  633. [+] It is possible that http://ventureworlds.online/ is not running moodle. If you disagree, please specify a --method.
  634. scan moodle cms finished next.....
  635.  
  636.  
  637. ╔════════════════════════════════════════════════════════════════╗
  638. ║ Scan Other CMS Finished ║
  639. ╚════════════════════════════════════════════════════════════════╝
  640.  
  641. ╔════════════════════════════════════════════════════════════════╗
  642. ║ Web / CMS Vulnerability Scanning Finished ║
  643. ╚════════════════════════════════════════════════════════════════╝
  644.  
  645. ╔════════════════════════════════════════════════════════════════╗
  646. ║ SSL Vulnerability Scanning Starting ║
  647. ╚════════════════════════════════════════════════════════════════╝
  648. starting sslscan (if not run maybe not installed in your OS)
  649. Version: 1.11.10-static
  650. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  651.  
  652. Testing SSL server ventureworlds.online on port 443 using SNI name ventureworlds.online
  653.  
  654. TLS Fallback SCSV:
  655. Server supports TLS Fallback SCSV
  656.  
  657. TLS renegotiation:
  658. Secure session renegotiation supported
  659.  
  660. TLS Compression:
  661. Compression disabled
  662.  
  663. Heartbleed:
  664. TLS 1.2 not vulnerable to heartbleed
  665. TLS 1.1 not vulnerable to heartbleed
  666. TLS 1.0 not vulnerable to heartbleed
  667.  
  668. Supported Server Cipher(s):
  669. Preferred TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
  670. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  671. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
  672. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256
  673. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  674. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
  675. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256
  676. Preferred TLSv1.1 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
  677. Accepted TLSv1.1 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
  678. Preferred TLSv1.0 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
  679. Accepted TLSv1.0 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
  680. ^C
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!