Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- '---'
- --------------------------------------------------------------------------
- + Target IP: 164.77.218.22
- + Target Hostname: 164.77.218.22
- + Target Port: 80
- + Start Time: 2021-06-14 18:51:09 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: nginx
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Server may leak inodes via ETags, header found with file /, inode: c9f, size: 5be160e4434d0, mtime: gzip
- + Allowed HTTP Methods: GET, POST, OPTIONS, HEAD, TRACE
- + OSVDB-3092: /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
- ^[[
- + Uncommon header 'x-ob_mode' found, with contents: 1
- + /phpmyadmin/: phpMyAdmin directory found
- + OSVDB-3092: /phpmyadmin/README: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
- + 8068 requests: 0 error(s) and 9 item(s) reported on remote host
- + End Time: 2021-06-14 19:22:07 (GMT-4) (1858 seconds)
- Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-14 19:14 EDT
- Stats: 0:02:36 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
- Service scan Timing: About 91.67% done; ETC: 19:17 (0:00:13 remaining)
- Nmap scan report for panel.rodrix.ml (164.77.218.22)
- Host is up (0.10s latency).
- Not shown: 988 filtered ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp?
- 22/tcp open ssh OpenSSH 7.4p1 (protocol 2.0)
- 25/tcp open smtp Exim smtpd
- 53/tcp open domain (generic dns response: NOTIMP)
- 80/tcp open http nginx
- 110/tcp open pop3
- 143/tcp open imap?
- 443/tcp open ssl/http nginx
- 465/tcp open ssl/smtps?
- 587/tcp open smtp Exim smtpd
- 993/tcp open ssl/imap Dovecot imapd
- 8083/tcp open http nginx
- 5 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port21-TCP:V=7.91%I=7%D=6/14%Time=60C7E308%P=x86_64-pc-linux-gnu%r(NULL
- SF:,37,"220\x20Welcome!\x20Please\x20note\x20that\x20all\x20activity\x20is
- SF:\x20logged\.\r\n")%r(GenericLines,37,"220\x20Welcome!\x20Please\x20note
- SF:\x20that\x20all\x20activity\x20is\x20logged\.\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port53-TCP:V=7.91%I=7%D=6/14%Time=60C7E317%P=x86_64-pc-linux-gnu%r(DNSS
- SF:tatusRequestTCP,E,"\0\x0c\0\0\x90\x04\0\0\0\0\0\0\0\0");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port110-TCP:V=7.91%I=7%D=6/14%Time=60C7E308%P=x86_64-pc-linux-gnu%r(NUL
- SF:L,19,"\+OK\x20Mail\x20Delivery\x20Agent\r\n")%r(GenericLines,19,"\+OK\x
- SF:20Mail\x20Delivery\x20Agent\r\n")%r(HTTPOptions,47,"\+OK\x20Mail\x20Del
- SF:ivery\x20Agent\r\n-ERR\x20Unknown\x20command\.\r\n-ERR\x20Unknown\x20co
- SF:mmand\.\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port143-TCP:V=7.91%I=7%D=6/14%Time=60C7E308%P=x86_64-pc-linux-gnu%r(NUL
- SF:L,80,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20LITERAL\+\x20SASL-IR\x20
- SF:LOGIN-REFERRALS\x20ID\x20ENABLE\x20IDLE\x20STARTTLS\x20AUTH=PLAIN\x20AU
- SF:TH=LOGIN\]\x20Mail\x20Delivery\x20Agent\r\n")%r(GetRequest,80,"\*\x20OK
- SF:\x20\[CAPABILITY\x20IMAP4rev1\x20LITERAL\+\x20SASL-IR\x20LOGIN-REFERRAL
- SF:S\x20ID\x20ENABLE\x20IDLE\x20STARTTLS\x20AUTH=PLAIN\x20AUTH=LOGIN\]\x20
- SF:Mail\x20Delivery\x20Agent\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port465-TCP:V=7.91%T=SSL%I=7%D=6/14%Time=60C7E319%P=x86_64-pc-linux-gnu
- SF:%r(NULL,15,"220\x20panel\.rodrix\.ml\r\n")%r(Hello,41,"220\x20panel\.ro
- SF:drix\.ml\r\n501\x20Syntactically\x20invalid\x20EHLO\x20argument\(s\)\r\
- SF:n")%r(Help,6A,"220\x20panel\.rodrix\.ml\r\n214-Commands\x20supported:\r
- SF:\n214\x20AUTH\x20HELO\x20EHLO\x20MAIL\x20RCPT\x20DATA\x20BDAT\x20NOOP\x
- SF:20QUIT\x20RSET\x20HELP\r\n")%r(GenericLines,49,"220\x20panel\.rodrix\.m
- SF:l\r\n500\x20unrecognized\x20command\r\n500\x20unrecognized\x20command\r
- SF:\n")%r(GetRequest,49,"220\x20panel\.rodrix\.ml\r\n500\x20unrecognized\x
- SF:20command\r\n500\x20unrecognized\x20command\r\n")%r(HTTPOptions,49,"220
- SF:\x20panel\.rodrix\.ml\r\n500\x20unrecognized\x20command\r\n500\x20unrec
- SF:ognized\x20command\r\n")%r(RTSPRequest,49,"220\x20panel\.rodrix\.ml\r\n
- SF:500\x20unrecognized\x20command\r\n500\x20unrecognized\x20command\r\n")%
- SF:r(RPCCheck,15,"220\x20panel\.rodrix\.ml\r\n")%r(DNSVersionBindReqTCP,15
- SF:,"220\x20panel\.rodrix\.ml\r\n")%r(DNSStatusRequestTCP,15,"220\x20panel
- SF:\.rodrix\.ml\r\n")%r(SSLSessionReq,4B,"220\x20panel\.rodrix\.ml\r\n501\
- SF:x20NULL\x20characters\x20are\x20not\x20allowed\x20in\x20SMTP\x20command
- SF:s\r\n")%r(TerminalServerCookie,4B,"220\x20panel\.rodrix\.ml\r\n501\x20N
- SF:ULL\x20characters\x20are\x20not\x20allowed\x20in\x20SMTP\x20commands\r\
- SF:n")%r(TLSSessionReq,4B,"220\x20panel\.rodrix\.ml\r\n501\x20NULL\x20char
- SF:acters\x20are\x20not\x20allowed\x20in\x20SMTP\x20commands\r\n")%r(Kerbe
- SF:ros,4B,"220\x20panel\.rodrix\.ml\r\n501\x20NULL\x20characters\x20are\x2
- SF:0not\x20allowed\x20in\x20SMTP\x20commands\r\n")%r(SMBProgNeg,15,"220\x2
- SF:0panel\.rodrix\.ml\r\n")%r(X11Probe,15,"220\x20panel\.rodrix\.ml\r\n")%
- SF:r(FourOhFourRequest,49,"220\x20panel\.rodrix\.ml\r\n500\x20unrecognized
- SF:\x20command\r\n500\x20unrecognized\x20command\r\n")%r(LPDString,2F,"220
- SF:\x20panel\.rodrix\.ml\r\n500\x20unrecognized\x20command\r\n")%r(LDAPSea
- SF:rchReq,81,"220\x20panel\.rodrix\.ml\r\n501\x20NULL\x20characters\x20are
- SF:\x20not\x20allowed\x20in\x20SMTP\x20commands\r\n501\x20NULL\x20characte
- SF:rs\x20are\x20not\x20allowed\x20in\x20SMTP\x20commands\r\n")%r(LDAPBindR
- SF:eq,15,"220\x20panel\.rodrix\.ml\r\n");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: bridge
- Running: Oracle Virtualbox
- OS CPE: cpe:/o:oracle:virtualbox
- OS details: Oracle Virtualbox
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 221.69 seconds
- Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
- Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-06-14 19:52:51
- [DATA] max 16 tasks per 1 server, overall 16 tasks, 66 login tries, ~5 tries per task
- [DATA] attacking ftp://164.77.218.22:21/
- [STATUS] 62.00 tries/min, 62 tries in 00:01h, 37 to do in 00:01h, 16 active
- [STATUS] 47.00 tries/min, 94 tries in 00:02h, 5 to do in 00:01h, 16 active
- 1 of 1 target completed, 0 valid password found
- [WARNING] Writing restore file because 4 final worker threads did not complete until end.
- Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-06-14 19:55:34
- url https://carshopping.com.co/wp-json/
- https://carshopping.com.co/phpmyadmin/
- https://carshopping.com.co/phpmyadmin/ChangeLog
- ,----, ,--.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement