API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OpIsraël Full Recon #10

a guest
Feb 6th, 2019
357
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 64.61 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. =======================================================================================================================================
  3. Hostname tcsb.technion.ac.il ISP Israel InterUniversity Computation Center
  4. Continent Asia Flag
  5. IL
  6. Country Israel Country Code IL
  7. Region Unknown Local time 06 Feb 2019 20:47 IST
  8. City Unknown Postal Code Unknown
  9. IP Address 132.68.239.54 Latitude 31.5
  10. Longitude 34.75
  11. =======================================================================================================================================
  12. #######################################################################################################################################
  13. > tcsb.technion.ac.il
  14. Server: 38.132.106.139
  15. Address: 38.132.106.139#53
  16.  
  17. Non-authoritative answer:
  18. Name: tcsb.technion.ac.il
  19. Address: 132.68.239.54
  20. >
  21. #######################################################################################################################################
  22. HostIP:132.68.239.54
  23. HostName:tcsb.technion.ac.il
  24.  
  25. Gathered Inet-whois information for 132.68.239.54
  26. ---------------------------------------------------------------------------------------------------------------------------------------
  27.  
  28.  
  29. inetnum: 132.68.0.0 - 132.69.255.255
  30. netname: ILAN-TECHNION
  31. country: IL
  32. admin-c: BZ684-RIPE
  33. tech-c: RS12796-RIPE
  34. org: ORG-TA174-RIPE
  35. sponsoring-org: ORG-IIIC1-RIPE
  36. status: LEGACY
  37. mnt-by: RIPE-NCC-LEGACY-MNT
  38. mnt-by: AS378-MNT
  39. mnt-lower: AS378-MNT
  40. created: 2015-12-07T11:43:56Z
  41. last-modified: 2016-04-14T08:49:12Z
  42. source: RIPE
  43.  
  44. organisation: ORG-TA174-RIPE
  45. org-name: Technion - Technolog institute
  46. org-type: OTHER
  47. address: Haifa
  48. address: Israel
  49. phone: +972-4-8221520
  50. admin-c: BZ684-RIPE
  51. tech-c: RS12796-RIPE
  52. mnt-ref: AS378-MNT
  53. mnt-by: AS378-MNT
  54. created: 2005-05-10T09:43:39Z
  55. last-modified: 2017-10-30T16:09:24Z
  56. source: RIPE # Filtered
  57.  
  58. person: Bar-Lev Zvoulun
  59. address: Computer Center
  60. address: Technion
  61. address: Haifa 32000
  62. address: Israel
  63. phone: +972 4 8292174
  64. fax-no: +972 4 8236212
  65. nic-hdl: BZ684-RIPE
  66. mnt-by: AS378-MNT
  67. created: 2011-12-01T08:02:48Z
  68. last-modified: 2011-12-01T08:02:48Z
  69. source: RIPE # Filtered
  70.  
  71. person: Roman Safonov
  72. address: Computer Center
  73. address: Technion
  74. address: Haifa 32000
  75. address: Israel
  76. phone: +972 4 8294992
  77. fax-no: +972 4 8236212
  78. nic-hdl: RS12796-RIPE
  79. mnt-by: AS378-MNT
  80. created: 2011-12-01T08:02:48Z
  81. last-modified: 2011-12-01T08:02:48Z
  82. source: RIPE # Filtered
  83.  
  84. % Information related to '132.68.0.0/16AS378'
  85.  
  86. route: 132.68.0.0/16
  87. descr: ILAN-BLOCK-5
  88. origin: AS378
  89. mnt-by: AS378-MNT
  90. created: 2017-12-27T09:39:21Z
  91. last-modified: 2017-12-27T09:39:21Z
  92. source: RIPE
  93.  
  94. % This query was served by the RIPE Database Query Service version 1.92.6 (WAGYU)
  95.  
  96.  
  97.  
  98. Gathered Inic-whois information for tcsb.technion.ac.il
  99. ---------------------------------------------------------------------------------------------------------------------------------------
  100. ERROR: Unable to locate Name Whois data on tcsb.technion.ac.il
  101.  
  102. Gathered Netcraft information for tcsb.technion.ac.il
  103. ---------------------------------------------------------------------------------------------------------------------------------------
  104.  
  105. Retrieving Netcraft.com information for tcsb.technion.ac.il
  106. Netcraft.com Information gathered
  107.  
  108. Gathered Subdomain information for tcsb.technion.ac.il
  109. ---------------------------------------------------------------------------------------------------------------------------------------
  110. Searching Google.com:80...
  111. Searching Altavista.com:80...
  112. Found 0 possible subdomain(s) for host tcsb.technion.ac.il, Searched 0 pages containing 0 results
  113.  
  114. Gathered E-Mail information for tcsb.technion.ac.il
  115. ---------------------------------------------------------------------------------------------------------------------------------------
  116. Searching Google.com:80...
  117. Searching Altavista.com:80...
  118. Found 0 E-Mail(s) for host tcsb.technion.ac.il, Searched 0 pages containing 0 results
  119.  
  120. Gathered TCP Port information for 132.68.239.54
  121. ---------------------------------------------------------------------------------------------------------------------------------------
  122.  
  123. Port State
  124.  
  125. 80/tcp open
  126.  
  127. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
  128. #######################################################################################################################################
  129. [i] Scanning Site: http://tcsb.technion.ac.il
  130.  
  131.  
  132.  
  133. B A S I C I N F O
  134. =======================================================================================================================================
  135.  
  136.  
  137. [+] Site Title: TCSB
  138. [+] IP address: 132.68.239.54
  139. [+] Web Server: Apache
  140. [+] CMS: WordPress
  141. [+] Cloudflare: Not Detected
  142. [+] Robots File: Found
  143.  
  144. -------------[ contents ]----------------
  145. User-agent: *
  146. Disallow: /wp-admin/
  147. Allow: /wp-admin/admin-ajax.php
  148.  
  149. -----------[end of contents]-------------
  150.  
  151.  
  152.  
  153. W H O I S L O O K U P
  154. =======================================================================================================================================
  155.  
  156.  
  157. % The data in the WHOIS database of the .il registry is provided
  158. % by ISOC-IL for information purposes, and to assist persons in
  159. % obtaining information about or related to a domain name
  160. % registration record. ISOC-IL does not guarantee its accuracy.
  161. % By submitting a WHOIS query, you agree that you will use this
  162. % Data only for lawful purposes and that, under no circumstances
  163. % will you use this Data to: (1) allow, enable, or otherwise
  164. % support the transmission of mass unsolicited, commercial
  165. % advertising or solicitations via e-mail (spam);
  166. % or (2) enable high volume, automated, electronic processes that
  167. % apply to ISOC-IL (or its systems).
  168. % ISOC-IL reserves the right to modify these terms at any time.
  169. % By submitting this query, you agree to abide by this policy.
  170.  
  171. % No data was found to match the request criteria.
  172.  
  173.  
  174. % Rights to the data above are restricted by copyright.
  175.  
  176.  
  177.  
  178.  
  179. G E O I P L O O K U P
  180. =======================================================================================================================================
  181.  
  182. [i] IP Address: 132.68.239.54
  183. [i] Country: Israel
  184. [i] State:
  185. [i] City:
  186. [i] Latitude: 31.5
  187. [i] Longitude: 34.75
  188.  
  189.  
  190.  
  191.  
  192. H T T P H E A D E R S
  193. =======================================================================================================================================
  194.  
  195.  
  196. [i] HTTP/1.1 200 OK
  197. [i] Date: Wed, 06 Feb 2019 19:14:11 GMT
  198. [i] Server: Apache
  199. [i] Link: <http://tcsb.technion.ac.il/wp-json/>; rel="https://api.w.org/", <http://tcsb.technion.ac.il/>; rel=shortlink
  200. [i] Connection: close
  201. [i] Content-Type: text/html; charset=UTF-8
  202.  
  203.  
  204.  
  205.  
  206. D N S L O O K U P
  207. =======================================================================================================================================
  208.  
  209. tcsb.technion.ac.il. 599 IN A 132.68.239.54
  210.  
  211.  
  212.  
  213.  
  214. S U B N E T C A L C U L A T I O N
  215. =======================================================================================================================================
  216.  
  217. Address = 132.68.239.54
  218. Network = 132.68.239.54 / 32
  219. Netmask = 255.255.255.255
  220. Broadcast = not needed on Point-to-Point links
  221. Wildcard Mask = 0.0.0.0
  222. Hosts Bits = 0
  223. Max. Hosts = 1 (2^0 - 0)
  224. Host Range = { 132.68.239.54 - 132.68.239.54 }
  225.  
  226.  
  227.  
  228. N M A P P O R T S C A N
  229. =======================================================================================================================================
  230.  
  231.  
  232. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-06 19:14 UTC
  233. Nmap scan report for tcsb.technion.ac.il (132.68.239.54)
  234. Host is up (0.16s latency).
  235. rDNS record for 132.68.239.54: egroll.technion.ac.il
  236. PORT STATE SERVICE
  237. 21/tcp filtered ftp
  238. 22/tcp filtered ssh
  239. 23/tcp filtered telnet
  240. 80/tcp open http
  241. 110/tcp filtered pop3
  242. 143/tcp filtered imap
  243. 443/tcp open https
  244. 3389/tcp filtered ms-wbt-server
  245.  
  246. Nmap done: 1 IP address (1 host up) scanned in 2.49 seconds
  247. #######################################################################################################################################
  248. [?] Enter the target: example( http://domain.com )
  249. http://tcsb.technion.ac.il/
  250. [!] IP Address : 132.68.239.54
  251. [!] CMS Detected : WordPress
  252. [?] Would you like to use WPScan? [Y/n] n
  253. [+] Honeypot Probabilty: 0%
  254. ---------------------------------------------------------------------------------------------------------------------------------------
  255. [~] Trying to gather whois information for tcsb.technion.ac.il
  256. [+] Whois information found
  257. [-] Unable to build response, visit https://who.is/whois/tcsb.technion.ac.il
  258. ---------------------------------------------------------------------------------------------------------------------------------------
  259. PORT STATE SERVICE
  260. 21/tcp filtered ftp
  261. 22/tcp filtered ssh
  262. 23/tcp filtered telnet
  263. 80/tcp open http
  264. 110/tcp filtered pop3
  265. 143/tcp filtered imap
  266. 443/tcp open https
  267. 3389/tcp filtered ms-wbt-server
  268. Nmap done: 1 IP address (1 host up) scanned in 2.54 seconds
  269. ---------------------------------------------------------------------------------------------------------------------------------------
  270. There was an error getting results
  271.  
  272. [-] DNS Records
  273. [>] Initiating 3 intel modules
  274. [>] Loading Alpha module (1/3)
  275. [>] Beta module deployed (2/3)
  276. [>] Gamma module initiated (3/3)
  277.  
  278.  
  279. [+] Emails found:
  280. ---------------------------------------------------------------------------------------------------------------------------------------
  281. pixel-1549480461226806-web-@tcsb.technion.ac.il
  282. pixel-1549480462189490-web-@tcsb.technion.ac.il
  283. No hosts found
  284. [+] Virtual hosts:
  285. ---------------------------------------------------------------------------------------------------------------------------------------
  286. #######################################################################################################################################
  287. ; <<>> DiG 9.11.5-P1-1-Debian <<>> tcsb.technion.ac.il
  288. ;; global options: +cmd
  289. ;; Got answer:
  290. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56890
  291. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  292.  
  293. ;; OPT PSEUDOSECTION:
  294. ; EDNS: version: 0, flags:; udp: 4096
  295. ;; QUESTION SECTION:
  296. ;tcsb.technion.ac.il. IN A
  297.  
  298. ;; ANSWER SECTION:
  299. tcsb.technion.ac.il. 280 IN A 132.68.239.54
  300.  
  301. ;; Query time: 36 msec
  302. ;; SERVER: 38.132.106.139#53(38.132.106.139)
  303. ;; WHEN: mer fév 06 14:34:01 EST 2019
  304. ;; MSG SIZE rcvd: 64
  305. #######################################################################################################################################
  306. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace tcsb.technion.ac.il
  307. ;; global options: +cmd
  308. . 85595 IN NS f.root-servers.net.
  309. . 85595 IN NS b.root-servers.net.
  310. . 85595 IN NS j.root-servers.net.
  311. . 85595 IN NS m.root-servers.net.
  312. . 85595 IN NS i.root-servers.net.
  313. . 85595 IN NS g.root-servers.net.
  314. . 85595 IN NS d.root-servers.net.
  315. . 85595 IN NS l.root-servers.net.
  316. . 85595 IN NS a.root-servers.net.
  317. . 85595 IN NS e.root-servers.net.
  318. . 85595 IN NS c.root-servers.net.
  319. . 85595 IN NS k.root-servers.net.
  320. . 85595 IN NS h.root-servers.net.
  321. . 85595 IN RRSIG NS 8 0 518400 20190219170000 20190206160000 16749 . NWg1fajlCbDiP6kIb4B4mb9FsK9UdCuOTpW82qokw9yalY2Yn/KdUqai cOzrcNlX3i4cJ56D9pBoPomFshjBtQbptB7yWOu21WVejPNQcbtnZzqA ka8yMxttKTNHWX893sqqMsu2GWyKX44qfIxeT02yaepiYzjYqYeQDYvQ wfd1Wbzx8MC5PMMCprfhZQhjSdePVlmXaovuGpgdMRwd67uxsSjW8Cex rpVvLl1598qYlGbXC4ju5nqZtNW+xIfwmyzygsMF9lw2JDyT97lGt0qp RQaRUaNhGanO68Nsoaw4fSjLEPadG8ZLX2O91iIlwqcIbxS6yoKIf/uE Du5qfg==
  322. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 37 ms
  323.  
  324. il. 172800 IN NS nse.ns.il.
  325. il. 172800 IN NS nsa.ns.il.
  326. il. 172800 IN NS ilns.ilan.net.il.
  327. il. 172800 IN NS ns1.ns.il.
  328. il. 172800 IN NS lookup.iucc.ac.il.
  329. il. 172800 IN NS sns-pb.isc.org.
  330. il. 172800 IN NS ns3.ns.il.
  331. il. 172800 IN NS ns2.ns.il.
  332. il. 172800 IN NS nsb.ns.il.
  333. il. 86400 IN DS 44729 8 2 7FA5A2FD091C340D4A01864B4F82D66D0769F3D3A0A1C48F8ABD2A64 B1689921
  334. il. 86400 IN RRSIG DS 8 1 86400 20190219170000 20190206160000 16749 . K7EHtDuI6vepZ8fteJRE9kkUo82eMaZjTYTaF+5Qr5rz5NvyqQ5SrlZC ekJaRNiHft8MDgxntqz+Q8OcyH4o5BJ8qd464jn1dz/Q3UoVvBJm8MwR 0oiWuR9rMXZeJ8e9QWfm4B6tHsFQL9qmb7zszHR0MhSl8kTrJRVZqECq ieLsgaxS6COKndrUrjS84OSlCiKNEwqG32FeSeItFpoOpJIM9W0A+XZe 2x/3gwLT/nYEpHb6ytSS8a3uboVqlGUTxQRR0lTqrJk5H0I8uGN+W0g0 qbhulY2HsJlZc7AIWkUuvbuHJz9RVZBKmHR8TJz4KmBTxYBlOt1i5bwd NmvgRw==
  335. ;; Received 888 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 214 ms
  336.  
  337. technion.ac.il. 86400 IN NS techdns.haifa.ac.il.
  338. technion.ac.il. 86400 IN NS ns2.technion.ac.il.
  339. technion.ac.il. 86400 IN NS dns1.technion.ac.il.
  340. technion.ac.il. 86400 IN NS ns.technion.ac.il.
  341. c5gr48k7ca3ba4ne1p463fe71bd54s39.ac.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 C5GR48K7CA3BA4NE1P463FE71BD54S39 NS SOA RRSIG DNSKEY NSEC3PARAM
  342. c5gr48k7ca3ba4ne1p463fe71bd54s39.ac.il. 86400 IN RRSIG NSEC3 8 3 86400 20190309180907 20190206170907 7233 ac.il. TVMx3zjCF2syzyUn3ZYle+TCjkImkLtGF4bUjHYP1fhO+yXKvSVQGpu0 XssfMx5CmlTksoa6ZYxl3I99y4mdlsh4lJgPPhVP8l1/aTM3JQf0iOvp hG8XuN0AjcZ7ZQDwFVxnEwP3jnmgOCiKfO4SuUC06qC6ziAsXLSqrtTI 778k0YI/R8MpF1b87kTAt5f9I6eoeXzntCd/eCfH3zLhWVtDERZpJ26u Kj9NyPwAAqvSnIHk/+6r2TO6K0wywzvBvevBd6cGj0NybvOcsQrMcH1+ zPaScz9DU+zmI6q4Neg/qZdSSkEnm58iQU3LTd6nC1xQTqOdXD+eRWN8 3NPz5A==
  343. ;; Received 587 bytes from 194.0.11.103#53(ns3.ns.il) in 134 ms
  344.  
  345. tcsb.technion.ac.il. 600 IN A 132.68.239.54
  346. technion.ac.il. 3600 IN NS ns.technion.ac.il.
  347. technion.ac.il. 3600 IN NS ns2.technion.ac.il.
  348. technion.ac.il. 3600 IN NS dns1.technion.ac.il.
  349. technion.ac.il. 3600 IN NS techdns.haifa.ac.il.
  350. ;; Received 278 bytes from 2001:bf8:100:1::2#53(ns2.technion.ac.il) in 201 ms
  351. #######################################################################################################################################
  352. =======================================================================================================================================
  353. | E-mails:
  354. | [+] E-mail Found: plugin@bestwebsoft.com
  355. | [+] E-mail Found: ryszard.glegola@translanet.com
  356. | [+] E-mail Found: lefinnois@lefinnois.net
  357. | [+] E-mail Found: m@tidakada.com
  358. | [+] E-mail Found: mailman@tcsb.technion.ac.il
  359. | [+] E-mail Found: mathewhendry@hotmail.com
  360. | [+] E-mail Found: nasiri.amirreza.96@gmail.com
  361. | [+] E-mail Found: nick20080808@gmail.com
  362. | [+] E-mail Found: mail@mail.com
  363. | [+] E-mail Found: contact@developmentlogics.com
  364. | [+] E-mail Found: epeetz@gmail.com
  365. | [+] E-mail Found: lcapronnier@yahoo.com
  366. | [+] E-mail Found: contact@codester.pl
  367. | [+] E-mail Found: support@saidmoulla.com
  368. | [+] E-mail Found: hdikla@tx.technion.ac.il
  369. | [+] E-mail Found: cloudzeroxyz@gmail.com
  370. | [+] E-mail Found: yaelpb@tx.technion.ac.il
  371. | [+] E-mail Found: plugins@bestwebsoft.com
  372. | [+] E-mail Found: fred.zimmer@medienconsulting.at
  373. | [+] E-mail Found: me@ygeorgiev.com
  374. | [+] E-mail Found: wart17@hotmail.com
  375. | [+] E-mail Found: info@getid3.org
  376. | [+] E-mail Found: info@pamadessoft.cz
  377. | [+] E-mail Found: wp@bestwebsoft.com
  378. =======================================================================================================================================
  379. | External hosts:
  380. | [+] External Host Found: https://secure.php.net
  381. | [+] External Host Found: https://wordpress.org
  382. | [+] External Host Found: http://www.catom.com
  383. | [+] External Host Found: https://translate.wordpress.org
  384. | [+] External Host Found: http://make.wordpress.org
  385. | [+] External Host Found: https://httpd.apache.org
  386. | [+] External Host Found: https://planet.wordpress.org
  387. | [+] External Host Found: https://www.mysql.com
  388. | [+] External Host Found: https://developer.wordpress.org
  389. | [+] External Host Found: https://codex.wordpress.org
  390. | [+] External Host Found: http://wordpress.org
  391. | [+] External Host Found: http://www.gnu.org
  392. | [+] External Host Found: http://www.usableinteractions.com
  393. | [+] External Host Found: http://www.joedolson.com
  394. =======================================================================================================================================
  395. ######################################################################################################################################
  396. Reversing IP With HackTarget 'tcsb.technion.ac.il'
  397. ---------------------------------------------------------------------------------------------------------------------------------------
  398.  
  399. [+] bankofamerica-24h.ticc.web3.technion.ac.il
  400. [+] bku.technion.ac.il
  401. [+] cont-edu.technion.ac.il
  402. [+] cssite.technion.ac.il
  403. [+] diglab.technion.ac.il
  404. [+] eelabs.technion.ac.il
  405. [+] egroll.technion.ac.il
  406. [+] excellence.technion.ac.il
  407. [+] graduate.technion.ac.il
  408. [+] graduate.web3.technion.ac.il
  409. [+] icdt2018.technion.ac.il
  410. [+] isu.technion.ac.il
  411. [+] lokey.technion.ac.il
  412. [+] md.technion.ac.il
  413. [+] meeng.technion.ac.il
  414. [+] pcra.technion.ac.il
  415. [+] presidentsreport.technion.ac.il
  416. [+] presidentsreport.web3.technion.ac.il
  417. [+] psl.technion.ac.il
  418. [+] rbni.technion.ac.il
  419. [+] sampl.eelabs.technion.ac.il
  420. [+] schulich.technion.ac.il
  421. [+] sipl.eelabs.technion.ac.il
  422. [+] socialhub.technion.ac.il
  423. [+] tcsb.technion.ac.il
  424. [+] teams.technion.ac.il
  425. [+] tender-logistics.web3.technion.ac.il
  426. [+] tep.technion.ac.il
  427. [+] visl.technion.ac.il
  428. [+] www.cont-edu.technion.ac.il
  429. [+] www.web3.technion.ac.il
  430. #######################################################################################################################################
  431. Reverse IP With YouGetSignal 'tcsb.technion.ac.il'
  432. ---------------------------------------------------------------------------------------------------------------------------------------
  433.  
  434. [*] IP: 132.68.239.54
  435. [*] Domain: tcsb.technion.ac.il
  436. [*] Total Domains: 7
  437.  
  438. [+] chemeng.technion.ac.il
  439. [+] cssite.technion.ac.il
  440. [+] gazit.technion.ac.il
  441. [+] meeng.technion.ac.il
  442. [+] tcsb.technion.ac.il
  443. [+] teams.technion.ac.il
  444. [+] www.techstreet.com
  445. #######################################################################################################################################
  446. Geo IP Lookup 'tcsb.technion.ac.il'
  447. ---------------------------------------------------------------------------------------------------------------------------------------
  448.  
  449. [+] IP Address: 132.68.239.54
  450. [+] Country: Israel
  451. [+] State:
  452. [+] City:
  453. [+] Latitude: 31.5
  454. [+] Longitude: 34.75
  455. #######################################################################################################################################
  456. Whois 'tcsb.technion.ac.il'
  457. ---------------------------------------------------------------------------------------------------------------------------------------
  458.  
  459. [+] % The data in the WHOIS database of the .il registry is provided
  460. [+] % by ISOC-IL for information purposes, and to assist persons in
  461. [+] % obtaining information about or related to a domain name
  462. [+] % registration record. ISOC-IL does not guarantee its accuracy.
  463. [+] % By submitting a WHOIS query, you agree that you will use this
  464. [+] % Data only for lawful purposes and that, under no circumstances
  465. [+] % will you use this Data to: (1) allow, enable, or otherwise
  466. [+] % support the transmission of mass unsolicited, commercial
  467. [+] % advertising or solicitations via e-mail (spam);
  468. [+] % or (2) enable high volume, automated, electronic processes that
  469. [+] % apply to ISOC-IL (or its systems).
  470. [+] % ISOC-IL reserves the right to modify these terms at any time.
  471. [+] % By submitting this query, you agree to abide by this policy.
  472. [+]
  473. [+] % No data was found to match the request criteria.
  474. [+] % Rights to the data above are restricted by copyright.
  475. #######################################################################################################################################
  476. DNS Lookup 'tcsb.technion.ac.il'
  477. ---------------------------------------------------------------------------------------------------------------------------------------
  478.  
  479. [+] tcsb.technion.ac.il. 599 IN A 132.68.239.54
  480. #######################################################################################################################################
  481. Show HTTP Header 'tcsb.technion.ac.il'
  482. ---------------------------------------------------------------------------------------------------------------------------------------
  483.  
  484. [+] HTTP/1.1 200 OK
  485. [+] Date: Wed, 06 Feb 2019 19:13:51 GMT
  486. [+] Server: Apache
  487. [+] Link: http://tcsb.technion.ac.il/wp-json/; rel=https://api.w.org/, http://tcsb.technion.ac.il/; rel=shortlink
  488. [+] Content-Type: text/html; charset=UTF-8
  489. [+]
  490. #######################################################################################################################################
  491. Port Scan 'tcsb.technion.ac.il'
  492. ---------------------------------------------------------------------------------------------------------------------------------------
  493.  
  494. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-06 19:13 UTC
  495. Nmap scan report for tcsb.technion.ac.il (132.68.239.54)
  496. Host is up (0.18s latency).
  497. rDNS record for 132.68.239.54: egroll.technion.ac.il
  498. PORT STATE SERVICE
  499. 21/tcp filtered ftp
  500. 22/tcp filtered ssh
  501. 23/tcp filtered telnet
  502. 80/tcp open http
  503. 110/tcp filtered pop3
  504. 143/tcp filtered imap
  505. 443/tcp open https
  506. 3389/tcp filtered ms-wbt-server
  507.  
  508. Nmap done: 1 IP address (1 host up) scanned in 2.98 seconds
  509. #######################################################################################################################################
  510. #cms Scan 'tcsb.technion.ac.il'
  511. ---------------------------------------------------------------------------------------------------------------------------------------
  512.  
  513. [+] Cms : WordPress
  514. [+] Web Servers : Apache
  515. [+] Programming Languages : PHP
  516. #######################################################################################################################################
  517. Robot.txt 'tcsb.technion.ac.il'
  518. ---------------------------------------------------------------------------------------------------------------------------------------
  519.  
  520. User-agent: *
  521. Disallow: /wp-admin/
  522. Allow: /wp-admin/admin-ajax.php
  523. #######################################################################################################################################
  524. Traceroute 'tcsb.technion.ac.il'
  525. ---------------------------------------------------------------------------------------------------------------------------------------
  526.  
  527. Start: 2019-02-06T19:14:01+0000
  528. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  529. 1.|-- 45.79.12.201 0.0% 3 1.0 1.6 1.0 2.7 1.0
  530. 2.|-- 45.79.12.0 0.0% 3 0.9 1.2 0.9 1.4 0.2
  531. 3.|-- hu0-7-0-7.ccr41.dfw03.atlas.cogentco.com 0.0% 3 2.1 1.9 1.4 2.1 0.4
  532. 4.|-- be2764.ccr32.dfw01.atlas.cogentco.com 0.0% 3 3.3 3.1 2.6 3.3 0.4
  533. 5.|-- be2433.ccr22.mci01.atlas.cogentco.com 0.0% 3 11.7 11.6 11.4 11.7 0.2
  534. 6.|-- be2832.ccr42.ord01.atlas.cogentco.com 0.0% 3 23.5 23.7 23.5 24.1 0.3
  535. 7.|-- be2718.ccr22.cle04.atlas.cogentco.com 0.0% 3 30.3 31.0 30.2 32.6 1.4
  536. 8.|-- be2994.ccr32.yyz02.atlas.cogentco.com 0.0% 3 37.4 37.4 37.3 37.4 0.1
  537. 9.|-- be3260.ccr22.ymq01.atlas.cogentco.com 0.0% 3 45.3 45.5 45.3 45.7 0.2
  538. 10.|-- be3043.ccr22.lpl01.atlas.cogentco.com 0.0% 3 114.6 114.5 114.2 114.7 0.3
  539. 11.|-- be2183.ccr42.ams03.atlas.cogentco.com 0.0% 3 123.1 123.5 122.4 125.0 1.4
  540. 12.|-- be2814.ccr42.fra03.atlas.cogentco.com 0.0% 3 131.0 131.1 131.0 131.2 0.2
  541. 13.|-- be3187.agr41.fra03.atlas.cogentco.com 0.0% 3 135.8 135.9 135.8 135.9 0.1
  542. 14.|-- 149.29.9.10 0.0% 3 124.2 123.9 123.8 124.2 0.2
  543. 15.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  544. 16.|-- ae2.mx1.lon.uk.geant.net 0.0% 3 138.0 140.5 138.0 145.2 4.1
  545. 17.|-- iucc-ias-iucc-gw.lon.uk.geant.net 0.0% 3 206.9 207.3 206.9 207.9 0.6
  546. 18.|-- technion-gp1-10g.ilan.net.il 0.0% 3 195.3 195.5 195.3 195.8 0.3
  547. 19.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  548. #######################################################################################################################################
  549. Ping 'tcsb.technion.ac.il'
  550. ---------------------------------------------------------------------------------------------------------------------------------------
  551.  
  552.  
  553. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-02-06 19:14 UTC
  554. SENT (0.0043s) ICMP [104.237.144.6 > 132.68.239.54 Echo request (type=8/code=0) id=48271 seq=1] IP [ttl=64 id=30011 iplen=28 ]
  555. SENT (1.0046s) ICMP [104.237.144.6 > 132.68.239.54 Echo request (type=8/code=0) id=48271 seq=2] IP [ttl=64 id=30011 iplen=28 ]
  556. SENT (2.0061s) ICMP [104.237.144.6 > 132.68.239.54 Echo request (type=8/code=0) id=48271 seq=3] IP [ttl=64 id=30011 iplen=28 ]
  557. SENT (3.0076s) ICMP [104.237.144.6 > 132.68.239.54 Echo request (type=8/code=0) id=48271 seq=4] IP [ttl=64 id=30011 iplen=28 ]
  558.  
  559. Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
  560. Raw packets sent: 4 (112B) | Rcvd: 0 (0B) | Lost: 4 (100.00%)
  561. Nping done: 1 IP address pinged in 4.01 seconds
  562. #######################################################################################################################################
  563. dnsenum VERSION:1.2.4
  564.  
  565. ----- tcsb.technion.ac.il -----
  566.  
  567.  
  568. Host's addresses:
  569. __________________
  570.  
  571. tcsb.technion.ac.il. 294 IN A 132.68.239.54
  572.  
  573.  
  574. Name Servers:
  575. ______________
  576. #######################################################################################################################################
  577. ===============================================
  578. -=Subfinder v1.1.3 github.com/subfinder/subfinder
  579. ===============================================
  580.  
  581.  
  582. Running Source: Ask
  583. Running Source: Archive.is
  584. Running Source: Baidu
  585. Running Source: Bing
  586. Running Source: CertDB
  587. Running Source: CertificateTransparency
  588. Running Source: Certspotter
  589. Running Source: Commoncrawl
  590. Running Source: Crt.sh
  591. Running Source: Dnsdb
  592. Running Source: DNSDumpster
  593. Running Source: DNSTable
  594. Running Source: Dogpile
  595. Running Source: Exalead
  596. Running Source: Findsubdomains
  597. Running Source: Googleter
  598. Running Source: Hackertarget
  599. Running Source: Ipv4Info
  600. Running Source: PTRArchive
  601. Running Source: Sitedossier
  602. Running Source: Threatcrowd
  603. Running Source: ThreatMiner
  604. Running Source: WaybackArchive
  605. Running Source: Yahoo
  606.  
  607. Running enumeration on tcsb.technion.ac.il
  608.  
  609. dnsdb: Unexpected return status 503
  610.  
  611. ipv4info: <nil>
  612.  
  613.  
  614. Starting Bruteforcing of tcsb.technion.ac.il with 9985 words
  615.  
  616. Total 1 Unique subdomains found for tcsb.technion.ac.il
  617.  
  618. .tcsb.technion.ac.il
  619. #######################################################################################################################################
  620. [+] tcsb.technion.ac.il has no SPF record!
  621. [*] No DMARC record found. Looking for organizational record
  622. [*] Found organizational DMARC record:
  623. [*] v=DMARC1; p=none
  624. [*] No explicit organizational subdomain policy. Defaulting to organizational policy
  625. [+] DMARC policy set to none
  626. [+] Spoofing possible for tcsb.technion.ac.il!
  627. #######################################################################################################################################
  628. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:18 EST
  629. Nmap scan report for tcsb.technion.ac.il (132.68.239.54)
  630. Host is up (0.16s latency).
  631. rDNS record for 132.68.239.54: egroll.technion.ac.il
  632. Not shown: 471 filtered ports, 3 closed ports
  633. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  634. PORT STATE SERVICE
  635. 80/tcp open http
  636. 443/tcp open https
  637. #######################################################################################################################################
  638. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:18 EST
  639. Nmap scan report for tcsb.technion.ac.il (132.68.239.54)
  640. Host is up (0.024s latency).
  641. rDNS record for 132.68.239.54: egroll.technion.ac.il
  642. Not shown: 2 filtered ports
  643. PORT STATE SERVICE
  644. 53/udp open|filtered domain
  645. 67/udp open|filtered dhcps
  646. 68/udp open|filtered dhcpc
  647. 69/udp open|filtered tftp
  648. 88/udp open|filtered kerberos-sec
  649. 123/udp open|filtered ntp
  650. 139/udp open|filtered netbios-ssn
  651. 161/udp open|filtered snmp
  652. 162/udp open|filtered snmptrap
  653. 389/udp open|filtered ldap
  654. 520/udp open|filtered route
  655. 2049/udp open|filtered nfs
  656. #######################################################################################################################################
  657. wig - WebApp Information Gatherer
  658.  
  659.  
  660. Scanning http://tcsb.technion.ac.il...
  661. _______________________________ SITE INFO _______________________________
  662. IP Title
  663. 132.68.239.54 TCSB
  664.  
  665. ________________________________ VERSION ________________________________
  666. Name Versions Type
  667. WordPress 4.7.12 CMS
  668. Apache Platform
  669.  
  670. ______________________________ INTERESTING ______________________________
  671. URL Note Type
  672. /readme.html Readme file Interesting
  673. /robots.txt robots.txt index Interesting
  674.  
  675. _________________________________ TOOLS _________________________________
  676. Name Link Software
  677. wpscan https://github.com/wpscanteam/wpscan WordPress
  678. CMSmap https://github.com/Dionach/CMSmap WordPress
  679.  
  680. _________________________________________________________________________
  681. Time: 45.9 sec Urls: 256 Fingerprints: 40401
  682. #######################################################################################################################################
  683. HTTP/1.1 200 OK
  684. Date: Wed, 06 Feb 2019 19:19:36 GMT
  685. Server: Apache
  686. Link: <http://tcsb.technion.ac.il/wp-json/>; rel="https://api.w.org/", <http://tcsb.technion.ac.il/>; rel=shortlink
  687. Content-Type: text/html; charset=UTF-8
  688.  
  689. HTTP/1.1 200 OK
  690. Date: Wed, 06 Feb 2019 19:19:36 GMT
  691. Server: Apache
  692. Link: <http://tcsb.technion.ac.il/wp-json/>; rel="https://api.w.org/", <http://tcsb.technion.ac.il/>; rel=shortlink
  693. Content-Type: text/html; charset=UTF-8
  694. #######################################################################################################################################
  695. wig - WebApp Information Gatherer
  696.  
  697.  
  698. Scanning https://tcsb.technion.ac.il...
  699. _______________________________ SITE INFO _______________________________
  700. IP Title
  701. 132.68.239.54 TCSB
  702.  
  703. ________________________________ VERSION ________________________________
  704. Name Versions Type
  705. WordPress 4.7.12 CMS
  706. Apache Platform
  707.  
  708. ______________________________ INTERESTING ______________________________
  709. URL Note Type
  710. /readme.html Readme file Interesting
  711. /robots.txt robots.txt index Interesting
  712.  
  713. _________________________________ TOOLS _________________________________
  714. Name Link Software
  715. wpscan https://github.com/wpscanteam/wpscan WordPress
  716. CMSmap https://github.com/Dionach/CMSmap WordPress
  717.  
  718. _________________________________________________________________________
  719. Time: 64.9 sec Urls: 256 Fingerprints: 40401
  720. #######################################################################################################################################
  721. HTTP/1.1 200 OK
  722. Date: Wed, 06 Feb 2019 19:21:27 GMT
  723. Server: Apache
  724. Link: <https://tcsb.technion.ac.il/wp-json/>; rel="https://api.w.org/", <https://tcsb.technion.ac.il/>; rel=shortlink
  725. Content-Type: text/html; charset=UTF-8
  726. Strict-Transport-Security: max-age=16070400; includeSubDomains
  727.  
  728. HTTP/1.1 200 OK
  729. Date: Wed, 06 Feb 2019 19:21:29 GMT
  730. Server: Apache
  731. Link: <https://tcsb.technion.ac.il/wp-json/>; rel="https://api.w.org/", <https://tcsb.technion.ac.il/>; rel=shortlink
  732. Content-Type: text/html; charset=UTF-8
  733. Strict-Transport-Security: max-age=16070400; includeSubDomains
  734. #######################################################################################################################################
  735. Version: 1.11.12-static
  736. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  737.  
  738. Connected to 132.68.239.54
  739.  
  740. Testing SSL server tcsb.technion.ac.il on port 443 using SNI name tcsb.technion.ac.il
  741.  
  742. TLS Fallback SCSV:
  743. Server supports TLS Fallback SCSV
  744.  
  745. TLS renegotiation:
  746. Secure session renegotiation supported
  747.  
  748. TLS Compression:
  749. Compression disabled
  750.  
  751. Heartbleed:
  752. TLS 1.2 not vulnerable to heartbleed
  753. TLS 1.1 not vulnerable to heartbleed
  754. TLS 1.0 not vulnerable to heartbleed
  755.  
  756. Supported Server Cipher(s):
  757. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  758. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  759. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  760. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  761. Accepted TLSv1.2 256 bits AES256-SHA
  762. Accepted TLSv1.2 256 bits AES256-SHA256
  763. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  764. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  765. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  766. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  767. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  768. Accepted TLSv1.2 128 bits AES128-SHA
  769. Accepted TLSv1.2 128 bits AES128-SHA256
  770. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  771. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  772. Accepted TLSv1.1 256 bits AES256-SHA
  773. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  774. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  775. Accepted TLSv1.1 128 bits AES128-SHA
  776. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  777. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  778. Accepted TLSv1.0 256 bits AES256-SHA
  779. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  780. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  781. Accepted TLSv1.0 128 bits AES128-SHA
  782. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  783.  
  784. SSL Certificate:
  785. Signature Algorithm: sha256WithRSAEncryption
  786. RSA Key Strength: 2048
  787.  
  788. Subject: *.technion.ac.il
  789. Altnames: DNS:*.technion.ac.il, DNS:technion.ac.il
  790. Issuer: TERENA SSL CA 3
  791.  
  792. Not valid before: Jan 3 00:00:00 2019 GMT
  793. Not valid after: Apr 7 00:00:00 2021 GMT
  794. #######################################################################################################################################
  795. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:13 EST
  796. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  797. Host is up (0.11s latency).
  798. Not shown: 471 filtered ports, 3 closed ports
  799. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  800. PORT STATE SERVICE
  801. 80/tcp open http
  802. 443/tcp open https
  803. #######################################################################################################################################
  804. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:14 EST
  805. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  806. Host is up (0.026s latency).
  807. Not shown: 2 filtered ports
  808. PORT STATE SERVICE
  809. 53/udp open|filtered domain
  810. 67/udp open|filtered dhcps
  811. 68/udp open|filtered dhcpc
  812. 69/udp open|filtered tftp
  813. 88/udp open|filtered kerberos-sec
  814. 123/udp open|filtered ntp
  815. 139/udp open|filtered netbios-ssn
  816. 161/udp open|filtered snmp
  817. 162/udp open|filtered snmptrap
  818. 389/udp open|filtered ldap
  819. 520/udp open|filtered route
  820. 2049/udp open|filtered nfs
  821. #######################################################################################################################################
  822. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:14 EST
  823. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  824. Host is up.
  825.  
  826. PORT STATE SERVICE VERSION
  827. 67/udp open|filtered dhcps
  828. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  829. Too many fingerprints match this host to give specific OS details
  830.  
  831. TRACEROUTE (using proto 1/icmp)
  832. HOP RTT ADDRESS
  833. 1 21.68 ms 10.244.200.1
  834. 2 46.52 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  835. 3 47.68 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  836. 4 22.09 ms 77.243.185.226
  837. 5 22.52 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  838. 6 22.51 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  839. 7 91.75 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  840. 8 101.30 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  841. 9 108.36 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  842. 10 108.42 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  843. 11 110.52 ms 149.29.9.10
  844. 12 ...
  845. 13 124.90 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  846. 14 182.49 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  847. 15 179.24 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  848. 16 ... 30
  849. #######################################################################################################################################
  850. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:16 EST
  851. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  852. Host is up.
  853.  
  854. PORT STATE SERVICE VERSION
  855. 68/udp open|filtered dhcpc
  856. Too many fingerprints match this host to give specific OS details
  857.  
  858. TRACEROUTE (using proto 1/icmp)
  859. HOP RTT ADDRESS
  860. 1 25.21 ms 10.244.200.1
  861. 2 25.26 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  862. 3 36.78 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  863. 4 25.25 ms 77.243.185.226
  864. 5 25.93 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  865. 6 25.54 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  866. 7 95.05 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  867. 8 104.89 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  868. 9 111.26 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  869. 10 111.34 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  870. 11 113.67 ms 149.29.9.10
  871. 12 ...
  872. 13 126.42 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  873. 14 183.74 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  874. 15 182.97 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  875. 16 ... 30
  876. #######################################################################################################################################
  877. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:18 EST
  878. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  879. Host is up.
  880.  
  881. PORT STATE SERVICE VERSION
  882. 69/udp open|filtered tftp
  883. Too many fingerprints match this host to give specific OS details
  884.  
  885. TRACEROUTE (using proto 1/icmp)
  886. HOP RTT ADDRESS
  887. 1 23.08 ms 10.244.200.1
  888. 2 23.48 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  889. 3 34.53 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  890. 4 23.28 ms 77.243.185.226
  891. 5 23.69 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  892. 6 23.50 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  893. 7 93.71 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  894. 8 102.52 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  895. 9 109.59 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  896. 10 109.64 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  897. 11 109.48 ms 149.29.9.10
  898. 12 ...
  899. 13 124.25 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  900. 14 182.29 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  901. 15 181.03 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  902. 16 ... 30
  903. #######################################################################################################################################
  904. wig - WebApp Information Gatherer
  905.  
  906.  
  907. Scanning http://132.68.239.54...
  908. _________________ SITE INFO __________________
  909. IP Title
  910. 132.68.239.54
  911.  
  912. __________________ VERSION ___________________
  913. Name Versions Type
  914. Apache Platform
  915.  
  916. ______________________________________________
  917. Time: 28.0 sec Urls: 601 Fingerprints: 40401
  918. #######################################################################################################################################
  919. HTTP/1.1 200 OK
  920. Date: Wed, 06 Feb 2019 19:21:32 GMT
  921. Server: Apache
  922. Last-Modified: Wed, 30 Jan 2019 02:06:03 GMT
  923. Accept-Ranges: bytes
  924. Content-Length: 163
  925. Content-Type: text/html
  926.  
  927. HTTP/1.1 200 OK
  928. Date: Wed, 06 Feb 2019 19:21:32 GMT
  929. Server: Apache
  930. Last-Modified: Wed, 30 Jan 2019 02:06:03 GMT
  931. Accept-Ranges: bytes
  932. Content-Length: 163
  933. Content-Type: text/html
  934. #######################################################################################################################################
  935. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:21 EST
  936. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  937. Host is up.
  938.  
  939. PORT STATE SERVICE VERSION
  940. 123/udp open|filtered ntp
  941. Too many fingerprints match this host to give specific OS details
  942.  
  943. TRACEROUTE (using proto 1/icmp)
  944. HOP RTT ADDRESS
  945. 1 22.83 ms 10.244.200.1
  946. 2 24.84 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  947. 3 34.63 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  948. 4 23.28 ms 77.243.185.226
  949. 5 23.68 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  950. 6 23.49 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  951. 7 93.36 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  952. 8 102.64 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  953. 9 109.69 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  954. 10 109.69 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  955. 11 113.78 ms 149.29.9.10
  956. 12 ...
  957. 13 128.35 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  958. 14 182.21 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  959. 15 182.50 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  960. 16 ... 30
  961. #######################################################################################################################################
  962. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:23 EST
  963. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  964. Host is up (0.20s latency).
  965.  
  966. PORT STATE SERVICE VERSION
  967. 161/tcp filtered snmp
  968. 161/udp open|filtered snmp
  969. Too many fingerprints match this host to give specific OS details
  970.  
  971. TRACEROUTE (using proto 1/icmp)
  972. HOP RTT ADDRESS
  973. 1 25.92 ms 10.244.200.1
  974. 2 26.11 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  975. 3 42.96 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  976. 4 25.94 ms 77.243.185.226
  977. 5 26.55 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  978. 6 26.94 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  979. 7 95.87 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  980. 8 105.40 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  981. 9 112.24 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  982. 10 112.01 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  983. 11 109.38 ms 149.29.9.10
  984. 12 ...
  985. 13 123.62 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  986. 14 181.80 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  987. 15 181.77 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  988. 16 ... 30
  989. #######################################################################################################################################
  990. Version: 1.11.12-static
  991. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  992.  
  993. Connected to 132.68.239.54
  994.  
  995. Testing SSL server 132.68.239.54 on port 443 using SNI name 132.68.239.54
  996.  
  997. TLS Fallback SCSV:
  998. Server supports TLS Fallback SCSV
  999.  
  1000. TLS renegotiation:
  1001. Secure session renegotiation supported
  1002.  
  1003. TLS Compression:
  1004. Compression disabled
  1005.  
  1006. Heartbleed:
  1007. TLS 1.2 not vulnerable to heartbleed
  1008. TLS 1.1 not vulnerable to heartbleed
  1009. TLS 1.0 not vulnerable to heartbleed
  1010.  
  1011. Supported Server Cipher(s):
  1012. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  1013. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1014. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  1015. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  1016. Accepted TLSv1.2 256 bits AES256-SHA
  1017. Accepted TLSv1.2 256 bits AES256-SHA256
  1018. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  1019. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  1020. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1021. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  1022. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  1023. Accepted TLSv1.2 128 bits AES128-SHA
  1024. Accepted TLSv1.2 128 bits AES128-SHA256
  1025. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  1026. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1027. Accepted TLSv1.1 256 bits AES256-SHA
  1028. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  1029. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1030. Accepted TLSv1.1 128 bits AES128-SHA
  1031. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  1032. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1033. Accepted TLSv1.0 256 bits AES256-SHA
  1034. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  1035. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1036. Accepted TLSv1.0 128 bits AES128-SHA
  1037. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  1038.  
  1039. SSL Certificate:
  1040. Signature Algorithm: sha256WithRSAEncryption
  1041. RSA Key Strength: 2048
  1042.  
  1043. Subject: *.technion.ac.il
  1044. Altnames: DNS:*.technion.ac.il, DNS:technion.ac.il
  1045. Issuer: TERENA SSL CA 3
  1046.  
  1047. Not valid before: Jan 3 00:00:00 2019 GMT
  1048. Not valid after: Apr 7 00:00:00 2021 GMT
  1049. #######################################################################################################################################
  1050. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:30 EST
  1051. NSE: Loaded 148 scripts for scanning.
  1052. NSE: Script Pre-scanning.
  1053. NSE: Starting runlevel 1 (of 2) scan.
  1054. Initiating NSE at 14:30
  1055. Completed NSE at 14:30, 0.00s elapsed
  1056. NSE: Starting runlevel 2 (of 2) scan.
  1057. Initiating NSE at 14:30
  1058. Completed NSE at 14:30, 0.00s elapsed
  1059. Initiating Ping Scan at 14:30
  1060. Scanning 132.68.239.54 [4 ports]
  1061. Completed Ping Scan at 14:30, 0.23s elapsed (1 total hosts)
  1062. Initiating Parallel DNS resolution of 1 host. at 14:30
  1063. Completed Parallel DNS resolution of 1 host. at 14:30, 0.02s elapsed
  1064. Initiating Connect Scan at 14:30
  1065. Scanning egroll.technion.ac.il (132.68.239.54) [1000 ports]
  1066. Discovered open port 80/tcp on 132.68.239.54
  1067. Discovered open port 443/tcp on 132.68.239.54
  1068. Completed Connect Scan at 14:31, 13.39s elapsed (1000 total ports)
  1069. Initiating Service scan at 14:31
  1070. Scanning 2 services on egroll.technion.ac.il (132.68.239.54)
  1071. Completed Service scan at 14:31, 13.35s elapsed (2 services on 1 host)
  1072. Initiating OS detection (try #1) against egroll.technion.ac.il (132.68.239.54)
  1073. Retrying OS detection (try #2) against egroll.technion.ac.il (132.68.239.54)
  1074. Initiating Traceroute at 14:31
  1075. Completed Traceroute at 14:31, 6.17s elapsed
  1076. Initiating Parallel DNS resolution of 14 hosts. at 14:31
  1077. Completed Parallel DNS resolution of 14 hosts. at 14:31, 16.50s elapsed
  1078. NSE: Script scanning 132.68.239.54.
  1079. NSE: Starting runlevel 1 (of 2) scan.
  1080. Initiating NSE at 14:31
  1081. Completed NSE at 14:31, 14.44s elapsed
  1082. NSE: Starting runlevel 2 (of 2) scan.
  1083. Initiating NSE at 14:31
  1084. Completed NSE at 14:31, 0.00s elapsed
  1085. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  1086. Host is up, received syn-ack ttl 240 (0.14s latency).
  1087. Scanned at 2019-02-06 14:30:46 EST for 71s
  1088. Not shown: 995 filtered ports
  1089. Reason: 995 no-responses
  1090. PORT STATE SERVICE REASON VERSION
  1091. 25/tcp closed smtp conn-refused
  1092. 80/tcp open http syn-ack Apache httpd
  1093. |_http-server-header: Apache
  1094. 139/tcp closed netbios-ssn conn-refused
  1095. 443/tcp open ssl/http syn-ack Apache httpd
  1096. | ssl-cert: Subject: commonName=*.technion.ac.il/organizationName=Technion - Israel Institute of Technology/countryName=IL/organizationalUnitName=Computing and Information Systems Division/localityName=Haifa
  1097. | Subject Alternative Name: DNS:*.technion.ac.il, DNS:technion.ac.il
  1098. | Issuer: commonName=TERENA SSL CA 3/organizationName=TERENA/stateOrProvinceName=Noord-Holland/countryName=NL/localityName=Amsterdam
  1099. | Public Key type: rsa
  1100. | Public Key bits: 2048
  1101. | Signature Algorithm: sha256WithRSAEncryption
  1102. | Not valid before: 2019-01-03T00:00:00
  1103. | Not valid after: 2021-04-07T00:00:00
  1104. | MD5: 1a04 69d4 54e7 2642 734c cdb4 addf 1383
  1105. | SHA-1: dec7 cd2c de64 6877 e5a4 1327 8a73 248d 8c4f 0689
  1106. | -----BEGIN CERTIFICATE-----
  1107. | MIIHZTCCBk2gAwIBAgIQBSUtnaiIVC2VMKRduHVhBjANBgkqhkiG9w0BAQsFADBk
  1108. | MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
  1109. | QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
  1110. | Q0EgMzAeFw0xOTAxMDMwMDAwMDBaFw0yMTA0MDcwMDAwMDBaMIGhMQswCQYDVQQG
  1111. | EwJJTDEOMAwGA1UEBxMFSGFpZmExMjAwBgNVBAoTKVRlY2huaW9uIC0gSXNyYWVs
  1112. | IEluc3RpdHV0ZSBvZiBUZWNobm9sb2d5MTMwMQYDVQQLEypDb21wdXRpbmcgYW5k
  1113. | IEluZm9ybWF0aW9uIFN5c3RlbXMgRGl2aXNpb24xGTAXBgNVBAMMECoudGVjaG5p
  1114. | b24uYWMuaWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrbsBJ5E8N
  1115. | 8yRqPGXJPCjE7wQSOTsUGLf2eyzMcZuK5ly6us3egIaKWYHpVr1jLZswYxCJJwnE
  1116. | 9WHfd9+NAss80OtqpegXEt1rXATTi+ZBmrlyPcszLXHFhjAfVTTsiYtn+buGAfHS
  1117. | 6vzNR7UKYyBUNi7KVlJXdVKmC/zGolUD9vcEHo46fO+N0R5l1Np+HR21mSWwl4fu
  1118. | jw6nQaAexY6NyVYjAb3tQG4juVjNhUOv8VePTaibzSkJsMYGApwgeGIy4YH/7ERn
  1119. | zbLuJg32gptxRTOG5LmG+MN/TYpE6mCteNXHV68p6ukwEsy8NosZ5qFIxQNkDygO
  1120. | fv0GXpvckeMdAgMBAAGjggPTMIIDzzAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm7
  1121. | 6VERY3VQYjAdBgNVHQ4EFgQU6xf5haeoH0YxoKLYepuf6x/7IeswKwYDVR0RBCQw
  1122. | IoIQKi50ZWNobmlvbi5hYy5pbIIOdGVjaG5pb24uYWMuaWwwDgYDVR0PAQH/BAQD
  1123. | AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+g
  1124. | LaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAv
  1125. | oC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmww
  1126. | TAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
  1127. | d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQG
  1128. | CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKG
  1129. | LGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwG
  1130. | A1UdEwEB/wQCMAAwggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB1AO5Lvbd1zmC6
  1131. | 4UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaBQuZcgAAAQDAEYwRAIgW4hL3XRg
  1132. | srE8aPY8uyH9iV78CQ9cZ6WqoeCNaDuGIogCIAfhS7qTMM3kPeS1q/LAMBE2wvYd
  1133. | 6yN0FSPBdp8I3xq3AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8A
  1134. | AAFoFC5mpAAABAMARzBFAiBi2arDQpZ91NyNiJlolsOTyEEVp5yO203yGm7cgpmN
  1135. | EgIhAJKMBINOl+q/UJlJP56neNsFNPf/UHrPwpLDw3hrliGyAHYAb1N2rDHwMRnY
  1136. | mQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFoFC5nLAAABAMARzBFAiBq9Q9q8NlV
  1137. | 5cGb+UFCnpObZ8a2fgRtZ3yFQJ2FbtQx7wIhAKoZZEQUpdVGovc+ZqY9YV+MUinI
  1138. | 8I8YHLr6mllN1J0hAHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwA
  1139. | AAFoFC5npwAABAMASDBGAiEAhxLLLJ6a/WHB6LKIXm2SN83hkuKI9ZLCkrlkKhh6
  1140. | j8wCIQCGxM01lYryLbnLZlaqy9TgmfDrnooF4Vtxi5UHqou2kDANBgkqhkiG9w0B
  1141. | AQsFAAOCAQEAEcXnvweWPZxuPZTSiJioCRWfJs3z7ly1j0GeXrzmp2k5NnhIEEk3
  1142. | Y1rJqZpOS47Rx6PM9DO3858+pdLp1OI3C8hsJRJZy8evlG+zvzh8xTNlIM4YIJkh
  1143. | f6GnuJi66KuvlU/R0irkuTOf4ixoHy5FY54rbpe9o9pozTCnAu4h/ajo3MCt5bRC
  1144. | 8ynIAieNmwANMtuAlDYVZ8Dt2cAwguQ+JHvw2CX5gMawKSZ3NY8FHlWBiqDv4Vf1
  1145. | AVigXMNCSwODuMx6ddtqLZgwNfIyQWtLi+w4yQkBgX6MrOE+N/s3zPIyfglsQwj5
  1146. | Fz5+lObuzMmXNfwLKn0fAImQVZUpO1XRcA==
  1147. |_-----END CERTIFICATE-----
  1148. |_ssl-date: TLS randomness does not represent time
  1149. 445/tcp closed microsoft-ds conn-refused
  1150. Device type: general purpose
  1151. Running (JUST GUESSING): Linux 2.6.X (90%)
  1152. OS CPE: cpe:/o:linux:linux_kernel:2.6
  1153. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  1154. Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (90%)
  1155. No exact OS matches for host (test conditions non-ideal).
  1156. TCP/IP fingerprint:
  1157. SCAN(V=7.70%E=4%D=2/6%OT=80%CT=25%CU=%PV=N%G=N%TM=5C5B362D%P=x86_64-pc-linux-gnu)
  1158. SEQ(SP=FD%GCD=1%ISR=10E%TI=RD%CI=Z%TS=A)
  1159. OPS(O1=M4B3NNT11SLL%O2=M4B3NNT11SLL%O3=M4B3NNT11%O4=M4B3NNT11SLL%O5=M4B3NNT11SLL%O6=M4B3NNT11SLL)
  1160. WIN(W1=E19%W2=E19%W3=780%W4=648%W5=648%W6=31B)
  1161. ECN(R=Y%DF=Y%TG=FF%W=E19%O=M4B3SLL%CC=Y%Q=)
  1162. T1(R=Y%DF=Y%TG=FF%S=O%A=S+%F=AS%RD=0%Q=)
  1163. T2(R=N)
  1164. T3(R=N)
  1165. T4(R=N)
  1166. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  1167. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  1168. T7(R=N)
  1169. U1(R=N)
  1170. IE(R=N)
  1171.  
  1172. Uptime guess: 38.117 days (since Sun Dec 30 11:43:47 2018)
  1173. TCP Sequence Prediction: Difficulty=264 (Good luck!)
  1174. IP ID Sequence Generation: Randomized
  1175.  
  1176. TRACEROUTE (using proto 1/icmp)
  1177. HOP RTT ADDRESS
  1178. 1 22.86 ms 10.244.200.1
  1179. 2 22.92 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1180. 3 39.60 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  1181. 4 22.91 ms 77.243.185.226
  1182. 5 23.09 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
  1183. 6 22.98 ms hu0-4-0-1.ccr21.ymq01.atlas.cogentco.com (154.54.25.126)
  1184. 7 92.35 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  1185. 8 102.66 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  1186. 9 108.80 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
  1187. 10 108.68 ms be3186.agr41.fra03.atlas.cogentco.com (130.117.0.2)
  1188. 11 109.86 ms 149.29.9.10
  1189. 12 ...
  1190. 13 123.54 ms ae2.mx1.lon.uk.geant.net (62.40.98.80)
  1191. 14 180.87 ms iucc-ias-iucc-gw.lon.uk.geant.net (83.97.88.94)
  1192. 15 180.90 ms technion-gp1-10g.ilan.net.il (128.139.234.2)
  1193. 16 ... 30
  1194.  
  1195. NSE: Script Post-scanning.
  1196. NSE: Starting runlevel 1 (of 2) scan.
  1197. Initiating NSE at 14:31
  1198. Completed NSE at 14:31, 0.00s elapsed
  1199. NSE: Starting runlevel 2 (of 2) scan.
  1200. Initiating NSE at 14:31
  1201. Completed NSE at 14:31, 0.00s elapsed
  1202. Read data files from: /usr/bin/../share/nmap
  1203. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1204. Nmap done: 1 IP address (1 host up) scanned in 71.35 seconds
  1205. Raw packets sent: 141 (10.152KB) | Rcvd: 10069 (2.058MB)
  1206. #######################################################################################################################################
  1207. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 14:31 EST
  1208. NSE: Loaded 148 scripts for scanning.
  1209. NSE: Script Pre-scanning.
  1210. Initiating NSE at 14:31
  1211. Completed NSE at 14:31, 0.00s elapsed
  1212. Initiating NSE at 14:31
  1213. Completed NSE at 14:31, 0.00s elapsed
  1214. Initiating Parallel DNS resolution of 1 host. at 14:31
  1215. Completed Parallel DNS resolution of 1 host. at 14:31, 0.02s elapsed
  1216. Initiating UDP Scan at 14:31
  1217. Scanning egroll.technion.ac.il (132.68.239.54) [14 ports]
  1218. Completed UDP Scan at 14:31, 1.26s elapsed (14 total ports)
  1219. Initiating Service scan at 14:31
  1220. Scanning 12 services on egroll.technion.ac.il (132.68.239.54)
  1221. Service scan Timing: About 8.33% done; ETC: 14:51 (0:17:47 remaining)
  1222. Completed Service scan at 14:33, 102.58s elapsed (12 services on 1 host)
  1223. Initiating OS detection (try #1) against egroll.technion.ac.il (132.68.239.54)
  1224. Retrying OS detection (try #2) against egroll.technion.ac.il (132.68.239.54)
  1225. Initiating Traceroute at 14:33
  1226. Completed Traceroute at 14:33, 7.10s elapsed
  1227. Initiating Parallel DNS resolution of 1 host. at 14:33
  1228. Completed Parallel DNS resolution of 1 host. at 14:33, 0.02s elapsed
  1229. NSE: Script scanning 132.68.239.54.
  1230. Initiating NSE at 14:33
  1231. Completed NSE at 14:34, 20.31s elapsed
  1232. Initiating NSE at 14:34
  1233. Completed NSE at 14:34, 1.02s elapsed
  1234. Nmap scan report for egroll.technion.ac.il (132.68.239.54)
  1235. Host is up (0.025s latency).
  1236.  
  1237. PORT STATE SERVICE VERSION
  1238. 53/udp open|filtered domain
  1239. 67/udp open|filtered dhcps
  1240. 68/udp open|filtered dhcpc
  1241. 69/udp open|filtered tftp
  1242. 88/udp open|filtered kerberos-sec
  1243. 123/udp open|filtered ntp
  1244. 137/udp filtered netbios-ns
  1245. 138/udp filtered netbios-dgm
  1246. 139/udp open|filtered netbios-ssn
  1247. 161/udp open|filtered snmp
  1248. 162/udp open|filtered snmptrap
  1249. 389/udp open|filtered ldap
  1250. 520/udp open|filtered route
  1251. 2049/udp open|filtered nfs
  1252. Too many fingerprints match this host to give specific OS details
  1253.  
  1254. TRACEROUTE (using port 138/udp)
  1255. HOP RTT ADDRESS
  1256. 1 21.87 ms 10.244.200.1
  1257. 2 ... 3
  1258. 4 21.16 ms 10.244.200.1
  1259. 5 26.66 ms 10.244.200.1
  1260. 6 26.66 ms 10.244.200.1
  1261. 7 26.65 ms 10.244.200.1
  1262. 8 26.65 ms 10.244.200.1
  1263. 9 26.65 ms 10.244.200.1
  1264. 10 26.65 ms 10.244.200.1
  1265. 11 ... 18
  1266. 19 25.26 ms 10.244.200.1
  1267. 20 24.98 ms 10.244.200.1
  1268. 21 ... 28
  1269. 29 23.92 ms 10.244.200.1
  1270. 30 20.64 ms 10.244.200.1
  1271.  
  1272. NSE: Script Post-scanning.
  1273. Initiating NSE at 14:34
  1274. Completed NSE at 14:34, 0.00s elapsed
  1275. Initiating NSE at 14:34
  1276. Completed NSE at 14:34, 0.00s elapsed
  1277. Read data files from: /usr/bin/../share/nmap
  1278. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1279. Nmap done: 1 IP address (1 host up) scanned in 135.49 seconds
  1280. Raw packets sent: 146 (9.936KB) | Rcvd: 6404 (1.108MB)
  1281. #######################################################################################################################################
  1282. [-] Date & Time: 06/02/2019 13:51:31
  1283. [I] Threads: 5
  1284. [-] Target: http://tcsb.technion.ac.il (132.68.239.54)
  1285. [M] Website Not in HTTPS: http://tcsb.technion.ac.il
  1286. [L] X-Frame-Options: Not Enforced
  1287. [I] Strict-Transport-Security: Not Enforced
  1288. [I] X-Content-Security-Policy: Not Enforced
  1289. [I] X-Content-Type-Options: Not Enforced
  1290. [L] Robots.txt Found: http://tcsb.technion.ac.il/robots.txt
  1291. [I] CMS Detection: WordPress
  1292. [I] Wordpress Theme: TCSB
  1293. [L] Wordpress Hello Plugin Full Path Disclosure: /home/tcsb/public_html/wp-content/plugins/hello.php
  1294. [-] WordPress usernames identified:
  1295. [M] tcsbadmin
  1296. [M] XML-RPC services are enabled
  1297. [M] Website vulnerable to XML-RPC Brute Force Vulnerability
  1298. [I] Autocomplete Off Not Found: http://tcsb.technion.ac.il/wp-login.php
  1299. [-] Default WordPress Files:
  1300. [I] http://tcsb.technion.ac.il/license.txt
  1301. [I] http://tcsb.technion.ac.il/readme.html
  1302. [I] http://tcsb.technion.ac.il/wp-content/themes/twentyfifteen/genericons/COPYING.txt
  1303. [I] http://tcsb.technion.ac.il/wp-content/themes/twentyfifteen/genericons/LICENSE.txt
  1304. [I] http://tcsb.technion.ac.il/wp-content/themes/twentyfifteen/readme.txt
  1305. [I] http://tcsb.technion.ac.il/wp-includes/ID3/license.commercial.txt
  1306. [I] http://tcsb.technion.ac.il/wp-includes/ID3/license.txt
  1307. [I] http://tcsb.technion.ac.il/wp-includes/ID3/readme.txt
  1308. [I] http://tcsb.technion.ac.il/wp-includes/images/crystal/license.txt
  1309. [I] http://tcsb.technion.ac.il/wp-includes/js/plupload/license.txt
  1310. [I] http://tcsb.technion.ac.il/wp-includes/js/swfupload/license.txt
  1311. [I] http://tcsb.technion.ac.il/wp-includes/js/tinymce/license.txt
  1312. [-] Searching Wordpress Plugins ...
  1313. [I] adrotate
  1314. [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
  1315. [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
  1316. [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
  1317. [I] ads-box
  1318. [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
  1319. [I] contact-form-7 v4.7
  1320. [I] feed
  1321. [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
  1322. [I] firestats
  1323. [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
  1324. [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
  1325. [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
  1326. [I] google-captcha v1.27
  1327. [I] simple-ads-manager
  1328. [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
  1329. [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
  1330. [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
  1331. [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
  1332. [I] wp-accessibility v1.5.10
  1333. [I] wp-bannerize
  1334. [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
  1335. [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
  1336. [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
  1337. [I] Checking for Directory Listing Enabled ...
  1338. [L] http://tcsb.technion.ac.il/wp-admin/css
  1339. [L] http://tcsb.technion.ac.il/wp-admin/images
  1340. [L] http://tcsb.technion.ac.il/wp-admin/includes
  1341. [L] http://tcsb.technion.ac.il/wp-admin/js
  1342. [L] http://tcsb.technion.ac.il/wp-admin/maint
  1343. [L] http://tcsb.technion.ac.il/wp-includes
  1344. [L] http://tcsb.technion.ac.il/wp-includes/ID3
  1345. [L] http://tcsb.technion.ac.il/wp-includes/IXR
  1346. [L] http://tcsb.technion.ac.il/wp-includes/Requests
  1347. [L] http://tcsb.technion.ac.il/wp-includes/SimplePie
  1348. [L] http://tcsb.technion.ac.il/wp-includes/Text
  1349. [L] http://tcsb.technion.ac.il/wp-includes/certificates
  1350. [L] http://tcsb.technion.ac.il/wp-includes/css
  1351. [L] http://tcsb.technion.ac.il/wp-includes/customize
  1352. [L] http://tcsb.technion.ac.il/wp-includes/fonts
  1353. [L] http://tcsb.technion.ac.il/wp-includes/images
  1354. [L] http://tcsb.technion.ac.il/wp-includes/js
  1355. [L] http://tcsb.technion.ac.il/wp-includes/pomo
  1356. [L] http://tcsb.technion.ac.il/wp-includes/random_compat
  1357. [L] http://tcsb.technion.ac.il/wp-includes/rest-api
  1358. [L] http://tcsb.technion.ac.il/wp-includes/theme-compat
  1359. [L] http://tcsb.technion.ac.il/wp-includes/widgets
  1360. [L] http://tcsb.technion.ac.il/wp-content/plugins/contact-form-7
  1361. [L] http://tcsb.technion.ac.il/wp-content/plugins/google-captcha
  1362. [L] http://tcsb.technion.ac.il/wp-content/plugins/wp-accessibility
  1363. [-] Date & Time: 06/02/2019 13:55:38
  1364. [-] Completed in: 0:04:07
  1365. #######################################################################################################################################
  1366. ---------------------------------------------------------------------------------------------------------------------------------------
  1367. + Target IP: 132.68.239.54
  1368. + Target Hostname: tcsb.technion.ac.il
  1369. + Target Port: 80
  1370. + Start Time: 2019-02-06 14:09:59 (GMT-5)
  1371. ---------------------------------------------------------------------------------------------------------------------------------------
  1372. + Server: No banner retrieved
  1373. + The anti-clickjacking X-Frame-Options header is not present.
  1374. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  1375. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  1376. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
  1377. + Scan terminated: 20 error(s) and 3 item(s) reported on remote host
  1378. + End Time: 2019-02-06 14:13:22 (GMT-5) (203 seconds)
  1379. --------------------------------------------------------------------------------------------------------------------------------------
  1380. #######################################################################################################################################
  1381. Anonymous JTSEC #OpIsraël Full Recon #10
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!