Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname top.play-kitty.com ISP Hostmaze Inc Srl-d
- Continent Europe Flag
- RO
- Country Romania Country Code RO
- Region Unknown Local time 27 Aug 2018 12:19 EEST
- City Unknown Postal Code Unknown
- IP Address 89.46.222.229 Latitude 46
- Longitude 25
- #######################################################################################################################################
- HostIP:89.46.222.229
- HostName:top.play-kitty.com
- Gathered Inet-whois information for 89.46.222.229
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 89.46.222.0 - 89.46.222.255
- netname: HOSTMAZE-INC-SRL-D
- descr: HOSTMAZE INC SRL-D
- descr: Platanilor nr 5 sc a ap 3
- descr: Timisoara Timis 300185
- country: ro
- admin-c: VAC38-RIPE
- tech-c: VAC38-RIPE
- abuse-c: HISD5-RIPE
- status: ASSIGNED PA
- remarks: Registered through http://www.ip.ro/ip.html
- mnt-by: RO-MNT
- mnt-lower: RO-MNT
- mnt-routes: HOSTMAZE-MNT
- created: 2015-04-20T15:47:35Z
- last-modified: 2017-11-07T12:23:58Z
- source: RIPE
- person: VERES ALEXANDRU CRISTIAN
- address: HOSTMAZE INC SRL-D
- address: Platanilor nr 5
- address: Timisoara Timis 300185
- phone: +40763117997
- nic-hdl: VAC38-RIPE
- mnt-by: HOSTMAZE-MNT
- created: 2016-03-23T06:13:36Z
- last-modified: 2017-11-30T02:40:34Z
- source: RIPE # Filtered
- % Information related to '89.46.222.0/24AS48874'
- route: 89.46.222.0/24
- origin: AS48874
- mnt-by: HOSTMAZE-MNT
- created: 2017-05-08T20:41:05Z
- last-modified: 2017-05-08T20:41:05Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.91.2 (BLAARKOP)
- Gathered Inic-whois information for top.play-kitty.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- ERROR: Unable to locate Name Whois data on top.play-kitty.com
- Gathered Netcraft information for top.play-kitty.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for top.play-kitty.com
- Netcraft.com Information gathered
- Gathered Subdomain information for top.play-kitty.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 possible subdomain(s) for host top.play-kitty.com, Searched 0 pages containing 0 results
- Gathered E-Mail information for top.play-kitty.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host top.play-kitty.com, Searched 0 pages containing 0 results
- Gathered TCP Port information for 89.46.222.229
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 22/tcp open
- 80/tcp open
- Portscan Finished: Scanned 150 ports, 141 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://top.play-kitty.com
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Top Sites
- [+] IP address: 89.46.222.229
- [+] Web Server: nginx/1.10.2
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- =======================================================================================================================================
- No match for "TOP.PLAY-KITTY.COM".
- >>> Last update of whois database: 2018-08-27T09:26:04Z <<<
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 89.46.222.229
- [i] Country: RO
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 46.000000
- [i] Longitude: 25.000000
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Server: nginx/1.10.2
- [i] Date: Mon, 27 Aug 2018 09:26:28 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Content-Length: 34342
- [i] Connection: close
- [i] Accept-Ranges: bytes
- D N S L O O K U P
- =======================================================================================================================================
- ;; Truncated, retrying in TCP mode.
- top.play-kitty.com. 3789 IN HINFO "ANY/RRSIG query Disabled" "See draft-ietf-dnsop-refuse-any"
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 89.46.222.229
- Network = 89.46.222.229 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 89.46.222.229 - 89.46.222.229 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2018-08-27 09:26 UTC
- Nmap scan report for top.play-kitty.com (89.46.222.229)
- Host is up (0.12s latency).
- rDNS record for 89.46.222.229: anticenz.org
- PORT STATE SERVICE
- 21/tcp closed ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds
- #######################################################################################################################################
- [?] Enter the target: http://top.play-kitty.com/
- [!] IP Address : 89.46.222.229
- [!] Server: nginx/1.10.2
- [+] Clickjacking protection is not in place.
- [!] top.play-kitty.com doesn't seem to use a CMS
- [+] Honeypot Probabilty: 0%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for top.play-kitty.com
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/top.play-kitty.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp closed ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- [+] Host Records (A)
- top.play-kitty.comHTTP: (89.46.222.229) AS48874 Hostmaze Inc Srl-d Romania
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/top.play-kitty.com.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- pixel-1535362002749880-web-@top.play-kitty.com
- pixel-1535362010614193-web-@top.play-kitty.com
- No hosts found
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Crawling the target for fuzzable URLs
- [-] No fuzzable URLs found
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- top.play-kitty.com -----
- Host's addresses:
- __________________
- top.play-kitty.com. 28798 IN A 89.46.222.229
- Name Servers:
- ______________
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-27 05:23 EDT
- Nmap scan report for top.play-kitty.com (89.46.222.229)
- Host is up (0.55s latency).
- rDNS record for 89.46.222.229: anticenz.org
- Not shown: 468 closed ports, 6 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- Nmap done: 1 IP address (1 host up) scanned in 14.95 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-27 05:23 EDT
- Nmap scan report for top.play-kitty.com (89.46.222.229)
- Host is up.
- rDNS record for 89.46.222.229: anticenz.org
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp open|filtered netbios-ns
- 138/udp open|filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds
- #######################################################################################################################################
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 opened... running tests...
- # general
- (gen) banner: SSH-2.0-OpenSSH_4.3
- (gen) software: OpenSSH 4.3
- (gen) compatibility: OpenSSH 4.2-6.6, Dropbear SSH 0.53+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # encryption algorithms (ciphers)
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 2.1.0
- (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- # message authentication code algorithms
- (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.5.0
- (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.1.0
- (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
- (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0
- # algorithm recommendations (for OpenSSH 4.3)
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ssh-dss -- key algorithm to remove
- (rec) -arcfour -- enc algorithm to remove
- (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -arcfour256 -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -arcfour128 -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-ripemd160 -- mac algorithm to remove
- (rec) -hmac-md5-96 -- mac algorithm to remove
- (rec) -hmac-sha1-96 -- mac algorithm to remove
- (rec) -hmac-md5 -- mac algorithm to remove
- (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-27 05:23 EDT
- Nmap scan report for top.play-kitty.com (89.46.222.229)
- Host is up (0.084s latency).
- rDNS record for 89.46.222.229: anticenz.org
- PORT STATE SERVICE VERSION
- 22/tcp filtered ssh
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: firewall|general purpose
- Running: Linux 2.4.X|2.6.X, ISS embedded
- OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
- OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 ... 30
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 12.18 seconds
- # cowsay++
- ____________
- < metasploit >
- ------------
- \ ,__,
- \ (oo)____
- (__) )\
- ||--|| *
- =[ metasploit v4.17.8-dev ]
- + -- --=[ 1803 exploits - 1027 auxiliary - 311 post ]
- + -- --=[ 538 payloads - 41 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- USER_FILE => /brutex/wordlists/simple-users.txt
- RHOSTS => top.play-kitty.com
- RHOST => top.play-kitty.com
- [+] 89.46.222.229:22 - SSH server version: SSH-2.0-OpenSSH_4.3 ( service.version=4.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
- [*] top.play-kitty.com:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
- [+] 89.46.222.229:22 - SSH server version: SSH-2.0-OpenSSH_4.3 ( service.version=4.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
- [*] top.play-kitty.com:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://top.play-kitty.com
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 14
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://top.play-kitty.com...
- ___________________________________________ SITE INFO ____________________________________________
- IP Title
- 89.46.222.229 Top Sites
- ____________________________________________ VERSION _____________________________________________
- Name Versions Type
- Apache 2.0.48 | 2.0.49 | 2.0.50 | 2.0.51 | 2.0.52 | 2.0.53 | 2.0.54 Platform
- 2.0.55 | 2.0.56 | 2.0.57 | 2.0.58 | 2.0.59 | 2.0.60 | 2.1.1
- 2.1.10 | 2.1.2 | 2.1.3 | 2.1.4 | 2.1.5 | 2.1.6 | 2.1.7
- 2.1.8 | 2.1.9 | 2.2.0 | 2.2.1 | 2.2.2 | 2.2.3 | 2.2.4
- 2.2.5
- nginx 1.10.2 Platform
- __________________________________________________________________________________________________
- Time: 353.5 sec Urls: 599 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Server: nginx/1.10.2
- Date: Mon, 27 Aug 2018 09:30:56 GMT
- Content-Type: text/html; charset=UTF-8
- Content-Length: 34342
- Connection: keep-alive
- Accept-Ranges: bytes
- #######################################################################################################################################
- I, [2018-08-27T05:30:58.411841 #2964] INFO -- : Initiating port scan
- I, [2018-08-27T05:31:54.968880 #2964] INFO -- : Using nmap scan output file logs/nmap_output_2018-08-27_05-30-58.xml
- W, [2018-08-27T05:31:54.970137 #2964] WARN -- : Yasuo did not find any potential hosts to enumerate
- ____
- #######################################################################################################################################
- [*] Processing domain top.play-kitty.com
- [+] Getting nameservers
- [-] Getting nameservers failed
- [-] Zone transfer failed
- [*] Scanning top.play-kitty.com for A records
- 89.46.222.229 - top.play-kitty.com
- #######################################################################################################################################
- *] Performing General Enumeration of Domain: top.play-kitty.com
- [-] DNSSEC is not configured for top.play-kitty.com
- [*] SOA ns8.seattledomains.net 162.251.82.124
- [*] SOA ns8.seattledomains.net 162.251.82.125
- [*] SOA ns8.seattledomains.net 162.251.82.252
- [*] SOA ns8.seattledomains.net 162.251.82.253
- [-] Could not Resolve NS Records for top.play-kitty.com
- [-] Could not Resolve MX Records for top.play-kitty.com
- [*] A top.play-kitty.com 89.46.222.229
- [*] Enumerating SRV Records
- [-] No SRV Records Found for top.play-kitty.com
- [+] 0 Records Found
- #######################################################################################################################################
- =======================================================================================================================================
- Hosts 5
- DNS Records 5
- Hosts (5)
- =======================================================================================================================================
- 89.46.222.229
- 162.251.82.124
- 162.251.82.125
- 162.251.82.252
- 162.251.82.253
- DNS Records (5)
- =======================================================================================================================================
- top.play-kitty.com A 89.46.222.229
- ns8.seattledomains.net SOA 162.251.82.124
- ns8.seattledomains.net SOA 162.251.82.125
- ns8.seattledomains.net SOA 162.251.82.252
- ns8.seattledomains.net SOA 162.251.82.253
- Loadbalancing
- =======================================================================================================================================
- Checking for DNS-Loadbalancing:
- NOT FOUND
- Checking for HTTP-Loadbalancing [Server]:
- nginx/1.10.2
- NOT FOUND
- Checking for HTTP-Loadbalancing [Date]:
- 09:46:09, 09:46:10, 09:46:13, 09:46:14, 09:46:16, 09:46:18, 09:46:20, 09:46:22, 09:46:24, 09:46:26,
- 09:46:28, 09:46:31, 09:46:34, 09:46:37, 09:46:39, 09:46:41, 09:46:44, 09:46:48, 09:46:51, 09:46:53,
- 09:46:55, 09:46:57, 09:46:58, 09:47:01, 09:47:03, 09:47:05, 09:47:07, 09:47:09, 09:47:11, 09:47:13,
- 09:47:15, 09:47:17, 09:47:19, 09:47:21, 09:47:23, 09:47:25, 09:47:27, 09:47:29, 09:47:31, 09:47:32,
- 09:47:34, 09:47:36, 09:47:38, 09:47:40, 09:47:43, 09:47:45, 09:47:47, 09:47:49, 09:47:51, 09:47:52,
- NOT FOUND
- Checking for HTTP-Loadbalancing [Diff]:
- NOT FOUND
- #######################################################################################################################################
- ICMP ECHO
- 1 public-gw.vpngate.net (10.211.254.254)
- 2 WRC-1167GHBK2-S.elecom (192.168.2.1)
- 3 softbank219188212218.bbtec.net (219.188.212.218)
- 4 softbank221110220117.bbtec.net (221.110.220.117)
- 5 softbank221110220065.bbtec.net (221.110.220.65)
- 6 10.0.61.13 (10.0.61.13)
- 7 10.0.60.101 (10.0.60.101)
- 8 10.9.203.90 (10.9.203.90)
- 9 ae-13.a01.tokyjp05.jp.bb.gin.ntt.net (203.105.72.85)
- 10 ae-23.r02.tokyjp05.jp.bb.gin.ntt.net (129.250.5.247)
- 11 ae-3.r31.tokyjp05.jp.bb.gin.ntt.net (129.250.3.29)
- 12 ae-7.r23.lsanca07.us.bb.gin.ntt.net (129.250.3.14)
- 13 ae-6.r22.asbnva02.us.bb.gin.ntt.net (129.250.3.188)
- 14 ae-6.r25.frnkge08.de.bb.gin.ntt.net (129.250.4.97)
- 15 ae-28.r03.frnkge03.de.bb.gin.ntt.net (129.250.5.147)
- 16 213.198.77.198 (213.198.77.198)
- 17 * *
- 18 * *
- 19 * *
- 20 * *
- 21 tms0.banatnet.ro (85.204.98.6)
- 22 85.120.160.130 (85.120.160.130)
- 23 89.46.222.3 (89.46.222.3)
- 24 anticenz.org (89.46.222.229)
- TCP SYN
- 1 anticenz.org (89.46.222.229)
- Zone Transfer
- =======================================================================================================================================
- #######################################################################################################################################
- Resolving SOA Record
- SOA ns8.seattledomains.net 162.251.82.253
- SOA ns8.seattledomains.net 162.251.82.125
- SOA ns8.seattledomains.net 162.251.82.124
- SOA ns8.seattledomains.net 162.251.82.252
- Resolving NS Records
- Could not Resolve NS Records
- Trying NS server 162.251.82.125
- Zone transfer error: NOTIMP
- Trying NS server 162.251.82.252
- Zone transfer error: NOTIMP
- Trying NS server 162.251.82.124
- Zone transfer error: NOTIMP
- Trying NS server 162.251.82.253
- Zone transfer error: NOTIMP
- Whatweb
- =======================================================================================================================================
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 89.46.222.229
- + Target Hostname: top.play-kitty.com
- + Target Port: 80
- + Start Time: 2018-08-27 10:40:37 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: nginx/1.10.2
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Server leaks inodes via ETags, header found with file /index.htm, inode: 18104394, size: 15140, mtime: Sun Oct 31 07:19:12 2066
- + Multiple index files found: /index.htm, /index.html
- + ERROR: Error limit (20) reached for host, giving up. Last error:
- + Scan terminated: 4 error(s) and 5 item(s) reported on remote host
- + End Time: 2018-08-27 11:19:32 (GMT-4) (2335 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------#######################################################################################################################################
- =======================================================================================================================================
- | Domain: http://top.play-kitty.com/
- | Server: nginx/1.10.2
- | IP: 89.46.222.229
- =======================================================================================================================================
- |
- | Directory check:
- | [+] CODE: 200 URL: http://top.play-kitty.com/awstats/
- | [+] CODE: 200 URL: http://top.play-kitty.com/banners/
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/
- | [+] CODE: 200 URL: http://top.play-kitty.com/error/
- | [+] CODE: 200 URL: http://top.play-kitty.com/icons/
- | [+] CODE: 200 URL: http://top.play-kitty.com/top/
- =======================================================================================================================================
- |
- | File check:
- | [+] CODE: 200 URL: http://top.play-kitty.com/server-status
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/.htaccess~
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/.htaccess.old
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/.htaccess.save
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/.htaccess
- | [+] CODE: 200 URL: http://top.play-kitty.com/cgi-bin/.htpasswd
- | [+] CODE: 200 URL: http://top.play-kitty.com/error/HTTP_NOT_FOUND.html.var
- | [+] CODE: 200 URL: http://top.play-kitty.com/.htpasswd
- | [+] CODE: 200 URL: http://top.play-kitty.com/.htaccess
- | [+] CODE: 200 URL: http://top.play-kitty.com/index.htm
- | [+] CODE: 200 URL: http://top.play-kitty.com/index.html
- | [+] CODE: 200 URL: http://top.play-kitty.com/index.html~
- =======================================================================================================================================
- #######################################################################################################################################
- | External hosts:
- | [+] External Host Found: http://yulia2.feburo.com
- | [+] External Host Found: http://nonuchan.net
- | [+] External Host Found: http://euro2.finelady.biz
- | [+] External Host Found: http://www.shameless-preteens.net
- | [+] External Host Found: http://out.php?url=part2.candydoll.lv
- | [+] External Host Found: http://janet.topmodelsart.com
- | [+] External Host Found: http://nn-models.review
- | [+] External Host Found: http://kristina2.feburo.com
- | [+] External Host Found: http://out.php?url=part1.candydoll.lv
- | [+] External Host Found: http://out.php?url=part6.candydoll.lv
- | [+] External Host Found: http://www.100nn.net
- | [+] External Host Found: http://out.php?url=part4.candydoll.lv
- | [+] External Host Found: http://usenetbrowser.net
- | [+] External Host Found: http://daphne2.feburo.com
- | [+] External Host Found: http://euro.finelady.biz
- | [+] External Host Found: http://www.preteen-goddesses.com
- | [+] External Host Found: http://cgi-works.net
- | [+] External Host Found: http://karen.topmodelsart.com
- | [+] External Host Found: http://art-modeling.net
- | [+] External Host Found: http://top.merryangels.com
- | [+] External Host Found: http://out.php?url=part5.candydoll.lv
- | [+] External Host Found: http://www.youth-and-beauty.info
- | [+] External Host Found: http://nn-forum.net
- | [+] External Host Found: http://nnville.net
- | [+] External Host Found: http://100nn.net
- | [+] External Host Found: http://hdvid.feburo.com
- | [+] External Host Found: http://www.candydoll.lv
- | [+] External Host Found: http://yulia.feburo.com
- | [+] External Host Found: http://findbetterresults.com
- | [+] External Host Found: http://japstars1.finelady.biz
- | [+] External Host Found: http://out.php?url=part9.candydoll.lv
- | [+] External Host Found: http://ww31.little-cuties.biz
- | [+] External Host Found: http://top.modedolls.com
- | [+] External Host Found: http://out.php?url=part10.candydoll.lv
- | [+] External Host Found: http://candydollchan.net
- | [+] External Host Found: http://out.php?url=part3.candydoll.lv
- #######################################################################################################################################
- | File Upload Forms:
- | [+] Upload Form Found: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=nnchan
- | [+] Upload Form Found: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=candy
- |
- | E-mails:
- | [+] E-mail Found: dotnet@mail.nu
- | [+] E-mail Found: support@play-kitty.info
- ######################################################################################################################################
- | FCKeditor tests:
- |
- |
- | Timthumb < 1.33 vulnerability:
- |
- |
- | Backup Files:
- | [+] CODE: 200 URL: http://top.play-kitty.com/index.html~
- |
- |
- | Blind SQL Injection:
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=candy+AND+1=1
- | [+] Keyword: Subject
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=vica123+AND+1=1
- | [+] Keyword: NoNude
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=hqnn'+AND+'1'='1
- | [+] Keyword: nonude
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=nnchan'+AND+'1'='1
- | [+] Keyword: preview
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=vica123'+AND+'1'='1
- | [+] Keyword: gallery
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=shpre'+AND+'1'='1
- | [+] Keyword: beauty
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=godd'+AND+'1'='1
- | [+] Keyword: LITTLE
- | [+] Vul [Blind SQL-i]: http://top.play-kitty.com/cgi-bin/top/out.cgi?id=starz'+AND+'1'='1
- | [+] Keyword: PRETEEN
- |
- #######################################################################################################################################
- Anonymous JTSEC #OpDeathEathers full Recon #4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement