Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname whitenilestate.gov.sd ISP NICDC
- Continent Africa Flag
- SD
- Country Sudan Country Code SD
- Region Unknown Local time 15 Jun 2019 06:26 CAT
- City Unknown Postal Code Unknown
- IP Address 62.12.105.3 Latitude 15
- Longitude 30
- =======================================================================================================================================
- #######################################################################################################################################
- > whitenilestate.gov.sd
- Server: 185.93.180.131
- Address: 185.93.180.131#53
- Non-authoritative answer:
- Name: whitenilestate.gov.sd
- Address: 62.12.105.3
- >
- #######################################################################################################################################
- [+] Target : whitenilestate.gov.sd
- [+] IP Address : 62.12.105.3
- [+] Headers :
- [+] Cache-Control : private
- [+] Content-Type : text/html; charset=utf-8
- [+] Content-Encoding : gzip
- [+] Vary : Accept-Encoding
- [+] Server : Microsoft-IIS/8.5
- [+] X-AspNet-Version : 4.0.30319
- [+] X-Powered-By : ASP.NET
- [+] X-Powered-By-Plesk : PleskWin
- [+] Date : Sat, 15 Jun 2019 04:31:40 GMT
- [+] Content-Length : 6805
- [+] SSL Certificate Information :
- [-] SSL is not Present on Target URL...Skipping...
- [+] Whois Lookup :
- [+] NIR : None
- [+] ASN Registry : afrinic
- [+] ASN : 327881
- [+] ASN CIDR : 62.12.105.0/24
- [+] ASN Country Code : SD
- [+] ASN Date : 2015-05-11
- [+] ASN Description : NICDC, SD
- [+] cidr : 62.12.105.0/24
- [+] name : ORG-MoTa1-AFRINIC
- [+] handle : IAEI1-AFRINIC
- [+] range : 62.12.105.0 - 62.12.105.255
- [+] description : National Information Center (NIC)
- [+] country : SD
- [+] state : None
- [+] city : None
- [+] address : National Information Center (NIC)
- [+] postal_code : None
- [+] emails : None
- [+] created : None
- [+] updated : None
- [+] Crawling Target...
- [+] Looking for robots.txt........[ Not Found ]
- [+] Looking for sitemap.xml.......[ Not Found ]
- [+] Extracting CSS Links..........[ 6 ]
- [+] Extracting Javascript Links...[ 17 ]
- [+] Extracting Internal Links.....[ 0 ]
- [+] Extracting External Links.....[ 10 ]
- [+] Extracting Images.............[ 16 ]
- [+] Total Links Extracted : 49
- [+] Dumping Links in /opt/FinalRecon/dumps/whitenilestate.gov.sd.dump
- [+] Completed!
- #######################################################################################################################################
- [+] Starting At 2019-06-15 00:31:40.588942
- [+] Collecting Information On: whitenilestate.gov.sd
- [#] Status: 200
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Web Server Detected: Microsoft-IIS/8.5
- [#] X-Powered-By: ASP.NET
- [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
- - Cache-Control: private
- - Content-Type: text/html; charset=utf-8
- - Content-Encoding: gzip
- - Vary: Accept-Encoding
- - Server: Microsoft-IIS/8.5
- - X-AspNet-Version: 4.0.30319
- - X-Powered-By: ASP.NET
- - X-Powered-By-Plesk: PleskWin
- - Date: Sat, 15 Jun 2019 04:31:35 GMT
- - Content-Length: 6805
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Finding Location..!
- [#] as: AS327881 National Information Center (NIC)
- [#] city: Khartoum
- [#] country: Sudan
- [#] countryCode: SD
- [#] isp: National Information Center
- [#] lat: 15.5007
- [#] lon: 32.5599
- [#] org: ORG MoTa1 AFRINIC
- [#] query: 62.12.105.3
- [#] region: KH
- [#] regionName: Khartoum
- [#] status: success
- [#] timezone: Africa/Khartoum
- [#] zip:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Detected WAF Presence in web application: ASP.NET Generic Web Application Protection
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Starting Reverse DNS
- [!] Found 4 any Domain
- - moiat.gov.sd
- - ombudsman.gov.sd
- - trafficpolice.gov.sd
- - whitenilestate.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- [!] Scanning Open Port
- [#] 21/tcp open ftp
- [#] 80/tcp open http
- [#] 110/tcp open pop3
- [#] 143/tcp open imap
- [#] 443/tcp open https
- [#] 8443/tcp open https-alt
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Collecting Information Disclosure!
- #######################################################################################################################################
- [i] Scanning Site: http://whitenilestate.gov.sd
- B A S I C I N F O
- ====================
- [+] Site Title: ولاية النيل الابيض
- [+] IP address: 62.12.105.3
- [+] Web Server: Microsoft-IIS/8.5
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- #######################################################################################################################################
- G E O I P L O O K U P
- =========================
- [i] IP Address: 62.12.105.3
- [i] Country: Sudan
- [i] State:
- [i] City:
- [i] Latitude: 15.0
- [i] Longitude: 30.0
- #######################################################################################################################################
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Cache-Control: private
- [i] Content-Type: text/html; charset=utf-8
- [i] Server: Microsoft-IIS/8.5
- [i] X-AspNet-Version: 4.0.30319
- [i] X-Powered-By: ASP.NET
- [i] X-Powered-By-Plesk: PleskWin
- [i] Date: Sat, 15 Jun 2019 04:31:58 GMT
- [i] Connection: close
- [i] Content-Length: 31905
- #######################################################################################################################################
- D N S L O O K U P
- ===================
- whitenilestate.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092500 10800 900 604800 86400
- whitenilestate.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 21599 IN A 62.12.105.3
- whitenilestate.gov.sd. 21599 IN MX 10 mail.whitenilestate.gov.sd.
- whitenilestate.gov.sd. 21599 IN TXT "v=spf1 mx -all"
- #######################################################################################################################################
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 62.12.105.3
- Network = 62.12.105.3 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 62.12.105.3 - 62.12.105.3 }
- #######################################################################################################################################
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 04:32 UTC
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.20s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 3.21 seconds
- #######################################################################################################################################
- Enter Address Website = whitenilestate.gov.sd
- Reversing IP With HackTarget 'whitenilestate.gov.sd'
- -------------------------------------------------------
- [+] eservices.motrb.gov.sd
- [+] mail.nashattolabi.sd
- [+] mail.saec.gov.sd
- [+] mail.test.net.sd
- [+] moiat.gov.sd
- [+] ncsp.gov.sd
- [+] penfund.gov.sd
- [+] saec.gov.sd
- [+] sudanpolice.gov.sd
- [+] test.net.sd
- [+] whitenilestate.gov.sd
- [+] www.sudanpolice.gov.sd
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'whitenilestate.gov.sd'
- -------------------------------------------------------
- [*] IP: 62.12.105.3
- [*] Domain: whitenilestate.gov.sd
- [*] Total Domains: 4
- [+] moiat.gov.sd
- [+] ombudsman.gov.sd
- [+] trafficpolice.gov.sd
- [+] whitenilestate.gov.sd
- #######################################################################################################################################
- Geo IP Lookup 'whitenilestate.gov.sd'
- ----------------------------------------
- [+] IP Address: 62.12.105.3
- [+] Country: Sudan
- [+] State:
- [+] City:
- [+] Latitude: 15.0
- [+] Longitude: 30.0
- #######################################################################################################################################
- Bypass Cloudflare 'whitenilestate.gov.sd'
- --------------------------------------------
- [!] CloudFlare Bypass 62.12.105.3 | webmail.whitenilestate.gov.sd
- [!] CloudFlare Bypass 62.12.105.3 | mail.whitenilestate.gov.sd
- [!] CloudFlare Bypass 62.12.105.3 | www.whitenilestate.gov.sd
- #######################################################################################################################################
- DNS Lookup 'whitenilestate.gov.sd'
- -------------------------------------
- [+] whitenilestate.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092500 10800 900 604800 86400
- [+] whitenilestate.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
- [+] whitenilestate.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
- [+] whitenilestate.gov.sd. 21599 IN A 62.12.105.3
- [+] whitenilestate.gov.sd. 21599 IN MX 10 mail.whitenilestate.gov.sd.
- [+] whitenilestate.gov.sd. 21599 IN TXT "v=spf1 mx -all"
- #######################################################################################################################################
- Show HTTP Header 'whitenilestate.gov.sd'
- -------------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Cache-Control: private
- [+] Content-Length: 31905
- [+] Content-Type: text/html; charset=utf-8
- [+] Server: Microsoft-IIS/8.5
- [+] X-AspNet-Version: 4.0.30319
- [+] X-Powered-By: ASP.NET
- [+] X-Powered-By-Plesk: PleskWin
- [+] Date: Sat, 15 Jun 2019 04:32:08 GMT
- #######################################################################################################################################
- Port Scan 'whitenilestate.gov.sd'
- ------------------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 04:32 UTC
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.20s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds
- #######################################################################################################################################
- Traceroute 'whitenilestate.gov.sd'
- -------------------------------------
- Start: 2019-06-15T04:32:23+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.9 0.8 0.7 0.9 0.1
- 2.|-- 45.79.12.6 0.0% 3 0.4 0.5 0.4 0.8 0.2
- 3.|-- 199.245.16.65 0.0% 3 1.8 2.2 1.5 3.1 0.9
- 4.|-- ae-14.r22.dllstx09.us.bb.gin.ntt.net 0.0% 3 1.3 1.3 1.2 1.3 0.0
- 5.|-- ae-1.r22.asbnva02.us.bb.gin.ntt.net 0.0% 3 38.9 39.0 38.9 39.0 0.1
- 6.|-- ae-0.r23.asbnva02.us.bb.gin.ntt.net 0.0% 3 39.5 39.2 39.0 39.5 0.3
- 7.|-- ae-2.r25.amstnl02.nl.bb.gin.ntt.net 0.0% 3 126.0 126.0 126.0 126.0 0.0
- 8.|-- ae-3.r24.amstnl02.nl.bb.gin.ntt.net 0.0% 3 126.6 128.0 126.0 131.4 2.9
- 9.|-- ae-1.r04.parsfr01.fr.bb.gin.ntt.net 0.0% 3 136.0 136.2 136.0 136.5 0.3
- 10.|-- ae-3.r03.parsfr02.fr.bb.gin.ntt.net 0.0% 3 138.3 138.2 138.1 138.3 0.1
- 11.|-- ae-8.r02.parsfr02.fr.bb.gin.ntt.net 0.0% 3 129.1 129.8 129.1 130.8 0.9
- 12.|-- 82.112.96.166 0.0% 3 132.0 132.1 131.7 132.6 0.5
- 13.|-- ae5.0.cjr04.prs001.flagtel.com 0.0% 3 131.2 131.3 131.2 131.3 0.1
- 14.|-- xe-0-0-1.0.pjr04.dxb001.flagtel.com 0.0% 3 258.6 258.6 258.5 258.6 0.1
- 15.|-- 80.77.2.42 0.0% 3 234.1 234.1 234.0 234.1 0.1
- 16.|-- 196.29.177.113 0.0% 3 237.6 237.6 237.6 237.6 0.0
- 17.|-- 197.254.196.62 0.0% 3 242.6 241.7 241.2 242.6 0.8
- 18.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
- #######################################################################################################################################
- Trying "whitenilestate.gov.sd"
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56516
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 2
- ;; QUESTION SECTION:
- ;whitenilestate.gov.sd. IN ANY
- ;; ANSWER SECTION:
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092500 10800 900 604800 86400
- whitenilestate.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
- ;; AUTHORITY SECTION:
- whitenilestate.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
- ;; ADDITIONAL SECTION:
- ns0.ndc.gov.sd. 14400 IN A 62.12.109.2
- ns1.ndc.gov.sd. 14400 IN A 62.12.109.3
- Received 247 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 341 ms
- #######################################################################################################################################
- ----- whitenilestate.gov.sd -----
- Host's addresses:
- __________________
- whitenilestate.gov.sd. 84744 IN A 62.12.105.3
- ----------------
- Wildcards test:
- ----------------
- good
- Name Servers:
- ______________
- ns1.ndc.gov.sd. 12766 IN A 62.12.109.3
- ns0.ndc.gov.sd. 13071 IN A 62.12.109.2
- Mail (MX) Servers:
- ___________________
- mail.whitenilestate.gov.sd. 85077 IN A 62.12.105.3
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for whitenilestate.gov.sd on ns0.ndc.gov.sd ...
- whitenilestate.gov.sd. 86400 IN SOA (
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- Trying Zone Transfer for whitenilestate.gov.sd on ns1.ndc.gov.sd ...
- whitenilestate.gov.sd. 86400 IN SOA (
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- brute force file not specified, bay.
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5-Debian <<>> whitenilestate.gov.sd +dnssec
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57939
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags: do; udp: 4096
- ;; QUESTION SECTION:
- ;whitenilestate.gov.sd. IN A
- ;; ANSWER SECTION:
- whitenilestate.gov.sd. 84667 IN A 62.12.105.3
- ;; Query time: 112 msec
- ;; SERVER: 185.93.180.131#53(185.93.180.131)
- ;; WHEN: sam jun 15 00:54:57 EDT 2019
- ;; MSG SIZE rcvd: 66
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5-Debian <<>> +trace whitenilestate.gov.sd
- ;; global options: +cmd
- . 82451 IN NS l.root-servers.net.
- . 82451 IN NS f.root-servers.net.
- . 82451 IN NS d.root-servers.net.
- . 82451 IN NS a.root-servers.net.
- . 82451 IN NS j.root-servers.net.
- . 82451 IN NS c.root-servers.net.
- . 82451 IN NS g.root-servers.net.
- . 82451 IN NS e.root-servers.net.
- . 82451 IN NS h.root-servers.net.
- . 82451 IN NS m.root-servers.net.
- . 82451 IN NS k.root-servers.net.
- . 82451 IN NS b.root-servers.net.
- . 82451 IN NS i.root-servers.net.
- . 82451 IN RRSIG NS 8 0 518400 20190627170000 20190614160000 25266 . 21CJJEpZ30ZdfNAfEpN6Y8fJ2PN6Y+xtLSWLqeZVbiS8faVrKFmC3zsL EPgetyceuwXArZtOZb8POQU9VOxf3Sr3E0O6X2zPykBd/QnD2mn9u8vh 03tfCQi9ir8M8cHrLEhCyoLCXYmlWHpYZFuxwBLSYk3lNGn6Cn+DAVWa 6JeoLUSX/AJvOIcfq3NfIbh7jrqB8HU1Go+EkmQXe/iMLx1i2C8p+Cgi xpa7LYwEL3x9N22nKpwyWhUAAFFOmIRhkw5b5ijOzVd2u3BBaAbbrnQ0 belHPmKsx+x9b1zjmdOSW8RjI7/GQv+QuobcDELc6D0iEjYeFXozuXiH ys1Qrg==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 117 ms
- sd. 172800 IN NS ans2.canar.sd.
- sd. 172800 IN NS sd.cctld.authdns.ripe.net.
- sd. 172800 IN NS ans1.sis.sd.
- sd. 172800 IN NS ns-sd.afrinic.net.
- sd. 172800 IN NS ans1.canar.sd.
- sd. 172800 IN NS ns2.uaenic.ae.
- sd. 172800 IN NS ns1.uaenic.ae.
- sd. 86400 IN NSEC se. NS RRSIG NSEC
- sd. 86400 IN RRSIG NSEC 8 1 86400 20190627170000 20190614160000 25266 . MjKCNtsNQnEJVz5cPYtkXVbByrRTMlQ1myLs8Pi2+FkFic00RpnZnk5w Pg1lbNn4MQZdx9L090dGjNO3WyleHv1t7HznzWMJ8qCENSIcE1uoRe6r Ak9F/wMKEKvQjra906vPpUlLMG3QcnbyhkP/eoRm2qeN7Ig5/Zsx0J6M gE154HbBf0Lehuk+gd6T/pMkxDs4Idb7z0btkGbQtXo2rrj4jSfRpg1R U7xPKgKJfjqp9ns1z+7dxCE9GWRg9El3ssDyi2Nw4YbRs/qPDh/upUFN /4IY0aeTOsumRH/3FBZ7xs0BaVcNU9RG0YcmEXuNyCnvaPQOkdw315my dR7WMQ==
- ;; Received 708 bytes from 202.12.27.33#53(m.root-servers.net) in 131 ms
- gov.sd. 14400 IN NS sd.cctld.authdns.ripe.net.
- gov.sd. 14400 IN NS ns1.uaenic.ae.
- gov.sd. 14400 IN NS ns2.uaenic.ae.
- gov.sd. 14400 IN NS ans1.sis.sd.
- gov.sd. 14400 IN NS ans1.canar.sd.
- gov.sd. 14400 IN NS ans2.canar.sd.
- gov.sd. 14400 IN NS ns-sd.afrinic.net.
- ;; Received 277 bytes from 196.216.168.26#53(ns-sd.afrinic.net) in 296 ms
- whitenilestate.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
- ;; Received 122 bytes from 2001:67c:e0::109#53(sd.cctld.authdns.ripe.net) in 105 ms
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ;; Received 138 bytes from 62.12.109.3#53(ns1.ndc.gov.sd) in 248 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: whitenilestate.gov.sd
- [-] DNSSEC is not configured for whitenilestate.gov.sd
- [*] SOA ns0.ndc.gov.sd 62.12.109.2
- [*] NS ns0.ndc.gov.sd 62.12.109.2
- [*] Bind Version for 62.12.109.2 you guess!
- [*] NS ns1.ndc.gov.sd 62.12.109.3
- [*] Bind Version for 62.12.109.3 you guess!
- [*] MX mail.whitenilestate.gov.sd 62.12.105.3
- [*] A whitenilestate.gov.sd 62.12.105.3
- [*] TXT whitenilestate.gov.sd v=spf1 mx -all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for whitenilestate.gov.sd
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain whitenilestate.gov.sd
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
- [+] Getting nameservers
- 62.12.109.2 - ns0.ndc.gov.sd
- [+] Zone transfer sucessful using nameserver ns0.ndc.gov.sd
- whitenilestate.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092500 10800 900 604800 86400
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- #######################################################################################################################################
- WhatWeb report for http://whitenilestate.gov.sd
- Status : 200 OK
- Title : ولاية النيل الابيض
- IP : <Unknown>
- Country : <Unknown>
- Summary : Script[text/javascript], ASP_NET[4.0.30319], Email[hamdinto@gmail.com], Microsoft-IIS[8.5], JQuery[1.10.2], HTML5, UncommonHeaders[x-powered-by-plesk], Meta-Author[The Red Team], X-UA-Compatible[IE=edge], X-Powered-By[ASP.NET], HTTPServer[Microsoft-IIS/8.5]
- Detected Plugins:
- [ ASP_NET ]
- ASP.NET is a free web framework that enables great Web
- applications. Used by millions of developers, it runs some
- of the biggest sites in the world.
- Version : 4.0.30319 (from X-AspNet-Version HTTP header)
- Google Dorks: (2)
- Website : http://www.asp.net/
- [ Email ]
- Extract email addresses. Find valid email address and
- syntactically invalid email addresses from mailto: link
- tags. We match syntactically invalid links containing
- mailto: to catch anti-spam email addresses, eg. bob at
- gmail.com. This uses the simplified email regular
- expression from
- http://www.regular-expressions.info/email.html for valid
- email address matching.
- String : hamdinto@gmail.com
- [ HTML5 ]
- HTML version 5, detected by the doctype declaration
- [ HTTPServer ]
- HTTP server header string. This plugin also attempts to
- identify the operating system from the server header.
- String : Microsoft-IIS/8.5 (from server string)
- [ JQuery ]
- A fast, concise, JavaScript that simplifies how to traverse
- HTML documents, handle events, perform animations, and add
- AJAX.
- Version : 1.10.2
- Website : http://jquery.com/
- [ Meta-Author ]
- This plugin retrieves the author name from the meta name
- tag - info:
- http://www.webmarketingnow.com/tips/meta-tags-uncovered.html
- #author
- String : The Red Team
- [ Microsoft-IIS ]
- Microsoft Internet Information Services (IIS) for Windows
- Server is a flexible, secure and easy-to-manage Web server
- for hosting anything on the Web. From media streaming to
- web application hosting, IIS's scalable and open
- architecture is ready to handle the most demanding tasks.
- Version : 8.5
- Website : http://www.iis.net/
- [ Script ]
- This plugin detects instances of script HTML elements and
- returns the script language/type.
- String : text/javascript
- [ UncommonHeaders ]
- Uncommon HTTP server headers. The blacklist includes all
- the standard headers and many non standard but common ones.
- Interesting but fairly common headers should have their own
- plugins, eg. x-powered-by, server and x-aspnet-version.
- Info about headers can be found at www.http-stats.com
- String : x-powered-by-plesk (from headers)
- [ X-Powered-By ]
- X-Powered-By HTTP header
- String : ASP.NET (from x-powered-by string)
- [ X-UA-Compatible ]
- This plugin retrieves the X-UA-Compatible value from the
- HTTP header and meta http-equiv tag. - More Info:
- http://msdn.microsoft.com/en-us/library/cc817574.aspx
- String : IE=edge
- HTTP Headers:
- HTTP/1.1 200 OK
- Cache-Control: private
- Content-Type: text/html; charset=utf-8
- Content-Encoding: gzip
- Vary: Accept-Encoding
- Server: Microsoft-IIS/8.5
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 05:00:38 GMT
- Connection: close
- Content-Length: 6805
- #######################################################################################################################################
- DNS Servers for whitenilestate.gov.sd:
- ns0.ndc.gov.sd
- ns1.ndc.gov.sd
- Trying zone transfer first...
- Testing ns0.ndc.gov.sd
- Whoah, it worked - misconfigured DNS server found:
- whitenilestate.gov.sd. 86400 IN SOA ( ns0.ndc.gov.sd. root.ndc.gov.sd.
- 2017092500 ;serial
- 10800 ;refresh
- 900 ;retry
- 604800 ;expire
- 86400 ;minimum
- )
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- There isn't much point continuing, you have everything.
- Have a nice day.
- Exiting...
- #######################################################################################################################################
- Domains still to check: 1
- Checking if the hostname whitenilestate.gov.sd. given is in fact a domain...
- Analyzing domain: whitenilestate.gov.sd.
- Checking NameServers using system default resolver...
- IP: 62.12.109.2 (Sudan)
- HostName: ns0.ndc.gov.sd Type: NS
- IP: 62.12.109.3 (Sudan)
- HostName: ns1.ndc.gov.sd Type: NS
- Checking MailServers using system default resolver...
- IP: 62.12.105.3 (Sudan)
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
- Zone transfer successful on name server 62.12.109.2 (5 hosts)
- Zone transfer successful on name server 62.12.109.3 (5 hosts)
- Checking SPF record...
- Checking 5 most common hostnames using system default resolver...
- IP: 62.12.105.3 (Sudan)
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: mssql.whitenilestate.gov.sd. Type: A
- IP: 62.12.105.3 (Sudan)
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: mssql.whitenilestate.gov.sd. Type: A
- HostName: mail.whitenilestate.gov.sd. Type: A
- IP: 62.12.105.3 (Sudan)
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: mssql.whitenilestate.gov.sd. Type: A
- HostName: mail.whitenilestate.gov.sd. Type: A
- HostName: www.whitenilestate.gov.sd. Type: A
- IP: 62.12.105.3 (Sudan)
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: mssql.whitenilestate.gov.sd. Type: A
- HostName: mail.whitenilestate.gov.sd. Type: A
- HostName: www.whitenilestate.gov.sd. Type: A
- HostName: webmail.whitenilestate.gov.sd. Type: A
- Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
- Checking netblock 62.12.109.0
- Checking netblock 62.12.105.0
- Searching for whitenilestate.gov.sd. emails in Google
- Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
- Host 62.12.109.2 is up (reset ttl 64)
- Host 62.12.109.3 is up (reset ttl 64)
- Host 62.12.105.3 is up (reset ttl 64)
- Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
- Scanning ip 62.12.109.2 (ns0.ndc.gov.sd):
- 53/tcp open domain syn-ack ttl 45 (unknown banner: you guess!)
- | dns-nsid:
- |_ bind.version: you guess!
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ guess!
- Scanning ip 62.12.109.3 (ns1.ndc.gov.sd):
- 53/tcp open domain syn-ack ttl 46 (unknown banner: you guess!)
- | dns-nsid:
- |_ bind.version: you guess!
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ guess!
- Scanning ip 62.12.105.3 (webmail.whitenilestate.gov.sd.):
- 21/tcp open ftp syn-ack ttl 110 Microsoft ftpd
- | ftp-syst:
- |_ SYST: Windows_NT
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2016-04-19T09:30:36
- | Not valid after: 2017-04-19T09:30:36
- | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- |_SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- 80/tcp open http syn-ack ttl 110 Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- | Supported Methods: OPTIONS TRACE GET HEAD POST
- |_ Potentially risky methods: TRACE
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Domain Default page
- 110/tcp open pop3 syn-ack ttl 110 MailEnable POP3 Server
- |_pop3-capabilities: USER UIDL TOP
- 143/tcp open imap syn-ack ttl 109 MailEnable imapd
- |_imap-capabilities: IMAP4 AUTH=LOGIN CAPABILITY IMAP4rev1 CHILDREN IDLE UIDPLUSA0001 completed AUTH=CRAM-MD5 OK
- 443/tcp open https? syn-ack ttl 110
- 8443/tcp open ssl/http syn-ack ttl 110 Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- | http-robots.txt: 1 disallowed entry
- |_/
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Plesk Onyx 17.8.11
- | ssl-cert: Subject: commonName=f03-web01.nic.gov.sd
- | Subject Alternative Name: DNS:f03-web01.nic.gov.sd
- | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-05-16T00:30:46
- | Not valid after: 2019-08-14T00:30:46
- | MD5: 8a76 d806 383f 0437 1e28 3297 e8bc 357a
- |_SHA-1: 2d8f b6fa 2b1d d78f 9c4f 7916 a2b0 d7c3 e5c9 5305
- Device type: general purpose|WAP|router
- Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (98%), MikroTik RouterOS 6.X (92%)
- OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- WebCrawling domain's web servers... up to 50 max links.
- + URL to crawl: http://mail.whitenilestate.gov.sd
- + Date: 2019-06-15
- + Crawling URL: http://mail.whitenilestate.gov.sd:
- + Links:
- + Crawling http://mail.whitenilestate.gov.sd
- + Searching for directories...
- - Found: http://mail.whitenilestate.gov.sd/css/
- - Found: http://mail.whitenilestate.gov.sd/img/
- + Searching open folders...
- - http://mail.whitenilestate.gov.sd/css/ (403 Forbidden)
- - http://mail.whitenilestate.gov.sd/img/ (403 Forbidden)
- + URL to crawl: http://webmail.whitenilestate.gov.sd.
- + Date: 2019-06-15
- + Crawling URL: http://webmail.whitenilestate.gov.sd.:
- + Links:
- + Crawling http://webmail.whitenilestate.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://mssql.whitenilestate.gov.sd.
- + Date: 2019-06-15
- + Crawling URL: http://mssql.whitenilestate.gov.sd.:
- + Links:
- + Crawling http://mssql.whitenilestate.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://mail.whitenilestate.gov.sd.
- + Date: 2019-06-15
- + Crawling URL: http://mail.whitenilestate.gov.sd.:
- + Links:
- + Crawling http://mail.whitenilestate.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://www.whitenilestate.gov.sd.
- + Date: 2019-06-15
- + Crawling URL: http://www.whitenilestate.gov.sd.:
- + Links:
- + Crawling http://www.whitenilestate.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mail.whitenilestate.gov.sd:8443
- + Date: 2019-06-15
- + Crawling URL: https://mail.whitenilestate.gov.sd:8443:
- + Links:
- + Crawling https://mail.whitenilestate.gov.sd:8443
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://webmail.whitenilestate.gov.sd.:8443
- + Date: 2019-06-15
- + Crawling URL: https://webmail.whitenilestate.gov.sd.:8443:
- + Links:
- + Crawling https://webmail.whitenilestate.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mssql.whitenilestate.gov.sd.:8443
- + Date: 2019-06-15
- + Crawling URL: https://mssql.whitenilestate.gov.sd.:8443:
- + Links:
- + Crawling https://mssql.whitenilestate.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mail.whitenilestate.gov.sd.:8443
- + Date: 2019-06-15
- + Crawling URL: https://mail.whitenilestate.gov.sd.:8443:
- + Links:
- + Crawling https://mail.whitenilestate.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://www.whitenilestate.gov.sd.:8443
- + Date: 2019-06-15
- + Crawling URL: https://www.whitenilestate.gov.sd.:8443:
- + Links:
- + Crawling https://www.whitenilestate.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- --Finished--
- Summary information for domain whitenilestate.gov.sd.
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Ips Information:
- IP: 62.12.109.2
- HostName: ns0.ndc.gov.sd Type: NS
- Country: Sudan
- Zone Transfer: 5
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 45 (unknown banner: you guess!)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: you guess!
- Script Info: | fingerprint-strings:
- Script Info: | DNSVersionBindReqTCP:
- Script Info: | version
- Script Info: | bind
- Script Info: |_ guess!
- IP: 62.12.109.3
- HostName: ns1.ndc.gov.sd Type: NS
- Country: Sudan
- Zone Transfer: 5
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 46 (unknown banner: you guess!)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: you guess!
- Script Info: | fingerprint-strings:
- Script Info: | DNSVersionBindReqTCP:
- Script Info: | version
- Script Info: | bind
- Script Info: |_ guess!
- IP: 62.12.105.3
- HostName: mail.whitenilestate.gov.sd Type: MX
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: mssql.whitenilestate.gov.sd. Type: A
- HostName: mail.whitenilestate.gov.sd. Type: A
- HostName: www.whitenilestate.gov.sd. Type: A
- HostName: webmail.whitenilestate.gov.sd. Type: A
- Country: Sudan
- Is Active: True (reset ttl 64)
- Port: 21/tcp open ftp syn-ack ttl 110 Microsoft ftpd
- Script Info: | ftp-syst:
- Script Info: |_ SYST: Windows_NT
- Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2016-04-19T09:30:36
- Script Info: | Not valid after: 2017-04-19T09:30:36
- Script Info: | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- Script Info: |_SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- Port: 80/tcp open http syn-ack ttl 110 Microsoft IIS httpd 8.5
- Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- Script Info: | http-methods:
- Script Info: | Supported Methods: OPTIONS TRACE GET HEAD POST
- Script Info: |_ Potentially risky methods: TRACE
- Script Info: |_http-server-header: Microsoft-IIS/8.5
- Script Info: |_http-title: Domain Default page
- Port: 110/tcp open pop3 syn-ack ttl 110 MailEnable POP3 Server
- Script Info: |_pop3-capabilities: USER UIDL TOP
- Port: 143/tcp open imap syn-ack ttl 109 MailEnable imapd
- Script Info: |_imap-capabilities: IMAP4 AUTH=LOGIN CAPABILITY IMAP4rev1 CHILDREN IDLE UIDPLUSA0001 completed AUTH=CRAM-MD5 OK
- Port: 443/tcp open https? syn-ack ttl 110
- Port: 8443/tcp open ssl/http syn-ack ttl 110 Microsoft IIS httpd 8.5
- Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
- Script Info: | http-robots.txt: 1 disallowed entry
- Script Info: |_/
- Script Info: |_http-server-header: Microsoft-IIS/8.5
- Script Info: |_http-title: Plesk Onyx 17.8.11
- Script Info: | ssl-cert: Subject: commonName=f03-web01.nic.gov.sd
- Script Info: | Subject Alternative Name: DNS:f03-web01.nic.gov.sd
- Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-05-16T00:30:46
- Script Info: | Not valid after: 2019-08-14T00:30:46
- Script Info: | MD5: 8a76 d806 383f 0437 1e28 3297 e8bc 357a
- Script Info: |_SHA-1: 2d8f b6fa 2b1d d78f 9c4f 7916 a2b0 d7c3 e5c9 5305
- Script Info: Device type: general purpose|WAP|router
- Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (98%), MikroTik RouterOS 6.X (92%)
- Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- #######################################################################################################################################
- adding 62.12.105.3/32 mode `TCPscan' ports `7,9,11,13,18,19,21-23,25,37,39,42,49,50,53,65,67-70,79-81,88,98,100,105-107,109-111,113,118,119,123,129,135,137-139,143,150,161-164,174,177-179,191,199-202,204,206,209,210,213,220,345,346,347,369-372,389,406,407,422,443-445,487,500,512-514,517,518,520,525,533,538,548,554,563,587,610-612,631-634,636,642,653,655,657,666,706,750-752,765,779,808,873,901,923,941,946,992-995,1001,1023-1030,1080,1210,1214,1234,1241,1334,1349,1352,1423-1425,1433,1434,1524,1525,1645,1646,1649,1701,1718,1719,1720,1723,1755,1812,1813,2048-2050,2101-2104,2140,2150,2233,2323,2345,2401,2430,2431,2432,2433,2583,2628,2776,2777,2988,2989,3050,3130,3150,3232,3306,3389,3456,3493,3542-3545,3632,3690,3801,4000,4400,4321,4567,4899,5002,5136-5139,5150,5151,5222,5269,5308,5354,5355,5422-5425,5432,5503,5555,5556,5678,6000-6007,6346,6347,6543,6544,6789,6838,6666-6670,7000-7009,7028,7100,7983,8079-8082,8088,8787,8879,9090,9101-9103,9325,9359,10000,10026,10027,10067,10080,10081,10167,10498,11201,15345,17001-17003,18753,20011,20012,21554,22273,26274,27374,27444,27573,31335-31338,31787,31789,31790,31791,32668,32767-32780,33390,47262,49301,54320,54321,57341,58008,58009,58666,59211,60000,60006,61000,61348,61466,61603,63485,63808,63809,64429,65000,65506,65530-65535' pps 300
- using interface(s) eth0
- added module payload for port 80 proto 6
- added module payload for port 518 proto 17
- added module payload for port 1900 proto 17
- added module payload for port 5060 proto 17
- added module payload for port 80 proto 6
- added module payload for port 53 proto 17
- scaning 1.00e+00 total hosts with 3.38e+02 total packets, should take a little longer than 8 Seconds
- drone type Unknown on fd 4 is version 1.1
- drone type Unknown on fd 3 is version 1.1
- added module payload for port 80 proto 6
- added module payload for port 518 proto 17
- added module payload for port 1900 proto 17
- added module payload for port 5060 proto 17
- added module payload for port 80 proto 6
- added module payload for port 53 proto 17
- scan iteration 1 out of 1
- using pcap filter: `dst 192.168.0.52 and ! src 192.168.0.52 and (tcp)'
- using TSC delay
- sender statistics 300.5 pps with 338 packets sent total
- listener statistics 0 packets recieved 0 packets droped and 0 interface drops
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- whitenilestate.gov.sd -----
- Host's addresses:
- __________________
- whitenilestate.gov.sd. 83652 IN A 62.12.105.3
- Name Servers:
- ______________
- ns0.ndc.gov.sd. 11978 IN A 62.12.109.2
- ns1.ndc.gov.sd. 11673 IN A 62.12.109.3
- Mail (MX) Servers:
- ___________________
- mail.whitenilestate.gov.sd. 83984 IN A 62.12.105.3
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for whitenilestate.gov.sd on ns0.ndc.gov.sd ...
- whitenilestate.gov.sd. 86400 IN SOA (
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- Trying Zone Transfer for whitenilestate.gov.sd on ns1.ndc.gov.sd ...
- whitenilestate.gov.sd. 86400 IN SOA (
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- brute force file not specified, bay.
- #######################################################################################################################################
- ===============================================
- -=Subfinder v1.1.3 github.com/subfinder/subfinder
- ===============================================
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on whitenilestate.gov.sd
- dnsdb: Unexpected return status 503
- waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.whitenilestate.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
- dogpile: Get https://www.dogpile.com/search/web?q=whitenilestate.gov.sd&qsi=1: EOF
- Starting Bruteforcing of whitenilestate.gov.sd with 9985 words
- Total 8 Unique subdomains found for whitenilestate.gov.sd
- .whitenilestate.gov.sd
- mail.whitenilestate.gov.sd
- mail.whitenilestate.gov.sd
- mssql.whitenilestate.gov.sd
- webmail.whitenilestate.gov.sd
- webmail.whitenilestate.gov.sd
- www.whitenilestate.gov.sd
- www.whitenilestate.gov.sd
- #######################################################################################################################################
- [*] Processing domain whitenilestate.gov.sd
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
- [+] Getting nameservers
- 62.12.109.2 - ns0.ndc.gov.sd
- [+] Zone transfer sucessful using nameserver ns0.ndc.gov.sd
- whitenilestate.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092500 10800 900 604800 86400
- whitenilestate.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- whitenilestate.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- mail.whitenilestate.gov.sd. 86400 IN MX 10 mail.whitenilestate.gov.sd.
- mssql.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- webmail.whitenilestate.gov.sd. 86400 IN CNAME mail.whitenilestate.gov.sd.
- www.whitenilestate.gov.sd. 86400 IN A 62.12.105.3
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 mx -all
- [*] SPF record contains an All item: -all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for whitenilestate.gov.sd!
- #######################################################################################################################################
- dig: '.whitenilestate.gov.sd' is not a legal name (empty label)
- SubOver v.1.2 Nizamul Rana (@Ice3man)
- ==================================================
- [~] Enjoy your hunt !
- [Not Vulnerable] 77.72.0.146
- [Not Vulnerable] 147.237.77.18
- [Not Vulnerable] domain
- [Not Vulnerable] IN
- [Not Vulnerable] 62.12.105.4
- [Not Vulnerable] 62.12.105.3
- [Not Vulnerable] .whitenilestate.gov.sd
- [Not Vulnerable] mail.whitenilestate.gov.sd
- [Not Vulnerable] 52.64.99.208
- [Not Vulnerable] www.sviva.gov.il
- [Not Vulnerable] www.whitenilestate.gov.sd
- [Not Vulnerable] sennarstate.gov.sd
- [Not Vulnerable] www.cbs.gov.ws
- [Not Vulnerable] webmail.whitenilestate.gov.sd
- [Not Vulnerable] mssql.whitenilestate.gov.sd
- [Not Vulnerable] whitenilestate.gov.sd
- [Not Vulnerable] ombudsman.gov.sd
- #######################################################################################################################################
- 62.12.96.0/20
- 62.12.96.0/24
- 62.12.97.0/24
- 62.12.98.0/24
- 62.12.99.0/24
- 62.12.100.0/24
- 62.12.101.0/24
- 62.12.102.0/23
- 62.12.104.0/24
- 62.12.105.0/24
- 62.12.106.0/24
- 62.12.107.0/24
- 62.12.108.0/24
- 62.12.109.0/24
- 62.12.110.0/24
- 62.12.111.0/24
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:14 EDT
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.22s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- Not shown: 464 filtered ports, 6 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 8443/tcp open https-alt
- Nmap done: 1 IP address (1 host up) scanned in 7.14 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:14 EDT
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 2.27 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:14 EDT
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Microsoft ftpd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3030 guesses in 180 seconds, average tps: 16.5
- | ftp-syst:
- |_ SYST: Windows_NT
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 111.89 ms 10.242.200.1
- 2 112.18 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 106.98 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 107.56 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 112.84 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 114.41 ms 80.77.2.193
- 7 283.52 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 126.50 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 283.00 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 221.83 ms 80.77.2.42
- 11 234.18 ms 196.29.177.113
- 12 244.37 ms 197.254.196.62
- 13 ...
- 14 247.86 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://whitenilestate.gov.sd...
- ______________________ SITE INFO _______________________
- IP Title
- 62.12.105.3 ولاية النيل الابيض
- _______________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- Microsoft Windows Server 2012 R2 OS
- ________________________________________________________
- Time: 59.6 sec Urls: 639 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Cache-Control: private
- Content-Length: 31905
- Content-Type: text/html; charset=utf-8
- Server: Microsoft-IIS/8.5
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 05:20:21 GMT
- HTTP/1.1 200 OK
- Cache-Control: private
- Content-Length: 31905
- Content-Type: text/html; charset=utf-8
- Server: Microsoft-IIS/8.5
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 05:20:22 GMT
- Allow: OPTIONS, TRACE, GET, HEAD, POST
- #######################################################################################################################################
- Bootstrap
- Microsoft ASP.NET 4.0.30319
- jQuery 1.10.2
- Google Font API
- jQuery Sparklines
- IIS 8.5
- Plesk
- #######################################################################################################################################
- tee: /usr/share/sniper/loot//output/nmap-whitenilestate.gov.sd-port110.txt: Aucun fichier ou dossier de ce type
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:20 EDT
- Nmap scan report for whitenilestate.gov.sd (62.12.105.3)
- Host is up (0.22s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 MailEnable POP3 Server
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 25 guesses in 2 seconds, average tps: 12.5
- |_ ERROR: Failed to make a pop-connection.
- |_pop3-capabilities: UIDL USER TOP
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 113.58 ms 10.242.200.1
- 2 113.87 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 113.66 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 113.65 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 119.78 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 121.15 ms 80.77.2.193
- 7 290.24 ms xe-9-1-0.0.pjr04.ldn004.flagtel.com (85.95.27.197)
- 8 132.97 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 289.73 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 228.68 ms 80.77.2.42
- 11 240.56 ms 196.29.177.113
- 12 250.68 ms 197.254.196.62
- 13 ...
- 14 254.07 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 00:53 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.22s latency).
- Not shown: 464 filtered ports, 6 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 8443/tcp open https-alt
- Nmap done: 1 IP address (1 host up) scanned in 6.83 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 00:53 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 3.00 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 00:53 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Microsoft ftpd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3029 guesses in 180 seconds, average tps: 16.4
- | ftp-syst:
- |_ SYST: Windows_NT
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 108.01 ms 10.242.200.1
- 2 108.26 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 108.08 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 108.08 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 114.07 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 115.67 ms 80.77.2.193
- 7 285.51 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 127.43 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 284.61 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
- 10 223.01 ms 80.77.2.42
- 11 235.68 ms 196.29.177.113
- 12 245.64 ms 197.254.196.62
- 13 ...
- 14 249.41 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 00:57 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 113.61 ms 10.242.200.1
- 2 114.22 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 113.85 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 114.29 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 119.67 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 121.25 ms 80.77.2.193
- 7 283.57 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 126.93 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
- 9 283.44 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 222.38 ms 80.77.2.42
- 11 237.63 ms 196.29.177.113
- 12 247.53 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 00:59 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 113.28 ms 10.242.200.1
- 2 113.48 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 113.48 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 113.47 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 119.11 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 120.72 ms 80.77.2.193
- 7 289.17 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 126.85 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
- 9 282.98 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 221.99 ms 80.77.2.42
- 11 237.56 ms 196.29.177.113
- 12 247.59 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:01 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 113.00 ms 10.242.200.1
- 2 113.78 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 113.39 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 197.62 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 119.18 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 120.62 ms 80.77.2.193
- 7 289.47 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 132.54 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
- 9 282.59 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 221.54 ms 80.77.2.42
- 11 234.04 ms 196.29.177.113
- 12 250.41 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://62.12.105.3...
- ______________________ SITE INFO _______________________
- IP Title
- 62.12.105.3 Domain Default page
- _______________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- Microsoft Windows Server 2012 R2 OS
- ________________________________________________________
- Time: 1.1 sec Urls: 601 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Content-Length: 3815
- Content-Type: text/html
- Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
- Accept-Ranges: bytes
- ETag: "f1eb6487719ed11:0"
- Server: Microsoft-IIS/8.5
- X-Powered-By: ASP.NET
- Date: Sat, 15 Jun 2019 05:03:49 GMT
- HTTP/1.1 200 OK
- Content-Length: 3815
- Content-Type: text/html
- Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
- Accept-Ranges: bytes
- ETag: "f1eb6487719ed11:0"
- Server: Microsoft-IIS/8.5
- X-Powered-By: ASP.NET
- Date: Sat, 15 Jun 2019 05:03:50 GMT
- Allow: OPTIONS, TRACE, GET, HEAD, POST
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:03 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 MailEnable POP3 Server
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 45 guesses in 3 seconds, average tps: 15.0
- |_ ERROR: Failed to make a pop-connection.
- |_pop3-capabilities: TOP USER UIDL
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 111.59 ms 10.242.200.1
- 2 106.82 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 106.66 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 135.98 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 112.67 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 114.47 ms 80.77.2.193
- 7 282.84 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 125.75 ms xe-8-2-2.0.cjr04.prs001.flagtel.com (85.95.27.69)
- 9 282.90 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 221.60 ms 80.77.2.42
- 11 234.25 ms 196.29.177.113
- 12 245.03 ms 197.254.196.62
- 13 ...
- 14 250.06 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:04 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 113.97 ms 10.242.200.1
- 2 116.35 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 114.38 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 114.99 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 120.17 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 121.63 ms 80.77.2.193
- 7 290.41 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 134.39 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
- 9 283.67 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 222.65 ms 80.77.2.42
- 11 233.64 ms 196.29.177.113
- 12 243.60 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:08 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 01:08
- Completed NSE at 01:08, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 01:08
- Completed NSE at 01:08, 0.00s elapsed
- Initiating Ping Scan at 01:08
- Scanning 62.12.105.3 [4 ports]
- Completed Ping Scan at 01:08, 0.30s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 01:08
- Completed Parallel DNS resolution of 1 host. at 01:08, 0.02s elapsed
- Initiating Connect Scan at 01:08
- Scanning f03-web01.nic.gov.sd (62.12.105.3) [65535 ports]
- Discovered open port 443/tcp on 62.12.105.3
- Discovered open port 143/tcp on 62.12.105.3
- Discovered open port 80/tcp on 62.12.105.3
- Discovered open port 21/tcp on 62.12.105.3
- Discovered open port 110/tcp on 62.12.105.3
- Connect Scan Timing: About 2.43% done; ETC: 01:29 (0:20:43 remaining)
- Connect Scan Timing: About 9.14% done; ETC: 01:19 (0:10:07 remaining)
- Connect Scan Timing: About 18.61% done; ETC: 01:16 (0:06:38 remaining)
- Connect Scan Timing: About 30.08% done; ETC: 01:15 (0:04:41 remaining)
- Connect Scan Timing: About 42.66% done; ETC: 01:14 (0:03:23 remaining)
- Connect Scan Timing: About 56.80% done; ETC: 01:13 (0:02:18 remaining)
- Discovered open port 8443/tcp on 62.12.105.3
- Connect Scan Timing: About 72.63% done; ETC: 01:13 (0:01:20 remaining)
- Completed Connect Scan at 01:12, 266.98s elapsed (65535 total ports)
- Initiating Service scan at 01:13
- Scanning 6 services on f03-web01.nic.gov.sd (62.12.105.3)
- Completed Service scan at 01:13, 25.64s elapsed (6 services on 1 host)
- Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
- Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
- Initiating Traceroute at 01:13
- Completed Traceroute at 01:13, 6.34s elapsed
- Initiating Parallel DNS resolution of 12 hosts. at 01:13
- Completed Parallel DNS resolution of 12 hosts. at 01:13, 0.19s elapsed
- NSE: Script scanning 62.12.105.3.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 01:13
- NSE Timing: About 99.15% done; ETC: 01:14 (0:00:00 remaining)
- NSE Timing: About 99.51% done; ETC: 01:14 (0:00:00 remaining)
- NSE Timing: About 99.88% done; ETC: 01:15 (0:00:00 remaining)
- Completed NSE at 01:15, 94.10s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 01:15
- Completed NSE at 01:15, 0.50s elapsed
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up, received syn-ack ttl 110 (0.25s latency).
- Scanned at 2019-06-15 01:08:32 EDT for 401s
- Not shown: 65520 filtered ports
- Reason: 65519 no-responses and 1 host-unreach
- PORT STATE SERVICE REASON VERSION
- 20/tcp closed ftp-data conn-refused
- 21/tcp open ftp syn-ack Microsoft ftpd
- | ftp-syst:
- |_ SYST: Windows_NT
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2016-04-19T09:30:36
- | Not valid after: 2017-04-19T09:30:36
- | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- | SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- | -----BEGIN CERTIFICATE-----
- | MIIEajCCA1KgAwIBAgIEBNin+DANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
- | VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxDTALBgNV
- | BAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4wDAYDVQQDEwVQbGVzazEdMBsGCSqG
- | SIb3DQEJARYOaW5mb0BwbGVzay5jb20wHhcNMTYwNDE5MDkzMDM2WhcNMTcwNDE5
- | MDkzMDM2WjCBgjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO
- | BgNVBAcTB1NlYXR0bGUxDTALBgNVBAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4w
- | DAYDVQQDEwVQbGVzazEdMBsGCSqGSIb3DQEJARYOaW5mb0BwbGVzay5jb20wggEi
- | MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSBgk7uIcz0ea9fN1QDp3Pl19b
- | rjqqnl3b7UIxbZaPhoraBvBknLJ0hEzOitQmKsxIsGKPLjxSb6WMmiE+YRH0kvOU
- | oXWa/yjRx3rG6Z+Wd6U7r7IIbWdBMGgbTQ2OdzmrKXVqoaXM2crH9cPDhWJgkVu9
- | Q6zuUiMjo7cwFR1X/vAVPW1C4l5HQcW3oGC14ll5jC15IbB04YusglQVfD/8u246
- | nMRgToyj+gxMvsifYG9h53OT0qJz/MFk4PvtG2MAy8ipR10VMtOUrMqzaZ1ntjex
- | sqog2cNgT6LLRMi870OCRaT/cVYCjNlhcQIE2Tpyf9MYKK0myMokTBXs+WNHAgMB
- | AAGjgeUwgeIwHQYDVR0OBBYEFKXkfR1gs1JC6WRjoLsdij8g/DVYMIGyBgNVHSME
- | gaowgaeAFKXkfR1gs1JC6WRjoLsdij8g/DVYoYGIpIGFMIGCMQswCQYDVQQGEwJV
- | UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTENMAsGA1UE
- | ChMET2RpbjEOMAwGA1UECxMFUGxlc2sxDjAMBgNVBAMTBVBsZXNrMR0wGwYJKoZI
- | hvcNAQkBFg5pbmZvQHBsZXNrLmNvbYIEBNin+DAMBgNVHRMEBTADAQH/MA0GCSqG
- | SIb3DQEBCwUAA4IBAQARU5/ZcbkEx+CNZjqAY2r5h5m2Bq5kt0CY+j6uH05oreL9
- | 5gKbBctsDTehfCw5+VpFpv4lCogQ9QJlQ8A3VQXV4kjueRIMvrShPbh7vZ1LcQNR
- | PXDUyNZpbItE29/rJe4qvgFWMd73yw18H871kwLtddx0XfOv2tgO5fzLr9BT5hzq
- | E9upUN40ATHb/bDcAVLsUTOmYM9idZ4AS/oj0oCeBR9eqcw3IHNneIO3Qk2EA2UO
- | U93iDngn3tuYqUFlLZSjcVfWIWvY7cDMfqGEdanpz42V5nFqUQ76sWvYb8iF73uy
- | uxIFo3Edw+sf2D1fyEpbDQZNsNiNSyUUHUq3qagk
- |_-----END CERTIFICATE-----
- 25/tcp closed smtp conn-refused
- 80/tcp open http syn-ack Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- | Supported Methods: OPTIONS TRACE GET HEAD POST
- |_ Potentially risky methods: TRACE
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Domain Default page
- 110/tcp open pop3 syn-ack MailEnable POP3 Server
- |_pop3-capabilities: TOP USER UIDL
- 113/tcp closed ident conn-refused
- 139/tcp closed netbios-ssn conn-refused
- 143/tcp open imap syn-ack MailEnable imapd
- |_imap-capabilities: CAPABILITY AUTH=CRAM-MD5 IMAP4rev1 IDLE OK completed IMAP4 AUTH=LOGIN CHILDREN UIDPLUSA0001
- 443/tcp open https? syn-ack
- 445/tcp closed microsoft-ds conn-refused
- 993/tcp closed imaps conn-refused
- 995/tcp closed pop3s conn-refused
- 1025/tcp closed NFS-or-IIS conn-refused
- 5224/tcp closed hpvirtctrl conn-refused
- 8443/tcp open ssl/http syn-ack Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- | http-robots.txt: 1 disallowed entry
- |_/
- |_http-title: Plesk Onyx 17.8.11
- | ssl-cert: Subject: commonName=f03-web01.nic.gov.sd
- | Subject Alternative Name: DNS:f03-web01.nic.gov.sd
- | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-05-16T00:30:46
- | Not valid after: 2019-08-14T00:30:46
- | MD5: 8a76 d806 383f 0437 1e28 3297 e8bc 357a
- | SHA-1: 2d8f b6fa 2b1d d78f 9c4f 7916 a2b0 d7c3 e5c9 5305
- | -----BEGIN CERTIFICATE-----
- | MIIFYDCCBEigAwIBAgISBFNVeQHogggr933o4G6lR9GSMA0GCSqGSIb3DQEBCwUA
- | MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
- | ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MTYwMDMwNDZaFw0x
- | OTA4MTQwMDMwNDZaMB8xHTAbBgNVBAMTFGYwMy13ZWIwMS5uaWMuZ292LnNkMIIB
- | IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FghMuMoTafAsdsb7xWducGu
- | Xmy/lWqrDMQfF+DnpO/tpKVUN/UL0O7OAP2qUnX//dMFpeTk0yP9UzM4a7sh/pcr
- | m7iYtUTVYf0o4fNKFqlShIf3jTWbhwekYOEq8DjiPnixWUXqt4f7l+ubnriECKkt
- | UzhUxKJ5cV4ZayK/GmDVI/UucGE9gw5T9KGjQMICLm+2yQ5iApnOTJzhRAHRGXCI
- | cVS9yDR68pL08mrU/wgOCpPUjzXEBUAlNl8DSxA/7W3uEdnijkxjtSEXuNxaJbVh
- | xwBdIwp3CjFOUYr53yR+5kPT2xMYNr0MW4Nkurj5ds1Lm8/5MdGkm3LYuX4bKwID
- | AQABo4ICaTCCAmUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
- | BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSJd386usPcwukt0lCN
- | k8OwN+ZGCTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF
- | BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j
- | cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j
- | cnlwdC5vcmcvMB8GA1UdEQQYMBaCFGYwMy13ZWIwMS5uaWMuZ292LnNkMEwGA1Ud
- | IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0
- | dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
- | AHcAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFqvkNdXAAABAMA
- | SDBGAiEA+Iiz8LgD/f95XsMuRWD/whq2zQvgb6xd0Zb8jgcJ9DwCIQDtKck8GHC/
- | X1nX2U3nEFQFAFpzQLTa+D8SnMaNYlw1WAB1ACk8UZZUyDlluqpQ/FgH1Ldvv1h6
- | KXLcpMMM9OVFR/R4AAABar5DXZMAAAQDAEYwRAIgRLadkchNrmPpfIxm0VPB0wmE
- | sCY9mUfX+AopiIt6v6MCIG/Cd3HylFu+69F2p7OF3jz7L6wx46vbDJMdaFQIOwET
- | MA0GCSqGSIb3DQEBCwUAA4IBAQAv5QdsPGoq14dzMbDA9Ap6YLPicpr2FE+PMO4g
- | z4hZnOAlx7gamaIxJo0mJQV+qQgAC0q5aCuCyqMjGTh1nqCxGDNUg223LiHQHH02
- | llGFzNGB4r+oMbiMN7rpYYDn/pos89iV0/8qCZ65dQ4P7jQ7vnzxPpPbKpzHo5fL
- | ar8FNFXz49fMQDVQFLS+WvmCYtbDaRipp9DPAMeErDkY4SF/6UHEXPTuRpQhVdt3
- | ZlsFJQdCzGW+H9cHPPKzACT8muKd7kzEQY03pqLQf9oVptZi/5XDv5D/2KFKdJwE
- | eCKEDcxYY3LzzXhy6tDjEOXWvx1NR4l+goHtqAcslJYTEWrA
- |_-----END CERTIFICATE-----
- OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
- Aggressive OS guesses: AVtech Room Alert 26W environmental monitor (95%), HP ProCurve Secure Router 7102dl (93%), Ricoh Aficio SP C240SF printer (93%), Linksys BEFSR41 EtherFast router (91%), Microsoft Windows Vista Home Premium SP1 (90%), OpenBSD 4.0 (88%), FreeBSD 6.2-RELEASE (87%), Linux 2.6.18 - 2.6.22 (87%), OpenBSD 4.3 (87%), Polycom SoundPoint IP 331 VoIP phone (87%)
- No exact OS matches for host (test conditions non-ideal).
- TCP/IP fingerprint:
- SCAN(V=7.70%E=4%D=6/15%OT=21%CT=20%CU=%PV=N%G=N%TM=5D047EE1%P=x86_64-pc-linux-gnu)
- SEQ(SP=107%GCD=1%ISR=10A%TI=I%TS=U)
- OPS(O1=M44FW8N%O2=M44FW8N%O3=M44FW8N%O4=M44FW8N%O5=M44FW8N%O6=M44F)
- WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
- ECN(R=Y%DF=Y%TG=80%W=2000%O=M44FW8N%CC=Y%Q=)
- ECN(R=N)
- T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
- T2(R=N)
- T3(R=N)
- T4(R=N)
- T5(R=Y%DF=Y%TG=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
- T6(R=N)
- T7(R=N)
- U1(R=N)
- IE(R=N)
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 112.89 ms 10.242.200.1
- 2 113.08 ms vlan25.as05.bru1.be.m247.com (5.253.205.17)
- 3 112.93 ms vlan2903.agg1.bru1.be.m247.com (37.120.128.156)
- 4 177.61 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 113.87 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 114.71 ms 80.77.2.193
- 7 283.59 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
- 8 126.56 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
- 9 283.21 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 222.53 ms 80.77.2.42
- 11 233.66 ms 196.29.177.113
- 12 243.77 ms 197.254.196.62
- 13 ... 30
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 01:15
- Completed NSE at 01:15, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 01:15
- Completed NSE at 01:15, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 401.40 seconds
- Raw packets sent: 161 (11.188KB) | Rcvd: 39 (2.728KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-15 01:15 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 01:15
- Completed NSE at 01:15, 0.00s elapsed
- Initiating NSE at 01:15
- Completed NSE at 01:15, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 01:15
- Completed Parallel DNS resolution of 1 host. at 01:15, 0.03s elapsed
- Initiating UDP Scan at 01:15
- Scanning f03-web01.nic.gov.sd (62.12.105.3) [14 ports]
- Completed UDP Scan at 01:15, 2.02s elapsed (14 total ports)
- Initiating Service scan at 01:15
- Scanning 12 services on f03-web01.nic.gov.sd (62.12.105.3)
- Service scan Timing: About 8.33% done; ETC: 01:34 (0:17:47 remaining)
- Completed Service scan at 01:16, 102.57s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
- Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
- Initiating Traceroute at 01:17
- Completed Traceroute at 01:17, 7.30s elapsed
- Initiating Parallel DNS resolution of 1 host. at 01:17
- Completed Parallel DNS resolution of 1 host. at 01:17, 0.00s elapsed
- NSE: Script scanning 62.12.105.3.
- Initiating NSE at 01:17
- Completed NSE at 01:17, 20.32s elapsed
- Initiating NSE at 01:17
- Completed NSE at 01:17, 1.03s elapsed
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 138/udp)
- HOP RTT ADDRESS
- 1 108.20 ms 10.242.200.1
- 2 ... 3
- 4 112.28 ms 10.242.200.1
- 5 107.59 ms 10.242.200.1
- 6 107.58 ms 10.242.200.1
- 7 107.57 ms 10.242.200.1
- 8 107.55 ms 10.242.200.1
- 9 107.53 ms 10.242.200.1
- 10 107.53 ms 10.242.200.1
- 11 ... 18
- 19 105.60 ms 10.242.200.1
- 20 107.26 ms 10.242.200.1
- 21 108.07 ms 10.242.200.1
- 22 ... 27
- 28 109.48 ms 10.242.200.1
- 29 ...
- 30 107.10 ms 10.242.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 01:17
- Completed NSE at 01:17, 0.00s elapsed
- Initiating NSE at 01:17
- Completed NSE at 01:17, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 138.13 seconds
- Raw packets sent: 149 (10.020KB) | Rcvd: 1622 (88.314KB)
- #######################################################################################################################################
- Hosts
- =====
- address mac name os_name os_flavor os_sp purpose info comments
- ------- --- ---- ------- --------- ----- ------- ---- --------
- 52.64.99.208 cbs.gov.ws Linux 3.X server
- 62.12.105.3 f03-web01.nic.gov.sd embedded 2.6.X device
- 62.12.105.4 f05-web03.nic.gov.sd Linux 2.6.X server
- 77.72.0.146 argon.cloudhosting.co.uk Unknown device
- 147.237.77.18 Unknown device
- Services
- ========
- host port proto name state info
- ---- ---- ----- ---- ----- ----
- 52.64.99.208 20 tcp ftp-data closed
- 52.64.99.208 21 tcp ftp open vsftpd 3.0.2
- 52.64.99.208 25 tcp smtp closed
- 52.64.99.208 53 udp domain unknown
- 52.64.99.208 67 udp dhcps unknown
- 52.64.99.208 68 udp dhcpc unknown
- 52.64.99.208 69 udp tftp unknown
- 52.64.99.208 80 tcp http open Apache httpd
- 52.64.99.208 88 udp kerberos-sec unknown
- 52.64.99.208 123 udp ntp unknown
- 52.64.99.208 137 udp netbios-ns filtered
- 52.64.99.208 138 udp netbios-dgm filtered
- 52.64.99.208 139 tcp netbios-ssn closed
- 52.64.99.208 139 udp netbios-ssn unknown
- 52.64.99.208 161 udp snmp unknown
- 52.64.99.208 162 udp snmptrap unknown
- 52.64.99.208 389 udp ldap unknown
- 52.64.99.208 443 tcp ssl/http open Apache httpd
- 52.64.99.208 445 tcp microsoft-ds closed
- 52.64.99.208 520 udp route unknown
- 52.64.99.208 1024 tcp kdm closed
- 52.64.99.208 1025 tcp nfs-or-iis closed
- 52.64.99.208 1026 tcp lsa-or-nterm closed
- 52.64.99.208 1027 tcp iis closed
- 52.64.99.208 1028 tcp unknown closed
- 52.64.99.208 1029 tcp ms-lsa closed
- 52.64.99.208 1030 tcp iad1 closed
- 52.64.99.208 1031 tcp iad2 closed
- 52.64.99.208 1032 tcp iad3 closed
- 52.64.99.208 1033 tcp netinfo closed
- 52.64.99.208 1034 tcp zincite-a closed
- 52.64.99.208 1035 tcp multidropper closed
- 52.64.99.208 1036 tcp nsstp closed
- 52.64.99.208 1037 tcp ams closed
- 52.64.99.208 1038 tcp mtqp closed
- 52.64.99.208 1039 tcp sbl closed
- 52.64.99.208 1040 tcp netsaint closed
- 52.64.99.208 1041 tcp danf-ak2 closed
- 52.64.99.208 1042 tcp afrog closed
- 52.64.99.208 1043 tcp boinc closed
- 52.64.99.208 1044 tcp dcutility closed
- 52.64.99.208 1045 tcp fpitp closed
- 52.64.99.208 1046 tcp wfremotertm closed
- 52.64.99.208 1047 tcp neod1 closed
- 52.64.99.208 1048 tcp neod2 closed
- 52.64.99.208 2049 udp nfs unknown
- 62.12.105.3 20 tcp ftp-data closed
- 62.12.105.3 21 tcp ftp open Microsoft ftpd
- 62.12.105.3 25 tcp smtp closed
- 62.12.105.3 53 udp domain unknown
- 62.12.105.3 67 udp dhcps unknown
- 62.12.105.3 68 udp dhcpc unknown
- 62.12.105.3 69 udp tftp unknown
- 62.12.105.3 80 tcp http open Microsoft IIS httpd 8.5
- 62.12.105.3 88 udp kerberos-sec unknown
- 62.12.105.3 110 tcp pop3 open MailEnable POP3 Server
- 62.12.105.3 113 tcp ident closed
- 62.12.105.3 123 udp ntp unknown
- 62.12.105.3 137 udp netbios-ns filtered
- 62.12.105.3 138 udp netbios-dgm filtered
- 62.12.105.3 139 tcp netbios-ssn closed
- 62.12.105.3 139 udp netbios-ssn unknown
- 62.12.105.3 143 tcp imap open MailEnable imapd
- 62.12.105.3 161 udp snmp unknown
- 62.12.105.3 162 udp snmptrap unknown
- 62.12.105.3 389 udp ldap unknown
- 62.12.105.3 443 tcp https open
- 62.12.105.3 445 tcp microsoft-ds closed
- 62.12.105.3 520 udp route unknown
- 62.12.105.3 993 tcp imaps closed
- 62.12.105.3 995 tcp pop3s closed
- 62.12.105.3 1025 tcp nfs-or-iis closed
- 62.12.105.3 2049 udp nfs unknown
- 62.12.105.3 5224 tcp hpvirtctrl closed
- 62.12.105.3 8443 tcp ssl/http open Microsoft IIS httpd 8.5
- 62.12.105.4 21 tcp ftp open ProFTPD 1.3.5d
- 62.12.105.4 25 tcp smtp closed
- 62.12.105.4 53 udp domain unknown
- 62.12.105.4 67 udp dhcps unknown
- 62.12.105.4 68 udp dhcpc unknown
- 62.12.105.4 69 udp tftp unknown
- 62.12.105.4 80 tcp http open nginx
- 62.12.105.4 88 udp kerberos-sec unknown
- 62.12.105.4 110 tcp pop3 open Dovecot pop3d
- 62.12.105.4 113 tcp ident closed
- 62.12.105.4 123 udp ntp unknown
- 62.12.105.4 137 udp netbios-ns filtered
- 62.12.105.4 138 udp netbios-dgm filtered
- 62.12.105.4 139 tcp netbios-ssn closed
- 62.12.105.4 139 udp netbios-ssn unknown
- 62.12.105.4 143 tcp imap open Dovecot imapd
- 62.12.105.4 161 udp snmp unknown
- 62.12.105.4 162 udp snmptrap unknown
- 62.12.105.4 389 udp ldap unknown
- 62.12.105.4 443 tcp ssl/http open nginx
- 62.12.105.4 445 tcp microsoft-ds closed
- 62.12.105.4 520 udp route unknown
- 62.12.105.4 993 tcp ssl/imaps open
- 62.12.105.4 995 tcp ssl/pop3s open
- 62.12.105.4 2049 udp nfs unknown
- 62.12.105.4 8443 tcp https-alt open
- 77.72.0.146 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:05. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
- 77.72.0.146 67 udp dhcps unknown
- 77.72.0.146 68 udp dhcpc unknown
- 77.72.0.146 69 udp tftp unknown
- 77.72.0.146 80 tcp http open
- 77.72.0.146 88 udp kerberos-sec unknown
- 77.72.0.146 110 tcp pop3 open
- 77.72.0.146 123 udp ntp unknown
- 77.72.0.146 139 udp netbios-ssn unknown
- 77.72.0.146 143 tcp imap open
- 77.72.0.146 389 udp ldap unknown
- 77.72.0.146 443 tcp https open
- 77.72.0.146 465 tcp smtps open
- 77.72.0.146 520 udp route unknown
- 77.72.0.146 587 tcp submission open
- 77.72.0.146 993 tcp imaps open
- 77.72.0.146 995 tcp pop3s open
- 77.72.0.146 2049 udp nfs unknown
- 147.237.77.18 53 udp domain unknown
- 147.237.77.18 67 udp dhcps unknown
- 147.237.77.18 68 udp dhcpc unknown
- 147.237.77.18 69 udp tftp unknown
- 147.237.77.18 80 tcp http open
- 147.237.77.18 88 udp kerberos-sec unknown
- 147.237.77.18 123 udp ntp unknown
- 147.237.77.18 139 udp netbios-ssn unknown
- 147.237.77.18 161 udp snmp unknown
- 147.237.77.18 162 udp snmptrap unknown
- 147.237.77.18 389 udp ldap unknown
- 147.237.77.18 520 udp route unknown
- 147.237.77.18 2049 udp nfs unknown
- #######################################################################################################################################
- Anonymous JTSEC #OpSudan Full Recon #92
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement