Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@Khoiruddin:~ # uniscan -u http://www.polri.go.id -qweds
- ####################################
- # Uniscan project #
- # http://uniscan.sourceforge.net/ #
- ####################################
- V. 6.2
- Scan date: 15-7-2015 23:35:6
- ===================================================================================================
- | Domain: http://www.polri.go.id/
- | Server: nginx/1.2.1
- | IP: 118.97.127.240
- ===================================================================================================
- |
- | Directory check:
- ===================================================================================================
- |
- | File check:
- | [+] CODE: 200 URL: http://www.polri.go.id/index.php
- | [+] CODE: 200 URL: http://www.polri.go.id/phpinfo.php
- ===================================================================================================
- |
- | Check robots.txt:
- |
- | Check sitemap.xml:
- ===================================================================================================
- |
- | Crawler Started:
- | Plugin name: phpinfo() Disclosure v.1 Loaded.
- | Plugin name: E-mail Detection v.1.1 Loaded.
- | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
- | Plugin name: Code Disclosure v.1.1 Loaded.
- | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
- | Plugin name: Upload Form Detect v.1.1 Loaded.
- | Plugin name: FCKeditor upload test v.1 Loaded.
- | Plugin name: External Host Detect v.1.2 Loaded.
- | [+] Crawling finished, 31 URL's found!
- |
- | PHPinfo() Disclosure:
- | [+] phpinfo() page: http://www.polri.go.id/phpinfo.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
- | [+] phpinfo() page: http://www.polri.go.id/phpinfo.php
- | System: Linux nginx-php-fastcgi 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64
- | PHP version: 5.4.4-14+deb7u5
- | allow_url_fopen: On
- | allow_url_include: Off
- | disable_functions: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
- | OpenSSL Library Version: OpenSSL 1.0.1e 11 Feb 2013
- |
- | E-mails:
- | [+] E-mail Found: thm14-07-2015_news280615155824@250.jpg
- | [+] E-mail Found: license@php.net
- | [+] E-mail Found: 14-07-2015_news280615155824@250.jpg
- |
- | Timthumb:
- |
- | Source Code Disclosure:
- |
- | Web Backdoors:
- |
- | File Upload Forms:
- |
- | FCKeditor File Upload:
- |
- | External hosts:
- | [+] External Host Found: http://humas.polri.go.id
- | [+] External Host Found: http://wowslider.net
- |
- | Ignored Files:
- ===================================================================================================
- | Dynamic tests:
- | Plugin name: Learning New Directories v.1.2 Loaded.
- | Plugin name: FCKedior tests v.1.1 Loaded.
- | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
- | Plugin name: Find Backup Files v.1.2 Loaded.
- | Plugin name: Blind SQL-injection tests v.1.3 Loaded.
- | Plugin name: Local File Include tests v.1.1 Loaded.
- | Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
- | Plugin name: Remote Command Execution tests v.1.1 Loaded.
- | Plugin name: Remote File Include tests v.1.2 Loaded.
- | Plugin name: SQL-injection tests v.1.2 Loaded.
- | Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
- | Plugin name: Web Shell Finder v.1.3 Loaded.
- | [+] 2 New directories added
- |
- |
- | FCKeditor tests:
- |
- |
- | Timthumb < 1.33 vulnerability:
- |
- |
- | Backup Files:
- |
- |
- | Blind SQL Injection:
- | [+] Vul [Blind SQL-i]: http://www.polri.go.id/[CENSORED]
- | [+] Vul [Blind SQL-i]: http://www.polri.go.id/[CENSORED]
- | [+] Keyword: Seruduk
- | [+] Keyword: Siapkan
- | [+] Vul [Blind SQL-i]: http://www.polri.go.id/[CENSORED]
- | [+] Keyword: Ditutup
- | [+] Vul [Blind SQL-i]: http://www.polri.go.id/[CENSORED]
- | [+] Keyword: Melawi
- | [+] Vul [Blind SQL-i]: http://www.polri.go.id/[CENSORED]
- | [+] Keyword: mengantisipasi
- |
- |
- | Local File Include:
- |
- |
- | PHP CGI Argument Injection:
- |
- |
- | Remote Command Execution:
- |
- |
- | Remote File Include:
- |
- |
- | SQL Injection:
- |
- |
- | Cross-Site Scripting (XSS):
- |
- |
- | Web Shell Finder:
- ===================================================================================================
- | Static tests:
- | Plugin name: Local File Include tests v.1.1 Loaded.
- | Plugin name: Remote Command Execution tests v.1.1 Loaded.
- | Plugin name: Remote File Include tests v.1.1 Loaded.
- |
- |
- | Local File Include:
- |
- |
- | Remote Command Execution:
- |
- |
- | Remote File Include:
- ===================================================================================================
- Scan end date: 15-7-2015 23:45:28
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement