API tools faq
paste
Guest User

Anonymous France ► #OpTestet

a guest
Sep 11th, 2014
1,598
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.58 KB | None | 0 0
raw download clone embed print report
  1. Anonymous France ► ZAD Partout #OpTestet / Barrage de Sivens
  2. http://youtu.be/SzPLaf3jEgI
  3.  
  4. ---------------------------------------
  5. ALL CURRENT INFORMATION ABOUT #OPTESTET
  6. ---------------------------------------
  7.  
  8. Informations : http://cacg.fr/
  9. IP: 213.186.33.40
  10. + Server: Apache
  11. + Cookie 300gpBAK created without the httponly flag
  12. + Cookie 300gp created without the httponly flag
  13. + Cookie PHPSESSID created without the httponly flag
  14. + No CGI Directories found (use '-C all' to force check all possible dirs)
  15. + /gp/Le-Conseil-dAdministration/316/config.php: PHP Config file may contain database IDs and passwords.
  16. + Retrieved x-powered-by header: PHP/5.2.17
  17. + /config.php: PHP Config file may contain database IDs and passwords.
  18. + /config/: Configuration information may be available remotely.
  19. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
  20. + OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  21. + OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  22. + OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  23. + OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  24. + OSVDB-3092: /administration/: This might be interesting...
  25. + OSVDB-3092: /config/checks.txt: This might be interesting...
  26. + OSVDB-3092: /stats/: This might be interesting...
  27. + OSVDB-3092: /test/: This might be interesting...
  28. + OSVDB-3093: /config/html/cnf_gi.htm: This might be interesting... has been seen in web logs from an unknown scanner.
  29. + OSVDB-3268: /icons/: Directory indexing found.
  30. + OSVDB-3233: /icons/README: Apache default file found.
  31. + /config/config.txt: Configuration file found.
  32. + /config/readme.txt: Readme file found.
  33. + /administration/: Admin login page/section found.
  34. + OSVDB-3092: /test.php: This might be interesting...
  35. + /adfs/ls/?wa=wsignin1.0&wtrealm=http://www.cirt.net/: Active Directory Federation Services sign in page found.
  36. + /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI, see https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/
  37.  
  38.  
  39. Informations : sebso.com
  40. + Server: Apache
  41. + The anti-clickjacking X-Frame-Options header is not present.
  42. + Cookie 60gpBAK created without the httponly flag
  43. + Cookie 60gp created without the httponly flag
  44. + Server banner has changed from 'Apache' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
  45. + No CGI Directories found (use '-C all' to force check all possible dirs)
  46. + Uncommon header 'tcn' found, with contents: list
  47. + Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. See http://www.wisec.it/sectou.php?id=4698ebdc59d15. The following alternatives for 'index' were found: index.htm
  48. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE (May be proxy's methods, not server's)
  49. + OSVDB-637: /~root/: Allowed to browse root's home directory.
  50. + Uncommon header 'x-cacheable' found, with contents: Not cacheable: not http 200
  51. + Uncommon header 'x-geo' found, with contents: varn29.rbx5
  52. + Uncommon header 'x-geo-port' found, with contents: 1010
  53. + OSVDB-3268: /icons/: Directory indexing found.
  54. + OSVDB-3233: /icons/README: Apache default file found.
  55.  
  56. -------------------------------------------------------------------------------------------
  57.  
  58. infos/IPs..et comptes facebook de quelques élus
  59.  
  60. president cg81 > mail:[email protected] ou [email protected]
  61. Conseil General Du Tarn
  62. Phone Numbers:+33 5 63 45 64 12, Fax: +33 5 63 45 64 43
  63.  
  64. Site Url:cg81.fr > IPs 46.182.213.0 > 46.182.312.255 (+?)
  65.  
  66. Info.cg81.fr IP > 46.182.213.7
  67. Tarn.fr IP > 92.43.254.213
  68.  
  69.  
  70. >>> ELUS CG81> (de la liste ici): https://tantquilyauradesbouilles.wordpress.com/le-barrage/
  71. mails/noms / facebook pages >
  72.  
  73. -J.C.Guiraud https://www.facebook.com/jeanclaude.guiraud.56
  74.  
  75. -(et deputé Tarn) JacquesValaxhttps://www.facebook.com/jacques.valax?
  76.  
  77. '[email protected], [email protected] >https://www.facebook.com/jeanpaul.raynaud.9
  78.  
  79. [email protected] > https://www.facebook.com/maryline.lherm (inactif)
  80.  
  81. -l'adresse "[email protected]" (listé ds les elus du tarn) est lié(bizarement) a ce compte facebook : Anita Vandendriessche > https://www.facebook.com/anita.vandendriessche
  82.  
  83.  
  84. ...
  85.  
  86. - - - - - - - - - - - - - - - - - - - -
  87.  
  88. - travaille conseil general (poste?) FB : lina mercier :https://www.facebook.com/lina.mercier.7
  89.  
  90. -page facebook:PS Albi : https://www.facebook.com/pages/PS-Section-Albi/206438902779578?
  91.  
  92. + -Asistante direction Conseil general : Mme Aline Merlier
  93. http://hermes.cg81.fr/ >>>[email protected] >> http://webmail.cg81.fr/SOGo/so/ <<<<login page
  94. Facebook : https://www.facebook.com/aline.merlier.1/
  95.  
  96.  
  97. ...
  98.  
  99.  
  100. -- - - - - - - - - - - - - - - -
  101. Pas sur que ca servent a quelque chose mais bon quelques infos en plus
  102. >>
  103. http://myip.ms/view/ip_addresses/783734016/46.182.213.0_46.182.213.255#i
  104.  
  105. recherche de "cg81" sur shodanHq donne resultats suivants
  106. >>
  107. 46.182.213.25
  108. E-TERA
  109. Added on 08.09.2014
  110. France Gaillac
  111. Details
  112. bib.cg81.fr
  113. 220-##################################
  114. 220-
  115. 220-Bienvenue sur le serveur FTP du Conseil General
  116. 220-
  117. 220-
  118. 220-##################################
  119. 220 contact : [email protected]
  120. 530 Login or password incorrect!
  121. 214-The following commands are recognized:
  122. USER PASS QUIT CWD PWD PORT PASV TYPE
  123. LIST REST CDUP RETR STOR SIZE DELE RMD
  124. MKD RNFR RNTO ABOR SYST NOOP APPE NLST
  125. MDTM XPWD XCUP XMKD XRMD NOP EPSV EPRT
  126. AUTH ADAT P...
  127.  
  128.  
  129.  
  130. 46.182.213.1
  131. E-TERA
  132. Added on 05.09.2014
  133. France Gaillac
  134. Details
  135.  
  136. cronos.cg81.fr 220 Serveur FTP OK
  137. 530 Login incorrect.
  138. 214-The following commands are recognized (* =>'s unimplemented):
  139. 214-CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV
  140. 214-EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD
  141. 214-XRMD MKD XMKD PWD XPWD SIZE SYST HELP
  142. 214-NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC*
  143. 214-PBSZ* PROT* TYPE STRU MODE RETR STOR STOU
  144. 214-APPE REST ABOR USER PASS ...
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!