AnonymousSriLanka

OHCHR.COM (Human Rights Commission) MAIL/WAF and RSA LEAK

Apr 23rd, 2012
783
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. OHCHR.COM (Human Rights Commission) MAIL/WAF and RSA LEAK ..!!
  2. (ATTACK NON-INTRUSIVE)
  3.  
  4. PROJECT DEDICATION: PROJECT SARADIYEL (http://en.wikipedia.org/wiki/Uthuwankande_Soora_Saradiyel)
  5.  
  6. EXCLUSIVE FROM - Anonymous Sri Lanka
  7.  
  8. WWW.OHCHR.COM -----> Servers Fuck3D and Bust3D
  9.  
  10. Primary Server Data Leak with Transferring (Data Leak)....!!
  11.  
  12. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
  13.  
  14.  
  15. THIS ATTACK AGAINST THE DIRTIEST THINGS AGAINST THE SRI LANKA BY HUMAN RIGHTS COMMISSION ....!!!!!
  16.  
  17. webmail.ohchr.org (193.194.138.188)
  18.  
  19. 80/tcp open http syn-ack
  20. |
  21. | http-waf-detect: IDS/IPS/WAF detected:
  22. |_webmail.ohchr.org:80/?p4yl04d3=<script>alert(document.cookie)</script>
  23. | http-headers:
  24. | Content-Length: 0
  25. | Location: https://webmail.ohchr.org/
  26. |
  27. |
  28. | ssl-cert: Subject: commonName=webmail.ohchr.org/organizationName=International Computing Centre/stateOrProvinceName=Geneva/countryName=CH/streetAddress=Palais des Nations/localityName=Geneva/postalCode=1211/organizationalUnitName=InstantSSL
  29. | Issuer: commonName=COMODO High-Assurance Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
  30. | Public Key type: rsa
  31. | Public Key bits: 2048
  32. | Not valid before: 2012-02-22 00:00:00
  33. | Not valid after: 2013-04-09 23:59:59
  34. | MD5: 4bf0 10ab 22fb d81c 9af7 b1d4 e1c8 94c1
  35. | SHA-1: 5c4f 18b6 9a04 e3d8 151a 3037 69f6 2d01 7f0c 66c7
  36. | -----BEGIN CERTIFICATE-----
  37. | MIIF5TCCBM2gAwIBAgIRAI6wwjoVSm2ynLRYr1rRC08wDQYJKoZIhvcNAQEFBQAw
  38. | gYkxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
  39. | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMS8wLQYD
  40. | VQQDEyZDT01PRE8gSGlnaC1Bc3N1cmFuY2UgU2VjdXJlIFNlcnZlciBDQTAeFw0x
  41. | MjAyMjIwMDAwMDBaFw0xMzA0MDkyMzU5NTlaMIH7MQswCQYDVQQGEwJDSDENMAsG
  42. | A1UEERMEMTIxMTEPMA0GA1UECBMGR2VuZXZhMQ8wDQYDVQQHEwZHZW5ldmExGzAZ
  43. | BgNVBAkTElBhbGFpcyBkZXMgTmF0aW9uczEnMCUGA1UEChMeSW50ZXJuYXRpb25h
  44. | bCBDb21wdXRpbmcgQ2VudHJlMUQwQgYDVQQLEztJc3N1ZWQgdGhyb3VnaCBJbnRl
  45. | cm5hdGlvbmFsIENvbXB1dGluZyBDZW50cmUgRS1QS0kgTWFuYWdlcjETMBEGA1UE
  46. | CxMKSW5zdGFudFNTTDEaMBgGA1UEAxMRd2VibWFpbC5vaGNoci5vcmcwggEiMA0G
  47. | CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI4bJ4yAVAXhAlZpOJtlh7tbxrY7t6
  48. | wyJV+BYOlaAywJa1Y1gDJRZ0pScGH/tu76jdAZc3wBDp84KeZzyehhlI87UNAaK4
  49. | 3POZbWCRI4zF6whURL28l5TfpzUSvSaLX9ZrW3eK4KDXubWriXKKrzpZuWiCGiUL
  50. | cIckJkD7I++xbUtHs/5dgka+xuUJg28tbn+QzzfnCp7RcaKmXNxAJgqe6AkdHVxu
  51. | RXRdjWk4jTqj7twzcGyvv5QqfHSfmFOP3DeB5GH/814J2ssmHPvcg0Qm/C02/NsF
  52. | UIblz1ICMyjCb4zlrqWIfKVdaD2We6DjetHPXwlBXSo8sOD4LukOhGNNAgMBAAGj
  53. | ggHSMIIBzjAfBgNVHSMEGDAWgBQ/1bXQ1kR5UEoXo5uMSty4sCJkazAdBgNVHQ4E
  54. | FgQUyv8XSVUNTrEmxBIwuJwjpb7jH/swDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
  55. | /wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0w
  56. | OwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNv
  57. | bW9kby5jb20vQ1BTME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwuY29tb2Rv
  58. | Y2EuY29tL0NPTU9ET0hpZ2gtQXNzdXJhbmNlU2VjdXJlU2VydmVyQ0EuY3JsMIGA
  59. | BggrBgEFBQcBAQR0MHIwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jcnQuY29tb2RvY2Eu
  60. | Y29tL0NPTU9ET0hpZ2gtQXNzdXJhbmNlU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
  61. | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wMwYDVR0RBCwwKoIRd2Vi
  62. | bWFpbC5vaGNoci5vcmeCFXd3dy53ZWJtYWlsLm9oY2hyLm9yZzANBgkqhkiG9w0B
  63. | AQUFAAOCAQEAuoNFHDR/XfAGQiSu1ig6smCcqPTK+ZSGexWMpgygtjCjzyFVSKgN
  64. | QEYari/BCxw8LCLsQPLCLxsqnKulhFjSA5aIBPZqgQ9+FZz2ONVTw0PzsitSTWsH
  65. | h6x+7F4MbvCwXRpMKmvmMMzAW6H26Kyq4iDGINJ+gtRkb1OP8hUvv46QfiRJ/LdW
  66. | 53yGvKt2lpB4D5r9yE4Yz/Hcb1jCtaA+78xvSkPsopysXIeky2dWgw9f0+anFFRE
  67. | hhYjZTHa20pbyPISANQBQvCYOTmdQgavJhrZfyLYjTxTaSu9tA79gMkijXH2dtQF
  68. | 2rmXrlE8mgyisN/LFS76a3E4G4NCWPSvbg==
  69. |_-----END CERTIFICATE-----
  70. |
  71. | http-robots.txt: 1 disallowed entry
  72. |_/
  73. | http-title: OHCHR Web Mail Access
  74. |_Requested resource was https://webmail.ohchr.org/dana-na/auth/url_4/welcome.cgi
  75. |
  76. | http-headers:
  77. | Location: https://webmail.ohchr.org/dana-na/auth/url_4/welcome.cgi
  78. | Content-Type: text/html; charset=utf-8
  79. | Set-Cookie: DSSIGNIN=url_4; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure
  80. | Set-Cookie: DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure
  81. | Set-Cookie: DSSignInURL=/; path=/; secure
  82. | Connection: close
  83. |
  84. |_ (Request type: GET)
  85. |_http-userdir-enum: Didn't find any users!
  86. | ssl-enum-ciphers:
  87. | SSLv3
  88. | Ciphers (9)
  89. | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - unknown strength
  90. | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - unknown strength
  91. | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - unknown strength
  92. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  93. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  94. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  95. | TLS_RSA_WITH_DES_CBC_SHA - unknown strength
  96. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  97. | TLS_RSA_WITH_RC4_128_SHA - strong
  98. | Compressors (1)
  99. | NULL
  100. | TLSv1.0
  101. | Ciphers (9)
  102. | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - unknown strength
  103. | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - unknown strength
  104. | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - unknown strength
  105. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  106. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  107. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  108. | TLS_RSA_WITH_DES_CBC_SHA - unknown strength
  109. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  110. | TLS_RSA_WITH_RC4_128_SHA - strong
  111. | Compressors (1)
  112. | NULL
  113. |_ Least strength = unknown strength
  114. | http-vhosts:
  115. |_405 names had status 302
  116. | http-enum:
  117. |_ /robots.txt: Robots file
  118.  
  119.  
  120. Host script results:
  121. | unusual-port:
  122. |_ WARNING: this script depends on Nmap's service/version detection (-sV)
  123. |_path-mtu: PMTU == 1500
  124. | ip-geolocation-geobytes:
  125. | 193.194.138.188 (webmail.ohchr.org)
  126. | coordinates (lat,lon): 46.2,6.167
  127. |_ city: Geneva, Geneve, Switzerland
  128. | ip-geolocation-geoplugin:
  129. | 193.194.138.188 (webmail.ohchr.org)
  130. | coordinates (lat,lon): 46.200000762939,6.166699886322
  131. |_ state: 7, Switzerland
  132. | asn-query:
  133. | BGP: 193.194.138.0/24 | Country: CH
  134. | Origin AS: 8659 - AS8659 United Nations International Computing Centre
  135. |_ Peer AS: 3549 8220
  136. | whois: Record found at whois.ripe.net
  137. | inetnum: 193.194.138.0 - 193.194.139.255
  138. | netname: UNICC
  139. | descr: United Nations International Computing Center
  140. | country: CH
  141. | person: Roberto Kuroiwa
  142. |_email: callcentre@unicc.org
  143. |_ipidseq: Unknown [used port 80]
  144. | dns-brute:
  145. | DNS Brute-force hostnames
  146. | www.ohchr.org - 193.194.138.68
  147. | mail.ohchr.org - 193.194.138.188
  148. | intranet.ohchr.org - 193.194.138.111
  149. | smtp.ohchr.org - 193.194.138.188
  150. | ftp.ohchr.org - 192.91.247.98
  151. | ap.ohchr.org - 193.194.138.185
  152. |_ info.ohchr.org - 193.194.138.183
  153. | qscan:
  154. | PORT FAMILY MEAN (us) STDDEV LOSS (%)
  155. | 80 0 390517.00 10508.25 0.0%
  156. |_443 0 395191.30 14500.48 0.0%
RAW Paste Data