API tools faq
paste
Advertisement
Guest User

ISIS WEb Dox

a guest
Nov 19th, 2015
1,025
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.81 KB | None | 0 0
raw download clone embed print report
  1. ---------------------------------------------------------------------------
  2.  
  3. Target[1]
  4.  
  5. ---------------------------------------------------------------------------
  6. + Target IP: 104.18.58.100 [IPTrace:- US, CA, California, San Francisco, 94107, 37.769699, -122.393303, 807, 415]
  7. + Target Hostname: jaishalislam.com
  8. + Target Port: 80
  9. ---------------------------------------------------------------------------
  10. Administrative Contact Information
  11. Registrant Name: islam army
  12. Registrant Organization: islam army
  13. Registrant Street: Turkey
  14. Registrant City: Turkey
  15. Registrant State/Province: istanbol
  16. Registrant Postal Code: 0000
  17. Registrant Country: TR
  18. Registrant Phone: +90.5357242870
  19. Registrant Phone Ext:
  20. Registrant Fax: +90.5357242870
  21. Registrant Fax Ext:
  22. Registrant Email: islam-army.com@gmail.com
  23. Registry Admin ID:
  24. Admin Name: islam army
  25. ---------------------------------------------------------------------------
  26. + Server: cloudflare-nginx
  27. + Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN
  28. + Uncommon header 'cf-ray' found, with contents: 2471e63f7cf60491-CDG
  29. + Cookie __cfduid created without the httponly flag
  30. + No CGI Directories found
  31. + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
  32. + 6544 items checked: 0 error(s) and 3 item(s) reported on remote host
  33. ---------------------------------------------------------------------------
  34.  
  35. Target [2]
  36.  
  37. ---------------------------------------------------------------------------
  38. + Target IP: 104.27.162.228 [IPTrace:- CA, California, San Francisco, 94107, 37.769699, -122.393303, 807, 415]
  39. + Target Hostname: alfath.org
  40. + Target Port: 80
  41. + Start Time: 2015-11-18 08:39:58 (GMT0)
  42. ---------------------------------------------------------------------------
  43. Administrative Contact Information: Protected By - WhoisGuard Protected
  44. ---------------------------------------------------------------------------
  45. [+] robots.txt available under: 'http://alfath.org/robots.txt'
  46. [!] Full Path Disclosure (FPD) in 'http://alfath.org/wp-includes/rss-functions.php': /home/alfath/public_html/wp-includes/rss-functions.php
  47. [+] Interesting header: CF-RAY: 247b29373ef0024a-CDG
  48. [+] Interesting header: SERVER: cloudflare-nginx
  49. [+] Interesting header: X-CACHE: MISS
  50. [+] XML-RPC Interface available under: http://alfath.org/xmlrpc.php
  51. [!] Upload directory has directory listing enabled: http://alfath.org/wp-content/uploads/
  52. [+] WordPress version 4.3.1 identified from advanced fingerprinting
  53. [+] WordPress theme in use: alfathmedia2 - v1.3
  54. [+] Name: alfathmedia2 - v1.3
  55. | Location: http://alfath.org/wp-content/themes/alfathmedia2/
  56. | Readme: http://alfath.org/wp-content/themes/alfathmedia2/readme.txt
  57. | Style URL: http://alfath.org/wp-content/themes/alfathmedia2/style.css
  58. | Theme Name: AlfathMedia
  59. | Theme URI: http://alfath.org/
  60. | Description: Temporary Template.
  61. | Author: Mushab Ibn Umair
  62. | Author URI: http://alfath.org/
  63. [+] Enumerating plugins from passive detection ...
  64. | 3 plugins found:
  65. [+] Name: contact-form-7 - v4.2.2
  66. | Location: http://alfath.org/wp-content/plugins/contact-form-7/
  67. | Readme: http://alfath.org/wp-content/plugins/contact-form-7/readme.txt
  68. [!] The version is out of date, the latest version is 4.3
  69. [!] Directory listing is enabled: http://alfath.org/wp-content/plugins/contact-form-7/
  70. [+] Name: responsive-lightbox - v1.6.1
  71. | Location: http://alfath.org/wp-content/plugins/responsive-lightbox/
  72. | Readme: http://alfath.org/wp-content/plugins/responsive-lightbox/readme.txt
  73. [!] The version is out of date, the latest version is 1.6.5
  74. [+] Name: wp-pagenavi - v2.88
  75. | Latest version: 2.88 (up to date)
  76. | Location: http://alfath.org/wp-content/plugins/wp-pagenavi/
  77. | Readme: http://alfath.org/wp-content/plugins/wp-pagenavi/readme.txt
  78. [!] Directory listing is enabled: http://alfath.org/wp-content/plugins/wp-pagenavi/
  79. ---------------------------------------------------------------------------
  80. + Server: cloudflare-nginx
  81. + Uncommon header 'cf-ray' found, with contents: 24725e2ed18d0c11-AMS
  82. + Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN
  83. + Cookie __cfduid created without the httponly flag
  84. + No CGI Directories found
  85. + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
  86. + 6544 items checked: 0 error(s) and 3 item(s) reported on remote host
  87. ---------------------------------------------------------------------------
  88.  
  89. Target[3]
  90.  
  91. ---------------------------------------------------------------------------
  92. + Target IP: 192.0.78.12 [IPTrace:- US, CA, California, San Francisco, 94110, 37.748402, -122.415604, 807, 415]
  93. + Target Hostname: millahibrahim.wordpress.com
  94. + Target Admin Page
  95. + Target Port: 80
  96. + Start Time: 2015-11-18 09:42:50 (GMT0)
  97. ---------------------------------------------------------------------------
  98. Administrative Contact Information: Protected By - WhoisGuard Protected
  99. ---------------------------------------------------------------------------
  100. [+] Interesting header: SERVER: nginx
  101. [+] Interesting header: X-AC: 1.fra _dca
  102. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
  103. [+] XML-RPC Interface available under: http://millahibrahim.wordpress.com/xmlrpc.php
  104. ---------------------------------------------------------------------------
  105. + Server: nginx
  106. + The anti-clickjacking X-Frame-Options header is not present.
  107. + Uncommon header 'x-ac' found, with contents: 1.fra _dca
  108. + Root page / redirects to: https://millahibrahim.wordpress.com/
  109. + No CGI Directories found
  110. + Server leaks inodes via ETags, header found with file /, fields: 0x56442a12 0x4d1
  111. + 6544 items checked: 7 error(s) and 3 item(s) reported on remote host
  112. ---------------------------------------------------------------------------
  113.  
  114. Target[4]
  115.  
  116. ---------------------------------------------------------------------------
  117. + Target IP: 104.27.169.67 [IPTrace:- US, CA, California, San Francisco, 94107, 37.769699, -122.393303, 807, 415]
  118. + Target Hostname: shoutussalam.co
  119. + Admin Page http://shoutussalam.co/wp_login & http://shoutussalam.co/admin
  120. + Target Port: 80
  121. + Start Time: 2015-11-18 10:20:36 (GMT0)
  122. ---------------------------------------------------------------------------
  123. Administrative Contact Information: Protected By - WhoisGuard Protected
  124. ---------------------------------------------------------------------------
  125. [+] robots.txt available under: 'http://shoutussalam.co/robots.txt'
  126. [+] Interesting header: CF-RAY: 247b1f32ba172762-FRA
  127. [+] Interesting header: SERVER: cloudflare-nginx
  128. [+] Interesting header: X-POWERED-BY: EasyEngine 3.0.5
  129. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
  130. [+] XML-RPC Interface available under: http://shoutussalam.co/xmlrpc.php
  131. [+] Enumerating plugins from passive detection ...
  132. | 4 plugins found:
  133.  
  134. [+] Name: jetpack
  135. | Latest version: 3.8.0
  136. | Location: http://shoutussalam.co/wp-content/plugins/jetpack/
  137. | Changelog: http://shoutussalam.co/wp-content/plugins/jetpack/changelog.txt
  138.  
  139.  
  140. [!] Title: Jetpack <= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass
  141.  
  142. [!] Title: Jetpack by WordPress.com 3.0-3.4.2 - Cross-Site Scripting (XSS)
  143.  
  144. [!] Title: Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)
  145.  
  146. [!] Title: Jetpack <= 3.7.0 - Stored Cross-Site Scripting (XSS)
  147.  
  148. [!] Title: Jetpack <= 3.7.0 - Information Disclosure
  149.  
  150. [+] Name: wp-to-twitter
  151. | Latest version: 3.1.8
  152. | Location: http://shoutussalam.co/wp-content/plugins/wp-to-twitter/
  153. | Changelog: http://shoutussalam.co/wp-content/plugins/wp-to-twitter/changelog.txt
  154.  
  155. [+] Name: wptouch-pro-3
  156. | Location: http://shoutussalam.co/wp-content/plugins/wptouch-pro-3/
  157. [!] An error_log file has been found: http://shoutussalam.co/wp-content/plugins/wptouch-pro-3/error_log
  158.  
  159. [+] Name: w3-total-cache
  160. | Latest version: 0.9.4.1
  161. | Location: http://shoutussalam.co/wp-content/plugins/w3-total-cache/
  162.  
  163. [!] Title: W3 Total Cache 0.9.2.4 - Username and Hash Extract
  164.  
  165. [!] Title: W3 Total Cache - Remote Code Execution
  166.  
  167. [!] Title: W3 Total Cache 0.9.4 - Edge Mode Enabling CSRF
  168.  
  169. [!] Title: W3 Total Cache <= 0.9.4 - Cross-Site Request Forgery (CSRF)
  170.  
  171. [!] Title: W3 Total Cache <= 0.9.4 - Debug Mode XSS
  172. ---------------------------------------------------------------------------
  173. + Server: cloudflare-nginx
  174. + Uncommon header 'cf-ray' found, with contents: 2472f199c2b00c89-AMS
  175. + Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN
  176. + Cookie __cfduid created without the httponly flag
  177. + No CGI Directories found (use '-C all' to force check all possible dirs)
  178. + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
  179. + Uncommon header 'x-pingback' found, with contents: http://shoutussalam.co/xmlrpc.php
  180. + Retrieved x-powered-by header: EasyEngine 3.0.5
  181. + 6544 items checked: 24 error(s) and 5 item(s) reported on remote host
  182. + End Time: 2015-11-18 12:10:42 (GMT0) (6606 seconds)
  183. ---------------------------------------------------------------------------
  184.  
  185. Target[5]
  186.  
  187. ---------------------------------------------------------------------------
  188. + Target IP: 192.99.109.25[IPTrace:- CA, QC, Quebec, Montréal, H3A, 45.504002, -73.574699, 0, 0]
  189. + Target Hostname: zad-muslim.com
  190. + Target Port: 80
  191. + Start Time: 2015-11-19 01:25:09 (GMT0)
  192. + Twitter @zadmuslam
  193. ---------------------------------------------------------------------------
  194. Registry Registrant ID:
  195. Registrant Name: Ahmad Rimawi
  196. Registrant Organization:
  197. Registrant Street: Qatar
  198. Registrant Street: Qatar
  199. Registrant City: Qatar
  200. Registrant State/Province: Qatar
  201. Registrant Postal Code: 00970
  202. Registrant Country: Qatar
  203. Registrant Phone: +63.2564485
  204. Registrant Phone Ext:
  205. Registrant Fax Ext:
  206. Registrant Email: eng.rimawi@gmail.com
  207. ---------------------------------------------------------------------------
  208. + Server: Apache
  209. + Retrieved x-powered-by header: PHP/5.4.34
  210. + The anti-clickjacking X-Frame-Options header is not present.
  211. + No CGI Directories found (use '-C all' to force check all possible dirs)
  212. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
  213. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
  214. + OSVDB-12184: /index.php/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  215. + OSVDB-12184: /index.php/some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  216. + OSVDB-12184: /index.php/some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  217. + OSVDB-12184: /index.php/some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  218. + OSVDB-4231: /index.php/7IiQI.xml: Coccoon from Apache-XML project reveals file system path in error messages.
  219. + 6544 items checked: 3 error(s) and 9 item(s) reported on remote host
  220. + End Time: 2015-11-19 02:25:52 (GMT0) (3643 seconds)
  221. ---------------------------------------------------------------------------
  222.  
  223. Target[6]
  224.  
  225. ---------------------------------------------------------------------------
  226. + Target IP: 162.159.244.119 [IPTrace:- CA, California, San Francisco, 94107, 37.769699, -122.393303, 807, 415]
  227. + Target Hostname: www.mnbr.info
  228. + Target Port: 443
  229. + Start Time: 2015-11-19 02:59:16 (GMT0)
  230.  
  231. ---------------------------------------------------------------------------
  232. Registrant Contact Information: WhoisGuard Protected
  233. ---------------------------------------------------------------------------
  234. + Server: cloudflare-nginx
  235. + The anti-clickjacking X-Frame-Options header is not present.
  236. + No CGI Directories found (use '-C all' to force check all possible dirs)
  237. + 6544 items checked: 0 error(s) and 1 item(s) reported on remote host
  238. + End Time: 2015-11-19 03:24:45 (GMT0) (1529 seconds)
  239. ---------------------------------------------------------------------------
  240. + Target IP: 192.0.78.12
  241. + Target Hostname: ismailabduljabbaralbrazili.wordpress.com
  242. + Admin Page: https://ismailabduljabbaralbrazili.wordpress.com/wp-login.php & https://ismailabduljabbaralbrazili.wordpress.com/wp-admin/
  243. + Target Port: 443
  244. + Start Time: 2015-11-19 09:15:21 (GMT0)
  245. ---------------------------------------------------------------------------
  246. Registrant Contact Information: WhoisGuard Protected
  247. ---------------------------------------------------------------------------
  248. [+] WordPress theme in use: pub
  249.  
  250. [+] Name: pub
  251. | Location: http://ismailabduljabbaralbrazili.wordpress.com/wp-content/themes/pub/
  252. | Style URL: http://ismailabduljabbaralbrazili.wordpress.com/wp-content/themes/pub/style.css
  253. | Referenced style.css: https://s0.wp.com/wp-content/themes/pub/twentytwelve/style.css
  254. ---------------------------------------------------------------------------
  255. + Server: nginx
  256. + The anti-clickjacking X-Frame-Options header is not present.
  257. + Uncommon header 'x-ac' found, with contents: 1.fra
  258. + No CGI Directories found (use '-C all' to force check all possible dirs)
  259. + Server leaks inodes via ETags, header found with file ., fields: 0x5644f323 0x4d1
  260. ---------------------------------------------------------------------------
  261.  
  262. Target[7]
  263.  
  264. ---------------------------------------------------------------------------
  265. + Target IP: 66.155.38.250[IPTrace:- US, GA, Georgia, Atlanta, 30303, 33.751598, -84.391502, 524, 404]
  266. + Target Hostname: jihadology.net
  267. + Admin Page http://jihadology.net/wp-login.php
  268. + Target Port: 80
  269. + Start Time: 2015-11-19 09:40:32 (GMT0)
  270. ---------------------------------------------------------------------------
  271. Registrant Contact Information:
  272. Registry Registrant ID:
  273. Registrant Name: Registration Private
  274. Registrant Organization: Domains By Proxy, LLC
  275. Registrant Street: DomainsByProxy.com
  276. Registrant Street: 14747 N Northsight Blvd Suite 111, PMB 309
  277. Registrant City: Scottsdale
  278. Registrant State/Province: Arizona
  279. Registrant Postal Code: 85260
  280. Registrant Country: United States
  281. Registrant Phone: +1.4806242599
  282. Registrant Phone Ext:
  283. Registrant Fax: +1.4806242598
  284. Registrant Fax Ext:
  285. Registrant Email: Email JIHADOLOGY.NET@domainsbyproxy.com
  286. ---------------------------------------------------------------------------
  287. [+] robots.txt available under: 'http://jihadology.net/robots.txt'
  288. [+] Interesting entry from robots.txt: http://jihadology.net/next/
  289. [+] Interesting entry from robots.txt: http://jihadology.net/mshots/v1/
  290. [+] Interesting entry from robots.txt: http://jihadology.net/activate/
  291. [+] Interesting entry from robots.txt: http://jihadology.net/public.api/
  292. [+] Interesting entry from robots.txt: http://jihadology.net/cgi-bin/
  293. [+] Interesting header: LINK: <http://wp.me/RpVP>; rel=shortlink
  294. [+] Interesting header: SERVER: nginx
  295. [+] Interesting header: X-HACKER: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
  296. [+] Interesting header: X-SHARD: 57
  297. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
  298. [+] XML-RPC Interface available under: http://jihadology.net/xmlrpc.php
  299. [+] Enumerating plugins from passive detection ...
  300. | 1 plugin found:
  301.  
  302. [+] Name: ie-sitemode
  303. | Location: http://jihadology.net/wp-content/plugins/ie-sitemode/
  304. ---------------------------------------------------------------------------
  305.  
  306. Target[8]
  307.  
  308.  
  309. ---------------------------------------------------------------------------
  310. + Target IP: 192.0.78.13[IPTrace:- US, CA, California, San Francisco, 94110, 37.748402, -122.415604, 807, 415]
  311. + Target Hostname: azelin.wordpress.com
  312. + Target Port: 80
  313. + Start Time: 2015-11-19 11:19:09 (GMT0)
  314. ---------------------------------------------------------------------------
  315. Registrant Contact Information: WhoisGuard Protected
  316. ---------------------------------------------------------------------------
  317. [+] Interesting header: SERVER: nginx
  318. [+] Interesting header: X-AC: 1.ams _dca
  319. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
  320. [+] XML-RPC Interface available under: http://azelin.wordpress.com/xmlrpc.php
  321. ---------------------------------------------------------------------------
  322. + Server: nginx
  323. + The anti-clickjacking X-Frame-Options header is not present.
  324. + Uncommon header 'x-pingback' found, with contents: http://jihadology.net/xmlrpc.php
  325. + Uncommon header 'x-nananana' found, with contents: Batcache
  326. + Uncommon header 'link' found, with contents: <http://wp.me/RpVP>; rel=shortlink
  327. + Uncommon header 'x-shard' found, with contents: 57
  328. + Uncommon header 'x-hacker' found, with contents: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
  329. + File/dir '/wp-login.php' in robots.txt returned a non-forbidden or redirect HTTP code (302)
  330. + "robots.txt" contains 7 entries which should be manually viewed.
  331. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
  332. + OSVDB-9392: /userinfo.php?uid=1;: Xoops portal gives detailed error messages including SQL syntax and may allow an exploit.
  333. + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  334. + OSVDB-3931: /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  335. + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  336. + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  337. + OSVDB-4598: /members.asp?SF=%22;}alert(223344);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  338. + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  339. + OSVDB-38019: /?mod=<script>alert(document.cookie)</script>&op=browse: Sage 1.0b3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  340. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
  341. + OSVDB-10944: /cgi-bin/: text goes here
  342. ---------------------------------------------------------------------------
  343. + Server banner has changed from 'nginx' to 'squid' which may suggest a WAF, load balancer or proxy is in place
  344. + Uncommon header 'x-squid-error' found, with contents: ERR_ZERO_SIZE_OBJECT 0
  345. + Server leaks inodes via ETags, header found with file /read/rss?forum=nonexistant&rev=0.92, fields: 0xc8c7428c3b3576e6aaa1ee0c3f1d7551
  346. + /wordpress/: A Wordpress installation was found.
  347. + 6544 items checked: 80 error(s) and 22 item(s) reported on remote host
  348. + End Time: 2015-11-19 20:12:55 (GMT0) (16085 seconds)
  349. ---------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!