API tools faq
paste
Advertisement
Guest User

AfricanDOS

a guest
Jul 14th, 2015
346
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.17 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Scan date: 16-7-2015 18:58:30
  3. ===================================================================================================
  4. | Domain: http://africandos.com/login.php/
  5. | Server: cloudflare-nginx
  6. | IP: 104.27.135.74
  7. ===================================================================================================
  8. ===================================================================================================
  9. | Looking for Drupal plugins/modules
  10. |
  11. ===================================================================================================
  12. | WEB SERVICES
  13. |
  14. ===================================================================================================
  15. | FAVICON.ICO
  16. |
  17. ===================================================================================================
  18. | ERROR INFORMATION
  19. |
  20. | Just a moment... Please turn JavaScript on and reload the page. Checking your browser before accessing africandos.com. This process is automatic. Your browser will redirect to your requested content shortly. Please allow up to 5 seconds… DDoS protection by CloudFlare Ray ID: 206225a2055a21aa
  21. | Just a moment... Please turn JavaScript on and reload the page. Checking your browser before accessing africandos.com. This process is automatic. Your browser will redirect to your requested content shortly. Please allow up to 5 seconds… DDoS protection by CloudFlare Ray ID: 206225a2256421aa
  22. ===================================================================================================
  23. | TYPE ERROR
  24. |
  25. ===================================================================================================
  26. | SERVER MOBILE
  27. |
  28. | index page reqested with an Iphone UserAgent is diferent then with a regular UserAgent. This Host may have a mobile site
  29. ===================================================================================================
  30. | LANGUAGE
  31. |
  32. | lang="en-US"
  33. ===================================================================================================
  34. | INTERESTING STRINGS IN HTML
  35. |
  36. ===================================================================================================
  37. | WHOIS
  38. |
  39. |
  40. |
  41. | Whois Server Version 2.0
  42. |
  43. |
  44. |
  45. |
  46. |
  47. |
  48. |
  49. |
  50. |
  51. |
  52. |
  53. | Domain Name: AFRICANDOS.COM
  54. |
  55. | Registrar: GODADDY.COM, LLC
  56. |
  57. | Sponsoring Registrar IANA ID: 146
  58. |
  59. | Whois Server: whois.godaddy.com
  60. |
  61. | Referral URL: http://registrar.godaddy.com
  62. |
  63. | Name Server: COCO.NS.CLOUDFLARE.COM
  64. |
  65. | Name Server: CODY.NS.CLOUDFLARE.COM
  66. |
  67. | Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
  68. |
  69. | Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
  70. |
  71. | Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
  72. |
  73. | Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
  74. |
  75. | Updated Date: 02-jul-2015
  76. |
  77. | Creation Date: 02-jul-2015
  78. |
  79. | Expiration Date: 02-jul-2016
  80. |
  81. |
  82. |
  83. | >>> Last update of whois database: Wed, 15 Jul 2015 02:48:06 GMT <<<
  84. |
  85. |
  86. |
  87. |
  88. |
  89. |
  90. |
  91. |
  92. |
  93. |
  94. |
  95. |
  96. |
  97. |
  98. |
  99. |
  100. |
  101. |
  102. |
  103. |
  104. |
  105. | Registrars.
  106. |
  107. |
  108. |
  109. | For more information on Whois status codes, please visit
  110. |
  111. | https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
  112. |
  113. | Domain Name: africandos.com
  114. |
  115. | Registry Domain ID: 1943886870_DOMAIN_COM-VRSN
  116. |
  117. | Registrar WHOIS Server: whois.godaddy.com
  118. |
  119. | Registrar URL: http://www.godaddy.com
  120. |
  121. | Update Date: 2015-07-02T03:02:45Z
  122. |
  123. | Creation Date: 2015-07-02T03:02:45Z
  124. |
  125. | Registrar Registration Expiration Date: 2016-07-02T03:02:45Z
  126. |
  127. | Registrar: GoDaddy.com, LLC
  128. |
  129. | Registrar IANA ID: 146
  130. |
  131. | Registrar Abuse Contact Email: abuse@godaddy.com
  132. |
  133. | Registrar Abuse Contact Phone: +1.4806242505
  134. |
  135. | Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
  136. |
  137. | Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
  138. |
  139. | Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
  140. |
  141. | Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
  142. |
  143. | Registry Registrant ID:
  144. |
  145. | Registrant Name: Edman Manny
  146. |
  147. | Registrant Organization:
  148. |
  149. | Registrant Street: 3224 Metz Lane
  150. |
  151. | Registrant City: boston
  152. |
  153. | Registrant State/Province: Massachusetts
  154. |
  155. | Registrant Postal Code: 02210
  156. |
  157. | Registrant Country: United States
  158. |
  159. | Registrant Phone: +1.8575595557
  160. |
  161. | Registrant Phone Ext:
  162. |
  163. | Registrant Fax:
  164. |
  165. | Registrant Fax Ext:
  166. |
  167. | Registrant Email: edmanistheman90@aol.com
  168. |
  169. | Registry Admin ID:
  170. |
  171. | Admin Name: Edman Manny
  172. |
  173. | Admin Organization:
  174. |
  175. | Admin Street: 3224 Metz Lane
  176. |
  177. | Admin City: boston
  178. |
  179. | Admin State/Province: Massachusetts
  180. |
  181. | Admin Postal Code: 02210
  182. |
  183. | Admin Country: United States
  184. |
  185. | Admin Phone: +1.8575595557
  186. |
  187. | Admin Phone Ext:
  188. |
  189. | Admin Fax:
  190. |
  191. | Admin Fax Ext:
  192. |
  193. | Admin Email: edmanistheman90@aol.com
  194. |
  195. | Registry Tech ID:
  196. |
  197. | Tech Name: Edman Manny
  198. |
  199. | Tech Organization:
  200. |
  201. | Tech Street: 3224 Metz Lane
  202. |
  203. | Tech City: boston
  204. |
  205. | Tech State/Province: Massachusetts
  206. |
  207. | Tech Postal Code: 02210
  208. |
  209. | Tech Country: United States
  210. |
  211. | Tech Phone: +1.8575595557
  212. |
  213. | Tech Phone Ext:
  214. |
  215. | Tech Fax:
  216. |
  217. | Tech Fax Ext:
  218. |
  219. | Tech Email: edmanistheman90@aol.com
  220. |
  221. | Name Server: COCO.NS.CLOUDFLARE.COM
  222. |
  223. | Name Server: CODY.NS.CLOUDFLARE.COM
  224. |
  225. | DNSSEC: unsigned
  226. |
  227. | URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
  228. |
  229. | >>> Last update of WHOIS database: 2015-07-15T02:00:00Z <<<
  230. |
  231. |
  232. |
  233. | For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
  234. |
  235. |
  236. |
  237. ===================================================================================================
  238. | BANNER GRABBING:
  239. | Refresh: 8;URL=/cdn-cgi/l/chk_jschl?pass=1436928497.25-lesErXkst4
  240. ===================================================================================================
  241. ===================================================================================================
  242. | PING
  243. |
  244. | PING africandos.com (104.27.135.74) 56(84) bytes of data.
  245. | 64 bytes from 104.27.135.74: icmp_req=1 ttl=128 time=8.21 ms
  246. | 64 bytes from 104.27.135.74: icmp_req=2 ttl=128 time=8.85 ms
  247. | 64 bytes from 104.27.135.74: icmp_req=3 ttl=128 time=7.90 ms
  248. |
  249. | --- africandos.com ping statistics ---
  250. | 3 packets transmitted, 3 received, 0% packet loss, time 3025ms
  251. | rtt min/avg/max/mdev = 7.909/8.326/8.857/0.395 ms
  252. ===================================================================================================
  253. | TRACEROUTE
  254. |
  255. | traceroute to africandos.com (104.27.135.74), 30 hops max, 60 byte packets
  256. | 1 192.168.56.2 (192.168.56.2) 0.743 ms 0.197 ms 0.077 ms
  257. | 2 * * *
  258. | 3 * * *
  259. | 4 * * *
  260. | 5 * * *
  261. | 6 * * *
  262. | 7 * * *
  263. | 8 * * *
  264. | 9 * * *
  265. | 10 * * *
  266. | 11 * * *
  267. | 12 * * *
  268. | 13 * * *
  269. | 14 * * *
  270. | 15 * * *
  271. | 16 * * *
  272. | 17 * * *
  273. | 18 * * *
  274. | 19 * * *
  275. | 20 * * *
  276. | 21 * * *
  277. | 22 * * *
  278. | 23 * * *
  279. | 24 * * *
  280. | 25 * * *
  281. | 26 * * *
  282. | 27 * * *
  283. | 28 * * *
  284. | 29 * * *
  285. | 30 * * *
  286. ===================================================================================================
  287. | NSLOOKUP
  288. |
  289. | Server: 192.168.56.2
  290. | Address: 192.168.56.2#53
  291. |
  292. | Non-authoritative answer:
  293. | *** Can't find africandos.com: No answer
  294. | Authoritative answers can be found from:
  295. | africandos.com
  296. | origin = coco.ns.cloudflare.com
  297. | mail addr = dns.cloudflare.com
  298. | serial = 2018779323
  299. | refresh = 10000
  300. | retry = 2400
  301. | expire = 604800
  302. | minimum = 3600
  303. | africandos.com nameserver = cody.ns.cloudflare.com.
  304. | africandos.com nameserver = coco.ns.cloudflare.com.
  305. | Name: africandos.com
  306. | Address: 104.27.135.74
  307. | Address: 104.27.134.74
  308. | ;; connection timed out; no servers could be reached
  309. ===================================================================================================
  310. | NMAP
  311. |
  312. ####################################
  313. # Uniscan project #
  314. # http://uniscan.sourceforge.net/ #
  315. ####################################
  316. V. 6.2
  317.  
  318.  
  319. Scan date: 16-7-2015 19:0:43
  320. ===================================================================================================
  321. | Domain: http://africandos.com/login.php/
  322. | Server: cloudflare-nginx
  323. | IP: 104.27.135.74
  324. ===================================================================================================
  325. ===================================================================================================
  326. | Looking for Drupal plugins/modules
  327. |
  328. ===================================================================================================
  329. | WEB SERVICES
  330. |
  331. ===================================================================================================
  332. | FAVICON.ICO
  333. |
  334. |
  335. | Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-16 18:59 UTC
  336. | NSE: Loaded 118 scripts for scanning.
  337. | NSE: Script Pre-scanning.
  338. | Initiating Ping Scan at 18:59
  339. | Scanning africandos.com (104.27.135.74) [4 ports]
  340. | Completed Ping Scan at 18:59, 0.06s elapsed (1 total hosts)
  341. | Initiating Parallel DNS resolution of 1 host. at 18:59
  342. | Completed Parallel DNS resolution of 1 host. at 18:59, 0.04s elapsed
  343. | Initiating SYN Stealth Scan at 18:59
  344. | Scanning africandos.com (104.27.135.74) [1000 ports]
  345. | Discovered open port 80/tcp on 104.27.135.74
  346. | Discovered open port 443/tcp on 104.27.135.74
  347. | Discovered open port 554/tcp on 104.27.135.74
  348. | Discovered open port 8080/tcp on 104.27.135.74
  349. | Discovered open port 8443/tcp on 104.27.135.74
  350. | Discovered open port 7070/tcp on 104.27.135.74
  351. | Completed SYN Stealth Scan at 18:59, 5.24s elapsed (1000 total ports)
  352. | Initiating Service scan at 18:59
  353. | Scanning 6 services on africandos.com (104.27.135.74)
  354. | Completed Service scan at 18:59, 5.01s elapsed (6 services on 1 host)
  355. | Initiating OS detection (try #1) against africandos.com (104.27.135.74)
  356. | Initiating Traceroute at 18:59
  357. | Completed Traceroute at 18:59, 9.08s elapsed
  358. | NSE: Script scanning 104.27.135.74.
  359. | Initiating NSE at 18:59
  360. | Completed NSE at 19:00, 54.08s elapsed
  361. | Nmap scan report for africandos.com (104.27.135.74)
  362. | Host is up (0.020s latency).
  363. | Other addresses for africandos.com (not scanned): 104.27.134.74
  364. | Not shown: 994 filtered ports
  365. | PORT STATE SERVICE VERSION
  366. | 80/tcp open http?
  367. | 443/tcp open https?
  368. | |_http-title: 400 The plain HTTP request was sent to HTTPS port
  369. | | ssl-cert: Subject: commonName=sni101300.cloudflaressl.com
  370. | | Issuer: commonName=COMODO ECC Domain Validation Secure Server CA 2/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
  371. | | Public Key type: ec
  372. | | Public Key bits: 256
  373. | | Not valid before: 2015-07-02T00:00:00+00:00
  374. | | Not valid after: 2016-04-01T23:59:59+00:00
  375. | | MD5: 698f b29f dd8e 69d7 7f04 b2ae c9db b605
  376. | |_SHA-1: 03b3 a825 bf92 6630 b784 0e3f 8e21 b36c a765 1850
  377. | 554/tcp open rtsp?
  378. | 7070/tcp open realserver?
  379. | 8080/tcp open http-proxy?
  380. | 8443/tcp open https-alt?
  381. | Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  382. | Device type: specialized|WAP|phone
  383. | Running: iPXE 1.X, Linksys Linux 2.4.X, Linux 2.6.X, Sony Ericsson embedded
  384. | OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linksys:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6 cpe:/h:sonyericsson:u8i_vivaz
  385. | OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
  386. |
  387. | TRACEROUTE (using port 80/tcp)
  388. | HOP RTT ADDRESS
  389. | 1 ... 30
  390. |
  391. | NSE: Script Post-scanning.
  392. | Read data files from: /usr/bin/../share/nmap
  393. | OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  394. | Nmap done: 1 IP address (1 host up) scanned in 78.66 seconds
  395. | Raw packets sent: 2163 (97.792KB) | Rcvd: 8 (344B)
  396. ===================================================================================================
  397. |
  398. | Directory check:
  399. | Skipped because http://africandos.com/login.php/uniscan98/ did not return the code 404
  400. ===================================================================================================
  401. |
  402. | File check:
  403. | Skipped because http://africandos.com/login.php/uniscan686/ did not return the code 404
  404. ===================================================================================================
  405. |
  406. | Check robots.txt:
  407. |
  408. | Check sitemap.xml:
  409. ===================================================================================================
  410. |
  411. | Crawler Started:
  412. | Plugin name: FCKeditor upload test v.1 Loaded.
  413. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  414. | Plugin name: Upload Form Detect v.1.1 Loaded.
  415. | Plugin name: Code Disclosure v.1.1 Loaded.
  416. | Plugin name: E-mail Detection v.1.1 Loaded.
  417. | Plugin name: External Host Detect v.1.2 Loaded.
  418. | Plugin name: phpinfo() Disclosure v.1 Loaded.
  419. | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
  420. ===================================================================================================
  421. | ERROR INFORMATION
  422. |
  423. | Just a moment... Please turn JavaScript on and reload the page. Checking your browser before accessing africandos.com. This process is automatic. Your browser will redirect to your requested content shortly. Please allow up to 5 seconds&hellip; DDoS protection by CloudFlare Ray ID: 206228e95a3b1852
  424. | Just a moment... Please turn JavaScript on and reload the page. Checking your browser before accessing africandos.com. This process is automatic. Your browser will redirect to your requested content shortly. Please allow up to 5 seconds&hellip; DDoS protection by CloudFlare Ray ID: 206228e96a3e1852
  425. ===================================================================================================
  426. | TYPE ERROR
  427. |
  428. ===================================================================================================
  429. | SERVER MOBILE
  430. |
  431. | index page reqested with an Iphone UserAgent is diferent then with a regular UserAgent. This Host may have a mobile site
  432. ===================================================================================================
  433. | LANGUAGE
  434. |
  435. | lang="en-US"
  436. ===================================================================================================
  437. | INTERESTING STRINGS IN HTML
  438. |
  439. ===================================================================================================
  440. | WHOIS
  441. |
  442. |
  443. |
  444. | Whois Server Version 2.0
  445. |
  446. |
  447. |
  448. |
  449. |
  450. |
  451. |
  452. |
  453. |
  454. |
  455. |
  456. | Domain Name: AFRICANDOS.COM
  457. |
  458. | Registrar: GODADDY.COM, LLC
  459. |
  460. | Sponsoring Registrar IANA ID: 146
  461. |
  462. | Whois Server: whois.godaddy.com
  463. |
  464. | Referral URL: http://registrar.godaddy.com
  465. |
  466. | Name Server: COCO.NS.CLOUDFLARE.COM
  467. |
  468. | Name Server: CODY.NS.CLOUDFLARE.COM
  469. |
  470. | Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
  471. |
  472. | Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
  473. |
  474. | Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
  475. |
  476. | Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
  477. |
  478. | Updated Date: 02-jul-2015
  479. |
  480. | Creation Date: 02-jul-2015
  481. |
  482. | Expiration Date: 02-jul-2016
  483. |
  484. |
  485. |
  486. | >>> Last update of whois database: Wed, 15 Jul 2015 02:50:22 GMT <<<
  487. |
  488. |
  489. |
  490. |
  491. |
  492. |
  493. |
  494. |
  495. |
  496. |
  497. |
  498. |
  499. |
  500. |
  501. |
  502. |
  503. |
  504. |
  505. |
  506. |
  507. |
  508. | Registrars.
  509. |
  510. |
  511. |
  512. | For more information on Whois status codes, please visit
  513. |
  514. | https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
  515. |
  516. | Domain Name: africandos.com
  517. |
  518. | Registry Domain ID: 1943886870_DOMAIN_COM-VRSN
  519. |
  520. | Registrar WHOIS Server: whois.godaddy.com
  521. |
  522. | Registrar URL: http://www.godaddy.com
  523. |
  524. | Update Date: 2015-07-02T03:02:45Z
  525. |
  526. | Creation Date: 2015-07-02T03:02:45Z
  527. |
  528. | Registrar Registration Expiration Date: 2016-07-02T03:02:45Z
  529. |
  530. | Registrar: GoDaddy.com, LLC
  531. |
  532. | Registrar IANA ID: 146
  533. |
  534. | Registrar Abuse Contact Email: abuse@godaddy.com
  535. |
  536. | Registrar Abuse Contact Phone: +1.4806242505
  537. |
  538. | Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
  539. |
  540. | Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
  541. |
  542. | Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
  543. |
  544. | Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
  545. |
  546. | Registry Registrant ID:
  547. |
  548. | Registrant Name: Edman Manny
  549. |
  550. | Registrant Organization:
  551. |
  552. | Registrant Street: 3224 Metz Lane
  553. |
  554. | Registrant City: boston
  555. |
  556. | Registrant State/Province: Massachusetts
  557. |
  558. | Registrant Postal Code: 02210
  559. |
  560. | Registrant Country: United States
  561. |
  562. | Registrant Phone: +1.8575595557
  563. |
  564. | Registrant Phone Ext:
  565. |
  566. | Registrant Fax:
  567. |
  568. | Registrant Fax Ext:
  569. |
  570. | Registrant Email: edmanistheman90@aol.com
  571. |
  572. | Registry Admin ID:
  573. |
  574. | Admin Name: Edman Manny
  575. |
  576. | Admin Organization:
  577. |
  578. | Admin Street: 3224 Metz Lane
  579. |
  580. | Admin City: boston
  581. |
  582. | Admin State/Province: Massachusetts
  583. |
  584. | Admin Postal Code: 02210
  585. |
  586. | Admin Country: United States
  587. |
  588. | Admin Phone: +1.8575595557
  589. |
  590. | Admin Phone Ext:
  591. |
  592. | Admin Fax:
  593. |
  594. | Admin Fax Ext:
  595. |
  596. | Admin Email: edmanistheman90@aol.com
  597. |
  598. | Registry Tech ID:
  599. |
  600. | Tech Name: Edman Manny
  601. |
  602. | Tech Organization:
  603. |
  604. | Tech Street: 3224 Metz Lane
  605. |
  606. | Tech City: boston
  607. |
  608. | Tech State/Province: Massachusetts
  609. |
  610. | Tech Postal Code: 02210
  611. |
  612. | Tech Country: United States
  613. |
  614. | Tech Phone: +1.8575595557
  615. |
  616. | Tech Phone Ext:
  617. |
  618. | Tech Fax:
  619. |
  620. | Tech Fax Ext:
  621. |
  622. | Tech Email: edmanistheman90@aol.com
  623. |
  624. | Name Server: COCO.NS.CLOUDFLARE.COM
  625. |
  626. | Name Server: CODY.NS.CLOUDFLARE.COM
  627. |
  628. | DNSSEC: unsigned
  629. |
  630. | URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
  631. |
  632. | >>> Last update of WHOIS database: 2015-07-15T02:00:00Z <<<
  633. |
  634. |
  635. |
  636. | For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
  637. |
  638. |
  639. |
  640. ===================================================================================================
  641. | BANNER GRABBING:
  642. | Refresh: 8;URL=/cdn-cgi/l/chk_jschl?pass=1436928643.232-iYKFGw/ciL
  643. ===================================================================================================
  644. ===================================================================================================
  645. | PING
  646. |
  647. | [+] Crawling finished, 1 URL's found!
  648. |
  649. | FCKeditor File Upload:
  650. |
  651. | Timthumb:
  652. |
  653. | File Upload Forms:
  654. |
  655. | Source Code Disclosure:
  656. |
  657. | E-mails:
  658. |
  659. | External hosts:
  660. |
  661. | PHPinfo() Disclosure:
  662. |
  663. | Web Backdoors:
  664. |
  665. | Ignored Files:
  666. ===================================================================================================
  667. | Dynamic tests:
  668. | Plugin name: Learning New Directories v.1.2 Loaded.
  669. | Plugin name: FCKedior tests v.1.1 Loaded.
  670. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  671. | Plugin name: Find Backup Files v.1.2 Loaded.
  672. | Plugin name: Blind SQL-injection tests v.1.3 Loaded.
  673. | Plugin name: Local File Include tests v.1.1 Loaded.
  674. | Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
  675. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  676. | Plugin name: Remote File Include tests v.1.2 Loaded.
  677. | Plugin name: SQL-injection tests v.1.2 Loaded.
  678. | Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
  679. | Plugin name: Web Shell Finder v.1.3 Loaded.
  680. | [+] 0 New directories added
  681. |
  682. |
  683. | FCKeditor tests:
  684. | Skipped because http://africandos.com/testing123 did not return the code 404
  685. |
  686. |
  687. | Timthumb < 1.33 vulnerability:
  688. | PING africandos.com (104.27.135.74) 56(84) bytes of data.
  689. | 64 bytes from 104.27.135.74: icmp_req=1 ttl=128 time=7.71 ms
  690. | 64 bytes from 104.27.135.74: icmp_req=2 ttl=128 time=7.37 ms
  691. | 64 bytes from 104.27.135.74: icmp_req=3 ttl=128 time=7.67 ms
  692. | 64 bytes from 104.27.135.74: icmp_req=4 ttl=128 time=7.67 ms
  693. |
  694. | --- africandos.com ping statistics ---
  695. | 4 packets transmitted, 4 received, 0% packet loss, time 3006ms
  696. | rtt min/avg/max/mdev = 7.376/7.610/7.715/0.136 ms
  697. ===================================================================================================
  698. | TRACEROUTE
  699. |
  700. |
  701. |
  702. | Backup Files:
  703. | Skipped because http://africandos.com/testing123 did not return the code 404
  704. |
  705. |
  706. | Blind SQL Injection:
  707. |
  708. |
  709. | Local File Include:
  710. |
  711. |
  712. | PHP CGI Argument Injection:
  713. |
  714. |
  715. | Remote Command Execution:
  716. |
  717. |
  718. | Remote File Include:
  719. |
  720. |
  721. | SQL Injection:
  722. |
  723. |
  724. | Cross-Site Scripting (XSS):
  725. |
  726. |
  727. | Web Shell Finder:
  728. ===================================================================================================
  729. | Static tests:
  730. | Plugin name: Local File Include tests v.1.1 Loaded.
  731. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  732. | Plugin name: Remote File Include tests v.1.1 Loaded.
  733. |
  734. |
  735. | Local File Include:
  736. | traceroute to africandos.com (104.27.135.74), 30 hops max, 60 byte packets
  737. | 1 192.168.56.2 (192.168.56.2) 0.123 ms 0.079 ms 0.075 ms
  738. | 2 * * *
  739. | 3 * * *
  740. | 4 * * *
  741. | 5 * * *
  742. | 6 * * *
  743. | 7 * * *
  744. | 8 * * *
  745. | 9 * * *
  746. | 10 * * *
  747. | 11 * * *
  748. | 12 * * *
  749. | 13 * * *
  750. | 14 * * *
  751. | 15 * * *
  752. | 16 * * *
  753. | 17 * * *
  754. | 18 * * *
  755. | 19 * * *
  756. | 20 * * *
  757. | 21 * * *
  758. | 22 * * *
  759. | 23 * * *
  760. | 24 * * *
  761. | 25 * * *
  762. | 26 * * *
  763. | 27 * * *
  764. | 28 * * *
  765. | 29 * * *
  766. | 30 * * *
  767. ===================================================================================================
  768. | NSLOOKUP
  769. |
  770. | Server: 192.168.56.2
  771. | Address: 192.168.56.2#53
  772. |
  773. | Non-authoritative answer:
  774. | *** Can't find africandos.com: No answer
  775. | Authoritative answers can be found from:
  776. | africandos.com
  777. | origin = coco.ns.cloudflare.com
  778. | mail addr = dns.cloudflare.com
  779. | serial = 2018779323
  780. | refresh = 10000
  781. | retry = 2400
  782. | expire = 604800
  783. | minimum = 3600
  784. | africandos.com nameserver = cody.ns.cloudflare.com.
  785. | africandos.com nameserver = coco.ns.cloudflare.com.
  786. | Name: africandos.com
  787. | Address: 104.27.135.74
  788. | Address: 104.27.134.74
  789. | ;; connection timed out; no servers could be reached
  790. ===================================================================================================
  791. | NMAP
  792. |
  793. |
  794. |
  795. | Remote Command Execution:
  796. |
  797. |
  798. | Remote File Include:
  799. |
  800. | Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-16 19:01 UTC
  801. | NSE: Loaded 118 scripts for scanning.
  802. | NSE: Script Pre-scanning.
  803. | Initiating Ping Scan at 19:01
  804. | Scanning africandos.com (104.27.135.74) [4 ports]
  805. | Completed Ping Scan at 19:01, 0.07s elapsed (1 total hosts)
  806. | Initiating Parallel DNS resolution of 1 host. at 19:01
  807. | Completed Parallel DNS resolution of 1 host. at 19:01, 0.04s elapsed
  808. | Initiating SYN Stealth Scan at 19:01
  809. | Scanning africandos.com (104.27.135.74) [1000 ports]
  810. | Discovered open port 80/tcp on 104.27.135.74
  811. | Discovered open port 554/tcp on 104.27.135.74
  812. | Discovered open port 8080/tcp on 104.27.135.74
  813. | Discovered open port 443/tcp on 104.27.135.74
  814. | SYN Stealth Scan Timing: About 37.73% done; ETC: 19:03 (0:00:51 remaining)
  815. | SYN Stealth Scan Timing: About 38.77% done; ETC: 19:04 (0:01:36 remaining)
  816. | Increasing send delay for 104.27.135.74 from 0 to 5 due to 11 out of 25 dropped probes since last increase.
  817. | SYN Stealth Scan Timing: About 66.57% done; ETC: 19:04 (0:00:50 remaining)
  818. | Discovered open port 7070/tcp on 104.27.135.74
  819. | Discovered open port 8443/tcp on 104.27.135.74
  820. | Completed SYN Stealth Scan at 19:03, 106.47s elapsed (1000 total ports)
  821. | Initiating Service scan at 19:03
  822. | Scanning 6 services on africandos.com (104.27.135.74)
  823. | Completed Service scan at 19:05, 132.28s elapsed (6 services on 1 host)
  824. | Initiating OS detection (try #1) against africandos.com (104.27.135.74)
  825. | Retrying OS detection (try #2) against africandos.com (104.27.135.74)
  826. | Initiating Traceroute at 19:05
  827. | Completed Traceroute at 19:05, 0.02s elapsed
  828. | Initiating Parallel DNS resolution of 2 hosts. at 19:05
  829. | Completed Parallel DNS resolution of 2 hosts. at 19:05, 0.05s elapsed
  830. | NSE: Script scanning 104.27.135.74.
  831. | Initiating NSE at 19:05
  832. | Completed NSE at 19:06, 30.60s elapsed
  833. | Nmap scan report for africandos.com (104.27.135.74)
  834. | Host is up (0.0020s latency).
  835. | Other addresses for africandos.com (not scanned): 104.27.134.74
  836. | Not shown: 975 filtered ports
  837. | PORT STATE SERVICE VERSION
  838. | 80/tcp open http cloudflare-nginx
  839. | |_http-methods: No Allow or Public header in OPTIONS response (status code 503)
  840. | |_http-title: Just a moment...
  841. | 301/tcp closed unknown
  842. | 366/tcp closed odmr
  843. | 443/tcp open ssl/http cloudflare-nginx
  844. | |_http-methods: No Allow or Public header in OPTIONS response (status code 503)
  845. | |_http-title: Just a moment...
  846. | | ssl-cert: Subject: commonName=sni101300.cloudflaressl.com
  847. | | Issuer: commonName=COMODO ECC Domain Validation Secure Server CA 2/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
  848. | | Public Key type: ec
  849. | | Public Key bits: 256
  850. | | Not valid before: 2015-07-02T00:00:00+00:00
  851. | | Not valid after: 2016-04-01T23:59:59+00:00
  852. | | MD5: 698f b29f dd8e 69d7 7f04 b2ae c9db b605
  853. | |_SHA-1: 03b3 a825 bf92 6630 b784 0e3f 8e21 b36c a765 1850
  854. | 458/tcp closed appleqtc
  855. | 554/tcp open rtsp?
  856. | 714/tcp closed iris-xpcs
  857. | 765/tcp closed webster
  858. | 1972/tcp closed intersys-cache
  859. | 2161/tcp closed apc-agent
  860. | 2500/tcp closed rtsserv
  861. | 3013/tcp closed gilatskysurfer
  862. | 4003/tcp closed pxc-splr-ft
  863. | 5080/tcp closed onscreen
  864. | 6106/tcp closed isdninfo
  865. | 7070/tcp open realserver?
  866. | 7402/tcp closed rtps-dd-mt
  867. | 8007/tcp closed ajp12
  868. | 8080/tcp open http cloudflare-nginx
  869. | |_http-methods: No Allow or Public header in OPTIONS response (status code 503)
  870. | |_http-title: Just a moment...
  871. | 8181/tcp closed unknown
  872. | 8443/tcp open http cloudflare-nginx
  873. | |_http-methods: No Allow or Public header in OPTIONS response (status code 400)
  874. | |_http-title: 400 The plain HTTP request was sent to HTTPS port
  875. | | ssl-cert: Subject: commonName=sni101300.cloudflaressl.com
  876. | | Issuer: commonName=COMODO ECC Domain Validation Secure Server CA 2/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
  877. | | Public Key type: ec
  878. | | Public Key bits: 256
  879. | | Not valid before: 2015-07-02T00:00:00+00:00
  880. | | Not valid after: 2016-04-01T23:59:59+00:00
  881. | | MD5: 698f b29f dd8e 69d7 7f04 b2ae c9db b605
  882. | |_SHA-1: 03b3 a825 bf92 6630 b784 0e3f 8e21 b36c a765 1850
  883. | 9103/tcp closed jetdirect
  884. | 9998/tcp closed distinct32
  885. | 16018/tcp closed unknown
  886. | 35500/tcp closed unknown
  887. | Device type: general purpose|storage-misc
  888. | Running (JUST GUESSING): Linux 2.4.X|3.X (95%), Microsoft Windows 7|XP (91%), BlueArc embedded (87%)
  889. | OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:3 cpe:/o:microsoft:windows_7:::enterprise cpe:/o:microsoft:windows_xp::sp3 cpe:/h:bluearc:titan_2100
  890. | Aggressive OS guesses: DD-WRT v24-sp2 (Linux 2.4.37) (95%), Linux 3.2 (95%), Microsoft Windows 7 Enterprise (91%), Microsoft Windows XP SP3 (91%), BlueArc Titan 2100 NAS device (87%)
  891. | No exact OS matches for host (test conditions non-ideal).
  892. | Network Distance: 2 hops
  893. | TCP Sequence Prediction: Difficulty=260 (Good luck!)
  894. | IP ID Sequence Generation: Busy server or unknown class
  895. |
  896. | TRACEROUTE (using port 80/tcp)
  897. | HOP RTT ADDRESS
  898. | 1 0.06 ms 192.168.56.2
  899. | 2 0.06 ms 104.27.135.74
  900. |
  901. | NSE: Script Post-scanning.
  902. | Read data files from: /usr/bin/../share/nmap
  903. | OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  904. | Nmap done: 1 IP address (1 host up) scanned in 275.03 seconds
  905. | Raw packets sent: 3070 (138.320KB) | Rcvd: 1885 (266.616KB)
  906. ===================================================================================================
  907. |
  908. | Directory check:
  909. | Skipped because http://africandos.com/login.php/uniscan904/ did not return the code 404
  910. ===================================================================================================
  911. |
  912. | File check:
  913. | Skipped because http://africandos.com/login.php/uniscan635/ did not return the code 404
  914. ===================================================================================================
  915. |
  916. | Check robots.txt:
  917. |
  918. | Check sitemap.xml:
  919. ===================================================================================================
  920. |
  921. | Crawler Started:
  922. | Plugin name: FCKeditor upload test v.1 Loaded.
  923. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  924. | Plugin name: Upload Form Detect v.1.1 Loaded.
  925. | Plugin name: Code Disclosure v.1.1 Loaded.
  926. | Plugin name: E-mail Detection v.1.1 Loaded.
  927. | Plugin name: External Host Detect v.1.2 Loaded.
  928. | Plugin name: phpinfo() Disclosure v.1 Loaded.
  929. | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
  930. | [+] Crawling finished, 1 URL's found!
  931. |
  932. | FCKeditor File Upload:
  933. |
  934. | Timthumb:
  935. |
  936. | File Upload Forms:
  937. |
  938. | Source Code Disclosure:
  939. |
  940. | E-mails:
  941. |
  942. | External hosts:
  943. |
  944. | PHPinfo() Disclosure:
  945. |
  946. | Web Backdoors:
  947. |
  948. | Ignored Files:
  949. ===================================================================================================
  950. | Dynamic tests:
  951. | Plugin name: Learning New Directories v.1.2 Loaded.
  952. | Plugin name: FCKedior tests v.1.1 Loaded.
  953. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  954. | Plugin name: Find Backup Files v.1.2 Loaded.
  955. | Plugin name: Blind SQL-injection tests v.1.3 Loaded.
  956. | Plugin name: Local File Include tests v.1.1 Loaded.
  957. | Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
  958. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  959. | Plugin name: Remote File Include tests v.1.2 Loaded.
  960. | Plugin name: SQL-injection tests v.1.2 Loaded.
  961. | Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
  962. | Plugin name: Web Shell Finder v.1.3 Loaded.
  963. | [+] 0 New directories added
  964. |
  965. |
  966. | FCKeditor tests:
  967. | Skipped because http://africandos.com/testing123 did not return the code 404
  968. |
  969. |
  970. | Timthumb < 1.33 vulnerability:
  971. |
  972. |
  973. | Backup Files:
  974. | Skipped because http://africandos.com/testing123 did not return the code 404
  975. |
  976. |
  977. | Blind SQL Injection:
  978. |
  979. |
  980. | Local File Include:
  981. |
  982. |
  983. | PHP CGI Argument Injection:
  984. |
  985. |
  986. | Remote Command Execution:
  987. |
  988. |
  989. | Remote File Include:
  990. |
  991. |
  992. | SQL Injection:
  993. |
  994. |
  995. | Cross-Site Scripting (XSS):
  996. |
  997. |
  998. | Web Shell Finder:
  999. ===================================================================================================
  1000. | Static tests:
  1001. | Plugin name: Local File Include tests v.1.1 Loaded.
  1002. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  1003. | Plugin name: Remote File Include tests v.1.1 Loaded.
  1004. |
  1005. |
  1006. | Local File Include:
  1007. |
  1008. |
  1009. | Remote Command Execution:
  1010. |
  1011. |
  1012. | Remote File Include:
  1013. ===================================================================================================
  1014. | Stress tests:
  1015. | Plugin name: Mini Stress Test v.1.1 Loaded.
  1016. |
  1017. |
  1018. | Mini Stress Test:
  1019. | Looking for best cost:
  1020. | Using a as target
  1021. ===================================================================================================
  1022. | Stress tests:
  1023. | Plugin name: Mini Stress Test v.1.1 Loaded.
  1024. |
  1025. |
  1026. | Mini Stress Test:
  1027. | Looking for best cost:
  1028. | Using a as target
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!