Advertisement
marys

SonyPictures/Exploits

Dec 2nd, 2014
1,078
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Exploitation & Vulnerability Test ' by Anon-Ninja-Cat <3 For full Report see Anon Ninja Cat' who will contact Infosec Cat 'who will get Clearance from Cone Cat to Access the Cyber Hive index.
  2.  
  3. We Are Anonymous
  4. We Are Legion
  5. We Are Ghosts of the CyberHive.
  6. Anon Familia <3
  7. ------------------------------------------------------
  8. http://www.sonypictures.com/ (Hollywood, FL, US)
  9.  
  10. IP Address 72.52.12.83 <<< unknown.prolexic.com < Prolexic: DoS and DDoS Protection )
  11.  
  12. Server Type Apache
  13.  
  14. report for www.sonypictures.com (72.52.12.83) <<< unknown.prolexic.com < Prolexic: DoS and DDoS Protection )
  15.  
  16. Host is up (0.012s latency).
  17. rDNS record for 72.52.12.83: unknown.prolexic.com
  18. PORT STATE SERVICE
  19. 80/tcp open http
  20.  
  21. Target IP: 72.52.12.83 <<< prolexic.com < Prolexic: DoS and DDoS Protection )
  22.  
  23. + Target Hostname: www.sonypictures.com
  24. + Target Port: 80
  25. + Start Time: 2014-12-02 08:00:59 (GMT-5)
  26. ---------------------------------------------------------------------------
  27. + Server: Apache
  28. + robots.txt contains 2 entries which should be manually viewed.
  29. + ETag header found on server, fields: 0x4fad 0x5092bb9bcf9a9
  30. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
  31. + /WEB-INF/web.xml: JRUN default file found.
  32. + OSVDB-9392: /userinfo.php?uid=1;: Xoops portal gives detailed error messages including SQL syntax and may allow an exploit.
  33. + OSVDB-3092: /beta/: This might be interesting...
  34. + OSVDB-3092: /test.txt: This might be interesting...
  35. + OSVDB-3233: /netbasic/websinfo.bas: Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed.
  36. + OSVDB-3092: /tv/: This might be interesting... potential country code (Tuvalu)
  37. /maintenance/: Admin login page/section found.
  38.  
  39. 11 site(s) hosted on ip 72.52.12.83
  40. Location: Hollywood,United States
  41.  
  42. sonypictures.com
  43. d-9.com
  44. thisistheend.com
  45. thesocialnetwork-movie.com
  46. dragontattoo.com
  47. sonypictures.net
  48. sonypicturesanimation.com
  49. entertheunderworld.com
  50. skyfall-movie.com
  51. smurfhappens.com
  52. omnicorp.com
  53.  
  54. ======================================================================================================
  55.  
  56. Server:Apache
  57. IP Address:198.212.50.74
  58. Port:443
  59. Hostname:www.sonypictures.com
  60.  
  61. sonypictures.com A 5 minutes 198.212.50.74
  62.  
  63. report for 198.212.50.74
  64. Host is up (0.024s latency).
  65. PORT STATE SERVICE
  66. 80/tcp open http
  67. 443/tcp open https
  68.  
  69. mail.sonypictures.com A 5 minutes 209.0.235.15 (US)
  70. test.sonypictures.com A 5 minutes 64.37.182.123 (San Diego, CA, US)
  71. www.sonypictures.com A 5 minutes 72.52.12.83 (Hollywood, FL, US)
  72.  
  73. DOMAINS:
  74. www.sonypictures.com, sonypictures.com, ultraviolet.sonypictures.com, uv.sonypictures.com,
  75. ultraviolet.sonypictures.co.nz, ultraviolet.sonypictures.com.au
  76.  
  77. Serial Number:18DAD19E267DE8BB4A2158CDCC6B3B4A
  78. Fingerprint (SHA-1):4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
  79.  
  80. Serial Number:5B88DA6C7ADA7A593E729363BCB75843
  81. Fingerprint (SHA-1):8AE1D106CACCD3A2B7CBBF0FD8447EF02CB6E869
  82.  
  83. # robots.txt for SonyPictures.com
  84. User-agent: *
  85. Disallow: /global
  86. Disallow: /homevideo/bluray/ajax
  87.  
  88. The target site has no DNS wildcard, and the contents of http://sonypictures.com/search differ from the contents of http://www.sonypictures.com
  89.  
  90. The contents of http://72.52.12.83 differ from the contents of http://www.sonypictures.com
  91.  
  92. A robots.txt file was found at: "http://www.sonypictures.com/robots.txt".
  93.  
  94. The URL: "http://www.sonypictures.com/" sent the cookie: "NSC_tpozqjd-83+63+23+94-91=ffffffffc5dc2c5345525d5f4f58455e445a4a423660;path=/;httponly".
  95.  
  96. The URL: "http://www.sonypictures.com/" sent the cookie: "sto-id-20480=KABOAAAKFAAA; Expires=Fri, 29-Nov-2024 14:28:16 GMT; Path=/".
  97.  
  98. The URL: "http://www.sonypictures.com/" returned a response that may contain a "SHA1" hash. The hash is: "bf433b366f10c888002d617a38d2309abe303d79"
  99. ==================================================================================================================
  100. GET http://www.sonypictures.com/crossdomain.xml HTTP/1.1
  101. Host: www.sonypictures.com
  102. Cookie: NSC_tpozqjd-83+63+23+94-91=ffffffffc5dc2c5345525d5f4f58455e445a4a423660; sto-id-20480=KFBOAAAKFAAA
  103.  
  104. crossdomain.xml" file allows access from: "www.sonypictures.com
  105. crossdomain.xml" file allows access from: "flash.sonypictures.com
  106. crossdomain.xml" file allows access from: "secure.sonypictures.com
  107. crossdomain.xml" file allows access from: "www.sonypictures.net
  108. crossdomain.xml" file allows access from: "www.sonypictures.co.uk
  109. crossdomain.xml" file allows access from: "www.sonypictures.com.au
  110. crossdomain.xml" file allows access from: "www.sonypictures.jp
  111. crossdomain.xml" file allows access from: "www.sonywonder.com
  112. crossdomain.xml" file allows access from: "www.wheeloffortune.com
  113. crossdomain.xml" file allows access from: "www.vannastyle.com
  114. crossdomain.xml" file allows access from: "www.jeopardy.com
  115. crossdomain.xml" file allows access from: "www.007.com
  116. crossdomain.xml" file allows access from: "www.battlela.com
  117. crossdomain.xml" file allows access from: "www.district9movie.com
  118. crossdomain.xml" file allows access from: "www.multinationalunited.com
  119. crossdomain.xml" file allows access from: "www.residentevil-movie.com
  120.  
  121. The mail account: "jarancio@sonypictures.com
  122. The mail account: "alouie@sonypictures.com
  123. The mail account: "bjames@sonypictures.com
  124. The mail account: "amcelroy@sonypictures.com
  125. The mail account: "klee@sonypictures.com
  126. The mail account: "KKim@sonypictures.com
  127. The mail account: "ctewksbury@sonypictures.com
  128. The mail account: "stanimoto@sonypictures.com
  129. The mail account: "nbaleva@sonypictures.com
  130. The mail account: "cpoon@sonypictures.com
  131. The mail account: "bspaulding@sonypictures.com
  132. The mail account: "sbrooks@sonypictures.com
  133. The mail account: "croze@sonypictures.com
  134. The mail account: "richs@sonypictures.com
  135. The mail account: "kwilliams@sonypictures.com
  136. The mail account: "djordan@sonypictures.com
  137. ======================================================================================================================
  138. EXPLOITS:
  139.  
  140. Server does not use secure renegotiation settings
  141. Site is more vulnerable to Denial of Service (DOS) attacks
  142.  
  143. Server does not have session resumption enabled
  144. Users may experience slower performance
  145.  
  146. Server has not enabled HTTP Strict-Transport-Security
  147. Users may be exposed to man-in-the-middle attacks
  148.  
  149. Server doesn’t prefer ciphers that enable forward secrecy.
  150. Encrypted communications captured today are at risk of being decrypted by an attacker in the future.
  151.  
  152. Server uses RC4 cipher with modern browsers
  153. More secure ciphers are available for TLS 1.1 and newer
  154.  
  155. Server is using RC4-based ciphersuites which have known vulnerabilities
  156. Evaluate your client compatibility requirements to determine if you can disable RC4-based ciphersuites
  157.  
  158. Server configuration does not meet FIPS guidelines
  159. Federal standards for data handling are not being met
  160.  
  161. Server does not have OCSP stapling configured
  162. Users may receive slower performance and privacy may be reduced
  163.  
  164. SSL 2.0 Disabled:Pass
  165. SSL 3.0 Disabled:Pass
  166. TLS 1.0 Enabled:Pass
  167. TLS 1.1 Enabled:Pass
  168. TLS 1.2 Enabled:Pass
  169. Weak ciphersuites disabled:Pass
  170. Certificates configured correctly:Pass
  171. Secure renegotiation configured:Fail <<<<<
  172. Session resumption configured:Fail <<<<<<
  173. BEAST Vulnerability:Pass
  174. OCSP Stapling:Fail <<<<<<
  175. PCI Compliant:Pass
  176. FIPS Compliant:Fail <<<<
  177. Forward Secrecy Supported:Fail <<<<<
  178. Heartbleed Vulnerability:Pass
  179.  
  180. Certificate validation URIs resolve to IPv6 addresses:Fail
  181.  
  182. Strict Transport Security:Fail <<<<<
  183. Mixed Content (HTTP and HTTPS):Timed Out <<<<<<
  184. Domain name resolves to IPv4 address:Pass
  185. Domain name resolves to IPv6 address:Fail <<<<<
  186.  
  187.  
  188. To Sony ' it is dissapointing to see a multi billion dollar Company ' have a GRADE F/ website System ?Yes i have Graded you ? i could strip & found more Exploits & Error's 'all day long.this Exploitation & Vulnerability Test is 43% ' Pull YouR sOcKS uP ' oh and "FURY" was a good Movie , you could make a Movie about how Sony got Hacked ' i assure you it would be a Box Office HIT . p.s. you gonna have to take a pay cut & Fire someone in your Computer WEB/Security/ Department ???? ASAP
Advertisement
RAW Paste Data Copied
Advertisement