UNITED NATIONS (UN) - Primary Citrix Application Firewall iJ

1. UNITED NATIONS (UN) - Primary Citrix Application Firewall Leaked
2. (Robots/TLS-SSL Keys/AdminFolders and etc...)
3. This Firewall Behind the Checkpoint Firewall..!!!
4.  
5. The United Nations (UN) is an international organization whose stated aims are facilitating cooperation in international law, international security, economic development, social progress, human rights, and achievement of world peace. The UN was founded in 1945 after World War II to replace the League of Nations, to stop wars between countries, and to provide a platform for dialogue. It contains multiple subsidiary organizations to carry out its missions.
6.  
7. http://www.un.org
8.  
9. THIS ATTACK AGAINST THE DIRTIEST THINGS AGAINST THE SRI LANKA BY UN .........!!!!!
10.  
11. EXCLUSIVE FROM - Anonymous Sri Lanka
12.  
13. WWW.UN.ORG -----> Fuck3D and Bust3D
14.  
15. Primary 157.150.34.32 Server Hacked and
16. with Transferring (Data Leak)....!!
17.  
18. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
19.  
20. 21/tcp open ftp syn-ack Check Point Firewall-1 ftpd
21. | ftp-anon: Anonymous FTP login allowed (FTP code 200)
22. | Can't get directory listing: Can't parse PASV response: "Access denied - wrong user name or password \
23. |_aborted"
24. | banner: 220 Check Point FireWall-1 Secure FTP server running on secper0
25. |_1
26. | ftp-brute:
27. |_ ERROR: Login didn't return a proper response
28. 22/tcp closed ssh reset
29. 23/tcp filtered telnet no-response
30. 25/tcp closed smtp reset
31. 80/tcp open http-proxy syn-ack Citrix Application Firewall
32. |_unusual-port: http-proxy unexpected on port tcp/80
33. |_citrix-brute-xml: FAILED: No domain specified (use ntdomain argument)
34. | http-grep:
35. |_ ERROR: Argument http-grep.match was not set
36. |_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
37. | http-brute:
38. |_ ERROR: No path was specified (see http-brute.path)
39. | http-affiliate-id:
40. |_ Google Analytics ID: UA-4803886-1
41. | http-form-brute:
42. |_ ERROR: No passvar was specified (see http-form-brute.passvar)
43. |_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php
44. |_http-malware-host: Host appears to be clean
45. |_http-apache-negotiation: mod_negotiation enabled.
46. | http-methods: GET HEAD OPTIONS TRACE
47. | Potentially risky methods: TRACE
48. |_See http://nmap.org/nsedoc/scripts/http-methods.html
49. | http-php-version: Logo query returned unknown hash 4e6c537e157efab6c6f2a1ef0bd2f41e
50. |_Credits query returned unknown hash 4e6c537e157efab6c6f2a1ef0bd2f41e
51. | http-robots.txt: 10 disallowed entries
52. | /womenwatch/daw/conf/seforms/l123/d123
53. | /wcm/administration/ /wcm/administrator/ /wcm/ajaxaction/
54. |_/russian/news/mobile/ /common/ /temp/ /temp1/ /temp2/ /test/
55. | http-headers:
56. | Content-Type: text/html
57. | Content-Length: -1
58. | Date: Wed, 29 Feb 2012 09:20:24 GMT
59. | Server: Apache/Not telling (Unix) AuthTDS/1.1
60. |
61. |_ (Request type: HEAD)
62. |_http-date: Wed, 29 Feb 2012 09:20:34 GMT; +56s from local time.
63. |_http-iis-webdav-vuln: ERROR: This web server is not supported.
64. |_http-favicon: Unknown favicon MD5: 7ECBB71944F5F183EEB12F80D55D861D
65. |_http-userdir-enum: Didn't find any users!
66. | http-domino-enum-passwords:
67. |_ ERROR: No valid credentials were found (see domino-enum-passwords.username and domino-enum-passwords.password)
68. 110/tcp closed pop3 reset
69. 139/tcp filtered netbios-ssn no-response
70. 443/tcp open ssl/http-proxy syn-ack Citrix Application Firewall
71. |_citrix-brute-xml: FAILED: No domain specified (use ntdomain argument)
72. | http-grep:
73. |_ ERROR: Argument http-grep.match was not set
74. | http-brute:
75. |_ ERROR: No path was specified (see http-brute.path)
76. |_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
77. |_unusual-port: http-proxy unexpected on port tcp/443
78. | http-methods: GET HEAD OPTIONS TRACE
79. | Potentially risky methods: TRACE
80. |_See http://nmap.org/nsedoc/scripts/http-methods.html
81. |_http-default-accounts: [ERROR] HTTP request table is empty. This should not happen since we at least made one request.
82. | http-form-brute:
83. |_ ERROR: No passvar was specified (see http-form-brute.passvar)
84. |_http-apache-negotiation: mod_negotiation enabled.
85. |_http-malware-host: Host appears to be clean
86. | http-headers:
87. | Date: Wed, 29 Feb 2012 09:19:55 GMT
88. | Server: Apache/Not telling (Unix) AuthTDS/1.1
89. | Content-Type: text/html
90. | Keep-Alive: timeout=5, max=96
91. | Connection: Keep-Alive
92. |
93. |_ (Request type: HEAD)
94. |_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php
95. | ssl-cert: Subject: commonName=*.un.org/organizationName=United Nations/stateOrProvinceName=New York/countryName=US/streetAddress=24-01 44th Road, 9th Floor/localityName=Long Island City/postalCode=11101-4605/organizationalUnitName=Comodo PremiumSSL Wildcard
96. | Issuer: commonName=UTN-USERFirst-Hardware/organizationName=The USERTRUST Network/stateOrProvinceName=UT/countryName=US/localityName=Salt Lake City/organizationalUnitName=http://www.usertrust.com
97. | Public Key type: rsa
98. | Public Key bits: 2048
99. | Not valid before: 2011-02-02 00:00:00
100. | Not valid after: 2013-04-13 23:59:59
101. | MD5: 7920 a56a 7a80 873f 2303 98fd 5711 4c72
102. | SHA-1: 3829 64d1 30e8 d182 52e7 65b8 5c41 5de1 0470 a249
103. | -----BEGIN CERTIFICATE-----
104. | MIIGBzCCBO+gAwIBAgIQGSM5lIzygwVgvQZH7nphlDANBgkqhkiG9w0BAQUFADCB
105. | lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
106. | Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
107. | dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
108. | SGFyZHdhcmUwHhcNMTEwMjAyMDAwMDAwWhcNMTMwNDEzMjM1OTU5WjCCAQsxCzAJ
109. | BgNVBAYTAlVTMRMwEQYDVQQREwoxMTEwMS00NjA1MREwDwYDVQQIEwhOZXcgWW9y
110. | azEZMBcGA1UEBxMQTG9uZyBJc2xhbmQgQ2l0eTEjMCEGA1UECRMaMjQtMDEgNDR0
111. | aCBSb2FkLCA5dGggRmxvb3IxFzAVBgNVBAoTDlVuaXRlZCBOYXRpb25zMQ0wCwYD
112. | VQQLEwRPSUNUMTQwMgYDVQQLEytJc3N1ZWQgdGhyb3VnaCBVbml0ZWQgTmF0aW9u
113. | cyBFLVBLSSBNYW5hZ2VyMSMwIQYDVQQLExpDb21vZG8gUHJlbWl1bVNTTCBXaWxk
114. | Y2FyZDERMA8GA1UEAxQIKi51bi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
115. | ggEKAoIBAQCs1eE0bZ1LBeAYBybTC5K4D7p7jpOvfMqH8uWU5XUz5mD2t8ZuZ/gk
116. | AL3Te23ev32e8bKPkSYym9VgLNZ5CQbh+DG4y6lQNY0kaokMRSYGMhQG8mdUEkcg
117. | u4lvd3V1VZ6HeppcO7ufgn3RbpTSLcgKRlm9UABQmYxZ0nmwW6z9IeGgKPoHn+18
118. | G8HgFuMx4N0+vAbPvuhrurzb3OfWFsj2qE0R3PHtbZ/4lUCB54SG7LtNfsDeqzhp
119. | rlHoD6OB25V1/t5Mt4K38PRa1i52G6J+KcuexxslfS3Kv67eNFik6t3lR3MPDSGw
120. | Vtw1ATyTNW5aHrkq84AbZAKzMi9O7HzxAgMBAAGjggHWMIIB0jAfBgNVHSMEGDAW
121. | gBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUHdeek2FzeALWh9EDbE8s
122. | xfGb4uQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
123. | KwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQMEMCsw
124. | KQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsGA1Ud
125. | HwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VSRmly
126. | c3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQvVVRO
127. | LVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUF
128. | BzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZlckNB
129. | LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBsGA1Ud
130. | EQQUMBKCCCoudW4ub3JnggZ1bi5vcmcwDQYJKoZIhvcNAQEFBQADggEBAG9ajQJE
131. | fC4XCmsdUD0HQ+5PNO1YtusPQD9I7zOgf6c25TMeu7PCblYH7nZq5NiiglchRX6a
132. | VowALfIqjXyEWTDlq94y7JKtv/B62GU1dX7lvNoPS80/e1MzZCzkGa1hHZjiQL7r
133. | kFoSmHeRr8A+fIjJZ85o7x2Y6qZJcjQTtASRAMV4kZEqST+cnRF3Pz8WnGKlFwFn
134. | aUXH/t/MDgQbpa0+tKIg8dAP3Tb43r4051Rius6zOhS5PYOmo4MsBiKOVXHZnT15
135. | vHiNtnSrtsKkxE3xGI7d9x5CC/BLnp8edK5cneCK39+MZFmJmvMFxXwiaIDCiWGx
136. | vhwke7E0HzImDls=
137. |_-----END CERTIFICATE-----
138. |_http-favicon: Unknown favicon MD5: 7ECBB71944F5F183EEB12F80D55D861D
139. | http-robots.txt: 10 disallowed entries
140. | /womenwatch/daw/conf/seforms/l123/d123
141. | /wcm/administration/ /wcm/administrator/ /wcm/ajaxaction/
142. |_/russian/news/mobile/ /common/ /temp/ /temp1/ /temp2/ /test/
143. |_http-iis-webdav-vuln: ERROR: This web server is not supported.
144. | http-trace: TRACE is enabled
145. | Headers:
146. | Date: Wed, 29 Feb 2012 09:21:01 GMT
147. | Server: Apache/Not telling (Unix) AuthTDS/1.1
148. | Content-Type: message/http
149. | Keep-Alive: timeout=5, max=38
150. | Connection: Keep-Alive
151. |_Transfer-Encoding: chunked
152. | http-affiliate-id:
153. |_ Google Analytics ID: UA-4803886-1
154. |_http-date: Wed, 29 Feb 2012 09:21:05 GMT; +1m27s from local time.
155. |_http-userdir-enum: Didn't find any users!
156. | http-php-version: Logo query returned unknown hash 4e6c537e157efab6c6f2a1ef0bd2f41e
157. |_Credits query returned unknown hash 4e6c537e157efab6c6f2a1ef0bd2f41e
158. | ssl-enum-ciphers:
159. | SSLv3
160. | Ciphers (3)
161. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
162. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
163. | TLS_RSA_WITH_RC4_128_SHA - strong
164. | Compressors (1)
165. | NULL
166. | TLSv1.0
167. | Ciphers (5)
168. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
169. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
170. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
171. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
172. | TLS_RSA_WITH_RC4_128_SHA - strong
173. | Compressors (1)
174. | NULL
175. |_ Least strength = unknown strength
176. | ssl-google-cert-catalog:
177. |_ No DB entry
178. | http-domino-enum-passwords:
179. |_ ERROR: No valid credentials were found (see domino-enum-passwords.username and domino-enum-passwords.password)
180. 445/tcp filtered microsoft-ds no-response
181. 3389/tcp filtered ms-term-serv no-response
182.  
183. Network Distance: 2 hops
184. TCP Sequence Prediction: Difficulty=261
185. IP ID Sequence Generation: Incremental
186. Service Info: Device: firewall
187.  
188. Host script results:
189. | dns-blacklist:
190. | PROXY
191. | dnsbl.ahbl.org - FAIL
192. | socks.dnsbl.sorbs.net - FAIL
193. | http.dnsbl.sorbs.net - FAIL
194. | misc.dnsbl.sorbs.net - FAIL
195. | dnsbl.tornevall.org - FAIL
196. | SPAM
197. | dnsbl.ahbl.org - FAIL
198. | dnsbl.inps.de - FAIL
199. | bl.nszones.com - FAIL
200. | l2.apews.org - FAIL
201. | list.quorum.to - FAIL
202. | all.spamrats.com - FAIL
203. | bl.spamcop.net - FAIL
204. | spam.dnsbl.sorbs.net - FAIL
205. |_ sbl.spamhaus.org - FAIL
206. |_dns-brute: Can't guess domain of "157.150.34.32"; use dns-brute.domain script argument.
207. | dns-zeustracker:
208. |_ ERROR: DNS Query failed
209. |_asn-query: No Servers
210. |_path-mtu: PMTU == 1500
211. | firewalk:
212. | HOP HOST PROTOCOL BLOCKED PORTS
213. |_1 127.0.0.1 tcp 23,139,445,3389
214. |_whois: See the result for 157.150.185.0.
215. |_ipidseq: Unknown [used port 21]
216. | ip-geolocation-geoplugin:
217. | 157.150.34.32
218. | coordinates (lat,lon): 40.752799987793,-73.972503662109
219. |_ state: New York, United States
220. | ip-geolocation-geobytes:
221. | 157.150.34.32
222. | coordinates (lat,lon): 40.7488,-73.9846
223. |_ city: New York, New York, United States
224. |_hostmap: Error: found no hostnames but not the marker for "no hostnames found" (pattern error?)
225. | qscan:
226. | PORT FAMILY MEAN (us) STDDEV LOSS (%)
227. | 21 0 370251.10 16504.59 0.0%
228. | 22 1 2194909.70 76813.97 0.0%
229. | 80 0 391551.70 74399.35 0.0%
230. |_443 0 397059.20 90980.39 0.0%
231.  
232. New targets in the scanned cache: 0, pending ones: 0.
233. Post-scan script results:
234. | http-affiliate-id: Possible related sites
235. | Google Analytics ID: UA-4803886-1 used by:
236. | 157.150.34.32:80/
237. | 157.150.34.32:443/
238. | 157.150.185.49:443/
239. |_ 157.150.185.49:80/
240. | reverse-index:
241. | 21/tcp: 157.150.185.49, 157.150.34.32
242. | 80/tcp: 157.150.185.49, 157.150.34.32
243. |_ 443/tcp: 157.150.185.49, 157.150.34.32