API tools faq
paste
Advertisement
Guest User

HivlyHost.com [VULN]

a guest
Aug 8th, 2017
942
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 40.52 KB | None | 0 0
raw download clone embed print report
  1. + -- ----------------------------=[Running Nslookup]=------------------------ -- +
  2. Server: 75.75.75.75
  3. Address: 75.75.75.75#53
  4.  
  5. Non-authoritative answer:
  6. Name: hivlyhost.com
  7. Address: 185.17.151.232
  8.  
  9. hivlyhost.com has address 185.17.151.232
  10. hivlyhost.com mail is handled by 0 hivlyhost.com.
  11. + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
  12.  
  13. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
  14.  
  15. [+] Target is hivlyhost.com
  16. [+] Loading modules.
  17. [+] Following modules are loaded:
  18. [x] [1] ping:icmp_ping - ICMP echo discovery module
  19. [x] [2] ping:tcp_ping - TCP-based ping discovery module
  20. [x] [3] ping:udp_ping - UDP-based ping discovery module
  21. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
  22. [x] [5] infogather:portscan - TCP and UDP PortScanner
  23. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
  24. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
  25. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
  26. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
  27. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
  28. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
  29. [x] [12] fingerprint:smb - SMB fingerprinting module
  30. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
  31. [+] 13 modules registered
  32. [+] Initializing scan engine
  33. [+] Running scan engine
  34. [-] ping:tcp_ping module: no closed/open TCP ports known on 185.17.151.232. Module test failed
  35. [-] ping:udp_ping module: no closed/open UDP ports known on 185.17.151.232. Module test failed
  36. [-] No distance calculation. 185.17.151.232 appears to be dead or no ports known
  37. [+] Host: 185.17.151.232 is up (Guess probability: 50%)
  38. [+] Target: 185.17.151.232 is alive. Round-Trip Time: 0.52129 sec
  39. [+] Selected safe Round-Trip Time value is: 1.04258 sec
  40. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
  41. [-] fingerprint:smb need either TCP port 139 or 445 to run
  42. [-] fingerprint:snmp: need UDP port 161 open
  43. [+] Primary guess:
  44. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  45. [+] Other guesses:
  46. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  47. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  48. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  49. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  50. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  51. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  52. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  53. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  54. [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
  55. [+] Cleaning up scan engine
  56. [+] Modules deinitialized
  57. [+] Execution completed.
  58. + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
  59. Domain Name: HIVLYHOST.COM
  60. Registry Domain ID: 2076788399_DOMAIN_COM-VRSN
  61. Registrar WHOIS Server: whois.porkbun.com
  62. Registrar URL: http://porkbun.com
  63. Updated Date: 2017-08-06T11:36:44Z
  64. Creation Date: 2016-11-25T17:11:51Z
  65. Registry Expiry Date: 2019-11-25T17:11:51Z
  66. Registrar: Porkbun LLC
  67. Registrar IANA ID: 1861
  68. Registrar Abuse Contact Email: abuse@porkbun.com
  69. Registrar Abuse Contact Phone: 5038508351
  70. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  71. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  72. Name Server: NS1.HIVLYHOST.COM
  73. Name Server: NS2.HIVLYHOST.COM
  74. DNSSEC: unsigned
  75. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  76. >>> Last update of whois database: 2017-08-07T22:41:20Z <<<
  77.  
  78. For more information on Whois status codes, please visit https://icann.org/epp
  79.  
  80. NOTICE: The expiration date displayed in this record is the date the
  81. registrar's sponsorship of the domain name registration in the registry is
  82. currently set to expire. This date does not necessarily reflect the expiration
  83. date of the domain name registrant's agreement with the sponsoring
  84. registrar. Users may consult the sponsoring registrar's Whois database to
  85. view the registrar's reported date of expiration for this registration.
  86.  
  87. TERMS OF USE: You are not authorized to access or query our Whois
  88. database through the use of electronic processes that are high-volume and
  89. automated except as reasonably necessary to register domain names or
  90. modify existing registrations; the Data in VeriSign Global Registry
  91. Services' ("VeriSign") Whois database is provided by VeriSign for
  92. information purposes only, and to assist persons in obtaining information
  93. about or related to a domain name registration record. VeriSign does not
  94. guarantee its accuracy. By submitting a Whois query, you agree to abide
  95. by the following terms of use: You agree that you may use this Data only
  96. for lawful purposes and that under no circumstances will you use this Data
  97. to: (1) allow, enable, or otherwise support the transmission of mass
  98. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  99. or facsimile; or (2) enable high volume, automated, electronic processes
  100. that apply to VeriSign (or its computer systems). The compilation,
  101. repackaging, dissemination or other use of this Data is expressly
  102. prohibited without the prior written consent of VeriSign. You agree not to
  103. use electronic processes that are automated and high-volume to access or
  104. query the Whois database except as reasonably necessary to register
  105. domain names or modify existing registrations. VeriSign reserves the right
  106. to restrict your access to the Whois database in its sole discretion to ensure
  107. operational stability. VeriSign may restrict or terminate your access to the
  108. Whois database for failure to abide by these terms of use. VeriSign
  109. reserves the right to modify these terms at any time.
  110.  
  111. The Registry database contains ONLY .COM, .NET, .EDU domains and
  112. Registrars.
  113. + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
  114.  
  115. *******************************************************************
  116. * *
  117. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
  118. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
  119. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
  120. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
  121. * *
  122. * TheHarvester Ver. 2.7 *
  123. * Coded by Christian Martorella *
  124. * Edge-Security Research *
  125. * cmartorella@edge-security.com *
  126. *******************************************************************
  127.  
  128.  
  129. [-] Searching in Bing:
  130. Searching 50 results...
  131. Searching 100 results...
  132.  
  133.  
  134. [+] Emails found:
  135. ------------------
  136. No emails found
  137.  
  138. [+] Hosts found in search engines:
  139. ------------------------------------
  140. No hosts found
  141. + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
  142.  
  143. ; <<>> DiG 9.10.3-P4-Debian <<>> -x hivlyhost.com
  144. ;; global options: +cmd
  145. ;; Got answer:
  146. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38674
  147. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
  148.  
  149. ;; QUESTION SECTION:
  150. ;com.hivlyhost.in-addr.arpa. IN PTR
  151.  
  152. ;; AUTHORITY SECTION:
  153. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017042888 1800 900 604800 3600
  154.  
  155. ;; Query time: 94 msec
  156. ;; SERVER: 75.75.75.75#53(75.75.75.75)
  157. ;; WHEN: Sun Aug 06 09:45:48 UTC 2017
  158. ;; MSG SIZE rcvd: 112
  159.  
  160. dnsenum.pl VERSION:1.2.3
  161.  
  162. ----- hivlyhost.com -----
  163.  
  164.  
  165. Host's addresses:
  166. __________________
  167.  
  168. hivlyhost.com. 41 IN A 185.17.151.232
  169.  
  170.  
  171. Name Servers:
  172. ______________
  173.  
  174. circle2.mainwhm.co.uk. 120 IN A 185.17.151.232
  175. circle1.mainwhm.co.uk. 120 IN A 185.17.151.232
  176.  
  177.  
  178. Mail (MX) Servers:
  179. ___________________
  180.  
  181. hivlyhost.com. 40 IN A 185.17.151.232
  182.  
  183.  
  184. Trying Zone Transfers and getting Bind Versions:
  185. _________________________________________________
  186.  
  187.  
  188. Trying Zone Transfer for hivlyhost.com on circle2.mainwhm.co.uk ...
  189. AXFR record query failed: NOTIMP
  190.  
  191. Trying Zone Transfer for hivlyhost.com on circle1.mainwhm.co.uk ...
  192. AXFR record query failed: NOTIMP
  193.  
  194. brute force file not specified, bay.
  195. + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
  196.  
  197. ╔═╗╦═╗╔╦╗╔═╗╦ ╦
  198. ║ ╠╦╝ ║ ╚═╗╠═╣
  199. ╚═╝╩╚═ ╩o╚═╝╩ ╩
  200. + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
  201.  
  202. airdevs.hivlyhost.com
  203. biscetnews.hivlyhost.com
  204. circle.hivlyhost.com
  205. clients.hivlyhost.com
  206. cloudweb.hivlyhost.com
  207. contabo.hivlyhost.com
  208. cpanel.hivlyhost.com
  209. demo.hivlyhost.com
  210. eurohost.hivlyhost.com
  211. hivlygroup.hivlyhost.com
  212. hivly.hivlyhost.com
  213. *.hivlyhost.com
  214. hivlyhost.hivlyhost.com
  215. hostingtools.hivlyhost.com
  216. ipxdhosting.hivlyhost.com
  217. ithemesp.hivlyhost.com
  218. kierancairns.hivlyhost.com
  219. landing.hivlyhost.com
  220. livenode.hivlyhost.com
  221. mail.hivlyhost.com
  222. mail.ithemesp.hivlyhost.com
  223. pyro.hivlyhost.com
  224. sharedhosting.hivlyhost.com
  225. speedytruckers.hivlyhost.com
  226. status.hivlyhost.com
  227. tools.hivlyhost.com
  228. unlimitedhosting.hivlyhost.com
  229. vimlyhost.hivlyhost.com
  230. webdisk.hivlyhost.com
  231. webmail.hivlyhost.com
  232. whm.hivlyhost.com
  233. www.airdevs.hivlyhost.com
  234. www.biscetnews.hivlyhost.com
  235. www.circle.hivlyhost.com
  236. www.clients.hivlyhost.com
  237. www.contabo.hivlyhost.com
  238. www.demo.hivlyhost.com
  239. www.eurohost.hivlyhost.com
  240. www.hivlygroup.hivlyhost.com
  241. www.hivly.hivlyhost.com
  242. www.hivlyhost.com
  243. www.hivlyhost.hivlyhost.com
  244. www.hostingtools.hivlyhost.com
  245. www.ipxdhosting.hivlyhost.com
  246. www.ithemesp.hivlyhost.com
  247. www.kierancairns.hivlyhost.com
  248. www.landing.hivlyhost.com
  249. www.livenode.hivlyhost.com
  250. www.pyro.hivlyhost.com
  251. www.sharedhosting.hivlyhost.com
  252. www.speedytruckers.hivlyhost.com
  253. www.tools.hivlyhost.com
  254. www.unlimitedhosting.hivlyhost.com
  255. www.vimlyhost.hivlyhost.com
  256. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-hivlyhost.com-full.txt
  257.  
  258. + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
  259. + -- ----------------------------=[Checking Email Security]=----------------- -- +
  260.  
  261. + -- ----------------------------=[Pinging host]=---------------------------- -- +
  262. PING hivlyhost.com (185.17.151.232) 56(84) bytes of data.
  263. 64 bytes from circle.mainwhm.co.uk (185.17.151.232): icmp_seq=1 ttl=42 time=124 ms
  264.  
  265. --- hivlyhost.com ping statistics ---
  266. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  267. rtt min/avg/max/mdev = 124.814/124.814/124.814/0.000 ms
  268.  
  269. + -- ----------------------------=[Running TCP port scan]=------------------- -- +
  270.  
  271. Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 09:45 UTC
  272. Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 0 undergoing Host Discovery
  273. Parallel DNS resolution of 1 host. Timing: About 0.00% done
  274. Nmap scan report for hivlyhost.com (185.17.151.232)
  275. Host is up (1.2s latency).
  276. rDNS record for 185.17.151.232: circle.mainwhm.co.uk
  277. Not shown: 33 filtered ports, 9 closed ports
  278. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  279. PORT STATE SERVICE
  280. 21/tcp open ftp
  281. 22/tcp open ssh
  282. 53/tcp open domain
  283. 80/tcp open http
  284. 110/tcp open pop3
  285. 443/tcp open https
  286. 3306/tcp open mysql
  287.  
  288. Nmap done: 1 IP address (1 host up) scanned in 2.49 seconds
  289.  
  290. + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
  291. + -- --=[Port 21 opened... running tests...
  292.  
  293. Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 09:45 UTC
  294. Nmap scan report for hivlyhost.com (185.17.151.232)
  295. Host is up (0.11s latency).
  296. rDNS record for 185.17.151.232: circle.mainwhm.co.uk
  297. Skipping host hivlyhost.com (185.17.151.232) due to host timeout
  298. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  299. Nmap done: 1 IP address (1 host up) scanned in 902.55 seconds
  300.  
  301.  
  302. _---------.
  303. .' ####### ;."
  304. .---,. ;@ @@`; .---,..
  305. ." @@@@@'.,'@@ @@@@@',.'@@@@ ".
  306. '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
  307. `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
  308. "--'.@@@ -.@ @ ,'- .'--"
  309. ".@' ; @ @ `. ;'
  310. |@@@@ @@@ @ .
  311. ' @@@ @@ @@ ,
  312. `.@@@@ @@ .
  313. ',@@ @ ; _____________
  314. ( 3 C ) /|___ / Metasploit! \
  315. ;@'. __*__,." \|--- \_____________/
  316. '(.,...."/
  317.  
  318.  
  319. Taking notes in notepad? Have Metasploit Pro track & report
  320. your progress and findings -- learn more on http://rapid7.com/metasploit
  321.  
  322. =[ metasploit v4.14.10-dev ]
  323. + -- --=[ 1639 exploits - 944 auxiliary - 289 post ]
  324. + -- --=[ 472 payloads - 40 encoders - 9 nops ]
  325. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
  326.  
  327. RHOST => hivlyhost.com
  328. RHOSTS => hivlyhost.com
  329. [*] hivlyhost.com:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
  330. 220-You are user number 1 of 50 allowed.
  331. 220-Local time is now 23:57. Server port: 21.
  332. 220-This is a private system - No anonymous login
  333. 220-IPv6 connections are also welcome on this server.
  334. 220 You will be disconnected after 15 minutes of inactivity.
  335. [*] hivlyhost.com:21 - USER: 331 User u1mlX:) OK. Password required
  336. [*] Exploit completed, but no session was created.
  337. [*] Started reverse TCP double handler on 10.0.2.15:4444
  338. [*] hivlyhost.com:21 - Sending Backdoor Command
  339. [*] Exploit completed, but no session was created.
  340. + -- --=[Port 22 opened... running tests...
  341. ./sniper: line 849: cd: /usr/share/sniper/plugins/ssh-audit: No such file or directory
  342. python: can't open file 'ssh-audit.py': [Errno 2] No such file or directory
  343.  
  344. Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:01 UTC
  345. Nmap scan report for hivlyhost.com (185.17.151.232)
  346. Host is up (0.39s latency).
  347. rDNS record for 185.17.151.232: circle.mainwhm.co.uk
  348. PORT STATE SERVICE VERSION
  349. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
  350. | ssh-hostkey:
  351. | 1024 6e:9b:97:63:17:4b:6a:d0:86:c9:4b:21:b5:a2:a0:45 (DSA)
  352. |_ 2048 cf:ae:e0:88:c0:a2:8f:4e:cb:d1:dc:d7:8a:1f:9c:fe (RSA)
  353. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  354. Device type: bridge|general purpose
  355. Running (JUST GUESSING): Oracle Virtualbox (98%), QEMU (90%)
  356. OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu
  357. Aggressive OS guesses: Oracle Virtualbox (98%), QEMU user mode network gateway (90%)
  358. No exact OS matches for host (test conditions non-ideal).
  359. Network Distance: 2 hops
  360.  
  361. TRACEROUTE (using port 22/tcp)
  362. HOP RTT ADDRESS
  363. 1 1.94 ms 10.0.2.2
  364. 2 723.18 ms circle.mainwhm.co.uk (185.17.151.232)
  365.  
  366. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  367. Nmap done: 1 IP address (1 host up) scanned in 12.43 seconds
  368.  
  369.  
  370. Metasploit Park, System Security Interface
  371. Version 4.0.5, Alpha E
  372. Ready...
  373. > access security
  374. access: PERMISSION DENIED.
  375. > access security grid
  376. access: PERMISSION DENIED.
  377. > access main security grid
  378. access: PERMISSION DENIED....and...
  379. YOU DIDN'T SAY THE MAGIC WORD!
  380. YOU DIDN'T SAY THE MAGIC WORD!
  381. YOU DIDN'T SAY THE MAGIC WORD!
  382. YOU DIDN'T SAY THE MAGIC WORD!
  383. YOU DIDN'T SAY THE MAGIC WORD!
  384. YOU DIDN'T SAY THE MAGIC WORD!
  385. YOU DIDN'T SAY THE MAGIC WORD!
  386.  
  387.  
  388. Validate lots of vulnerabilities to demonstrate exposure
  389. with Metasploit Pro -- Learn more on http://rapid7.com/metasploit
  390.  
  391. =[ metasploit v4.14.10-dev ]
  392. + -- --=[ 1639 exploits - 944 auxiliary - 289 post ]
  393. + -- --=[ 472 payloads - 40 encoders - 9 nops ]
  394. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
  395.  
  396. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
  397. RHOSTS => hivlyhost.com
  398. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
  399. RHOST => hivlyhost.com
  400. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
  401. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
  402. [*] 185.17.151.232:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
  403. [*] hivlyhost.com:22 - Scanned 1 of 1 hosts (100% complete)
  404. [*] Auxiliary module execution completed
  405. + -- --=[Port 23 closed... skipping.
  406. + -- --=[Port 25 closed... skipping.
  407. + -- --=[Port 53 opened... running tests...
  408.  
  409. Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:02 UTC
  410. Nmap scan report for hivlyhost.com (185.17.151.232)
  411. Host is up (0.058s latency).
  412. rDNS record for 185.17.151.232: circle.mainwhm.co.uk
  413. Skipping host hivlyhost.com (185.17.151.232) due to host timeout
  414. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  415. Nmap done: 1 IP address (1 host up) scanned in 901.67 seconds
  416. + -- --=[Port 79 closed... skipping.
  417. + -- --=[Port 80 opened... running tests...
  418. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
  419.  
  420. ^ ^
  421. _ __ _ ____ _ __ _ _ ____
  422. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  423. | V V // o // _/ | V V // 0 // 0 // _/
  424. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  425. <
  426. ...'
  427.  
  428. WAFW00F - Web Application Firewall Detection Tool
  429.  
  430. By Sandro Gauci && Wendel G. Henrique
  431.  
  432. Checking http://hivlyhost.com
  433. Generic Detection results:
  434. No WAF detected by the generic detection
  435. Number of requests: 17
  436.  
  437. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
  438. http://hivlyhost.com [301 Moved Permanently] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], OpenSSL[1.0.1e-fips], RedirectLocation[https://hivlyhost.com/], Title[301 Moved Permanently]
  439. https://hivlyhost.com/ [200 OK] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], Email[Support@HivlyHost.com], HTML5, HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], JQuery, OpenSSL[1.0.1e-fips], PHP[5.6.31], PasswordField[password], Script[text/javascript], Title[HivlyHost - Next Generation Hosting | Affordable & Reliable], X-Powered-By[PHP/5.6.31]
  440. ./sniper: line 904: xsstracer: command not found
  441.  
  442. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
  443. + -- --=[Checking if X-Content options are enabled on hivlyhost.com...
  444.  
  445. + -- --=[Checking if X-Frame options are enabled on hivlyhost.com...
  446.  
  447. + -- --=[Checking if X-XSS-Protection header is enabled on hivlyhost.com...
  448.  
  449. + -- --=[Checking HTTP methods on hivlyhost.com...
  450.  
  451. + -- --=[Checking if TRACE method is enabled on hivlyhost.com...
  452.  
  453. + -- --=[Checking for META tags on hivlyhost.com...
  454.  
  455. + -- --=[Checking for open proxy on hivlyhost.com...
  456. WebMaster</a>.
  457. </p>
  458. <hr />
  459. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at crowdshield.com Port 80</address>
  460.  
  461.  
  462. <!-- end content -->
  463. </div>
  464. </body>
  465. </html>
  466.  
  467. + -- --=[Enumerating software on hivlyhost.com...
  468. Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  469.  
  470. + -- --=[Checking if Strict-Transport-Security is enabled on hivlyhost.com...
  471.  
  472. + -- --=[Checking for Flash cross-domain policy on hivlyhost.com...
  473. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  474. <html><head>
  475. <title>301 Moved Permanently</title>
  476. </head><body>
  477. <h1>Moved Permanently</h1>
  478. <p>The document has moved <a href="https://hivlyhost.com/crossdomain.xml">here</a>.</p>
  479. <hr>
  480. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
  481. </body></html>
  482.  
  483. + -- --=[Checking for Silverlight cross-domain policy on hivlyhost.com...
  484. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  485. <html><head>
  486. <title>301 Moved Permanently</title>
  487. </head><body>
  488. <h1>Moved Permanently</h1>
  489. <p>The document has moved <a href="https://hivlyhost.com/clientaccesspolicy.xml">here</a>.</p>
  490. <hr>
  491. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
  492. </body></html>
  493.  
  494. + -- --=[Checking for HTML5 cross-origin resource sharing on hivlyhost.com...
  495.  
  496. + -- --=[Retrieving robots.txt on hivlyhost.com...
  497. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  498. <html><head>
  499. <title>301 Moved Permanently</title>
  500. </head><body>
  501. <h1>Moved Permanently</h1>
  502. <p>The document has moved <a href="https://hivlyhost.com/robots.txt">here</a>.</p>
  503. <hr>
  504. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
  505. </body></html>
  506.  
  507. + -- --=[Retrieving sitemap.xml on hivlyhost.com...
  508. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  509. <html><head>
  510. <title>301 Moved Permanently</title>
  511. </head><body>
  512. <h1>Moved Permanently</h1>
  513. <p>The document has moved <a href="https://hivlyhost.com/sitemap.xml">here</a>.</p>
  514. <hr>
  515. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
  516. </body></html>
  517.  
  518. + -- --=[Checking cookie attributes on hivlyhost.com...
  519.  
  520. + -- --=[Checking for ASP.NET Detailed Errors on hivlyhost.com...
  521.  
  522.  
  523. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
  524. - Nikto v2.1.6
  525. ---------------------------------------------------------------------------
  526. + Target IP: 185.17.151.232
  527. + Target Hostname: hivlyhost.com
  528. + Target Port: 80
  529. + Start Time: 2017-08-06 10:18:00 (GMT0)
  530. ---------------------------------------------------------------------------
  531. + Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  532. + The anti-clickjacking X-Frame-Options header is not present.
  533. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  534. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  535. + Root page / redirects to: https://hivlyhost.com/
  536. + No CGI Directories found (use '-C all' to force check all possible dirs)
  537. + Server leaks inodes via ETags, header found with file /, fields: 0x6f 0x548a80258f885
  538. + OpenSSL/1.0.1e-fips appears to be outdated (current is at least 1.0.1j). OpenSSL 1.0.0o and 0.9.8zc are also current.
  539. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
  540. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
  541. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
  542. + 7446 requests: 0 error(s) and 8 item(s) reported on remote host
  543. + End Time: 2017-08-06 10:37:43 (GMT0) (1183 seconds)
  544. ---------------------------------------------------------------------------
  545. + 1 host(s) tested
  546.  
  547.  
  548. *********************************************************************
  549. Portions of the server's headers (Apache/2.4.25) are not in
  550. the Nikto database or are newer than the known string. Would you like
  551. to submit this information (*no server specific data*) to CIRT.net
  552. for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
  553.  
  554. + The anti-clickjacking X-Frame-Options header is not present.
  555. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  556. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  557. + ERROR 302: Update failed, please notify sullo@cirt.net of this code.
  558. + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
  559. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/hivlyhost.com-port80.jpg
  560. + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
  561. ./sniper: line 1003: goohak: command not found
  562. + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
  563. Could not open input file: /usr/share/sniper/bin/inurlbr.php
  564. + -- --=[Port 110 opened... running tests...
  565.  
  566. Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:38 UTC
  567. Nmap scan report for hivlyhost.com (185.17.151.232)
  568. Host is up (0.00089s latency).
  569. rDNS record for 185.17.151.232: circle.mainwhm.co.uk
  570. PORT STATE SERVICE VERSION
  571. 110/tcp filtered pop3
  572. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  573. Aggressive OS guesses: Agfa DryStar 5500 printer (97%), D-Link DP-300U, DP-G310, or Hamlet HPS01UU print server (97%), Tahoe 8216 power management system (97%), TRENDnet TV-IP100 webcam (97%), Linux 1.0.9 (97%), D-Link DIR-655 (95%), OUYA game console (95%), SiliconDust HDHomeRun 3 set top box (95%), Silicondust HDHomeRun set top box (95%), SiliconDust HDHomeRun set top box (95%)
  574. No exact OS matches for host (test conditions non-ideal).
  575. Network Distance: 2 hops
  576.  
  577. TRACEROUTE (using port 80/tcp)
  578. HOP RTT ADDRESS
  579. 1 0.22 ms 10.0.2.2
  580. 2 0.18 ms circle.mainwhm.co.uk (185.17.151.232)
  581.  
  582. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  583. Nmap done: 1 IP address (1 host up) scanned in 4.72 seconds
  584. + -- --=[Port 111 closed... skipping.
  585. + -- --=[Port 135 closed... skipping.
  586. + -- --=[Port 139 closed... skipping.
  587. + -- --=[Port 161 closed... skipping.
  588. + -- --=[Port 162 closed... skipping.
  589. + -- --=[Port 389 closed... skipping.
  590. + -- --=[Port 443 opened... running tests...
  591. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
  592.  
  593. ^ ^
  594. _ __ _ ____ _ __ _ _ ____
  595. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  596. | V V // o // _/ | V V // 0 // 0 // _/
  597. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  598. <
  599. ...'
  600.  
  601. WAFW00F - Web Application Firewall Detection Tool
  602.  
  603. By Sandro Gauci && Wendel G. Henrique
  604.  
  605. Checking https://hivlyhost.com
  606. Generic Detection results:
  607. No WAF detected by the generic detection
  608. Number of requests: 13
  609.  
  610. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
  611. https://hivlyhost.com [200 OK] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], Email[Support@HivlyHost.com], HTML5, HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], JQuery, OpenSSL[1.0.1e-fips], PHP[5.6.31], PasswordField[password], Script[text/javascript], Title[HivlyHost - Next Generation Hosting | Affordable & Reliable], X-Powered-By[PHP/5.6.31]
  612.  
  613. + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
  614.  
  615.  
  616.  
  617. AVAILABLE PLUGINS
  618. -----------------
  619.  
  620. PluginHeartbleed
  621. PluginChromeSha1Deprecation
  622. PluginSessionResumption
  623. PluginCompression
  624. PluginSessionRenegotiation
  625. PluginCertInfo
  626. PluginHSTS
  627. PluginOpenSSLCipherSuites
  628.  
  629.  
  630.  
  631. CHECKING HOST(S) AVAILABILITY
  632. -----------------------------
  633.  
  634. hivlyhost.com:443 => 185.17.151.232:443
  635.  
  636.  
  637.  
  638. SCAN RESULTS FOR HIVLYHOST.COM:443 - 185.17.151.232:443
  639. -------------------------------------------------------
  640.  
  641. * Deflate Compression:
  642. OK - Compression disabled
  643.  
  644. * Session Renegotiation:
  645. Client-initiated Renegotiations: OK - Rejected
  646. Secure Renegotiation: OK - Supported
  647.  
  648. * Certificate - Content:
  649. SHA1 Fingerprint: 63a9e1592754448774dfa0230dd490c4816942b0
  650. Common Name: hivlyhost.com
  651. Issuer: Let's Encrypt Authority X3
  652. Serial Number: 0360A3A0BD6275B05C72309C98CA78C4C8F4
  653. Not Before: Aug 4 23:29:00 2017 GMT
  654. Not After: Nov 2 23:29:00 2017 GMT
  655. Signature Algorithm: sha256WithRSAEncryption
  656. Public Key Algorithm: rsaEncryption
  657. Key Size: 2048 bit
  658. Exponent: 65537 (0x10001)
  659. X509v3 Subject Alternative Name: {'DNS': ['cpanel.hivlyhost.com', 'hivlyhost.com', 'mail.hivlyhost.com', 'webdisk.hivlyhost.com', 'webmail.hivlyhost.com', 'whm.hivlyhost.com', 'www.hivlyhost.com']}
  660.  
  661. * Certificate - Trust:
  662. Hostname Validation: OK - Subject Alternative Name matches
  663. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
  664. Java 6 CA Store (Update 65): OK - Certificate is trusted
  665. Microsoft CA Store (09/2015): OK - Certificate is trusted
  666. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
  667. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
  668. Certificate Chain Received: ['hivlyhost.com', "Let's Encrypt Authority X3"]
  669.  
  670. * Certificate - OCSP Stapling:
  671. OCSP Response Status: successful
  672. Validation w/ Mozilla's CA Store: OK - Response is trusted
  673. Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
  674. Cert Status: good
  675. Cert Serial Number: 0360A3A0BD6275B05C72309C98CA78C4C8F4
  676. This Update: Aug 5 00:00:00 2017 GMT
  677. Next Update: Aug 12 00:00:00 2017 GMT
  678.  
  679. * Session Resumption:
  680. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  681. With TLS Session Tickets: OK - Supported
  682.  
  683. * SSLV2 Cipher Suites:
  684. Server rejected all cipher suites.
  685.  
  686. * SSLV3 Cipher Suites:
  687. Server rejected all cipher suites.
  688.  
  689.  
  690.  
  691. SCAN COMPLETED IN 3.37 S
  692. ------------------------
  693. Version: 1.11.9-static
  694. OpenSSL 1.0.2l-dev xx XXX xxxx
  695.  
  696. Testing SSL server hivlyhost.com on port 443 using SNI name hivlyhost.com
  697.  
  698. TLS Fallback SCSV:
  699. Server supports TLS Fallback SCSV
  700.  
  701. TLS renegotiation:
  702. Secure session renegotiation supported
  703.  
  704. TLS Compression:
  705. Compression disabled
  706.  
  707. Heartbleed:
  708. TLS 1.2 not vulnerable to heartbleed
  709. TLS 1.1 not vulnerable to heartbleed
  710. TLS 1.0 not vulnerable to heartbleed
  711.  
  712. Supported Server Cipher(s):
  713. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  714. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  715. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  716. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
  717. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
  718. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  719. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  720. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  721. Accepted TLSv1.2 256 bits AES256-SHA256
  722. Accepted TLSv1.2 256 bits AES256-SHA
  723. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  724. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  725. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  726. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  727. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
  728. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
  729. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  730. Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
  731. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  732. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  733. Accepted TLSv1.2 128 bits AES128-SHA256
  734. Accepted TLSv1.2 128 bits AES128-SHA
  735. Accepted TLSv1.2 128 bits SEED-SHA
  736. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  737. Accepted TLSv1.2 128 bits IDEA-CBC-SHA
  738. Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
  739. Accepted TLSv1.2 128 bits RC4-SHA
  740. Accepted TLSv1.2 128 bits RC4-MD5
  741. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  742. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
  743. Accepted TLSv1.2 112 bits DES-CBC3-SHA
  744. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  745. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  746. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  747. Accepted TLSv1.1 256 bits AES256-SHA
  748. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  749. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  750. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  751. Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
  752. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  753. Accepted TLSv1.1 128 bits AES128-SHA
  754. Accepted TLSv1.1 128 bits SEED-SHA
  755. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  756. Accepted TLSv1.1 128 bits IDEA-CBC-SHA
  757. Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
  758. Accepted TLSv1.1 128 bits RC4-SHA
  759. Accepted TLSv1.1 128 bits RC4-MD5
  760. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  761. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
  762. Accepted TLSv1.1 112 bits DES-CBC3-SHA
  763. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  764. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  765. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  766. Accepted TLSv1.0 256 bits AES256-SHA
  767. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  768. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  769. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  770. Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
  771. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  772. Accepted TLSv1.0 128 bits AES128-SHA
  773. Accepted TLSv1.0 128 bits SEED-SHA
  774. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  775. Accepted TLSv1.0 128 bits IDEA-CBC-SHA
  776. Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
  777. Accepted TLSv1.0 128 bits RC4-SHA
  778. Accepted TLSv1.0 128 bits RC4-MD5
  779. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  780. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
  781. Accepted TLSv1.0 112 bits DES-CBC3-SHA
  782.  
  783. SSL Certificate:
  784. Signature Algorithm: sha256WithRSAEncryption
  785. RSA Key Strength: 2048
  786.  
  787. Subject: hivlyhost.com
  788. Altnames: DNS:cpanel.hivlyhost.com, DNS:hivlyhost.com, DNS:mail.hivlyhost.com, DNS:webdisk.hivlyhost.com, DNS:webmail.hivlyhost.com, DNS:whm.hivlyhost.com, DNS:www.hivlyhost.com
  789. Issuer: Let's Encrypt Authority X3
  790.  
  791. Not valid before: Aug 4 23:29:00 2017 GMT
  792. Not valid after: Nov 2 23:29:00 2017 GMT
  793. ./sniper: line 1093: testssl: command not found
  794.  
  795. ./sniper: line 1095: cd: /usr/share/sniper/plugins/MassBleed: No such file or directory
  796. ./sniper: line 1096: ./massbleed: No such file or directory
  797. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
  798. + -- --=[Checking if X-Content options are enabled on hivlyhost.com...
  799.  
  800. + -- --=[Checking if X-Frame options are enabled on hivlyhost.com...
  801.  
  802. + -- --=[Checking if X-XSS-Protection header is enabled on hivlyhost.com...
  803.  
  804. + -- --=[Checking HTTP methods on hivlyhost.com...
  805.  
  806. + -- --=[Checking if TRACE method is enabled on hivlyhost.com...
  807.  
  808. + -- --=[Checking for META tags on hivlyhost.com...
  809. <meta charset="utf-8">
  810. <meta name="viewport" content="width=device-width, initial-scale=1">
  811. <meta name="Description" content="HivlyHost provides everything you need to get online from hosting, to domains and even web design at an affordable price with amazing features and customer service!">
  812.  
  813. + -- --=[Checking for open proxy on hivlyhost.com...
  814.  
  815. + -- --=[Enumerating software on hivlyhost.com...
  816. Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  817. X-Powered-By: PHP/5.6.31
  818.  
  819. + -- --=[Checking if Strict-Transport-Security is enabled on hivlyhost.com...
  820.  
  821. + -- --=[Checking for Flash cross-domain policy on hivlyhost.com...
  822. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  823. <html><head>
  824. <title>302 Found</title>
  825. </head><body>
  826. <h1>Found</h1>
  827. <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
  828. <hr>
  829. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
  830. </body></html>
  831.  
  832. + -- --=[Checking for Silverlight cross-domain policy on hivlyhost.com...
  833. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  834. <html><head>
  835. <title>302 Found</title>
  836. </head><body>
  837. <h1>Found</h1>
  838. <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
  839. <hr>
  840. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
  841. </body></html>
  842.  
  843. + -- --=[Checking for HTML5 cross-origin resource sharing on hivlyhost.com...
  844.  
  845. + -- --=[Retrieving robots.txt on hivlyhost.com...
  846. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  847. <html><head>
  848. <title>302 Found</title>
  849. </head><body>
  850. <h1>Found</h1>
  851. <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
  852. <hr>
  853. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
  854. </body></html>
  855.  
  856. + -- --=[Retrieving sitemap.xml on hivlyhost.com...
  857. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  858. <html><head>
  859. <title>302 Found</title>
  860. </head><body>
  861. <h1>Found</h1>
  862. <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
  863. <hr>
  864. <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
  865. </body></html>
  866.  
  867. + -- --=[Checking cookie attributes on hivlyhost.com...
  868.  
  869. + -- --=[Checking for ASP.NET Detailed Errors on hivlyhost.com...
  870.  
  871.  
  872. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
  873. - Nikto v2.1.6
  874. ---------------------------------------------------------------------------
  875. + Target IP: 185.17.151.232
  876. + Target Hostname: hivlyhost.com
  877. + Target Port: 443
  878. ---------------------------------------------------------------------------
  879. + SSL Info: Subject: /CN=hivlyhost.com
  880. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
  881. Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
  882. + Start Time: 2017-08-06 10:39:50 (GMT0)
  883. ---------------------------------------------------------------------------
  884. + Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  885. + Retrieved x-powered-by header: PHP/5.6.31
  886. + The anti-clickjacking X-Frame-Options header is not present.
  887. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  888. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
  889. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  890. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
  891. + OpenSSL/1.0.1e-fips appears to be outdated (current is at least 1.0.1j). OpenSSL 1.0.0o and 0.9.8zc are also current.
  892. + Server leaks inodes via ETags, header found with file /hivlyhost.zip, fields: 0x5c019b3 0x5554494caa980
  893. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
  894. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
  895. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!