Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- + -- ----------------------------=[Running Nslookup]=------------------------ -- +
- Server: 75.75.75.75
- Address: 75.75.75.75#53
- Non-authoritative answer:
- Name: hivlyhost.com
- Address: 185.17.151.232
- hivlyhost.com has address 185.17.151.232
- hivlyhost.com mail is handled by 0 hivlyhost.com.
- + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is hivlyhost.com
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 185.17.151.232. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 185.17.151.232. Module test failed
- [-] No distance calculation. 185.17.151.232 appears to be dead or no ports known
- [+] Host: 185.17.151.232 is up (Guess probability: 50%)
- [+] Target: 185.17.151.232 is alive. Round-Trip Time: 0.52129 sec
- [+] Selected safe Round-Trip Time value is: 1.04258 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [-] fingerprint:snmp: need UDP port 161 open
- [+] Primary guess:
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Host 185.17.151.232 Running OS: (Guess probability: 100%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
- Domain Name: HIVLYHOST.COM
- Registry Domain ID: 2076788399_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.porkbun.com
- Registrar URL: http://porkbun.com
- Updated Date: 2017-08-06T11:36:44Z
- Creation Date: 2016-11-25T17:11:51Z
- Registry Expiry Date: 2019-11-25T17:11:51Z
- Registrar: Porkbun LLC
- Registrar IANA ID: 1861
- Registrar Abuse Contact Email: abuse@porkbun.com
- Registrar Abuse Contact Phone: 5038508351
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.HIVLYHOST.COM
- Name Server: NS2.HIVLYHOST.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2017-08-07T22:41:20Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- No hosts found
- + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x hivlyhost.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38674
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;com.hivlyhost.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017042888 1800 900 604800 3600
- ;; Query time: 94 msec
- ;; SERVER: 75.75.75.75#53(75.75.75.75)
- ;; WHEN: Sun Aug 06 09:45:48 UTC 2017
- ;; MSG SIZE rcvd: 112
- dnsenum.pl VERSION:1.2.3
- ----- hivlyhost.com -----
- Host's addresses:
- __________________
- hivlyhost.com. 41 IN A 185.17.151.232
- Name Servers:
- ______________
- circle2.mainwhm.co.uk. 120 IN A 185.17.151.232
- circle1.mainwhm.co.uk. 120 IN A 185.17.151.232
- Mail (MX) Servers:
- ___________________
- hivlyhost.com. 40 IN A 185.17.151.232
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for hivlyhost.com on circle2.mainwhm.co.uk ...
- AXFR record query failed: NOTIMP
- Trying Zone Transfer for hivlyhost.com on circle1.mainwhm.co.uk ...
- AXFR record query failed: NOTIMP
- brute force file not specified, bay.
- + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
- ╔═╗╦═╗╔╦╗╔═╗╦ ╦
- ║ ╠╦╝ ║ ╚═╗╠═╣
- ╚═╝╩╚═ ╩o╚═╝╩ ╩
- + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
- airdevs.hivlyhost.com
- biscetnews.hivlyhost.com
- circle.hivlyhost.com
- clients.hivlyhost.com
- cloudweb.hivlyhost.com
- contabo.hivlyhost.com
- cpanel.hivlyhost.com
- demo.hivlyhost.com
- eurohost.hivlyhost.com
- hivlygroup.hivlyhost.com
- hivly.hivlyhost.com
- *.hivlyhost.com
- hivlyhost.hivlyhost.com
- hostingtools.hivlyhost.com
- ipxdhosting.hivlyhost.com
- ithemesp.hivlyhost.com
- kierancairns.hivlyhost.com
- landing.hivlyhost.com
- livenode.hivlyhost.com
- mail.hivlyhost.com
- mail.ithemesp.hivlyhost.com
- pyro.hivlyhost.com
- sharedhosting.hivlyhost.com
- speedytruckers.hivlyhost.com
- status.hivlyhost.com
- tools.hivlyhost.com
- unlimitedhosting.hivlyhost.com
- vimlyhost.hivlyhost.com
- webdisk.hivlyhost.com
- webmail.hivlyhost.com
- whm.hivlyhost.com
- www.airdevs.hivlyhost.com
- www.biscetnews.hivlyhost.com
- www.circle.hivlyhost.com
- www.clients.hivlyhost.com
- www.contabo.hivlyhost.com
- www.demo.hivlyhost.com
- www.eurohost.hivlyhost.com
- www.hivlygroup.hivlyhost.com
- www.hivly.hivlyhost.com
- www.hivlyhost.com
- www.hivlyhost.hivlyhost.com
- www.hostingtools.hivlyhost.com
- www.ipxdhosting.hivlyhost.com
- www.ithemesp.hivlyhost.com
- www.kierancairns.hivlyhost.com
- www.landing.hivlyhost.com
- www.livenode.hivlyhost.com
- www.pyro.hivlyhost.com
- www.sharedhosting.hivlyhost.com
- www.speedytruckers.hivlyhost.com
- www.tools.hivlyhost.com
- www.unlimitedhosting.hivlyhost.com
- www.vimlyhost.hivlyhost.com
- [+] Domains saved to: /usr/share/sniper/loot/domains/domains-hivlyhost.com-full.txt
- + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
- + -- ----------------------------=[Checking Email Security]=----------------- -- +
- + -- ----------------------------=[Pinging host]=---------------------------- -- +
- PING hivlyhost.com (185.17.151.232) 56(84) bytes of data.
- 64 bytes from circle.mainwhm.co.uk (185.17.151.232): icmp_seq=1 ttl=42 time=124 ms
- --- hivlyhost.com ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 124.814/124.814/124.814/0.000 ms
- + -- ----------------------------=[Running TCP port scan]=------------------- -- +
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 09:45 UTC
- Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 0 undergoing Host Discovery
- Parallel DNS resolution of 1 host. Timing: About 0.00% done
- Nmap scan report for hivlyhost.com (185.17.151.232)
- Host is up (1.2s latency).
- rDNS record for 185.17.151.232: circle.mainwhm.co.uk
- Not shown: 33 filtered ports, 9 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 443/tcp open https
- 3306/tcp open mysql
- Nmap done: 1 IP address (1 host up) scanned in 2.49 seconds
- + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
- + -- --=[Port 21 opened... running tests...
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 09:45 UTC
- Nmap scan report for hivlyhost.com (185.17.151.232)
- Host is up (0.11s latency).
- rDNS record for 185.17.151.232: circle.mainwhm.co.uk
- Skipping host hivlyhost.com (185.17.151.232) due to host timeout
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 902.55 seconds
- _---------.
- .' ####### ;."
- .---,. ;@ @@`; .---,..
- ." @@@@@'.,'@@ @@@@@',.'@@@@ ".
- '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
- `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
- "--'.@@@ -.@ @ ,'- .'--"
- ".@' ; @ @ `. ;'
- |@@@@ @@@ @ .
- ' @@@ @@ @@ ,
- `.@@@@ @@ .
- ',@@ @ ; _____________
- ( 3 C ) /|___ / Metasploit! \
- ;@'. __*__,." \|--- \_____________/
- '(.,...."/
- Taking notes in notepad? Have Metasploit Pro track & report
- your progress and findings -- learn more on http://rapid7.com/metasploit
- =[ metasploit v4.14.10-dev ]
- + -- --=[ 1639 exploits - 944 auxiliary - 289 post ]
- + -- --=[ 472 payloads - 40 encoders - 9 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- RHOST => hivlyhost.com
- RHOSTS => hivlyhost.com
- [*] hivlyhost.com:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
- 220-You are user number 1 of 50 allowed.
- 220-Local time is now 23:57. Server port: 21.
- 220-This is a private system - No anonymous login
- 220-IPv6 connections are also welcome on this server.
- 220 You will be disconnected after 15 minutes of inactivity.
- [*] hivlyhost.com:21 - USER: 331 User u1mlX:) OK. Password required
- [*] Exploit completed, but no session was created.
- [*] Started reverse TCP double handler on 10.0.2.15:4444
- [*] hivlyhost.com:21 - Sending Backdoor Command
- [*] Exploit completed, but no session was created.
- + -- --=[Port 22 opened... running tests...
- ./sniper: line 849: cd: /usr/share/sniper/plugins/ssh-audit: No such file or directory
- python: can't open file 'ssh-audit.py': [Errno 2] No such file or directory
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:01 UTC
- Nmap scan report for hivlyhost.com (185.17.151.232)
- Host is up (0.39s latency).
- rDNS record for 185.17.151.232: circle.mainwhm.co.uk
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- | ssh-hostkey:
- | 1024 6e:9b:97:63:17:4b:6a:d0:86:c9:4b:21:b5:a2:a0:45 (DSA)
- |_ 2048 cf:ae:e0:88:c0:a2:8f:4e:cb:d1:dc:d7:8a:1f:9c:fe (RSA)
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: bridge|general purpose
- Running (JUST GUESSING): Oracle Virtualbox (98%), QEMU (90%)
- OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu
- Aggressive OS guesses: Oracle Virtualbox (98%), QEMU user mode network gateway (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 2 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 1.94 ms 10.0.2.2
- 2 723.18 ms circle.mainwhm.co.uk (185.17.151.232)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 12.43 seconds
- Metasploit Park, System Security Interface
- Version 4.0.5, Alpha E
- Ready...
- > access security
- access: PERMISSION DENIED.
- > access security grid
- access: PERMISSION DENIED.
- > access main security grid
- access: PERMISSION DENIED....and...
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- Validate lots of vulnerabilities to demonstrate exposure
- with Metasploit Pro -- Learn more on http://rapid7.com/metasploit
- =[ metasploit v4.14.10-dev ]
- + -- --=[ 1639 exploits - 944 auxiliary - 289 post ]
- + -- --=[ 472 payloads - 40 encoders - 9 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => hivlyhost.com
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => hivlyhost.com
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
- [*] 185.17.151.232:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
- [*] hivlyhost.com:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 opened... running tests...
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:02 UTC
- Nmap scan report for hivlyhost.com (185.17.151.232)
- Host is up (0.058s latency).
- rDNS record for 185.17.151.232: circle.mainwhm.co.uk
- Skipping host hivlyhost.com (185.17.151.232) due to host timeout
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 901.67 seconds
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://hivlyhost.com
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 17
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- http://hivlyhost.com [301 Moved Permanently] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], OpenSSL[1.0.1e-fips], RedirectLocation[https://hivlyhost.com/], Title[301 Moved Permanently]
- https://hivlyhost.com/ [200 OK] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], Email[Support@HivlyHost.com], HTML5, HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], JQuery, OpenSSL[1.0.1e-fips], PHP[5.6.31], PasswordField[password], Script[text/javascript], Title[HivlyHost - Next Generation Hosting | Affordable & Reliable], X-Powered-By[PHP/5.6.31]
- ./sniper: line 904: xsstracer: command not found
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on hivlyhost.com...
- + -- --=[Checking if X-Frame options are enabled on hivlyhost.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on hivlyhost.com...
- + -- --=[Checking HTTP methods on hivlyhost.com...
- + -- --=[Checking if TRACE method is enabled on hivlyhost.com...
- + -- --=[Checking for META tags on hivlyhost.com...
- + -- --=[Checking for open proxy on hivlyhost.com...
- WebMaster</a>.
- </p>
- <hr />
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at crowdshield.com Port 80</address>
- <!-- end content -->
- </div>
- </body>
- </html>
- + -- --=[Enumerating software on hivlyhost.com...
- Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- + -- --=[Checking if Strict-Transport-Security is enabled on hivlyhost.com...
- + -- --=[Checking for Flash cross-domain policy on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>301 Moved Permanently</title>
- </head><body>
- <h1>Moved Permanently</h1>
- <p>The document has moved <a href="https://hivlyhost.com/crossdomain.xml">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>301 Moved Permanently</title>
- </head><body>
- <h1>Moved Permanently</h1>
- <p>The document has moved <a href="https://hivlyhost.com/clientaccesspolicy.xml">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on hivlyhost.com...
- + -- --=[Retrieving robots.txt on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>301 Moved Permanently</title>
- </head><body>
- <h1>Moved Permanently</h1>
- <p>The document has moved <a href="https://hivlyhost.com/robots.txt">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
- </body></html>
- + -- --=[Retrieving sitemap.xml on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>301 Moved Permanently</title>
- </head><body>
- <h1>Moved Permanently</h1>
- <p>The document has moved <a href="https://hivlyhost.com/sitemap.xml">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 80</address>
- </body></html>
- + -- --=[Checking cookie attributes on hivlyhost.com...
- + -- --=[Checking for ASP.NET Detailed Errors on hivlyhost.com...
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 185.17.151.232
- + Target Hostname: hivlyhost.com
- + Target Port: 80
- + Start Time: 2017-08-06 10:18:00 (GMT0)
- ---------------------------------------------------------------------------
- + Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: https://hivlyhost.com/
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Server leaks inodes via ETags, header found with file /, fields: 0x6f 0x548a80258f885
- + OpenSSL/1.0.1e-fips appears to be outdated (current is at least 1.0.1j). OpenSSL 1.0.0o and 0.9.8zc are also current.
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
- + 7446 requests: 0 error(s) and 8 item(s) reported on remote host
- + End Time: 2017-08-06 10:37:43 (GMT0) (1183 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- *********************************************************************
- Portions of the server's headers (Apache/2.4.25) are not in
- the Nikto database or are newer than the known string. Would you like
- to submit this information (*no server specific data*) to CIRT.net
- for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + ERROR 302: Update failed, please notify sullo@cirt.net of this code.
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/hivlyhost.com-port80.jpg
- + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
- ./sniper: line 1003: goohak: command not found
- + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
- Could not open input file: /usr/share/sniper/bin/inurlbr.php
- + -- --=[Port 110 opened... running tests...
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-06 10:38 UTC
- Nmap scan report for hivlyhost.com (185.17.151.232)
- Host is up (0.00089s latency).
- rDNS record for 185.17.151.232: circle.mainwhm.co.uk
- PORT STATE SERVICE VERSION
- 110/tcp filtered pop3
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Agfa DryStar 5500 printer (97%), D-Link DP-300U, DP-G310, or Hamlet HPS01UU print server (97%), Tahoe 8216 power management system (97%), TRENDnet TV-IP100 webcam (97%), Linux 1.0.9 (97%), D-Link DIR-655 (95%), OUYA game console (95%), SiliconDust HDHomeRun 3 set top box (95%), Silicondust HDHomeRun set top box (95%), SiliconDust HDHomeRun set top box (95%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 2 hops
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 0.22 ms 10.0.2.2
- 2 0.18 ms circle.mainwhm.co.uk (185.17.151.232)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 4.72 seconds
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://hivlyhost.com
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- https://hivlyhost.com [200 OK] Apache[2.4.25][mod_bwlimited/1.4], Country[UNITED KINGDOM][GB], Email[Support@HivlyHost.com], HTML5, HTTPServer[Unix][Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4], IP[185.17.151.232], JQuery, OpenSSL[1.0.1e-fips], PHP[5.6.31], PasswordField[password], Script[text/javascript], Title[HivlyHost - Next Generation Hosting | Affordable & Reliable], X-Powered-By[PHP/5.6.31]
- + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
- AVAILABLE PLUGINS
- -----------------
- PluginHeartbleed
- PluginChromeSha1Deprecation
- PluginSessionResumption
- PluginCompression
- PluginSessionRenegotiation
- PluginCertInfo
- PluginHSTS
- PluginOpenSSLCipherSuites
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- hivlyhost.com:443 => 185.17.151.232:443
- SCAN RESULTS FOR HIVLYHOST.COM:443 - 185.17.151.232:443
- -------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 63a9e1592754448774dfa0230dd490c4816942b0
- Common Name: hivlyhost.com
- Issuer: Let's Encrypt Authority X3
- Serial Number: 0360A3A0BD6275B05C72309C98CA78C4C8F4
- Not Before: Aug 4 23:29:00 2017 GMT
- Not After: Nov 2 23:29:00 2017 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['cpanel.hivlyhost.com', 'hivlyhost.com', 'mail.hivlyhost.com', 'webdisk.hivlyhost.com', 'webmail.hivlyhost.com', 'whm.hivlyhost.com', 'www.hivlyhost.com']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['hivlyhost.com', "Let's Encrypt Authority X3"]
- * Certificate - OCSP Stapling:
- OCSP Response Status: successful
- Validation w/ Mozilla's CA Store: OK - Response is trusted
- Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
- Cert Status: good
- Cert Serial Number: 0360A3A0BD6275B05C72309C98CA78C4C8F4
- This Update: Aug 5 00:00:00 2017 GMT
- Next Update: Aug 12 00:00:00 2017 GMT
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 3.37 S
- ------------------------
- Version: 1.11.9-static
- OpenSSL 1.0.2l-dev xx XXX xxxx
- Testing SSL server hivlyhost.com on port 443 using SNI name hivlyhost.com
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits SEED-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 128 bits IDEA-CBC-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits RC4-SHA
- Accepted TLSv1.2 128 bits RC4-MD5
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits SEED-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 128 bits IDEA-CBC-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits RC4-SHA
- Accepted TLSv1.1 128 bits RC4-MD5
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits SEED-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 128 bits IDEA-CBC-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits RC4-SHA
- Accepted TLSv1.0 128 bits RC4-MD5
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: hivlyhost.com
- Altnames: DNS:cpanel.hivlyhost.com, DNS:hivlyhost.com, DNS:mail.hivlyhost.com, DNS:webdisk.hivlyhost.com, DNS:webmail.hivlyhost.com, DNS:whm.hivlyhost.com, DNS:www.hivlyhost.com
- Issuer: Let's Encrypt Authority X3
- Not valid before: Aug 4 23:29:00 2017 GMT
- Not valid after: Nov 2 23:29:00 2017 GMT
- ./sniper: line 1093: testssl: command not found
- ./sniper: line 1095: cd: /usr/share/sniper/plugins/MassBleed: No such file or directory
- ./sniper: line 1096: ./massbleed: No such file or directory
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on hivlyhost.com...
- + -- --=[Checking if X-Frame options are enabled on hivlyhost.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on hivlyhost.com...
- + -- --=[Checking HTTP methods on hivlyhost.com...
- + -- --=[Checking if TRACE method is enabled on hivlyhost.com...
- + -- --=[Checking for META tags on hivlyhost.com...
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <meta name="Description" content="HivlyHost provides everything you need to get online from hosting, to domains and even web design at an affordable price with amazing features and customer service!">
- + -- --=[Checking for open proxy on hivlyhost.com...
- + -- --=[Enumerating software on hivlyhost.com...
- Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- X-Powered-By: PHP/5.6.31
- + -- --=[Checking if Strict-Transport-Security is enabled on hivlyhost.com...
- + -- --=[Checking for Flash cross-domain policy on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on hivlyhost.com...
- + -- --=[Retrieving robots.txt on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
- </body></html>
- + -- --=[Retrieving sitemap.xml on hivlyhost.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>302 Found</title>
- </head><body>
- <h1>Found</h1>
- <p>The document has moved <a href="https://HivlyHost.com/">here</a>.</p>
- <hr>
- <address>Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at hivlyhost.com Port 443</address>
- </body></html>
- + -- --=[Checking cookie attributes on hivlyhost.com...
- + -- --=[Checking for ASP.NET Detailed Errors on hivlyhost.com...
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 185.17.151.232
- + Target Hostname: hivlyhost.com
- + Target Port: 443
- ---------------------------------------------------------------------------
- + SSL Info: Subject: /CN=hivlyhost.com
- Ciphers: ECDHE-RSA-AES256-GCM-SHA384
- Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
- + Start Time: 2017-08-06 10:39:50 (GMT0)
- ---------------------------------------------------------------------------
- + Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- + Retrieved x-powered-by header: PHP/5.6.31
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
- + OpenSSL/1.0.1e-fips appears to be outdated (current is at least 1.0.1j). OpenSSL 1.0.0o and 0.9.8zc are also current.
- + Server leaks inodes via ETags, header found with file /hivlyhost.zip, fields: 0x5c019b3 0x5554494caa980
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement