API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OpDomesticTerrorism Full Recon #10

a guest
Oct 26th, 2018
924
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.36 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Nom de l'hôte www.theuka.us FAI GoDaddy.com, LLC
  3. Continent Asie Drapeau
  4. SG
  5. Pays Singapour Code du pays SG
  6. Région Inconnu Heure locale 21 Oct 2018 05:39 +08
  7. Ville Inconnu Code Postal Inconnu
  8. Adresse IP 182.50.132.242 Latitude 1.367
  9. Longitude 103.8
  10. #######################################################################################################################################
  11. Server: 10.211.254.254
  12. Address: 10.211.254.254#53
  13.  
  14. ** server can't find A: NXDOMAIN
  15. > www.theuka.us
  16. Server: 10.211.254.254
  17. Address: 10.211.254.254#53
  18.  
  19. Non-authoritative answer:
  20. www.theuka.us canonical name = theuka.us.
  21. Name: theuka.us
  22. Address: 182.50.132.242
  23. #######################################################################################################################################
  24. HostIP:182.50.132.242
  25. HostName:www.theuka.us
  26.  
  27. Gathered Inet-whois information for 182.50.132.242
  28. ---------------------------------------------------------------------------------------------------------------------------------------
  29.  
  30.  
  31. inetnum: 182.0.0.0 - 182.255.255.255
  32. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  33. descr: IPv4 address block not managed by the RIPE NCC
  34. remarks: ------------------------------------------------------
  35. remarks:
  36. remarks: You can find the whois server to query, or the
  37. remarks: IANA registry to query on this web page:
  38. remarks: http://www.iana.org/assignments/ipv4-address-space
  39. remarks:
  40. remarks: You can access databases of other RIRs at:
  41. remarks:
  42. remarks: AFRINIC (Africa)
  43. remarks: http://www.afrinic.net/ whois.afrinic.net
  44. remarks:
  45. remarks: APNIC (Asia Pacific)
  46. remarks: http://www.apnic.net/ whois.apnic.net
  47. remarks:
  48. remarks: ARIN (Northern America)
  49. remarks: http://www.arin.net/ whois.arin.net
  50. remarks:
  51. remarks: LACNIC (Latin America and the Carribean)
  52. remarks: http://www.lacnic.net/ whois.lacnic.net
  53. remarks:
  54. remarks: IANA IPV4 Recovered Address Space
  55. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
  56. remarks:
  57. remarks: ------------------------------------------------------
  58. country: EU # Country is really world wide
  59. admin-c: IANA1-RIPE
  60. tech-c: IANA1-RIPE
  61. status: ALLOCATED UNSPECIFIED
  62. mnt-by: RIPE-NCC-HM-MNT
  63. mnt-lower: RIPE-NCC-HM-MNT
  64. created: 2014-11-07T14:14:58Z
  65. last-modified: 2018-09-04T13:31:20Z
  66. source: RIPE
  67.  
  68. role: Internet Assigned Numbers Authority
  69. address: see http://www.iana.org.
  70. admin-c: IANA1-RIPE
  71. tech-c: IANA1-RIPE
  72. nic-hdl: IANA1-RIPE
  73. remarks: For more information on IANA services
  74. remarks: go to IANA web site at http://www.iana.org.
  75. mnt-by: RIPE-NCC-MNT
  76. created: 1970-01-01T00:00:00Z
  77. last-modified: 2001-09-22T09:31:27Z
  78. source: RIPE # Filtered
  79.  
  80. % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
  81.  
  82.  
  83.  
  84. Gathered Inic-whois information for theuka.us
  85. ---------------------------------------------------------------------------------------------------------------------------------------
  86. Domain Name: theuka.us
  87. Registry Domain ID: D32964433-US
  88. Registrar WHOIS Server: whois.godaddy.com
  89. Registrar URL: whois.godaddy.com
  90. Updated Date: 2018-06-14T12:31:59Z
  91. Creation Date: 2011-06-09T13:38:03Z
  92. Registry Expiry Date: 2019-06-08T23:59:59Z
  93. Registrar: GoDaddy.com, Inc.
  94. Registrar IANA ID: 146
  95. Registrar Abuse Contact Email: abuse@godaddy.com
  96. Registrar Abuse Contact Phone: +1.4806242505
  97. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  98. Domain Status: clientRenewProhibited https://ica�U@nn.or���|%g/�epp#clD����ieU@ntRenJ����ew�U@Prohi�������bited
  99. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  100. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  101. Registry Registrant ID: C32964429-US
  102. Registrant Name: Bradley Jenkins
  103. Registrant Organization: UKA
  104. Registrant Street: 418 Amason Rd
  105. Registrant Street:
  106. Registrant Street:
  107. Registrant City: Lineville
  108. Registrant State/Province: Alabama
  109. Registrant Postal Code: 36266
  110. Registrant Country: US
  111. Registrant Phone: +1.2562528047
  112. Registrant Phone Ext:
  113. Registrant Fax:
  114. Registrant Fax Ext:
  115. Registrant Email: jenkinsbradleys33@outlook.com
  116. Registrant Application Purpose: P3
  117. Registrant Nexus Category: C21
  118. Registry Admin ID: C32964431-US
  119. Admin Name: Bradley Jenkins
  120. Admin Organization: UKA
  121. Admin Street: 418 Amason Rd
  122. Admin Street:
  123. Admin Street:
  124. Admin City: Lineville
  125. Admin State/Province: Alabama
  126. Admin Postal Code: 36266
  127. Admin Country: US
  128. Admin Phone: +1.2562528047
  129. Admin Phone Ext:
  130. Admin Fax:
  131. Admin Fax Ext:
  132. Admin Email: jenkinsbradleys33@outlook.com
  133. Admin Application Purpose: P3
  134. Admin Nexus Category: C21
  135. Registry Tech ID: C32964430-US
  136. Tech Name: Bradley Jenkins
  137. Tech Organization: UKA
  138. Tech Street: 418 Amason Rd
  139. Tech Street:
  140. Tech Street:
  141. Tech City: Lineville
  142. Tech State/Province: Alabama
  143. Tech Postal Code: 36266
  144. Tech Country: US
  145. Tech Phone: +1.2562528047
  146. Tech Phone Ext:
  147. Tech Fax:
  148. Tech Fax Ext:
  149. Tech Email: jenkinsbradleys33@outlook.com
  150. Tech Application Purpose: P3
  151. Tech Nexus Category: C21
  152. Name Server: ns78.domaincontrol.com
  153. Name Server: ns77.domaincontrol.com
  154. DNSSEC: unsigned
  155. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  156. >>> Last update of WHOIS database: 2018-10-20T21:43:46Z <<<
  157.  
  158. #######################################################################################################################################
  159. [i] Scanning Site: http://www.theuka.us
  160.  
  161.  
  162.  
  163. B A S I C I N F O
  164. =======================================================================================================================================
  165.  
  166.  
  167. [+] Site Title: Home
  168. [+] IP address: 182.50.132.242
  169. [+] Web Server: DPS/1.4.17
  170. [+] CMS: Could Not Detect
  171. [+] Cloudflare: Not Detected
  172. [+] Robots File: Found
  173.  
  174. -------------[ contents ]----------------
  175.  
  176.  
  177.  
  178. User-agent: *
  179. Disallow: /cache/
  180. Disallow: /_backup/
  181. Disallow: /_mygallery/
  182. Disallow: /_temp/
  183. Disallow: /_tempalbums/
  184. Disallow: /_tmpfileop/
  185. Disallow: /dbboon/
  186. Disallow: /Flash/
  187. Disallow: /images/
  188. Disallow: /mobile/
  189. Disallow: /plugins/
  190. Disallow: /scripts/
  191. Disallow: /stats/
  192. Disallow: /statshistory/
  193. Disallow: /QSC/
  194. -----------[end of contents]-------------
  195.  
  196.  
  197.  
  198. W H O I S L O O K U P
  199. =======================================================================================================================================
  200.  
  201. Catastrophic error: disclaimer text has been changed.
  202. Please upgrade this program.
  203.  
  204. Domain Name: theuka.us
  205. Registry Domain ID: D32964433-US
  206. Registrar WHOIS Server: whois.godaddy.com
  207. Registrar URL: whois.godaddy.com
  208. Updated Date: 2018-06-14T12:31:59Z
  209. Creation Date: 2011-06-09T13:38:03Z
  210. Registry Expiry Date: 2019-06-08T23:59:59Z
  211. Registrar: GoDaddy.com, Inc.
  212. Registrar IANA ID: 146
  213. Registrar Abuse Contact Email: abuse@godaddy.com
  214. Registrar Abuse Contact Phone: +1.4806242505
  215. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  216. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
  217. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  218. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  219. Registry Registrant ID: C32964429-US
  220. Registrant Name: Bradley Jenkins
  221. Registrant Organization: UKA
  222. Registrant Street: 418 Amason Rd
  223. Registrant Street:
  224. Registrant Street:
  225. Registrant City: Lineville
  226. Registrant State/Province: Alabama
  227. Registrant Postal Code: 36266
  228. Registrant Country: US
  229. Registrant Phone: +1.2562528047
  230. Registrant Phone Ext:
  231. Registrant Fax:
  232. Registrant Fax Ext:
  233. Registrant Email: jenkinsbradleys33@outlook.com
  234. Registrant Application Purpose: P3
  235. Registrant Nexus Category: C21
  236. Registry Admin ID: C32964431-US
  237. Admin Name: Bradley Jenkins
  238. Admin Organization: UKA
  239. Admin Street: 418 Amason Rd
  240. Admin Street:
  241. Admin Street:
  242. Admin City: Lineville
  243. Admin State/Province: Alabama
  244. Admin Postal Code: 36266
  245. Admin Country: US
  246. Admin Phone: +1.2562528047
  247. Admin Phone Ext:
  248. Admin Fax:
  249. Admin Fax Ext:
  250. Admin Email: jenkinsbradleys33@outlook.com
  251. Admin Application Purpose: P3
  252. Admin Nexus Category: C21
  253. Registry Tech ID: C32964430-US
  254. Tech Name: Bradley Jenkins
  255. Tech Organization: UKA
  256. Tech Street: 418 Amason Rd
  257. Tech Street:
  258. Tech Street:
  259. Tech City: Lineville
  260. Tech State/Province: Alabama
  261. Tech Postal Code: 36266
  262. Tech Country: US
  263. Tech Phone: +1.2562528047
  264. Tech Phone Ext:
  265. Tech Fax:
  266. Tech Fax Ext:
  267. Tech Email: jenkinsbradleys33@outlook.com
  268. Tech Application Purpose: P3
  269. Tech Nexus Category: C21
  270. Name Server: ns78.domaincontrol.com
  271. Name Server: ns77.domaincontrol.com
  272. DNSSEC: unsigned
  273. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  274. >>> Last update of WHOIS database: 2018-10-20T21:44:00Z <<<
  275.  
  276. For more information on Whois status codes, please visit https://icann.org/epp
  277.  
  278.  
  279.  
  280.  
  281.  
  282. G E O I P L O O K U P
  283. =======================================================================================================================================
  284.  
  285. [i] IP Address: 198.71.232.3
  286. [i] Country: US
  287. [i] State: Arizona
  288. [i] City: Scottsdale
  289. [i] Latitude: 33.611900
  290. [i] Longitude: -111.890602
  291.  
  292.  
  293.  
  294.  
  295. H T T P H E A D E R S
  296. =======================================================================================================================================
  297.  
  298.  
  299. [i] HTTP/1.1 200 OK
  300. [i] Content-Type: text/html; charset=utf-8
  301. [i] Cache-Control: public, max-age=60, s-maxage=300
  302. [i] Vary: Accept-Encoding
  303. [i] Content-Encoding: raw
  304. [i] Server: DPS/1.4.17
  305. [i] X-SiteId: 3000
  306. [i] Set-Cookie: dps_site_id=3000; path=/
  307. [i] ETag: d3a34bf78843493622936804cbb8e182
  308. [i] Date: Sat, 20 Oct 2018 21:44:04 GMT
  309. [i] Connection: close
  310.  
  311.  
  312.  
  313.  
  314. D N S L O O K U P
  315. =======================================================================================================================================
  316.  
  317. ;; Truncated, retrying in TCP mode.
  318. theuka.us. 3600 IN MX 0 smtp.secureserver.net.
  319. theuka.us. 3600 IN NS ns78.domaincontrol.com.
  320. theuka.us. 3600 IN SOA ns77.domaincontrol.com. dns.jomax.net. 2017030103 28800 7200 604800 3600
  321. theuka.us. 600 IN A 198.71.232.3
  322. theuka.us. 3600 IN NS ns77.domaincontrol.com.
  323. theuka.us. 3600 IN MX 10 mailstore1.secureserver.net.
  324.  
  325.  
  326.  
  327.  
  328. S U B N E T C A L C U L A T I O N
  329. =======================================================================================================================================
  330.  
  331. Address = 198.71.232.3
  332. Network = 198.71.232.3 / 32
  333. Netmask = 255.255.255.255
  334. Broadcast = not needed on Point-to-Point links
  335. Wildcard Mask = 0.0.0.0
  336. Hosts Bits = 0
  337. Max. Hosts = 1 (2^0 - 0)
  338. Host Range = { 198.71.232.3 - 198.71.232.3 }
  339.  
  340.  
  341.  
  342. N M A P P O R T S C A N
  343. =======================================================================================================================================
  344.  
  345.  
  346. Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-20 21:44 UTC
  347. Nmap scan report for theuka.us (198.71.232.3)
  348. Host is up (0.13s latency).
  349. rDNS record for 198.71.232.3: ip-198-71-232-3.ip.secureserver.net
  350. PORT STATE SERVICE
  351. 21/tcp filtered ftp
  352. 22/tcp filtered ssh
  353. 23/tcp filtered telnet
  354. 80/tcp open http
  355. 110/tcp filtered pop3
  356. 143/tcp filtered imap
  357. 443/tcp open https
  358. 3389/tcp open ms-wbt-server
  359.  
  360. Nmap done: 1 IP address (1 host up) scanned in 13.61 seconds
  361. #######################################################################################################################################
  362. [?] Enter the target: http://www.theuka.us/
  363. [!] IP Address : 182.50.132.242
  364. [!] Server: DPS/1.4.17
  365. [+] Clickjacking protection is not in place.
  366. [!] www.theuka.us doesn't seem to use a CMS
  367. [+] Honeypot Probabilty: 0%
  368. ---------------------------------------------------------------------------------------------------------------------------------------
  369. [~] Trying to gather whois information for www.theuka.us
  370. [+] Whois information found
  371. [-] Unable to build response, visit https://who.is/whois/www.theuka.us
  372. ---------------------------------------------------------------------------------------------------------------------------------------
  373. PORT STATE SERVICE
  374. 21/tcp filtered ftp
  375. 22/tcp filtered ssh
  376. 23/tcp filtered telnet
  377. 80/tcp open http
  378. 110/tcp filtered pop3
  379. 143/tcp filtered imap
  380. 443/tcp open https
  381. 3389/tcp filtered ms-wbt-server
  382. Nmap done: 1 IP address (1 host up) scanned in 3.36 seconds
  383. ---------------------------------------------------------------------------------------------------------------------------------------
  384. [verbose] Retrieved token: lyyAIzkxFvjz8nvRvcMzVSB7FPK8AZdA
  385.  
  386. [+] DNS Records
  387. ns78.domaincontrol.com. (173.201.76.49) AS26496 GoDaddy.com, LLC United States
  388. ns77.domaincontrol.com. (216.69.185.49) AS26496 GoDaddy.com, LLC United States
  389.  
  390. [+] MX Records
  391. 10 (68.178.213.244) AS26496 GoDaddy.com, LLC United States
  392.  
  393. [+] MX Records
  394. 0 (72.167.238.29) AS26496 GoDaddy.com, LLC United States
  395.  
  396. [+] Host Records (A)
  397. www.theuka.us (ip-198-71-232-3.ip.secureserver.net) (198.71.232.3) AS26496 GoDaddy.com, LLC United States
  398.  
  399. [+] TXT Records
  400.  
  401. [+] DNS Map: https://dnsdumpster.com/static/map/theuka.us.png
  402.  
  403. [>] Initiating 3 intel modules
  404. [>] Loading Alpha module (1/3)
  405. [>] Beta module deployed (2/3)
  406. [>] Gamma module initiated (3/3)
  407.  
  408.  
  409. [+] Emails found:
  410. ---------------------------------------------------------------------------------------------------------------------------------------
  411. pixel-1540071860737937-web-@www.theuka.us
  412.  
  413. [+] Hosts found in search engines:
  414. ---------------------------------------------------------------------------------------------------------------------------------------
  415. [-] Resolving hostnames IPs...
  416. [+] Virtual hosts:
  417. ---------------------------------------------------------------------------------------------------------------------------------------
  418. [~] Crawling the target for fuzzable URLs
  419. [-] No fuzzable URLs found
  420. #######################################################################################################################################
  421.  
  422. ; <<>> DiG 9.11.4-P2-3-Debian <<>> www.theuka.us
  423. ;; global options: +cmd
  424. ;; Got answer:
  425. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14909
  426. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 5
  427.  
  428. ;; OPT PSEUDOSECTION:
  429. ; EDNS: version: 0, flags:; udp: 4096
  430. ;; QUESTION SECTION:
  431. ;www.theuka.us. IN A
  432.  
  433. ;; ANSWER SECTION:
  434. www.theuka.us. 2148 IN CNAME theuka.us.
  435. theuka.us. 218 IN A 182.50.132.242
  436.  
  437. ;; AUTHORITY SECTION:
  438. theuka.us. 2192 IN NS ns77.domaincontrol.com.
  439. theuka.us. 2192 IN NS ns78.domaincontrol.com.
  440.  
  441. ;; ADDITIONAL SECTION:
  442. ns77.domaincontrol.com. 21067 IN AAAA 2607:f208:206::31
  443. ns78.domaincontrol.com. 129576 IN AAAA 2603:5:22c4::31
  444. ns77.domaincontrol.com. 21067 IN A 216.69.185.49
  445. ns78.domaincontrol.com. 129576 IN A 173.201.76.49
  446.  
  447. ;; Query time: 417 msec
  448. ;; SERVER: 10.211.254.254#53(10.211.254.254)
  449. ;; WHEN: sam oct 20 18:07:56 EDT 2018
  450. ;; MSG SIZE rcvd: 215
  451.  
  452. #######################################################################################################################################
  453. [+] Hosting Info for Website: www.theuka.us
  454. [+] Visitors per day: < 200
  455. [+] IP Address: ...
  456. [+] IP Reverse DNS (Host): ip-198-71-232-3.ip.secureserver.net
  457. [+] Hosting Company: Godaddy.com, LLC
  458. [+] Hosting IP Range: 198.71.128.0 - 198.71.255.255 (32,768 ip)
  459. [+] Hosting Address: 14455 N Hayden Road, Suite 226, Scottsdale, AZ, 85260, US
  460. [+] Hosting Country: USA
  461. [+] Hosting Phone: +1-480-505-8809
  462. [+] Hosting Website: www.godaddy.com
  463. [+] CIDR: 198.71.128.0/17
  464. [+] Hosting CIDR: 198.71.128.0/17
  465.  
  466. [+] NS: theuka.us
  467. [+] NS: ns77.domaincontrol.com
  468. [+] NS: ns78.domaincontrol.com
  469. #######################################################################################################################################
  470. [*] Performing General Enumeration of Domain: theuka.us
  471. [!] Wildcard resolution is enabled on this domain
  472. [!] It is resolving to 182.50.132.242
  473. [!] All queries will resolve to this address!!
  474. [-] DNSSEC is not configured for theuka.us
  475. [*] SOA ns77.domaincontrol.com 216.69.185.49
  476. [*] NS ns78.domaincontrol.com 173.201.76.49
  477. [*] NS ns78.domaincontrol.com 2603:5:22c4::31
  478. [*] NS ns77.domaincontrol.com 216.69.185.49
  479. [*] NS ns77.domaincontrol.com 2607:f208:206::31
  480. [*] MX mailstore1.secureserver.net 68.178.213.243
  481. [*] MX mailstore1.secureserver.net 68.178.213.244
  482. [*] MX mailstore1.secureserver.net 72.167.238.32
  483. [*] MX smtp.secureserver.net 68.178.213.37
  484. [*] MX smtp.secureserver.net 72.167.238.29
  485. [*] MX smtp.secureserver.net 68.178.213.203
  486. [*] A theuka.us 182.50.132.242
  487. [*] Enumerating SRV Records
  488. [-] No SRV Records Found for theuka.us
  489. [+] 0 Records Found
  490. #######################################################################################################################################
  491. [*] Processing domain theuka.us
  492. [+] Getting nameservers
  493. 173.201.76.49 - ns78.domaincontrol.com
  494. 216.69.185.49 - ns77.domaincontrol.com
  495. [-] Zone transfer failed
  496.  
  497. [+] MX records found, added to target list
  498. 0 smtp.secureserver.net.
  499. 10 mailstore1.secureserver.net.
  500.  
  501. [+] Wildcard domain found - 182.50.132.242
  502. [*] Scanning theuka.us for A records
  503. 72.167.218.45 - e.theuka.us
  504. 173.201.193.148 - e.theuka.us
  505. 173.201.193.133 - e.theuka.us
  506. 173.201.192.148 - e.theuka.us
  507. 45.40.130.40 - e.theuka.us
  508. 173.201.192.20 - e.theuka.us
  509. 173.201.192.133 - e.theuka.us
  510. 97.74.135.148 - e.theuka.us
  511. 72.167.218.173 - e.theuka.us
  512. 68.178.252.148 - e.theuka.us
  513. 97.74.135.133 - e.theuka.us
  514. 45.40.130.41 - e.theuka.us
  515. 72.167.218.55 - e.theuka.us
  516. 173.201.192.5 - e.theuka.us
  517. 68.178.252.5 - e.theuka.us
  518. 173.201.193.20 - e.theuka.us
  519. 97.74.135.45 - e.theuka.us
  520. 173.201.193.5 - e.theuka.us
  521. 68.178.252.20 - e.theuka.us
  522. 72.167.218.183 - e.theuka.us
  523. 68.178.252.133 - e.theuka.us
  524. 97.74.135.55 - e.theuka.us
  525. 68.178.252.133 - email.theuka.us
  526. 72.167.218.55 - email.theuka.us
  527. 97.74.135.55 - email.theuka.us
  528. 68.178.252.148 - email.theuka.us
  529. 97.74.135.133 - email.theuka.us
  530. 45.40.130.41 - email.theuka.us
  531. 45.40.130.40 - email.theuka.us
  532. 173.201.193.20 - email.theuka.us
  533. 173.201.192.133 - email.theuka.us
  534. 173.201.193.5 - email.theuka.us
  535. 72.167.218.173 - email.theuka.us
  536. 68.178.252.20 - email.theuka.us
  537. 97.74.135.148 - email.theuka.us
  538. 72.167.218.45 - email.theuka.us
  539. 72.167.218.183 - email.theuka.us
  540. 173.201.193.148 - email.theuka.us
  541. 173.201.192.20 - email.theuka.us
  542. 173.201.193.133 - email.theuka.us
  543. 68.178.252.5 - email.theuka.us
  544. 97.74.135.45 - email.theuka.us
  545. 173.201.192.5 - email.theuka.us
  546. 173.201.192.148 - email.theuka.us
  547. 208.109.14.154 - forum.theuka.us
  548. 97.74.135.10 - imap.theuka.us
  549. 173.201.192.158 - imap.theuka.us
  550. 72.167.218.138 - imap.theuka.us
  551. 173.201.193.97 - imap.theuka.us
  552. 173.201.192.129 - imap.theuka.us
  553. 97.74.135.143 - imap.theuka.us
  554. 173.201.193.129 - imap.theuka.us
  555. 68.178.252.117 - imap.theuka.us
  556. 173.201.192.129 - mail.theuka.us
  557. 97.74.135.10 - mail.theuka.us
  558. 72.167.218.138 - mail.theuka.us
  559. 173.201.192.158 - mail.theuka.us
  560. 68.178.252.117 - mail.theuka.us
  561. 97.74.135.143 - mail.theuka.us
  562. 173.201.193.129 - mail.theuka.us
  563. 173.201.193.97 - mail.theuka.us
  564. 173.201.193.5 - pda.theuka.us
  565. 173.201.193.97 - pop.theuka.us
  566. 173.201.192.129 - pop.theuka.us
  567. 68.178.252.117 - pop.theuka.us
  568. 97.74.135.10 - pop.theuka.us
  569. 97.74.135.143 - pop.theuka.us
  570. 72.167.218.138 - pop.theuka.us
  571. 173.201.192.158 - pop.theuka.us
  572. 173.201.193.129 - pop.theuka.us
  573. 68.178.213.203 - smtp.theuka.us
  574. 68.178.213.37 - smtp.theuka.us
  575. 72.167.238.29 - smtp.theuka.us
  576. 97.74.135.148 - webmail.theuka.us
  577. 173.201.192.133 - webmail.theuka.us
  578. 72.167.218.55 - webmail.theuka.us
  579. 72.167.218.45 - webmail.theuka.us
  580. 72.167.218.183 - webmail.theuka.us
  581. 72.167.218.173 - webmail.theuka.us
  582. 97.74.135.45 - webmail.theuka.us
  583. 68.178.252.133 - webmail.theuka.us
  584. 68.178.252.20 - webmail.theuka.us
  585. 173.201.192.5 - webmail.theuka.us
  586. 173.201.193.20 - webmail.theuka.us
  587. 45.40.130.41 - webmail.theuka.us
  588. 173.201.193.5 - webmail.theuka.us
  589. 173.201.192.20 - webmail.theuka.us
  590. 173.201.193.148 - webmail.theuka.us
  591. 173.201.192.148 - webmail.theuka.us
  592. 45.40.130.40 - webmail.theuka.us
  593. 97.74.135.133 - webmail.theuka.us
  594. 97.74.135.55 - webmail.theuka.us
  595. 68.178.252.5 - webmail.theuka.us
  596. 68.178.252.148 - webmail.theuka.us
  597. 173.201.193.133 - webmail.theuka.us
  598. #######################################################################################################################################
  599. Start: 2018-10-20T22:40:33+0000
  600. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  601. 1.|-- 45.79.12.202 0.0% 3 0.7 0.6 0.5 0.7 0.1
  602. 2.|-- 45.79.12.2 0.0% 3 0.6 0.6 0.5 0.6 0.1
  603. 3.|-- ae-37.a01.dllstx04.us.bb.gin.ntt.net 0.0% 3 1.0 2.0 1.0 3.4 1.3
  604. 4.|-- ae-9.r10.dllstx09.us.bb.gin.ntt.net 0.0% 3 1.8 1.6 1.3 1.8 0.3
  605. 5.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  606. 6.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  607. 7.|-- 4.28.83.74 0.0% 3 24.2 44.7 24.2 79.9 30.7
  608. 8.|-- ip-148-72-32-11.ip.secureserver.net 0.0% 3 29.2 26.0 24.1 29.2 2.8
  609. 9.|-- be39.trmc0215-01.ars.mgmt.phx3.gdg 0.0% 3 49.6 49.6 49.5 49.8 0.2
  610. 10.|-- ip-97-74-255-129.ip.secureserver.net 0.0% 3 50.4 53.3 50.2 59.3 5.2
  611. 11.|-- ip-72-167-191-69.ip.secureserver.net 0.0% 3 64.1 58.7 55.0 64.1 4.8
  612.  
  613. #######################################################################################################################################
  614. [+] Testing domain
  615. www.theuka.us 182.50.132.242
  616. [+] Dns resolving
  617. Domain name Ip address Name server
  618. theuka.us 182.50.132.242 ip-182-50-132-242.ip.secureserver.net
  619. Found 1 host(s) for theuka.us
  620. [+] Testing wildcard
  621.  
  622. #######################################################################################################################################
  623. -------------------------------------------------------------------------------------------------------------------------------------
  624. + Target IP: 182.50.132.242
  625. + Target Hostname: 182.50.132.242
  626. + Target Port: 80
  627. + Start Time: 2018-10-26 00:22:52 (GMT-4)
  628. ---------------------------------------------------------------------------------------------------------------------------------------
  629. + Server: No banner retrieved
  630. + The anti-clickjacking X-Frame-Options header is not present.
  631. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  632. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  633. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
  634. + Scan terminated: 20 error(s) and 3 item(s) reported on remote host
  635. + End Time: 2018-10-26 00:29:45 (GMT-4) (413 seconds)
  636. ---------------------------------------------------------------------------------------------------------------------------------------
  637. #######################################################################################################################################
  638. PING 182.50.132.242 (182.50.132.242) 56(84) bytes of data.
  639. 64 bytes from 182.50.132.242: icmp_seq=1 ttl=243 time=505 ms
  640.  
  641. --- 182.50.132.242 ping statistics ---
  642. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  643. rtt min/avg/max/mdev = 504.516/504.516/504.516/0.000 ms
  644. #######################################################################################################################################
  645. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:24 EDT
  646. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  647. Host is up (0.20s latency).
  648. Not shown: 470 filtered ports, 3 closed ports
  649. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  650. PORT STATE SERVICE
  651. 21/tcp open ftp
  652. 80/tcp open http
  653. 8080/tcp open http-proxy
  654. #######################################################################################################################################
  655. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:24 EDT
  656. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  657. Host is up (0.27s latency).
  658. Not shown: 6 filtered ports
  659. PORT STATE SERVICE
  660. 53/udp open|filtered domain
  661. 67/udp open|filtered dhcps
  662. 69/udp open|filtered tftp
  663. 88/udp open|filtered kerberos-sec
  664. 161/udp open|filtered snmp
  665. 162/udp open|filtered snmptrap
  666. 520/udp open|filtered route
  667. 2049/udp open|filtered nfs
  668. #######################################################################################################################################
  669. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:24 EDT
  670. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  671. Host is up (0.071s latency).
  672.  
  673. PORT STATE SERVICE VERSION
  674. 21/tcp filtered ftp
  675. Too many fingerprints match this host to give specific OS details
  676. Network Distance: 20 hops
  677.  
  678. TRACEROUTE (using proto 1/icmp)
  679. HOP RTT ADDRESS
  680. 1 158.48 ms 10.244.200.1
  681. 2 158.52 ms 177.67.82.193
  682. 3 159.23 ms 177.67.87.185
  683. 4 159.27 ms 5-178-46-202.seabone.net (5.178.46.202)
  684. 5 161.34 ms 195.22.219.3
  685. 6 160.07 ms 149.3.181.65
  686. 7 292.35 ms ae-4.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.227)
  687. 8 333.53 ms 129.250.4.13
  688. 9 333.02 ms ae-0.r23.sttlwa01.us.bb.gin.ntt.net (129.250.6.30)
  689. 10 340.22 ms ae-3.r23.snjsca04.us.bb.gin.ntt.net (129.250.3.124)
  690. 11 343.60 ms ae-0.r22.snjsca04.us.bb.gin.ntt.net (129.250.2.182)
  691. 12 507.52 ms ae-2.r20.sngpsi05.sg.bb.gin.ntt.net (129.250.3.49)
  692. 13 509.01 ms ae-2.r00.sngpsi02.sg.bb.gin.ntt.net (129.250.3.147)
  693. 14 516.87 ms xe-0-5-0-26.r00.sngpsi02.sg.ce.gin.ntt.net (116.51.27.158)
  694. 15 ...
  695. 16 508.94 ms ip-148-72-204-7.ip.secureserver.net (148.72.204.7)
  696. 17 505.79 ms ip-182-50-156-132.ip.secureserver.net (182.50.156.132)
  697. 18 ... 19
  698. 20 506.76 ms ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  699. #######################################################################################################################################
  700. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:24 EDT
  701. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  702. Host is up (0.067s latency).
  703.  
  704. PORT STATE SERVICE VERSION
  705. 67/udp open|filtered dhcps
  706. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  707. Too many fingerprints match this host to give specific OS details
  708. Network Distance: 20 hops
  709.  
  710. TRACEROUTE (using proto 1/icmp)
  711. HOP RTT ADDRESS
  712. 1 161.97 ms 10.244.200.1
  713. 2 162.02 ms 177.67.82.193
  714. 3 168.96 ms 177.67.87.185
  715. 4 163.14 ms 5-178-46-202.seabone.net (5.178.46.202)
  716. 5 165.91 ms 195.22.219.3
  717. 6 163.64 ms 149.3.181.65
  718. 7 293.23 ms ae-4.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.227)
  719. 8 337.07 ms 129.250.4.13
  720. 9 337.12 ms ae-0.r23.sttlwa01.us.bb.gin.ntt.net (129.250.6.30)
  721. 10 344.38 ms ae-3.r23.snjsca04.us.bb.gin.ntt.net (129.250.3.124)
  722. 11 340.23 ms ae-0.r22.snjsca04.us.bb.gin.ntt.net (129.250.2.182)
  723. 12 506.64 ms ae-2.r20.sngpsi05.sg.bb.gin.ntt.net (129.250.3.49)
  724. 13 508.42 ms ae-2.r00.sngpsi02.sg.bb.gin.ntt.net (129.250.3.147)
  725. 14 515.71 ms xe-0-5-0-26.r00.sngpsi02.sg.ce.gin.ntt.net (116.51.27.158)
  726. 15 ...
  727. 16 508.43 ms ip-148-72-204-7.ip.secureserver.net (148.72.204.7)
  728. 17 510.92 ms ip-182-50-156-132.ip.secureserver.net (182.50.156.132)
  729. 18 ... 19
  730. 20 508.80 ms ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  731.  
  732. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  733. Nmap done: 1 IP address (1 host up) scanned in 122.16 seconds
  734. + -- --=[Port 68 closed... skipping.
  735. + -- --=[Port 69 opened... running tests...
  736. #######################################################################################################################################
  737. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:26 EDT
  738. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  739. Host is up (0.067s latency).
  740.  
  741. PORT STATE SERVICE VERSION
  742. 69/udp open|filtered tftp
  743. Too many fingerprints match this host to give specific OS details
  744. Network Distance: 20 hops
  745.  
  746. TRACEROUTE (using proto 1/icmp)
  747. HOP RTT ADDRESS
  748. 1 168.02 ms 10.244.200.1
  749. 2 168.07 ms 177.67.82.193
  750. 3 169.20 ms 177.67.87.185
  751. 4 168.55 ms 5-178-46-202.seabone.net (5.178.46.202)
  752. 5 168.53 ms 195.22.219.3
  753. 6 168.92 ms 149.3.181.65
  754. 7 298.08 ms ae-4.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.227)
  755. 8 341.87 ms 129.250.4.13
  756. 9 340.51 ms ae-0.r23.sttlwa01.us.bb.gin.ntt.net (129.250.6.30)
  757. 10 348.18 ms ae-3.r23.snjsca04.us.bb.gin.ntt.net (129.250.3.124)
  758. 11 341.73 ms ae-0.r22.snjsca04.us.bb.gin.ntt.net (129.250.2.182)
  759. 12 505.16 ms ae-2.r20.sngpsi05.sg.bb.gin.ntt.net (129.250.3.49)
  760. 13 506.68 ms ae-2.r00.sngpsi02.sg.bb.gin.ntt.net (129.250.3.147)
  761. 14 513.94 ms xe-0-5-0-26.r00.sngpsi02.sg.ce.gin.ntt.net (116.51.27.158)
  762. 15 ...
  763. 16 505.47 ms ip-148-72-204-7.ip.secureserver.net (148.72.204.7)
  764. 17 507.32 ms ip-182-50-156-132.ip.secureserver.net (182.50.156.132)
  765. 18 ... 19
  766. 20 508.06 ms ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  767. #######################################################################################################################################
  768.  
  769. ^ ^
  770. _ __ _ ____ _ __ _ _ ____
  771. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  772. | V V // o // _/ | V V // 0 // 0 // _/
  773. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  774. <
  775. ...'
  776.  
  777. WAFW00F - Web Application Firewall Detection Tool
  778.  
  779. By Sandro Gauci && Wendel G. Henrique
  780.  
  781. Checking http://182.50.132.242
  782. Generic Detection results:
  783. The site http://182.50.132.242 seems to be behind a WAF or some sort of security solution
  784. Reason: Blocking is being done at connection/packet level.
  785. Number of requests: 12
  786. #######################################################################################################################################
  787. http://182.50.132.242 [404 Not Found] Cookies[dps_site_id], Country[SINGAPORE][SG], HTML5, HTTPServer[DPS/1.4.17], IP[182.50.132.242], Title[404 Not Found], UncommonHeaders[x-siteid]
  788. #######################################################################################################################################
  789.  
  790. wig - WebApp Information Gatherer
  791.  
  792.  
  793. Scanning http://182.50.132.242...
  794. _________________ SITE INFO __________________
  795. IP Title
  796. 182.50.132.242 404 Not Found
  797.  
  798. __________________ VERSION ___________________
  799. Name Versions Type
  800. dps 1.4.17 Platform
  801.  
  802. ______________________________________________
  803. Time: 70.9 sec Urls: 599 Fingerprints: 40401
  804. #######################################################################################################################################
  805. HTTP/1.1 404 Not Found
  806. Content-Type: text/html;charset=utf-8
  807. Content-Length: 964
  808. Vary: Accept-Encoding
  809. Server: DPS/1.4.17
  810. X-SiteId: 3000
  811. Set-Cookie: dps_site_id=3000; path=/
  812. Date: Fri, 26 Oct 2018 04:29:46 GMT
  813. Connection: keep-alive
  814. #######################################################################################################################################
  815. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:29 EDT
  816. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  817. Host is up (0.50s latency).
  818.  
  819. PORT STATE SERVICE VERSION
  820. 161/tcp filtered snmp
  821. 161/udp open|filtered snmp
  822. Too many fingerprints match this host to give specific OS details
  823. Network Distance: 20 hops
  824.  
  825. TRACEROUTE (using proto 1/icmp)
  826. HOP RTT ADDRESS
  827. 1 157.47 ms 10.244.200.1
  828. 2 157.51 ms 177.67.82.193
  829. 3 160.32 ms 177.67.87.185
  830. 4 158.73 ms 5-178-46-202.seabone.net (5.178.46.202)
  831. 5 160.37 ms 195.22.219.3
  832. 6 159.27 ms 149.3.181.65
  833. 7 291.01 ms ae-4.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.227)
  834. 8 332.45 ms 129.250.4.13
  835. 9 332.88 ms ae-0.r23.sttlwa01.us.bb.gin.ntt.net (129.250.6.30)
  836. 10 340.47 ms ae-3.r23.snjsca04.us.bb.gin.ntt.net (129.250.3.124)
  837. 11 342.39 ms ae-0.r22.snjsca04.us.bb.gin.ntt.net (129.250.2.182)
  838. 12 507.27 ms ae-2.r20.sngpsi05.sg.bb.gin.ntt.net (129.250.3.49)
  839. 13 508.17 ms ae-2.r00.sngpsi02.sg.bb.gin.ntt.net (129.250.3.147)
  840. 14 523.21 ms xe-0-5-0-26.r00.sngpsi02.sg.ce.gin.ntt.net (116.51.27.158)
  841. 15 ...
  842. 16 507.32 ms ip-148-72-204-7.ip.secureserver.net (148.72.204.7)
  843. 17 511.40 ms ip-182-50-156-132.ip.secureserver.net (182.50.156.132)
  844. 18 ... 19
  845. 20 508.70 ms ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  846.  
  847. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  848. Nmap done: 1 IP address (1 host up) scanned in 76.69 seconds
  849. #######################################################################################################################################
  850. RHOSTS => 182.50.132.242
  851. [-] 182.50.132.242 SNMP request timeout.
  852. [*] Scanned 1 of 1 hosts (100% complete)
  853. [*] Auxiliary module execution completed
  854. + -- --=[Port 162 closed... skipping.
  855. + -- --=[Port 389 closed... skipping.
  856. + -- --=[Port 443 closed... skipping.
  857. + -- --=[Port 445 closed... skipping.
  858. + -- --=[Port 512 closed... skipping.
  859. + -- --=[Port 513 closed... skipping.
  860. + -- --=[Port 514 closed... skipping.
  861. + -- --=[Port 623 closed... skipping.
  862. + -- --=[Port 624 closed... skipping.
  863. + -- --=[Port 1099 closed... skipping.
  864. + -- --=[Port 1433 closed... skipping.
  865. + -- --=[Port 2049 closed... skipping.
  866. + -- --=[Port 2121 closed... skipping.
  867. + -- --=[Port 3306 closed... skipping.
  868. + -- --=[Port 3310 closed... skipping.
  869. + -- --=[Port 3128 closed... skipping.
  870. + -- --=[Port 3389 closed... skipping.
  871. + -- --=[Port 3632 closed... skipping.
  872. + -- --=[Port 4443 closed... skipping.
  873. + -- --=[Port 5432 closed... skipping.
  874. + -- --=[Port 5555 closed... skipping.
  875. + -- --=[Port 5800 closed... skipping.
  876. + -- --=[Port 5900 closed... skipping.
  877. + -- --=[Port 5984 closed... skipping.
  878. + -- --=[Port 6000 closed... skipping.
  879. + -- --=[Port 6667 closed... skipping.
  880. + -- --=[Port 7001 closed... skipping.
  881. + -- --=[Port 8000 closed... skipping.
  882. + -- --=[Port 8100 closed... skipping.
  883. + -- --=[Port 8080 opened... running tests...
  884.  
  885. ^ ^
  886. _ __ _ ____ _ __ _ _ ____
  887. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  888. | V V // o // _/ | V V // 0 // 0 // _/
  889. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  890. <
  891. ...'
  892.  
  893. WAFW00F - Web Application Firewall Detection Tool
  894.  
  895. By Sandro Gauci && Wendel G. Henrique
  896.  
  897. Checking http://182.50.132.242:8080
  898.  
  899.  
  900. Version: 1.11.12-static
  901. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  902. #######################################################################################################################################
  903. RHOSTS => 182.50.132.242
  904. RHOST => 182.50.132.242
  905. [-] WAR file not found
  906. [*] Auxiliary module execution completed
  907. [*] Scanned 1 of 1 hosts (100% complete)
  908. [*] Auxiliary module execution completed
  909. RPORT => 8080
  910. [*] Scanned 1 of 1 hosts (100% complete)
  911. [*] Auxiliary module execution completed
  912. [*] Attempting to connect to 182.50.132.242:8080
  913. [+] No File(s) found
  914. [*] Scanned 1 of 1 hosts (100% complete)
  915. [*] Auxiliary module execution completed
  916. [*] http://182.50.132.242:8080/admin/j_security_check - Checking j_security_check...
  917. [-] The connection timed out (182.50.132.242:8080).
  918. [-] http://182.50.132.242:8080/admin/j_security_check - Unable to enumerate users with this URI
  919. [*] Scanned 1 of 1 hosts (100% complete)
  920. [*] Auxiliary module execution completed
  921. [-] The host (182.50.132.242:8080) was unreachable.
  922. [-] The connection timed out (182.50.132.242:8080).
  923. [-] http://182.50.132.242:8080/manager/html - No response
  924. [*] Scanned 1 of 1 hosts (100% complete)
  925. [*] Auxiliary module execution completed
  926. [-] Exploit aborted due to failure: unreachable: The target server did not respond to fingerprinting, use 'set FingerprintCheck false' to disable this check.
  927. [*] Exploit completed, but no session was created.
  928. USERNAME => tomcat
  929. PASSWORD => tomcat
  930. [-] Exploit aborted due to failure: unreachable: The target server did not respond to fingerprinting, use 'set FingerprintCheck false' to disable this check.
  931. [*] Exploit completed, but no session was created.
  932. #######################################################################################################################################
  933. RHOSTS => 182.50.132.242
  934. RPORT => 8080
  935. [*] Scanned 1 of 1 hosts (100% complete)
  936. [*] Auxiliary module execution completed
  937.  
  938.  
  939.  
  940.  
  941. * --- JexBoss: Jboss verify and EXploitation Tool --- *
  942. | * And others Java Deserialization Vulnerabilities * |
  943. | |
  944. | @author: João Filho Matos Figueiredo |
  945. | @contact: joaomatosf@gmail.com |
  946. | |
  947. | @update: https://github.com/joaomatosf/jexboss |
  948. #______________________________________________________#
  949.  
  950. @version: 1.2.4
  951.  
  952. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
  953.  
  954.  
  955. ** Checking Host: http://182.50.132.242:8080 **
  956.  
  957. [*] Checking admin-console:
  958. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: /admin-console/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffeec3190>: Failed to establish a new connection: [Errno 113] No route to host',)))
  959.  
  960. [*] Checking Struts2:
  961. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7faffebe5710>, 'Connection to 182.50.132.242 timed out. (connect timeout=3)')))
  962.  
  963. [*] Checking Servlet Deserialization:
  964. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffec1e350>: Failed to establish a new connection: [Errno 113] No route to host',)))
  965.  
  966. [*] Checking Application Deserialization:
  967. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffec1e410>: Failed to establish a new connection: [Errno 113] No route to host',)))
  968.  
  969. [*] Checking Jenkins:
  970. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7faffec1e4d0>, 'Connection to 182.50.132.242 timed out. (connect timeout=3)')))
  971.  
  972. [*] Checking web-console:
  973. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: /web-console/Invoker (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffec1e5d0>: Failed to establish a new connection: [Errno 113] No route to host',)))
  974.  
  975. [*] Checking jmx-console:
  976. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: /jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffec1e6d0>: Failed to establish a new connection: [Errno 113] No route to host',)))
  977.  
  978. [*] Checking JMXInvokerServlet:
  979. * An error occurred while connecting to the host http://182.50.132.242:8080 (HTTPConnectionPool(host='182.50.132.242', port=8080): Max retries exceeded with url: /invoker/JMXInvokerServlet (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7faffec1e790>: Failed to establish a new connection: [Errno 113] No route to host',)))
  980.  
  981.  
  982.  
  983. * Results:
  984. The server is not vulnerable to bugs tested ... :D
  985.  
  986. * Info: review, suggestions, updates, etc:
  987. https://github.com/joaomatosf/jexboss
  988.  
  989. * DONATE: Please consider making a donation to help improve this tool,
  990. * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
  991.  
  992. #######################################################################################################################################
  993.  
  994. I, [2018-10-26T00:34:35.883656 #25451] INFO -- : Initiating port scan
  995. I, [2018-10-26T00:35:27.687142 #25451] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-26_00-34-35.xml
  996. I, [2018-10-26T00:35:27.709817 #25451] INFO -- : Discovered open port: 182.50.132.242:80
  997. I, [2018-10-26T00:35:37.712064 #25451] INFO -- : Discovered open port: 182.50.132.242:443
  998. W, [2018-10-26T00:35:47.714080 #25451] WARN -- : Yasuo did not find any potential hosts to enumerate
  999. #######################################################################################################################################
  1000. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:35 EDT
  1001. NSE: Loaded 148 scripts for scanning.
  1002. NSE: Script Pre-scanning.
  1003. Initiating NSE at 00:35
  1004. Completed NSE at 00:35, 0.00s elapsed
  1005. Initiating NSE at 00:35
  1006. Completed NSE at 00:35, 0.00s elapsed
  1007. Initiating Parallel DNS resolution of 1 host. at 00:35
  1008. Completed Parallel DNS resolution of 1 host. at 00:35, 0.02s elapsed
  1009. Initiating SYN Stealth Scan at 00:35
  1010. Scanning ip-182-50-132-242.ip.secureserver.net (182.50.132.242) [474 ports]
  1011. Completed SYN Stealth Scan at 00:35, 7.73s elapsed (474 total ports)
  1012. Initiating Service scan at 00:35
  1013. Initiating OS detection (try #1) against ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1014. Retrying OS detection (try #2) against ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1015. Initiating Traceroute at 00:35
  1016. Completed Traceroute at 00:35, 0.17s elapsed
  1017. Initiating Parallel DNS resolution of 2 hosts. at 00:35
  1018. Completed Parallel DNS resolution of 2 hosts. at 00:35, 0.16s elapsed
  1019. NSE: Script scanning 182.50.132.242.
  1020. Initiating NSE at 00:35
  1021. Completed NSE at 00:35, 0.00s elapsed
  1022. Initiating NSE at 00:35
  1023. Completed NSE at 00:35, 0.00s elapsed
  1024. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1025. Host is up (0.16s latency).
  1026. Not shown: 471 filtered ports
  1027. PORT STATE SERVICE VERSION
  1028. 25/tcp closed smtp
  1029. 139/tcp closed netbios-ssn
  1030. 445/tcp closed microsoft-ds
  1031. Too many fingerprints match this host to give specific OS details
  1032. Network Distance: 2 hops
  1033.  
  1034. TRACEROUTE (using port 139/tcp)
  1035. HOP RTT ADDRESS
  1036. 1 160.54 ms 10.244.200.1
  1037. 2 160.53 ms ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1038.  
  1039. NSE: Script Post-scanning.
  1040. Initiating NSE at 00:35
  1041. Completed NSE at 00:35, 0.00s elapsed
  1042. Initiating NSE at 00:35
  1043. Completed NSE at 00:35, 0.00s elapsed
  1044. Read data files from: /usr/bin/../share/nmap
  1045. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1046. Nmap done: 1 IP address (1 host up) scanned in 12.05 seconds
  1047. Raw packets sent: 995 (48.148KB) | Rcvd: 371 (22.409KB)
  1048. #######################################################################################################################################
  1049. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 00:35 EDT
  1050. NSE: Loaded 148 scripts for scanning.
  1051. NSE: Script Pre-scanning.
  1052. Initiating NSE at 00:36
  1053. Completed NSE at 00:36, 0.00s elapsed
  1054. Initiating NSE at 00:36
  1055. Completed NSE at 00:36, 0.00s elapsed
  1056. Initiating Parallel DNS resolution of 1 host. at 00:36
  1057. Completed Parallel DNS resolution of 1 host. at 00:36, 0.02s elapsed
  1058. Initiating UDP Scan at 00:36
  1059. Scanning ip-182-50-132-242.ip.secureserver.net (182.50.132.242) [14 ports]
  1060. Completed UDP Scan at 00:36, 2.49s elapsed (14 total ports)
  1061. Initiating Service scan at 00:36
  1062. Scanning 12 services on ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1063. Service scan Timing: About 8.33% done; ETC: 00:45 (0:08:48 remaining)
  1064. Service scan Timing: About 25.00% done; ETC: 00:42 (0:04:39 remaining)
  1065. Completed Service scan at 00:37, 102.57s elapsed (12 services on 1 host)
  1066. Initiating OS detection (try #1) against ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1067. Retrying OS detection (try #2) against ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1068. Initiating Traceroute at 00:37
  1069. Completed Traceroute at 00:38, 7.39s elapsed
  1070. Initiating Parallel DNS resolution of 1 host. at 00:38
  1071. Completed Parallel DNS resolution of 1 host. at 00:38, 0.03s elapsed
  1072. NSE: Script scanning 182.50.132.242.
  1073. Initiating NSE at 00:38
  1074. Completed NSE at 00:38, 20.37s elapsed
  1075. Initiating NSE at 00:38
  1076. Completed NSE at 00:38, 2.33s elapsed
  1077. Nmap scan report for ip-182-50-132-242.ip.secureserver.net (182.50.132.242)
  1078. Host is up (0.24s latency).
  1079.  
  1080. PORT STATE SERVICE VERSION
  1081. 53/udp open|filtered domain
  1082. 67/udp open|filtered dhcps
  1083. 68/udp open|filtered dhcpc
  1084. 69/udp open|filtered tftp
  1085. 88/udp open|filtered kerberos-sec
  1086. 123/udp open|filtered ntp
  1087. 137/udp filtered netbios-ns
  1088. 138/udp filtered netbios-dgm
  1089. 139/udp open|filtered netbios-ssn
  1090. 161/udp open|filtered snmp
  1091. 162/udp open|filtered snmptrap
  1092. 389/udp open|filtered ldap
  1093. 520/udp open|filtered route
  1094. 2049/udp open|filtered nfs
  1095. Too many fingerprints match this host to give specific OS details
  1096.  
  1097. TRACEROUTE (using port 137/udp)
  1098. HOP RTT ADDRESS
  1099. 1 158.00 ms 10.244.200.1
  1100. 2 ... 3
  1101. 4 162.06 ms 10.244.200.1
  1102. 5 159.33 ms 10.244.200.1
  1103. 6 159.32 ms 10.244.200.1
  1104. 7 159.31 ms 10.244.200.1
  1105. 8 159.31 ms 10.244.200.1
  1106. 9 159.30 ms 10.244.200.1
  1107. 10 159.33 ms 10.244.200.1
  1108. 11 ... 18
  1109. 19 159.71 ms 10.244.200.1
  1110. 20 160.97 ms 10.244.200.1
  1111. 21 ... 27
  1112. 28 162.15 ms 10.244.200.1
  1113. 29 161.45 ms 10.244.200.1
  1114. 30 157.29 ms 10.244.200.1
  1115.  
  1116. NSE: Script Post-scanning.
  1117. Initiating NSE at 00:38
  1118. Completed NSE at 00:38, 0.00s elapsed
  1119. Initiating NSE at 00:38
  1120. Completed NSE at 00:38, 0.00s elapsed
  1121. Read data files from: /usr/bin/../share/nmap
  1122. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1123. Nmap done: 1 IP address (1 host up) scanned in 144.57 seconds
  1124. Raw packets sent: 142 (12.624KB) | Rcvd: 2418 (252.934KB)
  1125. #######################################################################################################################################
  1126. Anonymous JTSEC #OpDomesticTerrorism Full Recon #10
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!