AnonymousSriLanka

UNITED NATIONS (UN) - Lotus Domino Web-Mail Server Data Leak

Feb 29th, 2012
1,866
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. UNITED NATIONS (UN) - Lotus Domino Web-Mail Server Data Leaked
  2.  
  3. The United Nations (UN) is an international organization whose stated aims are facilitating cooperation in international law, international security, economic development, social progress, human rights, and achievement of world peace. The UN was founded in 1945 after World War II to replace the League of Nations, to stop wars between countries, and to provide a platform for dialogue. It contains multiple subsidiary organizations to carry out its missions.
  4.  
  5. http://www.un.org
  6.  
  7. THIS ATTACK AGAINST THE DIRTIEST THINGS AGAINST THE SRI LANKA BY UN .........!!!!!
  8.  
  9. EXCLUSIVE FROM - Anonymous Sri Lanka
  10.  
  11. WWW.UN.ORG -----> Fuck3D and Bust3D
  12.  
  13. Primary webmaildr.un.org (157.150.34.43) Server Hacked and
  14. with Transferring (Data Leak)....!!
  15.  
  16. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
  17.  
  18. 21/tcp closed ftp reset
  19. 22/tcp closed ssh reset
  20. 23/tcp filtered telnet no-response
  21. 25/tcp closed smtp reset
  22. 80/tcp open http? syn-ack
  23. |_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
  24. | http-grep:
  25. |_ ERROR: Argument http-grep.match was not set
  26. |_citrix-brute-xml: FAILED: No domain specified (use ntdomain argument)
  27. | http-brute:
  28. |_ ERROR: No path was specified (see http-brute.path)
  29. | http-malware-host:
  30. |_ ERROR: Unknown pages return a 302 response; unable to check
  31. |_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php
  32. |_http-iis-webdav-vuln: ERROR: This web server is not supported.
  33. | http-title: Site doesn't have a title (text/html).
  34. |_Did not follow redirect to https://webmail.un.org/
  35. |_http-methods: No Allow or Public header in OPTIONS response (status code 307)
  36. | http-form-brute:
  37. |_ ERROR: No passvar was specified (see http-form-brute.passvar)
  38. |_http-headers: ERROR: Header request didn't return a proper header
  39. |_http-userdir-enum: Didn't find any users!
  40. |_http-wordpress-plugins: nothing found amongst the 100 most popular plugins, use --script-arg http-wordpress-plugins.search=<number|all> for deeper analysis)
  41. | http-vhosts:
  42. |_405 names had status 302
  43. | http-domino-enum-passwords:
  44. |_ ERROR: No valid credentials were found (see domino-enum-passwords.username and domino-enum-passwords.password)
  45. 110/tcp closed pop3 reset
  46. 139/tcp filtered netbios-ssn no-response
  47. 443/tcp open ssl/http syn-ack Lotus Domino httpd
  48. |_citrix-brute-xml: FAILED: No domain specified (use ntdomain argument)
  49. | http-grep:
  50. |_ ERROR: Argument http-grep.match was not set
  51. | http-brute:
  52. |_ ERROR: No path was specified (see http-brute.path)
  53. |_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
  54. | ssl-cert: Subject: commonName=*.un.org/organizationName=United Nations/stateOrProvinceName=New York/countryName=US/streetAddress=24-01 44th Road, 9th Floor/localityName=Long Island City/postalCode=11101-4605/organizationalUnitName=Comodo PremiumSSL Wildcard
  55. | Issuer: commonName=UTN-USERFirst-Hardware/organizationName=The USERTRUST Network/stateOrProvinceName=UT/countryName=US/localityName=Salt Lake City/organizationalUnitName=http://www.usertrust.com
  56. | Public Key type: rsa
  57. | Public Key bits: 2048
  58. | Not valid before: 2011-02-02 00:00:00
  59. | Not valid after: 2013-04-13 23:59:59
  60. | MD5: 7920 a56a 7a80 873f 2303 98fd 5711 4c72
  61. | SHA-1: 3829 64d1 30e8 d182 52e7 65b8 5c41 5de1 0470 a249
  62. | -----BEGIN CERTIFICATE-----
  63. | MIIGBzCCBO+gAwIBAgIQGSM5lIzygwVgvQZH7nphlDANBgkqhkiG9w0BAQUFADCB
  64. | lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
  65. | Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
  66. | dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
  67. | SGFyZHdhcmUwHhcNMTEwMjAyMDAwMDAwWhcNMTMwNDEzMjM1OTU5WjCCAQsxCzAJ
  68. | BgNVBAYTAlVTMRMwEQYDVQQREwoxMTEwMS00NjA1MREwDwYDVQQIEwhOZXcgWW9y
  69. | azEZMBcGA1UEBxMQTG9uZyBJc2xhbmQgQ2l0eTEjMCEGA1UECRMaMjQtMDEgNDR0
  70. | aCBSb2FkLCA5dGggRmxvb3IxFzAVBgNVBAoTDlVuaXRlZCBOYXRpb25zMQ0wCwYD
  71. | VQQLEwRPSUNUMTQwMgYDVQQLEytJc3N1ZWQgdGhyb3VnaCBVbml0ZWQgTmF0aW9u
  72. | cyBFLVBLSSBNYW5hZ2VyMSMwIQYDVQQLExpDb21vZG8gUHJlbWl1bVNTTCBXaWxk
  73. | Y2FyZDERMA8GA1UEAxQIKi51bi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
  74. | ggEKAoIBAQCs1eE0bZ1LBeAYBybTC5K4D7p7jpOvfMqH8uWU5XUz5mD2t8ZuZ/gk
  75. | AL3Te23ev32e8bKPkSYym9VgLNZ5CQbh+DG4y6lQNY0kaokMRSYGMhQG8mdUEkcg
  76. | u4lvd3V1VZ6HeppcO7ufgn3RbpTSLcgKRlm9UABQmYxZ0nmwW6z9IeGgKPoHn+18
  77. | G8HgFuMx4N0+vAbPvuhrurzb3OfWFsj2qE0R3PHtbZ/4lUCB54SG7LtNfsDeqzhp
  78. | rlHoD6OB25V1/t5Mt4K38PRa1i52G6J+KcuexxslfS3Kv67eNFik6t3lR3MPDSGw
  79. | Vtw1ATyTNW5aHrkq84AbZAKzMi9O7HzxAgMBAAGjggHWMIIB0jAfBgNVHSMEGDAW
  80. | gBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUHdeek2FzeALWh9EDbE8s
  81. | xfGb4uQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
  82. | KwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQMEMCsw
  83. | KQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsGA1Ud
  84. | HwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VSRmly
  85. | c3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQvVVRO
  86. | LVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUF
  87. | BzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZlckNB
  88. | LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBsGA1Ud
  89. | EQQUMBKCCCoudW4ub3JnggZ1bi5vcmcwDQYJKoZIhvcNAQEFBQADggEBAG9ajQJE
  90. | fC4XCmsdUD0HQ+5PNO1YtusPQD9I7zOgf6c25TMeu7PCblYH7nZq5NiiglchRX6a
  91. | VowALfIqjXyEWTDlq94y7JKtv/B62GU1dX7lvNoPS80/e1MzZCzkGa1hHZjiQL7r
  92. | kFoSmHeRr8A+fIjJZ85o7x2Y6qZJcjQTtASRAMV4kZEqST+cnRF3Pz8WnGKlFwFn
  93. | aUXH/t/MDgQbpa0+tKIg8dAP3Tb43r4051Rius6zOhS5PYOmo4MsBiKOVXHZnT15
  94. | vHiNtnSrtsKkxE3xGI7d9x5CC/BLnp8edK5cneCK39+MZFmJmvMFxXwiaIDCiWGx
  95. | vhwke7E0HzImDls=
  96. |_-----END CERTIFICATE-----
  97. | http-trace: TRACE is enabled
  98. | Headers:
  99. | Server: Lotus-Domino
  100. | Date: Wed, 29 Feb 2012 10:04:30 GMT
  101. | Pragma: no-cache
  102. | Cache-Control: no-cache
  103. | Expires: Wed, 29 Feb 2012 10:04:30 GMT
  104. | Content-Type: message/http
  105. |_Content-Length: 204
  106. |_http-methods: No Allow or Public header in OPTIONS response (status code 302)
  107. |_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php
  108. |_http-date: Wed, 29 Feb 2012 10:04:33 GMT; +5s from local time.
  109. |_http-malware-host: Host appears to be clean
  110. |_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
  111. |_http-iis-webdav-vuln: ERROR: This web server is not supported.
  112. | http-title: Site doesn't have a title (text/html; charset=UTF-8).
  113. |_Requested resource was http://157.150.34.43/mailjump.nsf
  114. | http-form-brute:
  115. |_ ERROR: No passvar was specified (see http-form-brute.passvar)
  116. |_http-favicon: IBM Lotus Notes Collaboration Software
  117. | http-headers:
  118. | Server: Lotus-Domino
  119. | Date: Wed, 29 Feb 2012 10:04:47 GMT
  120. | Connection: close
  121. | Location: mailjump.nsf
  122. |
  123. |_ (Request type: GET)
  124. |_http-userdir-enum: Didn't find any users!
  125. |_http-wordpress-plugins: nothing found amongst the 100 most popular plugins, use --script-arg http-wordpress-plugins.search=<number|all> for deeper analysis)
  126. | ssl-enum-ciphers:
  127. | SSLv3
  128. | Ciphers (3)
  129. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  130. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  131. | TLS_RSA_WITH_RC4_128_SHA - strong
  132. | Compressors (1)
  133. | NULL
  134. | TLSv1.0
  135. | Ciphers (5)
  136. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  137. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  138. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  139. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  140. | TLS_RSA_WITH_RC4_128_SHA - strong
  141. | Compressors (1)
  142. | NULL
  143. |_ Least strength = unknown strength
  144. | http-vhosts:
  145. |_405 names had status 302
  146. | http-enum:
  147. | /homepage.nsf/homePage.gif?OpenImageResource: Lotus Domino
  148. | /icons/ecblank.gif: Lotus Domino
  149. | /admin4.nsf: Lotus Domino
  150. | /agentrunner.nsf: Lotus Domino
  151. | /busytime.nsf: Lotus Domino
  152. | /catalog.nsf: Lotus Domino
  153. | /certlog.nsf: Lotus Domino
  154. | /certsrv.nsf: Lotus Domino
  155. | /doladmin.nsf: Lotus Domino
  156. | /domcfg.nsf: Lotus Domino
  157. | /domlog.nsf: Lotus Domino
  158. | /events4.nsf: Lotus Domino
  159. | /homepage.nsf: Lotus Domino
  160. | /log.nsf: Lotus Domino
  161. | /mail1.box: Lotus Domino
  162. | /mail2.box: Lotus Domino
  163. | /names.nsf: Lotus Domino
  164. | /reports.nsf: Lotus Domino
  165. | /webadmin.nsf: Lotus Domino
  166. |_ /icons/ecblank.gif: Lotus Domino
  167. | ssl-google-cert-catalog:
  168. |_ No DB entry
  169. | http-domino-enum-passwords:
  170. |_ ERROR: No credentials supplied (see domino-enum-passwords.username and domino-enum-passwords.password)
  171. 445/tcp filtered microsoft-ds no-response
  172. 3389/tcp filtered ms-term-serv no-response
  173. Host script results:
  174. | dns-blacklist:
  175. | PROXY
  176. | dnsbl.ahbl.org - FAIL
  177. | socks.dnsbl.sorbs.net - FAIL
  178. | http.dnsbl.sorbs.net - FAIL
  179. | misc.dnsbl.sorbs.net - FAIL
  180. | dnsbl.tornevall.org - FAIL
  181. | SPAM
  182. | dnsbl.ahbl.org - FAIL
  183. | dnsbl.inps.de - FAIL
  184. | bl.nszones.com - FAIL
  185. | l2.apews.org - FAIL
  186. | list.quorum.to - FAIL
  187. | all.spamrats.com - FAIL
  188. | bl.spamcop.net - FAIL
  189. | spam.dnsbl.sorbs.net - FAIL
  190. |_ sbl.spamhaus.org - FAIL
  191. | dns-zeustracker:
  192. |_ ERROR: DNS Query failed
  193. |_asn-query: No Servers
  194. |_whois: See the result for 157.150.185.55.
  195. |_path-mtu: PMTU == 1500
  196. | ip-geolocation-geoplugin:
  197. | 157.150.34.43
  198. | coordinates (lat,lon): 40.752799987793,-73.972503662109
  199. |_ state: New York, United States
  200. | firewalk:
  201. | HOP HOST PROTOCOL BLOCKED PORTS
  202. |_1 127.0.0.1 tcp 23,139,445,3389
  203. | ip-geolocation-geobytes:
  204. | 157.150.34.43
  205. | coordinates (lat,lon): 40.7488,-73.9846
  206. |_ city: New York, New York, United States
  207. |_ipidseq: Unknown [used port 80]
  208. | qscan:
  209. | PORT FAMILY MEAN (us) STDDEV LOSS (%)
  210. | 21 0 2207039.30 141741.93 0.0%
  211. | 80 1 401146.80 46385.79 0.0%
  212. |_443 1 376206.90 23007.01 0.0%
  213.  
  214. TRACEROUTE (using port 22/tcp)
  215. HOP RTT ADDRESS
  216. 1 0.24 ms 192.168.140.2
  217. 2 32.85 ms webmaildr.un.org (157.150.34.43)
  218. Final times for host: srtt: 379122 rttvar: 464954 to: 1250000
  219.  
  220. New targets in the scanned cache: 0, pending ones: 0.
  221. NSE: Script Post-scanning.
  222. NSE: Starting runlevel 1 (of 4) scan.
  223. NSE: Starting 'reverse-index' (thread: 0xa9b0798).
  224. Initiating NSE at 05:35
  225. NSE: Finished 'reverse-index' (thread: 0xa9b0798).
  226. Completed NSE at 05:35, 0.00s elapsed
  227. NSE: Starting runlevel 2 (of 4) scan.
  228. NSE: Starting runlevel 3 (of 4) scan.
  229. NSE: Starting runlevel 4 (of 4) scan.
  230. Post-scan script results:
  231. | reverse-index:
  232. | 80/tcp: 157.150.185.55, 157.150.34.43
  233. |_ 443/tcp: 157.150.185.55, 157.150.34.43
  234. Read from /usr/local/bin/../share/nmap: nmap-os-db nmap-payloads nmap-protocols nmap-rpc nmap-service-probes nmap-services.
  235. OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  236. Nmap done: 8 IP addresses (8 hosts up) scanned in 4582.56 seconds
  237. Raw packets sent: 3689 (178.378KB) | Rcvd: 2061 (145.558KB)
RAW Paste Data