#OpPedoChat website information- 007gayboys.com

1. Twitter- @WaveAnonops
2. irc.voxanon.org
3. #oppedochat
4.  
5.  
6. ---------------------------------------------------------------------------
7. + Target IP: 78.41.201.14
8. + Target Hostname: 007gayboys.com
9. + Target Port: 80
10. + Start Time: 2012-07-12 15:27:34
11. ---------------------------------------------------------------------------
12. + Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
13. + Retrieved x-powered-by header: PHP/5.3.13
14. + No CGI Directories found (use '-C all' to force check all possible dirs)
15. + robots.txt contains 2 entries which should be manually viewed.
16.  
17. + mod_ssl/2.2.22 appears to be outdated (current is at least 2.8.31) (may depend on server version)
18.  
19. + Number of sections in the version string differ from those in the database, the server reports: openssl/1.0.0-fips while the database has: 1.0.0.100. This may cause false positives.
20. + OpenSSL/1.0.0-fips appears to be outdated (current is at least 1.0.0d). OpenSSL 0.9.8r is also current.
21.  
22. + FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version)
23.  
24. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
25.  
26. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
27.  
28. + FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html
29.  
30. + mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). CVE-2002-0082, OSVDB-756.
31.  
32. + OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
33.  
34. + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
35.  
36. + OSVDB-3931: /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
37.  
38. + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
39.  
40. + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
41.  
42. + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
43.  
44. + OSVDB-3092: /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals: We seem to have authoring access to the FrontPage web.
45.  
46. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
47.  
48. + OSVDB-3233: /postinfo.html: Microsoft FrontPage default file found.
49.  
50. + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
51.  
52. + OSVDB-12184: /some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
53.  
54. + OSVDB-12184: /some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
55.  
56. + OSVDB-12184: /some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
57.  
58. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
59.  
60. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
61.  
62. + OSVDB-3268: /_vti_bin/: Directory indexing found.
63.  
64. + OSVDB-3233: /_vti_bin/: FrontPage directory found.
65.  
66. + OSVDB-3233: /_vti_inf.html: FrontPage/SharePoint is installed and reveals its version number (check HTML source for more information).
67.  
68. + OSVDB-3268: /images/: Directory indexing found.
69.  
70. + OSVDB-3268: /images/?pattern=/etc/*&sort=name: Directory indexing found.
71.  
72. + OSVDB-3093: /FCKeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
73.  
74. + OSVDB-3093: /Script/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
75.  
76. + OSVDB-3093: /sites/all/modules/fckeditor/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
77.  
78. + OSVDB-3093: /modules/fckeditor/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
79.  
80. + OSVDB-3093: /class/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
81.  
82. + OSVDB-3093: /inc/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
83.  
84. + OSVDB-3093: /sites/all/libraries/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
85.  
86. + OSVDB-3092: /xmlrpc.php: xmlrpc.php was found.
87.  
88. + /ampache/update.php: Ampache update page is visible.
89.  
90. + /wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version
91.  
92. + OSVDB-62684: /wp-content/plugins/hello.php: The WordPress hello.php plugin reveals a file system path
93.  
94. + /readme.html: This WordPress file reveals the installed version.
95.  
96. + OSVDB-3092: /license.txt: License file found may identify site software.
97.  
98. + /wordpress/: A Wordpress installation was found.
99.  
100. + 6448 items checked: 32 error(s) and 44 item(s) reported on remote host
101. + End Time: 2012-07-12 16:00:00 (1946 seconds)
102. -------------------------------------------------------------------------------------
103. DNS Servers for 007gayboys.com:
104. ns2.teenboyswank.com
105. ns1.teenboyswank.com
106. DNS Server informational Bruteforce:
107. 78.41.201.14 ftp.007gayboys.com
108. 78.41.201.14 mail.007gayboys.com
109. 127.0.0.1 localhost.007gayboys.com
110. 78.41.201.14 webmail.007gayboys.com
111. 78.41.201.14 www.007gayboys.com
112. Subnets:
113. 127.0.0.0-255 : 1 hostnames found.
114. 78.41.201.0-255 : 4 hostnames found.
115. -----------------------------------------------------------------
116. Ports:
117. Discovered open port 80/tcp on 78.41.201.14
118. Discovered open port 993/tcp on 78.41.201.14
119. Discovered open port 995/tcp on 78.41.201.14
120. Discovered open port 53/tcp on 78.41.201.14
121. Discovered open port 587/tcp on 78.41.201.14
122. Discovered open port 443/tcp on 78.41.201.14
123. Discovered open port 22/tcp on 78.41.201.14
124. Discovered open port 3306/tcp on 78.41.201.14
125. Discovered open port 21/tcp on 78.41.201.14
126. Discovered open port 143/tcp on 78.41.201.14
127. Discovered open port 110/tcp on 78.41.201.14
128. Discovered open port 25/tcp on 78.41.201.14
129. Discovered open port 465/tcp on 78.41.201.14
130. -------------------------------------------------------------------
131. Domain whois:
132. Registrant:
133. LLU Media
134. 6 Lunton Walk
135. Lanarkshire
136. Lansborough, lan PO BOX 495
137. GB
138. 01612027654
139.  
140. Domain Name: 007GAYBOYS.COM
141.  
142. Administrative Contact:
143. Moore, Tom
144. 6 Lunton Walk
145. Lanarkshire
146. Lansborough, lan PO BOX 495
147. GB
148. 01612027654
149.  
150. Technical Contact:
151. Moore, Tom
152. 6 Lunton Walk
153. Lanarkshire
154. Lansborough, lan PO BOX 495
155. GB
156. 01612027654
157.  
158. Record last updated 07-04-2012 06:10:47 PM
159. Record expires on 10-20-2012
160. Record created on 10-20-2010
161. -----------------------------------------------------------------------
162. #We are Anonymous
163. #We are legion
164. #We do not forgive
165. #We do not forget
166. #Expect us
167. #OpPedoChat