Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Twitter- @WaveAnonops
- irc.voxanon.org
- #oppedochat
- ---------------------------------------------------------------------------
- + Target IP: 78.41.201.14
- + Target Hostname: 007gayboys.com
- + Target Port: 80
- + Start Time: 2012-07-12 15:27:34
- ---------------------------------------------------------------------------
- + Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
- + Retrieved x-powered-by header: PHP/5.3.13
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + robots.txt contains 2 entries which should be manually viewed.
- + mod_ssl/2.2.22 appears to be outdated (current is at least 2.8.31) (may depend on server version)
- + Number of sections in the version string differ from those in the database, the server reports: openssl/1.0.0-fips while the database has: 1.0.0.100. This may cause false positives.
- + OpenSSL/1.0.0-fips appears to be outdated (current is at least 1.0.0d). OpenSSL 0.9.8r is also current.
- + FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version)
- + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html
- + mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). CVE-2002-0082, OSVDB-756.
- + OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
- + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-3931: /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-4598: /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-3092: /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals: We seem to have authoring access to the FrontPage web.
- + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
- + OSVDB-3233: /postinfo.html: Microsoft FrontPage default file found.
- + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
- + OSVDB-3268: /_vti_bin/: Directory indexing found.
- + OSVDB-3233: /_vti_bin/: FrontPage directory found.
- + OSVDB-3233: /_vti_inf.html: FrontPage/SharePoint is installed and reveals its version number (check HTML source for more information).
- + OSVDB-3268: /images/: Directory indexing found.
- + OSVDB-3268: /images/?pattern=/etc/*&sort=name: Directory indexing found.
- + OSVDB-3093: /FCKeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /Script/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /sites/all/modules/fckeditor/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /modules/fckeditor/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /class/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /inc/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3093: /sites/all/libraries/fckeditor/editor/filemanager/browser/default/connectors/test.html: FCKeditor could allow files to be updated or edited by remote attackers.
- + OSVDB-3092: /xmlrpc.php: xmlrpc.php was found.
- + /ampache/update.php: Ampache update page is visible.
- + /wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version
- + OSVDB-62684: /wp-content/plugins/hello.php: The WordPress hello.php plugin reveals a file system path
- + /readme.html: This WordPress file reveals the installed version.
- + OSVDB-3092: /license.txt: License file found may identify site software.
- + /wordpress/: A Wordpress installation was found.
- + 6448 items checked: 32 error(s) and 44 item(s) reported on remote host
- + End Time: 2012-07-12 16:00:00 (1946 seconds)
- -------------------------------------------------------------------------------------
- DNS Servers for 007gayboys.com:
- ns2.teenboyswank.com
- ns1.teenboyswank.com
- DNS Server informational Bruteforce:
- 78.41.201.14 ftp.007gayboys.com
- 78.41.201.14 mail.007gayboys.com
- 127.0.0.1 localhost.007gayboys.com
- 78.41.201.14 webmail.007gayboys.com
- 78.41.201.14 www.007gayboys.com
- Subnets:
- 127.0.0.0-255 : 1 hostnames found.
- 78.41.201.0-255 : 4 hostnames found.
- -----------------------------------------------------------------
- Ports:
- Discovered open port 80/tcp on 78.41.201.14
- Discovered open port 993/tcp on 78.41.201.14
- Discovered open port 995/tcp on 78.41.201.14
- Discovered open port 53/tcp on 78.41.201.14
- Discovered open port 587/tcp on 78.41.201.14
- Discovered open port 443/tcp on 78.41.201.14
- Discovered open port 22/tcp on 78.41.201.14
- Discovered open port 3306/tcp on 78.41.201.14
- Discovered open port 21/tcp on 78.41.201.14
- Discovered open port 143/tcp on 78.41.201.14
- Discovered open port 110/tcp on 78.41.201.14
- Discovered open port 25/tcp on 78.41.201.14
- Discovered open port 465/tcp on 78.41.201.14
- -------------------------------------------------------------------
- Domain whois:
- Registrant:
- LLU Media
- 6 Lunton Walk
- Lanarkshire
- Lansborough, lan PO BOX 495
- GB
- 01612027654
- Domain Name: 007GAYBOYS.COM
- Administrative Contact:
- Moore, Tom
- 6 Lunton Walk
- Lanarkshire
- Lansborough, lan PO BOX 495
- GB
- 01612027654
- Technical Contact:
- Moore, Tom
- 6 Lunton Walk
- Lanarkshire
- Lansborough, lan PO BOX 495
- GB
- 01612027654
- Record last updated 07-04-2012 06:10:47 PM
- Record expires on 10-20-2012
- Record created on 10-20-2010
- -----------------------------------------------------------------------
- #We are Anonymous
- #We are legion
- #We do not forgive
- #We do not forget
- #Expect us
- #OpPedoChat
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement