API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 19th, 2017
1,695
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.69 KB | None | 0 0
raw download clone embed print report
  1. ___ __ __
  2. / _ \ _ __ | \/ |_ _ __ _ _ __ _ __ ___ __ _ _ __
  3. | | | | '_ \| |\/| | | | |/ _` | '_ \| '_ ` _ \ / _` | '__|
  4. | |_| | |_) | | | | |_| | (_| | | | | | | | | | (_| | |
  5. \___/| .__/|_| |_|\__, |\__,_|_| |_|_| |_| |_|\__,_|_|
  6. |_| |___/
  7.  
  8.  
  9. Domain: http://www.mofa.gov.mm/
  10. Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3
  11. IP: 203.81.89.184
  12.  
  13. E-mails:
  14.  
  15. | [+] E-mail Found: embassymyanmar.brunet@gmail.com
  16. | [+] E-mail Found: myanmarmission@verizon.net
  17. | [+] E-mail Found: myanmarembassybkk@gmail.com
  18. | [+] E-mail Found: general@myanmarembassylondon.com
  19. | [+] E-mail Found: myanmar@cbn.net.id
  20. | [+] E-mail Found: mmevte@laotel.com
  21. | [+] E-mail Found: mebrussels@skynet.be
  22. | [+] E-mail Found: pyi.thayar@verizon.net
  23. | [+] E-mail Found: yanmar@kotis.net
  24. | [+] E-mail Found: info@myanmarembassy.com
  25. | [+] E-mail Found: myancghk@biznetvigator.com
  26. | [+] E-mail Found: myanmaremb@wlink.com.np
  27. | [+] E-mail Found: pokleco@mehanoi.org
  28. | [+] E-mail Found: office@mehanoi.org
  29. | [+] E-mail Found: myanbel@sezampro.rs
  30. | [+] E-mail Found: myancgla@gmail.com
  31. | [+] E-mail Found: email@myanmarembassy.ru
  32. | [+] E-mail Found: myanmarprmission2014@gmail.com
  33. | [+] E-mail Found: myanmarembassy@gmail.com
  34. | [+] E-mail Found: admin@myanmarembassy.ru
  35. | [+] E-mail Found: merome2010@gmail.com
  36. | [+] E-mail Found: myanmarembassykl@gmail.com
  37. | [+] E-mail Found: mission@myanmargeneva.org
  38. | [+] E-mail Found: meottawa@rogers.com
  39. | [+] E-mail Found: info@botschaft-myanmar.de
  40. | [+] E-mail Found: mcgkolcg@gmail.com
  41. | [+] E-mail Found: ambassador@myanmarembassy.sg
  42. | [+] E-mail Found: mynembdk@dhaka.net
  43. | [+] E-mail Found: myanmarmissionjakarta@gmail.com
  44. | [+] E-mail Found: consular@mehanoi.org
  45. | [+] E-mail Found: 109@gmail.com
  46. | [+] E-mail Found: myanlanka@gmail.com
  47. | [+] E-mail Found: webmaster@mofa.gov.mm
  48. | [+] E-mail Found: mogchiangmai@gmail.com
  49. | [+] E-mail Found: myanmarembassy.vienna@gmail.com
  50. | [+] E-mail Found: poleco@mehanoi.org
  51. | [+] E-mail Found: kevinh@kevcom.com
  52. | [+] E-mail Found: mebrasilia@gmail.com
  53. | [+] E-mail Found: contact@myanmar-embassy-tokyo.net
  54. | [+] E-mail Found: mcgkunming.cn@gmail.com
  55. | [+] E-mail Found: myandelhi@gmail.com
  56. | [+] E-mail Found: mike@hyperreal.org
  57. | [+] E-mail Found: mephnompenh@yahoo.com
  58. | [+] E-mail Found: myanmarembassyoslo@gmail.com
  59. | [+] E-mail Found: embassy-myanmarisb@yahoo.com
  60. | [+] E-mail Found: m@tidakada.com
  61. | [+] E-mail Found: embassy_myanmarisb@yahoo.com
  62. | [+] E-mail Found: me.manila@gmail.com
  63. | [+] E-mail Found: me-paris@wanadoo.fr
  64. | [+] E-mail Found: mecanberra@bigpond.com
  65. | [+] E-mail Found: visasection@rogers.com
  66.  
  67. PORT STATE SERVICE VERSION
  68. 80/tcp open http Apache httpd 2.2.15 ((CentOS) DAV/2 PHP/5.3.3)
  69. |_http-generator: WordPress 4.5.4
  70. | http-methods:
  71. |_ Supported Methods: GET HEAD POST OPTIONS
  72. |_http-server-header: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3
  73. |_http-title: MINISTRY OF FOREIGN AFFAIRS &raquo \xE1\x80\x95\xE1\x80\xBC\xE1\x80\x8A\xE1\x80\xBA\xE1\x80\x91\xE1\x80\xB1\xE1\x80\xAC\xE1\x80\x84\xE1\x80\xBA...
  74. 113/tcp closed ident
  75. 443/tcp closed https
  76. Device type: general purpose|storage-misc|firewall
  77. Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%)
  78. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel:4.0
  79. Aggressive OS guesses: Linux 2.6.32 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.39 (90%), Linux 3.10 (90%), Linux 2.6.32 or 3.10 (89%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.1 - 3.2 (88%), Linux 2.6.32 - 2.6.39 (88%), Linux 4.0 (85%)
  80. No exact OS matches for host (test conditions non-ideal).
  81. Uptime guess: 11.798 days (since Sat Jan 7 19:15:37 2017)
  82. Network Distance: 10 hops
  83. TCP Sequence Prediction: Difficulty=263 (Good luck!)
  84. IP ID Sequence Generation: All zeros
  85.  
  86. TRACEROUTE (using port 113/tcp)
  87. HOP RTT ADDRESS
  88. 1 91.08 ms 172.21.22.1
  89. 2 90.40 ms 81.171.68.225
  90. 3 87.57 ms 81.171.68.3
  91. 4 101.56 ms ae7-xcr1.mar.cw.net (195.2.31.241)
  92. 5 306.38 ms malaysiatele-gw-mar.cw.net (195.10.54.70)
  93. 6 ...
  94. 7 398.54 ms 1.9.244.218
  95. 8 401.96 ms 203.215.62.130
  96. 9 403.73 ms 203.81.90.17
  97. 10 395.17 ms 203.81.89.184
  98.  
  99.  
  100. [+] WordPress version 4.5.4 (Released on 2016-09-07) identified from advanced fingerprinting, meta generator, readme, links opml, stylesheets numbers
  101. [!] 6 vulnerabilities identified from the version number
  102.  
  103. [!] Title: WordPress 4.3-4.7 - Potential Remote Command Execution (RCE) in PHPMailer
  104. Reference: https://wpvulndb.com/vulnerabilities/8714
  105. Reference: https://www.wordfence.com/blog/2016/12/phpmailer-vulnerability/
  106. Reference: https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities
  107. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  108. [i] Fixed in: 4.5.5
  109.  
  110. [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
  111. Reference: https://wpvulndb.com/vulnerabilities/8716
  112. Reference: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
  113. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  114. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
  115. [i] Fixed in: 4.5.5
  116.  
  117. [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
  118. Reference: https://wpvulndb.com/vulnerabilities/8718
  119. Reference: https://www.mehmetince.net/low-severity-wordpress/
  120. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  121. Reference: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
  122. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
  123. [i] Fixed in: 4.7.1
  124.  
  125. [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
  126. Reference: https://wpvulndb.com/vulnerabilities/8719
  127. Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
  128. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  129. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
  130. [i] Fixed in: 4.7.1
  131.  
  132. [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
  133. Reference: https://wpvulndb.com/vulnerabilities/8720
  134. Reference: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
  135. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  136. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
  137. [i] Fixed in: 4.7.1
  138.  
  139. [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
  140. Reference: https://wpvulndb.com/vulnerabilities/8721
  141. Reference: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
  142. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  143. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
  144. [i] Fixed in: 4.7.1
  145.  
  146. [+] WordPress theme in use: easel - v3.0.8
  147.  
  148. [+] Name: easel - v3.0.8
  149. | Location: http://www.mofa.gov.mm/wp-content/themes/easel/
  150. | Readme: http://www.mofa.gov.mm/wp-content/themes/easel/readme.txt
  151. | Changelog: http://www.mofa.gov.mm/wp-content/themes/easel/changelog.txt
  152. | Style URL: http://www.mofa.gov.mm/wp-content/themes/easel/style.css
  153. | Theme Name: Easel
  154. | Theme URI: http://frumph.net/easel
  155. | Description: A very intuitively designed theme that has a very robust set of options, CSS entities and abiliti...
  156. | Author: Philip M. Hofer (Frumph)
  157. | Author URI: http://frumph.net
  158.  
  159. [+] Enumerating plugins from passive detection ...
  160. | 3 plugins found:
  161.  
  162. [+] Name: dropdown-menu-widget - v1.9.2
  163. | Location: http://www.mofa.gov.mm/wp-content/plugins/dropdown-menu-widget/
  164. | Readme: http://www.mofa.gov.mm/wp-content/plugins/dropdown-menu-widget/readme.txt
  165. [!] The version is out of date, the latest version is 1.9.4
  166.  
  167. [!] Title: Dropdown Menu Widget 1.9.1 - Script Insertion CSRF
  168. Reference: https://wpvulndb.com/vulnerabilities/6863
  169. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2704
  170. Reference: https://secunia.com/advisories/52958/
  171.  
  172. [+] Name: slideshow-jquery-image-gallery - v2.2.18
  173. | Location: http://www.mofa.gov.mm/wp-content/plugins/slideshow-jquery-image-gallery/
  174. | Readme: http://www.mofa.gov.mm/wp-content/plugins/slideshow-jquery-image-gallery/readme.txt
  175. [!] The version is out of date, the latest version is 2.3.1
  176.  
  177. [!] Title: Slideshow 2.2.8-2.2.21 - Option Value Disclosure
  178. Reference: https://wpvulndb.com/vulnerabilities/7956
  179. Reference: https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04
  180. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3634
  181. [i] Fixed in: 2.2.22
  182.  
  183. [+] Name: tw-recent-posts-widget - v1.0.3
  184. | Location: http://www.mofa.gov.mm/wp-content/plugins/tw-recent-posts-widget/
  185. | Readme: http://www.mofa.gov.mm/wp-content/plugins/tw-recent-posts-widget/readme.txt
  186. [!] The version is out of date, the latest version is 1.0.5
  187.  
  188. [+] Identified the following 1 user/s:
  189. +----+-----------+-----------------------------+
  190. | Id | Login | Name |
  191. +----+-----------+-----------------------------+
  192. | 1 | adminmofa | MINISTRY OF FOREIGN AFFAIRS |
  193. +----+-----------+-----------------------------+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!