Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ___ __ __
- / _ \ _ __ | \/ |_ _ __ _ _ __ _ __ ___ __ _ _ __
- | | | | '_ \| |\/| | | | |/ _` | '_ \| '_ ` _ \ / _` | '__|
- | |_| | |_) | | | | |_| | (_| | | | | | | | | | (_| | |
- \___/| .__/|_| |_|\__, |\__,_|_| |_|_| |_| |_|\__,_|_|
- |_| |___/
- Domain: http://www.mofa.gov.mm/
- Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3
- IP: 203.81.89.184
- E-mails:
- | [+] E-mail Found: embassymyanmar.brunet@gmail.com
- | [+] E-mail Found: myanmarmission@verizon.net
- | [+] E-mail Found: myanmarembassybkk@gmail.com
- | [+] E-mail Found: general@myanmarembassylondon.com
- | [+] E-mail Found: myanmar@cbn.net.id
- | [+] E-mail Found: mmevte@laotel.com
- | [+] E-mail Found: mebrussels@skynet.be
- | [+] E-mail Found: pyi.thayar@verizon.net
- | [+] E-mail Found: yanmar@kotis.net
- | [+] E-mail Found: info@myanmarembassy.com
- | [+] E-mail Found: myancghk@biznetvigator.com
- | [+] E-mail Found: myanmaremb@wlink.com.np
- | [+] E-mail Found: pokleco@mehanoi.org
- | [+] E-mail Found: office@mehanoi.org
- | [+] E-mail Found: myanbel@sezampro.rs
- | [+] E-mail Found: myancgla@gmail.com
- | [+] E-mail Found: email@myanmarembassy.ru
- | [+] E-mail Found: myanmarprmission2014@gmail.com
- | [+] E-mail Found: myanmarembassy@gmail.com
- | [+] E-mail Found: admin@myanmarembassy.ru
- | [+] E-mail Found: merome2010@gmail.com
- | [+] E-mail Found: myanmarembassykl@gmail.com
- | [+] E-mail Found: mission@myanmargeneva.org
- | [+] E-mail Found: meottawa@rogers.com
- | [+] E-mail Found: info@botschaft-myanmar.de
- | [+] E-mail Found: mcgkolcg@gmail.com
- | [+] E-mail Found: ambassador@myanmarembassy.sg
- | [+] E-mail Found: mynembdk@dhaka.net
- | [+] E-mail Found: myanmarmissionjakarta@gmail.com
- | [+] E-mail Found: consular@mehanoi.org
- | [+] E-mail Found: 109@gmail.com
- | [+] E-mail Found: myanlanka@gmail.com
- | [+] E-mail Found: webmaster@mofa.gov.mm
- | [+] E-mail Found: mogchiangmai@gmail.com
- | [+] E-mail Found: myanmarembassy.vienna@gmail.com
- | [+] E-mail Found: poleco@mehanoi.org
- | [+] E-mail Found: kevinh@kevcom.com
- | [+] E-mail Found: mebrasilia@gmail.com
- | [+] E-mail Found: contact@myanmar-embassy-tokyo.net
- | [+] E-mail Found: mcgkunming.cn@gmail.com
- | [+] E-mail Found: myandelhi@gmail.com
- | [+] E-mail Found: mike@hyperreal.org
- | [+] E-mail Found: mephnompenh@yahoo.com
- | [+] E-mail Found: myanmarembassyoslo@gmail.com
- | [+] E-mail Found: embassy-myanmarisb@yahoo.com
- | [+] E-mail Found: m@tidakada.com
- | [+] E-mail Found: embassy_myanmarisb@yahoo.com
- | [+] E-mail Found: me.manila@gmail.com
- | [+] E-mail Found: me-paris@wanadoo.fr
- | [+] E-mail Found: mecanberra@bigpond.com
- | [+] E-mail Found: visasection@rogers.com
- PORT STATE SERVICE VERSION
- 80/tcp open http Apache httpd 2.2.15 ((CentOS) DAV/2 PHP/5.3.3)
- |_http-generator: WordPress 4.5.4
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- |_http-server-header: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3
- |_http-title: MINISTRY OF FOREIGN AFFAIRS » \xE1\x80\x95\xE1\x80\xBC\xE1\x80\x8A\xE1\x80\xBA\xE1\x80\x91\xE1\x80\xB1\xE1\x80\xAC\xE1\x80\x84\xE1\x80\xBA...
- 113/tcp closed ident
- 443/tcp closed https
- Device type: general purpose|storage-misc|firewall
- Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel:4.0
- Aggressive OS guesses: Linux 2.6.32 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.39 (90%), Linux 3.10 (90%), Linux 2.6.32 or 3.10 (89%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.1 - 3.2 (88%), Linux 2.6.32 - 2.6.39 (88%), Linux 4.0 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Uptime guess: 11.798 days (since Sat Jan 7 19:15:37 2017)
- Network Distance: 10 hops
- TCP Sequence Prediction: Difficulty=263 (Good luck!)
- IP ID Sequence Generation: All zeros
- TRACEROUTE (using port 113/tcp)
- HOP RTT ADDRESS
- 1 91.08 ms 172.21.22.1
- 2 90.40 ms 81.171.68.225
- 3 87.57 ms 81.171.68.3
- 4 101.56 ms ae7-xcr1.mar.cw.net (195.2.31.241)
- 5 306.38 ms malaysiatele-gw-mar.cw.net (195.10.54.70)
- 6 ...
- 7 398.54 ms 1.9.244.218
- 8 401.96 ms 203.215.62.130
- 9 403.73 ms 203.81.90.17
- 10 395.17 ms 203.81.89.184
- [+] WordPress version 4.5.4 (Released on 2016-09-07) identified from advanced fingerprinting, meta generator, readme, links opml, stylesheets numbers
- [!] 6 vulnerabilities identified from the version number
- [!] Title: WordPress 4.3-4.7 - Potential Remote Command Execution (RCE) in PHPMailer
- Reference: https://wpvulndb.com/vulnerabilities/8714
- Reference: https://www.wordfence.com/blog/2016/12/phpmailer-vulnerability/
- Reference: https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- [i] Fixed in: 4.5.5
- [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
- Reference: https://wpvulndb.com/vulnerabilities/8716
- Reference: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
- [i] Fixed in: 4.5.5
- [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
- Reference: https://wpvulndb.com/vulnerabilities/8718
- Reference: https://www.mehmetince.net/low-severity-wordpress/
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Reference: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
- [i] Fixed in: 4.7.1
- [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
- Reference: https://wpvulndb.com/vulnerabilities/8719
- Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
- [i] Fixed in: 4.7.1
- [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
- Reference: https://wpvulndb.com/vulnerabilities/8720
- Reference: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
- [i] Fixed in: 4.7.1
- [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- Reference: https://wpvulndb.com/vulnerabilities/8721
- Reference: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
- Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
- [i] Fixed in: 4.7.1
- [+] WordPress theme in use: easel - v3.0.8
- [+] Name: easel - v3.0.8
- | Location: http://www.mofa.gov.mm/wp-content/themes/easel/
- | Readme: http://www.mofa.gov.mm/wp-content/themes/easel/readme.txt
- | Changelog: http://www.mofa.gov.mm/wp-content/themes/easel/changelog.txt
- | Style URL: http://www.mofa.gov.mm/wp-content/themes/easel/style.css
- | Theme Name: Easel
- | Theme URI: http://frumph.net/easel
- | Description: A very intuitively designed theme that has a very robust set of options, CSS entities and abiliti...
- | Author: Philip M. Hofer (Frumph)
- | Author URI: http://frumph.net
- [+] Enumerating plugins from passive detection ...
- | 3 plugins found:
- [+] Name: dropdown-menu-widget - v1.9.2
- | Location: http://www.mofa.gov.mm/wp-content/plugins/dropdown-menu-widget/
- | Readme: http://www.mofa.gov.mm/wp-content/plugins/dropdown-menu-widget/readme.txt
- [!] The version is out of date, the latest version is 1.9.4
- [!] Title: Dropdown Menu Widget 1.9.1 - Script Insertion CSRF
- Reference: https://wpvulndb.com/vulnerabilities/6863
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2704
- Reference: https://secunia.com/advisories/52958/
- [+] Name: slideshow-jquery-image-gallery - v2.2.18
- | Location: http://www.mofa.gov.mm/wp-content/plugins/slideshow-jquery-image-gallery/
- | Readme: http://www.mofa.gov.mm/wp-content/plugins/slideshow-jquery-image-gallery/readme.txt
- [!] The version is out of date, the latest version is 2.3.1
- [!] Title: Slideshow 2.2.8-2.2.21 - Option Value Disclosure
- Reference: https://wpvulndb.com/vulnerabilities/7956
- Reference: https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3634
- [i] Fixed in: 2.2.22
- [+] Name: tw-recent-posts-widget - v1.0.3
- | Location: http://www.mofa.gov.mm/wp-content/plugins/tw-recent-posts-widget/
- | Readme: http://www.mofa.gov.mm/wp-content/plugins/tw-recent-posts-widget/readme.txt
- [!] The version is out of date, the latest version is 1.0.5
- [+] Identified the following 1 user/s:
- +----+-----------+-----------------------------+
- | Id | Login | Name |
- +----+-----------+-----------------------------+
- | 1 | adminmofa | MINISTRY OF FOREIGN AFFAIRS |
- +----+-----------+-----------------------------+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement