Advertisement
Guest User

Untitled

a guest
Jul 25th, 2017
405
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.17 KB | None | 0 0
  1. Spoofing MAC address 2E:B1:1F:6A:B3:63 (No registered vendor)
  2. # Nmap 6.47 scan initiated Sun Jul 23 2017 as:
  3.  
  4. nmap -sVS --version-intensity 9 -T4 --spoof-mac 0 --top-ports 5000 -n -vv -f --data-length 0 --source-port 20 --reason -O --osscan-guess -oN /tmp/berlusconi --script dns-*,banner,whois-ip,http-sitemap-generator,http-errors,http-exif-spider,http-headers,http-passwd,http-robots.txt,http-stored-xss,http-vhosts,http-waf-detect,http-waf-fingerprint 185.61.137.160
  5.  
  6. Nmap scan report for 185.61.137.160
  7. Host is up, received echo-reply (0.044s latency).
  8. Scanned at 2017-07-23 CDT for 287s
  9. Not shown: 4237 closed ports
  10. Reason: 4237 resets
  11. PORT STATE SERVICE REASON VERSION
  12. 22/tcp open ssh syn-ack (protocol 2.0)
  13. |_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
  14. 23/tcp filtered telnet no-response
  15. 445/tcp filtered microsoft-ds no-response
  16. 3306/tcp open mysql syn-ack MySQL (unauthorized)
  17. | banner: E\x00\x00\x00\xFFj\x04Host 'XX.XX.XX.XX' is not allowed to con
  18. |_nect to this MySQL server
  19. 8080/tcp open http syn-ack nginx
  20. | http-errors:
  21. | Spidering limited to: maxpagecount=40; withinhost=185.61.137.160
  22. | Found the following error pages:
  23. |
  24. | Error Code: 404
  25. | http://185.61.137.160:8080/?c=users&a=recover
  26. |
  27. | Error Code: 404
  28. | http://185.61.137.160:8080/?c=users&a=doLogin
  29. |
  30. | Error Code: 404
  31. |_ http://185.61.137.160:8080/?c=users&a=doRegister
  32. | http-headers:
  33. | Server: nginx
  34. | Date: Sun, 23 Jul 2017 10:10:11 GMT
  35. | Content-Type: text/html; charset=UTF-8
  36. | Transfer-Encoding: chunked
  37. | Connection: close
  38. | Set-Cookie: admin=k1s768ilbc24nv32asmqreslt6; path=/; HttpOnly
  39. | Expires: Sun, 23 Jul 2017 11:10:11 GMT
  40. | Cache-Control: max-age=3600
  41. | Pragma: no-cache
  42. | Cache-Control: public
  43. | Pragma: public
  44. |
  45. |_ (Request type: GET)
  46. | http-sitemap-generator:
  47. | Directory structure:
  48. | /
  49. | Other: 2
  50. | /css/
  51. | css: 3
  52. | /img/
  53. | jpg: 1
  54. | Longest directory structure:
  55. | Depth: 1
  56. | Dir: /css/
  57. | Total files found (by extension):
  58. |_ Other: 2; css: 3; jpg: 1
  59. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
  60. | http-vhosts:
  61. | 56 names had status ERROR
  62. |_71 names had status 302
  63. |_http-waf-detect: [ERROR] HTTP request table is empty. This should not ever happen because we at least made one request.
  64. 8081/tcp open http syn-ack nginx
  65. | http-errors:
  66. | Spidering limited to: maxpagecount=40; withinhost=185.61.137.160
  67. | Found the following error pages:
  68. |
  69. | Error Code: 404
  70. | http://185.61.137.160:8081/?c=users&a=register
  71. |
  72. | Error Code: 404
  73. |_ http://185.61.137.160:8081/?c=admin&a=doLogin
  74. | http-headers:
  75. | Server: nginx
  76. | Date: Sun, 23 Jul 2017 10:09:29 GMT
  77. | Content-Type: text/html; charset=UTF-8
  78. | Connection: close
  79. | Set-Cookie: admin=dtleepjpvn19cfte9g005i18t7; path=/; HttpOnly
  80. | Expires: Thu, 19 Nov 1981 08:52:00 GMT
  81. | Cache-Control: no-store, no-cache, must-revalidate
  82. | Pragma: no-cache
  83. |
  84. |_ (Request type: HEAD)
  85. | http-sitemap-generator:
  86. | Directory structure:
  87. | /
  88. | Other: 1
  89. | /css/
  90. | css: 3
  91. | Longest directory structure:
  92. | Depth: 1
  93. | Dir: /css/
  94. | Total files found (by extension):
  95. |_ Other: 1; css: 3
  96. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
  97. | http-vhosts:
  98. | 64 names had status 200
  99. |_63 names had status ERROR
  100. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
  101. SF-Port22-TCP:V=6.47%I=9%D=7/23%Time=59747596%P=arm-unknown-linux-gnueabih
  102. SF:f%r(NULL,29,"SSH-2\.0-OpenSSH_7\.2p2\x20Ubuntu-4ubuntu2\.2\r\n");
  103. Device type: general purpose
  104. Running: Linux 3.X
  105. OS CPE: cpe:/o:linux:linux_kernel:3
  106. OS details: Linux 3.11 - 3.14
  107. TCP/IP fingerprint:
  108. OS:SCAN(V=6.47%E=4%D=7/23%OT=22%CT=1%CU=41695%PV=N%DS=11%DC=I%G=N%TM=597476
  109. OS:15%P=arm-unknown-linux-gnueabihf)SEQ(SP=108%GCD=1%ISR=107%TI=Z%CI=I%TS=8
  110. OS:)OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B
  111. OS:4ST11NW7%O6=M5B4ST11)WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120
  112. OS:)ECN(R=Y%DF=Y%T=3C%W=7210%O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=3C%S=O%A=S+
  113. OS:%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=3C%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  114. OS:T5(R=Y%DF=Y%T=3C%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=3D%W=0%S=A%A
  115. OS:=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=3C%IPL=164%UN=0%RIPL=G%RID=G%RIPC
  116. OS:K=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=3D%CD=S)
  117.  
  118. Uptime guess: 10.169 days (since Thu Jul 13 01:07:15 2017)
  119. Network Distance: 11 hops
  120. TCP Sequence Prediction: Difficulty=264 (Good luck!)
  121. IP ID Sequence Generation: All zeros
  122.  
  123. Host script results:
  124. | dns-blacklist:
  125. | SPAM
  126. |_ bl.nszones.com - SPAM
  127. |_dns-brute: Can't guess domain of "185.61.137.160"; use dns-brute.domain script argument.
  128. |_whois-ip: ERROR: Script execution failed (use -d to debug)
  129.  
  130. Read data files from: /usr/bin/../share/nmap
  131. OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  132. # Nmap done at Sun Jul 23 2017 -- 1 IP address (1 host up) scanned in 292.95 seconds
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement