Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- login page: http://www.moh.gov.gr/admin/login.php?
- root@kali:~# nmap -v 93.174.122.202
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-15 21:41 EET
- Initiating Ping Scan at 21:41
- Scanning 93.174.122.202 [4 ports]
- Completed Ping Scan at 21:41, 0.23s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 21:41
- Completed Parallel DNS resolution of 1 host. at 21:41, 0.04s elapsed
- Initiating SYN Stealth Scan at 21:41
- Scanning moh.gov.gr (93.174.122.202) [1000 ports]
- Discovered open port 25/tcp on 93.174.122.202
- Discovered open port 80/tcp on 93.174.122.202
- Discovered open port 21/tcp on 93.174.122.202
- Completed SYN Stealth Scan at 21:41, 12.85s elapsed (1000 total ports)
- Nmap scan report for moh.gov.gr (93.174.122.202)
- Host is up (0.060s latency).
- Not shown: 997 filtered ports
- PORT STATE SERVICE
- 21/tcp open ftp
- 25/tcp open smtp
- 80/tcp open http
- Read data files from: /usr/bin/../share/nmap
- Nmap done: 1 IP address (1 host up) scanned in 13.27 seconds
- Raw packets sent: 2009 (88.372KB) | Rcvd: 12 (512B)
- root@kali:~# nikto -h 93.174.122.202
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 93.174.122.202
- + Target Hostname: 93.174.122.202
- + Target Port: 80
- + Start Time: 2017-12-15 21:43:05 (GMT2)
- ---------------------------------------------------------------------------
- + Server: Apache
- + Cookie PHPSESSID created without the httponly flag
- + Cookie smartshop_visitor created without the httponly flag
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Server leaks inodes via ETags, header found with file /style/favicon.ico, inode: 4333780, size: 1150, mtime: Mon Feb 14 15:36:43 2011
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + OSVDB-637: /~root/: Allowed to browse root's home directory.
- + /..\..\..\..\..\..\temp\temp.class: Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version.
- + OSVDB-5034: /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify.
- + OSVDB-3092: /new: This may be interesting...
- + OSVDB-3092: /new/: This might be interesting...
- + OSVDB-3092: /manual/: Web server manual found.
- + OSVDB-3268: /manual/images/: Directory indexing found.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-3233: /icons/README: Apache default file found.
- + OSVDB-3092: /gr/: This might be interesting... potential country code (Greece)
- + /admin/login.php: Admin login page/section found.
- + /administraçao.php: Admin login page/section found.
- + /administraçao/: Admin login page/section found.
- + /adminisztrátora.php: Admin login page/section found.
- + /adminisztrátora/: Admin login page/section found.
- + OSVDB-637: /~ftp/: Allowed to browse ftp user's home directory.
- + 8667 requests: 5 error(s) and 25 item(s) reported on remote host
- + End Time: 2017-12-15 22:02:27 (GMT2) (1162 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-15 21:59 EET
- NSE: Loaded 146 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 21:59
- Completed NSE at 21:59, 0.00s elapsed
- Initiating NSE at 21:59
- Completed NSE at 21:59, 0.00s elapsed
- Initiating Ping Scan at 21:59
- Scanning 93.174.122.202 [4 ports]
- Completed Ping Scan at 21:59, 0.22s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 21:59
- Completed Parallel DNS resolution of 1 host. at 21:59, 0.05s elapsed
- Initiating SYN Stealth Scan at 21:59
- Scanning moh.gov.gr (93.174.122.202) [1000 ports]
- Discovered open port 25/tcp on 93.174.122.202
- Discovered open port 80/tcp on 93.174.122.202
- Discovered open port 21/tcp on 93.174.122.202
- Completed SYN Stealth Scan at 21:59, 11.36s elapsed (1000 total ports)
- Initiating Service scan at 21:59
- Scanning 3 services on moh.gov.gr (93.174.122.202)
- Completed Service scan at 22:00, 6.30s elapsed (3 services on 1 host)
- Initiating OS detection (try #1) against moh.gov.gr (93.174.122.202)
- adjust_timeouts2: packet supposedly had rtt of -226186 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -226186 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -205358 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -205358 microseconds. Ignoring time.
- Retrying OS detection (try #2) against moh.gov.gr (93.174.122.202)
- Initiating Traceroute at 22:00
- Completed Traceroute at 22:00, 0.28s elapsed
- Initiating Parallel DNS resolution of 12 hosts. at 22:00
- Completed Parallel DNS resolution of 12 hosts. at 22:00, 0.28s elapsed
- NSE: Script scanning 93.174.122.202.
- Initiating NSE at 22:00
- Completed NSE at 22:00, 8.54s elapsed
- Initiating NSE at 22:00
- Completed NSE at 22:00, 0.00s elapsed
- Nmap scan report for moh.gov.gr (93.174.122.202)
- Host is up (0.047s latency).
- Not shown: 997 filtered ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD 1.3.4a
- 25/tcp open smtp Postfix smtpd
- |_smtp-commands: moh.gov.gr, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, AUTH PLAIN LOGIN, AUTH=PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
- | ssl-cert: Subject: commonName=moh.gov.gr
- | Issuer: commonName=moh.gov.gr
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha1WithRSAEncryption
- | Not valid before: 2015-07-09T19:36:00
- | Not valid after: 2025-07-06T19:36:00
- | MD5: ae48 e1c0 922a ab04 cb89 e584 1b7c 9a52
- |_SHA-1: 067f b581 ce38 c864 8b39 2f96 6ed1 2728 0ea6 70a7
- |_ssl-date: 2017-12-15T20:00:00+00:00; -9s from scanner time.
- 80/tcp open http Apache httpd
- | http-cookie-flags:
- | /:
- | PHPSESSID:
- |_ httponly flag not set
- |_http-favicon: Unknown favicon MD5: 8368E8120D2FEC1DD502DA152199D04D
- |_http-generator: Datahost CMS
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- |_http-server-header: Apache
- |_http-title: \xCE\xA5\xCF\x80\xCE\xBF\xCF\x85\xCF\x81\xCE\xB3\xCE\xB5\xCE\xAF\xCE\xBF \xCE\xA5\xCE\xB3\xCE\xB5\xCE\xAF\xCE\xB1\xCF\x82
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 3.X (86%)
- OS CPE: cpe:/o:linux:linux_kernel:3
- Aggressive OS guesses: Linux 3.2 - 3.8 (86%), Linux 3.8 (86%), Linux 3.1 - 3.2 (86%), Linux 3.2.0 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Uptime guess: 74.457 days (since Mon Oct 2 12:02:20 2017)
- Network Distance: 12 hops
- TCP Sequence Prediction: Difficulty=264 (Good luck!)
- IP ID Sequence Generation: All zeros
- Service Info: Host: moh.gov.gr; OS: Unix
- Host script results:
- |_clock-skew: mean: -9s, deviation: 0s, median: -9s
- TRACEROUTE (using port 25/tcp)
- HOP RTT ADDRESS
- 1 263.68 ms dsldevice.lan (192.168.1.254)
- 2 84.25 ms loopback2004.med01.dsl.hol.gr (62.38.0.170)
- 3 84.58 ms 62.38.40.221
- 4 80.78 ms 62.38.97.158
- 5 84.56 ms 62.38.37.89
- 6 84.38 ms 62.38.36.182
- 7 84.27 ms tengigaeth00-07-00-00.med00.csr.hol.gr (62.38.94.98)
- 8 261.45 ms 195.97.13.20
- 9 26.05 ms 31.177.56.100
- 10 24.30 ms nohost.iphost.gr (93.174.120.134)
- 11 55.60 ms 122-116.eport.gr (93.174.122.116)
- 12 75.36 ms moh.gov.gr (93.174.122.202)
- NSE: Script Post-scanning.
- Initiating NSE at 22:00
- Completed NSE at 22:00, 0.00s elapsed
- Initiating NSE at 22:00
- Completed NSE at 22:00, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 33.55 seconds
- Raw packets sent: 2114 (97.514KB) | Rcvd: 2422 (1.349MB)
- HostIP:93.174.122.202
- HostName:moh.gov.gr
- Gathered Inet-whois information for 93.174.122.202
- ---------------------------------
- inetnum: 93.174.122.192 - 93.174.122.223
- netname: Datahost-IPs
- country: GR
- admin-c: TC1881-RIPE
- tech-c: TC1881-RIPE
- status: ASSIGNED PA
- mnt-by: IPHOST-MNT
- mnt-by: MNT-XT
- created: 2016-08-29T15:50:23Z
- last-modified: 2016-08-29T15:50:23Z
- source: RIPE
- person: Toulkaridis Charalampos
- address: Terpsitheas 18
- mnt-by: MNT-XT
- phone: +302105445900
- nic-hdl: TC1881-RIPE
- created: 2008-05-17T14:02:52Z
- last-modified: 2008-06-23T11:37:16Z
- source: RIPE
- % Information related to '93.174.120.0/21AS47521'
- route: 93.174.120.0/21
- descr: .GR IpDomain DataCenter
- origin: AS47521
- mnt-by: MNT-XT
- created: 2008-07-02T08:14:29Z
- last-modified: 2008-07-02T08:14:29Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.90 (BLAARKOP)
- Gathered Inic-whois information for moh.gov.gr
- ---------------------------------
- ERROR: Unable to locate Name Whois data on moh.gov.gr
- Gathered Netcraft information for moh.gov.gr
- ---------------------------------
- Retrieving Netcraft.com information for moh.gov.gr
- Netcraft.com Information gathered
- Gathered Subdomain information for moh.gov.gr
- ---------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 possible subdomain(s) for host moh.gov.gr, Searched 0 pages containing 0 results
- Gathered E-Mail information for moh.gov.gr
- ---------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host moh.gov.gr, Searched 0 pages containing 0 results
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement