SHARE
TWEET

Anonymous JTSEC #OpIcarus Full Recon #40

a guest Dec 30th, 2018 799 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. Nom de l'hôte  www.bch.hn      FAI     CABLECOLOR S.A.
  3. Continent   Amérique du Nord       Drapeau    
  4. HN
  5. Pays    Honduras        Code du pays    HN
  6. Région     Inconnu         Heure locale    30 Dec 2018 00:53 CST
  7. Ville   Inconnu         Code Postal     Inconnu
  8. Adresse IP  190.92.46.74        Latitude    15
  9.             Longitude   -86.5
  10. #######################################################################################################################################
  11. > www.bch.hn
  12. Server:     194.187.251.67
  13. Address:    194.187.251.67#53
  14.  
  15. Non-authoritative answer:
  16. Name:   www.bch.hn
  17. Address: 190.92.46.74
  18. >
  19. #######################################################################################################################################
  20.  
  21. HostIP:190.92.46.74
  22. HostName:www.bch.hn
  23.  
  24. Gathered Inet-whois information for 190.92.46.74
  25. ---------------------------------------------------------------------------------------------------------------------------------------
  26.  
  27.  
  28. Gathered Inic-whois information for bch.hn
  29. ---------------------------------------------------------------------------------------------------------------------------------------
  30.  
  31. Gathered Netcraft information for www.bch.hn
  32. ---------------------------------------------------------------------------------------------------------------------------------------
  33.  
  34. Retrieving Netcraft.com information for www.bch.hn
  35. Netcraft.com Information gathered
  36.  
  37. Gathered Subdomain information for bch.hn
  38. ---------------------------------------------------------------------------------------------------------------------------------------
  39. Searching Google.com:80...
  40. HostName:www.bch.hn
  41. HostIP:190.92.46.74
  42. Searching Altavista.com:80...
  43. Found 1 possible subdomain(s) for host bch.hn, Searched 0 pages containing 0 results
  44.  
  45. Gathered E-Mail information for bch.hn
  46. ---------------------------------------------------------------------------------------------------------------------------------------
  47. Searching Google.com:80...
  48. Searching Altavista.com:80...
  49. Found 0 E-Mail(s) for host bch.hn, Searched 0 pages containing 0 results
  50.  
  51. Gathered TCP Port information for 190.92.46.74
  52. ---------------------------------------------------------------------------------------------------------------------------------------
  53.  
  54.  Port       State
  55.  
  56. 80/tcp      open
  57.  
  58. Portscan Finished: Scanned 150 ports, 3 ports were in state closed
  59. #######################################################################################################################################
  60. [i] Scanning Site: http://190.92.46.74
  61.  
  62.  
  63.  
  64. B A S I C   I N F O
  65. =======================================================================================================================================
  66.  
  67.  
  68. [+] Site Title: Banco Central de Honduras - www.bch.hn
  69. [+] IP address: 190.92.46.74
  70. [+] Web Server: Apache
  71. [+] CMS: Could Not Detect
  72. [+] Cloudflare: Not Detected
  73. [+] Robots File: Found
  74.  
  75. -------------[ contents ]----------------  
  76. User-agent: *
  77. Disallow: /
  78.  
  79. -----------[end of contents]-------------
  80.  
  81.  
  82.  
  83. W H O I S   L O O K U P
  84. =======================================================================================================================================
  85.  
  86.    
  87. % Joint Whois - whois.lacnic.net
  88. %  This server accepts single ASN, IPv4 or IPv6 queries
  89.  
  90. % LACNIC resource: whois.lacnic.net
  91.  
  92.  
  93. % Copyright LACNIC lacnic.net
  94. %  The data below is provided for information purposes
  95. %  and to assist persons in obtaining information about or
  96. %  related to AS and IP numbers registrations
  97. %  By submitting a whois query, you agree to use this data
  98. %  only for lawful purposes.
  99. %  2018-12-30 05:04:51 (-02 -02:00)
  100.  
  101. inetnum:     190.92.46.72/29
  102. status:      reallocated
  103. owner:       EL ZAPATON
  104. ownerid:     HN-ELZA-LACNIC
  105. responsible: JOAQUIN MELENDEZ BONILLA
  106. address:     EL CENTRO, 3 AVENIDA, 1 Y 2 CALLE, CONTIGUO A REPOSTERIA LA PLATA ENFRENTE A HOTEL FORMOSA, PUERTO CORTES., ,
  107. address:      - PUERTO CORTES -
  108. country:     HN
  109. phone:       +504  26620886 []
  110. owner-c:     AIC17
  111. tech-c:      AIC17
  112. abuse-c:     AIC17
  113. created:     20151012
  114. changed:     20151012
  115. inetnum-up:  190.92.32/19
  116.  
  117. nic-hdl:     AIC17
  118. person:      Administrador de IP Clientes CableColor
  119. e-mail:      cc_csnets@CABLECOLOR.HN
  120. address:     Col. Miramontes Edif. Rosenthal, ,
  121. address:      - Tegucigalpa -
  122. country:     HN
  123. phone:       +504  22636522 []
  124. created:     20140617
  125. changed:     20140617
  126.  
  127. % whois.lacnic.net accepts only direct match queries.
  128. % Types of queries are: POCs, ownerid, CIDR blocks, IP
  129. % and AS numbers.
  130.  
  131.  
  132.  
  133.  
  134.  
  135. G E O  I P  L O O K  U P
  136. ======================================================================================================================================
  137.  
  138. [i] IP Address: 190.92.46.74
  139. [i] Country: Honduras
  140. [i] State:  
  141. [i] City:  
  142. [i] Latitude: 15.0
  143. [i] Longitude: -86.5
  144.  
  145.  
  146.  
  147.  
  148. H T T P   H E A D E R S
  149. =======================================================================================================================================
  150.  
  151.  
  152. [i]  HTTP/1.1 200 OK
  153. [i]  Date: Sun, 30 Dec 2018 07:04:52 GMT
  154. [i]  Server: Apache
  155. [i]  X-Frame-Options: SAMEORIGIN
  156. [i]  X-XSS-Protection: 1; mode=block
  157. [i]  X-Content-Type-Options: nosniff
  158. [i]  Connection: close
  159. [i]  Content-Type: text/html
  160.  
  161.  
  162.  
  163.  
  164. S U B N E T   C A L C U L A T I O N
  165. =======================================================================================================================================
  166.  
  167. Address       = 190.92.46.74
  168. Network       = 190.92.46.74 / 32
  169. Netmask       = 255.255.255.255
  170. Broadcast     = not needed on Point-to-Point links
  171. Wildcard Mask = 0.0.0.0
  172. Hosts Bits    = 0
  173. Max. Hosts    = 1   (2^0 - 0)
  174. Host Range    = { 190.92.46.74 - 190.92.46.74 }
  175.  
  176.  
  177.  
  178. N M A P   P O R T   S C A N
  179. =======================================================================================================================================
  180.  
  181.  
  182. Starting Nmap 7.40 ( https://nmap.org ) at 2018-12-30 07:04 UTC
  183. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  184. Host is up (0.057s latency).
  185. PORT     STATE    SERVICE
  186. 21/tcp   filtered ftp
  187. 22/tcp   filtered ssh
  188. 23/tcp   filtered telnet
  189. 80/tcp   open     http
  190. 110/tcp  filtered pop3
  191. 143/tcp  filtered imap
  192. 443/tcp  filtered https
  193. 3389/tcp filtered ms-wbt-server
  194.  
  195. Nmap done: 1 IP address (1 host up) scanned in 1.67 seconds
  196. #######################################################################################################################################
  197. [?] Enter the target: http://www.bch.hn/
  198. [!] IP Address : 190.92.46.74
  199. [!] www.bch.hn doesn't seem to use a CMS
  200. [+] Honeypot Probabilty: 0%
  201. ---------------------------------------------------------------------------------------------------------------------------------------
  202. [~] Trying to gather whois information for www.bch.hn
  203. [+] Whois information found
  204. [-] Unable to build response, visit https://who.is/whois/www.bch.hn
  205. ---------------------------------------------------------------------------------------------------------------------------------------
  206. PORT     STATE    SERVICE
  207. 21/tcp   filtered ftp
  208. 22/tcp   filtered ssh
  209. 23/tcp   filtered telnet
  210. 80/tcp   open     http
  211. 110/tcp  filtered pop3
  212. 143/tcp  filtered imap
  213. 443/tcp  filtered https
  214. 3389/tcp filtered ms-wbt-server
  215. Nmap done: 1 IP address (1 host up) scanned in 2.62 seconds
  216. ---------------------------------------------------------------------------------------------------------------------------------------
  217. #######################################################################################################################################
  218.  [+] Hosting Info for Website: www.bch.hn
  219.  [+] Visitors per day: 949
  220.  [+] IP Address: ...
  221.  [+] IP Reverse DNS (Host): 190-92-46-74.reverse.cablecolor.hn
  222.  [+] Hosting Company IP Owner:  El Zapaton
  223.  [+] Hosting IP Range: 190.92.46.72 - 190.92.46.79 (8 ip)
  224.  [+] Hosting Address: Cl Principal Colonia Miramontes Ed. Cont, 2Do. Nivel, 4780 - Tegucigalpa
  225.  [+] Owner Address: El Centro, 3 Avenida, 1 Y 2 Calle, Contiguo a Reposteria La Plata Enfrente a Hotel Formosa, Puerto Cortes, - Puerto Cortes
  226.  [+] Hosting Country: HND
  227.  [+] Owner Country: HND
  228.  [+] Hosting Phone: +50 4 2630000
  229.  [+] Owner Phone: +504 26620886
  230.  [+] Hosting Website: www.cablecolor.hn
  231.  [+] Owner Website: www.cablecolor.hn
  232.  [+] Owner CIDR: 190.92.46.72/29
  233.  [+] Hosting CIDR: 190.92.32.0/19
  234. #######################################################################################################################################
  235. ; <<>> DiG 9.11.5-P1-1-Debian <<>> bch.hn
  236. ;; global options: +cmd
  237. ;; Got answer:
  238. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35663
  239. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  240.  
  241. ;; OPT PSEUDOSECTION:
  242. ; EDNS: version: 0, flags:; udp: 4096
  243. ;; QUESTION SECTION:
  244. ;bch.hn.                IN  A
  245.  
  246. ;; AUTHORITY SECTION:
  247. bch.hn.         60  IN  SOA ns1.bch.hn. root.bch.hn. 2018022616 3600 600 1209600 3600
  248.  
  249. ;; Query time: 1823 msec
  250. ;; SERVER: 194.187.251.67#53(194.187.251.67)
  251. ;; WHEN: dim déc 30 02:29:34 EST 2018
  252. ;; MSG SIZE  rcvd: 80
  253. #######################################################################################################################################
  254. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace bch.hn
  255. ;; global options: +cmd
  256. .           79412   IN  NS  b.root-servers.net.
  257. .           79412   IN  NS  d.root-servers.net.
  258. .           79412   IN  NS  k.root-servers.net.
  259. .           79412   IN  NS  i.root-servers.net.
  260. .           79412   IN  NS  c.root-servers.net.
  261. .           79412   IN  NS  f.root-servers.net.
  262. .           79412   IN  NS  l.root-servers.net.
  263. .           79412   IN  NS  m.root-servers.net.
  264. .           79412   IN  NS  j.root-servers.net.
  265. .           79412   IN  NS  h.root-servers.net.
  266. .           79412   IN  NS  e.root-servers.net.
  267. .           79412   IN  NS  g.root-servers.net.
  268. .           79412   IN  NS  a.root-servers.net.
  269. .           79412   IN  RRSIG   NS 8 0 518400 20190112050000 20181230040000 2134 . pkOkP7s7O8sEsAMLdABL8HA9DrNOKDudWDa8VWxK6XAmTV+TwocLpmVb To4F9r+84naPabu+KCjdo/vPq7DZfMYDutikk5yKtTln8TVsxHK0RbJQ AQ6juetwDn5raG2Mc06K4u8ZK9GrdH7rzdd6AHEZN8kCDnphKDFNctzR rVwAwdDq1GD8CrMBR/0ft3AajlnGVrdtU4rb6lveJ1WtIthpc8mYsTME U+BgARm0bqRrC/w4Exq0/EuZ2ieqfX3ymNu3yfKjgcRp8QAvjAwBSSns ZprfYK7UvWcRdm82NdeOdnPe+U5LDC/WTMz8M6cv01jzHY5eHbohoRqc XHDtlQ==
  270. ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 180 ms
  271.  
  272. hn.         172800  IN  NS  sns-pb.isc.org.
  273. hn.         172800  IN  NS  pch-anycast.rds.org.hn.
  274. hn.         172800  IN  NS  nicmx-anycast.rds.org.hn.
  275. hn.         86400   IN  DS  20599 8 2 B7CA2A70DEA7188CB7319A8049164EF9D0E3496D8FE4E3C135CBA845 2544BA72
  276. hn.         86400   IN  RRSIG   DS 8 1 86400 20190112050000 20181230040000 2134 . G4afAixlcrtFvXQ0WynooWKzsCbijruJxgG1aHkqyIWTXOhWKOB4NihF i7STKJRw8WEHsEPn2rHnRlHQ8kwjRYlxSOr4Af1kVHnoCYKiRaFiC1i5 xsHoi4+TUMOwIzNP0LRBvVRG3KCH9ZBdVH9OSkqDfjNBwxMdfMBPncSb ntBWx79y6U9FiQAc2WpYtXQwDTZSyU9K+VbqLcRkA1a7v9DdiUwXtTvT s6wPObpfATZwUNFTuQ/2M80Afs9GpyIBO56b0fC4ja2lG3zvg9er2Eqy tTYJMlsNtIzS2pTsy7VZqJRueqjXLS0uCR67Y7vypxL1OmaqTKXArhp+ 1OHsgQ==
  277. ;; Received 564 bytes from 198.41.0.4#53(a.root-servers.net) in 183 ms
  278.  
  279. bch.hn.         86400   IN  NS  ns1.bch.hn.
  280. bch.hn.         86400   IN  NS  ns3.bch.hn.
  281. 229SBLCVH1CP2571SSE3JRCP49PSQAB9.hn. 86400 IN NSEC3 1 1 10 05EE09A3 2UFM6UK1VGEFKOIFCDB2C6JPINQ6QS1Q NS SOA TXT RRSIG DNSKEY NSEC3PARAM
  282. 229SBLCVH1CP2571SSE3JRCP49PSQAB9.hn. 86400 IN RRSIG NSEC3 8 2 86400 20190109060000 20181223060000 34848 hn. QicKSgel+5mNjBm0CIkyxEfClJJQ2QQibS1Yr/Bck6OUh/yF+u5SsMWu hwxvEFQVClduzJ+w9kUy6Z6r7KDvSMboWLWKAkh5zlOIzJPSHCl55DZd 4FJaZVKluPpUbESL+2QrG/k/7We5JVBFY4TlRl11DqT6SlSWJYyakng/ WSPFUnIGAlqgv7Gg7iyym9QKjiaCWRCfXpCsFC81jVtAOJ4j4F+xuk9x zoxQXBkbJpc7WEth0g2yDX9DCHwy3uze3P3Rjtb0Ux/dy0WcHKj67Eyc ztWzlqc1bGw1kHh0K617M72YSGQOnkBvNSaV3jyBazl+Gyk7hmhghYW+ /EOPLw==
  283. 882BIC9179CESJM8GPV7MCEUGKON02GB.hn. 86400 IN NSEC3 1 1 10 05EE09A3 8M2PG8S38GCS4GIQM11A40HFUPG9DIK8 NS DS RRSIG
  284. 882BIC9179CESJM8GPV7MCEUGKON02GB.hn. 86400 IN RRSIG NSEC3 8 2 86400 20190109060000 20181223060000 34848 hn. hqcM/uQxQmqk9jCQr6JB2II2we7CXhenf74EbXj19XvJfxIesU6wHjRl NB5su0PDxcS0HSaqWQtmYxHvjpzrdPCEV09I1y9XGM84EIf+QoVePkYF dqq5K2e0C6HPvNd8jdr4xwLjCeClvvs5mtw8qKmr7X/b5dJpYKUQEftv ZER6Haokmpveel9s/7gnC/Yk2/ZHgsX1nzZaSz13H6dH2pl3O1O9Kj3a kLf1sLnzazjkWqx0snY/rpM458YZ6vpQhDwc75vCvEM0jkXKeA84Qaxl PvDiyXwoVqFRozxjX7+rd+Er5mSjgdchxPJGoW6x/wOCpex7OYTI6s/D 74Dvwg==
  285. ;; Received 878 bytes from 2001:500:2e::1#53(sns-pb.isc.org) in 96 ms
  286.  
  287. bch.hn.         60  IN  SOA ns1.bch.hn. root.bch.hn. 2018022616 3600 600 1209600 3600
  288. ;; Received 80 bytes from 190.92.67.8#53(ns1.bch.hn) in 311 ms
  289. #######################################################################################################################################
  290. Traceroute 'www.bch.hn '
  291. ---------------------------------------------------------------------------------------------------------------------------------------
  292.  
  293. Start: 2018-12-30T07:31:32+0000
  294. HOST: web01                                      Loss%   Snt   Last   Avg  Best  Wrst StDev
  295.   1.|-- 45.79.12.201                                0.0%     3    1.0   1.3   1.0   1.7   0.4
  296.   2.|-- 45.79.12.4                                  0.0%     3    0.6  13.5   0.6  38.0  21.2
  297.   3.|-- 45.79.12.8                                  0.0%     3    0.7   0.7   0.5   1.0   0.3
  298.   4.|-- ix-et-5-1-2-0.tcore1.dt8-dallas.as6453.net  0.0%     3    1.1   1.2   1.1   1.4   0.2
  299.   5.|-- 94.142.107.18                               0.0%     3    1.4   1.4   1.3   1.4   0.1
  300.   6.|-- 94.142.126.134                              0.0%     3   31.0  31.8  30.8  33.6   1.5
  301.   7.|-- 84.16.7.131                                 0.0%     3   49.1  49.3  49.1  49.8   0.4
  302.   8.|-- ???                                        100.0     3    0.0   0.0   0.0   0.0   0.0
  303. #######################################################################################################################################
  304. [*] Performing General Enumeration of Domain: bch.hn
  305. [-] DNSSEC is not configured for bch.hn
  306. [*]      SOA ns1.bch.hn 190.92.67.8
  307. [*]      NS ns1.bch.hn 190.92.67.8
  308. [*]      Bind Version for 190.92.67.8 9.6-ESV-R11-S10
  309. [*]      NS ns3.bch.hn 190.92.67.45
  310. [*]      MX correoc.bch.hn 190.92.67.23
  311. [*]      TXT bch.hn v=spf1 a mx ip4:190.92.67.23 -all
  312. [*] Enumerating SRV Records
  313. [-] No SRV Records Found for bch.hn
  314. [+] 0 Records Found
  315. #######################################################################################################################################
  316. =======================================================================================================================================
  317. | External hosts:
  318. | [+] External Host Found: https://see.bch.hn
  319. | [+] External Host Found: http://estadisticas.bch.hn
  320. | [+] External Host Found: http://purl.org
  321. | [+] External Host Found: http://www.adobe.com
  322. | [+] External Host Found: http://portalunico.iaip.gob.hn
  323. | [+] External Host Found: https://www.googletagmanager.com
  324. =======================================================================================================================================
  325. | E-mails:
  326. | [+] E-mail Found: abel.avila@bch.hn
  327. | [+] E-mail Found: latlantico@hondutel.hn
  328. | [+] E-mail Found: operaciones@bancolafise.com
  329. | [+] E-mail Found: gerencia@taca.com
  330. | [+] E-mail Found: dom@bch.hn
  331. | [+] E-mail Found: rosamaria.rodriguez@bch.hn
  332. | [+] E-mail Found: malvarado@hotmail.com
  333. | [+] E-mail Found: sendi@bch.hn
  334. | [+] E-mail Found: transparencia@bch.hn
  335. | [+] E-mail Found: seleccion@bch.hn
  336. =======================================================================================================================================
  337. #######################################################################################################################################
  338. ---------------------------------------------------------------------------------------------------------------------------------------
  339. + Target IP:          190.92.46.74
  340. + Target Hostname:    www.bch.hn
  341. + Target Port:        80
  342. + Start Time:         2018-12-30 02:01:28 (GMT-5)
  343. ---------------------------------------------------------------------------------------------------------------------------------------
  344. + Server: No banner retrieved
  345. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
  346. + Server banner has changed from '' to 'Apache' which may suggest a WAF, load balancer or proxy is in place
  347. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
  348. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
  349. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
  350. + OSVDB-3092: /download/: This might be interesting...
  351. + OSVDB-3268: /public/: Directory indexing found.
  352. + OSVDB-3092: /public/: This might be interesting...
  353. + OSVDB-3268: /publico/: Directory indexing found.
  354. + OSVDB-3092: /publico/: This might be interesting...
  355. + 26149 requests: 0 error(s) and 9 item(s) reported on remote host
  356. + End Time:           2018-12-30 04:24:59 (GMT-5) (8611 seconds)
  357. ---------------------------------------------------------------------------------------------------------------------------------------#######################################################################################################################################
  358. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:02 EST
  359. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  360. Host is up (0.18s latency).
  361. Not shown: 470 filtered ports, 4 closed ports
  362. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  363. PORT      STATE SERVICE
  364. 80/tcp    open  http
  365. 10443/tcp open  unknown
  366. #######################################################################################################################################
  367. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:02 EST
  368. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  369. Host is up (0.14s latency).
  370. Not shown: 2 filtered ports
  371. PORT     STATE         SERVICE
  372. 53/udp   open|filtered domain
  373. 67/udp   open|filtered dhcps
  374. 68/udp   open|filtered dhcpc
  375. 69/udp   open|filtered tftp
  376. 88/udp   open|filtered kerberos-sec
  377. 123/udp  open|filtered ntp
  378. 139/udp  open|filtered netbios-ssn
  379. 161/udp  open|filtered snmp
  380. 162/udp  open|filtered snmptrap
  381. 389/udp  open|filtered ldap
  382. 520/udp  open|filtered route
  383. 2049/udp open|filtered nfs
  384. #######################################################################################################################################
  385. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:02 EST
  386. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  387. Host is up.
  388.  
  389. PORT   STATE         SERVICE VERSION
  390. 67/udp open|filtered dhcps
  391. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  392. Too many fingerprints match this host to give specific OS details
  393.  
  394. TRACEROUTE (using proto 1/icmp)
  395. HOP RTT       ADDRESS
  396. 1   142.25 ms 10.244.200.1
  397. 2   142.45 ms vlan50.as083.buc.ro.m247.com (185.163.111.1)
  398. 3   142.41 ms 172.30.244.197
  399. 4   143.23 ms 172.30.245.85
  400. 5   142.45 ms xe-10-2-3-0.core1.buc1.ro.m247.com (193.27.65.181)
  401. 6   142.43 ms 172.30.255.190
  402. 7   143.23 ms 89.40.40.250
  403. 8   172.66 ms if-ae-26-3.tcore2.fnm-frankfurt.as6453.net (195.219.87.150)
  404. 9   172.45 ms 195.219.87.18
  405. 10  176.25 ms 94.142.107.14
  406. 11  264.68 ms 5.53.4.29
  407. 12  248.72 ms 213.140.36.95
  408. 13  248.71 ms 94.142.118.239
  409. 14  289.51 ms 94.142.127.230
  410. 15  308.49 ms 84.16.7.131
  411. 16  ... 30
  412. #######################################################################################################################################
  413. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:04 EST
  414. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  415. Host is up.
  416.  
  417. PORT   STATE         SERVICE VERSION
  418. 68/udp open|filtered dhcpc
  419. Too many fingerprints match this host to give specific OS details
  420.  
  421. TRACEROUTE (using proto 1/icmp)
  422. HOP RTT       ADDRESS
  423. 1   138.12 ms 10.244.200.1
  424. 2   138.37 ms vlan50.as083.buc.ro.m247.com (185.163.111.1)
  425. 3   138.15 ms 172.30.244.197
  426. 4   138.15 ms 172.30.245.85
  427. 5   138.35 ms xe-10-2-3-0.core1.buc1.ro.m247.com (193.27.65.181)
  428. 6   138.16 ms 172.30.255.190
  429. 7   139.15 ms 89.40.40.250
  430. 8   168.38 ms if-ae-26-3.tcore2.fnm-frankfurt.as6453.net (195.219.87.150)
  431. 9   167.97 ms 195.219.87.18
  432. 10  172.19 ms 94.142.107.14
  433. 11  261.35 ms 5.53.4.29
  434. 12  246.34 ms 213.140.36.95
  435. 13  245.51 ms 94.142.118.239
  436. 14  287.51 ms 94.142.127.230
  437. 15  306.88 ms 84.16.7.131
  438. 16  ... 30
  439. #######################################################################################################################################
  440. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:06 EST
  441. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  442. Host is up.
  443.  
  444. PORT   STATE         SERVICE VERSION
  445. 69/udp open|filtered tftp
  446. Too many fingerprints match this host to give specific OS details
  447.  
  448. TRACEROUTE (using proto 1/icmp)
  449. HOP RTT       ADDRESS
  450. 1   137.60 ms 10.244.200.1
  451. 2   139.78 ms vlan50.as083.buc.ro.m247.com (185.163.111.1)
  452. 3   137.64 ms 172.30.244.197
  453. 4   137.63 ms 172.30.245.85
  454. 5   137.65 ms xe-10-2-3-0.core1.buc1.ro.m247.com (193.27.65.181)
  455. 6   137.65 ms 172.30.255.190
  456. 7   138.82 ms 89.40.40.250
  457. 8   167.46 ms if-ae-26-3.tcore2.fnm-frankfurt.as6453.net (195.219.87.150)
  458. 9   166.82 ms 195.219.87.18
  459. 10  171.86 ms 94.142.107.14
  460. 11  263.19 ms 5.53.4.29
  461. 12  248.56 ms 213.140.36.95
  462. 13  247.14 ms 94.142.118.239
  463. 14  294.58 ms 94.142.127.230
  464. 15  307.36 ms 84.16.7.131
  465. 16  ... 30
  466. #######################################################################################################################################
  467.  
  468.                                  ^     ^
  469.         _   __  _   ____ _   __  _    _   ____
  470.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  471.       | V V // o // _/ | V V // 0 // 0 // _/
  472.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
  473.                                 <
  474.                                 ...'
  475.  
  476.     WAFW00F - Web Application Firewall Detection Tool
  477.  
  478.     By Sandro Gauci && Wendel G. Henrique
  479.  
  480. Checking http://190.92.46.74
  481. Generic Detection results:
  482. No WAF detected by the generic detection
  483. Number of requests: 14
  484. #######################################################################################################################################
  485. http://190.92.46.74 [200 OK] Apache, Country[HONDURAS][HN], DublinCore, HTTPServer[Apache], IP[190.92.46.74], Meta-Author[Francisco Javier Moraz�n Matute, Henri L�pez, Mario Bonilla,Francisco Javier Moraz�n Matute,Francisco Javier Moraz�n Matute, Henri L�pez, Mario Bonilla], MetaGenerator[HTML Tidy for Windows (vers 14 February 2006), see www.w3.org], Script[JavaScript1.2,javascript,text/javascript], Title[Banco Central de Honduras - www.bch.hn], UncommonHeaders[x-content-type-options], X-Frame-Options[SAMEORIGIN], X-UA-Compatible[IE=Edge], X-XSS-Protection[1; mode=block]
  486. #######################################################################################################################################
  487. wig - WebApp Information Gatherer
  488.  
  489.  
  490. Scanning http://190.92.46.74...
  491. _____________________ SITE INFO ______________________
  492. IP               Title                                
  493. 190.92.46.74     Banco Central de Honduras - www.bch
  494.                                                      
  495. ______________________ VERSION _______________________
  496. Name             Versions          Type              
  497. Apache                             Platform          
  498.                                                      
  499. ____________________ INTERESTING _____________________
  500. URL              Note              Type              
  501. /robots.txt      robots.txt index  Interesting        
  502.                                                      
  503. ______________________________________________________
  504. Time: 134.7 sec  Urls: 611         Fingerprints: 40401
  505. #######################################################################################################################################
  506. HTTP/1.1 200 OK
  507. Date: Sun, 30 Dec 2018 07:12:09 GMT
  508. Server: Apache
  509. X-Frame-Options: SAMEORIGIN
  510. X-XSS-Protection: 1; mode=block
  511. X-Content-Type-Options: nosniff
  512. Content-Type: text/html
  513. #######################################################################################################################################
  514. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:12 EST
  515. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  516. Host is up.
  517.  
  518. PORT    STATE         SERVICE VERSION
  519. 123/udp open|filtered ntp
  520. Too many fingerprints match this host to give specific OS details
  521.  
  522. TRACEROUTE (using proto 1/icmp)
  523. HOP RTT       ADDRESS
  524. 1   140.13 ms 10.244.200.1
  525. 2   140.42 ms vlan50.as083.buc.ro.m247.com (185.163.111.1)
  526. 3   140.17 ms 172.30.244.197
  527. 4   140.18 ms 172.30.245.85
  528. 5   140.22 ms xe-10-2-3-0.core1.buc1.ro.m247.com (193.27.65.181)
  529. 6   140.22 ms 172.30.255.190
  530. 7   141.68 ms 89.40.40.250
  531. 8   170.06 ms if-ae-26-3.tcore2.fnm-frankfurt.as6453.net (195.219.87.150)
  532. 9   170.04 ms 195.219.87.18
  533. 10  174.06 ms 94.142.107.14
  534. 11  261.86 ms 5.53.4.29
  535. 12  247.79 ms 213.140.36.95
  536. 13  246.41 ms 94.142.118.239
  537. 14  293.88 ms 94.142.127.230
  538. 15  307.40 ms 84.16.7.131
  539. 16  ... 30
  540. #######################################################################################################################################
  541. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:15 EST
  542. NSE: Loaded 149 scripts for scanning.
  543. NSE: Script Pre-scanning.
  544. NSE: Starting runlevel 1 (of 3) scan.
  545. Initiating NSE at 02:15
  546. Completed NSE at 02:15, 0.00s elapsed
  547. NSE: Starting runlevel 2 (of 3) scan.
  548. Initiating NSE at 02:15
  549. Completed NSE at 02:15, 0.00s elapsed
  550. NSE: Starting runlevel 3 (of 3) scan.
  551. Initiating NSE at 02:15
  552. Completed NSE at 02:15, 0.00s elapsed
  553. Initiating Ping Scan at 02:15
  554. Scanning 190.92.46.74 [4 ports]
  555. Completed Ping Scan at 02:15, 2.04s elapsed (1 total hosts)
  556. Nmap scan report for 190.92.46.74 [host down, received no-response]
  557. NSE: Script Post-scanning.
  558. NSE: Starting runlevel 1 (of 3) scan.
  559. Initiating NSE at 02:15
  560. Completed NSE at 02:15, 0.00s elapsed
  561. NSE: Starting runlevel 2 (of 3) scan.
  562. Initiating NSE at 02:15
  563. Completed NSE at 02:15, 0.00s elapsed
  564. NSE: Starting runlevel 3 (of 3) scan.
  565. Initiating NSE at 02:15
  566. Completed NSE at 02:15, 0.00s elapsed
  567. Read data files from: /usr/local/bin/../share/nmap
  568. Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
  569. Nmap done: 1 IP address (0 hosts up) scanned in 2.70 seconds
  570.            Raw packets sent: 8 (304B) | Rcvd: 98 (11.256KB)
  571. #######################################################################################################################################
  572. Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-12-30 02:15 EST
  573. NSE: Loaded 149 scripts for scanning.
  574. NSE: Script Pre-scanning.
  575. Initiating NSE at 02:15
  576. Completed NSE at 02:15, 0.00s elapsed
  577. Initiating NSE at 02:15
  578. Completed NSE at 02:15, 0.00s elapsed
  579. Initiating NSE at 02:15
  580. Completed NSE at 02:15, 0.00s elapsed
  581. Initiating Parallel DNS resolution of 1 host. at 02:15
  582. Completed Parallel DNS resolution of 1 host. at 02:15, 0.03s elapsed
  583. Initiating UDP Scan at 02:15
  584. Scanning 190-92-46-74.reverse.cablecolor.hn (190.92.46.74) [14 ports]
  585. Completed UDP Scan at 02:15, 3.41s elapsed (14 total ports)
  586. Initiating Service scan at 02:15
  587. Scanning 12 services on 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  588. Service scan Timing: About 8.33% done; ETC: 02:34 (0:17:47 remaining)
  589. Completed Service scan at 02:16, 102.57s elapsed (12 services on 1 host)
  590. Initiating OS detection (try #1) against 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  591. Retrying OS detection (try #2) against 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  592. Initiating Traceroute at 02:16
  593. Completed Traceroute at 02:17, 7.21s elapsed
  594. Initiating Parallel DNS resolution of 1 host. at 02:17
  595. Completed Parallel DNS resolution of 1 host. at 02:17, 0.08s elapsed
  596. NSE: Script scanning 190.92.46.74.
  597. Initiating NSE at 02:17
  598. Completed NSE at 02:19, 168.47s elapsed
  599. Initiating NSE at 02:19
  600. Completed NSE at 02:19, 1.09s elapsed
  601. Initiating NSE at 02:19
  602. Completed NSE at 02:19, 0.00s elapsed
  603. Nmap scan report for 190-92-46-74.reverse.cablecolor.hn (190.92.46.74)
  604. Host is up (0.14s latency).
  605.  
  606. PORT     STATE         SERVICE      VERSION
  607. 53/udp   open|filtered domain
  608. 67/udp   open|filtered dhcps
  609. 68/udp   open|filtered dhcpc
  610. 69/udp   open|filtered tftp
  611. 88/udp   open|filtered kerberos-sec
  612. 123/udp  open|filtered ntp
  613. 137/udp  filtered      netbios-ns
  614. 138/udp  filtered      netbios-dgm
  615. 139/udp  open|filtered netbios-ssn
  616. 161/udp  open|filtered snmp
  617. 162/udp  open|filtered snmptrap
  618. 389/udp  open|filtered ldap
  619. 520/udp  open|filtered route
  620. 2049/udp open|filtered nfs
  621. Too many fingerprints match this host to give specific OS details
  622.  
  623. TRACEROUTE (using port 137/udp)
  624. HOP RTT       ADDRESS
  625. 1   141.47 ms 10.244.200.1
  626. 2   ... 3
  627. 4   138.04 ms 10.244.200.1
  628. 5   139.30 ms 10.244.200.1
  629. 6   139.30 ms 10.244.200.1
  630. 7   139.30 ms 10.244.200.1
  631. 8   139.31 ms 10.244.200.1
  632. 9   139.32 ms 10.244.200.1
  633. 10  139.32 ms 10.244.200.1
  634. 11  ... 18
  635. 19  144.46 ms 10.244.200.1
  636. 20  137.48 ms 10.244.200.1
  637. 21  ... 27
  638. 28  137.70 ms 10.244.200.1
  639. 29  ...
  640. 30  137.59 ms 10.244.200.1
  641.  
  642. NSE: Script Post-scanning.
  643. Initiating NSE at 02:19
  644. Completed NSE at 02:19, 0.00s elapsed
  645. Initiating NSE at 02:19
  646. Completed NSE at 02:19, 0.00s elapsed
  647. Initiating NSE at 02:19
  648. Completed NSE at 02:19, 0.00s elapsed
  649. Read data files from: /usr/local/bin/../share/nmap
  650. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  651. Nmap done: 1 IP address (1 host up) scanned in 288.65 seconds
  652.            Raw packets sent: 147 (13.614KB) | Rcvd: 1653 (294.360KB)
  653. #######################################################################################################################################
  654.                                               Anonymous JTSEC #OpIcarus Full Recon #40
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top