AnonymousSriLanka

Channel4.COM - BLOG SERVER - TLS-SSL KEY DUMPED & LEAKED...!

Mar 16th, 2012
205
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Channel4.COM - BLOG SERVER - TLS-SSL KEY DUMPED & LEAKED...!!
  2. (ATTACK NON-INTRUSIVE) - DNS BRUTE FORCE/TSL-SSL KEY DUMP/OTHER SENSITIVE SERVER DETAILS
  3.  
  4. PROJECT DEDICATION: PROJECT SARADIYEL (http://en.wikipedia.org/wiki/Uthuwankande_Soora_Saradiyel)
  5.  
  6. EXCLUSIVE FROM - Anonymous Sri Lanka
  7.  
  8. WWW.CHANNEL4.COM -----> Servers Fuck3D and Bust3D
  9.  
  10. Primary Server Data Leak with Transferring (Data Leak)....!!
  11.  
  12. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
  13.  
  14.  
  15. THIS ATTACK AGAINST THE DIRTIEST THINGS AGAINST THE SRI LANKA BY CHANNEL-4 .........!!!!!
  16.  
  17.  
  18. SERVER: blogs.channel4.com (83.98.28.24)
  19.  
  20. PORT STATE SERVICE REASON
  21.  
  22. 80/tcp open http syn-ack
  23. |
  24. |login.php
  25. |_http-title: Blogs - Channel 4
  26. |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
  27. | http-malware-host:
  28. | Host appears to be infected (/ts/in.cgi?open2 redirects to http://blogs.channel4.com/)
  29. |_ See: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/
  30. |
  31. |_http-favicon: Unknown favicon MD5: 274B86EA3032B9D0FE15F09399D82025
  32. | http-robots.txt: 1 disallowed entry
  33. |_/snowblog/files/
  34. | http-php-version: Logo query returned unknown hash 391c1c136a2bdb3b44ed19dcdda65cb6
  35. |_Credits query returned unknown hash 391c1c136a2bdb3b44ed19dcdda65cb6
  36. |
  37. | http-headers:
  38. | Content-Type: text/html; charset=UTF-8
  39. | Content-Length: -1
  40. | Date: Wed, 14 Mar 2012 15:47:13 GMT
  41. | Server: Apache
  42. | X-Pingback: http://blogs.channel4.com/xmlrpc.php
  43. | Vary: Accept-Encoding
  44. |
  45. |_ (Request type: HEAD)
  46. |
  47. |_http-userdir-enum: ERROR: http.pipeline returned nil
  48. | http-email-harvest:
  49. | Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=blogs.channel4.com
  50. |_ factcheck@channel4.com
  51. |
  52. | http-vhosts:
  53. | clarizen.channel4.com
  54. |
  55. | http-enum:
  56. |_ /wp-login.php: Possible admin folder
  57.  
  58. 443/tcp open https syn-ack
  59. |
  60. | ssl-cert: Subject: commonName=blogs.channel4.com/organizationName=Channel4 Television
  61.  
  62. Corp/stateOrProvinceName=London/countryName=GB/localityName=Westminster/organizationalUnitName=ISD
  63. | Issuer: commonName=VeriSign Class 3 International Server CA - G3/organizationName=VeriSign,
  64.  
  65. Inc./countryName=US/organizationalUnitName=Terms of use at https://www.verisign.com/rpa (c)10
  66. | Public Key type: rsa
  67. | Public Key bits: 1024
  68. | Not valid before: 2011-05-20 00:00:00
  69. | Not valid after: 2012-07-08 23:59:59
  70. | MD5: 881e 93b3 2936 0dab 0dba d3de c5e6 a7d1
  71. | SHA-1: 74ba 0433 86e4 9999 0873 d3cd ed6c 4dc7 f846 0570
  72. | -----BEGIN CERTIFICATE-----
  73. | MIIE+zCCA+OgAwIBAgIQRt0UApSuq3jm2O6aTy4SrjANBgkqhkiG9w0BAQUFADCB
  74. | vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
  75. | ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
  76. | YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
  77. | VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
  78. | DTExMDUyMDAwMDAwMFoXDTEyMDcwODIzNTk1OVowgYIxCzAJBgNVBAYTAkdCMQ8w
  79. | DQYDVQQIEwZMb25kb24xFDASBgNVBAcUC1dlc3RtaW5zdGVyMSEwHwYDVQQKFBhD
  80. | aGFubmVsNCBUZWxldmlzaW9uIENvcnAxDDAKBgNVBAsUA0lTRDEbMBkGA1UEAxQS
  81. | YmxvZ3MuY2hhbm5lbDQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+
  82. | ud7LAmUyqil05/4nc7IlxwXheT8JfHrbiAq7+deF6XzKioFkZBkMIXBjGUe4nhal
  83. | iOVaFreg+VqgPg+8HrHNjGCVycl96gg8rl3qaAnOa5W5iGG2dLk8dMVBDN18M/Wt
  84. | CDMdKJPJLYk1hupNqVhprPVRW5xPGQjNPOWOyNcY9wIDAQABo4IBszCCAa8wCQYD
  85. | VR0TBAIwADALBgNVHQ8EBAMCBaAwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL1NW
  86. | UkludGwtRzMtY3JsLnZlcmlzaWduLmNvbS9TVlJJbnRsRzMuY3JsMEQGA1UdIAQ9
  87. | MDswOQYLYIZIAYb4RQEHFwMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy
  88. | aXNpZ24uY29tL3JwYTAoBgNVHSUEITAfBglghkgBhvhCBAEGCCsGAQUFBwMBBggr
  89. | BgEFBQcDAjByBggrBgEFBQcBAQRmMGQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
  90. | LnZlcmlzaWduLmNvbTA8BggrBgEFBQcwAoYwaHR0cDovL1NWUkludGwtRzMtYWlh
  91. | LnZlcmlzaWduLmNvbS9TVlJJbnRsRzMuY2VyMG4GCCsGAQUFBwEMBGIwYKFeoFww
  92. | WjBYMFYWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFEtruSiWBgy70FI4mymsSweL
  93. | IQUYMCYWJGh0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28xLmdpZjANBgkq
  94. | hkiG9w0BAQUFAAOCAQEACIKSX5ySXd6rY4B6KH4I8l9+PKKDGNkLDHKYTEShn+d+
  95. | unJemYBlyb1+ITNnug1W3MgAEtXbvU/5sCNtzjBcSHUdOpwCSkKKTCTS2m88nGK0
  96. | X3lYVV/4M9XBvawQ6vBWm8CS5+F5z4lSJbg3tOHNqNnfuJew6z9qESaLIzS7j3df
  97. | DacfvjvczNtav+4Qiqk72WMibxSOqQy6++Qz1hJ6hZ+OYkPMzfi6VcWk+XMp1/Qw
  98. | t/32nBdJFUUC+A6x4jxJD+6dlXSjJ3x6cZvstEn0+3/5cILZDqCF8GTe/0YDeKUP
  99. | nJb0mWzSJxN5u0disX0XfhhJfU268KxWu8xv5aZmww==
  100. |_-----END CERTIFICATE-----
  101. |
  102. | http-headers:
  103. | Server: Apache
  104. | Vary: Accept-Encoding
  105. | Content-Type: text/html; charset=UTF-8
  106. | Date: Wed, 14 Mar 2012 15:46:46 GMT
  107. | X-Pingback: http://blogs.channel4.com/xmlrpc.php
  108. | Connection: close
  109. |
  110. |_ (Request type: HEAD)
  111. |
  112. | ssl-enum-ciphers:
  113. | SSLv3
  114. | Ciphers (5)
  115. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  116. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  117. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  118. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  119. | TLS_RSA_WITH_RC4_128_SHA - strong
  120. | Compressors (1)
  121. | NULL
  122. | TLSv1.0
  123. | Ciphers (5)
  124. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  125. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  126. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  127. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  128. | TLS_RSA_WITH_RC4_128_SHA - strong
  129. | Compressors (1)
  130. | NULL
  131. | TLSv1.1
  132. | Ciphers (5)
  133. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  134. | TLS_RSA_WITH_AES_128_CBC_SHA - strong
  135. | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength
  136. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  137. | TLS_RSA_WITH_RC4_128_SHA - strong
  138. | Compressors (1)
  139. | NULL
  140. |_ Least strength = unknown strength
  141. | http-enum:
  142. | /wp-login.php: Possible admin folder
  143. |_ /robots.txt: Robots file
  144. | http-vhosts:
  145. | zoho.channel4.com
  146. |
  147. | ssl-google-cert-catalog:
  148. |_ No DB entry
  149.  
  150.  
  151. Host script results:
  152. |
  153. |_path-mtu: PMTU == 1500
  154. |
  155. | whois: Record found at whois.ripe.net
  156. | inetnum: 83.98.16.0 - 83.98.31.255
  157. | netname: IOKONET1
  158. | descr: ioko customer hosting block 2 - TH
  159. | country: GB
  160. | person: ioko FNS
  161. |_email: fns@ioko.com
  162. | asn-query:
  163. | BGP: 83.98.16.0/20 and 83.98.0.0/17 | Country: GB
  164. | Origin AS: 30914 - IOKO-AS AS for ioko365 Ltd
  165. |_ Peer AS: 174 702 6461 10310
  166. | dns-brute:
  167. | DNS Brute-force hostnames
  168. | www.channel4.com - 83.98.28.10
  169. | mail.channel4.com - 83.98.28.13
  170. | svn.channel4.com - 83.98.28.169
  171. | stage.channel4.com - 83.98.28.155
  172. | stats.channel4.com - 83.98.28.10
  173. | test.channel4.com - 83.98.28.153
  174. | admin.channel4.com - 83.98.28.47
  175. | ads.channel4.com - 212.62.19.199
  176. | mobile.channel4.com - 78.136.16.192
  177. | wiki.channel4.com - 83.98.28.169
  178. | exchange.channel4.com - 62.25.109.162
  179. | help.channel4.com - 83.98.28.10
  180. | forum.channel4.com - 212.62.19.222
  181. | ftp.channel4.com - 83.98.28.12
  182. |_ cms.channel4.com - 83.98.28.140
  183. |_ipidseq: Random Positive Increments [used port 80]
  184. | qscan:
  185. | PORT FAMILY MEAN (us) STDDEV LOSS (%)
  186. | 80 0 1021039.60 456546.90 0.0%
  187. |_443 0 1184768.30 421436.03 0.0%
RAW Paste Data