Guest User

Anonymous JTSEC #OpSudan Full Recon #11

a guest
Feb 14th, 2019
318
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. =======================================================================================================================================
  3. Hostname mofeca.gov.sd ISP NICDC
  4. Continent Africa Flag
  5. SD
  6. Country Sudan Country Code SD
  7. Region Unknown Local time 14 Feb 2019 15:19 CAT
  8. City Unknown Postal Code Unknown
  9. IP Address 62.12.105.6 Latitude 15
  10. Longitude 30
  11. =======================================================================================================================================
  12. #######################################################################################################################################
  13. > mofeca.gov.sd
  14. Server: 38.132.106.139
  15. Address: 38.132.106.139#53
  16.  
  17. Non-authoritative answer:
  18. Name: mofeca.gov.sd
  19. Address: 62.12.105.6
  20. >
  21. #######################################################################################################################################
  22. HostIP:62.12.105.6
  23. HostName:mofeca.gov.sd
  24.  
  25. Gathered Inet-whois information for 62.12.105.6
  26. ---------------------------------------------------------------------------------------------------------------------------------------
  27.  
  28.  
  29. inetnum: 62.12.96.0 - 62.12.127.255
  30. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  31. descr: IPv4 address block not managed by the RIPE NCC
  32. remarks: ------------------------------------------------------
  33. remarks:
  34. remarks: For registration information,
  35. remarks: you can consult the following sources:
  36. remarks:
  37. remarks: IANA
  38. remarks: http://www.iana.org/assignments/ipv4-address-space
  39. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
  40. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
  41. remarks:
  42. remarks: AFRINIC (Africa)
  43. remarks: http://www.afrinic.net/ whois.afrinic.net
  44. remarks:
  45. remarks: APNIC (Asia Pacific)
  46. remarks: http://www.apnic.net/ whois.apnic.net
  47. remarks:
  48. remarks: ARIN (Northern America)
  49. remarks: http://www.arin.net/ whois.arin.net
  50. remarks:
  51. remarks: LACNIC (Latin America and the Carribean)
  52. remarks: http://www.lacnic.net/ whois.lacnic.net
  53. remarks:
  54. remarks: ------------------------------------------------------
  55. country: EU # Country is really world wide
  56. admin-c: IANA1-RIPE
  57. tech-c: IANA1-RIPE
  58. status: ALLOCATED UNSPECIFIED
  59. mnt-by: RIPE-NCC-HM-MNT
  60. created: 2019-01-07T10:46:54Z
  61. last-modified: 2019-01-07T10:46:54Z
  62. source: RIPE
  63.  
  64. role: Internet Assigned Numbers Authority
  65. address: see http://www.iana.org.
  66. admin-c: IANA1-RIPE
  67. tech-c: IANA1-RIPE
  68. nic-hdl: IANA1-RIPE
  69. remarks: For more information on IANA services
  70. remarks: go to IANA web site at http://www.iana.org.
  71. mnt-by: RIPE-NCC-MNT
  72. created: 1970-01-01T00:00:00Z
  73. last-modified: 2001-09-22T09:31:27Z
  74. source: RIPE # Filtered
  75.  
  76. % This query was served by the RIPE Database Query Service version 1.92.6 (BLAARKOP)
  77.  
  78.  
  79.  
  80. Gathered Inic-whois information for mofeca.gov.sd
  81. ---------------------------------------------------------------------------------------------------------------------------------------
  82. Error: Unable to connect - Invalid Host
  83. ERROR: Connection to InicWhois Server sd.whois-servers.net failed
  84. close error
  85.  
  86. Gathered Netcraft information for mofeca.gov.sd
  87. ---------------------------------------------------------------------------------------------------------------------------------------
  88.  
  89. Retrieving Netcraft.com information for mofeca.gov.sd
  90. Netcraft.com Information gathered
  91.  
  92. Gathered Subdomain information for mofeca.gov.sd
  93. ---------------------------------------------------------------------------------------------------------------------------------------
  94. Searching Google.com:80...
  95. HostName:www.mofeca.gov.sd
  96. HostIP:62.12.105.6
  97. Searching Altavista.com:80...
  98. Found 1 possible subdomain(s) for host mofeca.gov.sd, Searched 0 pages containing 0 results
  99.  
  100. Gathered E-Mail information for mofeca.gov.sd
  101. ---------------------------------------------------------------------------------------------------------------------------------------
  102. Searching Google.com:80...
  103. Searching Altavista.com:80...
  104. Found 0 E-Mail(s) for host mofeca.gov.sd, Searched 0 pages containing 0 results
  105.  
  106. Gathered TCP Port information for 62.12.105.6
  107. ---------------------------------------------------------------------------------------------------------------------------------------
  108.  
  109. Port State
  110.  
  111. 21/tcp open
  112. 80/tcp open
  113. 110/tcp open
  114.  
  115. Portscan Finished: Scanned 150 ports, 5 ports were in state closed
  116. #######################################################################################################################################
  117. [i] Scanning Site: http://mofeca.gov.sd
  118.  
  119.  
  120.  
  121. B A S I C I N F O
  122. =======================================================================================================================================
  123.  
  124.  
  125. [+] Site Title: وزارة المالية و الإقتصاد و شؤون المستهلك - ولاية الخرطوم
  126. [+] IP address: 62.12.105.6
  127. [+] Web Server: Could Not Detect
  128. [+] CMS: Could Not Detect
  129. [+] Cloudflare: Not Detected
  130. [+] Robots File: Could NOT Find robots.txt!
  131.  
  132.  
  133.  
  134.  
  135.  
  136.  
  137.  
  138.  
  139. G E O I P L O O K U P
  140. =======================================================================================================================================
  141.  
  142. [i] IP Address: 62.12.105.6
  143. [i] Country: Sudan
  144. [i] State:
  145. [i] City:
  146. [i] Latitude: 15.0
  147. [i] Longitude: 30.0
  148.  
  149.  
  150.  
  151.  
  152. H T T P H E A D E R S
  153. =======================================================================================================================================
  154.  
  155.  
  156. [i] HTTP/1.1 200 OK
  157. [i] Date: Thu, 14 Feb 2019 12:23:37 GMT
  158. [i] Content-Type: text/html
  159. [i] X-Powered-By: PHP/5.4.16
  160. [i] X-Powered-By: PleskLin
  161. [i] Connection: close
  162.  
  163.  
  164.  
  165.  
  166. D N S L O O K U P
  167. =======================================================================================================================================
  168.  
  169. mofeca.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2016110600 10800 900 604800 86400
  170. mofeca.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
  171. mofeca.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
  172. mofeca.gov.sd. 21599 IN A 62.12.105.6
  173. mofeca.gov.sd. 21599 IN MX 10 mail.mofeca.gov.sd.
  174. mofeca.gov.sd. 21599 IN TXT "v=spf1 mx -all"
  175.  
  176.  
  177.  
  178.  
  179. S U B N E T C A L C U L A T I O N
  180. =======================================================================================================================================
  181.  
  182. Address = 62.12.105.6
  183. Network = 62.12.105.6 / 32
  184. Netmask = 255.255.255.255
  185. Broadcast = not needed on Point-to-Point links
  186. Wildcard Mask = 0.0.0.0
  187. Hosts Bits = 0
  188. Max. Hosts = 1 (2^0 - 0)
  189. Host Range = { 62.12.105.6 - 62.12.105.6 }
  190.  
  191.  
  192.  
  193. N M A P P O R T S C A N
  194. =======================================================================================================================================
  195.  
  196.  
  197. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-14 13:23 UTC
  198. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  199. Host is up (0.18s latency).
  200. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  201. PORT STATE SERVICE
  202. 21/tcp filtered ftp
  203. 22/tcp filtered ssh
  204. 23/tcp filtered telnet
  205. 80/tcp filtered http
  206. 110/tcp filtered pop3
  207. 143/tcp filtered imap
  208. 443/tcp filtered https
  209. 3389/tcp filtered ms-wbt-server
  210.  
  211. Nmap done: 1 IP address (1 host up) scanned in 13.87 seconds
  212. ######################################################################################################################################
  213. [?] Enter the target: example( http://domain.com )
  214. http://mofeca.gov.sd/
  215. [!] IP Address : 62.12.105.6
  216. [!] mofeca.gov.sd doesn't seem to use a CMS
  217. [+] Honeypot Probabilty: 30%
  218. ---------------------------------------------------------------------------------------------------------------------------------------
  219. [~] Trying to gather whois information for mofeca.gov.sd
  220. [+] Whois information found
  221. [-] Unable to build response, visit https://who.is/whois/mofeca.gov.sd
  222. ---------------------------------------------------------------------------------------------------------------------------------------
  223. PORT STATE SERVICE
  224. 21/tcp filtered ftp
  225. 22/tcp filtered ssh
  226. 23/tcp filtered telnet
  227. 80/tcp filtered http
  228. 110/tcp filtered pop3
  229. 143/tcp filtered imap
  230. 443/tcp filtered https
  231. 3389/tcp filtered ms-wbt-server
  232. Nmap done: 1 IP address (1 host up) scanned in 14.20 seconds
  233. ---------------------------------------------------------------------------------------------------------------------------------------
  234.  
  235. [+] DNS Records
  236. ns0.ndc.gov.sd. (62.12.109.2) Egypt Egypt
  237. ns1.ndc.gov.sd. (62.12.109.3) Egypt Egypt
  238.  
  239. [+] MX Records
  240. 10 (196.29.167.142) AS33788 KANARTEL Sudan
  241.  
  242. [+] Host Records (A)
  243. mofeca.gov.sd (62.12.105.6) Egypt Egypt
  244.  
  245. [+] TXT Records
  246. "v=spf1 mx -all"
  247.  
  248. [+] DNS Map: https://dnsdumpster.com/static/map/mofeca.gov.sd.png
  249.  
  250. [>] Initiating 3 intel modules
  251. [>] Loading Alpha module (1/3)
  252. [>] Beta module deployed (2/3)
  253. [>] Gamma module initiated (3/3)
  254.  
  255.  
  256. [+] Emails found:
  257. ---------------------------------------------------------------------------------------------------------------------------------------
  258. pixel-1550150659805332-web-@mofeca.gov.sd
  259. pixel-1550150660604541-web-@mofeca.gov.sd
  260.  
  261. [+] Hosts found in search engines:
  262. ---------------------------------------------------------------------------------------------------------------------------------------
  263. [-] Resolving hostnames IPs...
  264. 196.29.167.142:mail.mofeca.gov.sd
  265. 62.12.105.6:www.mofeca.gov.sd
  266. [+] Virtual hosts:
  267. ---------------------------------------------------------------------------------------------------------------------------------------
  268. 62.12.105.6 zalingei.edu.sd
  269. 62.12.105.6 minv.gov.sd
  270. 62.12.105.6 mhd.gov.sd
  271. 62.12.105.6 www.minv.gov.sd
  272. 62.12.105.6 mofa.gov.sd
  273. 62.12.105.6 khrland.gov.sd
  274. 62.12.105.6 arcsudan.sd
  275. 62.12.105.6 cbs.gov.sd
  276. 62.12.105.6 snrra.gov.sd
  277. #######################################################################################################################################
  278. Enter Address Website = mofeca.gov.sd
  279.  
  280.  
  281. Reverse IP With YouGetSignal 'mofeca.gov.sd'
  282. ---------------------------------------------------------------------------------------------------------------------------------------
  283.  
  284. [*] IP: 62.12.105.6
  285. [*] Domain: mofeca.gov.sd
  286. [*] Total Domains: 9
  287.  
  288. [+] aladia.gov.sd
  289. [+] arcsudan.sd
  290. [+] khplan.gov.sd
  291. [+] minv.gov.sd
  292. [+] mofeca.gov.sd
  293. [+] nilestatefinance.gov.sd
  294. [+] nk-agric.gov.sd
  295. [+] redseaeducation.gov.sd
  296. [+] yfit.org.sd
  297. #######################################################################################################################################
  298. Geo IP Lookup 'mofeca.gov.sd'
  299. ---------------------------------------------------------------------------------------------------------------------------------------
  300.  
  301. [+] IP Address: 62.12.105.6
  302. [+] Country: Sudan
  303. [+] State:
  304. [+] City:
  305. [+] Latitude: 15.0
  306. [+] Longitude: 30.0
  307. #######################################################################################################################################
  308. DNS Lookup 'mofeca.gov.sd'
  309. ---------------------------------------------------------------------------------------------------------------------------------------
  310.  
  311. [+] mofeca.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2016110600 10800 900 604800 86400
  312. [+] mofeca.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
  313. [+] mofeca.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
  314. [+] mofeca.gov.sd. 21599 IN A 62.12.105.6
  315. [+] mofeca.gov.sd. 21599 IN MX 10 mail.mofeca.gov.sd.
  316. [+] mofeca.gov.sd. 21599 IN TXT "v=spf1 mx -all"
  317. #######################################################################################################################################
  318. Show HTTP Header 'mofeca.gov.sd'
  319. ---------------------------------------------------------------------------------------------------------------------------------------
  320.  
  321. [+] HTTP/1.1 200 OK
  322. [+] Server: nginx
  323. [+] Date: Thu, 14 Feb 2019 12:23:35 GMT
  324. [+] Content-Type: text/html
  325. [+] Connection: keep-alive
  326. [+] X-Powered-By: PHP/5.4.16
  327. [+] X-Powered-By: PleskLin
  328. #######################################################################################################################################
  329. Port Scan 'mofeca.gov.sd'
  330. ---------------------------------------------------------------------------------------------------------------------------------------
  331.  
  332.  
  333. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-14 13:23 UTC
  334. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  335. Host is up (0.18s latency).
  336. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  337. PORT STATE SERVICE
  338. 21/tcp filtered ftp
  339. 22/tcp filtered ssh
  340. 23/tcp filtered telnet
  341. 80/tcp filtered http
  342. 110/tcp filtered pop3
  343. 143/tcp filtered imap
  344. 443/tcp filtered https
  345. 3389/tcp filtered ms-wbt-server
  346.  
  347. Nmap done: 1 IP address (1 host up) scanned in 14.21 seconds
  348. #######################################################################################################################################
  349. Traceroute 'mofeca.gov.sd'
  350. ---------------------------------------------------------------------------------------------------------------------------------------
  351.  
  352. Start: 2019-02-14T13:24:06+0000
  353. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  354. 1.|-- 45.79.12.202 0.0% 3 0.7 0.9 0.7 1.0 0.2
  355. 2.|-- 45.79.12.2 0.0% 3 0.9 0.7 0.5 0.9 0.2
  356. 3.|-- hu0-7-0-7.ccr41.dfw03.atlas.cogentco.com 0.0% 3 1.7 1.5 1.3 1.7 0.2
  357. 4.|-- be2763.ccr31.dfw01.atlas.cogentco.com 0.0% 3 2.0 1.9 1.4 2.3 0.5
  358. 5.|-- be2432.ccr21.mci01.atlas.cogentco.com 0.0% 3 12.1 11.9 11.6 12.1 0.3
  359. 6.|-- be2831.ccr41.ord01.atlas.cogentco.com 0.0% 3 23.5 23.4 23.2 23.5 0.1
  360. 7.|-- be2717.ccr21.cle04.atlas.cogentco.com 0.0% 3 30.3 30.3 30.3 30.4 0.1
  361. 8.|-- be2878.ccr21.alb02.atlas.cogentco.com 0.0% 3 41.9 41.6 41.4 41.9 0.3
  362. 9.|-- be3599.ccr31.bos01.atlas.cogentco.com 0.0% 3 44.9 45.0 44.9 45.3 0.2
  363. 10.|-- be2982.ccr41.lon13.atlas.cogentco.com 0.0% 3 107.8 107.5 107.2 107.8 0.3
  364. 11.|-- be2868.ccr21.lon01.atlas.cogentco.com 0.0% 3 107.7 107.9 107.7 108.2 0.3
  365. 12.|-- expressotelecom.demarc.cogentco.com 0.0% 3 107.4 107.4 107.4 107.4 0.0
  366. 13.|-- 185.153.20.70 0.0% 3 185.8 186.1 185.8 186.5 0.4
  367. 14.|-- 185.153.20.82 0.0% 3 198.1 196.8 186.1 206.2 10.1
  368. 15.|-- 185.153.20.94 0.0% 3 185.6 185.7 185.5 186.0 0.2
  369. 16.|-- 185.153.20.153 0.0% 3 242.3 242.7 219.8 266.0 23.1
  370. 17.|-- 212.0.131.109 0.0% 3 226.9 228.2 226.9 229.6 1.4
  371. 18.|-- 196.202.137.249 0.0% 3 219.1 219.7 219.1 220.6 0.8
  372. 19.|-- 196.202.145.94 0.0% 3 219.3 219.4 219.1 219.8 0.3
  373. 20.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  374. #######################################################################################################################################
  375. Ping 'mofeca.gov.sd'
  376. ---------------------------------------------------------------------------------------------------------------------------------------
  377.  
  378. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-02-14 13:24 UTC
  379. SENT (0.0039s) ICMP [104.237.144.6 > 62.12.105.6 Echo request (type=8/code=0) id=6756 seq=1] IP [ttl=64 id=60713 iplen=28 ]
  380. SENT (1.0042s) ICMP [104.237.144.6 > 62.12.105.6 Echo request (type=8/code=0) id=6756 seq=2] IP [ttl=64 id=60713 iplen=28 ]
  381. SENT (2.0061s) ICMP [104.237.144.6 > 62.12.105.6 Echo request (type=8/code=0) id=6756 seq=3] IP [ttl=64 id=60713 iplen=28 ]
  382. SENT (3.0077s) ICMP [104.237.144.6 > 62.12.105.6 Echo request (type=8/code=0) id=6756 seq=4] IP [ttl=64 id=60713 iplen=28 ]
  383.  
  384. Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
  385. Raw packets sent: 4 (112B) | Rcvd: 0 (0B) | Lost: 4 (100.00%)
  386. Nping done: 1 IP address pinged in 4.01 seconds
  387. #######################################################################################################################################
  388. =======================================================================================================================================
  389. | E-mails:
  390. | [+] E-mail Found: kevinh@kevcom.com
  391. | [+] E-mail Found: humbedooh@apache.org
  392. | [+] E-mail Found: mike@hyperreal.org
  393. | [+] E-mail Found: info@krtstrategy.gov.sd
  394. | [+] E-mail Found: adilalfaki@hotmail.com
  395. =======================================================================================================================================
  396. | Source Code Disclosure:
  397. | [+] Source Code Found: http://mofeca.gov.sd/test.html
  398. | [+] Source Code Found: http://mofeca.gov.sd/test/apacheasp/test.asp
  399. =======================================================================================================================================
  400. | External hosts:
  401. | [+] External Host Found: http://www.parallels.com
  402. | [+] External Host Found: http://www.showmyweather.com
  403. | [+] External Host Found: http://httpd.apache.org
  404. =======================================================================================================================================
  405. #######################################################################################################################################
  406. ; <<>> DiG 9.11.5-P1-1-Debian <<>> mofeca.gov.sd
  407. ;; global options: +cmd
  408. ;; Got answer:
  409. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35346
  410. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  411.  
  412. ;; OPT PSEUDOSECTION:
  413. ; EDNS: version: 0, flags:; udp: 4096
  414. ;; QUESTION SECTION:
  415. ;mofeca.gov.sd. IN A
  416.  
  417. ;; ANSWER SECTION:
  418. mofeca.gov.sd. 82826 IN A 62.12.105.6
  419.  
  420. ;; Query time: 1392 msec
  421. ;; SERVER: 38.132.106.139#53(38.132.106.139)
  422. ;; WHEN: jeu fév 14 09:17:07 EST 2019
  423. ;; MSG SIZE rcvd: 58
  424. #######################################################################################################################################
  425. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace mofeca.gov.sd
  426. ;; global options: +cmd
  427. . 83109 IN NS f.root-servers.net.
  428. . 83109 IN NS d.root-servers.net.
  429. . 83109 IN NS c.root-servers.net.
  430. . 83109 IN NS m.root-servers.net.
  431. . 83109 IN NS h.root-servers.net.
  432. . 83109 IN NS l.root-servers.net.
  433. . 83109 IN NS i.root-servers.net.
  434. . 83109 IN NS g.root-servers.net.
  435. . 83109 IN NS j.root-servers.net.
  436. . 83109 IN NS e.root-servers.net.
  437. . 83109 IN NS b.root-servers.net.
  438. . 83109 IN NS k.root-servers.net.
  439. . 83109 IN NS a.root-servers.net.
  440. . 83109 IN RRSIG NS 8 0 518400 20190227050000 20190214040000 16749 . KjRJi44YfIrOlhPKeg7qiGlwP2QsgQmM2rTFegujHBe0cRTA1uH0NEgj FPJX+q10aSbYdSr3FGT2cW1YTRmLmAbNXGwZz84jYBm+Z+Au+Yhr9TRN 4DHs4voHtgr8u/sm5Hx72ghRbXOSK+ffIljYBTSwk4TKkFi1sqYbs7V6 tMz0LjK1rEuWHnPi2Vnrp93/WKdWMQmytU2qvKr9x6/s8TSkWWOKzaEX sOGlz9aFDRpYkreMZvOWKjUJbkzz9BgvKhnT72q0oDdhdrhle1bTM+yV rZ4pgndNM0b3TAdcMiNhNEISL0uQ0b5tUM3Y3rOT9YLlF4gA+p01UD3a cuep6w==
  441. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 96 ms
  442.  
  443. sd. 172800 IN NS ans1.sis.sd.
  444. sd. 172800 IN NS ans1.canar.sd.
  445. sd. 172800 IN NS ns1.uaenic.ae.
  446. sd. 172800 IN NS ans2.canar.sd.
  447. sd. 172800 IN NS sd.cctld.authdns.ripe.net.
  448. sd. 172800 IN NS ns-sd.afrinic.net.
  449. sd. 172800 IN NS ns2.uaenic.ae.
  450. sd. 86400 IN NSEC se. NS RRSIG NSEC
  451. sd. 86400 IN RRSIG NSEC 8 1 86400 20190227050000 20190214040000 16749 . p5xCmXr6/UJpXVFgnTVrZf/qZ0bsqHWSMXrkDI4WLDsbzoK/TSBtEgO2 KSA9Is1n0hWTqY3HfWl5R0HypWb+vtX32FbjdPNUpm2FBtpujLQgxvry /nJRvXzYKmy1NPoLesExvMg/3coxIQKAPxmfwm09ddZ5vfvc+NKc5X7D znXBTk+j6KILgL7LvhhJ0/TsikCqL3gPGKH8aW6RId4tcxJV1dmgRR8F FcGkESYs2KJmG6KN/JG5OiJ/rOVUSQCkHjUAMoX1x+qKLAy+dDJkBnyy OkdQ+04CkijYHauuo/VvJjk14/60ChpgDqc//AF+VJgvGPs9tSEQLApC wFQsOg==
  452. ;; Received 728 bytes from 199.9.14.201#53(b.root-servers.net) in 65 ms
  453.  
  454. ;; Received 70 bytes from 195.229.0.186#53(ns2.uaenic.ae) in 283 ms
  455. #######################################################################################################################################
  456. ; <<>> DiG 9.11.5-P1-1-Debian <<>> mofeca.gov.sd ns
  457. ;; global options: +cmd
  458. ;; Got answer:
  459. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45629
  460. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
  461.  
  462. ;; OPT PSEUDOSECTION:
  463. ; EDNS: version: 0, flags:; udp: 4096
  464. ;; QUESTION SECTION:
  465. ;mofeca.gov.sd. IN NS
  466.  
  467. ;; ANSWER SECTION:
  468. mofeca.gov.sd. 82716 IN NS ns1.ndc.gov.sd.
  469. mofeca.gov.sd. 82716 IN NS ns0.ndc.gov.sd.
  470.  
  471. ;; Query time: 97 msec
  472. ;; SERVER: 38.132.106.139#53(38.132.106.139)
  473. ;; WHEN: jeu fév 14 09:18:57 EST 2019
  474. ;; MSG SIZE rcvd: 82
  475. #######################################################################################################################################
  476. dnsenum VERSION:1.2.4
  477.  
  478. ----- mofeca.gov.sd -----
  479.  
  480.  
  481. Host's addresses:
  482. __________________
  483.  
  484. mofeca.gov.sd. 84184 IN A 62.12.105.6
  485.  
  486.  
  487. Name Servers:
  488. ______________
  489.  
  490. ns0.ndc.gov.sd. 12196 IN A 62.12.109.2
  491. ns1.ndc.gov.sd. 12195 IN A 62.12.109.3
  492.  
  493.  
  494. Mail (MX) Servers:
  495. ___________________
  496.  
  497. mail.mofeca.gov.sd. 84194 IN A 196.29.167.142
  498.  
  499.  
  500. Trying Zone Transfers and getting Bind Versions:
  501. _________________________________________________
  502.  
  503.  
  504. Trying Zone Transfer for mofeca.gov.sd on ns0.ndc.gov.sd ...
  505. mofeca.gov.sd. 86400 IN SOA (
  506. mofeca.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
  507. mofeca.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
  508. mofeca.gov.sd. 86400 IN A 62.12.105.6
  509. mofeca.gov.sd. 86400 IN MX 10
  510. mofeca.gov.sd. 86400 IN TXT "v=spf1
  511. mail.mofeca.gov.sd. 86400 IN A 196.29.167.142
  512. mail.mofeca.gov.sd. 86400 IN MX 10
  513. test.mofeca.gov.sd. 86400 IN A 62.12.105.6
  514. webmail.mofeca.gov.sd. 86400 IN CNAME mail.mofeca.gov.sd.
  515. www.mofeca.gov.sd. 86400 IN A 62.12.105.6
  516.  
  517. Trying Zone Transfer for mofeca.gov.sd on ns1.ndc.gov.sd ...
  518. mofeca.gov.sd. 86400 IN SOA (
  519. mofeca.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
  520. mofeca.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
  521. mofeca.gov.sd. 86400 IN A 62.12.105.6
  522. mofeca.gov.sd. 86400 IN MX 10
  523. mofeca.gov.sd. 86400 IN TXT "v=spf1
  524. mail.mofeca.gov.sd. 86400 IN A 196.29.167.142
  525. mail.mofeca.gov.sd. 86400 IN MX 10
  526. test.mofeca.gov.sd. 86400 IN A 62.12.105.6
  527. webmail.mofeca.gov.sd. 86400 IN CNAME mail.mofeca.gov.sd.
  528. www.mofeca.gov.sd. 86400 IN A 62.12.105.6
  529. #######################################################################################################################################
  530.  
  531. ____ _ _ _ _ _____
  532. / ___| _ _| |__ | (_)___| |_|___ / _ __
  533. \___ \| | | | '_ \| | / __| __| |_ \| '__|
  534. ___) | |_| | |_) | | \__ \ |_ ___) | |
  535. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
  536.  
  537. # Coded By Ahmed Aboul-Ela - @aboul3la
  538.  
  539. [-] Enumerating subdomains now for mofeca.gov.sd
  540. [-] verbosity is enabled, will show the subdomains results in realtime
  541. [-] Searching now in Baidu..
  542. [-] Searching now in Yahoo..
  543. [-] Searching now in Google..
  544. [-] Searching now in Bing..
  545. [-] Searching now in Ask..
  546. [-] Searching now in Netcraft..
  547. [-] Searching now in DNSdumpster..
  548. [-] Searching now in Virustotal..
  549. [-] Searching now in ThreatCrowd..
  550. [-] Searching now in SSL Certificates..
  551. [-] Searching now in PassiveDNS..
  552. Virustotal: www.mofeca.gov.sd
  553. Virustotal: mail.mofeca.gov.sd
  554. Yahoo: www.mofeca.gov.sd
  555. [-] Saving results to file: /usr/share/sniper/loot//domains/domains-mofeca.gov.sd.txt
  556. [-] Total Unique Subdomains Found: 2
  557. www.mofeca.gov.sd
  558. mail.mofeca.gov.sd
  559. #######################################################################################################################################
  560. mail.mofeca.gov.sd,196.29.167.142
  561. webmail.mofeca.gov.sd,196.29.167.142
  562. #######################################################################################################################################
  563. ===============================================
  564. -=Subfinder v1.1.3 github.com/subfinder/subfinder
  565. ===============================================
  566.  
  567.  
  568. Running Source: Ask
  569. Running Source: Archive.is
  570. Running Source: Baidu
  571. Running Source: Bing
  572. Running Source: CertDB
  573. Running Source: CertificateTransparency
  574. Running Source: Certspotter
  575. Running Source: Commoncrawl
  576. Running Source: Crt.sh
  577. Running Source: Dnsdb
  578. Running Source: DNSDumpster
  579. Running Source: DNSTable
  580. Running Source: Dogpile
  581. Running Source: Exalead
  582. Running Source: Findsubdomains
  583. Running Source: Googleter
  584. Running Source: Hackertarget
  585. Running Source: Ipv4Info
  586. Running Source: PTRArchive
  587. Running Source: Sitedossier
  588. Running Source: Threatcrowd
  589. Running Source: ThreatMiner
  590. Running Source: WaybackArchive
  591. Running Source: Yahoo
  592.  
  593. Running enumeration on mofeca.gov.sd
  594.  
  595. dnsdb: Unexpected return status 503
  596.  
  597. archiveis: Get http://archive.is/*.mofeca.gov.sd: dial tcp 213.183.51.24:80: connect: connection timed out
  598.  
  599.  
  600. Starting Bruteforcing of mofeca.gov.sd with 9985 words
  601.  
  602. Total 7 Unique subdomains found for mofeca.gov.sd
  603.  
  604. .mofeca.gov.sd
  605. mail.mofeca.gov.sd
  606. mail.mofeca.gov.sd
  607. test.mofeca.gov.sd
  608. webmail.mofeca.gov.sd
  609. www.mofeca.gov.sd
  610. www.mofeca.gov.sd
  611. #######################################################################################################################################
  612. [*] Processing domain mofeca.gov.sd
  613. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
  614. [+] Getting nameservers
  615. 62.12.109.3 - ns1.ndc.gov.sd
  616. [+] Zone transfer sucessful using nameserver ns1.ndc.gov.sd
  617. mofeca.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2016110600 10800 900 604800 86400
  618. mofeca.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
  619. mofeca.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
  620. mofeca.gov.sd. 86400 IN A 62.12.105.6
  621. mofeca.gov.sd. 86400 IN MX 10 mail.mofeca.gov.sd.
  622. mofeca.gov.sd. 86400 IN TXT "v=spf1 mx -all"
  623. mail.mofeca.gov.sd. 86400 IN A 196.29.167.142
  624. mail.mofeca.gov.sd. 86400 IN MX 10 mail.mofeca.gov.sd.
  625. test.mofeca.gov.sd. 86400 IN A 62.12.105.6
  626. webmail.mofeca.gov.sd. 86400 IN CNAME mail.mofeca.gov.sd.
  627. www.mofeca.gov.sd. 86400 IN A 62.12.105.6
  628. #######################################################################################################################################
  629. [*] Found SPF record:
  630. [*] v=spf1 mx -all
  631. [*] SPF record contains an All item: -all
  632. [*] No DMARC record found. Looking for organizational record
  633. [+] No organizational DMARC record
  634. [+] Spoofing possible for mofeca.gov.sd!
  635. #######################################################################################################################################
  636. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:03 EST
  637. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  638. Host is up (0.23s latency).
  639. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  640. Not shown: 464 filtered ports, 4 closed ports
  641. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  642. PORT STATE SERVICE
  643. 21/tcp open ftp
  644. 80/tcp open http
  645. 110/tcp open pop3
  646. 443/tcp open https
  647. 465/tcp open smtps
  648. 993/tcp open imaps
  649. 995/tcp open pop3s
  650. 8443/tcp open https-alt
  651. #######################################################################################################################################
  652. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:03 EST
  653. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  654. Host is up (0.069s latency).
  655. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  656. Not shown: 2 filtered ports
  657. PORT STATE SERVICE
  658. 53/udp open|filtered domain
  659. 67/udp open|filtered dhcps
  660. 68/udp open|filtered dhcpc
  661. 69/udp open|filtered tftp
  662. 88/udp open|filtered kerberos-sec
  663. 123/udp open|filtered ntp
  664. 139/udp open|filtered netbios-ssn
  665. 161/udp open|filtered snmp
  666. 162/udp open|filtered snmptrap
  667. 389/udp open|filtered ldap
  668. 520/udp open|filtered route
  669. 2049/udp open|filtered nfs
  670. #######################################################################################################################################
  671. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:03 EST
  672. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  673. Host is up (0.28s latency).
  674. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  675.  
  676. PORT STATE SERVICE VERSION
  677. 21/tcp open ftp ProFTPD 1.3.5d
  678. | ftp-brute:
  679. | Accounts: No valid accounts found
  680. |_ Statistics: Performed 2205 guesses in 192 seconds, average tps: 11.3
  681. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  682. Device type: specialized|general purpose
  683. Running: AVtech embedded, Linux 2.6.X
  684. OS CPE: cpe:/o:linux:linux_kernel:2.6
  685. OS details: AVtech Room Alert 26W environmental monitor, Linux 2.6.18 - 2.6.22
  686. Network Distance: 21 hops
  687. Service Info: OS: Unix
  688.  
  689. TRACEROUTE (using port 21/tcp)
  690. HOP RTT ADDRESS
  691. 1 65.26 ms 10.238.200.1
  692. 2 65.64 ms 193.37.252.209
  693. 3 65.34 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  694. 4 65.71 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  695. 5 68.22 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  696. 6 66.13 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  697. 7 80.10 ms be3483.ccr42.atl01.atlas.cogentco.com (154.54.28.49)
  698. 8 90.70 ms be2113.ccr42.dca01.atlas.cogentco.com (154.54.24.221)
  699. 9 96.72 ms be2807.ccr42.jfk02.atlas.cogentco.com (154.54.40.109)
  700. 10 168.41 ms be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86)
  701. 11 168.50 ms 154.54.57.154
  702. 12 170.30 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  703. 13 247.75 ms 185.153.20.70
  704. 14 244.49 ms 185.153.20.82
  705. 15 246.67 ms 185.153.20.94
  706. 16 261.44 ms 185.153.20.153
  707. 17 ... 18
  708. 19 284.95 ms 196.202.145.94
  709. 20 ...
  710. 21 283.95 ms f03-web04.nic.gov.sd (62.12.105.6)
  711. #######################################################################################################################################
  712. http://mofeca.gov.sd [200 OK] Email[adilalfaki@hotmail.com,info@krtstrategy.gov.sd], HTTPServer[nginx], IP[62.12.105.6], PHP[5.4.16,], Plesk[Lin], Script[text/javascript], Title[وزارة المالية و الإقتصاد و شؤون المستهلك - ولاية الخرطوم], X-Powered-By[PHP/5.4.16, PleskLin], nginx
  713. #######################################################################################################################################
  714.  
  715. wig - WebApp Information Gatherer
  716.  
  717.  
  718. Scanning http://mofeca.gov.sd...
  719. ______________________________________________ SITE INFO ______________________________________________
  720. IP Title
  721. 62.12.105.6 وزارة المالية و الإقتصاد و شؤون المستهلك - ولاية الخرطوم
  722.  
  723. _______________________________________________ VERSION _______________________________________________
  724. Name Versions Type
  725. Joomla! 3.6.3-rc1 CMS
  726. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
  727. 2.4.9
  728. PHP 5.4.16 Platform
  729. nginx Platform
  730. CentOS 7-1511 | 7.0-1406 | 7.1-1503 OS
  731. Red Hat Enterprise Linux RHEL-7.0 | RHEL-7.1 | RHEL-7.2 OS
  732. Scientific Linux 7.0 | 7.1 | 7.2 OS
  733.  
  734. _____________________________________________ INTERESTING _____________________________________________
  735. URL Note Type
  736. /test.html Test file Interesting
  737.  
  738. ________________________________________________ TOOLS ________________________________________________
  739. Name Link Software
  740. CMSmap https://github.com/Dionach/CMSmap Joomla!
  741. joomscan http://sourceforge.net/projects/joomscan/ Joomla!
  742.  
  743. _______________________________________________________________________________________________________
  744. Time: 351.1 sec Urls: 895 Fingerprints: 40401
  745. #######################################################################################################################################
  746. HTTP/1.1 200 OK
  747. Server: nginx
  748. Date: Thu, 14 Feb 2019 13:14:49 GMT
  749. Content-Type: text/html
  750. Connection: keep-alive
  751. X-Powered-By: PHP/5.4.16
  752. X-Powered-By: PleskLin
  753.  
  754. HTTP/1.1 200 OK
  755. Server: nginx
  756. Date: Thu, 14 Feb 2019 13:14:50 GMT
  757. Content-Type: text/html
  758. Connection: keep-alive
  759. X-Powered-By: PHP/5.4.16
  760. X-Powered-By: PleskLin
  761. #######################################################################################################################################
  762. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:15 EST
  763. Nmap scan report for mofeca.gov.sd (62.12.105.6)
  764. Host is up (0.28s latency).
  765. rDNS record for 62.12.105.6: f03-web04.nic.gov.sd
  766.  
  767. PORT STATE SERVICE VERSION
  768. 110/tcp open pop3 Dovecot pop3d
  769. | pop3-brute:
  770. | Accounts: No valid accounts found
  771. |_ Statistics: Performed 213 guesses in 186 seconds, average tps: 1.1
  772. |_pop3-capabilities: UIDL APOP CAPA TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) PIPELINING USER STLS AUTH-RESP-CODE RESP-CODES
  773. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  774. Device type: specialized|WAP|general purpose|router
  775. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
  776. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
  777. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
  778. Network Distance: 21 hops
  779.  
  780. TRACEROUTE (using port 443/tcp)
  781. HOP RTT ADDRESS
  782. 1 64.75 ms 10.238.200.1
  783. 2 65.12 ms 193.37.252.209
  784. 3 65.10 ms 82.102.29.174
  785. 4 65.14 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  786. 5 65.50 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  787. 6 65.86 ms be3411.ccr22.mia01.atlas.cogentco.com (154.54.26.41)
  788. 7 79.74 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  789. 8 90.91 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  790. 9 96.74 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  791. 10 167.14 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  792. 11 167.43 ms be2871.ccr21.lon01.atlas.cogentco.com (154.54.58.186)
  793. 12 169.79 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  794. 13 248.24 ms 185.153.20.70
  795. 14 247.14 ms 185.153.20.82
  796. 15 245.56 ms 185.153.20.94
  797. 16 263.80 ms 185.153.20.153
  798. 17 ... 18
  799. 19 279.72 ms 196.202.145.94
  800. 20 ...
  801. 21 286.05 ms f03-web04.nic.gov.sd (62.12.105.6)
  802. #######################################################################################################################################
  803. Version: 1.11.12-static
  804. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  805.  
  806. Connected to 62.12.105.6
  807.  
  808. Testing SSL server mofeca.gov.sd on port 443 using SNI name mofeca.gov.sd
  809.  
  810. TLS Fallback SCSV:
  811. Server supports TLS Fallback SCSV
  812.  
  813. TLS renegotiation:
  814. Secure session renegotiation supported
  815.  
  816. TLS Compression:
  817. Compression disabled
  818.  
  819. Heartbleed:
  820. TLS 1.2 not vulnerable to heartbleed
  821. TLS 1.1 not vulnerable to heartbleed
  822. TLS 1.0 not vulnerable to heartbleed
  823.  
  824. Supported Server Cipher(s):
  825. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  826. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  827. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  828. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  829. Accepted TLSv1.2 256 bits AES256-SHA256
  830. Accepted TLSv1.2 256 bits AES256-SHA
  831. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  832. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  833. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  834. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  835. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  836. Accepted TLSv1.2 128 bits AES128-SHA256
  837. Accepted TLSv1.2 128 bits AES128-SHA
  838. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  839. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  840. Accepted TLSv1.1 256 bits AES256-SHA
  841. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  842. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  843. Accepted TLSv1.1 128 bits AES128-SHA
  844. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  845. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  846. Accepted TLSv1.0 256 bits AES256-SHA
  847. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  848. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  849. Accepted TLSv1.0 128 bits AES128-SHA
  850. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  851.  
  852. SSL Certificate:
  853. Signature Algorithm: sha256WithRSAEncryption
  854. RSA Key Strength: 2048
  855.  
  856. Subject: Plesk
  857. Issuer: Plesk
  858.  
  859. Not valid before: Apr 20 02:45:28 2016 GMT
  860. Not valid after: Apr 20 02:45:28 2017 GMT
  861. ######################################################################################################################################
  862. --------------------------------------------------------
  863. <<<Yasuo discovered following vulnerable applications>>>
  864. --------------------------------------------------------
  865. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  866. | App Name | URL to Application | Potential Exploit | Username | Password |
  867. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  868. | phpMyAdmin | https://62.12.105.6:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
  869. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  870. #######################################################################################################################################
  871. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 08:54 EST
  872. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  873. Host is up (0.18s latency).
  874. Not shown: 464 filtered ports, 4 closed ports
  875. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  876. PORT STATE SERVICE
  877. 21/tcp open ftp
  878. 80/tcp open http
  879. 110/tcp open pop3
  880. 443/tcp open https
  881. 465/tcp open smtps
  882. 993/tcp open imaps
  883. 995/tcp open pop3s
  884. 8443/tcp open https-alt
  885. #######################################################################################################################################
  886. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 08:54 EST
  887. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  888. Host is up (0.068s latency).
  889. Not shown: 2 filtered ports
  890. PORT STATE SERVICE
  891. 53/udp open|filtered domain
  892. 67/udp open|filtered dhcps
  893. 68/udp open|filtered dhcpc
  894. 69/udp open|filtered tftp
  895. 88/udp open|filtered kerberos-sec
  896. 123/udp open|filtered ntp
  897. 139/udp open|filtered netbios-ssn
  898. 161/udp open|filtered snmp
  899. 162/udp open|filtered snmptrap
  900. 389/udp open|filtered ldap
  901. 520/udp open|filtered route
  902. 2049/udp open|filtered nfs
  903. #######################################################################################################################################
  904. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 08:54 EST
  905. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  906. Host is up (0.26s latency).
  907.  
  908. PORT STATE SERVICE VERSION
  909. 21/tcp open ftp ProFTPD 1.3.5d
  910. | ftp-brute:
  911. | Accounts: No valid accounts found
  912. |_ Statistics: Performed 2091 guesses in 182 seconds, average tps: 11.3
  913. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  914. Device type: specialized|WAP|general purpose|router
  915. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
  916. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
  917. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
  918. Network Distance: 21 hops
  919. Service Info: OS: Unix
  920.  
  921. TRACEROUTE (using port 21/tcp)
  922. HOP RTT ADDRESS
  923. 1 66.42 ms 10.238.200.1
  924. 2 66.82 ms 193.37.252.209
  925. 3 ...
  926. 4 66.89 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  927. 5 66.92 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  928. 6 67.46 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  929. 7 80.70 ms be3483.ccr42.atl01.atlas.cogentco.com (154.54.28.49)
  930. 8 91.69 ms be2113.ccr42.dca01.atlas.cogentco.com (154.54.24.221)
  931. 9 98.13 ms be2807.ccr42.jfk02.atlas.cogentco.com (154.54.40.109)
  932. 10 170.75 ms be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86)
  933. 11 165.62 ms 154.54.57.154
  934. 12 167.73 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  935. 13 246.36 ms 185.153.20.70
  936. 14 244.54 ms 185.153.20.82
  937. 15 245.48 ms 185.153.20.94
  938. 16 262.94 ms 185.153.20.153
  939. 17 ... 18
  940. 19 282.42 ms 196.202.145.94
  941. 20 ...
  942. 21 284.23 ms f03-web04.nic.gov.sd (62.12.105.6)
  943. #######################################################################################################################################
  944. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 08:59 EST
  945. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  946. Host is up.
  947.  
  948. PORT STATE SERVICE VERSION
  949. 67/udp open|filtered dhcps
  950. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  951. Too many fingerprints match this host to give specific OS details
  952.  
  953. TRACEROUTE (using proto 1/icmp)
  954. HOP RTT ADDRESS
  955. 1 65.19 ms 10.238.200.1
  956. 2 65.61 ms 193.37.252.209
  957. 3 65.63 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  958. 4 65.65 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  959. 5 66.02 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  960. 6 66.46 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  961. 7 79.68 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  962. 8 90.74 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  963. 9 97.12 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  964. 10 167.57 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  965. 11 164.46 ms 154.54.57.154
  966. 12 166.62 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  967. 13 244.06 ms 185.153.20.70
  968. 14 243.10 ms 185.153.20.82
  969. 15 243.06 ms 185.153.20.94
  970. 16 260.15 ms 185.153.20.153
  971. 17 280.52 ms 212.0.131.109
  972. 18 270.12 ms 196.202.137.249
  973. 19 278.09 ms 196.202.145.94
  974. 20 ... 30
  975. #######################################################################################################################################
  976. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:01 EST
  977. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  978. Host is up.
  979.  
  980. PORT STATE SERVICE VERSION
  981. 68/udp open|filtered dhcpc
  982. Too many fingerprints match this host to give specific OS details
  983.  
  984. TRACEROUTE (using proto 1/icmp)
  985. HOP RTT ADDRESS
  986. 1 65.22 ms 10.238.200.1
  987. 2 65.30 ms 193.37.252.209
  988. 3 65.29 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  989. 4 65.84 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  990. 5 66.47 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  991. 6 66.53 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  992. 7 79.89 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  993. 8 90.69 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  994. 9 97.09 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  995. 10 167.80 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  996. 11 169.04 ms 154.54.57.154
  997. 12 170.56 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  998. 13 248.01 ms 185.153.20.70
  999. 14 247.16 ms 185.153.20.82
  1000. 15 246.91 ms 185.153.20.94
  1001. 16 271.11 ms 185.153.20.153
  1002. 17 281.42 ms 212.0.131.109
  1003. 18 273.00 ms 196.202.137.249
  1004. 19 279.25 ms 196.202.145.94
  1005. 20 ... 30
  1006. #######################################################################################################################################
  1007. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:03 EST
  1008. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1009. Host is up.
  1010.  
  1011. PORT STATE SERVICE VERSION
  1012. 69/udp open|filtered tftp
  1013. Too many fingerprints match this host to give specific OS details
  1014.  
  1015. TRACEROUTE (using proto 1/icmp)
  1016. HOP RTT ADDRESS
  1017. 1 69.61 ms 10.238.200.1
  1018. 2 70.09 ms 193.37.252.209
  1019. 3 70.07 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  1020. 4 70.12 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  1021. 5 70.86 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  1022. 6 70.84 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  1023. 7 84.25 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  1024. 8 95.26 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  1025. 9 101.47 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  1026. 10 166.75 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  1027. 11 165.50 ms 154.54.57.154
  1028. 12 166.70 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1029. 13 244.15 ms 185.153.20.70
  1030. 14 243.11 ms 185.153.20.82
  1031. 15 242.89 ms 185.153.20.94
  1032. 16 263.21 ms 185.153.20.153
  1033. 17 281.45 ms 212.0.131.109
  1034. 18 273.79 ms 196.202.137.249
  1035. 19 277.96 ms 196.202.145.94
  1036. 20 ... 30
  1037. #######################################################################################################################################
  1038. wig - WebApp Information Gatherer
  1039.  
  1040.  
  1041. Scanning http://62.12.105.6...
  1042. _________________ SITE INFO _________________
  1043. IP Title
  1044. 62.12.105.6
  1045.  
  1046. __________________ VERSION __________________
  1047. Name Versions Type
  1048. nginx Platform
  1049.  
  1050. _____________________________________________
  1051. Time: 1.2 sec Urls: 599 Fingerprints: 40401
  1052. #######################################################################################################################################
  1053. HTTP/1.1 200 OK
  1054. Server: nginx
  1055. Date: Thu, 14 Feb 2019 13:06:41 GMT
  1056. Content-Type: text/html
  1057. Content-Length: 3750
  1058. Connection: keep-alive
  1059. Last-Modified: Wed, 31 Jan 2018 01:43:44 GMT
  1060. ETag: "ea6-564089c14acef"
  1061. Accept-Ranges: bytes
  1062.  
  1063. HTTP/1.1 200 OK
  1064. Server: nginx
  1065. Date: Thu, 14 Feb 2019 13:06:42 GMT
  1066. Content-Type: text/html
  1067. Content-Length: 3750
  1068. Connection: keep-alive
  1069. Last-Modified: Wed, 31 Jan 2018 01:43:44 GMT
  1070. ETag: "ea6-564089c14acef"
  1071. Accept-Ranges: bytes
  1072. #######################################################################################################################################
  1073. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:06 EST
  1074. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1075. Host is up (0.28s latency).
  1076.  
  1077. PORT STATE SERVICE VERSION
  1078. 110/tcp open pop3 Dovecot pop3d
  1079. | pop3-brute:
  1080. | Accounts: No valid accounts found
  1081. |_ Statistics: Performed 212 guesses in 184 seconds, average tps: 1.1
  1082. |_pop3-capabilities: AUTH-RESP-CODE USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) APOP PIPELINING STLS RESP-CODES UIDL CAPA TOP
  1083. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1084. Device type: specialized|WAP|general purpose|router
  1085. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
  1086. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
  1087. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
  1088. Network Distance: 21 hops
  1089.  
  1090. TRACEROUTE (using port 443/tcp)
  1091. HOP RTT ADDRESS
  1092. 1 65.19 ms 10.238.200.1
  1093. 2 65.38 ms 193.37.252.209
  1094. 3 ...
  1095. 4 65.58 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  1096. 5 65.60 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  1097. 6 66.01 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  1098. 7 79.90 ms be3483.ccr42.atl01.atlas.cogentco.com (154.54.28.49)
  1099. 8 90.40 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  1100. 9 96.42 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  1101. 10 167.03 ms 154.54.30.186
  1102. 11 171.17 ms be2871.ccr21.lon01.atlas.cogentco.com (154.54.58.186)
  1103. 12 169.85 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1104. 13 248.23 ms 185.153.20.70
  1105. 14 247.25 ms 185.153.20.82
  1106. 15 246.26 ms 185.153.20.94
  1107. 16 265.40 ms 185.153.20.153
  1108. 17 ... 18
  1109. 19 278.89 ms 196.202.145.94
  1110. 20 ...
  1111. 21 281.63 ms f03-web04.nic.gov.sd (62.12.105.6)
  1112. #######################################################################################################################################
  1113. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:10 EST
  1114. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1115. Host is up.
  1116.  
  1117. PORT STATE SERVICE VERSION
  1118. 123/udp open|filtered ntp
  1119. Too many fingerprints match this host to give specific OS details
  1120.  
  1121. TRACEROUTE (using proto 1/icmp)
  1122. HOP RTT ADDRESS
  1123. 1 65.18 ms 10.238.200.1
  1124. 2 65.58 ms 193.37.252.209
  1125. 3 65.22 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  1126. 4 65.62 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  1127. 5 68.27 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  1128. 6 66.28 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  1129. 7 80.22 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  1130. 8 91.04 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  1131. 9 97.46 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  1132. 10 168.21 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  1133. 11 164.11 ms 154.54.57.154
  1134. 12 166.25 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1135. 13 244.01 ms 185.153.20.70
  1136. 14 242.75 ms 185.153.20.82
  1137. 15 242.72 ms 185.153.20.94
  1138. 16 326.31 ms 185.153.20.153
  1139. 17 281.30 ms 212.0.131.109
  1140. 18 277.32 ms 196.202.137.249
  1141. 19 283.40 ms 196.202.145.94
  1142. 20 ... 30
  1143. #######################################################################################################################################
  1144. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:12 EST
  1145. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1146. Host is up (0.28s latency).
  1147.  
  1148. PORT STATE SERVICE VERSION
  1149. 161/tcp filtered snmp
  1150. 161/udp open|filtered snmp
  1151. Too many fingerprints match this host to give specific OS details
  1152.  
  1153. TRACEROUTE (using proto 1/icmp)
  1154. HOP RTT ADDRESS
  1155. 1 67.41 ms 10.238.200.1
  1156. 2 67.61 ms 193.37.252.209
  1157. 3 67.45 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  1158. 4 68.07 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  1159. 5 68.10 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  1160. 6 68.48 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  1161. 7 81.90 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  1162. 8 93.71 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  1163. 9 98.95 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  1164. 10 169.42 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  1165. 11 163.84 ms 154.54.57.154
  1166. 12 165.96 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1167. 13 243.34 ms 185.153.20.70
  1168. 14 242.49 ms 185.153.20.82
  1169. 15 242.52 ms 185.153.20.94
  1170. 16 259.24 ms 185.153.20.153
  1171. 17 282.53 ms 212.0.131.109
  1172. 18 273.19 ms 196.202.137.249
  1173. 19 281.16 ms 196.202.145.94
  1174. 20 ... 30
  1175. #######################################################################################################################################
  1176. Version: 1.11.12-static
  1177. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1178.  
  1179. Connected to 62.12.105.6
  1180.  
  1181. Testing SSL server 62.12.105.6 on port 443 using SNI name 62.12.105.6
  1182.  
  1183. TLS Fallback SCSV:
  1184. Server supports TLS Fallback SCSV
  1185.  
  1186. TLS renegotiation:
  1187. Secure session renegotiation supported
  1188.  
  1189. TLS Compression:
  1190. Compression disabled
  1191.  
  1192. Heartbleed:
  1193. TLS 1.2 not vulnerable to heartbleed
  1194. TLS 1.1 not vulnerable to heartbleed
  1195. TLS 1.0 not vulnerable to heartbleed
  1196.  
  1197. Supported Server Cipher(s):
  1198. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  1199. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  1200. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1201. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  1202. Accepted TLSv1.2 256 bits AES256-SHA256
  1203. Accepted TLSv1.2 256 bits AES256-SHA
  1204. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  1205. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  1206. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  1207. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1208. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  1209. Accepted TLSv1.2 128 bits AES128-SHA256
  1210. Accepted TLSv1.2 128 bits AES128-SHA
  1211. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  1212. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1213. Accepted TLSv1.1 256 bits AES256-SHA
  1214. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  1215. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1216. Accepted TLSv1.1 128 bits AES128-SHA
  1217. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  1218. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1219. Accepted TLSv1.0 256 bits AES256-SHA
  1220. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  1221. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1222. Accepted TLSv1.0 128 bits AES128-SHA
  1223. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  1224.  
  1225. SSL Certificate:
  1226. Signature Algorithm: sha256WithRSAEncryption
  1227. RSA Key Strength: 2048
  1228.  
  1229. Subject: Plesk
  1230. Issuer: Plesk
  1231.  
  1232. Not valid before: Apr 20 02:45:28 2016 GMT
  1233. Not valid after: Apr 20 02:45:28 2017 GMT
  1234. #######################################################################################################################################
  1235. --------------------------------------------------------
  1236. <<<Yasuo discovered following vulnerable applications>>>
  1237. --------------------------------------------------------
  1238. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1239. | App Name | URL to Application | Potential Exploit | Username | Password |
  1240. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1241. | phpMyAdmin | https://62.12.105.6:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
  1242. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1243. #######################################################################################################################################
  1244. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:22 EST
  1245. NSE: Loaded 148 scripts for scanning.
  1246. NSE: Script Pre-scanning.
  1247. NSE: Starting runlevel 1 (of 2) scan.
  1248. Initiating NSE at 09:22
  1249. Completed NSE at 09:22, 0.00s elapsed
  1250. NSE: Starting runlevel 2 (of 2) scan.
  1251. Initiating NSE at 09:22
  1252. Completed NSE at 09:22, 0.00s elapsed
  1253. Initiating Ping Scan at 09:22
  1254. Scanning 62.12.105.6 [4 ports]
  1255. Completed Ping Scan at 09:22, 0.32s elapsed (1 total hosts)
  1256. Initiating Parallel DNS resolution of 1 host. at 09:22
  1257. Completed Parallel DNS resolution of 1 host. at 09:22, 0.02s elapsed
  1258. Initiating Connect Scan at 09:22
  1259. Scanning f03-web04.nic.gov.sd (62.12.105.6) [1000 ports]
  1260. Discovered open port 993/tcp on 62.12.105.6
  1261. Discovered open port 21/tcp on 62.12.105.6
  1262. Discovered open port 443/tcp on 62.12.105.6
  1263. Discovered open port 110/tcp on 62.12.105.6
  1264. Discovered open port 995/tcp on 62.12.105.6
  1265. Discovered open port 80/tcp on 62.12.105.6
  1266. Discovered open port 8443/tcp on 62.12.105.6
  1267. Discovered open port 465/tcp on 62.12.105.6
  1268. Completed Connect Scan at 09:23, 18.19s elapsed (1000 total ports)
  1269. Initiating Service scan at 09:23
  1270. Scanning 8 services on f03-web04.nic.gov.sd (62.12.105.6)
  1271. Completed Service scan at 09:23, 14.57s elapsed (8 services on 1 host)
  1272. Initiating OS detection (try #1) against f03-web04.nic.gov.sd (62.12.105.6)
  1273. Retrying OS detection (try #2) against f03-web04.nic.gov.sd (62.12.105.6)
  1274. Initiating Traceroute at 09:23
  1275. Completed Traceroute at 09:23, 6.21s elapsed
  1276. Initiating Parallel DNS resolution of 19 hosts. at 09:23
  1277. Completed Parallel DNS resolution of 19 hosts. at 09:23, 16.50s elapsed
  1278. NSE: Script scanning 62.12.105.6.
  1279. NSE: Starting runlevel 1 (of 2) scan.
  1280. Initiating NSE at 09:23
  1281. NSE Timing: About 98.81% done; ETC: 09:24 (0:00:00 remaining)
  1282. NSE Timing: About 99.17% done; ETC: 09:24 (0:00:01 remaining)
  1283. NSE Timing: About 99.45% done; ETC: 09:25 (0:00:01 remaining)
  1284. NSE Timing: About 99.54% done; ETC: 09:25 (0:00:01 remaining)
  1285. NSE Timing: About 99.63% done; ETC: 09:26 (0:00:01 remaining)
  1286. NSE Timing: About 99.82% done; ETC: 09:26 (0:00:00 remaining)
  1287. Completed NSE at 09:27, 192.42s elapsed
  1288. NSE: Starting runlevel 2 (of 2) scan.
  1289. Initiating NSE at 09:27
  1290. Completed NSE at 09:27, 0.62s elapsed
  1291. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1292. Host is up, received syn-ack ttl 44 (0.26s latency).
  1293. Scanned at 2019-02-14 09:22:53 EST for 256s
  1294. Not shown: 987 filtered ports
  1295. Reason: 986 no-responses and 1 host-unreach
  1296. PORT STATE SERVICE REASON VERSION
  1297. 20/tcp closed ftp-data conn-refused
  1298. 21/tcp open ftp syn-ack ProFTPD 1.3.5d
  1299. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1300. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1301. | Public Key type: rsa
  1302. | Public Key bits: 2048
  1303. | Signature Algorithm: sha256WithRSAEncryption
  1304. | Not valid before: 2016-04-20T02:45:28
  1305. | Not valid after: 2017-04-20T02:45:28
  1306. | MD5: 7790 b36b c2b6 d7ed 7ba2 d554 6da3 7722
  1307. | SHA-1: 841a 764b b72e 7a1d 9675 599a 9f2c 7fcf d4fa 5c45
  1308. | -----BEGIN CERTIFICATE-----
  1309. | MIIDfTCCAmUCBFcW7UgwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
  1310. | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
  1311. | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
  1312. | CQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDQyMDAyNDUyOFoXDTE3MDQyMDAyNDUy
  1313. | OFowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
  1314. | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
  1315. | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
  1316. | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/mGOjB9R263rGI70CUL//UClIxX9sRm
  1317. | IuKfcX9ZsryYXi9ZY1nks2E4EzVce2cIahRlr/KtupiVwgPqAyxnBnoNAnoJf0au
  1318. | +6bdHYIwmCinxYihoCRDk/NSJkVkxP6mfI/lz6Pj4ph8kU+FZHoFsvxGPFe8xenD
  1319. | 25LSnXXD/RsnNScXU0QkriBF7mwajEjJeed77Z1++29i1U0Z+5kwP6k9WogbBHiP
  1320. | 1DnqSeNaIAqS/JGoLYcZxERrikSbDolKGcBor2Btj/+ntbQ/cGIp0u6TOreSysYL
  1321. | dosYZJlki/cyRqIOFw/Ey0OJ+E1rjNxRJFt6ix1SmtjTvWqMiwmUXwIDAQABMA0G
  1322. | CSqGSIb3DQEBCwUAA4IBAQALJy22o5EMfr+JcQU0y921/8otr5ONs3kDKA0aTw48
  1323. | 0+i3fqVTVxbuNLGwBc6UJOA5+ZUsRK4hHz+uchwiJ63In3Qeurp7/f6aUhlNSEHs
  1324. | wirA7AIRjE6nmMWVBkL7eoCql45VqTbtKvfF//hDV3Y7H9wpXYmv3W5D7lW1leuY
  1325. | zeEXwHUvkVzulFLW5UsgW06L6wID/qDwjCe5n+qxTWBWT9rf66w+ZOpMKjqI2+ds
  1326. | S/QW/9BYVSdYdiercNJ8ubWzB27o/GPYAZGKA6zQFlAOqI2KSyI/v8wmp4McanHB
  1327. | kSU3KNEZZO9gSQwBk+pRKTnwnvwnMC7NIc6zoS7rq4Gp
  1328. |_-----END CERTIFICATE-----
  1329. |_ssl-date: TLS randomness does not represent time
  1330. 25/tcp closed smtp conn-refused
  1331. 80/tcp open http syn-ack nginx
  1332. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
  1333. | http-methods:
  1334. |_ Supported Methods: GET HEAD POST OPTIONS
  1335. |_http-server-header: nginx
  1336. |_http-title: Domain Default page
  1337. 110/tcp open pop3 syn-ack Dovecot pop3d
  1338. |_pop3-capabilities: APOP AUTH-RESP-CODE RESP-CODES USER CAPA UIDL TOP STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) PIPELINING
  1339. |_ssl-date: TLS randomness does not represent time
  1340. 113/tcp closed ident conn-refused
  1341. 139/tcp closed netbios-ssn conn-refused
  1342. 443/tcp open ssl/http syn-ack nginx
  1343. | http-methods:
  1344. |_ Supported Methods: GET HEAD POST OPTIONS
  1345. |_http-server-header: nginx
  1346. |_http-title: Domain Default page
  1347. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1348. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1349. | Public Key type: rsa
  1350. | Public Key bits: 2048
  1351. | Signature Algorithm: sha256WithRSAEncryption
  1352. | Not valid before: 2016-04-20T02:45:28
  1353. | Not valid after: 2017-04-20T02:45:28
  1354. | MD5: 7790 b36b c2b6 d7ed 7ba2 d554 6da3 7722
  1355. | SHA-1: 841a 764b b72e 7a1d 9675 599a 9f2c 7fcf d4fa 5c45
  1356. | -----BEGIN CERTIFICATE-----
  1357. | MIIDfTCCAmUCBFcW7UgwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
  1358. | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
  1359. | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
  1360. | CQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDQyMDAyNDUyOFoXDTE3MDQyMDAyNDUy
  1361. | OFowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
  1362. | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
  1363. | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
  1364. | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/mGOjB9R263rGI70CUL//UClIxX9sRm
  1365. | IuKfcX9ZsryYXi9ZY1nks2E4EzVce2cIahRlr/KtupiVwgPqAyxnBnoNAnoJf0au
  1366. | +6bdHYIwmCinxYihoCRDk/NSJkVkxP6mfI/lz6Pj4ph8kU+FZHoFsvxGPFe8xenD
  1367. | 25LSnXXD/RsnNScXU0QkriBF7mwajEjJeed77Z1++29i1U0Z+5kwP6k9WogbBHiP
  1368. | 1DnqSeNaIAqS/JGoLYcZxERrikSbDolKGcBor2Btj/+ntbQ/cGIp0u6TOreSysYL
  1369. | dosYZJlki/cyRqIOFw/Ey0OJ+E1rjNxRJFt6ix1SmtjTvWqMiwmUXwIDAQABMA0G
  1370. | CSqGSIb3DQEBCwUAA4IBAQALJy22o5EMfr+JcQU0y921/8otr5ONs3kDKA0aTw48
  1371. | 0+i3fqVTVxbuNLGwBc6UJOA5+ZUsRK4hHz+uchwiJ63In3Qeurp7/f6aUhlNSEHs
  1372. | wirA7AIRjE6nmMWVBkL7eoCql45VqTbtKvfF//hDV3Y7H9wpXYmv3W5D7lW1leuY
  1373. | zeEXwHUvkVzulFLW5UsgW06L6wID/qDwjCe5n+qxTWBWT9rf66w+ZOpMKjqI2+ds
  1374. | S/QW/9BYVSdYdiercNJ8ubWzB27o/GPYAZGKA6zQFlAOqI2KSyI/v8wmp4McanHB
  1375. | kSU3KNEZZO9gSQwBk+pRKTnwnvwnMC7NIc6zoS7rq4Gp
  1376. |_-----END CERTIFICATE-----
  1377. |_ssl-date: TLS randomness does not represent time
  1378. | tls-alpn:
  1379. | h2
  1380. |_ http/1.1
  1381. | tls-nextprotoneg:
  1382. | h2
  1383. |_ http/1.1
  1384. 445/tcp closed microsoft-ds conn-refused
  1385. 465/tcp open ssl/smtps? syn-ack
  1386. |_smtp-commands: Couldn't establish connection on port 465
  1387. |_ssl-date: TLS randomness does not represent time
  1388. 993/tcp open ssl/imaps? syn-ack
  1389. |_ssl-date: TLS randomness does not represent time
  1390. 995/tcp open ssl/pop3s? syn-ack
  1391. |_ssl-date: TLS randomness does not represent time
  1392. 8443/tcp open ssl/http syn-ack sw-cp-server httpd (Plesk Onyx 17.5.3)
  1393. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
  1394. | http-methods:
  1395. |_ Supported Methods: GET HEAD OPTIONS
  1396. |_http-server-header: sw-cp-server
  1397. |_http-title: Plesk Onyx 17.5.3
  1398. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1399. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/localityName=Seattle/organizationalUnitName=Plesk
  1400. | Public Key type: rsa
  1401. | Public Key bits: 2048
  1402. | Signature Algorithm: sha256WithRSAEncryption
  1403. | Not valid before: 2016-04-20T02:45:28
  1404. | Not valid after: 2017-04-20T02:45:28
  1405. | MD5: 7790 b36b c2b6 d7ed 7ba2 d554 6da3 7722
  1406. | SHA-1: 841a 764b b72e 7a1d 9675 599a 9f2c 7fcf d4fa 5c45
  1407. | -----BEGIN CERTIFICATE-----
  1408. | MIIDfTCCAmUCBFcW7UgwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
  1409. | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
  1410. | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
  1411. | CQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDQyMDAyNDUyOFoXDTE3MDQyMDAyNDUy
  1412. | OFowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
  1413. | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
  1414. | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
  1415. | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/mGOjB9R263rGI70CUL//UClIxX9sRm
  1416. | IuKfcX9ZsryYXi9ZY1nks2E4EzVce2cIahRlr/KtupiVwgPqAyxnBnoNAnoJf0au
  1417. | +6bdHYIwmCinxYihoCRDk/NSJkVkxP6mfI/lz6Pj4ph8kU+FZHoFsvxGPFe8xenD
  1418. | 25LSnXXD/RsnNScXU0QkriBF7mwajEjJeed77Z1++29i1U0Z+5kwP6k9WogbBHiP
  1419. | 1DnqSeNaIAqS/JGoLYcZxERrikSbDolKGcBor2Btj/+ntbQ/cGIp0u6TOreSysYL
  1420. | dosYZJlki/cyRqIOFw/Ey0OJ+E1rjNxRJFt6ix1SmtjTvWqMiwmUXwIDAQABMA0G
  1421. | CSqGSIb3DQEBCwUAA4IBAQALJy22o5EMfr+JcQU0y921/8otr5ONs3kDKA0aTw48
  1422. | 0+i3fqVTVxbuNLGwBc6UJOA5+ZUsRK4hHz+uchwiJ63In3Qeurp7/f6aUhlNSEHs
  1423. | wirA7AIRjE6nmMWVBkL7eoCql45VqTbtKvfF//hDV3Y7H9wpXYmv3W5D7lW1leuY
  1424. | zeEXwHUvkVzulFLW5UsgW06L6wID/qDwjCe5n+qxTWBWT9rf66w+ZOpMKjqI2+ds
  1425. | S/QW/9BYVSdYdiercNJ8ubWzB27o/GPYAZGKA6zQFlAOqI2KSyI/v8wmp4McanHB
  1426. | kSU3KNEZZO9gSQwBk+pRKTnwnvwnMC7NIc6zoS7rq4Gp
  1427. |_-----END CERTIFICATE-----
  1428. |_ssl-date: TLS randomness does not represent time
  1429. | tls-nextprotoneg:
  1430. |_ http/1.1
  1431. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  1432. Aggressive OS guesses: AVtech Room Alert 26W environmental monitor (98%), HP ProCurve Secure Router 7102dl (93%), Ricoh Aficio SP C240SF printer (93%), Linksys BEFSR41 EtherFast router (91%), OpenBSD 4.0 (91%), FreeBSD 6.2-RELEASE (90%), Linux 2.6.18 - 2.6.22 (90%), OpenBSD 4.3 (90%), Android 7.1.2 (Linux 3.10) (90%), Apple AirPort Extreme WAP (88%)
  1433. No exact OS matches for host (test conditions non-ideal).
  1434. TCP/IP fingerprint:
  1435. SCAN(V=7.70%E=4%D=2/14%OT=21%CT=20%CU=%PV=N%G=N%TM=5C657ABD%P=x86_64-pc-linux-gnu)
  1436. SEQ(SP=106%GCD=1%ISR=109%TI=Z%TS=U)
  1437. OPS(O1=M4B3W7N%O2=M4B3W7N%O3=M4B3W7N%O4=M4B3W7N%O5=M4B3W7N%O6=M4B3)
  1438. WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)
  1439. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3W7N%CC=Y%Q=)
  1440. ECN(R=N)
  1441. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  1442. T2(R=N)
  1443. T3(R=N)
  1444. T4(R=N)
  1445. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  1446. T6(R=N)
  1447. T7(R=N)
  1448. U1(R=N)
  1449. IE(R=N)
  1450.  
  1451. Service Info: OS: Unix
  1452.  
  1453. TRACEROUTE (using proto 1/icmp)
  1454. HOP RTT ADDRESS
  1455. 1 65.11 ms 10.238.200.1
  1456. 2 65.88 ms 193.37.252.209
  1457. 3 65.15 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
  1458. 4 65.68 ms te0-3-1-14.201.nr51.b002802-5.mia01.atlas.cogentco.com (38.140.53.65)
  1459. 5 65.89 ms be3763.rcr21.b002802-2.mia01.atlas.cogentco.com (154.24.30.129)
  1460. 6 66.35 ms be3410.ccr21.mia01.atlas.cogentco.com (154.54.6.85)
  1461. 7 79.98 ms be3482.ccr41.atl01.atlas.cogentco.com (154.54.24.145)
  1462. 8 90.96 ms be2112.ccr41.dca01.atlas.cogentco.com (154.54.7.157)
  1463. 9 96.95 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105)
  1464. 10 167.64 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)
  1465. 11 164.57 ms 154.54.57.154
  1466. 12 166.12 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1467. 13 243.65 ms 185.153.20.70
  1468. 14 242.60 ms 185.153.20.82
  1469. 15 242.57 ms 185.153.20.94
  1470. 16 259.94 ms 185.153.20.153
  1471. 17 281.05 ms 212.0.131.109
  1472. 18 269.75 ms 196.202.137.249
  1473. 19 277.41 ms 196.202.145.94
  1474. 20 ... 30
  1475.  
  1476. NSE: Script Post-scanning.
  1477. NSE: Starting runlevel 1 (of 2) scan.
  1478. Initiating NSE at 09:27
  1479. Completed NSE at 09:27, 0.00s elapsed
  1480. NSE: Starting runlevel 2 (of 2) scan.
  1481. Initiating NSE at 09:27
  1482. Completed NSE at 09:27, 0.00s elapsed
  1483. Read data files from: /usr/bin/../share/nmap
  1484. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1485. Nmap done: 1 IP address (1 host up) scanned in 256.93 seconds
  1486. Raw packets sent: 146 (10.736KB) | Rcvd: 174 (28.842KB)
  1487. #######################################################################################################################################
  1488. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-14 09:27 EST
  1489. NSE: Loaded 148 scripts for scanning.
  1490. NSE: Script Pre-scanning.
  1491. Initiating NSE at 09:27
  1492. Completed NSE at 09:27, 0.00s elapsed
  1493. Initiating NSE at 09:27
  1494. Completed NSE at 09:27, 0.00s elapsed
  1495. Initiating Parallel DNS resolution of 1 host. at 09:27
  1496. Completed Parallel DNS resolution of 1 host. at 09:27, 0.02s elapsed
  1497. Initiating UDP Scan at 09:27
  1498. Scanning f03-web04.nic.gov.sd (62.12.105.6) [14 ports]
  1499. Completed UDP Scan at 09:27, 1.64s elapsed (14 total ports)
  1500. Initiating Service scan at 09:27
  1501. Scanning 12 services on f03-web04.nic.gov.sd (62.12.105.6)
  1502. Service scan Timing: About 8.33% done; ETC: 09:46 (0:17:47 remaining)
  1503. Completed Service scan at 09:28, 102.58s elapsed (12 services on 1 host)
  1504. Initiating OS detection (try #1) against f03-web04.nic.gov.sd (62.12.105.6)
  1505. Retrying OS detection (try #2) against f03-web04.nic.gov.sd (62.12.105.6)
  1506. Initiating Traceroute at 09:28
  1507. Completed Traceroute at 09:29, 7.13s elapsed
  1508. Initiating Parallel DNS resolution of 1 host. at 09:29
  1509. Completed Parallel DNS resolution of 1 host. at 09:29, 0.02s elapsed
  1510. NSE: Script scanning 62.12.105.6.
  1511. Initiating NSE at 09:29
  1512. Completed NSE at 09:29, 20.32s elapsed
  1513. Initiating NSE at 09:29
  1514. Completed NSE at 09:29, 1.02s elapsed
  1515. Nmap scan report for f03-web04.nic.gov.sd (62.12.105.6)
  1516. Host is up (0.065s latency).
  1517.  
  1518. PORT STATE SERVICE VERSION
  1519. 53/udp open|filtered domain
  1520. 67/udp open|filtered dhcps
  1521. 68/udp open|filtered dhcpc
  1522. 69/udp open|filtered tftp
  1523. 88/udp open|filtered kerberos-sec
  1524. 123/udp open|filtered ntp
  1525. 137/udp filtered netbios-ns
  1526. 138/udp filtered netbios-dgm
  1527. 139/udp open|filtered netbios-ssn
  1528. 161/udp open|filtered snmp
  1529. 162/udp open|filtered snmptrap
  1530. 389/udp open|filtered ldap
  1531. 520/udp open|filtered route
  1532. 2049/udp open|filtered nfs
  1533. Too many fingerprints match this host to give specific OS details
  1534.  
  1535. TRACEROUTE (using port 137/udp)
  1536. HOP RTT ADDRESS
  1537. 1 64.56 ms 10.238.200.1
  1538. 2 ... 3
  1539. 4 64.91 ms 10.238.200.1
  1540. 5 66.75 ms 10.238.200.1
  1541. 6 66.73 ms 10.238.200.1
  1542. 7 66.59 ms 10.238.200.1
  1543. 8 66.59 ms 10.238.200.1
  1544. 9 66.58 ms 10.238.200.1
  1545. 10 66.60 ms 10.238.200.1
  1546. 11 ... 18
  1547. 19 63.65 ms 10.238.200.1
  1548. 20 65.08 ms 10.238.200.1
  1549. 21 ... 28
  1550. 29 66.49 ms 10.238.200.1
  1551. 30 64.48 ms 10.238.200.1
  1552.  
  1553. NSE: Script Post-scanning.
  1554. Initiating NSE at 09:29
  1555. Completed NSE at 09:29, 0.00s elapsed
  1556. Initiating NSE at 09:29
  1557. Completed NSE at 09:29, 0.00s elapsed
  1558. Read data files from: /usr/bin/../share/nmap
  1559. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1560. Nmap done: 1 IP address (1 host up) scanned in 136.50 seconds
  1561. Raw packets sent: 147 (13.614KB) | Rcvd: 28 (2.926KB)
  1562. #######################################################################################################################################
  1563. Anonymous JTSEC #OpSudan Full Recon #11
RAW Paste Data Copied