Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Nom de l'hôte www.boe.gov.sa FAI King Abdul Aziz City for Science and Technology
- Continent Asie Drapeau
- SA
- Pays Arabie Séoudite Code du pays SA
- Région Inconnu Heure locale 26 Oct 2018 14:39 +03
- Ville Inconnu Code Postal Inconnu
- Adresse IP 212.138.117.127 Latitude 25
- Longitude 45
- ######################################################################################################################################
- > www.boe.gov.sa
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- www.boe.gov.sa canonical name = boe.gov.sa.
- Name: boe.gov.sa
- Address: 212.138.117.127
- ######################################################################################################################################
- HostIP:212.138.117.127
- HostName:www.boe.gov.sa
- Gathered Inet-whois information for 212.138.117.127
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 212.138.112.0 - 212.138.117.255
- netname: ISU-8
- descr: Internet Service Unit ISU
- country: SA
- admin-c: KR6046-RIPE
- tech-c: KR6046-RIPE
- status: ASSIGNED PA
- mnt-by: KACST-ISU-MNT
- mnt-routes: KACST-ISU-MNT
- mnt-lower: KACST-ISU-MNT
- remarks: ------------------------------------------------------
- remarks: Part of this IP block has been used for proxy/cache
- remarks: service at the National level in Saudi Arabia. All
- remarks: Saudi Arabia web traffic will come from this IP block.
- remarks:
- remarks: If you experience high volume of traffic from
- remarks: IP in this block it is because your site is very
- remarks: popular/famous of Saudi Arabia community.
- remarks:
- remarks: For any abuse activities please contact us through
- remarks: Email: abuse@isu.net.sa
- remarks: Phone: +96614813933 (24x7)
- remarks: Fax: +96614813221
- remarks: ------------------------------------------------------
- created: 2004-08-03T12:57:57Z
- last-modified: 2005-04-13T10:18:31Z
- source: RIPE
- role: KACST ROLE
- address: Saudi Network Information Center, ISU
- address: King Abdulaziz City for Science and Technology,
- address: P.O.Box 6086, Riyadh 11442, Saudi Arabia.
- remarks: abuse-mailbox: abuse@isu.net.sa
- phone: +9661 481 3933
- fax-no: +9661 481 3254
- remarks: trouble: abuse@isu.net.sa
- admin-c: AA27098-RIPE
- tech-c: QLTI1-RIPE
- tech-c: AIA5-RIPE
- nic-hdl: KR6046-RIPE
- remarks: This Role object is for handling and maintaining all
- remarks: IP Blocks registered by ISU-KACST(LIR) in Saudi Arabia.
- mnt-by: KACST-ISU-MNT
- remarks: abuse-mailbox: abuse@isu.net.sa
- created: 1970-01-01T00:00:00Z
- last-modified: 2018-03-26T11:50:33Z
- source: RIPE # Filtered
- % Information related to '212.138.64.0/18AS8895'
- route: 212.138.64.0/18
- descr: ISU SUMMERIZATIONS
- origin: AS8895
- mnt-by: ISU-NOC
- created: 2011-03-27T10:01:52Z
- last-modified: 2011-03-27T10:01:52Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
- Gathered Inic-whois information for boe.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: boe.gov.sa
- Registrant:
- Bureau of Experts هيئة الخبراء بمجلس الوزراء
- Address: المعذر - قصر اليمامة
- Riyadh الرياض
- Saudi Arabia المملكة العربية السعودية
- Administrative Contact:
- رياض عبدالمحسن المانع
- Address: الرياض - قصر اليمامة
- 11452 الرياض
- Saudi Arabia
- Technical Contact:
- خالد بن ابراهيم الحمدان
- Address: الرياض - حي المعذر - قصر اليمامة
- 11452 الرياض
- المملكة العربية السعودية
- Name Servers:
- ns1.boe.gov.sa
- ns2.boe.gov.sa
- Created on: 2004-01-25
- Last Updated on: 2017-11-19
- Gathered Netcraft information for www.boe.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for www.boe.gov.sa
- Netcraft.com Information gathered
- Gathered Subdomain information for boe.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.boe.gov.sa
- HostIP:212.138.117.127
- Searching Altavista.com:80...
- Found 1 possible subdomain(s) for host boe.gov.sa, Searched 0 pages containing 0 results
- Gathered E-Mail information for boe.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host boe.gov.sa, Searched 0 pages containing 0 results
- Gathered TCP Port information for 212.138.117.127
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 80/tcp open
- Portscan Finished: Scanned 150 ports, 3 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: https://www.boe.gov.sa
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title:
- موقع هيئة الخبراء بمجلس الوزراء
- [+] IP address: 212.138.117.127
- [+] Web Server: Microsoft-IIS/8.5
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- =======================================================================================================================================
- % SaudiNIC Whois server.
- % Rights restricted by copyright.
- % http://nic.sa/en/view/whois-cmd-copyright
- Domain Name: boe.gov.sa
- Registrant:
- Bureau of Experts هيئة الخبراء بمجلس الوزراء
- Address: المعذر - قصر اليمامة
- Riyadh الرياض
- Saudi Arabia المملكة العربية السعودية
- Administrative Contact:
- رياض عبدالمحسن المانع
- Address: الرياض - قصر اليمامة
- 11452 الرياض
- Saudi Arabia
- Technical Contact:
- خالد بن ابراهيم الحمدان
- Address: الرياض - حي المعذر - قصر اليمامة
- 11452 الرياض
- المملكة العربية السعودية
- Name Servers:
- ns1.boe.gov.sa
- ns2.boe.gov.sa
- Created on: 2004-01-25
- Last Updated on: 2017-11-19
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 212.138.117.127
- [i] Country: SA
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 25.000000
- [i] Longitude: 45.000000
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Cache-Control: private
- [i] Content-Type: text/html; charset=utf-8
- [i] Server: Microsoft-IIS/8.5
- [i] Set-Cookie: ASP.NET_SessionId=pnjqa5s0qexptyl4xh3f5iho; path=/; HttpOnly
- [i] X-AspNet-Version: 4.0.30319
- [i] X-Powered-By: ASP.NET
- [i] Date: Thu, 11 Jul 2019 21:18:21 GMT
- [i] Connection: close
- [i] Content-Length: 109252
- D N S L O O K U P
- =======================================================================================================================================
- boe.gov.sa. 299 IN SOA ns1.boe.gov.sa. hostmaster.boe.gov.sa. 2015110541 900 600 86400 300
- boe.gov.sa. 299 IN TXT "v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all"
- boe.gov.sa. 299 IN MX 20 email02.nic.gov.sa.
- boe.gov.sa. 299 IN MX 20 email01.nic.gov.sa.
- boe.gov.sa. 299 IN NS ns1.boe.gov.sa.
- boe.gov.sa. 299 IN NS ns1.isu.net.sa.
- boe.gov.sa. 299 IN NS ns2.boe.gov.sa.
- boe.gov.sa. 299 IN A 212.138.117.127
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 212.138.117.127
- Network = 212.138.117.127 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 212.138.117.127 - 212.138.117.127 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-26 11:47 UTC
- Nmap scan report for boe.gov.sa (212.138.117.127)
- Host is up (0.17s latency).
- PORT STATE SERVICE
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 4.96 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 5
- [+] Subdomain: ns1.boe.gov.sa
- [-] IP: 212.138.117.125
- [+] Subdomain: mx1.boe.gov.sa
- [-] IP: 212.26.56.10
- [+] Subdomain: mx2.boe.gov.sa
- [-] IP: 212.26.56.11
- [+] Subdomain: mail.boe.gov.sa
- [-] IP: 212.26.56.9
- [+] Subdomain: autodiscover.boe.gov.sa
- [-] IP: 212.26.56.9
- #######################################################################################################################################
- [?] Enter the target: https://www.boe.gov.sa/
- [!] IP Address : 212.138.117.127
- [!] Server: Microsoft-IIS/8.5
- [!] Powered By: ASP.NET
- [+] Clickjacking protection is not in place.
- [!] www.boe.gov.sa doesn't seem to use a CMS
- [+] Honeypot Probabilty: 0%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for www.boe.gov.sa
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.boe.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 2.76 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns2.boe.gov.sa. (212.138.117.126) AS8895 King Abdul Aziz City for Science and Technology Saudi Arabia
- ns1.boe.gov.sa. (212.138.117.125) AS8895 King Abdul Aziz City for Science and Technology Saudi Arabia
- ns1.isu.net.sa. (212.26.18.3) AS8895 King Abdul Aziz City for Science and Technology Saudi Arabia
- [+] MX Records
- 20 (78.93.109.82) AS25233 Arabian Internet & Communications Services Co.ltd Saudi Arabia
- [+] MX Records
- 20 (78.93.109.80) AS25233 Arabian Internet & Communications Services Co.ltd Saudi Arabia
- [+] Host Records (A)
- www.boe.gov.saHTTP: (212.138.117.127) AS8895 King Abdul Aziz City for Science and Technology Saudi Arabia
- [+] TXT Records
- "v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all"
- [+] DNS Map: https://dnsdumpster.com/static/map/boe.gov.sa.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- pixel-154055447397404-web-@www.boe.gov.sa
- pixel-1540554475590121-web-@www.boe.gov.sa
- No hosts found
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Crawling the target for fuzzable URLs
- [+] Found 64 fuzzable URLs
- https://www.boe.gov.sa///MainDefault.aspx?lang=ar
- [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 212.138.117.127
- + Target Hostname: www.boe.gov.sa
- + Target Port: 443
- ---------------------------------------------------------------------------------------------------------------------------------------
- + SSL Info: Subject: /businessCategory=Government Entity/jurisdictionC=SA/serialNumber=Government Entity/C=SA/L=Riyadh/O=Bureau of Experts At The Council of Ministers/CN=boe.gov.sa
- Ciphers: ECDHE-RSA-AES256-SHA384
- Issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
- + Start Time: 2018-10-26 07:46:11 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: Microsoft-IIS/8.5
- + Retrieved x-aspnet-version header: 4.0.30319
- + Retrieved x-powered-by header: ASP.NET
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Cookie ASP.NET_SessionId created without the secure flag
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: : Invalid argument
- + Scan terminated: 20 error(s) and 7 item(s) reported on remote host
- + End Time: 2018-10-26 07:52:53 (GMT-4) (402 seconds)
- --------------------------------------------------------------------------------------------------------------------------------------
- + 1 host(s) tested
- ######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 212.138.117.127
- + Target Hostname: 212.138.117.127
- + Target Port: 80
- + Start Time: 2018-10-26 07:46:32 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + Retrieved x-powered-by header: ASP.NET
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: https://www.boe.gov.sa/
- + Retrieved x-aspnet-version header: 4.0.30319
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 6 item(s) reported on remote host
- + End Time: 2018-10-26 08:00:19 (GMT-4) (827 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- ; <<>> DiG 9.11.4-P2-3-Debian <<>> www.boe.gov.sa
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24798
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;www.boe.gov.sa. IN A
- ;; ANSWER SECTION:
- www.boe.gov.sa. 31 IN CNAME boe.gov.sa.
- boe.gov.sa. 31 IN A 212.138.117.127
- ;; Query time: 300 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: ven oct 26 08:03:50 EDT 2018
- ;; MSG SIZE rcvd: 73
- #######################################################################################################################################
- [+] Hosting Info for Website: www.boe.gov.sa
- [+] Visitors per day: 2,750
- [+] IP Address: 212.138.117.127
- [+] Hosting Company IP Owner: Internet Service Unit Isu
- [+] Hosting IP Range: 212.138.112.0 - 212.138.117.255 (1,536 ip)
- [+] Hosting Address: Saudi Network Information Center, ISU, King Abdulaziz City For Science And Technology, P.o.box 6086, Riyadh 11442, Saudi Arabia
- [+] Owner Address: Saudi Network Information Center, ISU, King Abdulaziz City For Science And Technology, P.o.box 6086, Riyadh 11442, Saudi Arabia
- [+] Hosting Country: SAU
- [+] Owner Country: SAU
- [+] Hosting Phone: +9661 481 3933, +966 1 481 3933, +966 11 481 4256
- [+] Owner Phone: +9661 481 3933
- [+] Hosting Website: www.isu.net.sa
- [+] Owner Website: www.isu.net.sa
- [+] Owner CIDR: 212.138.112.0/22, <a href="/view/ip_addresses/212.138.116.0">212.138.116.0</a>/23
- [+] Hosting CIDR: 212.138.0.0/16
- [+] NS: boe.gov.sa
- [+] NS: ns2.boe.gov.sa
- [+] NS: ns1.boe.gov.sa
- [+] NS: ns1.isu.net.sa
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: boe.gov.sa
- [-] DNSSEC is not configured for boe.gov.sa
- [*] SOA ns1.boe.gov.sa 212.138.117.125
- [*] NS ns1.boe.gov.sa 212.138.117.125
- [*] NS ns2.boe.gov.sa 212.138.117.126
- [*] MX email02.nic.gov.sa 78.93.109.80
- [*] MX email01.nic.gov.sa 78.93.109.82
- [*] A boe.gov.sa 212.138.117.127
- [*] TXT boe.gov.sa v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for boe.gov.sa
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain boe.gov.sa
- [+] Getting nameservers
- 212.138.117.125 - ns1.boe.gov.sa
- 212.138.117.126 - ns2.boe.gov.sa
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all"
- [+] MX records found, added to target list
- 20 email02.nic.gov.sa.
- 20 email01.nic.gov.sa.
- [*] Scanning boe.gov.sa for A records
- 212.138.117.127 - boe.gov.sa
- 212.26.56.9 - autodiscover.boe.gov.sa
- 212.138.117.248 - beta.boe.gov.sa
- 212.26.56.9 - mail.boe.gov.sa
- 212.26.56.10 - mx1.boe.gov.sa
- 212.26.56.11 - mx2.boe.gov.sa
- 212.138.117.125 - ns1.boe.gov.sa
- 212.138.117.126 - ns2.boe.gov.sa
- 212.138.117.127 - www.boe.gov.sa
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 212.138.117.248 301 host beta.boe.gov.sa
- 212.26.56.9 503 host mail.boe.gov.sa
- 212.26.56.10 host mx1.boe.gov.sa
- 212.138.117.125 host ns1.boe.gov.sa
- 212.138.117.126 host ns2.boe.gov.sa
- 212.138.117.127 307 alias www.boe.gov.sa
- 212.138.117.127 307 host boe.gov.sa
- #######################################################################################################################################
- [+] Testing domain
- www.boe.gov.sa 212.138.117.127
- [+] Dns resolving
- Domain name Ip address Name server
- No address associated with hostname boe.gov.sa
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on boe.gov.sa
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 937.36 seconds
- Subdomain Ip address Name server
- mail.boe.gov.sa 212.26.56.9 autodiscover.boe.gov.sa
- Found 1 subdomain(s) in 1 host(s) in 1029.79 second(s) #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 07:48 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.45s latency).
- Not shown: 470 filtered ports, 4 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 07:50 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.16s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 2.56 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 07:50 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 155.55 ms 10.248.200.1
- 2 155.58 ms 177.67.82.193
- 3 156.59 ms 177.67.87.185
- 4 156.62 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 261.75 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 358.00 ms xe-1-1-0.ar2-lon1.ip4.gtt.net (141.136.108.162)
- 8 447.74 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 447.83 ms 212.26.63.252
- 11 449.12 ms 212.138.117.127
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 122.81 seconds
- + -- --=[Port 68 opened... running tests...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 07:52 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 159.66 ms 10.248.200.1
- 2 159.71 ms 177.67.82.193
- 3 161.44 ms 177.67.87.185
- 4 160.70 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 266.49 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 361.93 ms xe-1-1-0.ar2-lon1.ip4.gtt.net (141.136.108.162)
- 8 452.38 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 452.43 ms 212.26.63.252
- 11 448.67 ms 212.138.117.127
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 122.66 seconds
- + -- --=[Port 69 opened... running tests...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 07:54 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 156.75 ms 10.248.200.1
- 2 157.14 ms 177.67.82.193
- 3 158.36 ms 177.67.87.185
- 4 158.36 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 263.93 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 358.89 ms xe-1-1-0.ar2-lon1.ip4.gtt.net (141.136.108.162)
- 8 448.94 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 449.22 ms 212.26.63.252
- 11 452.50 ms 212.138.117.127
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 152.67 seconds
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://212.138.117.127
- Generic Detection results:
- The site http://212.138.117.127 seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 13
- #######################################################################################################################################
- http://212.138.117.127 [307 Temporary Redirect] Country[SAUDI ARABIA][SA], IP[212.138.117.127], RedirectLocation[https://www.boe.gov.sa/], Title[Document Moved], X-Powered-By[ASP.NET]
- https://www.boe.gov.sa/ [200 OK] ASP_NET[4.0.30319], ActiveX[Flash-ActiveX][d27cdb6e-ae6d-11cf-96b8-444553540000], Adobe-Flash, Cookies[ASP.NET_SessionId], Country[SAUDI ARABIA][SA], Google-Analytics[Universal][UA-23667465-1,UA-54121487-1], HTTPServer[Microsoft-IIS/8.5], HttpOnly[ASP.NET_SessionId], IP[212.138.117.127], JQuery[1.4.4], Microsoft-IIS[8.5], Object[<a rel=][clsid:d27cdb6e-ae6d-11cf-96b8-444553540000], Script[javascript,text/javascript], Title[موقع هيئة الخبراء بمجلس الوزراء][Title element contains newline(s)!], X-Powered-By[ASP.NET]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://www.boe.gov.sa...
- _______________________ SITE INFO _______________________
- IP Title
- 212.138.117.127 موقع هيئة الخبراء بمجلس الوزر
- ________________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- Microsoft Windows Server 2012 R2 OS
- ______________________ INTERESTING ______________________
- URL Note Type
- /login.aspx Login Page Interesting
- _________________________________________________________
- Time: 248.3 sec Urls: 453 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 307 Temporary Redirect
- Content-Length: 146
- Content-Type: text/html; charset=UTF-8
- Location: https://www.boe.gov.sa/
- X-Powered-By: ASP.NET
- Date: Thu, 11 Jul 2019 21:30:41 GMT
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:01 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 154.66 ms 10.248.200.1
- 2 154.70 ms 177.67.82.193
- 3 162.71 ms 177.67.87.185
- 4 155.67 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 261.72 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 347.28 ms xe-1-0-0.ar2-lon1.ip4.gtt.net (141.136.108.158)
- 8 446.90 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 446.97 ms 212.26.63.252
- 11 450.14 ms 212.138.117.127
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:03 EDT
- Nmap scan report for 212.138.117.127
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp filtered snmp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 158.85 ms 10.248.200.1
- 2 158.88 ms 177.67.82.193
- 3 159.42 ms 177.67.87.185
- 4 160.28 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 266.14 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 351.68 ms xe-1-0-0.ar2-lon1.ip4.gtt.net (141.136.108.158)
- 8 451.08 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 451.15 ms 212.26.63.252
- 11 449.47 ms 212.138.117.127
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://212.138.117.127
- The site https://212.138.117.127 is behind a ModSecurity (OWASP CRS)
- Number of requests: 11
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginHeartbleed
- PluginCompression
- PluginOpenSSLCipherSuites
- PluginChromeSha1Deprecation
- PluginCertInfo
- PluginSessionResumption
- PluginSessionRenegotiation
- PluginHSTS
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 212.138.117.127:443 => 212.138.117.127:443
- SCAN RESULTS FOR 212.138.117.127:443 - 212.138.117.127:443
- ----------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 133b4c190f9f08e394722b5916a7edff46149153
- Common Name: boe.gov.sa
- Issuer: DigiCert SHA2 Extended Validation Server CA
- Serial Number: 04D05D5A5C9ACE58753FC99C75B221C6
- Not Before: Jun 11 00:00:00 2018 GMT
- Not After: Jun 11 12:00:00 2020 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['boe.gov.sa', 'www.boe.gov.sa']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match 212.138.117.127
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['boe.gov.sa', 'DigiCert SHA2 Extended Validation Server CA']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: NOT SUPPORTED - TLS ticket not assigned.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 8.62 S
- ------------------------
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 212.138.117.127
- Testing SSL server 212.138.117.127 on port 443 using SNI name 212.138.117.127
- TLS Fallback SCSV:
- Server does not support TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-521 DHE 521
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-521 DHE 521
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: boe.gov.sa
- Altnames: DNS:boe.gov.sa, DNS:www.boe.gov.sa
- Issuer: DigiCert SHA2 Extended Validation Server CA
- Not valid before: Jun 11 00:00:00 2018 GMT
- Not valid after: Jun 11 12:00:00 2020 GMT
- #######################################################################################################################################
- I, [2018-10-26T08:06:18.589295 #15161] INFO -- : Initiating port scan
- I, [2018-10-26T08:07:36.063088 #15161] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-26_08-06-18.xml
- I, [2018-10-26T08:07:36.194932 #15161] INFO -- : Discovered open port: 212.138.117.127:80
- I, [2018-10-26T08:07:38.075079 #15161] INFO -- : Discovered open port: 212.138.117.127:443
- I, [2018-10-26T08:07:41.702568 #15161] INFO -- : <<<Enumerating vulnerable applications>>>
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+--------------------+-------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+--------------------+-------------------+----------+----------+
- +----------+--------------------+-------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:13 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 08:13
- Completed NSE at 08:13, 0.00s elapsed
- Initiating NSE at 08:13
- Completed NSE at 08:13, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 08:13
- Completed Parallel DNS resolution of 1 host. at 08:13, 0.02s elapsed
- Initiating SYN Stealth Scan at 08:13
- Scanning 212.138.117.127 [474 ports]
- Discovered open port 443/tcp on 212.138.117.127
- Discovered open port 80/tcp on 212.138.117.127
- Completed SYN Stealth Scan at 08:13, 15.96s elapsed (474 total ports)
- Initiating Service scan at 08:13
- Scanning 2 services on 212.138.117.127
- Completed Service scan at 08:14, 37.24s elapsed (2 services on 1 host)
- Initiating OS detection (try #1) against 212.138.117.127
- Retrying OS detection (try #2) against 212.138.117.127
- Initiating Traceroute at 08:14
- Completed Traceroute at 08:14, 3.03s elapsed
- Initiating Parallel DNS resolution of 8 hosts. at 08:14
- Completed Parallel DNS resolution of 8 hosts. at 08:14, 16.50s elapsed
- NSE: Script scanning 212.138.117.127.
- Initiating NSE at 08:14
- Completed NSE at 08:16, 79.37s elapsed
- Initiating NSE at 08:16
- Completed NSE at 08:16, 0.00s elapsed
- Nmap scan report for 212.138.117.127
- Host is up (0.21s latency).
- Not shown: 468 filtered ports
- PORT STATE SERVICE VERSION
- 25/tcp closed smtp
- 80/tcp open http-proxy Squid http proxy
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- |_http-open-proxy: Proxy might be redirecting requests
- |_http-title: Did not follow redirect to https://www.boe.gov.sa/
- 113/tcp closed ident
- 139/tcp closed netbios-ssn
- 443/tcp open ssl/http Microsoft IIS httpd 8.5
- | ssl-cert: Subject: commonName=boe.gov.sa/organizationName=Bureau of Experts At The Council of Ministers/countryName=SA
- | Subject Alternative Name: DNS:boe.gov.sa, DNS:www.boe.gov.sa
- | Issuer: commonName=DigiCert SHA2 Extended Validation Server CA/organizationName=DigiCert Inc/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-06-11T00:00:00
- | Not valid after: 2020-06-11T12:00:00
- | MD5: f2cf dae0 6755 fb4b 9baf c1a7 c35c f60b
- |_SHA-1: 133b 4c19 0f9f 08e3 9472 2b59 16a7 edff 4614 9153
- 445/tcp closed microsoft-ds
- Device type: general purpose|storage-misc|broadband router|WAP
- Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (90%), Asus embedded (87%)
- OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u
- Aggressive OS guesses: Linux 3.18 (93%), Linux 3.16 - 4.6 (93%), Linux 3.10 - 4.11 (91%), Linux 3.13 (91%), Linux 3.13 or 4.2 (91%), Linux 4.2 (91%), Linux 4.4 (91%), HP P2000 G3 NAS device (90%), Linux 3.2 - 4.9 (90%), Linux 3.16 (89%)
- No exact OS matches for host (test conditions non-ideal).
- Uptime guess: 52.132 days (since Tue Sep 4 05:05:38 2018)
- Network Distance: 10 hops
- TCP Sequence Prediction: Difficulty=263 (Good luck!)
- IP ID Sequence Generation: All zeros
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 113/tcp)
- HOP RTT ADDRESS
- 1 155.63 ms 10.248.200.1
- 2 155.96 ms 177.67.82.193
- 3 ...
- 4 156.94 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 261.63 ms 195.22.199.179
- 6 269.98 ms gtt.miami15.mia.seabone.net (89.221.41.197)
- 7 348.85 ms xe-0-1-0.ar2-lon1.ip4.gtt.net (89.149.187.22)
- 8 453.12 ms integrated-telecom-gw.ip4.gtt.net (46.33.91.218)
- 9 ...
- 10 439.08 ms 212.138.117.127
- NSE: Script Post-scanning.
- Initiating NSE at 08:16
- Completed NSE at 08:16, 0.00s elapsed
- Initiating NSE at 08:16
- Completed NSE at 08:16, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 159.80 seconds
- Raw packets sent: 1037 (50.476KB) | Rcvd: 1476 (282.176KB)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:16 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 08:16
- Completed NSE at 08:16, 0.00s elapsed
- Initiating NSE at 08:16
- Completed NSE at 08:16, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 08:16
- Completed Parallel DNS resolution of 1 host. at 08:16, 0.02s elapsed
- Initiating UDP Scan at 08:16
- Scanning 212.138.117.127 [14 ports]
- Completed UDP Scan at 08:16, 2.46s elapsed (14 total ports)
- Initiating Service scan at 08:16
- Scanning 12 services on 212.138.117.127
- Service scan Timing: About 8.33% done; ETC: 08:35 (0:17:58 remaining)
- Completed Service scan at 08:18, 102.58s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against 212.138.117.127
- Retrying OS detection (try #2) against 212.138.117.127
- Initiating Traceroute at 08:18
- Completed Traceroute at 08:18, 7.22s elapsed
- Initiating Parallel DNS resolution of 1 host. at 08:18
- Completed Parallel DNS resolution of 1 host. at 08:18, 0.03s elapsed
- NSE: Script scanning 212.138.117.127.
- Initiating NSE at 08:18
- Completed NSE at 08:18, 20.37s elapsed
- Initiating NSE at 08:18
- Completed NSE at 08:18, 1.21s elapsed
- Nmap scan report for 212.138.117.127
- Host is up (0.16s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 138/udp)
- HOP RTT ADDRESS
- 1 154.90 ms 10.248.200.1
- 2 ... 3
- 4 156.71 ms 10.248.200.1
- 5 156.69 ms 10.248.200.1
- 6 156.67 ms 10.248.200.1
- 7 156.66 ms 10.248.200.1
- 8 156.64 ms 10.248.200.1
- 9 156.62 ms 10.248.200.1
- 10 156.60 ms 10.248.200.1
- 11 ... 18
- 19 155.37 ms 10.248.200.1
- 20 156.63 ms 10.248.200.1
- 21 ... 28
- 29 154.61 ms 10.248.200.1
- 30 155.64 ms 10.248.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 08:18
- Completed NSE at 08:18, 0.00s elapsed
- Initiating NSE at 08:18
- Completed NSE at 08:18, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 140.05 seconds
- Raw packets sent: 147 (9.964KB) | Rcvd: 1101 (185.246KB)
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- www.boe.gov.sa -----
- Host's addresses:
- __________________
- boe.gov.sa. 177 IN A 212.138.117.127
- Name Servers:
- ______________
- ns1.boe.gov.sa. 3269 IN A 212.138.117.125
- ns2.boe.gov.sa. 3004 IN A 212.138.117.126
- Mail (MX) Servers:
- ___________________
- email01.nic.gov.sa. 3600 IN A 78.93.109.82
- email02.nic.gov.sa. 3600 IN A 78.93.109.80
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for www.boe.gov.sa on ns1.boe.gov.sa ...
- Trying Zone Transfer for www.boe.gov.sa on ns2.boe.gov.sa ...
- brute force file not specified, bay.
- #######################################################################################################################################
- % SaudiNIC Whois server.
- % Rights restricted by copyright.
- % http://nic.sa/en/view/whois-cmd-copyright
- #######################################################################################################################################
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for www.boe.gov.sa
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- #######################################################################################################################################
- [*] Processing domain www.boe.gov.sa
- [+] Getting nameservers
- 212.138.117.125 - ns1.boe.gov.sa
- 212.138.117.126 - ns2.boe.gov.sa
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all"
- [+] MX records found, added to target list
- 20 email02.nic.gov.sa.
- 20 email01.nic.gov.sa.
- [*] Scanning www.boe.gov.sa for A records
- 212.138.117.127 - www.boe.gov.sa
- ######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 mx ptr ip4:212.26.56.10 ip4:212.26.56.11 a:mx2.boe.gov.sa a:mx1.boe.gov.sa mx:mx1.boe.gov.sa mx:mx2.boe.gov.sa ip4:212.26.56.1/25 ~all
- [*] SPF record contains an All item: ~all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for www.boe.gov.sa!
- ######################################################################################################################################
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for www.boe.gov.sa... Done
- Using nameservers:
- - 212.138.117.125
- - 212.138.117.126
- Checking for wildcard DNS... Done
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: Netcraft... Done (0 hosts)
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: PublicWWW... Done (0 hosts)
- Running collector: Google Transparency Report... Done (0 hosts)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: HackerTarget... Done (1 host)
- Running collector: Certificate Search... Done (0 hosts)
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: Wayback Machine... Done (5 hosts)
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: Dictionary... Done (27 hosts)
- Running collector: DNSDB... Error
- -> DNSDB returned unexpected response code: 503
- Running collector: Threat Crowd... Done (0 hosts)
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Resolving 32 unique hosts...
- 212.138.117.127 .www.boe.gov.sa
- 212.138.117.127 boe.gov.sa
- 212.26.56.9 mail.boe.gov.sa
- 212.138.117.127 www.boe.gov.sa
- Found subnets:
- - 212.138.117.0-255 : 3 hosts
- Wrote 4 hosts to:
- - file:///root/aquatone/www.boe.gov.sa/hosts.txt
- - file:///root/aquatone/www.boe.gov.sa/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 4 hosts from /root/aquatone/www.boe.gov.sa/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for www.boe.gov.sa... Done
- Using nameservers:
- - 212.138.117.126
- - 212.138.117.125
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 4
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/www.boe.gov.sa/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 4 hosts from /root/aquatone/www.boe.gov.sa/hosts.json
- Probing 4 ports...
- 80/tcp 212.138.117.127 .www.boe.gov.sa, boe.gov.sa, www.boe.gov.sa
- 80/tcp 212.26.56.9 mail.boe.gov.sa
- 443/tcp 212.138.117.127 .www.boe.gov.sa, boe.gov.sa, www.boe.gov.sa
- Wrote open ports to file:///root/aquatone/www.boe.gov.sa/open_ports.txt
- Wrote URLs to file:///root/aquatone/www.boe.gov.sa/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- Processing 7 pages...
- Incompatability Error: Nightmarejs must be run on a system with a graphical desktop session (X11)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:30 EDT
- Nmap scan report for www.boe.gov.sa (212.138.117.127)
- Host is up (0.22s latency).
- Not shown: 470 filtered ports, 4 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-26 08:30 EDT
- Nmap scan report for www.boe.gov.sa (212.138.117.127)
- Host is up (0.16s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://www.boe.gov.sa
- Generic Detection results:
- The site http://www.boe.gov.sa seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 14
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://www.boe.gov.sa...
- _______________________ SITE INFO _______________________
- IP Title
- 212.138.117.127 موقع هيئة الخبراء بمجلس الوزر
- ________________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- microsoft-httpapi 2.0 Platform
- Microsoft Windows Server 2012 R2 OS
- ______________________ INTERESTING ______________________
- URL Note Type
- /login.aspx Login Page Interesting
- _________________________________________________________
- Time: 78.4 sec Urls: 693 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 307 Temporary Redirect
- Content-Length: 146
- Content-Type: text/html; charset=UTF-8
- Location: https://www.boe.gov.sa/
- X-Powered-By: ASP.NET
- Date: Thu, 11 Jul 2019 21:58:53 GMT
- Connection: keep-alive
- ######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [26-10-2018 08:33:29]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-www.boe.gov.sa.txt ]
- [ INFO ][ DORK ]::[ site:www.boe.gov.sa ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.sg ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.gt ID: 007843865286850066037:3ajwn2jlweq ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 0 / 100 ]-[08:33:45] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 1 / 100 ]-[08:33:49] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/RuleProjects.aspx ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 2 / 100 ]-[08:33:53] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/Register.aspx ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 3 / 100 ]-[08:33:55] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/MainLaws.aspx?lang=ar ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 4 / 100 ]-[08:33:59] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/MainLaws.aspx?lang=yxrrsffrykmyk ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 5 / 100 ]-[08:34:02] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=275 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 6 / 100 ]-[08:34:04] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=188 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 7 / 100 ]-[08:34:07] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=50 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 8 / 100 ]-[08:34:09] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=196 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 9 / 100 ]-[08:34:12] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=203 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 10 / 100 ]-[08:34:16] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/MainLaws.aspx?lang=hyjafdkyh ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 11 / 100 ]-[08:34:18] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=213 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 12 / 100 ]-[08:34:23] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/MainLaws.aspx?lang=en186 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 13 / 100 ]-[08:34:25] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?SystemID=94 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 14 / 100 ]-[08:34:29] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/BOEsitemap.aspx?lang=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 15 / 100 ]-[08:34:32] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/mainlaws.aspx?lang=ar) ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 16 / 100 ]-[08:34:36] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/search.aspx?lang=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 17 / 100 ]-[08:34:39] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/TemplatePage.aspx?lang=pcgbxsghk ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 18 / 100 ]-[08:34:43] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewKhobraNews.aspx?NewsID=40 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 19 / 100 ]-[08:34:47] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewAllNews.aspx?lang=ar ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 20 / 100 ]-[08:34:51] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/RelatedLinksPage.aspx?lang=2 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 21 / 100 ]-[08:34:55] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/SystemProjects.aspx?lang=yxrrsffrykmyk ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 22 / 100 ]-[08:34:58] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewAllNews.aspx?lang=2 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 23 / 100 ]-[08:35:02] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/TargamaTerms.aspx?lang=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 24 / 100 ]-[08:35:05] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=52 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 25 / 100 ]-[08:35:08] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/LawsTargma.aspx?lang=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 26 / 100 ]-[08:35:11] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=231 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 27 / 100 ]-[08:35:14] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=373 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 28 / 100 ]-[08:35:17] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/EmployeeTargama.aspx?empID=83 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 29 / 100 ]-[08:35:20] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=332 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 30 / 100 ]-[08:35:23] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=206 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 31 / 100 ]-[08:35:26] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/EmployeeTargama.aspx?empID=84 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 32 / 100 ]-[08:35:31] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=332 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 33 / 100 ]-[08:35:36] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=174 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 34 / 100 ]-[08:35:40] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=122 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 35 / 100 ]-[08:35:45] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=100 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 36 / 100 ]-[08:35:48] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=352 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 37 / 100 ]-[08:35:53] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/ViewSubSystemDetails.aspx?SystemID=6 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 38 / 100 ]-[08:35:58] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/ViewSubSystemDetails.aspx?SystemID=7 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 196279 out of 259396 bytes received
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 39 / 100 ]-[08:36:01] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewManswbCard.aspx?empID=62 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 40 / 100 ]-[08:36:05] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=207 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 41 / 100 ]-[08:36:09] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/EmployeeTargama.aspx?empID=85 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 42 / 100 ]-[08:36:13] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/ViewSubSystemDetails.aspx?SystemID=5 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 43 / 100 ]-[08:36:17] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=115 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 44 / 100 ]-[08:36:20] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/EmployeeTargama.aspx?lang=arundefined ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 45 / 100 ]-[08:36:25] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/ViewSubSystemDetails.aspx?SystemID=8 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 46 / 100 ]-[08:36:28] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/EmployeeTargama.aspx?empID=81 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 47 / 100 ]-[08:36:33] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=13 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 48 / 100 ]-[08:36:38] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/ViewSubSystemDetails.aspx?SystemID=4 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 49 / 100 ]-[08:36:42] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=292 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 50 / 100 ]-[08:36:45] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=127 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 51 / 100 ]-[08:36:47] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=384 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 52 / 100 ]-[08:36:52] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/MainLaws.aspx?lang=arandSystemID=144andVersionID=147 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 53 / 100 ]-[08:36:54] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=378 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 54 / 100 ]-[08:36:57] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=266 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 55 / 100 ]-[08:36:59] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=159 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 56 / 100 ]-[08:37:02] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=230 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 57 / 100 ]-[08:37:05] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewRule.aspx?lang=ar&RuleID=7 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 58 / 100 ]-[08:37:08] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=376 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 59 / 100 ]-[08:37:10] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=192 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 60 / 100 ]-[08:37:13] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=348 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 61 / 100 ]-[08:37:15] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=egunhekpjsb&SystemID=217 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 62 / 100 ]-[08:37:18] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=5 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 63 / 100 ]-[08:37:20] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=egunhekpjsb&SystemID=186 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 64 / 100 ]-[08:37:23] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=60 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 65 / 100 ]-[08:37:25] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=3388 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 66 / 100 ]-[08:37:28] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=181 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 67 / 100 ]-[08:37:30] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=382 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 68 / 100 ]-[08:37:32] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=201 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 69 / 100 ]-[08:37:35] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ezbuzjklxdscxjpn&SystemID=186 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 70 / 100 ]-[08:37:37] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ztkfhogvcpxlr&SystemID=99 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 71 / 100 ]-[08:37:40] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=126 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 72 / 100 ]-[08:37:42] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=174 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 73 / 100 ]-[08:37:45] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=158 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 74 / 100 ]-[08:37:47] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=5 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 75 / 100 ]-[08:37:50] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=234 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 76 / 100 ]-[08:37:53] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=60 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 77 / 100 ]-[08:37:55] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=356 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 78 / 100 ]-[08:37:57] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=164 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 79 / 100 ]-[08:38:00] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=2384 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 80 / 100 ]-[08:38:02] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=112 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 81 / 100 ]-[08:38:07] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/M/NewsView.aspx?NewsID=39 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 82 / 100 ]-[08:38:09] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=4 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 83 / 100 ]-[08:38:12] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=31 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 84 / 100 ]-[08:38:14] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=383 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 85 / 100 ]-[08:38:19] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemProject.aspx?lang=ztkfhogvcpxlr&spid=9 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 86 / 100 ]-[08:38:23] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewStaticPage.aspx?lang=2&PageID=25 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 87 / 100 ]-[08:38:27] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewRule.aspx?lang=en&RuleID=30 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 88 / 100 ]-[08:38:30] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewRule.aspx?lang=ar&RuleID=23 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 89 / 100 ]-[08:38:33] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=ar&SystemID=88 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 90 / 100 ]-[08:38:35] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewSystemDetails.aspx?lang=en&SystemID=15 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 91 / 100 ]-[08:38:38] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ShowPDF.aspx?FileName=A44.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 92 / 100 ]-[08:38:42] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewKhobraNews.aspx?lang=fbsxpqsz&NewsID=1057 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 93 / 100 ]-[08:38:46] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewKhobraNews.aspx?NewsID=52&lang=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 94 / 100 ]-[08:38:50] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewKhobraNews.aspx?lang=yxrrsffrykmyk&NewsID=1057 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 95 / 100 ]-[08:38:54] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/ViewKhobraNews.aspx?lang=ar&NewsID=14 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 96 / 100 ]-[08:38:58] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=27&languageid=2 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 97 / 100 ]-[08:39:01] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=16&languageid=2 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 98 / 100 ]-[08:39:07] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?systemid=262&languageid=1 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 0 bytes received
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 99 / 100 ]-[08:39:12] [ - ]
- |_[ + ] Target:: [ https://www.boe.gov.sa/m/viewsubsystemdetails.aspx?lang=ar&systemid=359 ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET, IP:212.138.117.127:443
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [26-10-2018 08:39:12]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-www.boe.gov.sa.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://www.boe.gov.sa
- The site https://www.boe.gov.sa is behind a ModSecurity (OWASP CRS)
- Number of requests: 11
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://www.boe.gov.sa...
- _______________________ SITE INFO _______________________
- IP Title
- 212.138.117.127 موقع هيئة الخبراء بمجلس الوزر
- ________________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- microsoft-httpapi 2.0 Platform
- Microsoft Windows Server 2012 R2 OS
- ______________________ INTERESTING ______________________
- URL Note Type
- /login.aspx Login Page Interesting
- _________________________________________________________
- Time: 3.5 sec Urls: 693 Fingerprints: 40401
- ######################################################################################################################################
- HTTP/1.1 200 OK
- Cache-Control: private
- Content-Length: 109251
- Content-Type: text/html; charset=utf-8
- Server: Microsoft-IIS/8.5
- Set-Cookie: ASP.NET_SessionId=zeu1jzfadht3obrz0ilpojp3; path=/; HttpOnly
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- Date: Thu, 11 Jul 2019 22:05:17 GMT
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginCompression
- PluginHSTS
- PluginChromeSha1Deprecation
- PluginSessionResumption
- PluginSessionRenegotiation
- PluginHeartbleed
- PluginCertInfo
- PluginOpenSSLCipherSuites
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- www.boe.gov.sa:443 => 212.138.117.127:443
- SCAN RESULTS FOR WWW.BOE.GOV.SA:443 - 212.138.117.127:443
- ---------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 133b4c190f9f08e394722b5916a7edff46149153
- Common Name: boe.gov.sa
- Issuer: DigiCert SHA2 Extended Validation Server CA
- Serial Number: 04D05D5A5C9ACE58753FC99C75B221C6
- Not Before: Jun 11 00:00:00 2018 GMT
- Not After: Jun 11 12:00:00 2020 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['boe.gov.sa', 'www.boe.gov.sa']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['boe.gov.sa', 'DigiCert SHA2 Extended Validation Server CA']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: NOT SUPPORTED - TLS ticket not assigned.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 8.92 S
- ------------------------
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 212.138.117.127
- Testing SSL server www.boe.gov.sa on port 443 using SNI name www.boe.gov.sa
- TLS Fallback SCSV:
- Server does not support TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-521 DHE 521
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-521 DHE 521
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: boe.gov.sa
- Altnames: DNS:boe.gov.sa, DNS:www.boe.gov.sa
- Issuer: DigiCert SHA2 Extended Validation Server CA
- Not valid before: Jun 11 00:00:00 2018 GMT
- Not valid after: Jun 11 12:00:00 2020 GMT
- #######################################################################################################################################
- I, [2018-10-26T08:40:58.826564 #21524] INFO -- : Initiating port scan
- I, [2018-10-26T08:42:17.148868 #21524] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-26_08-40-58.xml
- I, [2018-10-26T08:42:17.149982 #21524] INFO -- : Discovered open port: 212.138.117.127:80
- I, [2018-10-26T08:42:19.057171 #21524] INFO -- : Discovered open port: 212.138.117.127:443
- I, [2018-10-26T08:42:22.728431 #21524] INFO -- : <<<Enumerating vulnerable applications>>>
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+--------------------+-------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+--------------------+-------------------+----------+----------+
- +----------+--------------------+-------------------+----------+----------+
- ######################################################################################################################################
- Anonymous JTSEC #OpJamalKhashoggi Full Recon #6
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement