Anonymous JTSEC #OpIsraël Full Recon #1

1. #######################################################################################################################################
2. Hostname www.foi.org ISP Amazon.com, Inc.
3. Continent North America Flag
4. US
5. Country United States Country Code US
6. Region Virginia Local time 22 Jan 2019 19:49 EST
7. City Ashburn Postal Code 20149
8. IP Address 18.209.92.69 Latitude 39.048
9. Longitude -77.473
10. #######################################################################################################################################
11. > www.foi.org
12. Server: 194.187.251.67
13. Address: 194.187.251.67#53
14.  
15. Non-authoritative answer:
16. Name: www.foi.org
17. Address: 18.209.92.69
18. >
19. #######################################################################################################################################
20.  
21. HostIP:18.209.92.69
22. HostName:www.foi.org
23.  
24. Gathered Inet-whois information for 18.209.92.69
25. ---------------------------------------------------------------------------------------------------------------------------------------
26.  
27.  
28. inetnum: 13.244.0.0 - 23.19.47.255
29. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
30. descr: IPv4 address block not managed by the RIPE NCC
31. remarks: ------------------------------------------------------
32. remarks:
33. remarks: For registration information,
34. remarks: you can consult the following sources:
35. remarks:
36. remarks: IANA
37. remarks: http://www.iana.org/assignments/ipv4-address-space
38. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
39. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
40. remarks:
41. remarks: AFRINIC (Africa)
42. remarks: http://www.afrinic.net/ whois.afrinic.net
43. remarks:
44. remarks: APNIC (Asia Pacific)
45. remarks: http://www.apnic.net/ whois.apnic.net
46. remarks:
47. remarks: ARIN (Northern America)
48. remarks: http://www.arin.net/ whois.arin.net
49. remarks:
50. remarks: LACNIC (Latin America and the Carribean)
51. remarks: http://www.lacnic.net/ whois.lacnic.net
52. remarks:
53. remarks: ------------------------------------------------------
54. country: EU # Country is really world wide
55. admin-c: IANA1-RIPE
56. tech-c: IANA1-RIPE
57. status: ALLOCATED UNSPECIFIED
58. mnt-by: RIPE-NCC-HM-MNT
59. created: 2019-01-07T10:46:13Z
60. last-modified: 2019-01-07T10:46:13Z
61. source: RIPE
62.  
63. role: Internet Assigned Numbers Authority
64. address: see http://www.iana.org.
65. admin-c: IANA1-RIPE
66. tech-c: IANA1-RIPE
67. nic-hdl: IANA1-RIPE
68. remarks: For more information on IANA services
69. remarks: go to IANA web site at http://www.iana.org.
70. mnt-by: RIPE-NCC-MNT
71. created: 1970-01-01T00:00:00Z
72. last-modified: 2001-09-22T09:31:27Z
73. source: RIPE # Filtered
74.  
75. % This query was served by the RIPE Database Query Service version 1.92.6 (BLAARKOP)
76.  
77.  
78.  
79. Gathered Inic-whois information for foi.org
80. ---------------------------------------------------------------------------------------------------------------------------------------
81. Domain Name: FOI.ORG
82. Registry Domain ID: D20379008-LROR
83. Registrar WHOIS Server: registrar-contact@google.com
84. Registrar URL: http://domains.google.com
85. Updated Date: 2018-01-18T22:32:08Z
86. Creation Date: 2000-02-22T07:23:06Z
87. Registry Expiry Date: 2020-02-22T07:23:06Z
88. Registrar Registration Expiration Date:
89. Registrar: Google Inc.
90. Registrar IANA ID: 895
91. Registrar Abuse Contact Email: registrar-abuse@google.com
92. Registrar Abuse Contact Phone: +1.6502530000
93. Reseller:
94. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
95. Registrant Organization: The Friends of Israel
96. Registrant State/Province: NJ
97. Registrant Country: US
98. Name Server: NS-CLOUD-D1.GOOGLEDOMAINS.COM
99. Name Server: NS-CLOUD-D2.GOOGLEDOMAINS.COM
100. Name Server: NS-CLOUD-D3.GOOGLEDOMAINS.COM
101. Name Server: NS-CLOUD-D4.GOOGLEDOMAINS.COM
102. DNSSEC: signedDelegation
103. URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
104. >>> Last update of WHOIS database: 2019-01-23T02:11:38Z <<<
105. #######################################################################################################################################
106. [i] Scanning Site: https://www.foi.org
107.  
108.  
109.  
110. B A S I C I N F O
111. =======================================================================================================================================
112.  
113.  
114. [+] Site Title: Home - The Friends of Israel Gospel Ministry
115. [+] IP address: 18.209.92.69
116. [+] Web Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
117. [+] CMS: WordPress
118. [+] Cloudflare: Not Detected
119. [+] Robots File: Found
120.  
121. -------------[ contents ]----------------
122. User-agent: *
123. Disallow: /wp-admin/
124. Allow: /wp-admin/admin-ajax.php
125.  
126. -----------[end of contents]-------------
127.  
128.  
129.  
130. W H O I S L O O K U P
131. =======================================================================================================================================
132.  
133. Domain Name: FOI.ORG
134. Registry Domain ID: D20379008-LROR
135. Registrar WHOIS Server: registrar-contact@google.com
136. Registrar URL: http://domains.google.com
137. Updated Date: 2018-01-18T22:32:08Z
138. Creation Date: 2000-02-22T07:23:06Z
139. Registry Expiry Date: 2020-02-22T07:23:06Z
140. Registrar Registration Expiration Date:
141. Registrar: Google Inc.
142. Registrar IANA ID: 895
143. Registrar Abuse Contact Email: registrar-abuse@google.com
144. Registrar Abuse Contact Phone: +1.6502530000
145. Reseller:
146. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
147. Registrant Organization: The Friends of Israel
148. Registrant State/Province: NJ
149. Registrant Country: US
150. Name Server: NS-CLOUD-D1.GOOGLEDOMAINS.COM
151. Name Server: NS-CLOUD-D2.GOOGLEDOMAINS.COM
152. Name Server: NS-CLOUD-D3.GOOGLEDOMAINS.COM
153. Name Server: NS-CLOUD-D4.GOOGLEDOMAINS.COM
154. DNSSEC: signedDelegation
155. URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
156. >>> Last update of WHOIS database: 2019-01-23T02:30:41Z <<<
157.  
158. For more information on Whois status codes, please visit https://icann.org/epp
159.  
160.  
161.  
162.  
163.  
164. G E O I P L O O K U P
165. =======================================================================================================================================
166.  
167. [i] IP Address: 18.209.92.69
168. [i] Country: United States
169. [i] State: Virginia
170. [i] City: Ashburn
171. [i] Latitude: 39.0481
172. [i] Longitude: -77.4728
173.  
174.  
175.  
176.  
177. H T T P H E A D E R S
178. =======================================================================================================================================
179.  
180.  
181. [i] HTTP/1.0 200 OK
182. [i] Date: Wed, 23 Jan 2019 02:31:43 GMT
183. [i] Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
184. [i] X-Powered-By: PHP/7.2.11
185. [i] Set-Cookie: wpfront-notification-bar-landingpage=1
186. [i] Access-Control-Allow-Origin: *
187. [i] Link: <https://www.foi.org/wp-json/>; rel="https://api.w.org/"
188. [i] Link: <https://www.foi.org/>; rel=shortlink
189. [i] X-TEC-API-VERSION: v1
190. [i] X-TEC-API-ROOT: https://www.foi.org/wp-json/tribe/events/v1/
191. [i] X-TEC-API-ORIGIN: https://www.foi.org
192. [i] Cache-Control: max-age=0
193. [i] Expires: Wed, 23 Jan 2019 02:31:43 GMT
194. [i] Vary: Accept-Encoding
195. [i] Connection: close
196. [i] Content-Type: text/html; charset=UTF-8
197.  
198.  
199. S U B N E T C A L C U L A T I O N
200. =======================================================================================================================================
201.  
202. Address = 18.209.92.69
203. Network = 18.209.92.69 / 32
204. Netmask = 255.255.255.255
205. Broadcast = not needed on Point-to-Point links
206. Wildcard Mask = 0.0.0.0
207. Hosts Bits = 0
208. Max. Hosts = 1 (2^0 - 0)
209. Host Range = { 18.209.92.69 - 18.209.92.69 }
210.  
211.  
212.  
213. N M A P P O R T S C A N
214. =======================================================================================================================================
215.  
216.  
217. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-23 02:32 UTC
218. Nmap scan report for foi.org (18.209.92.69)
219. Host is up (0.0086s latency).
220. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
221. PORT STATE SERVICE
222. 21/tcp filtered ftp
223. 22/tcp filtered ssh
224. 23/tcp filtered telnet
225. 80/tcp open http
226. 110/tcp filtered pop3
227. 143/tcp filtered imap
228. 443/tcp open https
229. 3389/tcp filtered ms-wbt-server
230.  
231. Nmap done: 1 IP address (1 host up) scanned in 1.29 seconds
232.  
233.  
234.  
235. S U B - D O M A I N F I N D E R
236. =======================================================================================================================================
237.  
238.  
239. [i] Total Subdomains Found : 6
240.  
241. [+] Subdomain: ijsonline.foi.org
242. [-] IP: 50.116.60.52
243.  
244. [+] Subdomain: store.foi.org
245. [-] IP: 104.45.149.73
246.  
247. [+] Subdomain: webmail.foi.org
248. [-] IP: 50.73.208.113
249.  
250. [+] Subdomain: radio.foi.org
251. [-] IP: 18.209.92.69
252.  
253. [+] Subdomain: whoisjesus.foi.org
254. [-] IP: 18.209.92.69
255.  
256. [+] Subdomain: www.foi.org
257. [-] IP: 18.209.92.69
258. #######################################################################################################################################
259. ; <<>> DiG 9.11.5-P1-1-Debian <<>> foi.org
260. ;; global options: +cmd
261. ;; Got answer:
262. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44153
263. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
264.  
265. ;; OPT PSEUDOSECTION:
266. ; EDNS: version: 0, flags:; udp: 4096
267. ;; QUESTION SECTION:
268. ;foi.org. IN A
269.  
270. ;; ANSWER SECTION:
271. foi.org. 300 IN A 18.209.92.69
272.  
273. ;; Query time: 214 msec
274. ;; SERVER: 194.187.251.67#53(194.187.251.67)
275. ;; WHEN: mar jan 22 21:52:17 EST 2019
276. ;; MSG SIZE rcvd: 52
277.  
278. #######################################################################################################################################
279. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace foi.org
280. ;; global options: +cmd
281. . 81934 IN NS c.root-servers.net.
282. . 81934 IN NS e.root-servers.net.
283. . 81934 IN NS k.root-servers.net.
284. . 81934 IN NS j.root-servers.net.
285. . 81934 IN NS g.root-servers.net.
286. . 81934 IN NS d.root-servers.net.
287. . 81934 IN NS a.root-servers.net.
288. . 81934 IN NS i.root-servers.net.
289. . 81934 IN NS h.root-servers.net.
290. . 81934 IN NS m.root-servers.net.
291. . 81934 IN NS l.root-servers.net.
292. . 81934 IN NS b.root-servers.net.
293. . 81934 IN NS f.root-servers.net.
294. . 81934 IN RRSIG NS 8 0 518400 20190204170000 20190122160000 16749 . FHDFS51TiKxRS+Gz4LsMJcv0ZlqyRCcBXJeX5vDAHf4qaKNIbJmd/ajC Btr/o/gJjq5E+DNyp2xhLZjyoo4AoTzoV1B9Le9So7nGaytkS5ythgFu Ikki1db399uxPaDPaTfVr2dUdwt/yhYBz7sMLH3uLsVVY5fGMRQI+kMa ZCUsipBrNKl+B/9rTwbGZOfMZx5gQpY94K68JgSaf3NeFH+81Vu4vr8C YaYRHL1VuGB9ySf+nqYKKVeHliT4ENRD1dC+j4rjsC3NDe3RWSiXljjk UpMjSd4dx3oKz0aGVffmb5cjAKqQjMHwximLn1JvAZRI7HYZOzN+em6d 4k4qrw==
295. ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 197 ms
296.  
297. org. 172800 IN NS b2.org.afilias-nst.org.
298. org. 172800 IN NS d0.org.afilias-nst.org.
299. org. 172800 IN NS b0.org.afilias-nst.org.
300. org. 172800 IN NS c0.org.afilias-nst.info.
301. org. 172800 IN NS a0.org.afilias-nst.info.
302. org. 172800 IN NS a2.org.afilias-nst.info.
303. org. 86400 IN DS 9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5
304. org. 86400 IN DS 9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982
305. org. 86400 IN RRSIG DS 8 1 86400 20190204170000 20190122160000 16749 . rNC0G54gFL9TrjRzF/AcS6Znc4MDsZkUP9NjUlcj3x3678WbtUTxEQcW iJ2x2XgdGDqvUPEyKBlhLP9WLRxhJVn4Uc5VUyciU7/cheTooyNW3x4t fIyxz+D2grD/Qv4YmU06MbrpS0cSOlAPbqMi/3QvzXQ5qL9oixAQnqcG rx056QOnzqr8kTqjKVC/u5ZA20wEViOuPMMkqlvCMUC8Jy7Hp2m5WsiM 8KpCKpZMFo6x6ieLbGmb0K9SUZ2x/XEmf7K87gFWBsfvyyE1VhPjDdx6 IWMMejFzrPZhfpMVxJkhrT2rnY4tD6w0JtvQoVwEdp7XeAniEbOQZ5M3 Z4p7BQ==
306. ;; Received 837 bytes from 192.5.5.241#53(f.root-servers.net) in 180 ms
307.  
308. foi.org. 86400 IN NS ns-cloud-d1.googledomains.com.
309. foi.org. 86400 IN NS ns-cloud-d4.googledomains.com.
310. foi.org. 86400 IN NS ns-cloud-d3.googledomains.com.
311. foi.org. 86400 IN NS ns-cloud-d2.googledomains.com.
312. foi.org. 86400 IN DS 53719 8 2 1EACFD8DACA0CCC62EF39ADACEAB84483CAC67E124F5AE2BE418101F 5DD2B72E
313. foi.org. 86400 IN RRSIG DS 7 2 86400 20190207152537 20190117142537 45404 org. AwQQjJqpQfHB5qMtiDli4W0e4GmqYS4gm9Pldlaas2IDMJTmtos/v6DS je9qiHuzZDGkOsT8SN7ZHIgwAazZJIdKl5KOxEm8sFtrZHf+r/akcUzw GqfbU0rIcy1rqmgw4crRp8Do1HFiw3U1IKtygHiZN7cryTycgYOlBxsn GEY=
314. ;; Received 368 bytes from 2001:500:b::1#53(c0.org.afilias-nst.info) in 179 ms
315.  
316. foi.org. 300 IN A 18.209.92.69
317. foi.org. 300 IN RRSIG A 8 2 300 20190211062723 20190120062723 39313 foi.org. ERxd7tV9A/UOW0p+HIsMMZltbxol96Z1NpP0WYdPEv4arbVo5RQellSh AaxSrdBiJKnwbAdZQS+FZQheILTFAigSc7CBQTlCCm2sucgOp9H2MAbN lzXuley4U6W8pCQ26jKDFCFXLjQKqXcsl9J+bejWrt9L2YZREkiuo6xQ B1A=
318. ;; Received 219 bytes from 2001:4860:4802:32::6d#53(ns-cloud-d1.googledomains.com) in 59 ms
319. #######################################################################################################################################
320. Traceroute 'www.foi.org'
321. ---------------------------------------------------------------------------------------------------------------------------------------
322.  
323. Start: 2019-01-23T02:54:57+0000
324. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
325. 1.|-- 45.79.12.201 0.0% 3 2.0 1.4 1.0 2.0 0.5
326. 2.|-- 45.79.12.4 0.0% 3 0.7 0.8 0.7 1.1 0.2
327. 3.|-- 45.79.12.8 0.0% 3 2.2 1.5 0.5 2.2 0.9
328. 4.|-- eqix-da1.a100.1.com 0.0% 3 1.1 1.2 1.1 1.2 0.1
329. 5.|-- 176.32.125.196 0.0% 3 30.0 30.6 30.0 31.6 0.9
330. 6.|-- 176.32.125.243 0.0% 3 29.6 30.9 29.6 33.6 2.3
331. 7.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
332. 8.|-- 54.239.46.0 0.0% 3 32.2 37.6 32.2 45.7 7.1
333. 9.|-- 54.240.229.171 0.0% 3 31.8 31.3 31.0 31.8 0.5
334. 10.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
335. 11.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
336. 12.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
337. 13.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
338. 14.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
339. 15.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
340. 16.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
341. 17.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
342. 18.|-- 52.93.29.46 0.0% 3 32.0 31.9 31.3 32.3 0.5
343. 19.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
344. #######################################################################################################################################
345. [*] Performing General Enumeration of Domain: foi.org
346. [*] DNSSEC is configured for foi.org
347. [*] DNSKEYs:
348. [*] NSEC3 KSk RSASHA256 03010001e3df6f035ddab370b085aac7 37b6d4aeb428debeadfa81e6f12a092f f930947a6da5fa3c6a451899d707fafe cc807aeda367f52ae9e6c4d50d679192 34a30a1c7eb6cc0e9fb5826fde4245c5 9ea7a27f00097b300bb6e4f044df259b f7412b475f31b5cc97e9556b215caef5 8ee89f55ec034f0ae12b128950b7d85a 2a9425d0fa23947bc1ec82e7572eb39a 7227682ef9c38ad2f8429dd336adfb24 2145728b3c201066c901d44ced2fe731 5643755c879b4ad193bf27eee15b212e e3bdd506211d69c563a93995f87dd93c c8c540728f9114f7949c793fc212ee4a aa2b8092fea6134ccf90c0d6e47aad16 3e27a52b965a6d1d6eeb5b72b7db7ca5 51faae7d
349. [*] NSEC3 ZSK RSASHA256 030100018c7b3c2f4324dbe4df51e9ce 39720983d664fa7164cb9262cbd55b0b 03049d8cf69d18d682b0ffeaadd9b1ee c8029453a71a7b0c9a9ffd29759ff087 e39ae9e30d6e0f467b3cab7a36e73a92 71e0a82475ec9eddc45430a71e62e36d 4a3ab6b644ac8e3b1f4562bc80e1404e 8d357a64fe9dad375db3eb6562b70fe2 b6a9bc2b
350. [*] SOA ns-cloud-d1.googledomains.com 216.239.32.109
351. [*] NS ns-cloud-d1.googledomains.com 216.239.32.109
352. [*] NS ns-cloud-d1.googledomains.com 2001:4860:4802:32::6d
353. [*] NS ns-cloud-d3.googledomains.com 216.239.36.109
354. [*] NS ns-cloud-d3.googledomains.com 2001:4860:4802:36::6d
355. [*] NS ns-cloud-d2.googledomains.com 216.239.34.109
356. [*] NS ns-cloud-d2.googledomains.com 2001:4860:4802:34::6d
357. [*] NS ns-cloud-d4.googledomains.com 216.239.38.109
358. [*] NS ns-cloud-d4.googledomains.com 2001:4860:4802:38::6d
359. [*] MX alt2.aspmx.l.google.com 74.125.23.26
360. [*] MX alt1.aspmx.l.google.com 74.125.200.27
361. [*] MX alt3.aspmx.l.google.com 173.194.202.27
362. [*] MX aspmx.l.google.com 173.194.69.27
363. [*] MX alt4.aspmx.l.google.com 64.233.178.27
364. [*] MX alt2.aspmx.l.google.com 2404:6800:4008:c02::1b
365. [*] MX alt1.aspmx.l.google.com 2404:6800:4003:c00::1a
366. [*] MX alt3.aspmx.l.google.com 2607:f8b0:400e:c00::1a
367. [*] MX aspmx.l.google.com 2a00:1450:4013:c00::1b
368. [*] MX alt4.aspmx.l.google.com 2607:f8b0:4003:c0a::1b
369. [*] A foi.org 18.209.92.69
370. [*] TXT foi.org google-site-verification=zsJs8Y_5az1vhPEznXJn5KxXSJ1-IriDgs9uTepON0Y
371. [*] TXT foi.org v=spf1 include:servers.mcsv.net ?all
372. [*] TXT foi.org MS=ms25926968
373. [*] TXT foi.org v=spf1 mx ip4:12.161.6.130 ip4:72.32.234.146 ip4:50.73.208.113 include:_spf.google.com ~all
374. [*] Enumerating SRV Records
375. [-] No SRV Records Found for foi.org
376. [+] 0 Records Found
377. #######################################################################################################################################
378. [*] Processing domain foi.org
379. [*] Using system resolvers ['194.187.251.67', '185.93.180.131', '83.143.245.42', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
380. [+] Getting nameservers
381. 216.239.32.109 - ns-cloud-d1.googledomains.com
382. 216.239.36.109 - ns-cloud-d3.googledomains.com
383. 216.239.34.109 - ns-cloud-d2.googledomains.com
384. 216.239.38.109 - ns-cloud-d4.googledomains.com
385. [-] Zone transfer failed
386.  
387. [+] TXT records found
388. "google-site-verification=zsJs8Y_5az1vhPEznXJn5KxXSJ1-IriDgs9uTepON0Y"
389. "v=spf1 include:servers.mcsv.net ?all"
390. "MS=ms25926968"
391. "v=spf1 mx ip4:12.161.6.130 ip4:72.32.234.146 ip4:50.73.208.113 include:_spf.google.com ~all"
392.  
393. [+] MX records found, added to target list
394. 5 alt2.aspmx.l.google.com.
395. 5 alt1.aspmx.l.google.com.
396. 10 alt3.aspmx.l.google.com.
397. 1 aspmx.l.google.com.
398. 10 alt4.aspmx.l.google.com.
399.  
400. [*] Scanning foi.org for A records
401. 18.209.92.69 - foi.org
402. 50.116.60.52 - archive.foi.org
403. 50.73.208.113 - ftp.foi.org
404. 50.73.208.113 - mail2.foi.org
405. 18.209.92.69 - radio.foi.org
406. 50.116.60.52 - staging.foi.org
407. 104.45.149.73 - store.foi.org
408. 50.73.208.113 - webmail.foi.org
409. 18.209.92.69 - www.foi.org
410. #######################################################################################################################################
411.  
412. Ip Address Status Type Domain Name Server
413. ---------- ------ ---- ----------- ------
414. 172.217.168.211 301 alias canada.foi.org ghs
415. 172.217.168.211 301 host ghs.googlehosted.com ghs
416. 50.73.208.113 host ftp.foi.org
417. 50.73.208.113 host mail2.foi.org
418. 18.209.92.69 301 host radio.foi.org
419. 50.116.60.52 host staging.foi.org
420. 104.45.149.73 200 host store.foi.org
421. 50.73.208.113 host webmail.foi.org
422. 18.209.92.69 301 host www.foi.org
423. #######################################################################################################################################
424. [+] Testing domain
425. www.foi.org 18.209.92.69
426. [+] Dns resolving
427. Domain name Ip address Name server
428. foi.org 18.209.92.69 ec2-18-209-92-69.compute-1.amazonaws.com
429. Found 1 host(s) for foi.org
430. [+] Testing wildcard
431. Ok, no wildcard found.
432.  
433. [+] Scanning for subdomain on foi.org
434. [!] Wordlist not specified. I scannig with my internal wordlist...
435. Estimated time about 99.61 seconds
436.  
437. Subdomain Ip address Name server
438.  
439. canada.foi.org 172.217.168.211 ams16s32-in-f19.1e100.net
440. ftp.foi.org 50.73.208.113 50-73-208-113-philadelpia.hfc.comcastbusiness.net
441. mail2.foi.org 50.73.208.113 50-73-208-113-philadelpia.hfc.comcastbusiness.net
442. radio.foi.org 18.209.92.69 ec2-18-209-92-69.compute-1.amazonaws.com
443. staging.foi.org 50.116.60.52 li468-52.members.linode.com
444. webmail.foi.org 50.73.208.113 50-73-208-113-philadelpia.hfc.comcastbusiness.net
445. www.foi.org 18.209.92.69 ec2-18-209-92-69.compute-1.amazonaws.com
446. #######################################################################################################################################
447. ---------------------------------------------------------------------------------------------------------------------------------------
448. + Target IP: 18.209.92.69
449. + Target Hostname: 18.209.92.69
450. + Target Port: 80
451. + Start Time: 2019-01-22 22:13:59 (GMT-5)
452. ---------------------------------------------------------------------------------------------------------------------------------------
453. + Server: No banner retrieved
454. + Server leaks inodes via ETags, header found with file /, fields: 0x9 0x576efd55f2d69
455. + The anti-clickjacking X-Frame-Options header is not present.
456. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
457. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
458. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
459. + Allowed HTTP Methods: POST, OPTIONS, HEAD, GET
460. + Server banner has changed from '' to 'Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11' which may suggest a WAF, load balancer or proxy is in place
461. + OSVDB-3268: /icons/: Directory indexing found.
462. + OSVDB-3233: /icons/README: Apache default file found.
463. + 8346 requests: 0 error(s) and 8 item(s) reported on remote host
464. + End Time: 2019-01-22 22:57:23 (GMT-5) (2604 seconds)
465. ---------------------------------------------------------------------------------------------------------------------------------------
466. #######################################################################################################################################
467. ======================================================================================================================================
468. | File check:
469. | [+] CODE: 200 URL: http://www.foi.org/favicon.ico
470. | [+] CODE: 200 URL: http://www.foi.org/exec/show/config/cr
471. | [+] CODE: 200 URL: http://www.foi.org/.history
472. | [+] CODE: 200 URL: http://www.foi.org/index.php
473. | [+] CODE: 200 URL: http://www.foi.org/license.txt
474. | [+] CODE: 200 URL: http://www.foi.org/.perf
475. | [+] CODE: 200 URL: http://www.foi.org/.plan
476. | [+] CODE: 200 URL: http://www.foi.org/readme.html
477. | [+] CODE: 200 URL: http://www.foi.org/robots.txt
478. | [+] CODE: 200 URL: http://www.foi.org/search/htx/sqlqhit.asp
479. | [+] CODE: 200 URL: http://www.foi.org/search/sqlqhit.asp
480. | [+] CODE: 200 URL: http://www.foi.org/search/htx/SQLQHit.asp
481. | [+] CODE: 200 URL: http://www.foi.org/search/SQLQHit.asp
482. | [+] CODE: 200 URL: http://www.foi.org/sitemap.xml
483. | [+] CODE: 200 URL: http://www.foi.org/test
484. | [+] CODE: 200 URL: http://www.foi.org/tree
485. =======================================================================================================================================
486. | Check robots.txt:
487. | [+] User-agent: *
488. | [+] Disallow: /wp-admin/
489. | [+] Allow: /wp-admin/admin-ajax.php
490. |
491. | Check sitemap.xml:
492. | [+] https://www.foi.org/post-sitemap.xml
493. | [+] https://www.foi.org/page-sitemap.xml
494. | [+] https://www.foi.org/attachment-sitemap.xml
495. | [+] https://www.foi.org/news-sitemap.xml
496. | [+] https://www.foi.org/location-sitemap.xml
497. | [+] https://www.foi.org/free_resource-sitemap.xml
498. | [+] https://www.foi.org/tribe_venue-sitemap.xml
499. | [+] https://www.foi.org/tribe_organizer-sitemap.xml
500. | [+] https://www.foi.org/tribe_events-sitemap.xml
501. | [+] https://www.foi.org/category-sitemap.xml
502. | [+] https://www.foi.org/post_tag-sitemap.xml
503. | [+] https://www.foi.org/series-sitemap.xml
504. | [+] https://www.foi.org/free_resource_category-sitemap.xml
505. | [+] https://www.foi.org/tribe_events_cat-sitemap.xml
506. | [+] https://www.foi.org/author-sitemap.xml
507. =======================================================================================================================================
508. | E-mails:
509. | [+] E-mail Found: mike@hyperreal.org
510. | [+] E-mail Found: m@tidakada.com
511. | [+] E-mail Found: kevinh@kevcom.com
512. | [+] E-mail Found: humbedooh@apache.org
513. | [+] E-mail Found: cjoyner@foi.org
514. =======================================================================================================================================
515. | File Upload Forms:
516. | [+] Upload Form Found: http://www.foi.org/interna/get-involved/serve-with-us/
517. | [+] Upload Form Found: http://www.foi.org/serve/
518. | [+] Upload Form Found: http://www.foi.org/int/get-involved/serve-with-us/
519. | [+] Upload Form Found: http://www.foi.org/intern/get-involved/serve-with-us/
520. | [+] Upload Form Found: http://www.foi.org/serv/
521. =======================================================================================================================================
522. | External hosts:
523. | [+] External Host Found: https://www.mysql.com
524. | [+] External Host Found: http://foi.us5.list-manage.com
525. | [+] External Host Found: http://books.google.com
526. | [+] External Host Found: https://planet.wordpress.org
527. | [+] External Host Found: https://israelmyglory.org
528. | [+] External Host Found: http://httpd.apache.org
529. | [+] External Host Found: http://www.365promises.com
530. | [+] External Host Found: https://secure.php.net
531. | [+] External Host Found: https://store.foi.org
532. | [+] External Host Found: http://www.timesofisrael.com
533. | [+] External Host Found: https://httpd.apache.org
534. | [+] External Host Found: https://radio.foi.org
535. | [+] External Host Found: http://www.arielcanada.com.
536. | [+] External Host Found: http://radio.foi.org
537. | [+] External Host Found: http://www.foxnews.com
538. | [+] External Host Found: http://store.foi.org
539. | [+] External Host Found: https://wordpress.org
540. | [+] External Host Found: https://store.foicanada.org
541. | [+] External Host Found: https://codex.wordpress.org
542. | [+] External Host Found: https://vimeo.com
543. | [+] External Host Found: https://maps.googleapis.com
544. | [+] External Host Found: http://ref.ly
545. | [+] External Host Found: https://developer.wordpress.org
546. =======================================================================================================================================
547. #######################################################################################################################################
548. dnsenum VERSION:1.2.4
549.  
550. ----- www.foi.org -----
551.  
552.  
553. Host's addresses:
554. __________________
555.  
556. www.foi.org. 53 IN A 18.209.92.69
557.  
558.  
559. Name Servers:
560. ______________
561. #######################################################################################################################################
562. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:43 EST
563. Nmap scan report for www.foi.org (18.209.92.69)
564. Host is up (0.19s latency).
565. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
566. Not shown: 471 filtered ports, 3 closed ports
567. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
568. PORT STATE SERVICE
569. 80/tcp open http
570. 443/tcp open https
571. #######################################################################################################################################
572. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:43 EST
573. Nmap scan report for www.foi.org (18.209.92.69)
574. Host is up (0.15s latency).
575. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
576. Not shown: 2 filtered ports
577. PORT STATE SERVICE
578. 53/udp open|filtered domain
579. 67/udp open|filtered dhcps
580. 68/udp open|filtered dhcpc
581. 69/udp open|filtered tftp
582. 88/udp open|filtered kerberos-sec
583. 123/udp open|filtered ntp
584. 139/udp open|filtered netbios-ssn
585. 162/udp open|filtered snmptrap
586. 389/udp open|filtered ldap
587. 520/udp open|filtered route
588. 2049/udp open|filtered nfs
589. #######################################################################################################################################
590. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:44 EST
591. Nmap scan report for www.foi.org (18.209.92.69)
592. Host is up.
593. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
594.  
595. PORT STATE SERVICE VERSION
596. 67/udp open|filtered dhcps
597. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
598. Too many fingerprints match this host to give specific OS details
599.  
600. TRACEROUTE (using proto 1/icmp)
601. HOP RTT ADDRESS
602. 1 147.58 ms 10.246.200.1
603. 2 148.01 ms 193.9.115.113
604. 3 177.56 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
605. 4 147.65 ms sfia-b2-link.telia.net (62.115.148.144)
606. 5 293.20 ms win-bb2-link.telia.net (80.91.251.56)
607. 6 282.82 ms 62.115.133.79
608. 7 266.25 ms prs-bb4-link.telia.net (62.115.122.138)
609. 8 266.52 ms ash-bb3-link.telia.net (62.115.122.159)
610. 9 266.50 ms ash-b1-link.telia.net (80.91.248.157)
611. 10 268.12 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
612. 11 ... 30
613. #######################################################################################################################################
614. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:46 EST
615. Nmap scan report for www.foi.org (18.209.92.69)
616. Host is up.
617. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
618.  
619. PORT STATE SERVICE VERSION
620. 68/udp open|filtered dhcpc
621. Too many fingerprints match this host to give specific OS details
622.  
623. TRACEROUTE (using proto 1/icmp)
624. HOP RTT ADDRESS
625. 1 144.78 ms 10.246.200.1
626. 2 144.82 ms 193.9.115.113
627. 3 144.81 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
628. 4 144.83 ms sfia-b2-link.telia.net (62.115.148.144)
629. 5 280.69 ms win-bb2-link.telia.net (80.91.251.56)
630. 6 280.67 ms 62.115.133.79
631. 7 266.13 ms prs-bb4-link.telia.net (62.115.122.138)
632. 8 263.17 ms ash-bb3-link.telia.net (62.115.122.159)
633. 9 263.14 ms ash-b1-link.telia.net (80.91.248.157)
634. 10 265.74 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
635. 11 ... 30
636. #######################################################################################################################################
637. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:48 EST
638. Nmap scan report for www.foi.org (18.209.92.69)
639. Host is up.
640. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
641.  
642. PORT STATE SERVICE VERSION
643. 69/udp open|filtered tftp
644. Too many fingerprints match this host to give specific OS details
645.  
646. TRACEROUTE (using proto 1/icmp)
647. HOP RTT ADDRESS
648. 1 144.60 ms 10.246.200.1
649. 2 144.67 ms 193.9.115.113
650. 3 145.62 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
651. 4 144.66 ms sfia-b2-link.telia.net (62.115.148.144)
652. 5 280.35 ms win-bb2-link.telia.net (80.91.251.56)
653. 6 280.37 ms 62.115.133.79
654. 7 262.97 ms prs-bb4-link.telia.net (62.115.122.138)
655. 8 263.16 ms ash-bb3-link.telia.net (62.115.122.159)
656. 9 263.00 ms ash-b1-link.telia.net (80.91.248.157)
657. 10 264.19 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
658. 11 ... 30
659. #######################################################################################################################################
660.  
661. ^ ^
662. _ __ _ ____ _ __ _ _ ____
663. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
664. | V V // o // _/ | V V // 0 // 0 // _/
665. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
666. <
667. ...'
668.  
669. WAFW00F - Web Application Firewall Detection Tool
670.  
671. By Sandro Gauci && Wendel G. Henrique
672.  
673. Checking http://www.foi.org
674. Generic Detection results:
675. No WAF detected by the generic detection
676. Number of requests: 17
677. #######################################################################################################################################
678. wig - WebApp Information Gatherer
679.  
680.  
681. Scanning https://www.foi.org...
682. _______________________________ SITE INFO ________________________________
683. IP Title
684. 18.209.92.69 Home - The Friends of Israel Gospel Ministry
685.  
686. ________________________________ VERSION _________________________________
687. Name Versions Type
688. WordPress 5.0.3 CMS
689. Apache 2.4.37 Platform
690. PHP 7.2.11 Platform
691. openssl 1.0.2k-fips Platform
692.  
693. ______________________________ INTERESTING _______________________________
694. URL Note Type
695. /readme.html Readme file Interesting
696. /robots.txt robots.txt index Interesting
697. /login/ Login Page Interesting
698. /test/ Test directory Interesting
699.  
700. _________________________________ TOOLS __________________________________
701. Name Link Software
702. wpscan https://github.com/wpscanteam/wpscan WordPress
703. CMSmap https://github.com/Dionach/CMSmap WordPress
704.  
705. __________________________________________________________________________
706. Time: 175.1 sec Urls: 525 Fingerprints: 40401
707. #######################################################################################################################################
708. HTTP/1.1 301 Moved Permanently
709. Date: Wed, 23 Jan 2019 03:55:24 GMT
710. Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
711. Location: https://www.foi.org/
712. Cache-Control: max-age=0
713. Expires: Wed, 23 Jan 2019 03:55:24 GMT
714. Content-Type: text/html; charset=iso-8859-1
715. #######################################################################################################################################
716. ---------------------------------------------------------------------------------------------------------------------------------------
717.  
718. [ ! ] Starting SCANNER INURLBR 2.1 at [22-01-2019 22:55:51]
719. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
720. It is the end user's responsibility to obey all applicable local, state and federal laws.
721. Developers assume no liability and are not responsible for any misuse or damage caused by this program
722.  
723. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-www.foi.org ]
724. [ INFO ][ DORK ]::[ site:www.foi.org ]
725. [ INFO ][ SEARCHING ]:: {
726. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.be ]
727.  
728. [ INFO ][ SEARCHING ]::
729. -[:::]
730. [ INFO ][ ENGINE ]::[ GOOGLE API ]
731.  
732. [ INFO ][ SEARCHING ]::
733. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
734. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.me ID: 007843865286850066037:3ajwn2jlweq ]
735.  
736. [ INFO ][ SEARCHING ]::
737. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
738.  
739. [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
740.  
741.  
742. _[ - ]::--------------------------------------------------------------------------------------------------------------
743. |_[ + ] [ 0 / 100 ]-[22:56:15] [ - ]
744. |_[ + ] Target:: [ https://www.foi.org/ ]
745. |_[ + ] Exploit::
746. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
747. |_[ + ] More details:: / - / , ISP:
748. |_[ + ] Found:: UNIDENTIFIED
749.  
750. _[ - ]::--------------------------------------------------------------------------------------------------------------
751. |_[ + ] [ 1 / 100 ]-[22:56:20] [ - ]
752. |_[ + ] Target:: [ https://www.foi.org/audio/ ]
753. |_[ + ] Exploit::
754. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
755. |_[ + ] More details:: / - / , ISP:
756. |_[ + ] Found:: UNIDENTIFIED
757.  
758. _[ - ]::--------------------------------------------------------------------------------------------------------------
759. |_[ + ] [ 2 / 100 ]-[22:56:26] [ - ]
760. |_[ + ] Target:: [ https://www.foi.org/image/ ]
761. |_[ + ] Exploit::
762. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
763. |_[ + ] More details:: / - / , ISP:
764. |_[ + ] Found:: UNIDENTIFIED
765.  
766. _[ - ]::--------------------------------------------------------------------------------------------------------------
767. |_[ + ] [ 3 / 100 ]-[22:56:31] [ - ]
768. |_[ + ] Target:: [ https://www.foi.org/resources/ ]
769. |_[ + ] Exploit::
770. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
771. |_[ + ] More details:: / - / , ISP:
772. |_[ + ] Found:: UNIDENTIFIED
773.  
774. _[ - ]::--------------------------------------------------------------------------------------------------------------
775. |_[ + ] [ 4 / 100 ]-[22:56:36] [ - ]
776. |_[ + ] Target:: [ https://www.foi.org/give/ ]
777. |_[ + ] Exploit::
778. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
779. |_[ + ] More details:: / - / , ISP:
780. |_[ + ] Found:: UNIDENTIFIED
781. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
782.  
783. _[ - ]::--------------------------------------------------------------------------------------------------------------
784. |_[ + ] [ 5 / 100 ]-[22:56:41] [ - ]
785. |_[ + ] Target:: [ https://www.foi.org/orkut/ ]
786. |_[ + ] Exploit::
787. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
788. |_[ + ] More details:: / - / , ISP:
789. |_[ + ] Found:: UNIDENTIFIED
790.  
791. _[ - ]::--------------------------------------------------------------------------------------------------------------
792. |_[ + ] [ 6 / 100 ]-[22:56:46] [ - ]
793. |_[ + ] Target:: [ https://www.foi.org/cart/ ]
794. |_[ + ] Exploit::
795. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
796. |_[ + ] More details:: / - / , ISP:
797. |_[ + ] Found:: UNIDENTIFIED
798.  
799. _[ - ]::--------------------------------------------------------------------------------------------------------------
800. |_[ + ] [ 7 / 100 ]-[22:56:51] [ - ]
801. |_[ + ] Target:: [ https://www.foi.org/background/ ]
802. |_[ + ] Exploit::
803. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
804. |_[ + ] More details:: / - / , ISP:
805. |_[ + ] Found:: UNIDENTIFIED
806.  
807. _[ - ]::--------------------------------------------------------------------------------------------------------------
808. |_[ + ] [ 8 / 100 ]-[22:56:56] [ - ]
809. |_[ + ] Target:: [ https://www.foi.org/apple/ ]
810. |_[ + ] Exploit::
811. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
812. |_[ + ] More details:: / - / , ISP:
813. |_[ + ] Found:: UNIDENTIFIED
814.  
815. _[ - ]::--------------------------------------------------------------------------------------------------------------
816. |_[ + ] [ 9 / 100 ]-[22:57:01] [ - ]
817. |_[ + ] Target:: [ https://www.foi.org/testingam/ ]
818. |_[ + ] Exploit::
819. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
820. |_[ + ] More details:: / - / , ISP:
821. |_[ + ] Found:: UNIDENTIFIED
822.  
823. _[ - ]::--------------------------------------------------------------------------------------------------------------
824. |_[ + ] [ 10 / 100 ]-[22:57:06] [ - ]
825. |_[ + ] Target:: [ https://www.foi.org/yahoo/ ]
826. |_[ + ] Exploit::
827. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
828. |_[ + ] More details:: / - / , ISP:
829. |_[ + ] Found:: UNIDENTIFIED
830.  
831. _[ - ]::--------------------------------------------------------------------------------------------------------------
832. |_[ + ] [ 11 / 100 ]-[22:57:09] [ - ]
833. |_[ + ] Target:: [ http://www.foi.org/icons/ ]
834. |_[ + ] Exploit::
835. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 , IP:18.209.92.69:80
836. |_[ + ] More details:: / - / , ISP:
837. |_[ + ] Found:: UNIDENTIFIED
838.  
839. _[ - ]::--------------------------------------------------------------------------------------------------------------
840. |_[ + ] [ 12 / 100 ]-[22:57:14] [ - ]
841. |_[ + ] Target:: [ https://www.foi.org/vision/ ]
842. |_[ + ] Exploit::
843. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
844. |_[ + ] More details:: / - / , ISP:
845. |_[ + ] Found:: UNIDENTIFIED
846.  
847. _[ - ]::--------------------------------------------------------------------------------------------------------------
848. |_[ + ] [ 13 / 100 ]-[22:57:19] [ - ]
849. |_[ + ] Target:: [ https://www.foi.org/staff/ ]
850. |_[ + ] Exploit::
851. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
852. |_[ + ] More details:: / - / , ISP:
853. |_[ + ] Found:: UNIDENTIFIED
854.  
855. _[ - ]::--------------------------------------------------------------------------------------------------------------
856. |_[ + ] [ 14 / 100 ]-[22:57:24] [ - ]
857. |_[ + ] Target:: [ https://www.foi.org/flickr/ ]
858. |_[ + ] Exploit::
859. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
860. |_[ + ] More details:: / - / , ISP:
861. |_[ + ] Found:: UNIDENTIFIED
862.  
863. _[ - ]::--------------------------------------------------------------------------------------------------------------
864. |_[ + ] [ 15 / 100 ]-[22:57:29] [ - ]
865. |_[ + ] Target:: [ https://www.foi.org/web/ ]
866. |_[ + ] Exploit::
867. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
868. |_[ + ] More details:: / - / , ISP:
869. |_[ + ] Found:: UNIDENTIFIED
870.  
871. _[ - ]::--------------------------------------------------------------------------------------------------------------
872. |_[ + ] [ 16 / 100 ]-[22:57:34] [ - ]
873. |_[ + ] Target:: [ https://www.foi.org/mail/ ]
874. |_[ + ] Exploit::
875. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
876. |_[ + ] More details:: / - / , ISP:
877. |_[ + ] Found:: UNIDENTIFIED
878.  
879. _[ - ]::--------------------------------------------------------------------------------------------------------------
880. |_[ + ] [ 17 / 100 ]-[22:57:39] [ - ]
881. |_[ + ] Target:: [ https://www.foi.org/favorites/ ]
882. |_[ + ] Exploit::
883. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
884. |_[ + ] More details:: / - / , ISP:
885. |_[ + ] Found:: UNIDENTIFIED
886.  
887. _[ - ]::--------------------------------------------------------------------------------------------------------------
888. |_[ + ] [ 18 / 100 ]-[22:57:44] [ - ]
889. |_[ + ] Target:: [ https://www.foi.org/news/ ]
890. |_[ + ] Exploit::
891. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
892. |_[ + ] More details:: / - / , ISP:
893. |_[ + ] Found:: UNIDENTIFIED
894.  
895. _[ - ]::--------------------------------------------------------------------------------------------------------------
896. |_[ + ] [ 19 / 100 ]-[22:57:49] [ - ]
897. |_[ + ] Target:: [ https://www.foi.org/subpage/ ]
898. |_[ + ] Exploit::
899. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
900. |_[ + ] More details:: / - / , ISP:
901. |_[ + ] Found:: UNIDENTIFIED
902.  
903. _[ - ]::--------------------------------------------------------------------------------------------------------------
904. |_[ + ] [ 20 / 100 ]-[22:57:54] [ - ]
905. |_[ + ] Target:: [ https://www.foi.org/youtube/ ]
906. |_[ + ] Exploit::
907. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
908. |_[ + ] More details:: / - / , ISP:
909. |_[ + ] Found:: UNIDENTIFIED
910.  
911. _[ - ]::--------------------------------------------------------------------------------------------------------------
912. |_[ + ] [ 21 / 100 ]-[22:57:59] [ - ]
913. |_[ + ] Target:: [ https://www.foi.org/video/ ]
914. |_[ + ] Exploit::
915. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
916. |_[ + ] More details:: / - / , ISP:
917. |_[ + ] Found:: UNIDENTIFIED
918.  
919. _[ - ]::--------------------------------------------------------------------------------------------------------------
920. |_[ + ] [ 22 / 100 ]-[22:58:04] [ - ]
921. |_[ + ] Target:: [ https://www.foi.org/blogger/ ]
922. |_[ + ] Exploit::
923. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
924. |_[ + ] More details:: / - / , ISP:
925. |_[ + ] Found:: UNIDENTIFIED
926.  
927. _[ - ]::--------------------------------------------------------------------------------------------------------------
928. |_[ + ] [ 23 / 100 ]-[22:58:09] [ - ]
929. |_[ + ] Target:: [ https://www.foi.org/free_resource/ ]
930. |_[ + ] Exploit::
931. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
932. |_[ + ] More details:: / - / , ISP:
933. |_[ + ] Found:: UNIDENTIFIED
934.  
935. _[ - ]::--------------------------------------------------------------------------------------------------------------
936. |_[ + ] [ 24 / 100 ]-[22:58:14] [ - ]
937. |_[ + ] Target:: [ https://www.foi.org/untitled/ ]
938. |_[ + ] Exploit::
939. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
940. |_[ + ] More details:: / - / , ISP:
941. |_[ + ] Found:: UNIDENTIFIED
942.  
943. _[ - ]::--------------------------------------------------------------------------------------------------------------
944. |_[ + ] [ 25 / 100 ]-[22:58:20] [ - ]
945. |_[ + ] Target:: [ https://www.foi.org/author/sfern/ ]
946. |_[ + ] Exploit::
947. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
948. |_[ + ] More details:: / - / , ISP:
949. |_[ + ] Found:: UNIDENTIFIED
950.  
951. _[ - ]::--------------------------------------------------------------------------------------------------------------
952. |_[ + ] [ 26 / 100 ]-[22:58:26] [ - ]
953. |_[ + ] Target:: [ https://www.foi.org/free_resource/lamb_of_passover/ ]
954. |_[ + ] Exploit::
955. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
956. |_[ + ] More details:: / - / , ISP:
957. |_[ + ] Found:: UNIDENTIFIED
958. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
959.  
960. _[ - ]::--------------------------------------------------------------------------------------------------------------
961. |_[ + ] [ 27 / 100 ]-[22:58:31] [ - ]
962. |_[ + ] Target:: [ https://www.foi.org/tag/messiah/ ]
963. |_[ + ] Exploit::
964. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
965. |_[ + ] More details:: / - / , ISP:
966. |_[ + ] Found:: UNIDENTIFIED
967.  
968. _[ - ]::--------------------------------------------------------------------------------------------------------------
969. |_[ + ] [ 28 / 100 ]-[22:58:37] [ - ]
970. |_[ + ] Target:: [ https://www.foi.org/tag/jesus/ ]
971. |_[ + ] Exploit::
972. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
973. |_[ + ] More details:: / - / , ISP:
974. |_[ + ] Found:: UNIDENTIFIED
975.  
976. _[ - ]::--------------------------------------------------------------------------------------------------------------
977. |_[ + ] [ 29 / 100 ]-[22:58:42] [ - ]
978. |_[ + ] Target:: [ https://www.foi.org/author/emcquaid/ ]
979. |_[ + ] Exploit::
980. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
981. |_[ + ] More details:: / - / , ISP:
982. |_[ + ] Found:: UNIDENTIFIED
983.  
984. _[ - ]::--------------------------------------------------------------------------------------------------------------
985. |_[ + ] [ 30 / 100 ]-[22:58:48] [ - ]
986. |_[ + ] Target:: [ https://www.foi.org/tag/synagogue/ ]
987. |_[ + ] Exploit::
988. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
989. |_[ + ] More details:: / - / , ISP:
990. |_[ + ] Found:: UNIDENTIFIED
991.  
992. _[ - ]::--------------------------------------------------------------------------------------------------------------
993. |_[ + ] [ 31 / 100 ]-[22:58:54] [ - ]
994. |_[ + ] Target:: [ https://www.foi.org/tag/ephesians/ ]
995. |_[ + ] Exploit::
996. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
997. |_[ + ] More details:: / - / , ISP:
998. |_[ + ] Found:: UNIDENTIFIED
999. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 163840 bytes received
1000.  
1001. _[ - ]::--------------------------------------------------------------------------------------------------------------
1002. |_[ + ] [ 32 / 100 ]-[22:58:59] [ - ]
1003. |_[ + ] Target:: [ https://www.foi.org/tag/prophecy/ ]
1004. |_[ + ] Exploit::
1005. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1006. |_[ + ] More details:: / - / , ISP:
1007. |_[ + ] Found:: UNIDENTIFIED
1008. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1009.  
1010. _[ - ]::--------------------------------------------------------------------------------------------------------------
1011. |_[ + ] [ 33 / 100 ]-[22:59:05] [ - ]
1012. |_[ + ] Target:: [ https://www.foi.org/tag/missionary/ ]
1013. |_[ + ] Exploit::
1014. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1015. |_[ + ] More details:: / - / , ISP:
1016. |_[ + ] Found:: UNIDENTIFIED
1017. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1018.  
1019. _[ - ]::--------------------------------------------------------------------------------------------------------------
1020. |_[ + ] [ 34 / 100 ]-[22:59:11] [ - ]
1021. |_[ + ] Target:: [ https://www.foi.org/tag/sugarcreek/ ]
1022. |_[ + ] Exploit::
1023. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1024. |_[ + ] More details:: / - / , ISP:
1025. |_[ + ] Found:: UNIDENTIFIED
1026. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1027.  
1028. _[ - ]::--------------------------------------------------------------------------------------------------------------
1029. |_[ + ] [ 35 / 100 ]-[22:59:16] [ - ]
1030. |_[ + ] Target:: [ https://www.foi.org/tag/esther/ ]
1031. |_[ + ] Exploit::
1032. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1033. |_[ + ] More details:: / - / , ISP:
1034. |_[ + ] Found:: UNIDENTIFIED
1035.  
1036. _[ - ]::--------------------------------------------------------------------------------------------------------------
1037. |_[ + ] [ 36 / 100 ]-[22:59:22] [ - ]
1038. |_[ + ] Target:: [ https://www.foi.org/tag/cbn/ ]
1039. |_[ + ] Exploit::
1040. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1041. |_[ + ] More details:: / - / , ISP:
1042. |_[ + ] Found:: UNIDENTIFIED
1043. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 163840 bytes received
1044.  
1045. _[ - ]::--------------------------------------------------------------------------------------------------------------
1046. |_[ + ] [ 37 / 100 ]-[22:59:28] [ - ]
1047. |_[ + ] Target:: [ https://www.foi.org/tag/greenacres/ ]
1048. |_[ + ] Exploit::
1049. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1050. |_[ + ] More details:: / - / , ISP:
1051. |_[ + ] Found:: UNIDENTIFIED
1052.  
1053. _[ - ]::--------------------------------------------------------------------------------------------------------------
1054. |_[ + ] [ 38 / 100 ]-[22:59:33] [ - ]
1055. |_[ + ] Target:: [ https://www.foi.org/tag/map/ ]
1056. |_[ + ] Exploit::
1057. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1058. |_[ + ] More details:: / - / , ISP:
1059. |_[ + ] Found:: UNIDENTIFIED
1060.  
1061. _[ - ]::--------------------------------------------------------------------------------------------------------------
1062. |_[ + ] [ 39 / 100 ]-[22:59:38] [ - ]
1063. |_[ + ] Target:: [ https://www.foi.org/resources/connect/ ]
1064. |_[ + ] Exploit::
1065. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1066. |_[ + ] More details:: / - / , ISP:
1067. |_[ + ] Found:: UNIDENTIFIED
1068.  
1069. _[ - ]::--------------------------------------------------------------------------------------------------------------
1070. |_[ + ] [ 40 / 100 ]-[22:59:44] [ - ]
1071. |_[ + ] Target:: [ https://www.foi.org/author/tmunger/ ]
1072. |_[ + ] Exploit::
1073. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1074. |_[ + ] More details:: / - / , ISP:
1075. |_[ + ] Found:: UNIDENTIFIED
1076.  
1077. _[ - ]::--------------------------------------------------------------------------------------------------------------
1078. |_[ + ] [ 41 / 100 ]-[22:59:49] [ - ]
1079. |_[ + ] Target:: [ https://www.foi.org/event/hesed/ ]
1080. |_[ + ] Exploit::
1081. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1082. |_[ + ] More details:: / - / , ISP:
1083. |_[ + ] Found:: UNIDENTIFIED
1084. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1085.  
1086. _[ - ]::--------------------------------------------------------------------------------------------------------------
1087. |_[ + ] [ 42 / 100 ]-[22:59:55] [ - ]
1088. |_[ + ] Target:: [ https://www.foi.org/tag/leadership/ ]
1089. |_[ + ] Exploit::
1090. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1091. |_[ + ] More details:: / - / , ISP:
1092. |_[ + ] Found:: UNIDENTIFIED
1093.  
1094. _[ - ]::--------------------------------------------------------------------------------------------------------------
1095. |_[ + ] [ 43 / 100 ]-[23:00:01] [ - ]
1096. |_[ + ] Target:: [ https://www.foi.org/tag/culture/ ]
1097. |_[ + ] Exploit::
1098. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1099. |_[ + ] More details:: / - / , ISP:
1100. |_[ + ] Found:: UNIDENTIFIED
1101. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1102.  
1103. _[ - ]::--------------------------------------------------------------------------------------------------------------
1104. |_[ + ] [ 44 / 100 ]-[23:00:06] [ - ]
1105. |_[ + ] Target:: [ https://www.foi.org/author/tsimcox/ ]
1106. |_[ + ] Exploit::
1107. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1108. |_[ + ] More details:: / - / , ISP:
1109. |_[ + ] Found:: UNIDENTIFIED
1110.  
1111. _[ - ]::--------------------------------------------------------------------------------------------------------------
1112. |_[ + ] [ 45 / 100 ]-[23:00:12] [ - ]
1113. |_[ + ] Target:: [ https://www.foi.org/tag/fear/ ]
1114. |_[ + ] Exploit::
1115. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1116. |_[ + ] More details:: / - / , ISP:
1117. |_[ + ] Found:: UNIDENTIFIED
1118.  
1119. _[ - ]::--------------------------------------------------------------------------------------------------------------
1120. |_[ + ] [ 46 / 100 ]-[23:00:18] [ - ]
1121. |_[ + ] Target:: [ https://www.foi.org/tag/salvation/ ]
1122. |_[ + ] Exploit::
1123. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1124. |_[ + ] More details:: / - / , ISP:
1125. |_[ + ] Found:: UNIDENTIFIED
1126. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 81920 bytes received
1127.  
1128. _[ - ]::--------------------------------------------------------------------------------------------------------------
1129. |_[ + ] [ 47 / 100 ]-[23:00:23] [ - ]
1130. |_[ + ] Target:: [ https://www.foi.org/tag/mordechai/ ]
1131. |_[ + ] Exploit::
1132. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1133. |_[ + ] More details:: / - / , ISP:
1134. |_[ + ] Found:: UNIDENTIFIED
1135. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 114688 bytes received
1136.  
1137. _[ - ]::--------------------------------------------------------------------------------------------------------------
1138. |_[ + ] [ 48 / 100 ]-[23:00:29] [ - ]
1139. |_[ + ] Target:: [ https://www.foi.org/tag/atlanta/ ]
1140. |_[ + ] Exploit::
1141. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1142. |_[ + ] More details:: / - / , ISP:
1143. |_[ + ] Found:: UNIDENTIFIED
1144. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 98304 bytes received
1145.  
1146. _[ - ]::--------------------------------------------------------------------------------------------------------------
1147. |_[ + ] [ 49 / 100 ]-[23:00:35] [ - ]
1148. |_[ + ] Target:: [ https://www.foi.org/tag/manger/ ]
1149. |_[ + ] Exploit::
1150. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1151. |_[ + ] More details:: / - / , ISP:
1152. |_[ + ] Found:: UNIDENTIFIED
1153. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1154.  
1155. _[ - ]::--------------------------------------------------------------------------------------------------------------
1156. |_[ + ] [ 50 / 100 ]-[23:00:41] [ - ]
1157. |_[ + ] Target:: [ https://www.foi.org/tag/trials/ ]
1158. |_[ + ] Exploit::
1159. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1160. |_[ + ] More details:: / - / , ISP:
1161. |_[ + ] Found:: UNIDENTIFIED
1162.  
1163. _[ - ]::--------------------------------------------------------------------------------------------------------------
1164. |_[ + ] [ 51 / 100 ]-[23:00:45] [ - ]
1165. |_[ + ] Target:: [ https://www.foi.org/privacy-policy/ ]
1166. |_[ + ] Exploit::
1167. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1168. |_[ + ] More details:: / - / , ISP:
1169. |_[ + ] Found:: UNIDENTIFIED
1170.  
1171. _[ - ]::--------------------------------------------------------------------------------------------------------------
1172. |_[ + ] [ 52 / 100 ]-[23:00:51] [ - ]
1173. |_[ + ] Target:: [ https://www.foi.org/tag/isis/ ]
1174. |_[ + ] Exploit::
1175. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1176. |_[ + ] More details:: / - / , ISP:
1177. |_[ + ] Found:: UNIDENTIFIED
1178. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1179.  
1180. _[ - ]::--------------------------------------------------------------------------------------------------------------
1181. |_[ + ] [ 53 / 100 ]-[23:00:57] [ - ]
1182. |_[ + ] Target:: [ https://www.foi.org/tag/revelation/ ]
1183. |_[ + ] Exploit::
1184. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1185. |_[ + ] More details:: / - / , ISP:
1186. |_[ + ] Found:: UNIDENTIFIED
1187.  
1188. _[ - ]::--------------------------------------------------------------------------------------------------------------
1189. |_[ + ] [ 54 / 100 ]-[23:01:02] [ - ]
1190. |_[ + ] Target:: [ https://www.foi.org/tag/purim/ ]
1191. |_[ + ] Exploit::
1192. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1193. |_[ + ] More details:: / - / , ISP:
1194. |_[ + ] Found:: UNIDENTIFIED
1195.  
1196. _[ - ]::--------------------------------------------------------------------------------------------------------------
1197. |_[ + ] [ 55 / 100 ]-[23:01:08] [ - ]
1198. |_[ + ] Target:: [ https://www.foi.org/tag/mi/ ]
1199. |_[ + ] Exploit::
1200. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1201. |_[ + ] More details:: / - / , ISP:
1202. |_[ + ] Found:: UNIDENTIFIED
1203.  
1204. _[ - ]::--------------------------------------------------------------------------------------------------------------
1205. |_[ + ] [ 56 / 100 ]-[23:01:13] [ - ]
1206. |_[ + ] Target:: [ https://www.foi.org/tag/pa/ ]
1207. |_[ + ] Exploit::
1208. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1209. |_[ + ] More details:: / - / , ISP:
1210. |_[ + ] Found:: UNIDENTIFIED
1211.  
1212. _[ - ]::--------------------------------------------------------------------------------------------------------------
1213. |_[ + ] [ 57 / 100 ]-[23:01:19] [ - ]
1214. |_[ + ] Target:: [ https://www.foi.org/tag/antisemitism/ ]
1215. |_[ + ] Exploit::
1216. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1217. |_[ + ] More details:: / - / , ISP:
1218. |_[ + ] Found:: UNIDENTIFIED
1219.  
1220. _[ - ]::--------------------------------------------------------------------------------------------------------------
1221. |_[ + ] [ 58 / 100 ]-[23:01:24] [ - ]
1222. |_[ + ] Target:: [ https://www.foi.org/tag/christians/ ]
1223. |_[ + ] Exploit::
1224. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1225. |_[ + ] More details:: / - / , ISP:
1226. |_[ + ] Found:: UNIDENTIFIED
1227.  
1228. _[ - ]::--------------------------------------------------------------------------------------------------------------
1229. |_[ + ] [ 59 / 100 ]-[23:01:30] [ - ]
1230. |_[ + ] Target:: [ https://www.foi.org/tag/haman/ ]
1231. |_[ + ] Exploit::
1232. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1233. |_[ + ] More details:: / - / , ISP:
1234. |_[ + ] Found:: UNIDENTIFIED
1235.  
1236. _[ - ]::--------------------------------------------------------------------------------------------------------------
1237. |_[ + ] [ 60 / 100 ]-[23:01:36] [ - ]
1238. |_[ + ] Target:: [ https://www.foi.org/tag/california/ ]
1239. |_[ + ] Exploit::
1240. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1241. |_[ + ] More details:: / - / , ISP:
1242. |_[ + ] Found:: UNIDENTIFIED
1243. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 114688 bytes received
1244.  
1245. _[ - ]::--------------------------------------------------------------------------------------------------------------
1246. |_[ + ] [ 61 / 100 ]-[23:01:41] [ - ]
1247. |_[ + ] Target:: [ https://www.foi.org/author/sherzig/ ]
1248. |_[ + ] Exploit::
1249. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1250. |_[ + ] More details:: / - / , ISP:
1251. |_[ + ] Found:: UNIDENTIFIED
1252. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 81920 bytes received
1253.  
1254. _[ - ]::--------------------------------------------------------------------------------------------------------------
1255. |_[ + ] [ 62 / 100 ]-[23:01:47] [ - ]
1256. |_[ + ] Target:: [ https://www.foi.org/tag/iowa/ ]
1257. |_[ + ] Exploit::
1258. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1259. |_[ + ] More details:: / - / , ISP:
1260. |_[ + ] Found:: UNIDENTIFIED
1261. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 114688 bytes received
1262.  
1263. _[ - ]::--------------------------------------------------------------------------------------------------------------
1264. |_[ + ] [ 63 / 100 ]-[23:01:53] [ - ]
1265. |_[ + ] Target:: [ https://www.foi.org/tag/menorah/ ]
1266. |_[ + ] Exploit::
1267. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1268. |_[ + ] More details:: / - / , ISP:
1269. |_[ + ] Found:: UNIDENTIFIED
1270. |_[ + ] ERROR CONECTION:: Operation timed out after 5004 milliseconds with 147456 bytes received
1271.  
1272. _[ - ]::--------------------------------------------------------------------------------------------------------------
1273. |_[ + ] [ 64 / 100 ]-[23:01:58] [ - ]
1274. |_[ + ] Target:: [ https://www.foi.org/tag/arizona/ ]
1275. |_[ + ] Exploit::
1276. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1277. |_[ + ] More details:: / - / , ISP:
1278. |_[ + ] Found:: UNIDENTIFIED
1279.  
1280. _[ - ]::--------------------------------------------------------------------------------------------------------------
1281. |_[ + ] [ 65 / 100 ]-[23:02:04] [ - ]
1282. |_[ + ] Target:: [ https://www.foi.org/tag/david/ ]
1283. |_[ + ] Exploit::
1284. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1285. |_[ + ] More details:: / - / , ISP:
1286. |_[ + ] Found:: UNIDENTIFIED
1287.  
1288. _[ - ]::--------------------------------------------------------------------------------------------------------------
1289. |_[ + ] [ 66 / 100 ]-[23:02:10] [ - ]
1290. |_[ + ] Target:: [ https://www.foi.org/tag/tragedy/ ]
1291. |_[ + ] Exploit::
1292. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1293. |_[ + ] More details:: / - / , ISP:
1294. |_[ + ] Found:: UNIDENTIFIED
1295. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1296.  
1297. _[ - ]::--------------------------------------------------------------------------------------------------------------
1298. |_[ + ] [ 67 / 100 ]-[23:02:16] [ - ]
1299. |_[ + ] Target:: [ https://www.foi.org/tag/reverence/ ]
1300. |_[ + ] Exploit::
1301. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1302. |_[ + ] More details:: / - / , ISP:
1303. |_[ + ] Found:: UNIDENTIFIED
1304. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1305.  
1306. _[ - ]::--------------------------------------------------------------------------------------------------------------
1307. |_[ + ] [ 68 / 100 ]-[23:02:21] [ - ]
1308. |_[ + ] Target:: [ https://www.foi.org/tag/syria/ ]
1309. |_[ + ] Exploit::
1310. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1311. |_[ + ] More details:: / - / , ISP:
1312. |_[ + ] Found:: UNIDENTIFIED
1313. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1314.  
1315. _[ - ]::--------------------------------------------------------------------------------------------------------------
1316. |_[ + ] [ 69 / 100 ]-[23:02:27] [ - ]
1317. |_[ + ] Target:: [ https://www.foi.org/tag/temple/ ]
1318. |_[ + ] Exploit::
1319. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1320. |_[ + ] More details:: / - / , ISP:
1321. |_[ + ] Found:: UNIDENTIFIED
1322. |_[ + ] ERROR CONECTION:: Operation timed out after 5006 milliseconds with 163840 bytes received
1323.  
1324. _[ - ]::--------------------------------------------------------------------------------------------------------------
1325. |_[ + ] [ 70 / 100 ]-[23:02:32] [ - ]
1326. |_[ + ] Target:: [ https://www.foi.org/tag/mattathias/ ]
1327. |_[ + ] Exploit::
1328. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1329. |_[ + ] More details:: / - / , ISP:
1330. |_[ + ] Found:: UNIDENTIFIED
1331.  
1332. _[ - ]::--------------------------------------------------------------------------------------------------------------
1333. |_[ + ] [ 71 / 100 ]-[23:02:38] [ - ]
1334. |_[ + ] Target:: [ https://www.foi.org/tag/fellowship/ ]
1335. |_[ + ] Exploit::
1336. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1337. |_[ + ] More details:: / - / , ISP:
1338. |_[ + ] Found:: UNIDENTIFIED
1339. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1340.  
1341. _[ - ]::--------------------------------------------------------------------------------------------------------------
1342. |_[ + ] [ 72 / 100 ]-[23:02:44] [ - ]
1343. |_[ + ] Target:: [ https://www.foi.org/tag/poland/ ]
1344. |_[ + ] Exploit::
1345. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1346. |_[ + ] More details:: / - / , ISP:
1347. |_[ + ] Found:: UNIDENTIFIED
1348. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1349.  
1350. _[ - ]::--------------------------------------------------------------------------------------------------------------
1351. |_[ + ] [ 73 / 100 ]-[23:02:49] [ - ]
1352. |_[ + ] Target:: [ https://www.foi.org/tag/georgia/ ]
1353. |_[ + ] Exploit::
1354. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1355. |_[ + ] More details:: / - / , ISP:
1356. |_[ + ] Found:: UNIDENTIFIED
1357.  
1358. _[ - ]::--------------------------------------------------------------------------------------------------------------
1359. |_[ + ] [ 74 / 100 ]-[23:02:55] [ - ]
1360. |_[ + ] Target:: [ https://www.foi.org/tag/ohio/ ]
1361. |_[ + ] Exploit::
1362. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1363. |_[ + ] More details:: / - / , ISP:
1364. |_[ + ] Found:: UNIDENTIFIED
1365. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 81920 bytes received
1366.  
1367. _[ - ]::--------------------------------------------------------------------------------------------------------------
1368. |_[ + ] [ 75 / 100 ]-[23:03:01] [ - ]
1369. |_[ + ] Target:: [ https://www.foi.org/tag/muslims/ ]
1370. |_[ + ] Exploit::
1371. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1372. |_[ + ] More details:: / - / , ISP:
1373. |_[ + ] Found:: UNIDENTIFIED
1374. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1375.  
1376. _[ - ]::--------------------------------------------------------------------------------------------------------------
1377. |_[ + ] [ 76 / 100 ]-[23:03:07] [ - ]
1378. |_[ + ] Target:: [ https://www.foi.org/tag/sin/ ]
1379. |_[ + ] Exploit::
1380. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1381. |_[ + ] More details:: / - / , ISP:
1382. |_[ + ] Found:: UNIDENTIFIED
1383. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1384.  
1385. _[ - ]::--------------------------------------------------------------------------------------------------------------
1386. |_[ + ] [ 77 / 100 ]-[23:03:12] [ - ]
1387. |_[ + ] Target:: [ https://www.foi.org/tag/relief/ ]
1388. |_[ + ] Exploit::
1389. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1390. |_[ + ] More details:: / - / , ISP:
1391. |_[ + ] Found:: UNIDENTIFIED
1392.  
1393. _[ - ]::--------------------------------------------------------------------------------------------------------------
1394. |_[ + ] [ 78 / 100 ]-[23:03:18] [ - ]
1395. |_[ + ] Target:: [ https://www.foi.org/free_resource_category/prophecy/ ]
1396. |_[ + ] Exploit::
1397. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1398. |_[ + ] More details:: / - / , ISP:
1399. |_[ + ] Found:: UNIDENTIFIED
1400.  
1401. _[ - ]::--------------------------------------------------------------------------------------------------------------
1402. |_[ + ] [ 79 / 100 ]-[23:03:23] [ - ]
1403. |_[ + ] Target:: [ https://www.foi.org/tag/compassion/ ]
1404. |_[ + ] Exploit::
1405. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1406. |_[ + ] More details:: / - / , ISP:
1407. |_[ + ] Found:: UNIDENTIFIED
1408.  
1409. _[ - ]::--------------------------------------------------------------------------------------------------------------
1410. |_[ + ] [ 80 / 100 ]-[23:03:29] [ - ]
1411. |_[ + ] Target:: [ https://www.foi.org/tag/dallas/ ]
1412. |_[ + ] Exploit::
1413. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1414. |_[ + ] More details:: / - / , ISP:
1415. |_[ + ] Found:: UNIDENTIFIED
1416.  
1417. _[ - ]::--------------------------------------------------------------------------------------------------------------
1418. |_[ + ] [ 81 / 100 ]-[23:03:35] [ - ]
1419. |_[ + ] Target:: [ https://www.foi.org/tag/canada/ ]
1420. |_[ + ] Exploit::
1421. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1422. |_[ + ] More details:: / - / , ISP:
1423. |_[ + ] Found:: UNIDENTIFIED
1424. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1425.  
1426. _[ - ]::--------------------------------------------------------------------------------------------------------------
1427. |_[ + ] [ 82 / 100 ]-[23:03:41] [ - ]
1428. |_[ + ] Target:: [ https://www.foi.org/tag/israaid/ ]
1429. |_[ + ] Exploit::
1430. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1431. |_[ + ] More details:: / - / , ISP:
1432. |_[ + ] Found:: UNIDENTIFIED
1433. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1434.  
1435. _[ - ]::--------------------------------------------------------------------------------------------------------------
1436. |_[ + ] [ 83 / 100 ]-[23:03:46] [ - ]
1437. |_[ + ] Target:: [ https://www.foi.org/tag/burbank/ ]
1438. |_[ + ] Exploit::
1439. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1440. |_[ + ] More details:: / - / , ISP:
1441. |_[ + ] Found:: UNIDENTIFIED
1442. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1443.  
1444. _[ - ]::--------------------------------------------------------------------------------------------------------------
1445. |_[ + ] [ 84 / 100 ]-[23:03:52] [ - ]
1446. |_[ + ] Target:: [ https://www.foi.org/tag/surrey/ ]
1447. |_[ + ] Exploit::
1448. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1449. |_[ + ] More details:: / - / , ISP:
1450. |_[ + ] Found:: UNIDENTIFIED
1451.  
1452. _[ - ]::--------------------------------------------------------------------------------------------------------------
1453. |_[ + ] [ 85 / 100 ]-[23:03:57] [ - ]
1454. |_[ + ] Target:: [ https://www.foi.org/tag/bds/ ]
1455. |_[ + ] Exploit::
1456. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1457. |_[ + ] More details:: / - / , ISP:
1458. |_[ + ] Found:: UNIDENTIFIED
1459. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 114688 bytes received
1460.  
1461. _[ - ]::--------------------------------------------------------------------------------------------------------------
1462. |_[ + ] [ 86 / 100 ]-[23:04:03] [ - ]
1463. |_[ + ] Target:: [ https://www.foi.org/tag/simpsonville/ ]
1464. |_[ + ] Exploit::
1465. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1466. |_[ + ] More details:: / - / , ISP:
1467. |_[ + ] Found:: UNIDENTIFIED
1468. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1469.  
1470. _[ - ]::--------------------------------------------------------------------------------------------------------------
1471. |_[ + ] [ 87 / 100 ]-[23:04:09] [ - ]
1472. |_[ + ] Target:: [ https://www.foi.org/author/bmeissner/ ]
1473. |_[ + ] Exploit::
1474. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1475. |_[ + ] More details:: / - / , ISP:
1476. |_[ + ] Found:: UNIDENTIFIED
1477. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1478.  
1479. _[ - ]::--------------------------------------------------------------------------------------------------------------
1480. |_[ + ] [ 88 / 100 ]-[23:04:14] [ - ]
1481. |_[ + ] Target:: [ https://www.foi.org/tag/shepherd/ ]
1482. |_[ + ] Exploit::
1483. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1484. |_[ + ] More details:: / - / , ISP:
1485. |_[ + ] Found:: UNIDENTIFIED
1486.  
1487. _[ - ]::--------------------------------------------------------------------------------------------------------------
1488. |_[ + ] [ 89 / 100 ]-[23:04:20] [ - ]
1489. |_[ + ] Target:: [ https://www.foi.org/tag/jerusalem/ ]
1490. |_[ + ] Exploit::
1491. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1492. |_[ + ] More details:: / - / , ISP:
1493. |_[ + ] Found:: UNIDENTIFIED
1494. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1495.  
1496. _[ - ]::--------------------------------------------------------------------------------------------------------------
1497. |_[ + ] [ 90 / 100 ]-[23:04:26] [ - ]
1498. |_[ + ] Target:: [ https://www.foi.org/tag/ancestry/ ]
1499. |_[ + ] Exploit::
1500. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1501. |_[ + ] More details:: / - / , ISP:
1502. |_[ + ] Found:: UNIDENTIFIED
1503.  
1504. _[ - ]::--------------------------------------------------------------------------------------------------------------
1505. |_[ + ] [ 91 / 100 ]-[23:04:31] [ - ]
1506. |_[ + ] Target:: [ https://www.foi.org/tag/lancaster/ ]
1507. |_[ + ] Exploit::
1508. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1509. |_[ + ] More details:: / - / , ISP:
1510. |_[ + ] Found:: UNIDENTIFIED
1511. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1512.  
1513. _[ - ]::--------------------------------------------------------------------------------------------------------------
1514. |_[ + ] [ 92 / 100 ]-[23:04:37] [ - ]
1515. |_[ + ] Target:: [ https://www.foi.org/tag/prophets/ ]
1516. |_[ + ] Exploit::
1517. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1518. |_[ + ] More details:: / - / , ISP:
1519. |_[ + ] Found:: UNIDENTIFIED
1520. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 147456 bytes received
1521.  
1522. _[ - ]::--------------------------------------------------------------------------------------------------------------
1523. |_[ + ] [ 93 / 100 ]-[23:04:43] [ - ]
1524. |_[ + ] Target:: [ https://www.foi.org/tag/hymn/ ]
1525. |_[ + ] Exploit::
1526. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1527. |_[ + ] More details:: / - / , ISP:
1528. |_[ + ] Found:: UNIDENTIFIED
1529. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1530.  
1531. _[ - ]::--------------------------------------------------------------------------------------------------------------
1532. |_[ + ] [ 94 / 100 ]-[23:04:49] [ - ]
1533. |_[ + ] Target:: [ https://www.foi.org/tag/shofar/ ]
1534. |_[ + ] Exploit::
1535. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1536. |_[ + ] More details:: / - / , ISP:
1537. |_[ + ] Found:: UNIDENTIFIED
1538. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1539.  
1540. _[ - ]::--------------------------------------------------------------------------------------------------------------
1541. |_[ + ] [ 95 / 100 ]-[23:04:54] [ - ]
1542. |_[ + ] Target:: [ https://www.foi.org/tag/witness/ ]
1543. |_[ + ] Exploit::
1544. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1545. |_[ + ] More details:: / - / , ISP:
1546. |_[ + ] Found:: UNIDENTIFIED
1547. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 81920 bytes received
1548.  
1549. _[ - ]::--------------------------------------------------------------------------------------------------------------
1550. |_[ + ] [ 96 / 100 ]-[23:05:00] [ - ]
1551. |_[ + ] Target:: [ https://www.foi.org/tag/sovereignty/ ]
1552. |_[ + ] Exploit::
1553. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1554. |_[ + ] More details:: / - / , ISP:
1555. |_[ + ] Found:: UNIDENTIFIED
1556. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 114688 bytes received
1557.  
1558. _[ - ]::--------------------------------------------------------------------------------------------------------------
1559. |_[ + ] [ 97 / 100 ]-[23:05:06] [ - ]
1560. |_[ + ] Target:: [ https://www.foi.org/tag/psalms/ ]
1561. |_[ + ] Exploit::
1562. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1563. |_[ + ] More details:: / - / , ISP:
1564. |_[ + ] Found:: UNIDENTIFIED
1565. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 131072 bytes received
1566.  
1567. _[ - ]::--------------------------------------------------------------------------------------------------------------
1568. |_[ + ] [ 98 / 100 ]-[23:05:11] [ - ]
1569. |_[ + ] Target:: [ https://www.foi.org/tag/p51/ ]
1570. |_[ + ] Exploit::
1571. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1572. |_[ + ] More details:: / - / , ISP:
1573. |_[ + ] Found:: UNIDENTIFIED
1574.  
1575. _[ - ]::--------------------------------------------------------------------------------------------------------------
1576. |_[ + ] [ 99 / 100 ]-[23:05:17] [ - ]
1577. |_[ + ] Target:: [ https://www.foi.org/tag/palestine/ ]
1578. |_[ + ] Exploit::
1579. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11 X-Powered-By: PHP/7.2.11, IP:18.209.92.69:443
1580. |_[ + ] More details:: / - / , ISP:
1581. |_[ + ] Found:: UNIDENTIFIED
1582. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 163840 bytes received
1583.  
1584. [ INFO ] [ Shutting down ]
1585. [ INFO ] [ End of process INURLBR at [22-01-2019 23:05:17]
1586. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1587. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-www.foi.org ]
1588. |_________________________________________________________________________________________
1589.  
1590. \_________________________________________________________________________________________/
1591. #######################################################################################################################################
1592. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 23:05 EST
1593. Nmap scan report for www.foi.org (18.209.92.69)
1594. Host is up.
1595. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
1596.  
1597. PORT STATE SERVICE VERSION
1598. 123/udp open|filtered ntp
1599. Too many fingerprints match this host to give specific OS details
1600.  
1601. TRACEROUTE (using proto 1/icmp)
1602. HOP RTT ADDRESS
1603. 1 148.76 ms 10.246.200.1
1604. 2 148.79 ms 193.9.115.113
1605. 3 157.38 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
1606. 4 148.79 ms sfia-b2-link.telia.net (62.115.148.144)
1607. 5 283.18 ms win-bb2-link.telia.net (80.91.251.56)
1608. 6 283.20 ms 62.115.133.79
1609. 7 266.61 ms prs-bb4-link.telia.net (62.115.122.138)
1610. 8 266.78 ms ash-bb3-link.telia.net (62.115.122.159)
1611. 9 266.65 ms ash-b1-link.telia.net (80.91.248.157)
1612. 10 268.04 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
1613. 11 ... 30
1614. #######################################################################################################################################
1615. ^ ^
1616. _ __ _ ____ _ __ _ _ ____
1617. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1618. | V V // o // _/ | V V // 0 // 0 // _/
1619. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1620. <
1621. ...'
1622.  
1623. WAFW00F - Web Application Firewall Detection Tool
1624.  
1625. By Sandro Gauci && Wendel G. Henrique
1626.  
1627. Checking https://www.foi.org
1628. The site https://www.foi.org is behind a ModSecurity (OWASP CRS)
1629. Number of requests: 11
1630. #######################################################################################################################################
1631. https://www.foi.org [200 OK] Apache[2.4.37], Country[UNITED STATES][US], Google-Analytics[UA-1686250-2], HTML5, HTTPServer[Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11], IP[18.209.92.69], JQuery[1.12.4], Lightbox, MetaGenerator[Powered by Slider Revolution 5.4.8 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface.], Open-Graph-Protocol[website], OpenSSL[1.0.2k-fips], PHP[7.2.11], PoweredBy[Slider,The], Script[application/ld+json,text/javascript], Title[Home - The Friends of Israel Gospel Ministry], UncommonHeaders[hummingbird-cache], WordPress, X-Powered-By[PHP/7.2.11]
1632. #######################################################################################################################################
1633. wig - WebApp Information Gatherer
1634.  
1635.  
1636. Scanning https://www.foi.org...
1637. ______________________________ SITE INFO _______________________________
1638. IP Title
1639. 18.209.92.69 Home - The Friends of Israel Gospel Ministry
1640.  
1641. _______________________________ VERSION ________________________________
1642. Name Versions Type
1643. WordPress 5.0.3 CMS
1644. Apache 2.4.37 Platform
1645. PHP 7.2.11 Platform
1646. openssl 1.0.2k-fips Platform
1647.  
1648. _____________________________ INTERESTING ______________________________
1649. URL Note Type
1650. /robots.txt robots.txt index Interesting
1651. /readme.html Readme file Interesting
1652. /test/ Test directory Interesting
1653. /login/ Login Page Interesting
1654.  
1655. ________________________________ TOOLS _________________________________
1656. Name Link Software
1657. wpscan https://github.com/wpscanteam/wpscan WordPress
1658. CMSmap https://github.com/Dionach/CMSmap WordPress
1659.  
1660. ________________________________________________________________________
1661. Time: 3.5 sec Urls: 525 Fingerprints: 40401
1662. #######################################################################################################################################
1663. HTTP/1.1 200 OK
1664. Date: Wed, 23 Jan 2019 04:09:32 GMT
1665. Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
1666. X-Powered-By: PHP/7.2.11
1667. Set-Cookie: wpfront-notification-bar-landingpage=1
1668. Access-Control-Allow-Origin: *
1669. Link: <https://www.foi.org/wp-json/>; rel="https://api.w.org/"
1670. Link: <https://www.foi.org/>; rel=shortlink
1671. X-TEC-API-VERSION: v1
1672. X-TEC-API-ROOT: https://www.foi.org/wp-json/tribe/events/v1/
1673. X-TEC-API-ORIGIN: https://www.foi.org
1674. Cache-Control: max-age=0
1675. Expires: Wed, 23 Jan 2019 04:09:32 GMT
1676. Content-Type: text/html; charset=UTF-8
1677. #######################################################################################################################################
1678. AVAILABLE PLUGINS
1679. -----------------
1680.  
1681. PluginCompression
1682. PluginSessionResumption
1683. PluginChromeSha1Deprecation
1684. PluginHSTS
1685. PluginHeartbleed
1686. PluginSessionRenegotiation
1687. PluginOpenSSLCipherSuites
1688. PluginCertInfo
1689.  
1690.  
1691.  
1692. CHECKING HOST(S) AVAILABILITY
1693. -----------------------------
1694.  
1695. www.foi.org:443 => 18.209.92.69:443
1696.  
1697.  
1698.  
1699. SCAN RESULTS FOR WWW.FOI.ORG:443 - 18.209.92.69:443
1700. ---------------------------------------------------
1701.  
1702. * Deflate Compression:
1703. OK - Compression disabled
1704.  
1705. * Session Renegotiation:
1706. Client-initiated Renegotiations: OK - Rejected
1707. Secure Renegotiation: OK - Supported
1708.  
1709. * OpenSSL Heartbleed:
1710. OK - Not vulnerable to Heartbleed
1711.  
1712. * Certificate - Content:
1713. SHA1 Fingerprint: 2dba78ea54b62924991ce1324279a9ab8c790a24
1714. Common Name: *.foi.org
1715. Issuer: DigiCert SHA2 Secure Server CA
1716. Serial Number: 059BA9CB26083F61F0BF9743486CEDE5
1717. Not Before: Feb 22 00:00:00 2017 GMT
1718. Not After: Feb 27 12:00:00 2020 GMT
1719. Signature Algorithm: sha256WithRSAEncryption
1720. Public Key Algorithm: rsaEncryption
1721. Key Size: 4096 bit
1722. Exponent: 65537 (0x10001)
1723. X509v3 Subject Alternative Name: {'DNS': ['*.foi.org', 'foi.org']}
1724.  
1725. * Certificate - Trust:
1726. Hostname Validation: OK - Subject Alternative Name matches
1727. Google CA Store (09/2015): OK - Certificate is trusted
1728. Java 6 CA Store (Update 65): OK - Certificate is trusted
1729. Microsoft CA Store (09/2015): OK - Certificate is trusted
1730. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
1731. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
1732. Certificate Chain Received: ['*.foi.org', 'DigiCert SHA2 Secure Server CA']
1733.  
1734. * Certificate - OCSP Stapling:
1735. NOT SUPPORTED - Server did not send back an OCSP response.
1736.  
1737. * SSLV2 Cipher Suites:
1738. Server rejected all cipher suites.
1739.  
1740. * Session Resumption:
1741. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1742. With TLS Session Tickets: OK - Supported
1743.  
1744. * TLSV1_2 Cipher Suites:
1745. Preferred:
1746. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
1747. Accepted:
1748. ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
1749. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
1750. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
1751. DHE-RSA-CAMELLIA256-SHA DH-4096 bits 256 bits HTTP 200 OK
1752. DHE-RSA-AES256-SHA256 DH-4096 bits 256 bits HTTP 200 OK
1753. DHE-RSA-AES256-SHA DH-4096 bits 256 bits HTTP 200 OK
1754. DHE-RSA-AES256-GCM-SHA384 DH-4096 bits 256 bits HTTP 200 OK
1755. CAMELLIA256-SHA - 256 bits HTTP 200 OK
1756. AES256-SHA256 - 256 bits HTTP 200 OK
1757. AES256-SHA - 256 bits HTTP 200 OK
1758. AES256-GCM-SHA384 - 256 bits HTTP 200 OK
1759. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 200 OK
1760. ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
1761. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
1762. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
1763. DHE-RSA-SEED-SHA DH-4096 bits 128 bits HTTP 200 OK
1764. DHE-RSA-CAMELLIA128-SHA DH-4096 bits 128 bits HTTP 200 OK
1765. DHE-RSA-AES128-SHA256 DH-4096 bits 128 bits HTTP 200 OK
1766. DHE-RSA-AES128-SHA DH-4096 bits 128 bits HTTP 200 OK
1767. DHE-RSA-AES128-GCM-SHA256 DH-4096 bits 128 bits HTTP 200 OK
1768. SEED-SHA - 128 bits HTTP 200 OK
1769. RC4-SHA - 128 bits HTTP 200 OK
1770. RC4-MD5 - 128 bits HTTP 200 OK
1771. IDEA-CBC-SHA - 128 bits HTTP 200 OK
1772. CAMELLIA128-SHA - 128 bits HTTP 200 OK
1773. AES128-SHA256 - 128 bits HTTP 200 OK
1774. AES128-SHA - 128 bits HTTP 200 OK
1775. AES128-GCM-SHA256 - 128 bits HTTP 200 OK
1776. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
1777. EDH-RSA-DES-CBC3-SHA DH-4096 bits 112 bits HTTP 200 OK
1778. DES-CBC3-SHA - 112 bits HTTP 200 OK
1779.  
1780. * TLSV1_1 Cipher Suites:
1781. Preferred:
1782. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
1783. Accepted:
1784. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
1785. DHE-RSA-CAMELLIA256-SHA DH-4096 bits 256 bits HTTP 200 OK
1786. DHE-RSA-AES256-SHA DH-4096 bits 256 bits HTTP 200 OK
1787. CAMELLIA256-SHA - 256 bits HTTP 200 OK
1788. AES256-SHA - 256 bits HTTP 200 OK
1789. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 200 OK
1790. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
1791. DHE-RSA-SEED-SHA DH-4096 bits 128 bits HTTP 200 OK
1792. DHE-RSA-CAMELLIA128-SHA DH-4096 bits 128 bits HTTP 200 OK
1793. DHE-RSA-AES128-SHA DH-4096 bits 128 bits HTTP 200 OK
1794. SEED-SHA - 128 bits HTTP 200 OK
1795. RC4-SHA - 128 bits HTTP 200 OK
1796. RC4-MD5 - 128 bits HTTP 200 OK
1797. IDEA-CBC-SHA - 128 bits HTTP 200 OK
1798. CAMELLIA128-SHA - 128 bits HTTP 200 OK
1799. AES128-SHA - 128 bits HTTP 200 OK
1800. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
1801. EDH-RSA-DES-CBC3-SHA DH-4096 bits 112 bits HTTP 200 OK
1802. DES-CBC3-SHA - 112 bits HTTP 200 OK
1803.  
1804. * TLSV1 Cipher Suites:
1805. Preferred:
1806. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
1807. Accepted:
1808. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
1809. DHE-RSA-CAMELLIA256-SHA DH-4096 bits 256 bits HTTP 200 OK
1810. DHE-RSA-AES256-SHA DH-4096 bits 256 bits HTTP 200 OK
1811. CAMELLIA256-SHA - 256 bits HTTP 200 OK
1812. AES256-SHA - 256 bits HTTP 200 OK
1813. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 200 OK
1814. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
1815. DHE-RSA-SEED-SHA DH-4096 bits 128 bits HTTP 200 OK
1816. DHE-RSA-CAMELLIA128-SHA DH-4096 bits 128 bits HTTP 200 OK
1817. DHE-RSA-AES128-SHA DH-4096 bits 128 bits HTTP 200 OK
1818. SEED-SHA - 128 bits HTTP 200 OK
1819. RC4-SHA - 128 bits HTTP 200 OK
1820. RC4-MD5 - 128 bits HTTP 200 OK
1821. IDEA-CBC-SHA - 128 bits HTTP 200 OK
1822. CAMELLIA128-SHA - 128 bits HTTP 200 OK
1823. AES128-SHA - 128 bits HTTP 200 OK
1824. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
1825. EDH-RSA-DES-CBC3-SHA DH-4096 bits 112 bits HTTP 200 OK
1826. DES-CBC3-SHA - 112 bits HTTP 200 OK
1827.  
1828. * SSLV3 Cipher Suites:
1829. Server rejected all cipher suites.
1830.  
1831.  
1832.  
1833. SCAN COMPLETED IN 33.93 S
1834. -------------------------
1835. Version: 1.11.12-static
1836. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1837.  
1838. Connected to 18.209.92.69
1839.  
1840. Testing SSL server www.foi.org on port 443 using SNI name www.foi.org
1841.  
1842. TLS Fallback SCSV:
1843. Server supports TLS Fallback SCSV
1844.  
1845. TLS renegotiation:
1846. Secure session renegotiation supported
1847.  
1848. TLS Compression:
1849. Compression disabled
1850.  
1851. Heartbleed:
1852. TLS 1.2 not vulnerable to heartbleed
1853. TLS 1.1 not vulnerable to heartbleed
1854. TLS 1.0 not vulnerable to heartbleed
1855.  
1856. Supported Server Cipher(s):
1857. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1858. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1859. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1860. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 4096 bits
1861. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 4096 bits
1862. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 4096 bits
1863. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 4096 bits
1864. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1865. Accepted TLSv1.2 256 bits AES256-SHA256
1866. Accepted TLSv1.2 256 bits AES256-SHA
1867. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1868. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1869. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1870. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1871. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 4096 bits
1872. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 4096 bits
1873. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 4096 bits
1874. Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 4096 bits
1875. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 4096 bits
1876. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1877. Accepted TLSv1.2 128 bits AES128-SHA256
1878. Accepted TLSv1.2 128 bits AES128-SHA
1879. Accepted TLSv1.2 128 bits SEED-SHA
1880. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1881. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1882. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 4096 bits
1883. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1884. Accepted TLSv1.2 128 bits IDEA-CBC-SHA
1885. Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1886. Accepted TLSv1.2 128 bits RC4-SHA
1887. Accepted TLSv1.2 128 bits RC4-MD5
1888. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1889. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 4096 bits
1890. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 4096 bits
1891. Accepted TLSv1.1 256 bits AES256-SHA
1892. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1893. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1894. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 4096 bits
1895. Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 4096 bits
1896. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 4096 bits
1897. Accepted TLSv1.1 128 bits AES128-SHA
1898. Accepted TLSv1.1 128 bits SEED-SHA
1899. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1900. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1901. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 4096 bits
1902. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1903. Accepted TLSv1.1 128 bits IDEA-CBC-SHA
1904. Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1905. Accepted TLSv1.1 128 bits RC4-SHA
1906. Accepted TLSv1.1 128 bits RC4-MD5
1907. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1908. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 4096 bits
1909. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 4096 bits
1910. Accepted TLSv1.0 256 bits AES256-SHA
1911. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
1912. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1913. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 4096 bits
1914. Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 4096 bits
1915. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 4096 bits
1916. Accepted TLSv1.0 128 bits AES128-SHA
1917. Accepted TLSv1.0 128 bits SEED-SHA
1918. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
1919. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1920. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 4096 bits
1921. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1922. Accepted TLSv1.0 128 bits IDEA-CBC-SHA
1923. Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1924. Accepted TLSv1.0 128 bits RC4-SHA
1925. Accepted TLSv1.0 128 bits RC4-MD5
1926.  
1927. SSL Certificate:
1928. Signature Algorithm: sha256WithRSAEncryption
1929. RSA Key Strength: 4096
1930.  
1931. Subject: *.foi.org
1932. Altnames: DNS:*.foi.org, DNS:foi.org
1933. Issuer: DigiCert SHA2 Secure Server CA
1934.  
1935. Not valid before: Feb 22 00:00:00 2017 GMT
1936. Not valid after: Feb 27 12:00:00 2020 GMT
1937. #######################################################################################################################################
1938. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 23:15 EST
1939. NSE: Loaded 149 scripts for scanning.
1940. NSE: Script Pre-scanning.
1941. NSE: Starting runlevel 1 (of 3) scan.
1942. Initiating NSE at 23:15
1943. Completed NSE at 23:15, 0.00s elapsed
1944. NSE: Starting runlevel 2 (of 3) scan.
1945. Initiating NSE at 23:15
1946. Completed NSE at 23:15, 0.00s elapsed
1947. NSE: Starting runlevel 3 (of 3) scan.
1948. Initiating NSE at 23:15
1949. Completed NSE at 23:15, 0.00s elapsed
1950. Initiating Ping Scan at 23:15
1951. Scanning www.foi.org (18.209.92.69) [4 ports]
1952. Completed Ping Scan at 23:15, 0.32s elapsed (1 total hosts)
1953. Initiating Parallel DNS resolution of 1 host. at 23:15
1954. Completed Parallel DNS resolution of 1 host. at 23:15, 0.02s elapsed
1955. Initiating Connect Scan at 23:15
1956. Scanning www.foi.org (18.209.92.69) [1000 ports]
1957. Discovered open port 443/tcp on 18.209.92.69
1958. Discovered open port 80/tcp on 18.209.92.69
1959. Completed Connect Scan at 23:16, 15.44s elapsed (1000 total ports)
1960. Initiating Service scan at 23:16
1961. Scanning 2 services on www.foi.org (18.209.92.69)
1962. Completed Service scan at 23:16, 13.78s elapsed (2 services on 1 host)
1963. Initiating OS detection (try #1) against www.foi.org (18.209.92.69)
1964. Retrying OS detection (try #2) against www.foi.org (18.209.92.69)
1965. Initiating Traceroute at 23:16
1966. Completed Traceroute at 23:16, 6.33s elapsed
1967. Initiating Parallel DNS resolution of 10 hosts. at 23:16
1968. Completed Parallel DNS resolution of 10 hosts. at 23:16, 16.50s elapsed
1969. NSE: Script scanning 18.209.92.69.
1970. NSE: Starting runlevel 1 (of 3) scan.
1971. Initiating NSE at 23:16
1972. NSE Timing: About 99.63% done; ETC: 23:17 (0:00:00 remaining)
1973. Completed NSE at 23:17, 49.16s elapsed
1974. NSE: Starting runlevel 2 (of 3) scan.
1975. Initiating NSE at 23:17
1976. Completed NSE at 23:17, 3.01s elapsed
1977. NSE: Starting runlevel 3 (of 3) scan.
1978. Initiating NSE at 23:17
1979. Completed NSE at 23:17, 0.00s elapsed
1980. Nmap scan report for www.foi.org (18.209.92.69)
1981. Host is up, received reset ttl 13 (0.23s latency).
1982. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
1983. Scanned at 2019-01-22 23:15:53 EST for 111s
1984. Not shown: 995 filtered ports
1985. Reason: 995 no-responses
1986. PORT STATE SERVICE REASON VERSION
1987. 25/tcp closed smtp conn-refused
1988. 80/tcp open http syn-ack Apache httpd 2.4.37 ((Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11)
1989. | http-methods:
1990. |_ Supported Methods: GET HEAD POST OPTIONS
1991. |_http-server-header: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
1992. |_http-title: Did not follow redirect to https://www.foi.org/
1993. 139/tcp closed netbios-ssn conn-refused
1994. 443/tcp open ssl/ssl syn-ack Apache httpd (SSL-only mode)
1995. |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
1996. |_http-generator: Powered by Slider Revolution 5.4.8 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface.
1997. | http-methods:
1998. |_ Supported Methods: GET HEAD POST OPTIONS
1999. | http-robots.txt: 1 disallowed entry
2000. |_/wp-admin/
2001. |_http-server-header: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2002. |_http-title: Home - The Friends of Israel Gospel Ministry
2003. |_http-trane-info: Problem with XML parsing of /evox/about
2004. | ssl-cert: Subject: commonName=*.foi.org/organizationName=THE FRIENDS OF ISRAEL GOSPEL MINISTRY, INC/stateOrProvinceName=New Jersey/countryName=US/organizationalUnitName=IT/localityName=Bellmawr
2005. | Subject Alternative Name: DNS:*.foi.org, DNS:foi.org
2006. | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
2007. | Public Key type: rsa
2008. | Public Key bits: 4096
2009. | Signature Algorithm: sha256WithRSAEncryption
2010. | Not valid before: 2017-02-22T00:00:00
2011. | Not valid after: 2020-02-27T12:00:00
2012. | MD5: 1c8a 85b6 8818 d69f b4ea bff0 d573 c53c
2013. | SHA-1: 2dba 78ea 54b6 2924 991c e132 4279 a9ab 8c79 0a24
2014. | -----BEGIN CERTIFICATE-----
2015. | MIIGPjCCBSagAwIBAgIQBZupyyYIP2Hwv5dDSGzt5TANBgkqhkiG9w0BAQsFADBN
2016. | MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
2017. | aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcwMjIyMDAwMDAwWhcN
2018. | MjAwMjI3MTIwMDAwWjCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJz
2019. | ZXkxETAPBgNVBAcTCEJlbGxtYXdyMTMwMQYDVQQKEypUSEUgRlJJRU5EUyBPRiBJ
2020. | U1JBRUwgR09TUEVMIE1JTklTVFJZLCBJTkMxCzAJBgNVBAsTAklUMRIwEAYDVQQD
2021. | DAkqLmZvaS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCCU5z
2022. | ebJAHUEUL4804t6fZ2bUIbgsRe5FrwsjHqfST6IEaToPq1tQGao5qryfVNzBatxg
2023. | 4jqm67fK6LqrSzrpFJ1jvxulWRG8LS2v9ZcpmT6Z1l8FKBxiKc7b/w9RJnjwXskz
2024. | fPStJnjlpjhokbOSsT4vO1lkXZVx3ftHg76q+aAQazGvbtk+NC3qReA2JqkNKBTA
2025. | HIVDIwv3ft5GCORJfxICLy909nGhZ6kZt+kp32g4slR2Utek2tx1JwYB3sLwS5cf
2026. | Esh0bfeWOcuwkTAZwXn05WoxNFFOLykTgkPlWTi5F+KOd+1BR5mKoOSbfTKm5Bbi
2027. | jmvVwyasgzZQWMI6D0Z62ZcQWesS9APmux+++VO6gmEwdm/D8R8LVCJKICDLo2tT
2028. | CTufMMxsIhvYGlkZbJ7OWuDtxzxuDhRNgBflNz9Uv3L+RYLFKDuRt3KFVOWC+l4y
2029. | 3rkamvEQa3lJJbxEIimy//UpozsPXyvxgQwSjXWUpzFKCP57a2q9nXiThZ7sx/0r
2030. | jUlryDvKSb6BdBa7JbTHG6fEx15dRHbORSkSQq0IOvLBn7inJh0duapTRBLXMQfC
2031. | hsJFqHEV8O1joOy7UfNjRHoQ7mNGXPZvt4E+yG1AiznwfoMkVF4fUi46xH8DsXF4
2032. | YonTNvPHkEp1FNLB4oMGt3QFx+kC8kbneclHJQIDAQABo4IB2TCCAdUwHwYDVR0j
2033. | BBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFGbukck0/PJCTc3s
2034. | e5RV5QGtNWN6MB0GA1UdEQQWMBSCCSouZm9pLm9yZ4IHZm9pLm9yZzAOBgNVHQ8B
2035. | Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRk
2036. | MGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzUu
2037. | Y3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc1
2038. | LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRw
2039. | czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRw
2040. | MG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEF
2041. | BQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNl
2042. | Y3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IB
2043. | AQCb/v/zHNref35lVOC99Io6gYkX/tEtR8NINuOzeKBLNnXXQxmJFiD1socik89v
2044. | ezjoHcbqIXWLNaJn8DuNQXMCGy6V/gTk69qNdCnwuMy7LQIPWogJ8zzg1uO9sfzf
2045. | g1uu1xAX0aNEBeNuMNgM48XPDxxfce2ZSVcqpd2Psjs4YKLbtPEQpZkdpCAo0a3c
2046. | cTtk+1f88nkwW+kIPzo7OHmP6AiiJA8ktFVnUVjsdRkIWZPwgjOLxwE+9tajqEe2
2047. | zyv8U7HZSSykUe78BIqp1iCHCwLYC75FEK6d2g7L2FVDIVnCt76YrpZpwXNj12B0
2048. | ZhJwej3CxYsZbOvxxnpvJPEh
2049. |_-----END CERTIFICATE-----
2050. |_ssl-date: TLS randomness does not represent time
2051. | tls-alpn:
2052. |_ http/1.1
2053. 445/tcp closed microsoft-ds conn-refused
2054. Device type: storage-misc|general purpose|WAP
2055. Running (JUST GUESSING): HP embedded (86%), Linux 2.6.X|3.X (85%), Ubiquiti embedded (85%), Ubiquiti AirOS 5.X (85%)
2056. OS CPE: cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:ubnt:airmax_nanostation cpe:/o:ubnt:airos:5.5.9
2057. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
2058. Aggressive OS guesses: HP P2000 G3 NAS device (86%), Linux 2.6.32 (85%), Linux 2.6.32 - 3.1 (85%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (85%), Linux 3.7 (85%), Ubiquiti AirOS 5.5.9 (85%), Ubiquiti Pico Station WAP (AirOS 5.2.6) (85%)
2059. No exact OS matches for host (test conditions non-ideal).
2060. TCP/IP fingerprint:
2061. SCAN(V=7.70SVN%E=4%D=1/22%OT=80%CT=25%CU=%PV=N%G=N%TM=5C47EAE8%P=x86_64-unknown-linux-gnu)
2062. SEQ(SP=104%GCD=1%ISR=108%TI=Z%CI=Z%TS=A)
2063. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
2064. WIN(W1=68DF%W2=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)
2065. ECN(R=Y%DF=Y%TG=FF%W=6903%O=M4B3NNSNW7%CC=Y%Q=)
2066. T1(R=Y%DF=Y%TG=FF%S=O%A=S+%F=AS%RD=0%Q=)
2067. T2(R=N)
2068. T3(R=N)
2069. T4(R=Y%DF=Y%TG=20%W=400%S=A%A=Z%F=R%O=%RD=0%Q=)
2070. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
2071. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
2072. T7(R=N)
2073. U1(R=N)
2074. IE(R=N)
2075.  
2076. Uptime guess: 21.330 days (since Tue Jan 1 15:21:57 2019)
2077. TCP Sequence Prediction: Difficulty=260 (Good luck!)
2078. IP ID Sequence Generation: All zeros
2079.  
2080. TRACEROUTE (using proto 1/icmp)
2081. HOP RTT ADDRESS
2082. 1 143.82 ms 10.246.200.1
2083. 2 143.88 ms 193.9.115.113
2084. 3 143.86 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2085. 4 143.88 ms sfia-b2-link.telia.net (62.115.148.144)
2086. 5 279.44 ms win-bb2-link.telia.net (80.91.251.56)
2087. 6 278.79 ms 62.115.133.79
2088. 7 261.84 ms prs-bb4-link.telia.net (62.115.122.138)
2089. 8 262.80 ms ash-bb3-link.telia.net (62.115.122.159)
2090. 9 261.83 ms ash-b1-link.telia.net (80.91.248.157)
2091. 10 263.67 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2092. 11 ... 30
2093.  
2094. NSE: Script Post-scanning.
2095. NSE: Starting runlevel 1 (of 3) scan.
2096. Initiating NSE at 23:17
2097. Completed NSE at 23:17, 0.00s elapsed
2098. NSE: Starting runlevel 2 (of 3) scan.
2099. Initiating NSE at 23:17
2100. Completed NSE at 23:17, 0.00s elapsed
2101. NSE: Starting runlevel 3 (of 3) scan.
2102. Initiating NSE at 23:17
2103. Completed NSE at 23:17, 0.00s elapsed
2104. Read data files from: /usr/local/bin/../share/nmap
2105. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2106. Nmap done: 1 IP address (1 host up) scanned in 112.50 seconds
2107. Raw packets sent: 142 (9.952KB) | Rcvd: 2191 (1.339MB)
2108. #######################################################################################################################################
2109. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 23:17 EST
2110. NSE: Loaded 149 scripts for scanning.
2111. NSE: Script Pre-scanning.
2112. Initiating NSE at 23:17
2113. Completed NSE at 23:17, 0.00s elapsed
2114. Initiating NSE at 23:17
2115. Completed NSE at 23:17, 0.00s elapsed
2116. Initiating NSE at 23:17
2117. Completed NSE at 23:17, 0.00s elapsed
2118. Initiating Parallel DNS resolution of 1 host. at 23:17
2119. Completed Parallel DNS resolution of 1 host. at 23:17, 0.04s elapsed
2120. Initiating UDP Scan at 23:17
2121. Scanning www.foi.org (18.209.92.69) [13 ports]
2122. Completed UDP Scan at 23:17, 2.34s elapsed (13 total ports)
2123. Initiating Service scan at 23:17
2124. Scanning 11 services on www.foi.org (18.209.92.69)
2125. Service scan Timing: About 9.09% done; ETC: 23:35 (0:16:10 remaining)
2126. Completed Service scan at 23:19, 102.58s elapsed (11 services on 1 host)
2127. Initiating OS detection (try #1) against www.foi.org (18.209.92.69)
2128. Retrying OS detection (try #2) against www.foi.org (18.209.92.69)
2129. Initiating Traceroute at 23:19
2130. Completed Traceroute at 23:19, 7.33s elapsed
2131. Initiating Parallel DNS resolution of 1 host. at 23:19
2132. Completed Parallel DNS resolution of 1 host. at 23:19, 0.03s elapsed
2133. NSE: Script scanning 18.209.92.69.
2134. Initiating NSE at 23:19
2135. Completed NSE at 23:22, 154.39s elapsed
2136. Initiating NSE at 23:22
2137. Completed NSE at 23:22, 1.09s elapsed
2138. Initiating NSE at 23:22
2139. Completed NSE at 23:22, 0.00s elapsed
2140. Nmap scan report for www.foi.org (18.209.92.69)
2141. Host is up (0.14s latency).
2142. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
2143.  
2144. PORT STATE SERVICE VERSION
2145. 53/udp open|filtered domain
2146. 67/udp open|filtered dhcps
2147. 68/udp open|filtered dhcpc
2148. 69/udp open|filtered tftp
2149. 88/udp open|filtered kerberos-sec
2150. 123/udp open|filtered ntp
2151. 137/udp filtered netbios-ns
2152. 138/udp filtered netbios-dgm
2153. 139/udp open|filtered netbios-ssn
2154. 162/udp open|filtered snmptrap
2155. 389/udp open|filtered ldap
2156. 520/udp open|filtered route
2157. 2049/udp open|filtered nfs
2158. Too many fingerprints match this host to give specific OS details
2159.  
2160. TRACEROUTE (using port 138/udp)
2161. HOP RTT ADDRESS
2162. 1 ... 3
2163. 4 143.98 ms 10.246.200.1
2164. 5 145.76 ms 10.246.200.1
2165. 6 145.75 ms 10.246.200.1
2166. 7 145.75 ms 10.246.200.1
2167. 8 145.74 ms 10.246.200.1
2168. 9 145.74 ms 10.246.200.1
2169. 10 145.76 ms 10.246.200.1
2170. 11 ... 15
2171. 16 143.50 ms 10.246.200.1
2172. 17 ... 18
2173. 19 143.79 ms 10.246.200.1
2174. 20 142.38 ms 10.246.200.1
2175. 21 145.26 ms 10.246.200.1
2176. 22 ... 29
2177. 30 143.75 ms 10.246.200.1
2178.  
2179. NSE: Script Post-scanning.
2180. Initiating NSE at 23:22
2181. Completed NSE at 23:22, 0.00s elapsed
2182. Initiating NSE at 23:22
2183. Completed NSE at 23:22, 0.00s elapsed
2184. Initiating NSE at 23:22
2185. Completed NSE at 23:22, 0.00s elapsed
2186. Read data files from: /usr/local/bin/../share/nmap
2187. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2188. Nmap done: 1 IP address (1 host up) scanned in 273.75 seconds
2189. Raw packets sent: 146 (9.816KB) | Rcvd: 2403 (1.255MB)
2190. #######################################################################################################################################
2191. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 23:22 EST
2192. Nmap scan report for www.foi.org (18.209.92.69)
2193. Host is up (0.18s latency).
2194. rDNS record for 18.209.92.69: ec2-18-209-92-69.compute-1.amazonaws.com
2195. Not shown: 21 filtered ports, 3 closed ports
2196. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2197. PORT STATE SERVICE
2198. 80/tcp open http
2199. 443/tcp open https
2200. #######################################################################################################################################
2201. * default
2202. * default
2203. [*] Importing 'Nmap XML' data
2204. [*] Import: Parsing with 'Nokogiri v1.10.0'
2205. [*] Importing host 18.209.92.69
2206. [*] Successfully imported /usr/share/sniper/loot/www.foi.org/nmap/nmap-udp-www.foi.org.xml
2207. [*] Importing 'Nmap XML' data
2208. [*] Import: Parsing with 'Nokogiri v1.10.0'
2209. [*] Importing host 18.209.92.69
2210. [*] Successfully imported /usr/share/sniper/loot/www.foi.org/nmap/nmap-www.foi.org-udp.xml
2211. [*] Importing 'Nmap XML' data
2212. [*] Import: Parsing with 'Nokogiri v1.10.0'
2213. [*] Importing host 18.209.92.69
2214. [*] Successfully imported /usr/share/sniper/loot/www.foi.org/nmap/nmap-www.foi.org.xml
2215. #######################################################################################################################################
2216. Hosts
2217. =====
2218.  
2219. address mac name os_name os_flavor os_sp purpose info comments
2220. ------- --- ---- ------- --------- ----- ------- ---- --------
2221. 18.209.92.69 ec2-18-209-92-69.compute-1.amazonaws.com embedded device
2222. 165.98.58.12 wh1.redkangaroo.net.ni Unknown device
2223.  
2224. Services
2225. ========
2226.  
2227. host port proto name state info
2228. ---- ---- ----- ---- ----- ----
2229. 18.209.92.69 25 tcp smtp closed
2230. 18.209.92.69 53 udp domain unknown
2231. 18.209.92.69 67 udp dhcps unknown
2232. 18.209.92.69 68 udp dhcpc unknown
2233. 18.209.92.69 69 udp tftp unknown
2234. 18.209.92.69 80 tcp http open Apache httpd 2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2235. 18.209.92.69 88 udp kerberos-sec unknown
2236. 18.209.92.69 123 udp ntp unknown
2237. 18.209.92.69 137 udp netbios-ns filtered
2238. 18.209.92.69 138 udp netbios-dgm filtered
2239. 18.209.92.69 139 tcp netbios-ssn closed
2240. 18.209.92.69 139 udp netbios-ssn unknown
2241. 18.209.92.69 162 udp snmptrap unknown
2242. 18.209.92.69 389 udp ldap unknown
2243. 18.209.92.69 443 tcp ssl/ssl open Apache httpd SSL-only mode
2244. 18.209.92.69 445 tcp microsoft-ds closed
2245. 18.209.92.69 520 udp route unknown
2246. 18.209.92.69 2049 udp nfs unknown
2247. 165.98.58.12 53 udp domain unknown
2248. 165.98.58.12 67 udp dhcps unknown
2249. 165.98.58.12 68 udp dhcpc unknown
2250. 165.98.58.12 69 udp tftp unknown
2251. 165.98.58.12 88 udp kerberos-sec unknown
2252. 165.98.58.12 123 udp ntp unknown
2253. 165.98.58.12 137 udp netbios-ns filtered
2254. 165.98.58.12 138 udp netbios-dgm filtered
2255. 165.98.58.12 139 udp netbios-ssn unknown
2256. 165.98.58.12 162 udp snmptrap unknown
2257. 165.98.58.12 389 udp ldap unknown
2258. 165.98.58.12 520 udp route unknown
2259. 165.98.58.12 2049 udp nfs unknown
2260. #######################################################################################################################################
2261. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:16 EST
2262. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2263. Host is up (0.16s latency).
2264. Not shown: 471 filtered ports, 3 closed ports
2265. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2266. PORT STATE SERVICE
2267. 80/tcp open http
2268. 443/tcp open https
2269. #######################################################################################################################################
2270. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:16 EST
2271. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2272. Host is up (0.14s latency).
2273. Not shown: 2 filtered ports
2274. PORT STATE SERVICE
2275. 53/udp open|filtered domain
2276. 67/udp open|filtered dhcps
2277. 68/udp open|filtered dhcpc
2278. 69/udp open|filtered tftp
2279. 88/udp open|filtered kerberos-sec
2280. 123/udp open|filtered ntp
2281. 139/udp open|filtered netbios-ssn
2282. 162/udp open|filtered snmptrap
2283. 389/udp open|filtered ldap
2284. 520/udp open|filtered route
2285. 2049/udp open|filtered nfs
2286. #######################################################################################################################################
2287. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:16 EST
2288. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2289. Host is up.
2290.  
2291. PORT STATE SERVICE VERSION
2292. 67/udp open|filtered dhcps
2293. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2294. Too many fingerprints match this host to give specific OS details
2295.  
2296. TRACEROUTE (using proto 1/icmp)
2297. HOP RTT ADDRESS
2298. 1 151.87 ms 10.246.200.1
2299. 2 152.08 ms 193.9.115.113
2300. 3 152.07 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2301. 4 151.90 ms sfia-b2-link.telia.net (62.115.148.144)
2302. 5 286.98 ms win-bb2-link.telia.net (80.91.251.56)
2303. 6 286.96 ms 62.115.133.79
2304. 7 270.20 ms prs-bb4-link.telia.net (62.115.122.138)
2305. 8 270.55 ms ash-bb3-link.telia.net (62.115.122.159)
2306. 9 270.23 ms ash-b1-link.telia.net (80.91.248.157)
2307. 10 271.54 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2308. 11 ... 30
2309. #######################################################################################################################################
2310. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:18 EST
2311. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2312. Host is up.
2313.  
2314. PORT STATE SERVICE VERSION
2315. 68/udp open|filtered dhcpc
2316. Too many fingerprints match this host to give specific OS details
2317.  
2318. TRACEROUTE (using proto 1/icmp)
2319. HOP RTT ADDRESS
2320. 1 144.36 ms 10.246.200.1
2321. 2 144.76 ms 193.9.115.113
2322. 3 145.39 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2323. 4 144.58 ms sfia-b2-link.telia.net (62.115.148.144)
2324. 5 281.15 ms win-bb2-link.telia.net (80.91.251.56)
2325. 6 280.40 ms 62.115.133.79
2326. 7 264.17 ms prs-bb4-link.telia.net (62.115.122.138)
2327. 8 263.01 ms ash-bb3-link.telia.net (62.115.122.159)
2328. 9 263.05 ms ash-b1-link.telia.net (80.91.248.157)
2329. 10 264.75 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2330. 11 ... 30
2331. #######################################################################################################################################
2332. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:20 EST
2333. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2334. Host is up.
2335.  
2336. PORT STATE SERVICE VERSION
2337. 69/udp open|filtered tftp
2338. Too many fingerprints match this host to give specific OS details
2339.  
2340. TRACEROUTE (using proto 1/icmp)
2341. HOP RTT ADDRESS
2342. 1 144.75 ms 10.246.200.1
2343. 2 145.06 ms 193.9.115.113
2344. 3 144.79 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2345. 4 144.79 ms sfia-b2-link.telia.net (62.115.148.144)
2346. 5 280.07 ms win-bb2-link.telia.net (80.91.251.56)
2347. 6 280.11 ms 62.115.133.79
2348. 7 271.06 ms prs-bb4-link.telia.net (62.115.122.138)
2349. 8 263.30 ms ash-bb3-link.telia.net (62.115.122.159)
2350. 9 263.36 ms ash-b1-link.telia.net (80.91.248.157)
2351. 10 264.96 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2352. 11 ... 30
2353. #######################################################################################################################################
2354.  
2355. ^ ^
2356. _ __ _ ____ _ __ _ _ ____
2357. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2358. | V V // o // _/ | V V // 0 // 0 // _/
2359. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2360. <
2361. ...'
2362.  
2363. WAFW00F - Web Application Firewall Detection Tool
2364.  
2365. By Sandro Gauci && Wendel G. Henrique
2366.  
2367. Checking http://18.209.92.69
2368. Generic Detection results:
2369. No WAF detected by the generic detection
2370. Number of requests: 14
2371. #######################################################################################################################################
2372. wig - WebApp Information Gatherer
2373.  
2374.  
2375. Scanning http://18.209.92.69...
2376. __________________ SITE INFO ___________________
2377. IP Title
2378. 18.209.92.69
2379.  
2380. ___________________ VERSION ____________________
2381. Name Versions Type
2382. Apache 2.4.37 Platform
2383. PHP 7.2.11 Platform
2384. openssl 1.0.2k-fips Platform
2385.  
2386. ________________________________________________
2387. Time: 56.5 sec Urls: 808 Fingerprints: 40401
2388. #######################################################################################################################################
2389. HTTP/1.1 200 OK
2390. Date: Wed, 23 Jan 2019 03:24:17 GMT
2391. Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2392. Last-Modified: Fri, 28 Sep 2018 15:08:52 GMT
2393. ETag: "9-576efd55f2d69"
2394. Accept-Ranges: bytes
2395. Content-Length: 9
2396. Content-Type: text/html; charset=UTF-8
2397. #######################################################################################################################################
2398. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:24 EST
2399. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2400. Host is up.
2401.  
2402. PORT STATE SERVICE VERSION
2403. 123/udp open|filtered ntp
2404. Too many fingerprints match this host to give specific OS details
2405.  
2406. TRACEROUTE (using proto 1/icmp)
2407. HOP RTT ADDRESS
2408. 1 145.95 ms 10.246.200.1
2409. 2 146.42 ms 193.9.115.113
2410. 3 146.00 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2411. 4 146.03 ms sfia-b2-link.telia.net (62.115.148.144)
2412. 5 281.36 ms win-bb2-link.telia.net (80.91.251.56)
2413. 6 281.41 ms 62.115.133.79
2414. 7 264.37 ms prs-bb4-link.telia.net (62.115.122.138)
2415. 8 264.43 ms ash-bb3-link.telia.net (62.115.122.159)
2416. 9 264.43 ms ash-b1-link.telia.net (80.91.248.157)
2417. 10 266.61 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2418. 11 ... 30
2419. #######################################################################################################################################
2420.  
2421. ^ ^
2422. _ __ _ ____ _ __ _ _ ____
2423. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2424. | V V // o // _/ | V V // 0 // 0 // _/
2425. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2426. <
2427. ...'
2428.  
2429. WAFW00F - Web Application Firewall Detection Tool
2430.  
2431. By Sandro Gauci && Wendel G. Henrique
2432.  
2433. Checking https://18.209.92.69
2434. Generic Detection results:
2435. No WAF detected by the generic detection
2436. Number of requests: 13
2437. #######################################################################################################################################
2438. https://18.209.92.69 [403 Forbidden] Apache[2.4.37], Country[UNITED STATES][US], Email[webmaster@example.com], HTTPServer[Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11], IP[18.209.92.69], OpenSSL[1.0.2k-fips], PHP[7.2.11], PoweredBy[Apache,the], Title[Test Page for the Apache HTTP Server on the Amazon Linux AMI]
2439. #######################################################################################################################################
2440.  
2441.  
2442. AVAILABLE PLUGINS
2443. -----------------
2444.  
2445. PluginCompression
2446. PluginSessionResumption
2447. PluginChromeSha1Deprecation
2448. PluginHSTS
2449. PluginHeartbleed
2450. PluginCertInfo
2451. PluginSessionRenegotiation
2452. PluginOpenSSLCipherSuites
2453.  
2454.  
2455.  
2456. CHECKING HOST(S) AVAILABILITY
2457. -----------------------------
2458.  
2459. 18.209.92.69:443 => 18.209.92.69:443
2460.  
2461.  
2462.  
2463. SCAN RESULTS FOR 18.209.92.69:443 - 18.209.92.69:443
2464. ----------------------------------------------------
2465.  
2466. * Deflate Compression:
2467. OK - Compression disabled
2468.  
2469. * Session Renegotiation:
2470. Client-initiated Renegotiations: OK - Rejected
2471. Secure Renegotiation: OK - Supported
2472.  
2473. * Certificate - Content:
2474. SHA1 Fingerprint: 82d8c2ec22fcf375ad5f44ac9f7be27466377d96
2475. Common Name: ip-172-18-2-161
2476. Issuer: ip-172-18-2-161
2477. Serial Number: 634A
2478. Not Before: Sep 17 16:49:21 2018 GMT
2479. Not After: Sep 17 16:49:21 2019 GMT
2480. Signature Algorithm: sha256WithRSAEncryption
2481. Public Key Algorithm: rsaEncryption
2482. Key Size: 2048 bit
2483. Exponent: 65537 (0x10001)
2484. X509v3 Subject Alternative Name: {'DNS': ['localhost', 'localhost.localdomain', 'ip-172-18-2-161', 'ip-172-18-2-161.ec2.internal']}
2485.  
2486. * Certificate - Trust:
2487. Hostname Validation: FAILED - Certificate does NOT match 18.209.92.69
2488. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2489. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
2490. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2491. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2492. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
2493. Certificate Chain Received: ['ip-172-18-2-161']
2494.  
2495. * Certificate - OCSP Stapling:
2496. NOT SUPPORTED - Server did not send back an OCSP response.
2497.  
2498. * Session Resumption:
2499. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
2500. With TLS Session Tickets: OK - Supported
2501.  
2502. * SSLV2 Cipher Suites:
2503. Server rejected all cipher suites.
2504.  
2505. Unhandled exception when processing --heartbleed:
2506. socket.timeout - timed out
2507.  
2508. * TLSV1_2 Cipher Suites:
2509. Preferred:
2510. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 403 Forbidden
2511. Accepted:
2512. ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 403 Forbidden
2513. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 403 Forbidden
2514. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 403 Forbidden
2515. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2516. DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 403 Forbidden
2517. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2518. DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 403 Forbidden
2519. CAMELLIA256-SHA - 256 bits HTTP 403 Forbidden
2520. AES256-SHA256 - 256 bits HTTP 403 Forbidden
2521. AES256-SHA - 256 bits HTTP 403 Forbidden
2522. AES256-GCM-SHA384 - 256 bits HTTP 403 Forbidden
2523. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2524. ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 403 Forbidden
2525. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2526. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 403 Forbidden
2527. DHE-RSA-SEED-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2528. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2529. DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 403 Forbidden
2530. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2531. DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 403 Forbidden
2532. SEED-SHA - 128 bits HTTP 403 Forbidden
2533. RC4-SHA - 128 bits HTTP 403 Forbidden
2534. RC4-MD5 - 128 bits HTTP 403 Forbidden
2535. IDEA-CBC-SHA - 128 bits HTTP 403 Forbidden
2536. CAMELLIA128-SHA - 128 bits HTTP 403 Forbidden
2537. AES128-SHA256 - 128 bits HTTP 403 Forbidden
2538. AES128-SHA - 128 bits HTTP 403 Forbidden
2539. AES128-GCM-SHA256 - 128 bits HTTP 403 Forbidden
2540. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 403 Forbidden
2541. EDH-RSA-DES-CBC3-SHA DH-2048 bits 112 bits HTTP 403 Forbidden
2542. DES-CBC3-SHA - 112 bits HTTP 403 Forbidden
2543.  
2544. * TLSV1_1 Cipher Suites:
2545. Preferred:
2546. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 403 Forbidden
2547. Accepted:
2548. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 403 Forbidden
2549. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2550. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2551. CAMELLIA256-SHA - 256 bits HTTP 403 Forbidden
2552. AES256-SHA - 256 bits HTTP 403 Forbidden
2553. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2554. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2555. DHE-RSA-SEED-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2556. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2557. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2558. SEED-SHA - 128 bits HTTP 403 Forbidden
2559. RC4-SHA - 128 bits HTTP 403 Forbidden
2560. RC4-MD5 - 128 bits HTTP 403 Forbidden
2561. IDEA-CBC-SHA - 128 bits HTTP 403 Forbidden
2562. CAMELLIA128-SHA - 128 bits HTTP 403 Forbidden
2563. AES128-SHA - 128 bits HTTP 403 Forbidden
2564. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 403 Forbidden
2565. EDH-RSA-DES-CBC3-SHA DH-2048 bits 112 bits HTTP 403 Forbidden
2566. DES-CBC3-SHA - 112 bits HTTP 403 Forbidden
2567.  
2568. * TLSV1 Cipher Suites:
2569. Preferred:
2570. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 403 Forbidden
2571. Accepted:
2572. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 403 Forbidden
2573. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2574. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 403 Forbidden
2575. CAMELLIA256-SHA - 256 bits HTTP 403 Forbidden
2576. AES256-SHA - 256 bits HTTP 403 Forbidden
2577. ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2578. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 403 Forbidden
2579. DHE-RSA-SEED-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2580. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2581. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 403 Forbidden
2582. SEED-SHA - 128 bits HTTP 403 Forbidden
2583. RC4-SHA - 128 bits HTTP 403 Forbidden
2584. RC4-MD5 - 128 bits HTTP 403 Forbidden
2585. IDEA-CBC-SHA - 128 bits HTTP 403 Forbidden
2586. CAMELLIA128-SHA - 128 bits HTTP 403 Forbidden
2587. AES128-SHA - 128 bits HTTP 403 Forbidden
2588. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 403 Forbidden
2589. EDH-RSA-DES-CBC3-SHA DH-2048 bits 112 bits HTTP 403 Forbidden
2590. DES-CBC3-SHA - 112 bits HTTP 403 Forbidden
2591.  
2592. * SSLV3 Cipher Suites:
2593. Server rejected all cipher suites.
2594.  
2595.  
2596.  
2597. SCAN COMPLETED IN 24.50 S
2598. -------------------------
2599. Version: 1.11.12-static
2600. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2601.  
2602. Connected to 18.209.92.69
2603.  
2604. Testing SSL server 18.209.92.69 on port 443 using SNI name 18.209.92.69
2605.  
2606. TLS Fallback SCSV:
2607. Server supports TLS Fallback SCSV
2608.  
2609. TLS renegotiation:
2610. Secure session renegotiation supported
2611.  
2612. TLS Compression:
2613. Compression disabled
2614.  
2615. Heartbleed:
2616. TLS 1.2 not vulnerable to heartbleed
2617. TLS 1.1 not vulnerable to heartbleed
2618. TLS 1.0 not vulnerable to heartbleed
2619.  
2620. Supported Server Cipher(s):
2621. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2622. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2623. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2624. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2625. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2626. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2627. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2628. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2629. Accepted TLSv1.2 256 bits AES256-SHA256
2630. Accepted TLSv1.2 256 bits AES256-SHA
2631. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2632. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2633. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2634. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2635. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2636. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2637. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2638. Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
2639. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2640. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2641. Accepted TLSv1.2 128 bits AES128-SHA256
2642. Accepted TLSv1.2 128 bits AES128-SHA
2643. Accepted TLSv1.2 128 bits SEED-SHA
2644. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2645. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2646. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2647. Accepted TLSv1.2 112 bits DES-CBC3-SHA
2648. Accepted TLSv1.2 128 bits IDEA-CBC-SHA
2649. Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
2650. Accepted TLSv1.2 128 bits RC4-SHA
2651. Accepted TLSv1.2 128 bits RC4-MD5
2652. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2653. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2654. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2655. Accepted TLSv1.1 256 bits AES256-SHA
2656. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2657. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2658. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2659. Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
2660. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2661. Accepted TLSv1.1 128 bits AES128-SHA
2662. Accepted TLSv1.1 128 bits SEED-SHA
2663. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2664. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2665. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2666. Accepted TLSv1.1 112 bits DES-CBC3-SHA
2667. Accepted TLSv1.1 128 bits IDEA-CBC-SHA
2668. Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
2669. Accepted TLSv1.1 128 bits RC4-SHA
2670. Accepted TLSv1.1 128 bits RC4-MD5
2671. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2672. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2673. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2674. Accepted TLSv1.0 256 bits AES256-SHA
2675. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2676. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2677. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2678. Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
2679. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2680. Accepted TLSv1.0 128 bits AES128-SHA
2681. Accepted TLSv1.0 128 bits SEED-SHA
2682. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2683. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2684. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2685. Accepted TLSv1.0 112 bits DES-CBC3-SHA
2686. Accepted TLSv1.0 128 bits IDEA-CBC-SHA
2687. Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
2688. Accepted TLSv1.0 128 bits RC4-SHA
2689. Accepted TLSv1.0 128 bits RC4-MD5
2690.  
2691. SSL Certificate:
2692. Signature Algorithm: sha256WithRSAEncryption
2693. RSA Key Strength: 2048
2694.  
2695. Subject: ip-172-18-2-161
2696. Altnames: DNS:localhost, DNS:localhost.localdomain, DNS:ip-172-18-2-161, DNS:ip-172-18-2-161.ec2.internal
2697. Issuer: ip-172-18-2-161
2698.  
2699. Not valid before: Sep 17 16:49:21 2018 GMT
2700. Not valid after: Sep 17 16:49:21 2019 GMT
2701. #######################################################################################################################################
2702. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:33 EST
2703. NSE: Loaded 149 scripts for scanning.
2704. NSE: Script Pre-scanning.
2705. NSE: Starting runlevel 1 (of 3) scan.
2706. Initiating NSE at 22:33
2707. Completed NSE at 22:33, 0.00s elapsed
2708. NSE: Starting runlevel 2 (of 3) scan.
2709. Initiating NSE at 22:33
2710. Completed NSE at 22:33, 0.00s elapsed
2711. NSE: Starting runlevel 3 (of 3) scan.
2712. Initiating NSE at 22:33
2713. Completed NSE at 22:33, 0.00s elapsed
2714. Initiating Ping Scan at 22:33
2715. Scanning 18.209.92.69 [4 ports]
2716. Completed Ping Scan at 22:33, 0.32s elapsed (1 total hosts)
2717. Initiating Parallel DNS resolution of 1 host. at 22:33
2718. Completed Parallel DNS resolution of 1 host. at 22:33, 0.03s elapsed
2719. Initiating Connect Scan at 22:33
2720. Scanning ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69) [1000 ports]
2721. Discovered open port 80/tcp on 18.209.92.69
2722. Discovered open port 443/tcp on 18.209.92.69
2723. Completed Connect Scan at 22:33, 15.00s elapsed (1000 total ports)
2724. Initiating Service scan at 22:33
2725. Scanning 2 services on ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2726. Completed Service scan at 22:33, 13.65s elapsed (2 services on 1 host)
2727. Initiating OS detection (try #1) against ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2728. Retrying OS detection (try #2) against ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2729. Initiating Traceroute at 22:33
2730. Completed Traceroute at 22:34, 6.35s elapsed
2731. Initiating Parallel DNS resolution of 10 hosts. at 22:34
2732. Completed Parallel DNS resolution of 10 hosts. at 22:34, 16.50s elapsed
2733. NSE: Script scanning 18.209.92.69.
2734. NSE: Starting runlevel 1 (of 3) scan.
2735. Initiating NSE at 22:34
2736. Completed NSE at 22:34, 10.66s elapsed
2737. NSE: Starting runlevel 2 (of 3) scan.
2738. Initiating NSE at 22:34
2739. Completed NSE at 22:34, 2.26s elapsed
2740. NSE: Starting runlevel 3 (of 3) scan.
2741. Initiating NSE at 22:34
2742. Completed NSE at 22:34, 0.00s elapsed
2743. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2744. Host is up, received syn-ack ttl 235 (0.22s latency).
2745. Scanned at 2019-01-22 22:33:21 EST for 73s
2746. Not shown: 995 filtered ports
2747. Reason: 995 no-responses
2748. PORT STATE SERVICE REASON VERSION
2749. 25/tcp closed smtp conn-refused
2750. 80/tcp open http syn-ack Apache httpd 2.4.37 ((Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11)
2751. | http-methods:
2752. |_ Supported Methods: POST OPTIONS HEAD GET
2753. |_http-server-header: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2754. |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
2755. 139/tcp closed netbios-ssn conn-refused
2756. 443/tcp open ssl/http syn-ack Apache httpd 2.4.37 ((Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11)
2757. | http-methods:
2758. |_ Supported Methods: POST OPTIONS HEAD GET
2759. |_http-server-header: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2760. |_http-title: Test Page for the Apache HTTP Server on the Amazon Linux AMI
2761. | ssl-cert: Subject: commonName=ip-172-18-2-161/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/emailAddress=root@ip-172-18-2-161/organizationalUnitName=SomeOrganizationalUnit
2762. | Subject Alternative Name: DNS:localhost, DNS:localhost.localdomain, DNS:ip-172-18-2-161, DNS:ip-172-18-2-161.ec2.internal
2763. | Issuer: commonName=ip-172-18-2-161/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/emailAddress=root@ip-172-18-2-161/organizationalUnitName=SomeOrganizationalUnit
2764. | Public Key type: rsa
2765. | Public Key bits: 2048
2766. | Signature Algorithm: sha256WithRSAEncryption
2767. | Not valid before: 2018-09-17T16:49:21
2768. | Not valid after: 2019-09-17T16:49:21
2769. | MD5: 1b5f 91f6 02bf 2f8f 2c7a 7de3 d569 6ace
2770. | SHA-1: 82d8 c2ec 22fc f375 ad5f 44ac 9f7b e274 6637 7d96
2771. | -----BEGIN CERTIFICATE-----
2772. | MIIEVTCCAz2gAwIBAgICY0owDQYJKoZIhvcNAQELBQAwga8xCzAJBgNVBAYTAi0t
2773. | MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
2774. | DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
2775. | bml0MRgwFgYDVQQDDA9pcC0xNzItMTgtMi0xNjExIzAhBgkqhkiG9w0BCQEWFHJv
2776. | b3RAaXAtMTcyLTE4LTItMTYxMB4XDTE4MDkxNzE2NDkyMVoXDTE5MDkxNzE2NDky
2777. | MVowga8xCzAJBgNVBAYTAi0tMRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcM
2778. | CFNvbWVDaXR5MRkwFwYDVQQKDBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZT
2779. | b21lT3JnYW5pemF0aW9uYWxVbml0MRgwFgYDVQQDDA9pcC0xNzItMTgtMi0xNjEx
2780. | IzAhBgkqhkiG9w0BCQEWFHJvb3RAaXAtMTcyLTE4LTItMTYxMIIBIjANBgkqhkiG
2781. | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSBjYS14mA5QZ5KD+s0Dl1q2fwUn2UDNdL39
2782. | jqydHIzSX/oRtCNggdRcIwrTq7Vxg8tbdOp5uIHm2qH5bh4A8qwdjAp7cWL6ejDm
2783. | YNu3avNCBZjHNfo5NEM/p9Nrd3VR3X/Ppwv/q+F/h/XhXINZM7cp93UifwN4wTIv
2784. | RKSjVCDdCHeamvdy/V8y9aZiButCrobB+9XaSAR8D/erOp6mxdC+7F8POWQIK1Nl
2785. | Oe3eXC35ser5yIJXCQTq9enWPPaGkyCbe/72JHJRJWpriZ83qrAOpfmJH6NBK8VM
2786. | z+v7R1+Q48l8LU0ETM033PNC0SqbLHr6tNSh3qkNIBJTdFGrPQIDAQABo3kwdzAM
2787. | BgNVHRMEBTADAQH/MFoGA1UdEQRTMFGCCWxvY2FsaG9zdIIVbG9jYWxob3N0Lmxv
2788. | Y2FsZG9tYWlugg9pcC0xNzItMTgtMi0xNjGCHGlwLTE3Mi0xOC0yLTE2MS5lYzIu
2789. | aW50ZXJuYWwwCwYDVR0PBAQDAgLkMA0GCSqGSIb3DQEBCwUAA4IBAQA39HFNOW/j
2790. | 8cSFU0dC8lkPCEswzfMB6G8dl7crXDcrk/v9Y5HbSwA81ge5+LaqSKuRlHFP6tSY
2791. | lhiJC5KlptUAM/JU23hQ/0lgWmycOsM5uMn1JOOMyj1Q48J8RSH9DM7NvvXEuBtS
2792. | PDg+Rjz/YcuPBcMao7zpql6vpPxlPAyKhVxHafxdCaztFQDnsjOx/MmjKRSGdq+5
2793. | ijIJMMrnuiYi8v/ATEzfxM105gQs19pq6c8y6zzx9ttgeQTW9KUyjWjZDBykir/Q
2794. | XkSsfdyHMYVXyecRSfaC7ezRlj22bv+jgeRpwmEv0YKFj0uj+euTE6UNz1g53xcc
2795. | MODZuCus79Am
2796. |_-----END CERTIFICATE-----
2797. |_ssl-date: TLS randomness does not represent time
2798. | tls-alpn:
2799. |_ http/1.1
2800. 445/tcp closed microsoft-ds conn-refused
2801. Device type: storage-misc
2802. Running (JUST GUESSING): HP embedded (86%)
2803. OS CPE: cpe:/h:hp:p2000_g3
2804. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
2805. Aggressive OS guesses: HP P2000 G3 NAS device (86%)
2806. No exact OS matches for host (test conditions non-ideal).
2807. TCP/IP fingerprint:
2808. SCAN(V=7.70SVN%E=4%D=1/22%OT=80%CT=25%CU=%PV=N%G=N%TM=5C47E0CB%P=x86_64-unknown-linux-gnu)
2809. SEQ(SP=FA%GCD=1%ISR=107%TI=Z%CI=Z%TS=A)
2810. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
2811. WIN(W1=68DF%W2=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)
2812. ECN(R=Y%DF=Y%TG=FF%W=6903%O=M4B3NNSNW7%CC=Y%Q=)
2813. T1(R=Y%DF=Y%TG=FF%S=O%A=S+%F=AS%RD=0%Q=)
2814. T2(R=N)
2815. T3(R=N)
2816. T4(R=Y%DF=Y%TG=20%W=400%S=A%A=Z%F=R%O=%RD=0%Q=)
2817. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
2818. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
2819. T7(R=N)
2820. U1(R=N)
2821. IE(R=N)
2822.  
2823. Uptime guess: 21.300 days (since Tue Jan 1 15:21:57 2019)
2824. TCP Sequence Prediction: Difficulty=250 (Good luck!)
2825. IP ID Sequence Generation: All zeros
2826.  
2827. TRACEROUTE (using proto 1/icmp)
2828. HOP RTT ADDRESS
2829. 1 145.50 ms 10.246.200.1
2830. 2 145.89 ms 193.9.115.113
2831. 3 152.25 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
2832. 4 145.56 ms sfia-b2-link.telia.net (62.115.148.144)
2833. 5 281.74 ms win-bb2-link.telia.net (80.91.251.56)
2834. 6 281.16 ms 62.115.133.79
2835. 7 264.15 ms prs-bb4-link.telia.net (62.115.122.138)
2836. 8 264.13 ms ash-bb3-link.telia.net (62.115.122.159)
2837. 9 264.18 ms ash-b1-link.telia.net (80.91.248.157)
2838. 10 265.17 ms vadata-ic-333118-ash-b1.c.telia.net (62.115.11.183)
2839. 11 ... 30
2840.  
2841. NSE: Script Post-scanning.
2842. NSE: Starting runlevel 1 (of 3) scan.
2843. Initiating NSE at 22:34
2844. Completed NSE at 22:34, 0.00s elapsed
2845. NSE: Starting runlevel 2 (of 3) scan.
2846. Initiating NSE at 22:34
2847. Completed NSE at 22:34, 0.00s elapsed
2848. NSE: Starting runlevel 3 (of 3) scan.
2849. Initiating NSE at 22:34
2850. Completed NSE at 22:34, 0.00s elapsed
2851. Read data files from: /usr/local/bin/../share/nmap
2852. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2853. Nmap done: 1 IP address (1 host up) scanned in 74.53 seconds
2854. Raw packets sent: 143 (10.012KB) | Rcvd: 4008 (1.996MB)
2855. #######################################################################################################################################
2856. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:34 EST
2857. NSE: Loaded 149 scripts for scanning.
2858. NSE: Script Pre-scanning.
2859. Initiating NSE at 22:34
2860. Completed NSE at 22:34, 0.00s elapsed
2861. Initiating NSE at 22:34
2862. Completed NSE at 22:34, 0.00s elapsed
2863. Initiating NSE at 22:34
2864. Completed NSE at 22:34, 0.00s elapsed
2865. Initiating Parallel DNS resolution of 1 host. at 22:34
2866. Completed Parallel DNS resolution of 1 host. at 22:34, 0.02s elapsed
2867. Initiating UDP Scan at 22:34
2868. Scanning ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69) [13 ports]
2869. Completed UDP Scan at 22:34, 2.39s elapsed (13 total ports)
2870. Initiating Service scan at 22:34
2871. Scanning 11 services on ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2872. Service scan Timing: About 9.09% done; ETC: 22:52 (0:16:10 remaining)
2873. Completed Service scan at 22:36, 102.58s elapsed (11 services on 1 host)
2874. Initiating OS detection (try #1) against ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2875. Retrying OS detection (try #2) against ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2876. Initiating Traceroute at 22:36
2877. Completed Traceroute at 22:36, 7.22s elapsed
2878. Initiating Parallel DNS resolution of 1 host. at 22:36
2879. Completed Parallel DNS resolution of 1 host. at 22:36, 0.02s elapsed
2880. NSE: Script scanning 18.209.92.69.
2881. Initiating NSE at 22:36
2882. Completed NSE at 22:39, 154.38s elapsed
2883. Initiating NSE at 22:39
2884. Completed NSE at 22:39, 1.14s elapsed
2885. Initiating NSE at 22:39
2886. Completed NSE at 22:39, 0.00s elapsed
2887. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2888. Host is up (0.15s latency).
2889.  
2890. PORT STATE SERVICE VERSION
2891. 53/udp open|filtered domain
2892. 67/udp open|filtered dhcps
2893. 68/udp open|filtered dhcpc
2894. 69/udp open|filtered tftp
2895. 88/udp open|filtered kerberos-sec
2896. 123/udp open|filtered ntp
2897. 137/udp filtered netbios-ns
2898. 138/udp filtered netbios-dgm
2899. 139/udp open|filtered netbios-ssn
2900. 162/udp open|filtered snmptrap
2901. 389/udp open|filtered ldap
2902. 520/udp open|filtered route
2903. 2049/udp open|filtered nfs
2904. Too many fingerprints match this host to give specific OS details
2905.  
2906. TRACEROUTE (using port 138/udp)
2907. HOP RTT ADDRESS
2908. 1 144.27 ms 10.246.200.1
2909. 2 ... 3
2910. 4 145.75 ms 10.246.200.1
2911. 5 145.94 ms 10.246.200.1
2912. 6 145.94 ms 10.246.200.1
2913. 7 145.95 ms 10.246.200.1
2914. 8 145.96 ms 10.246.200.1
2915. 9 145.98 ms 10.246.200.1
2916. 10 146.02 ms 10.246.200.1
2917. 11 ... 18
2918. 19 145.87 ms 10.246.200.1
2919. 20 145.81 ms 10.246.200.1
2920. 21 ... 28
2921. 29 145.65 ms 10.246.200.1
2922. 30 143.11 ms 10.246.200.1
2923.  
2924. NSE: Script Post-scanning.
2925. Initiating NSE at 22:39
2926. Completed NSE at 22:39, 0.00s elapsed
2927. Initiating NSE at 22:39
2928. Completed NSE at 22:39, 0.00s elapsed
2929. Initiating NSE at 22:39
2930. Completed NSE at 22:39, 0.00s elapsed
2931. Read data files from: /usr/local/bin/../share/nmap
2932. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2933. Nmap done: 1 IP address (1 host up) scanned in 273.65 seconds
2934. Raw packets sent: 145 (9.788KB) | Rcvd: 8266 (3.813MB)
2935. #######################################################################################################################################
2936. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-22 22:39 EST
2937. Nmap scan report for ec2-18-209-92-69.compute-1.amazonaws.com (18.209.92.69)
2938. Host is up (0.24s latency).
2939. Not shown: 21 filtered ports, 3 closed ports
2940. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2941. PORT STATE SERVICE
2942. 80/tcp open http
2943. 443/tcp open https
2944. #######################################################################################################################################
2945. [*] Importing 'Nmap XML' data
2946. [*] Import: Parsing with 'Nokogiri v1.10.0'
2947. [*] Importing host 18.209.92.69
2948. [*] Successfully imported /usr/share/sniper/loot/18.209.92.69/nmap/nmap-18.209.92.69-udp.xml
2949. [*] Importing 'Nmap XML' data
2950. [*] Import: Parsing with 'Nokogiri v1.10.0'
2951. [*] Importing host 18.209.92.69
2952. [*] Successfully imported /usr/share/sniper/loot/18.209.92.69/nmap/nmap-18.209.92.69.xml
2953. [*] Importing 'Nmap XML' data
2954. [*] Import: Parsing with 'Nokogiri v1.10.0'
2955. [*] Importing host 18.209.92.69
2956. [*] Successfully imported /usr/share/sniper/loot/18.209.92.69/nmap/nmap-udp-18.209.92.69.xml
2957. #######################################################################################################################################
2958. Hosts
2959. =====
2960.  
2961. address mac name os_name os_flavor os_sp purpose info comments
2962. ------- --- ---- ------- --------- ----- ------- ---- --------
2963. 18.209.92.69 ec2-18-209-92-69.compute-1.amazonaws.com embedded device
2964. 165.98.58.12 wh1.redkangaroo.net.ni Unknown device
2965.  
2966. Services
2967. ========
2968.  
2969. host port proto name state info
2970. ---- ---- ----- ---- ----- ----
2971. 18.209.92.69 25 tcp smtp closed
2972. 18.209.92.69 53 udp domain unknown
2973. 18.209.92.69 67 udp dhcps unknown
2974. 18.209.92.69 68 udp dhcpc unknown
2975. 18.209.92.69 69 udp tftp unknown
2976. 18.209.92.69 80 tcp http open Apache httpd 2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2977. 18.209.92.69 88 udp kerberos-sec unknown
2978. 18.209.92.69 123 udp ntp unknown
2979. 18.209.92.69 137 udp netbios-ns filtered
2980. 18.209.92.69 138 udp netbios-dgm filtered
2981. 18.209.92.69 139 tcp netbios-ssn closed
2982. 18.209.92.69 139 udp netbios-ssn unknown
2983. 18.209.92.69 162 udp snmptrap unknown
2984. 18.209.92.69 389 udp ldap unknown
2985. 18.209.92.69 443 tcp ssl/http open Apache httpd 2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
2986. 18.209.92.69 445 tcp microsoft-ds closed
2987. 18.209.92.69 520 udp route unknown
2988. 18.209.92.69 2049 udp nfs unknown
2989. 165.98.58.12 53 udp domain unknown
2990. 165.98.58.12 67 udp dhcps unknown
2991. 165.98.58.12 68 udp dhcpc unknown
2992. 165.98.58.12 69 udp tftp unknown
2993. 165.98.58.12 88 udp kerberos-sec unknown
2994. 165.98.58.12 123 udp ntp unknown
2995. 165.98.58.12 137 udp netbios-ns filtered
2996. 165.98.58.12 138 udp netbios-dgm filtered
2997. 165.98.58.12 139 udp netbios-ssn unknown
2998. 165.98.58.12 162 udp snmptrap unknown
2999. 165.98.58.12 389 udp ldap unknown
3000. 165.98.58.12 520 udp route unknown
3001. 165.98.58.12 2049 udp nfs unknown #######################################################################################################################################
3002. [+] URL: https://www.foi.org/
3003. [+] Started: Tue Jan 22 20:36:28 2019
3004.  
3005. Interesting Finding(s):
3006.  
3007. [+] https://www.foi.org/
3008. | Interesting Entries:
3009. | - Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
3010. | - X-Powered-By: PHP/7.2.11
3011. | - Hummingbird-Cache: Served
3012. | Found By: Headers (Passive Detection)
3013. | Confidence: 100%
3014.  
3015. [+] https://www.foi.org/robots.txt
3016. | Interesting Entries:
3017. | - /wp-admin/
3018. | - /wp-admin/admin-ajax.php
3019. | Found By: Robots Txt (Aggressive Detection)
3020. | Confidence: 100%
3021.  
3022. [+] https://www.foi.org/xmlrpc.php
3023. | Found By: Link Tag (Passive Detection)
3024. | Confidence: 30%
3025. | References:
3026. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3027. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3028. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3029. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3030. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3031.  
3032. [+] https://www.foi.org/readme.html
3033. | Found By: Direct Access (Aggressive Detection)
3034. | Confidence: 100%
3035.  
3036. [+] This site seems to be a multisite
3037. | Found By: Direct Access (Aggressive Detection)
3038. | Confidence: 100%
3039. | Reference: http://codex.wordpress.org/Glossary#Multisite
3040.  
3041. [+] This site has 'Must Use Plugins': https://www.foi.org/wp-content/mu-plugins/
3042. | Found By: Direct Access (Aggressive Detection)
3043. | Confidence: 80%
3044. | Reference: http://codex.wordpress.org/Must_Use_Plugins
3045.  
3046. [+] WordPress version 5.0.3 identified (Latest, released on 2019-01-09).
3047. | Detected By: Rss Generator (Passive Detection)
3048. | - https://www.foi.org/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
3049. | - https://www.foi.org/comments/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
3050.  
3051. [+] WordPress theme in use: x-child
3052. | Location: https://www.foi.org/wp-content/themes/x-child/
3053. | Style URL: https://www.foi.org/wp-content/themes/x-child/style.css?ver=6.2.5
3054. | Style Name: X – Child Theme
3055. | Style URI: http://theme.co/x/
3056. | Description: Make all of your modifications to X in this child theme....
3057. | Author: Themeco
3058. | Author URI: http://theme.co/
3059. |
3060. | Detected By: Css Style (Passive Detection)
3061. |
3062. | Version: 1.0.0 (80% confidence)
3063. | Detected By: Style (Passive Detection)
3064. | - https://www.foi.org/wp-content/themes/x-child/style.css?ver=6.2.5, Match: 'Version: 1.0.0'
3065. |
3066. | Parent Theme(s):
3067. |
3068. | Location: https://www.foi.org/wp-content/themes/x/
3069. | Readme: https://www.foi.org/wp-content/themes/x/readme.txt
3070. | Style URL: https://www.foi.org/wp-content/themes/x-child/css/jcc.css
3071. |
3072. | Detected By: Parent Themes (Passive Detection)
3073. |
3074. | The version could not be determined.
3075.  
3076. [+] Enumerating Vulnerable Plugins
3077. [+] Checking Plugin Versions
3078.  
3079. [i] No plugins Found.
3080.  
3081. [+] Enumerating Vulnerable Themes
3082. Checking Known Locations - Time: 00:00:48 <> (288 / 288) 100.00% Time: 00:00:48
3083. [+] Checking Theme Versions
3084.  
3085. [i] No themes Found.
3086.  
3087. [+] Enumerating Timthumbs
3088. Checking Known Locations - Time: 00:02:49 <> (1001 / 2573) 38.90% ETA: 00:04:2 Checking Known
3089. [i] No Medias Found.
3090.  
3091. [+] Enumerating Users
3092. Brute Forcing Author IDs - Time: 00:00:03 <==> (10 / 10) 100.00% Time: 00:00:03
3093.  
3094. [i] User(s) Identified:
3095.  
3096. [+] Sarah Fern
3097. | Detected By: Rss Generator (Passive Detection)
3098. | Confirmed By: Rss Generator (Aggressive Detection)
3099.  
3100. [+] Cameron Joyner
3101. | Detected By: Rss Generator (Passive Detection)
3102. | Confirmed By: Rss Generator (Aggressive Detection)
3103.  
3104. [+] Bruce Scott
3105. | Detected By: Rss Generator (Passive Detection)
3106. | Confirmed By: Rss Generator (Aggressive Detection)
3107.  
3108. [+] Matt Montgomery
3109. | Detected By: Rss Generator (Passive Detection)
3110. | Confirmed By: Rss Generator (Aggressive Detection)
3111.  
3112. [+] The Friends of Israel
3113. | Detected By: Rss Generator (Passive Detection)
3114. | Confirmed By: Rss Generator (Aggressive Detection)
3115.  
3116. [+] cjoyner
3117. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3118. | - https://www.foi.org/author-sitemap.xml
3119.  
3120. [+] mmontgomery
3121. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3122. | - https://www.foi.org/author-sitemap.xml
3123.  
3124. [+] tperry
3125. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3126. | - https://www.foi.org/author-sitemap.xml
3127.  
3128. [+] cjohnson
3129. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3130. | - https://www.foi.org/author-sitemap.xml
3131.  
3132. [+] emcquaid
3133. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3134. | - https://www.foi.org/author-sitemap.xml
3135.  
3136. [+] sfern
3137. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3138. | - https://www.foi.org/author-sitemap.xml
3139.  
3140. [+] sherzig
3141. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3142. | - https://www.foi.org/author-sitemap.xml
3143.  
3144. [+] tgallione
3145. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3146. | - https://www.foi.org/author-sitemap.xml
3147.  
3148. [+] lsimcox
3149. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3150. | - https://www.foi.org/author-sitemap.xml
3151.  
3152. [+] bmeissner
3153. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3154. | - https://www.foi.org/author-sitemap.xml
3155.  
3156. [+] jshowers
3157. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3158. | - https://www.foi.org/author-sitemap.xml
3159.  
3160. [+] hrameriz
3161. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3162. | - https://www.foi.org/author-sitemap.xml
3163.  
3164. [+] friendsofisrael
3165. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3166. | - https://www.foi.org/author-sitemap.xml
3167.  
3168. [+] wvarner
3169. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3170. | - https://www.foi.org/author-sitemap.xml
3171.  
3172. [+] zkalisher
3173. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3174. | - https://www.foi.org/author-sitemap.xml
3175.  
3176. [+] tmunger
3177. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3178. | - https://www.foi.org/author-sitemap.xml
3179.  
3180. [+] rshowers
3181. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3182. | - https://www.foi.org/author-sitemap.xml
3183.  
3184. [+] ckatulka
3185. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3186. | - https://www.foi.org/author-sitemap.xml
3187.  
3188. [+] bscott
3189. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3190. | - https://www.foi.org/author-sitemap.xml
3191.  
3192. [+] kkatulka
3193. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3194. | - https://www.foi.org/author-sitemap.xml
3195.  
3196. [+] dlevy
3197. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3198. | - https://www.foi.org/author-sitemap.xml
3199.  
3200. [+] tsimcox
3201. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3202. | - https://www.foi.org/author-sitemap.xml
3203.  
3204. [+] pcolon
3205. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3206. | - https://www.foi.org/author-sitemap.xml
3207.  
3208. [+] jmiles
3209. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3210. | - https://www.foi.org/author-sitemap.xml
3211.  
3212. [+] john-mckim
3213. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3214. | - https://www.foi.org/author-sitemap.xml
3215.  
3216. [+] mkalisher
3217. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3218. | - https://www.foi.org/author-sitemap.xml
3219.  
3220. [+] trabinek
3221. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3222. | - https://www.foi.org/author-sitemap.xml
3223.  
3224. [+] uzziel-the-brick-maker
3225. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3226. | - https://www.foi.org/author-sitemap.xml
3227.  
3228. [+] dev
3229. | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
3230. | - https://www.foi.org/author-sitemap.xml
3231.  
3232. [+] Finished: Tue Jan 22 20:46:07 2019
3233. [+] Requests Done: 3123
3234. [+] Cached Requests: 11
3235. [+] Data Sent: 799.301 KB
3236. [+] Data Received: 22.146 MB
3237. [+] Memory used: 171.191 MB
3238. #######################################################################################################################################
3239. URL: http://www.foi.org/
3240. [+] Effective URL: https://www.foi.org/
3241. [+] Started: Tue Jan 22 19:53:55 2019
3242.  
3243. Interesting Finding(s):
3244.  
3245. [+] https://www.foi.org/
3246. | Interesting Entries:
3247. | - Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
3248. | - X-Powered-By: PHP/7.2.11
3249. | - Hummingbird-Cache: Served
3250. | Found By: Headers (Passive Detection)
3251. | Confidence: 100%
3252.  
3253. [+] https://www.foi.org/xmlrpc.php
3254. | Found By: Link Tag (Passive Detection)
3255. | Confidence: 30%
3256. | References:
3257. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3258. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3259. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3260. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3261. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3262.  
3263. [+] This site has 'Must Use Plugins': http://www.foi.org/wp-content/mu-plugins/
3264. | Found By: Direct Access (Aggressive Detection)
3265. | Confidence: 80%
3266. | Reference: http://codex.wordpress.org/Must_Use_Plugins
3267.  
3268. [+] WordPress version 5.0.3 identified (Latest, released on 2019-01-09).
3269. | Detected By: Rss Generator (Passive Detection)
3270. | - https://www.foi.org/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
3271. | - https://www.foi.org/comments/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
3272.  
3273. [+] WordPress theme in use: x-child
3274. | Location: http://www.foi.org/wp-content/themes/x-child/
3275. | Style URL: https://www.foi.org/wp-content/themes/x-child/style.css?ver=6.2.5
3276. | Style Name: X – Child Theme
3277. | Style URI: http://theme.co/x/
3278. | Description: Make all of your modifications to X in this child theme....
3279. | Author: Themeco
3280. | Author URI: http://theme.co/
3281. |
3282. | Detected By: Css Style (Passive Detection)
3283. |
3284. | Version: 1.0.0 (80% confidence)
3285. | Detected By: Style (Passive Detection)
3286. | - https://www.foi.org/wp-content/themes/x-child/style.css?ver=6.2.5, Match: 'Version: 1.0.0'
3287. |
3288. | Parent Theme(s):
3289. |
3290. | Location: http://www.foi.org/wp-content/themes/x/
3291. | Style URL: http://www.foi.org/wp-content/themes/x-child/css/jcc.css
3292. |
3293. | Detected By: Parent Themes (Passive Detection)
3294. |
3295. | The version could not be determined.
3296.  
3297. [+] Enumerating All Plugins
3298. [+] Checking Plugin Versions
3299.  
3300. [i] Plugin(s) Identified:
3301.  
3302. [+] contact-form-7
3303. | Location: http://www.foi.org/wp-content/plugins/contact-form-7/
3304. | Latest Version: 5.1.1 (up to date)
3305. | Last Updated: 2018-12-18T18:05:00.000Z
3306. |
3307. | Detected By: Urls In Homepage (Passive Detection)
3308. |
3309. | Version: 5.1.1 (10% confidence)
3310. | Detected By: Query Parameter (Passive Detection)
3311. | - https://www.foi.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
3312.  
3313. [+] cookie-law-info
3314. | Location: http://www.foi.org/wp-content/plugins/cookie-law-info/
3315. | Latest Version: 1.7.3
3316. | Last Updated: 2019-01-09T12:39:00.000Z
3317. |
3318. | Detected By: Urls In Homepage (Passive Detection)
3319. |
3320. | The version could not be determined.
3321.  
3322. [+] cornerstone
3323. | Location: http://www.foi.org/wp-content/plugins/cornerstone/
3324. | Latest Version: 0.7.5
3325. | Last Updated: 2018-02-12T20:45:00.000Z
3326. |
3327. | Detected By: Urls In Homepage (Passive Detection)
3328. |
3329. | The version could not be determined.
3330.  
3331. [+] revslider
3332. | Location: http://www.foi.org/wp-content/plugins/revslider/
3333. |
3334. | Detected By: Urls In Homepage (Passive Detection)
3335. | Confirmed By:
3336. | Comment (Passive Detection)
3337. | Div Data Version (Passive Detection)
3338. | Meta Generator (Passive Detection)
3339. |
3340. | Version: 5.4.8 (100% confidence)
3341. | Detected By: Div Data Version (Passive Detection)
3342. | - https://www.foi.org/, Match: '5.4.8'
3343. | Confirmed By: Comment (Passive Detection)
3344. | - https://www.foi.org/, Match: 'START REVOLUTION SLIDER 5.4.8'
3345.  
3346. [+] shiftnav-pro
3347. | Location: http://www.foi.org/wp-content/plugins/shiftnav-pro/
3348. |
3349. | Detected By: Urls In Homepage (Passive Detection)
3350. |
3351. | The version could not be determined.
3352.  
3353. [+] shiftnav-responsive-mobile-menu
3354. | Location: http://www.foi.org/wp-content/plugins/shiftnav-responsive-mobile-menu/
3355. | Last Updated: 2018-08-13T13:08:00.000Z
3356. | [!] The version is out of date, the latest version is 1.6.3
3357. |
3358. | Detected By: Javascript Var (Passive Detection)
3359. |
3360. | Version: 1.6.1.2 (60% confidence)
3361. | Detected By: Javascript Var (Passive Detection)
3362. | - https://www.foi.org/, Match: 'kpoint":"1200","v":"1.6.1.2","touch_off_close":'
3363.  
3364. [+] sitemap
3365. | Location: http://www.foi.org/wp-content/plugins/sitemap/
3366. | Latest Version: 4.3 (up to date)
3367. | Last Updated: 2018-03-08T04:37:00.000Z
3368. |
3369. | Detected By: Urls In Homepage (Passive Detection)
3370. |
3371. | Version: 4.3 (10% confidence)
3372. | Detected By: Query Parameter (Passive Detection)
3373. | - https://www.foi.org/wp-content/plugins/sitemap/css/page-list.css?ver=4.3
3374.  
3375. [+] ubermenu
3376. | Location: http://www.foi.org/wp-content/plugins/ubermenu/
3377. |
3378. | Detected By: Urls In Homepage (Passive Detection)
3379. |
3380. | The version could not be determined.
3381.  
3382. [+] wordfence
3383. | Location: http://www.foi.org/wp-content/plugins/wordfence/
3384. | Latest Version: 7.1.20
3385. | Last Updated: 2019-01-08T18:03:00.000Z
3386. |
3387. | Detected By: Javascript Var (Passive Detection)
3388. |
3389. | [!] 12 vulnerabilities identified:
3390. |
3391. | [!] Title: Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS
3392. | Fixed in: 3.8.7
3393. | References:
3394. | - https://wpvulndb.com/vulnerabilities/6140
3395. | - https://secunia.com/advisories/56558/
3396. |
3397. | [!] Title: Wordfence 3.8.1 - Password Creation Restriction Bypass
3398. | Fixed in: 3.8.3
3399. | Reference: https://wpvulndb.com/vulnerabilities/6141
3400. |
3401. | [!] Title: Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS
3402. | Fixed in: 3.8.3
3403. | References:
3404. | - https://wpvulndb.com/vulnerabilities/6142
3405. | - http://packetstormsecurity.com/files/122993/
3406. | - http://www.securityfocus.com/bid/62053/
3407. |
3408. | [!] Title: Wordfence 3.3.5 - XSS & IAA
3409. | Fixed in: 3.3.7
3410. | References:
3411. | - https://wpvulndb.com/vulnerabilities/6143
3412. | - https://secunia.com/advisories/51055/
3413. | - http://seclists.org/fulldisclosure/2012/Oct/139
3414. |
3415. | [!] Title: Wordfence 5.2.4 - Unspecified Issue
3416. | Fixed in: 5.2.5
3417. | Reference: https://wpvulndb.com/vulnerabilities/7581
3418. |
3419. | [!] Title: Wordfence 5.2.4 - IPTraf.php URI Request Stored XSS
3420. | Fixed in: 5.2.5
3421. | References:
3422. | - https://wpvulndb.com/vulnerabilities/7582
3423. | - http://packetstormsecurity.com/files/128259/
3424. |
3425. | [!] Title: Wordfence 5.2.3 - Banned IP Functionality Bypass
3426. | Fixed in: 5.2.4
3427. | References:
3428. | - https://wpvulndb.com/vulnerabilities/7583
3429. | - http://packetstormsecurity.com/files/128259/
3430. | - http://seclists.org/fulldisclosure/2014/Sep/49
3431. | - https://vexatioustendencies.com/wordfence-v5-2-3-2-stored-xss-insufficient-logging-throttle-bypass-exploit-detection-bypass/
3432. |
3433. | [!] Title: Wordfence 5.2.3 - Multiple Vulnerabilities
3434. | Fixed in: 5.2.4
3435. | References:
3436. | - https://wpvulndb.com/vulnerabilities/7612
3437. | - https://vexatioustendencies.com/wordfence-v5-2-3-2-stored-xss-insufficient-logging-throttle-bypass-exploit-detection-bypass/
3438. |
3439. | [!] Title: Wordfence <= 5.2.4 - Multiple Vulnerabilities (XSS & Bypasses)
3440. | Fixed in: 5.2.5
3441. | References:
3442. | - https://wpvulndb.com/vulnerabilities/7636
3443. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4664
3444. | - https://secupress.me/blog/wordfence-5-2-5-security-update/
3445. | - http://www.securityfocus.com/bid/70915/
3446. |
3447. | [!] Title: Wordfence 5.2.2 - XSS in Referer Header
3448. | Fixed in: 5.2.3
3449. | References:
3450. | - https://wpvulndb.com/vulnerabilities/7698
3451. | - https://vexatioustendencies.com/wordpress-plugin-vulnerability-dump-part-2/
3452. |
3453. | [!] Title: Wordfence <= 5.1.4 - Cross-Site Scripting (XSS)
3454. | Fixed in: 5.1.5
3455. | References:
3456. | - https://wpvulndb.com/vulnerabilities/7711
3457. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4932
3458. |
3459. | [!] Title: Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
3460. | Fixed in: 7.1.14
3461. | References:
3462. | - https://wpvulndb.com/vulnerabilities/9135
3463. | - http://www.waraxe.us/advisory-109.html
3464. | - http://packetstormsecurity.com/files/149845/
3465. |
3466. | The version could not be determined.
3467.  
3468. [+] wordpress-seo
3469. | Location: http://www.foi.org/wp-content/plugins/wordpress-seo/
3470. | Last Updated: 2019-01-08T09:18:00.000Z
3471. | [!] The version is out of date, the latest version is 9.4
3472. |
3473. | Detected By: Comment (Passive Detection)
3474. |
3475. | Version: 9.3 (60% confidence)
3476. | Detected By: Comment (Passive Detection)
3477. | - https://www.foi.org/, Match: 'optimized with the Yoast SEO plugin v9.3 -'
3478.  
3479. [+] wp-responsive-recent-post-slider
3480. | Location: http://www.foi.org/wp-content/plugins/wp-responsive-recent-post-slider/
3481. | Latest Version: 2.0.1 (up to date)
3482. | Last Updated: 2018-12-20T10:50:00.000Z
3483. |
3484. | Detected By: Urls In Homepage (Passive Detection)
3485. |
3486. | Version: 2.0.1 (20% confidence)
3487. | Detected By: Query Parameter (Passive Detection)
3488. | - https://www.foi.org/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.0.1
3489. | - https://www.foi.org/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.0.1
3490.  
3491. [+] wp-social-sharing
3492. | Location: http://www.foi.org/wp-content/plugins/wp-social-sharing/
3493. | Latest Version: 2.1
3494. | Last Updated: 2017-11-17T01:52:00.000Z
3495. |
3496. | Detected By: Urls In Homepage (Passive Detection)
3497. |
3498. | The version could not be determined.
3499.  
3500. [+] Enumerating Config Backups
3501. Checking Config Backups - Time: 00:00:02 <=============> (21 / 21) 100.00% Time: 00:00:02
3502.  
3503. [i] No Config Backups Found.
3504.  
3505. [+] Finished: Tue Jan 22 19:54:53 2019
3506. [+] Requests Done: 130
3507. [+] Cached Requests: 4
3508. [+] Data Sent: 26.943 KB
3509. [+] Data Received: 931.688 KB
3510. [+] Memory used: 93.965 MB
3511. [+] Elapsed time: 00:00:57
3512. #######################################################################################################################################
3513. [-] Date & Time: 22/01/2019 19:53:34
3514. [I] Threads: 5
3515. [-] Target: https://www.foi.org (18.209.92.69)
3516. [I] Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.11
3517. [I] X-Powered-By: PHP/7.2.11
3518. [L] X-Frame-Options: Not Enforced
3519. [I] Strict-Transport-Security: Not Enforced
3520. [I] X-Content-Security-Policy: Not Enforced
3521. [I] X-Content-Type-Options: Not Enforced
3522. [L] Robots.txt Found: https://www.foi.org/robots.txt
3523. [I] CMS Detection: WordPress
3524. [I] Wordpress Theme: x
3525. [M] EDB-ID: 10535 "WordPress Plugin Pyrmont 2.x - SQL Injection"
3526. [M] EDB-ID: 10897 "WD-CMS 3.0 - Multiple Vulnerabilities"
3527. [M] EDB-ID: 11458 "WordPress Plugin Copperleaf Photolog 0.16 - SQL Injection"
3528. [M] EDB-ID: 16232 "WordPress Plugin GigPress 2.1.10 - Persistent Cross-Site Scripting"
3529. [M] EDB-ID: 17602 "WordPress Plugin TimThumb 1.32 - Remote Code Execution"
3530. [M] EDB-ID: 17613 "WordPress Plugin E-Commerce 3.8.4 - SQL Injection"
3531. [M] EDB-ID: 17861 "WordPress Plugin AllWebMenus 1.1.3 - Remote File Inclusion"
3532. [M] EDB-ID: 17869 "WordPress Plugin Relocate Upload 0.14 - Remote File Inclusion"
3533. [M] EDB-ID: 18053 "WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting"
3534. [M] EDB-ID: 18198 "Family Connections CMS 2.5.0/2.7.1 - 'less.php' Remote Command Execution"
3535. [M] EDB-ID: 18417 "WordPress 3.3.1 - Multiple Vulnerabilities"
3536. [M] EDB-ID: 18599 "asaanCart - Cross-Site Scripting / Local File Inclusion"
3537. [M] EDB-ID: 19862 "WordPress Theme Diary/Notebook Site5 - Email Spoofing"
3538. [M] EDB-ID: 21646 "WordPress Theme Archin 3.2 - Configuration Access"
3539. [M] EDB-ID: 21715 "WordPress Plugin spider Calendar - Multiple Vulnerabilities"
3540. [M] EDB-ID: 22374 "WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities"
3541. [M] EDB-ID: 22396 "WordPress Plugin bbPress - Multiple Vulnerabilities"
3542. [M] EDB-ID: 23494 "WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload"
3543. [M] EDB-ID: 23970 "WordPress Plugin Google Document Embedder - Arbitrary File Disclosure (Metasploit)"
3544. [M] EDB-ID: 24515 "Cometchat Application - Multiple Vulnerabilities"
3545. [M] EDB-ID: 24867 "WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities"
3546. [M] EDB-ID: 24989 "WordPress 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting"
3547. [M] EDB-ID: 25723 "WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities"
3548. [M] EDB-ID: 27531 "WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities"
3549. [M] EDB-ID: 28054 "WordPress Plugin IndiaNIC Testimonial - Multiple Vulnerabilities"
3550. [M] EDB-ID: 28485 "WordPress Plugin NOSpamPTI - Blind SQL Injection"
3551. [M] EDB-ID: 29068 "WordPress Theme Area53 - Arbitrary File Upload"
3552. [M] EDB-ID: 29150 "WordPress Theme SAICO 1.0 < 1.0.2 - Arbitrary File Upload"
3553. [M] EDB-ID: 29211 "WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload"
3554. [M] EDB-ID: 29330 "WordPress Theme Switchblade 1.3 - Arbitrary File Upload"
3555. [M] EDB-ID: 29332 "WordPress Theme Think Responsive 1.0 - Arbitrary File Upload"
3556. [M] EDB-ID: 29356 "WordPress 1.x/2.0.x - 'template.php' HTML Injection"
3557. [M] EDB-ID: 29482 "WordPress Theme Kernel - Arbitrary File Upload"
3558. [M] EDB-ID: 29525 "WordPress Theme Highlight Premium - Cross-Site Request Forgery / Arbitrary File Upload"
3559. [M] EDB-ID: 29598 "WordPress 1.x/2.0.x - 'Templates.php' Cross-Site Scripting"
3560. [M] EDB-ID: 29667 "WordPress Theme Euclid 1.x - Cross-Site Request Forgery"
3561. [M] EDB-ID: 29668 "WordPress Theme Dimension - Cross-Site Request Forgery"
3562. [M] EDB-ID: 29669 "WordPress Theme Amplus - Cross-Site Request Forgery"
3563. [M] EDB-ID: 29670 "WordPress Theme Make A Statement (MaS) - Cross-Site Request Forgery"
3564. [M] EDB-ID: 29702 "WordPress 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution"
3565. [M] EDB-ID: 29754 "WordPress < 2.1.2 - 'PHP_Self' Cross-Site Scripting"
3566. [M] EDB-ID: 29834 "WordPress Plugin dzs-videogallery - Arbitrary File Upload"
3567. [M] EDB-ID: 29946 "Multiple WordPress Orange Themes - Cross-Site Request Forgery (Arbitrary File Upload)"
3568. [M] EDB-ID: 30084 "WordPress Plugin page-flip-image-gallery - Arbitrary File Upload"
3569. [M] EDB-ID: 30166 "WordPress 2.2 - 'Request_URI' Cross-Site Scripting"
3570. [M] EDB-ID: 30443 "WordPress Theme Persuasion 2.x - Arbitrary File Download / File Deletion"
3571. [M] EDB-ID: 31424 "WordPress Theme Dandelion - Arbitrary File Upload"
3572. [M] EDB-ID: 32861 "WordPress Theme LineNity 1.20 - Local File Inclusion"
3573. [M] EDB-ID: 33851 "Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution"
3574. [M] EDB-ID: 34511 "Mulitple WordPress Themes - 'admin-ajax.php?img' Arbitrary File Download"
3575. [M] EDB-ID: 34578 "WordPress Theme Acento - 'view-pdf.php?File' Arbitrary File Download"
3576. [M] EDB-ID: 35385 "WordPress Plugin Slider REvolution 3.0.95 / Showbiz Pro 1.7.1 - Arbitrary File Upload"
3577. [M] EDB-ID: 35561 "WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting"
3578. [M] EDB-ID: 35603 "WordPress Theme Live Wire 2.3.1 - Multiple Vulnerabilities"
3579. [M] EDB-ID: 35608 "WordPress Theme The Gazette Edition 2.9.4 - Multiple Vulnerabilities"
3580. [M] EDB-ID: 35830 "Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting"
3581. [M] EDB-ID: 36018 "WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting"
3582. [M] EDB-ID: 36038 "WordPress Plugin eShop 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities"
3583. [M] EDB-ID: 36061 "WordPress Plugin Webdorado Spider Event Calendar 1.4.9 - SQL Injection"
3584. [M] EDB-ID: 36178 "WordPress Theme Atahualpa 3.6.7 - 's' Cross-Site Scripting"
3585. [M] EDB-ID: 36179 "WordPress Theme Hybrid 0.9 - 'cpage' Cross-Site Scripting"
3586. [M] EDB-ID: 36180 "WordPress Theme F8 Lite 4.2.1 - 's' Cross-Site Scripting"
3587. [M] EDB-ID: 36181 "WordPress Theme Elegant Grunge 1.0.3 - 's' Cross-Site Scripting"
3588. [M] EDB-ID: 36182 "WordPress Theme EvoLve 1.2.5 - 's' Cross-Site Scripting"
3589. [M] EDB-ID: 36183 "WordPress Theme Cover WP 1.6.5 - 's' Cross-Site Scripting"
3590. [M] EDB-ID: 36184 "WordPress Theme Web Minimalist 1.1 - 'index.php' Cross-Site Scripting"
3591. [M] EDB-ID: 36185 "WordPress Theme Pixiv Custom Theme 2.1.5 - 'cpage' Cross-Site Scripting"
3592. [M] EDB-ID: 36186 "WordPress Theme Morning Coffee 3.5 - 'index.php' Cross-Site Scripting"
3593. [M] EDB-ID: 36187 "WordPress Theme Black-LetterHead 1.5 - 'index.php' Cross-Site Scripting"
3594. [M] EDB-ID: 36191 "WordPress Theme RedLine 1.65 - 's' Cross-Site Scripting"
3595. [M] EDB-ID: 36195 "WordPress Theme Trending 0.1 - 'cpage' Cross-Site Scripting"
3596. [M] EDB-ID: 36242 "WordPress Theme Photocrati 4.x - SQL Injection / Cross-Site Scripting"
3597. [M] EDB-ID: 36287 "WordPress Theme Bonus 1.0 - 's' Cross-Site Scripting"
3598. [M] EDB-ID: 36372 "WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload"
3599. [M] EDB-ID: 36414 "WordPress Plugin WPML 3.1.9 - Multiple Vulnerabilities"
3600. [M] EDB-ID: 36611 "Multiple WordPress UpThemes Themes - Arbitrary File Upload"
3601. [M] EDB-ID: 36733 "WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure"
3602. [M] EDB-ID: 36844 "WordPress 4.2 - Persistent Cross-Site Scripting"
3603. [M] EDB-ID: 36954 "WordPress Plugin Yet Another Related Posts 4.2.4 - Cross-Site Request Forgery"
3604. [M] EDB-ID: 36961 "WordPress Plugin Ad Inserter 1.5.2 - Cross-Site Request Forgery"
3605. [M] EDB-ID: 37106 "WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay"
3606. [M] EDB-ID: 37162 "WordPress Plugin Dynamic Widgets 1.5.1 - 'themes.php' Cross-Site Scripting"
3607. [M] EDB-ID: 37200 "WordPress Plugin zM Ajax Login & Register 1.0.9 - Local File Inclusion"
3608. [M] EDB-ID: 37244 "WordPress Plugin WP Mobile Edition - Local File Inclusion"
3609. [M] EDB-ID: 37417 "Multiple WordPress Themes - 'upload.php' Arbitrary File Upload"
3610. [M] EDB-ID: 37530 "WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download"
3611. [M] EDB-ID: 37534 "WordPress Plugin Easy2Map 1.24 - SQL Injection"
3612. [M] EDB-ID: 37636 "WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting"
3613. [M] EDB-ID: 37705 "WordPress Plugin Unite Gallery Lite 1.4.6 - Multiple Vulnerabilities"
3614. [M] EDB-ID: 37826 "WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities"
3615. [M] EDB-ID: 37827 "WordPress Theme Purity - Multiple Cross-Site Scripting Vulnerabilities"
3616. [M] EDB-ID: 37837 "WordPress Plugin Sexy Add Template - Cross-Site Request Forgery"
3617. [M] EDB-ID: 37956 "WordPress Theme GeoPlaces3 - Arbitrary File Upload"
3618. [M] EDB-ID: 38017 "WordPress Theme Kakao - 'ID' SQL Injection"
3619. [M] EDB-ID: 38022 "WordPress Theme Dailyedition-mouss - 'id' SQL Injection"
3620. [M] EDB-ID: 38041 "WordPress Theme Madebymilk - 'id' SQL Injection"
3621. [M] EDB-ID: 38057 "WordPress Theme Magazine Basic - 'id' SQL Injection"
3622. [M] EDB-ID: 38063 "WordPress Theme Wp-ImageZoom - 'id' SQL Injection"
3623. [M] EDB-ID: 38064 "WordPress Theme CStar Design - 'id' SQL Injection"
3624. [M] EDB-ID: 38077 "WordPress Theme Toolbox - 'mls' SQL Injection"
3625. [M] EDB-ID: 38086 "WordPress Plugin Contact Form Generator 2.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities"
3626. [M] EDB-ID: 38102 "WordPress Theme Nest - 'codigo' SQL Injection"
3627. [M] EDB-ID: 38105 "WordPress Theme White-Label Framework 2.0.6 - Cross-Site Scripting"
3628. [M] EDB-ID: 38167 "Multiple WordPress WPScientist Themes - Arbitrary File Upload"
3629. [M] EDB-ID: 38237 "WordPress Theme Chocolate WP - Multiple Vulnerabilities"
3630. [M] EDB-ID: 38290 "WordPress Theme flashnews - Multiple Input Validation Vulnerabilities"
3631. [M] EDB-ID: 38301 "WordPress Theme Pinboard - 'tab' Cross-Site Scripting"
3632. [M] EDB-ID: 38458 "WordPress Plugin Spider Video Player - 'theme' SQL Injection"
3633. [M] EDB-ID: 38484 "WordPress Plugin Ajax Load More < 2.8.2 - Arbitrary File Upload"
3634. [M] EDB-ID: 38487 "WordPress Theme Colormix - Multiple Vulnerabilities"
3635. [M] EDB-ID: 38568 "WordPress Theme Ambience - 'src' Cross-Site Scripting"
3636. [M] EDB-ID: 38820 "WordPress Theme This Way - 'upload_settings_image.php' Arbitrary File Upload"
3637. [M] EDB-ID: 38848 "WordPress Theme Suco - 'themify-ajax.php' Arbitrary File Upload"
3638. [M] EDB-ID: 39090 "WordPress Theme Kiddo - Arbitrary File Upload"
3639. [M] EDB-ID: 39135 "WordPress Theme Felici - 'Uploadify.php' Arbitrary File Upload"
3640. [M] EDB-ID: 39211 "WordPress Theme Infocus - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure"
3641. [M] EDB-ID: 39296 "WordPress Theme Urban City - 'download.php' Arbitrary File Download"
3642. [M] EDB-ID: 39297 "WordPress Theme Authentic - 'download.php' Arbitrary File Download"
3643. [M] EDB-ID: 39298 "WordPress Theme Epic - 'download.php' Arbitrary File Download"
3644. [M] EDB-ID: 39299 "WordPress Theme Antioch - 'download.php' Arbitrary File Download"
3645. [M] EDB-ID: 39333 "WordPress Theme Elegance - '/elegance/lib/scripts/dl-skin.php' Local File Disclosure"
3646. [M] EDB-ID: 39339 "BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities"
3647. [M] EDB-ID: 39513 "WordPress Plugin CP Polls 1.0.8 - Multiple Vulnerabilities"
3648. [M] EDB-ID: 39536 "WordPress Theme SiteMile Project 2.0.9.5 - Multiple Vulnerabilities"
3649. [M] EDB-ID: 39552 "WordPress Theme Beauty & Clean 1.0.8 - Arbitrary File Upload"
3650. [M] EDB-ID: 39892 "WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting"
3651. [M] EDB-ID: 39894 "WordPress Theme Newspaper 6.7.1 - Privilege Escalation"
3652. [M] EDB-ID: 39895 "WordPress Theme Uncode 1.3.1 - Arbitrary File Upload"
3653. [M] EDB-ID: 40042 "WordPress Plugin Ultimate Membership Pro 3.3 - SQL Injection"
3654. [M] EDB-ID: 40976 "WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload"
3655. [M] EDB-ID: 41857 "WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection"
3656. [M] EDB-ID: 42129 "WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure / Cross-Site Scripting"
3657. [M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
3658. [M] EDB-ID: 43324 "Accesspress Anonymous Post Pro < 3.2.0 - Arbitrary File Upload"
3659. [M] EDB-ID: 43475 "WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure"
3660. [M] EDB-ID: 43889 "CMS Made Simple 1.11.9 - Multiple Vulnerabilities"
3661. [M] EDB-ID: 4397 "Claymore Dual GPU Miner 10.5 - Format String"
3662. [M] EDB-ID: 44503 "UK Cookie Consent - Persistent Cross-Site Scripting"
3663. [M] EDB-ID: 44595 "WordPress Plugin User Role Editor < 4.25 - Privilege Escalation"
3664. [M] EDB-ID: 44943 "WordPress Plugin iThemes Security < 7.0.3 - SQL Injection"
3665. [M] EDB-ID: 45255 "WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection"
3666. [M] EDB-ID: 45880 "WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting"
3667. [M] EDB-ID: 45896 "WordPress CherryFramework Themes 3.1.4 - Backup File Download"
3668. [M] EDB-ID: 46083 "Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation"
3669. [M] EDB-ID: 8820 "amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection"
3670. [M] EDB-ID: 9043 "Adobe Flash Selection.SetSelection - Use-After-Free"
3671. [M] EDB-ID: 9578 "Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Services.exe' Denial of Service (2)"
3672. [-] WordPress usernames identified:
3673. [M] Bruce Scott
3674. [M] Matt Montgomery
3675. [M] Peter Colón
3676. [M] Sarah Fern
3677. [M] ameron Joyner
3678. [M] he Friends of Israel
3679. [M] XML-RPC services are enabled
3680. [I] Forgotten Password Allows Username Enumeration: https://www.foi.org/wp-login.php?action=lostpassword
3681. [I] Autocomplete Off Not Found: https://www.foi.org/wp-login.php
3682. [-] Default WordPress Files:
3683. [I] https://www.foi.org/license.txt
3684. [I] https://www.foi.org/readme.html
3685. [I] https://www.foi.org/wp-content/themes/twentynineteen/readme.txt
3686. [I] https://www.foi.org/wp-includes/ID3/license.commercial.txt
3687. [I] https://www.foi.org/wp-includes/ID3/license.txt
3688. [I] https://www.foi.org/wp-includes/ID3/readme.txt
3689. [I] https://www.foi.org/wp-includes/images/crystal/license.txt
3690. [I] https://www.foi.org/wp-includes/js/plupload/license.txt
3691. [I] https://www.foi.org/wp-includes/js/swfupload/license.txt
3692. [I] https://www.foi.org/wp-includes/js/tinymce/license.txt
3693. [-] Searching Wordpress Plugins ...
3694. [I] "+plugin+"
3695. [I] $plugin
3696. [I] 1-flash-gallery
3697. [M] EDB-ID: 17801 "WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)"
3698. [I] 1-jquery-photo-gallery-slideshow-flash
3699. [M] EDB-ID: 36382 "WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting"
3700. [I] 2-click-socialmedia-buttons
3701. [M] EDB-ID: 37178 "WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities"
3702. [I] Calendar
3703. [I] Calendar-Script
3704. [M] EDB-ID: 38018 "WordPress Plugin PHP Event Calendar - 'cid' SQL Injection"
3705. [I] Enigma2.php?boarddir=http:
3706. [I] FlagEm
3707. [M] EDB-ID: 38674 "WordPress Plugin FlagEm - 'cID' Cross-Site Scripting"
3708. [I] Lead-Octopus-Power
3709. [M] EDB-ID: 39269 "WordPress Plugin Lead Octopus Power - 'id' SQL Injection"
3710. [I] Premium_Gallery_Manager
3711. [M] EDB-ID: 34538 "WordPress Plugin Premium Gallery Manager - Configuration Access"
3712. [M] EDB-ID: 39111 "WordPress Plugin Premium Gallery Manager - Arbitrary File Upload"
3713. [I] Tevolution
3714. [I] a-gallery
3715. [M] EDB-ID: 17872 "Multiple WordPress Plugins - 'timthumb.php' File Upload"
3716. [I] a-to-z-category-listing
3717. [M] EDB-ID: 17809 "WordPress Plugin A to Z Category Listing 1.3 - SQL Injection"
3718. [I] abtest
3719. [M] EDB-ID: 39577 "WordPress Plugin Abtest - Local File Inclusion"
3720. [I] accept-signups
3721. [M] EDB-ID: 35136 "WordPress Plugin Accept Signups 0.1 - 'email' Cross-Site Scripting"
3722. [I] acf-frontend-display
3723. [I] ad-wizz
3724. [I] admin_panel.php?wp_footnotes_current_settings[post_footnotes]=&lt;
3725. /bin/sh: 1: lt: not found
3726. /bin/sh: 1: [&=/]: not found
3727. [I] admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=&lt;
3728. /bin/sh: 1: lt: not found
3729. /bin/sh: 1: [&=/]: not found
3730. [I] adminimize
3731. [M] EDB-ID: 36325 "WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting"
3732. [I] adrotate
3733. [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
3734. [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
3735. [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
3736. [I] ads-box
3737. [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
3738. [I] advanced-dewplayer
3739. [M] EDB-ID: 38936 "WordPress Plugin Advanced Dewplayer - 'download-file.php' Script Directory Traversal"
3740. [I] advanced-text-widget
3741. [M] EDB-ID: 36324 "WordPress Plugin Advanced Text Widget 2.0 - 'page' Cross-Site Scripting"
3742. [I] advanced-uploader
3743. [M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
3744. [I] advertizer
3745. [M] EDB-ID: 17750 "WordPress Plugin Advertizer 1.0 - SQL Injection"
3746. [I] age-verification
3747. [M] EDB-ID: 18350 "WordPress Plugin Age Verification 0.4 - Open Redirect"
3748. [M] EDB-ID: 36540 "WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection"
3749. [I] ajax-category-dropdown
3750. [M] EDB-ID: 17207 "WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities"
3751. [I] ajax-store-locator-wordpress_0
3752. [M] EDB-ID: 35493 "WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download"
3753. [I] ajaxgallery
3754. [M] EDB-ID: 17686 "WordPress Plugin Ajax Gallery 3.0 - SQL Injection"
3755. [I] akismet
3756. [M] EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
3757. [I] alert-before-your-post
3758. [M] EDB-ID: 36323 "WordPress Plugin Alert Before Your Post - 'name' Cross-Site Scripting"
3759. [I] all-in-one-event-calendar
3760. [M] EDB-ID: 37075 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting"
3761. [M] EDB-ID: 37076 "WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting"
3762. [M] EDB-ID: 37077 "WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting"
3763. [M] EDB-ID: 37078 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities"
3764. [I] all-in-one-wp-security-and-firewall
3765. [M] EDB-ID: 34854 "WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting"
3766. [I] all-video-gallery
3767. [M] EDB-ID: 22427 "WordPress Plugin All Video Gallery 1.1 - SQL Injection"
3768. [I] allow-php-in-posts-and-pages
3769. [M] EDB-ID: 17688 "WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection"
3770. [I] allwebmenus-wordpress-menu-plugin
3771. [M] EDB-ID: 18407 "WordPress Plugin AllWebMenus < 1.1.9 Menu Plugin - Arbitrary File Upload"
3772. [I] alo-easymail
3773. [I] annonces
3774. [M] EDB-ID: 17863 "WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion"
3775. [I] answer-my-question
3776. [M] EDB-ID: 40771 "WordPress Plugin Answer My Question 1.3 - SQL Injection"
3777. [I] appointment-booking-calendar
3778. [M] EDB-ID: 39309 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection"
3779. [M] EDB-ID: 39319 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection"
3780. [M] EDB-ID: 39341 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities"
3781. [M] EDB-ID: 39342 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection"
3782. [I] aspose-doc-exporter
3783. [M] EDB-ID: 36559 "WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download"
3784. [I] asset-manager
3785. [M] EDB-ID: 18993 "WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload"
3786. [I] audio
3787. [M] EDB-ID: 35258 "WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting"
3788. [I] audio-player
3789. [M] EDB-ID: 38300 "WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting"
3790. [I] auto-attachments
3791. [I] aviary-image-editor-add-on-for-gravity-forms
3792. [M] EDB-ID: 37275 "WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload"
3793. [I] backwpup
3794. [M] EDB-ID: 35400 "WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities"
3795. [I] baggage-freight
3796. [M] EDB-ID: 46061 "WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload"
3797. [I] baggage_shipping
3798. [I] bbpress
3799. [I] bezahlcode-generator
3800. [M] EDB-ID: 35286 "WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting"
3801. [I] booking
3802. [M] EDB-ID: 27399 "WordPress Plugin Booking Calendar 4.1.4 - Cross-Site Request Forgery"
3803. [I] booking-calendar-contact-form
3804. [M] EDB-ID: 37003 "WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities"
3805. [I] bookx
3806. [M] EDB-ID: 39251 "WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion"
3807. [I] brandfolder
3808. [M] EDB-ID: 39591 "WordPress Plugin Brandfolder 3.0 - Local/Remote File Inclusion"
3809. [I] cac-featured-content
3810. [I] candidate-application-form
3811. [M] EDB-ID: 37754 "WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download"
3812. [I] catalog
3813. [M] EDB-ID: 25724 "WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities"
3814. [M] EDB-ID: 38639 "WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities"
3815. [I] category-grid-view-gallery
3816. [M] EDB-ID: 38625 "WordPress Plugin Category Grid View Gallery - 'ID' Cross-Site Scripting"
3817. [I] category-list-portfolio-page
3818. [I] cevhershare
3819. [M] EDB-ID: 17891 "WordPress Plugin CevherShare 2.0 - SQL Injection"
3820. [I] cforms
3821. [M] EDB-ID: 34946 "WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities"
3822. [I] cforms2
3823. [M] EDB-ID: 35879 "WordPress Plugin Cforms 14.7 - Remote Code Execution"
3824. [I] chenpress
3825. [M] EDB-ID: 37522 "WordPress Plugin chenpress - Arbitrary File Upload"
3826. [I] church-admin
3827. [M] EDB-ID: 37483 "WordPress Plugin church_admin - 'id' Cross-Site Scripting"
3828. [I] cimy-counter
3829. [M] EDB-ID: 14057 "WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting"
3830. [M] EDB-ID: 34195 "WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting"
3831. [I] clickdesk-live-support-chat
3832. [M] EDB-ID: 36338 "WordPress Plugin ClickDesk Live Support 2.0 - 'cdwidget' Cross-Site Scripting"
3833. [I] cloudsafe365-for-wp
3834. [M] EDB-ID: 37681 "WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure"
3835. [I] cm-download-manager
3836. [M] EDB-ID: 35324 "WordPress Plugin CM Download Manager 2.0.0 - Code Injection"
3837. [I] cms-pack
3838. [I] cnhk-slideshow
3839. [M] EDB-ID: 39190 "WordPress Plugin cnhk-Slideshow - Arbitrary File Upload"
3840. [I] comicpress-manager
3841. [M] EDB-ID: 35393 "WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting"
3842. [I] comment-rating
3843. [M] EDB-ID: 16221 "WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities"
3844. [M] EDB-ID: 24552 "WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities"
3845. [M] EDB-ID: 36487 "WordPress Plugin Comment Rating 2.9.20 - 'path' Cross-Site Scripting"
3846. [I] community-events
3847. [M] EDB-ID: 17798 "WordPress Plugin Community Events 1.2.1 - SQL Injection"
3848. [I] complete-gallery-manager
3849. [M] EDB-ID: 28377 "WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload"
3850. [I] contact-form-7 v5.1.1
3851. [I] contact-form-generator
3852. [I] contact-form-wordpress
3853. [M] EDB-ID: 17980 "WordPress Plugin Contact Form 2.7.5 - SQL Injection"
3854. [I] contus-hd-flv-player
3855. [M] EDB-ID: 17678 "WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection"
3856. [M] EDB-ID: 37377 "WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload"
3857. [I] contus-video-gallery
3858. [M] EDB-ID: 34161 "WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities"
3859. [I] contus-video-galleryversion-10
3860. [M] EDB-ID: 37373 "WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload"
3861. [I] cookie-law-info v1.7.2
3862. [I] copyright-licensing-tools
3863. [M] EDB-ID: 17749 "WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection"
3864. [I] cornerstone
3865. [I] count-per-day
3866. [M] EDB-ID: 17857 "WordPress Plugin Count per Day 2.17 - SQL Injection"
3867. [M] EDB-ID: 18355 "WordPress Plugin Count Per Day - Multiple Vulnerabilities"
3868. [M] EDB-ID: 20862 "WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting"
3869. [I] couponer
3870. [M] EDB-ID: 17759 "WordPress Plugin Couponer 1.2 - SQL Injection"
3871. [I] cp-polls
3872. [I] cp-reservation-calendar
3873. [M] EDB-ID: 38187 "WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection"
3874. [I] cpl
3875. [I] crawlrate-tracker
3876. [M] EDB-ID: 17755 "WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection"
3877. [I] crayon-syntax-highlighter
3878. [M] EDB-ID: 37946 "WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion"
3879. [I] custom-background
3880. [I] custom-content-type-manager
3881. [M] EDB-ID: 19058 "WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload"
3882. [I] custom-tables
3883. [M] EDB-ID: 37482 "WordPress Plugin custom tables - 'key' Cross-Site Scripting"
3884. [I] cysteme-finder
3885. [M] EDB-ID: 40295 "WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload"
3886. [I] daily-maui-photo-widget
3887. [M] EDB-ID: 35673 "WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities"
3888. [I] db-backup
3889. [M] EDB-ID: 35378 "WordPress Plugin DB Backup - Arbitrary File Download"
3890. [I] disclosure-policy-plugin
3891. [M] EDB-ID: 17865 "WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion"
3892. [I] dm-albums
3893. [M] EDB-ID: 9048 "Adobe Flash TextField.replaceText - Use-After-Free"
3894. [I] dmsguestbook
3895. [I] downloads-manager
3896. [M] EDB-ID: 6127 "Pixel Studio 2.17 - Denial of Service (PoC)"
3897. [I] dp-thumbnail
3898. [I] drag-drop-file-uploader
3899. [M] EDB-ID: 19057 "WordPress Plugin drag and drop file upload 0.1 - Arbitrary File Upload"
3900. [I] dukapress
3901. [M] EDB-ID: 35346 "WordPress Plugin DukaPress 2.5.2 - Directory Traversal"
3902. [I] duplicator
3903. [M] EDB-ID: 38676 "WordPress Plugin Duplicator - Cross-Site Scripting"
3904. [M] EDB-ID: 44288 "WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting"
3905. [I] dzs-videogallery
3906. [M] EDB-ID: 30063 "WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure"
3907. [M] EDB-ID: 39250 "WordPress Plugin DZS-VideoGallery - Cross-Site Scripting / Command Injection"
3908. [M] EDB-ID: 39553 "WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities"
3909. [I] dzs-zoomsounds
3910. [M] EDB-ID: 37166 "WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload"
3911. [I] easy-contact-form-lite
3912. [M] EDB-ID: 17680 "WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection"
3913. [I] easy-contact-forms-exporter
3914. [M] EDB-ID: 19013 "WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure"
3915. [I] ebook-download
3916. [M] EDB-ID: 39575 "WordPress Plugin eBook Download 1.1 - Directory Traversal"
3917. [I] eco-annu
3918. [M] EDB-ID: 38019 "WordPress Plugin Eco-annu - 'eid' SQL Injection"
3919. [I] editormonkey
3920. [M] EDB-ID: 17284 "WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload"
3921. [I] email-newsletter
3922. [M] EDB-ID: 37356 "WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure"
3923. [I] evarisk
3924. [M] EDB-ID: 17738 "WordPress Plugin Evarisk 5.1.3.6 - SQL Injection"
3925. [M] EDB-ID: 37399 "WordPress Plugin Evarisk - 'uploadPhotoApres.php' Arbitrary File Upload"
3926. [I] event-registration
3927. [M] EDB-ID: 17751 "WordPress Plugin Event Registration 5.4.3 - SQL Injection"
3928. [I] eventify
3929. [M] EDB-ID: 17794 "WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection"
3930. [I] extend-wordpress
3931. [I] facebook-opengraph-meta-plugin
3932. [M] EDB-ID: 17773 "WordPress Plugin Facebook Opengraph Meta 1.0 - SQL Injection"
3933. [I] fbgorilla
3934. [M] EDB-ID: 39283 "WordPress Plugin FB Gorilla - 'game_play.php' SQL Injection"
3935. [I] fbpromotions
3936. [M] EDB-ID: 17737 "WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection"
3937. [I] fcchat
3938. [M] EDB-ID: 35289 "WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting"
3939. [M] EDB-ID: 37370 "WordPress Plugin FCChat Widget 2.2.x - 'upload.php' Arbitrary File Upload"
3940. [I] feature-slideshow
3941. [M] EDB-ID: 35285 "WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting"
3942. [I] featurific-for-wordpress
3943. [M] EDB-ID: 36339 "WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Cross-Site Scripting"
3944. [I] feed
3945. [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
3946. [I] feedlist
3947. [M] EDB-ID: 34973 "WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting"
3948. [I] feedweb
3949. [M] EDB-ID: 38414 "WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting"
3950. [I] fgallery
3951. [M] EDB-ID: 4993 "GitList 0.6.0 - Argument Injection (Metasploit)"
3952. [I] file-groups
3953. [M] EDB-ID: 17677 "WordPress Plugin File Groups 1.1.2 - SQL Injection"
3954. [I] filedownload
3955. [M] EDB-ID: 17858 "WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure"
3956. [I] finder
3957. [M] EDB-ID: 37677 "WordPress Plugin Finder - 'order' Cross-Site Scripting"
3958. [I] firestats
3959. [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
3960. [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
3961. [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
3962. [I] flash-album-gallery
3963. [M] EDB-ID: 16947 "WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities"
3964. [M] EDB-ID: 36383 "WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting"
3965. [M] EDB-ID: 36434 "WordPress Plugin GRAND FlAGallery 1.57 - 'flagshow.php' Cross-Site Scripting"
3966. [M] EDB-ID: 36444 "WordPress Plugin flash-album-gallery - 'flagshow.php' Cross-Site Scripting"
3967. [I] flexible-custom-post-type
3968. [M] EDB-ID: 36317 "WordPress Plugin Flexible Custom Post Type - 'id' Cross-Site Scripting"
3969. [I] flipbook
3970. [M] EDB-ID: 37452 "WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload"
3971. [I] font-uploader
3972. [M] EDB-ID: 18994 "WordPress Plugin Font Uploader 1.2.4 - Arbitrary File Upload"
3973. [I] formcraft
3974. [M] EDB-ID: 30002 "WordPress Plugin Formcraft - SQL Injection"
3975. [I] forum-server
3976. [M] EDB-ID: 16235 "WordPress Plugin Forum Server 1.6.5 - SQL Injection"
3977. [M] EDB-ID: 17828 "WordPress Plugin Forum Server 1.7 - SQL Injection"
3978. [I] foxypress
3979. [M] EDB-ID: 18991 "WordPress Plugin Foxypress 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload"
3980. [I] front-end-upload
3981. [M] EDB-ID: 19008 "WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload"
3982. [I] front-file-manager
3983. [M] EDB-ID: 19012 "WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload"
3984. [I] fs-real-estate-plugin
3985. [M] EDB-ID: 22071 "WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection"
3986. [I] gallery-images
3987. [M] EDB-ID: 34524 "WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection"
3988. [M] EDB-ID: 39807 "WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities"
3989. [I] gallery-plugin
3990. [M] EDB-ID: 18998 "WordPress Plugin Gallery 3.06 - Arbitrary File Upload"
3991. [M] EDB-ID: 38209 "WordPress Plugin Gallery - 'filename_1' Arbitrary File Access"
3992. [I] gd-star-rating
3993. [M] EDB-ID: 17973 "WordPress Plugin GD Star Rating 1.9.10 - SQL Injection"
3994. [M] EDB-ID: 35373 "WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting"
3995. [M] EDB-ID: 35835 "WordPress Plugin GD Star Rating - 'votes' SQL Injection"
3996. [I] gift-voucher
3997. [I] global-content-blocks
3998. [M] EDB-ID: 17687 "WordPress Plugin Global Content Blocks 1.2 - SQL Injection"
3999. [I] global-flash-galleries
4000. [M] EDB-ID: 39059 "WordPress Plugin Global Flash Gallery - 'swfupload.php' Arbitrary File Upload"
4001. [I] google-document-embedder
4002. [M] EDB-ID: 35371 "WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection"
4003. [M] EDB-ID: 35447 "WordPress Plugin Google Document Embedder 2.5.16 - 'mysql_real_escpae_string' Bypass SQL Injection"
4004. [I] google-mp3-audio-player
4005. [M] EDB-ID: 35460 "WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download"
4006. [I] grapefile
4007. [M] EDB-ID: 17760 "WordPress Plugin grapefile 1.1 - Arbitrary File Upload"
4008. [I] gwolle-gb
4009. [M] EDB-ID: 38861 "WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion"
4010. [I] hb-audio-gallery-lite
4011. [M] EDB-ID: 39589 "WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download"
4012. [I] hd-webplayer
4013. [M] EDB-ID: 20918 "WordPress Plugin HD Webplayer 1.1 - SQL Injection"
4014. [I] history-collection
4015. [M] EDB-ID: 37254 "WordPress Plugin History Collection 1.1.1 - Arbitrary File Download"
4016. [I] hitasoft_player
4017. [M] EDB-ID: 38012 "WordPress Plugin FLV Player - 'id' SQL Injection"
4018. [I] html5avmanager
4019. [M] EDB-ID: 18990 "WordPress Plugin HTML5 AV Manager 0.2.7 - Arbitrary File Upload"
4020. [I] i-dump-iphone-to-wordpress-photo-uploader
4021. [M] EDB-ID: 36691 "WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload"
4022. [I] iframe-admin-pages
4023. [M] EDB-ID: 37179 "WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting"
4024. [I] igit-posts-slider-widget
4025. [M] EDB-ID: 35392 "WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting"
4026. [I] image-export
4027. [M] EDB-ID: 39584 "WordPress Plugin Image Export 1.1.0 - Arbitrary File Disclosure"
4028. [I] image-gallery-with-slideshow
4029. [M] EDB-ID: 17761 "WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities"
4030. [I] imdb-widget
4031. [M] EDB-ID: 39621 "WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion"
4032. [I] inboundio-marketing
4033. [M] EDB-ID: 36478 "WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload"
4034. [I] indeed-membership-pro
4035. [I] inline-gallery
4036. [M] EDB-ID: 35418 "WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting"
4037. [I] insert-php
4038. [M] EDB-ID: 41308 "WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection"
4039. [I] invit0r
4040. [M] EDB-ID: 37403 "WordPress Plugin Invit0r - 'ofc_upload_image.php' Arbitrary File Upload"
4041. [I] ip-logger
4042. [M] EDB-ID: 17673 "WordPress Plugin IP-Logger 3.0 - SQL Injection"
4043. [I] is-human
4044. [M] EDB-ID: 17299 "WordPress Plugin Is-human 1.4.2 - Remote Command Execution"
4045. [I] islidex
4046. [I] iwant-one-ihave-one
4047. [M] EDB-ID: 16236 "WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities"
4048. [I] jetpack
4049. [M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
4050. [I] jibu-pro
4051. [M] EDB-ID: 45305 "WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting"
4052. [I] joliprint
4053. [M] EDB-ID: 37176 "WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities"
4054. [I] jquery-mega-menu
4055. [M] EDB-ID: 16250 "WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion"
4056. [I] jrss-widget
4057. [M] EDB-ID: 34977 "WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure"
4058. [I] js-appointment
4059. [M] EDB-ID: 17724 "WordPress Plugin Js-appointment 1.5 - SQL Injection"
4060. [I] jtrt-responsive-tables
4061. [M] EDB-ID: 43110 "WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection"
4062. [I] kino-gallery
4063. [I] kish-guest-posting
4064. [I] kittycatfish
4065. [M] EDB-ID: 41919 "WordPress Plugin KittyCatfish 2.2 - SQL Injection"
4066. [I] knews
4067. [M] EDB-ID: 37484 "WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting"
4068. [I] knr-author-list-widget
4069. [M] EDB-ID: 17791 "WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection"
4070. [I] lanoba-social-plugin
4071. [M] EDB-ID: 36326 "WordPress Plugin Lanoba Social 1.0 - 'action' Cross-Site Scripting"
4072. [I] lazy-content-slider
4073. [M] EDB-ID: 40070 "WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)"
4074. [I] lazy-seo
4075. [M] EDB-ID: 28452 "WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload"
4076. [I] lazyest-gallery
4077. [M] EDB-ID: 35435 "WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting"
4078. [I] lb-mixed-slideshow
4079. [M] EDB-ID: 37418 "WordPress Plugin LB Mixed Slideshow - 'upload.php' Arbitrary File Upload"
4080. [I] leaguemanager
4081. [M] EDB-ID: 24789 "WordPress Plugin LeagueManager 3.8 - SQL Injection"
4082. [I] leenkme
4083. [I] levelfourstorefront
4084. [M] EDB-ID: 38158 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection"
4085. [M] EDB-ID: 38159 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID' SQL Injection"
4086. [M] EDB-ID: 38160 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection"
4087. [I] like-dislike-counter-for-posts-pages-and-comments
4088. [M] EDB-ID: 34553 "WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection"
4089. [I] link-library
4090. [M] EDB-ID: 17887 "WordPress Plugin Link Library 5.2.1 - SQL Injection"
4091. [I] lisl-last-image-slider
4092. [I] livesig
4093. [M] EDB-ID: 17864 "WordPress Plugin Livesig 0.4 - Remote File Inclusion"
4094. [I] localize-my-post
4095. [M] EDB-ID: 45439 "WordPress Plugin Localize My Post 1.0 - Local File Inclusion"
4096. [I] mac-dock-gallery
4097. [M] EDB-ID: 19056 "WordPress Plugin Mac Photo Gallery 2.7 - Arbitrary File Upload"
4098. [I] madebymilk
4099. [I] mail-masta
4100. [M] EDB-ID: 40290 "WordPress Plugin Mail Masta 1.0 - Local File Inclusion"
4101. [M] EDB-ID: 41438 "WordPress Plugin Mail Masta 1.0 - SQL Injection"
4102. [I] mailz
4103. [M] EDB-ID: 17866 "WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion"
4104. [M] EDB-ID: 18276 "WordPress Plugin Mailing List - Arbitrary File Download"
4105. [I] media-library-categories
4106. [M] EDB-ID: 17628 "WordPress Plugin Media Library Categories 1.0.6 - SQL Injection"
4107. [I] meenews
4108. [M] EDB-ID: 36340 "WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Cross-Site Scripting"
4109. [I] membership-simplified-for-oap-members-only
4110. [M] EDB-ID: 41622 "Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download"
4111. [I] mingle-forum
4112. [M] EDB-ID: 15943 "WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities"
4113. [M] EDB-ID: 17894 "WordPress Plugin Mingle Forum 1.0.31 - SQL Injection"
4114. [I] mm-forms-community
4115. [M] EDB-ID: 17725 "WordPress Plugin MM Forms Community 1.2.3 - SQL Injection"
4116. [M] EDB-ID: 18997 "WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload"
4117. [I] monsters-editor-10-for-wp-super-edit
4118. [M] EDB-ID: 37654 "WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload"
4119. [I] mukioplayer-for-wordpress
4120. [M] EDB-ID: 38755 "WordPress Plugin mukioplayer4wp - 'cid' SQL Injection"
4121. [I] myflash
4122. [M] EDB-ID: 3828 "Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)"
4123. [I] mystat
4124. [M] EDB-ID: 17740 "WordPress Plugin mySTAT 2.6 - SQL Injection"
4125. [I] nextgen-gallery
4126. [M] EDB-ID: 12098 "WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting"
4127. [M] EDB-ID: 38178 "WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting"
4128. [M] EDB-ID: 39100 "WordPress Plugin NextGEN Gallery - 'jqueryFileTree.php' Directory Traversal"
4129. [I] nextgen-smooth-gallery
4130. [M] EDB-ID: 14541 "WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection"
4131. [I] ocim-mp3
4132. [M] EDB-ID: 39498 "WordPress Plugin Ocim MP3 - SQL Injection"
4133. [I] odihost-newsletter-plugin
4134. [M] EDB-ID: 17681 "WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection"
4135. [I] old-post-spinner
4136. [M] EDB-ID: 16251 "WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion"
4137. [I] olimometer
4138. [M] EDB-ID: 40804 "WordPress Plugin Olimometer 2.56 - SQL Injection"
4139. [I] omni-secure-files
4140. [M] EDB-ID: 19009 "WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload"
4141. [I] oqey-gallery
4142. [M] EDB-ID: 17779 "WordPress Plugin oQey Gallery 0.4.8 - SQL Injection"
4143. [M] EDB-ID: 35288 "WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting"
4144. [I] oqey-headers
4145. [M] EDB-ID: 17730 "WordPress Plugin oQey Headers 0.3 - SQL Injection"
4146. [I] page-flip-image-gallery
4147. [M] EDB-ID: 7543 "Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure"
4148. [I] paid-downloads
4149. [M] EDB-ID: 17797 "WordPress Plugin Paid Downloads 2.01 - SQL Injection"
4150. [M] EDB-ID: 36135 "WordPress Plugin Auctions 1.8.8 - 'wpa_id' SQL Injection"
4151. [I] participants-database
4152. [I] pay-with-tweet.php
4153. [M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
4154. [I] paypal-currency-converter-basic-for-woocommerce
4155. [M] EDB-ID: 37253 "WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read"
4156. [I] peugeot-music-plugin
4157. [M] EDB-ID: 44737 "WordPress Plugin Peugeot Music - Arbitrary File Upload"
4158. [I] photocart-link
4159. [M] EDB-ID: 39623 "WordPress Plugin Photocart Link 1.6 - Local File Inclusion"
4160. [I] photoracer
4161. [M] EDB-ID: 17720 "WordPress Plugin Photoracer 1.0 - SQL Injection"
4162. [M] EDB-ID: 17731 "WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities"
4163. [M] EDB-ID: 8961 "WordPress Plugin Photoracer 1.0 - 'id' SQL Injection"
4164. [I] photosmash-galleries
4165. [M] EDB-ID: 35429 "WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting"
4166. [M] EDB-ID: 38872 "WordPress Plugin PhotoSmash Galleries - 'bwbps-uploader.php' Arbitrary File Upload"
4167. [I] php_speedy_wp
4168. [I] phpfreechat
4169. [M] EDB-ID: 37485 "WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting"
4170. [I] pica-photo-gallery
4171. [M] EDB-ID: 19016 "WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure"
4172. [M] EDB-ID: 19055 "WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload"
4173. [I] pictpress
4174. [M] EDB-ID: 4695 "Karaoke Video Creator 2.2.8 - Denial of Service"
4175. [I] picturesurf-gallery
4176. [M] EDB-ID: 37371 "WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload"
4177. [I] placester
4178. [M] EDB-ID: 35562 "WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting"
4179. [I] player
4180. [I] plg_novana
4181. [I] plugin-dir
4182. [M] EDB-ID: 22853 "WordPress Plugin Facebook Survey 1.0 - SQL Injection"
4183. [I] plugin-newsletter
4184. [M] EDB-ID: 19018 "WordPress Plugin NewsLetter 1.5 - Remote File Disclosure"
4185. [I] podpress
4186. [M] EDB-ID: 38376 "WordPress Plugin podPress - 'playerID' Cross-Site Scripting"
4187. [I] portable-phpmyadmin
4188. [M] EDB-ID: 23356 "WordPress Plugin Portable phpMyAdmin - Authentication Bypass"
4189. [I] post-highlights
4190. [M] EDB-ID: 17790 "WordPress Plugin post highlights 2.2 - SQL Injection"
4191. [I] post-recommendations-for-wordpress
4192. [M] EDB-ID: 37506 "WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion"
4193. [I] powerhouse-museum-collection-image-grid
4194. [M] EDB-ID: 35287 "WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Scripting"
4195. [I] premium_gallery_manager
4196. [I] pretty-link
4197. [M] EDB-ID: 36233 "WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities"
4198. [M] EDB-ID: 36408 "WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting"
4199. [M] EDB-ID: 37196 "WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting"
4200. [M] EDB-ID: 38324 "WordPress Plugin Pretty Link - Cross-Site Scripting"
4201. [I] profiles
4202. [M] EDB-ID: 17739 "WordPress Plugin Profiles 2.0 RC1 - SQL Injection"
4203. [I] proplayer
4204. [M] EDB-ID: 17616 "WordPress Plugin ProPlayer 4.7.7 - SQL Injection"
4205. [M] EDB-ID: 25605 "WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection"
4206. [I] pure-html
4207. [M] EDB-ID: 17758 "WordPress Plugin PureHTML 1.0.0 - SQL Injection"
4208. [I] q-and-a-focus-plus-faq
4209. [M] EDB-ID: 39806 "WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities"
4210. [I] radykal-fancy-gallery
4211. [M] EDB-ID: 19398 "WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload"
4212. [I] rating-widget
4213. [I] rb-agency
4214. [M] EDB-ID: 40333 "WordPress Plugin RB Agency 2.4.7 - Local File Disclosure"
4215. [I] rbxgallery
4216. [M] EDB-ID: 19019 "WordPress Plugin RBX Gallery 2.1 - Arbitrary File Upload"
4217. [I] real3d-flipbook
4218. [M] EDB-ID: 40055 "WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities"
4219. [I] really-easy-slider
4220. [I] really-simple-guest-post
4221. [M] EDB-ID: 37209 "WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion"
4222. [I] recent-backups
4223. [M] EDB-ID: 37752 "WordPress Plugin Recent Backups 0.7 - Arbitrary File Download"
4224. [I] recipe
4225. [M] EDB-ID: 31228 "WordPress Plugin Recipes Blog - 'id' SQL Injection"
4226. [I] reciply
4227. [M] EDB-ID: 35265 "WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload"
4228. [I] reflex-gallery
4229. [M] EDB-ID: 36374 "WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload"
4230. [I] rekt-slideshow
4231. [I] related-sites
4232. [M] EDB-ID: 9054 "Adobe Flash TextField.tabIndex Setter - Use-After-Free"
4233. [I] relocate-upload
4234. [I] rent-a-car
4235. [I] resume-submissions-job-postings
4236. [M] EDB-ID: 19791 "WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload"
4237. [I] revslider
4238. [I] rich-widget
4239. [M] EDB-ID: 37653 "WordPress Plugin Rich Widget - Arbitrary File Upload"
4240. [I] ripe-hd-player
4241. [M] EDB-ID: 24229 "WordPress Plugin Ripe HD FLV Player - SQL Injection"
4242. [I] robotcpa
4243. [M] EDB-ID: 37252 "WordPress Plugin RobotCPA V5 - Local File Inclusion"
4244. [I] rss-feed-reader
4245. [M] EDB-ID: 35261 "WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting"
4246. [I] s3bubble-amazon-s3-html-5-video-with-adverts
4247. [M] EDB-ID: 37494 "WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download"
4248. [I] scormcloud
4249. [M] EDB-ID: 17793 "WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection"
4250. [I] se-html5-album-audio-player
4251. [M] EDB-ID: 37274 "WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal"
4252. [I] search-autocomplete
4253. [M] EDB-ID: 17767 "WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection"
4254. [I] securimage-wp
4255. [M] EDB-ID: 38510 "WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting"
4256. [I] sell-downloads
4257. [M] EDB-ID: 38868 "WordPress Plugin Sell Download 1.0.16 - Local File Disclosure"
4258. [I] sendit
4259. [M] EDB-ID: 17716 "WordPress Plugin SendIt 1.5.9 - Blind SQL Injection"
4260. [I] seo-automatic-seo-tools
4261. [M] EDB-ID: 34975 "WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal"
4262. [I] seo-watcher
4263. [M] EDB-ID: 38782 "WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
4264. [I] sermon-browser
4265. [M] EDB-ID: 17214 "WordPress Plugin SermonBrowser 0.43 - SQL Injection"
4266. [M] EDB-ID: 35657 "WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection"
4267. [I] sexy-contact-form
4268. [M] EDB-ID: 34922 "WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload"
4269. [M] EDB-ID: 35057 "WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload"
4270. [I] sf-booking
4271. [I] sfbrowser
4272. [M] EDB-ID: 19054 "WordPress Plugin SfBrowser 1.4.5 - Arbitrary File Upload"
4273. [I] sfwd-lms
4274. [I] sh-slideshow
4275. [M] EDB-ID: 17748 "WordPress Plugin SH Slideshow 3.1.4 - SQL Injection"
4276. [I] sharebar
4277. [M] EDB-ID: 37201 "WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting"
4278. [I] shiftnav-pro
4279. [I] si-contact-form
4280. [M] EDB-ID: 36050 "WordPress Plugin Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting"
4281. [I] simple-ads-manager
4282. [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
4283. [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
4284. [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
4285. [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
4286. [I] simple-download-button-shortcode
4287. [M] EDB-ID: 19020 "WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure"
4288. [I] simple-fields
4289. [M] EDB-ID: 44425 "WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution"
4290. [I] simple-forum
4291. [I] site-editor
4292. [M] EDB-ID: 44340 "Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion"
4293. [I] site-import
4294. [M] EDB-ID: 39558 "WordPress Plugin Site Import 1.0.1 - Local/Remote File Inclusion"
4295. [I] sitemap v4.3
4296. [I] skysa-official
4297. [M] EDB-ID: 36363 "WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting"
4298. [I] slider-image
4299. [M] EDB-ID: 37361 "WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities"
4300. [I] slideshow-gallery-2
4301. [M] EDB-ID: 36631 "WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting"
4302. [I] slideshow-jquery-image-gallery
4303. [M] EDB-ID: 37948 "WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities"
4304. [I] smart-flv
4305. [M] EDB-ID: 38331 "WordPress Plugin Smart Flv - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities"
4306. [I] smart-google-code-inserter
4307. [I] sniplets
4308. [M] EDB-ID: 5194 "Wansview 1.0.2 - Denial of Service (PoC)"
4309. [I] social-discussions
4310. [M] EDB-ID: 22158 "WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities"
4311. [I] social-slider-2
4312. [M] EDB-ID: 17617 "WordPress Plugin Social Slider 5.6.5 - SQL Injection"
4313. [I] socialfit
4314. [M] EDB-ID: 37481 "WordPress Plugin SocialFit - 'msg' Cross-Site Scripting"
4315. [I] sodahead-polls
4316. [I] sp-client-document-manager
4317. [M] EDB-ID: 35313 "WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection"
4318. [M] EDB-ID: 36576 "WordPress Plugin SP Project & Document Manager 2.5.3 - Blind SQL Injection"
4319. [I] spicy-blogroll
4320. [M] EDB-ID: 26804 "WordPress Plugin Spicy Blogroll - Local File Inclusion"
4321. [I] spider-event-calendar
4322. [I] spiffy
4323. [M] EDB-ID: 38441 "WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection"
4324. [I] st_newsletter
4325. [M] EDB-ID: 31096 "WordPress Plugin ShiftThis NewsLetter - SQL Injection"
4326. [M] EDB-ID: 6777 "Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)"
4327. [I] store-locator-le
4328. [M] EDB-ID: 18989 "WordPress Plugin Google Maps via Store Locator 2.7.1 < 3.0.1 - Multiple Vulnerabilities"
4329. [I] taggator
4330. [I] taggedalbums
4331. [M] EDB-ID: 38023 "WordPress Plugin Tagged Albums - 'id' SQL Injection"
4332. [I] tagninja
4333. [M] EDB-ID: 35300 "WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting"
4334. [I] tera-charts
4335. [M] EDB-ID: 39256 "WordPress Plugin Tera Charts (tera-charts) - '/charts/treemap.php?fn' Directory Traversal"
4336. [M] EDB-ID: 39257 "WordPress Plugin Tera Charts (tera-charts) - '/charts/zoomabletreemap.php?fn' Directory Traversal"
4337. [I] the-welcomizer
4338. [M] EDB-ID: 36445 "WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting"
4339. [I] thecartpress
4340. [M] EDB-ID: 17860 "WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion"
4341. [M] EDB-ID: 36481 "WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting"
4342. [M] EDB-ID: 38869 "WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities"
4343. [I] thinkun-remind
4344. [M] EDB-ID: 19021 "WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure"
4345. [I] tinymce-thumbnail-gallery
4346. [M] EDB-ID: 19022 "WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure"
4347. [I] topquark
4348. [M] EDB-ID: 19053 "WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload"
4349. [I] track-that-stat
4350. [M] EDB-ID: 37204 "WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting"
4351. [I] trafficanalyzer
4352. [M] EDB-ID: 38439 "WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting"
4353. [I] tune-library
4354. [M] EDB-ID: 17816 "WordPress Plugin Tune Library 2.17 - SQL Injection"
4355. [I] ubermenu
4356. [I] ucan-post
4357. [M] EDB-ID: 18390 "WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting"
4358. [I] ultimate-product-catalogue
4359. [M] EDB-ID: 36823 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)"
4360. [M] EDB-ID: 36824 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)"
4361. [M] EDB-ID: 36907 "WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities"
4362. [M] EDB-ID: 39974 "WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation"
4363. [M] EDB-ID: 40012 "WordPress Plugin Ultimate Product Catalog 3.8.6 - Arbitrary File Upload"
4364. [M] EDB-ID: 40174 "WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection"
4365. [I] ungallery
4366. [M] EDB-ID: 17704 "WordPress Plugin UnGallery 1.5.8 - Local File Disclosure"
4367. [I] uploader
4368. [M] EDB-ID: 35255 "WordPress Plugin Uploader 1.0 - 'num' Cross-Site Scripting"
4369. [M] EDB-ID: 38163 "WordPress Plugin Uploader - Arbitrary File Upload"
4370. [M] EDB-ID: 38355 "WordPress Plugin Uploader - 'blog' Cross-Site Scripting"
4371. [I] uploadify-integration
4372. [M] EDB-ID: 37070 "WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities"
4373. [I] uploads
4374. [I] upm-polls
4375. [M] EDB-ID: 17627 "WordPress Plugin UPM Polls 1.0.3 - SQL Injection"
4376. [I] user-avatar
4377. [I] user-meta
4378. [M] EDB-ID: 19052 "WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload"
4379. [I] userpro
4380. [I] users-ultra
4381. [I] verve-meta-boxes
4382. [I] videowhisper-live-streaming-integration
4383. [M] EDB-ID: 31986 "WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities"
4384. [I] videowhisper-video-conference-integration
4385. [M] EDB-ID: 36617 "WordPress Plugin VideoWhisper Video Presentation 3.31.17 - Arbitrary File Upload"
4386. [M] EDB-ID: 36618 "WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload"
4387. [I] videowhisper-video-presentation
4388. [M] EDB-ID: 17771 "WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection"
4389. [M] EDB-ID: 37357 "WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload"
4390. [I] vk-gallery
4391. [I] vodpod-video-gallery
4392. [M] EDB-ID: 34976 "WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting"
4393. [I] wassup
4394. [I] webinar_plugin
4395. [M] EDB-ID: 22300 "WordPress Plugin Easy Webinar - Blind SQL Injection"
4396. [I] webplayer
4397. [I] website-contact-form-with-file-upload
4398. [M] EDB-ID: 36952 "WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion"
4399. [I] website-faq
4400. [M] EDB-ID: 19400 "WordPress Plugin Website FAQ 1.0 - SQL Injection"
4401. [I] wechat-broadcast
4402. [M] EDB-ID: 45438 "WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion"
4403. [I] woocommerce
4404. [I] woopra
4405. [M] EDB-ID: 38783 "WordPress Plugin Woopra Analytics - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
4406. [I] wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg
4407. [M] EDB-ID: 17763 "Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference"
4408. [I] wordpress-member-private-conversation
4409. [M] EDB-ID: 37353 "WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload"
4410. [I] wordpress-processing-embed
4411. [M] EDB-ID: 35066 "WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting"
4412. [I] wordtube
4413. [M] EDB-ID: 3825 "GoodiWare GoodReader iPhone - '.XLS' Denial of Service"
4414. [I] work-the-flow-file-upload
4415. [M] EDB-ID: 36640 "WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload"
4416. [I] wp-adserve
4417. [I] wp-audio-gallery-playlist
4418. [M] EDB-ID: 17756 "WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection"
4419. [I] wp-automatic
4420. [M] EDB-ID: 19187 "WordPress Plugin Automatic 2.0.3 - SQL Injection"
4421. [I] wp-autosuggest
4422. [M] EDB-ID: 45977 "WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection"
4423. [I] wp-autoyoutube
4424. [M] EDB-ID: 18353 "WordPress Plugin wp-autoyoutube - Blind SQL Injection"
4425. [I] wp-bannerize
4426. [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
4427. [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
4428. [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
4429. [I] wp-banners-lite
4430. [M] EDB-ID: 38410 "WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection"
4431. [I] wp-booking-calendar
4432. [M] EDB-ID: 44769 "Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting"
4433. [I] wp-business-intelligence
4434. [M] EDB-ID: 36600 "WordPress Plugin Business Intelligence - SQL Injection (Metasploit)"
4435. [I] wp-business-intelligence-lite
4436. [I] wp-cal
4437. [M] EDB-ID: 4992 "Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)"
4438. [I] wp-comment-remix
4439. [I] wp-content
4440. [M] EDB-ID: 37123 "WordPress Plugin WPsc MijnPress - 'rwflush' Cross-Site Scripting"
4441. [I] wp-copysafe-pdf
4442. [M] EDB-ID: 39254 "WordPress Plugin CopySafe PDF Protection - Arbitrary File Upload"
4443. [I] wp-cumulus
4444. [M] EDB-ID: 10228 "WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting"
4445. [M] EDB-ID: 33371 "WordPress Plugin WP-Cumulus 1.x - 'tagcloud.swf' Cross-Site Scripting"
4446. [I] wp-custom-pages
4447. [M] EDB-ID: 17119 "WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion"
4448. [I] wp-ds-faq
4449. [M] EDB-ID: 17683 "WordPress Plugin DS FAQ 1.3.2 - SQL Injection"
4450. [I] wp-e-commerce
4451. [I] wp-easycart
4452. [M] EDB-ID: 35730 "WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload"
4453. [I] wp-ecommerce-shop-styling
4454. [I] wp-events-calendar
4455. [M] EDB-ID: 44785 "WordPress Plugin Events Calendar - SQL Injection"
4456. [I] wp-featured-post-with-thumbnail
4457. [M] EDB-ID: 35262 "WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting"
4458. [I] wp-filebase
4459. [M] EDB-ID: 17808 "WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection"
4460. [I] wp-filemanager
4461. [M] EDB-ID: 25440 "WordPress Plugin wp-FileManager - Arbitrary File Download"
4462. [M] EDB-ID: 38515 "WordPress Plugin wp-FileManager - 'path' Arbitrary File Download"
4463. [M] EDB-ID: 4844 "STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution"
4464. [I] wp-footnotes
4465. [M] EDB-ID: 31092 "WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities"
4466. [I] wp-forum
4467. [M] EDB-ID: 7738 "WordPress Plugin WP-Forum 1.7.8 - SQL Injection"
4468. [I] wp-glossary
4469. [M] EDB-ID: 18055 "WordPress Plugin Glossary - SQL Injection"
4470. [I] wp-google-drive
4471. [M] EDB-ID: 44435 "WordPress Plugin Google Drive 2.2 - Remote Code Execution"
4472. [I] wp-gpx-maps
4473. [M] EDB-ID: 19050 "WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload"
4474. [I] wp-imagezoom
4475. [M] EDB-ID: 37243 "WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities"
4476. [M] EDB-ID: 37419 "WordPress Plugin Wp-ImageZoom - 'file' Remote File Disclosure"
4477. [I] wp-livephp
4478. [M] EDB-ID: 36483 "WordPress Plugin WP Live.php 1.2.1 - 's' Cross-Site Scripting"
4479. [I] wp-lytebox
4480. [I] wp-marketplace
4481. [I] wp-menu-creator
4482. [M] EDB-ID: 17689 "WordPress Plugin Menu Creator 1.1.7 - SQL Injection"
4483. [I] wp-mobile-detector
4484. [M] EDB-ID: 39891 "WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload"
4485. [I] wp-people
4486. [M] EDB-ID: 31230 "WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection"
4487. [I] wp-polls
4488. [M] EDB-ID: 10256 "WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter"
4489. [I] wp-property
4490. [M] EDB-ID: 18987 "WordPress Plugin WP-Property 1.35.0 - Arbitrary File Upload"
4491. [I] wp-publication-archive
4492. [M] EDB-ID: 35263 "WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure"
4493. [I] wp-realty
4494. [M] EDB-ID: 29021 "WordPress Plugin Realty - Blind SQL Injection"
4495. [M] EDB-ID: 38808 "WordPress Plugin WP-Realty - 'listing_id' SQL Injection"
4496. [M] EDB-ID: 39109 "WordPress Plugin Relevanssi - 'category_name' SQL Injection"
4497. [I] wp-responsive-recent-post-slider
4498. [I] wp-responsive-thumbnail-slider
4499. [M] EDB-ID: 45099 "WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)"
4500. [I] wp-safe-search
4501. [M] EDB-ID: 35067 "WordPress Plugin Safe Search - 'v1' Cross-Site Scripting"
4502. [I] wp-shopping-cart
4503. [M] EDB-ID: 6867 "Apple Mac OSX Software Update - Command Execution (Metasploit)"
4504. [I] wp-social-sharing v2.1
4505. [I] wp-source-control
4506. [M] EDB-ID: 39287 "WordPress Plugin WP Content Source Control - 'download.php' Directory Traversal"
4507. [I] wp-spamfree
4508. [M] EDB-ID: 17970 "WordPress Plugin WP-SpamFree Spam Plugin - SQL Injection"
4509. [I] wp-starsratebox
4510. [M] EDB-ID: 35634 "WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection"
4511. [I] wp-stats-dashboard
4512. [I] wp-support-plus-responsive-ticket-system
4513. [M] EDB-ID: 34589 "SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation"
4514. [I] wp-survey-and-quiz-tool
4515. [M] EDB-ID: 34974 "WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting"
4516. [I] wp-swimteam
4517. [M] EDB-ID: 37601 "WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download"
4518. [I] wp-symposium
4519. [M] EDB-ID: 17679 "WordPress Plugin Symposium 0.64 - SQL Injection"
4520. [M] EDB-ID: 35505 "WordPress Plugin Symposium 14.10 - SQL Injection"
4521. [M] EDB-ID: 35543 "WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload"
4522. [M] EDB-ID: 37822 "WordPress Plugin WP Symposium 15.1 - Blind SQL Injection"
4523. [M] EDB-ID: 37824 "WordPress Plugin WP Symposium 15.1 - 'get_album_item.php' SQL Injection"
4524. [I] wp-syntax
4525. [M] EDB-ID: 9431 "Adobe Photoshop CC / Bridge CC - '.iff' Parsing Memory Corruption"
4526. [I] wp-table
4527. [M] EDB-ID: 3824 "Office^2 iPhone - '.XLS' Denial of Service"
4528. [I] wp-table-reloaded
4529. [M] EDB-ID: 38251 "WordPress Plugin WP-Table Reloaded - 'id' Cross-Site Scripting"
4530. [I] wp-twitter-feed
4531. [M] EDB-ID: 35084 "WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting"
4532. [I] wp-whois
4533. [M] EDB-ID: 36488 "WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting"
4534. [I] wp-with-spritz
4535. [M] EDB-ID: 44544 "WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion"
4536. [I] wpSS
4537. [M] EDB-ID: 39279 "WordPress Plugin wpSS - 'ss_handler.php' SQL Injection"
4538. [M] EDB-ID: 5486 "PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Plaintext Data Memory Leak Denial of Service"
4539. [I] wp_rokintroscroller
4540. [M] EDB-ID: 38767 "WordPress Plugin RokIntroScroller - 'thumb.php' Multiple Vulnerabilities"
4541. [I] wp_rokmicronews
4542. [M] EDB-ID: 38768 "WordPress Plugin RokMicroNews - 'thumb.php' Multiple Vulnerabilities"
4543. [I] wp_roknewspager
4544. [M] EDB-ID: 38756 "WordPress Plugin RokNewsPager - 'thumb.php' Multiple Vulnerabilities"
4545. [I] wp_rokstories
4546. [M] EDB-ID: 38757 "WordPress Plugin RokStories - 'thumb.php' Multiple Vulnerabilities"
4547. [I] wpeasystats
4548. [M] EDB-ID: 17862 "WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion"
4549. [I] wpforum
4550. [M] EDB-ID: 17684 "WordPress Plugin Forum 1.7.8 - SQL Injection"
4551. [I] wpmarketplace
4552. [M] EDB-ID: 18988 "WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload"
4553. [I] wpsite-background-takeover
4554. [M] EDB-ID: 44417 "WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal"
4555. [I] wpstorecart
4556. [M] EDB-ID: 19023 "ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions"
4557. [I] wptf-image-gallery
4558. [M] EDB-ID: 37751 "WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download"
4559. [I] wptouch
4560. [M] EDB-ID: 18039 "WordPress Plugin wptouch - SQL Injection"
4561. [I] x7host-videox7-ugc-plugin
4562. [M] EDB-ID: 35257 "WordPress Plugin Videox7 UGC 2.5.3.2 - 'listid' Cross-Site Scripting"
4563. [M] EDB-ID: 35264 "WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting"
4564. [I] xcloner-backup-and-restore
4565. [M] EDB-ID: 16246 "Joomla! Component com_xcloner-backupandrestore - Remote Command Execution"
4566. [I] xerte-online
4567. [M] EDB-ID: 38157 "WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload"
4568. [I] xml-and-csv-import-in-article-content
4569. [M] EDB-ID: 39576 "WordPress Plugin Import CSV 1.0 - Directory Traversal"
4570. [I] xorbin-analog-flash-clock
4571. [M] EDB-ID: 38608 "WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Cross-Site Scripting"
4572. [I] xorbin-digital-flash-clock
4573. [M] EDB-ID: 38621 "WordPress Plugin Xorbin Digital Flash Clock - 'widgetUrl' Cross-Site Scripting"
4574. [I] yolink-search
4575. [M] EDB-ID: 17757 "WordPress Plugin yolink Search 1.1.4 - SQL Injection"
4576. [I] yousaytoo-auto-publishing-plugin
4577. [M] EDB-ID: 36620 "WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting"
4578. [I] yt-audio-streaming-audio-from-youtube
4579. [M] EDB-ID: 35394 "WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting"
4580. [I] zarzadzanie_kontem
4581. [M] EDB-ID: 38050 "WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload"
4582. [I] zingiri-forum
4583. [M] EDB-ID: 38101 "WordPress Plugin Zingiri Forums - 'language' Local File Inclusion"
4584. [I] zingiri-web-shop
4585. [M] EDB-ID: 17867 "WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion"
4586. [M] EDB-ID: 37406 "WordPress Plugin Zingiri Web Shop 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload"
4587. [M] EDB-ID: 38046 "WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload"
4588. [I] zotpress
4589. [M] EDB-ID: 17778 "WordPress Plugin Zotpress 4.4 - SQL Injection"
4590. [I] Checking for Directory Listing Enabled ...
4591. [L] https://www.foi.org/wp-admin/css
4592. [L] https://www.foi.org/wp-admin/images
4593. [L] https://www.foi.org/wp-admin/includes
4594. [L] https://www.foi.org/wp-admin/js
4595. [L] https://www.foi.org/wp-admin/maint
4596. [-] Date & Time: 22/01/2019 20:23:24
4597. [-] Completed in: 0:29:50
4598. #######################################################################################################################################
4599. Anonymous JTSEC #OpIsraël Full Recon #1