API tools faq
paste
AnonymousSriLanka

Channel4.COM - JOBS/WEB APPLICATION FIREWALL SERVER - Leaked

AnonymousSriLanka
Mar 16th, 2012
333
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.78 KB
raw download clone embed print report
  1. Channel4.COM - JOBS/WEB APPLICATION FIREWALL SERVER - Leaked..!!
  2. (ATTACK NON-INTRUSIVE) - WAF INFO/SSL-TLS/GOOGLE AND RESTRICTED INFO
  3.  
  4. PROJECT DEDICATION: PROJECT SARADIYEL (http://en.wikipedia.org/wiki/Uthuwankande_Soora_Saradiyel)
  5.  
  6. EXCLUSIVE FROM - Anonymous Sri Lanka
  7.  
  8. WWW.CHANNEL4.COM -----> Servers Fuck3D and Bust3D
  9.  
  10. Primary Server Data Leak with Transferring (Data Leak)....!!
  11.  
  12. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
  13.  
  14.  
  15. THIS ATTACK AGAINST THE DIRTIEST THINGS AGAINST THE SRI LANKA BY CHANNEL-4 .........!!!!!
  16.  
  17.  
  18. SERVER: jobs.channel4.com (89.234.58.1)
  19.  
  20. 80/tcp open http syn-ack
  21. |
  22. |_http-title: Channel 4 : Current Vacancies - Current vacancies
  23. |_http-methods: No Allow or Public header in OPTIONS response (status code 404)
  24. | http-waf-detect: IDS/IPS/WAF detected:
  25. |_89.234.58.1:80/?p4yl04d3=<script>alert(document.cookie)</script>
  26. | http-headers:
  27. | Content-Type: text/html; charset=utf-8
  28. | Content-Length: 18654
  29. | Date: Fri, 16 Mar 2012 13:13:04 GMT
  30. | X-Powered-By: ASP.NET
  31. | Cache-Control: private
  32. |
  33. |_ (Request type: HEAD)
  34. |
  35. | http-affiliate-id:
  36. |_ Google Analytics ID: UA-3576948-15
  37. |
  38. | http-php-version: Logo query returned unknown hash 1e433f48854ee3ca587b7254c799d52f
  39. |_Credits query returned unknown hash 1e433f48854ee3ca587b7254c799d52f
  40. |
  41. | http-enum:
  42. | /robots.txt: Robots file
  43. |_ /Pages/Default.aspx: MS Sharepoint
  44.  
  45. 443/tcp open https syn-ack
  46. |
  47. | ssl-cert: Subject:
  48.  
  49. commonName=jobs.channel4.com/organizationName=jobs.channel4.com/countryName=GB/serialNumber=IfMGSkA28HJoRNYsKTX1zyYk80ekVsNr/organizational
  50.  
  51. UnitName=Domain Control Validated - RapidSSL(R)
  52. | Issuer: commonName=RapidSSL CA/organizationName=GeoTrust, Inc./countryName=US
  53. | Public Key type: rsa
  54. | Public Key bits: 1024
  55. | Not valid before: 2011-12-28 22:43:47
  56. | Not valid after: 2013-01-30 02:10:53
  57. | MD5: fac6 a8a5 ac1c 1a18 245d cc1f 8d94 29c5
  58. | SHA-1: ca62 14fd da90 68d1 4d85 6571 3b7a 8831 5338 3cea
  59. | -----BEGIN CERTIFICATE-----
  60. | MIIEUDCCAzigAwIBAgIDBI+HMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
  61. | MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew
  62. | HhcNMTExMjI4MjI0MzQ3WhcNMTMwMTMwMDIxMDUzWjCB6TEpMCcGA1UEBRMgSWZN
  63. | R1NrQTI4SEpvUk5Zc0tUWDF6eVlrODBla1ZzTnIxCzAJBgNVBAYTAkdCMRowGAYD
  64. | VQQKExFqb2JzLmNoYW5uZWw0LmNvbTETMBEGA1UECxMKR1QyMDQ3MjAwODExMC8G
  65. | A1UECxMoU2VlIHd3dy5yYXBpZHNzbC5jb20vcmVzb3VyY2VzL2NwcyAoYykxMTEv
  66. | MC0GA1UECxMmRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUmFwaWRTU0woUikx
  67. | GjAYBgNVBAMTEWpvYnMuY2hhbm5lbDQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN
  68. | ADCBiQKBgQCv8gep1P8udICZVVPa/XWj1iuuUEyZPcgTkIkeRaxnrmAdSXtT9CEL
  69. | Djhco859SEzhU166KA290fmhRFZVJmKlzrQHFfzXzghx+/ZRC4hSdSe3Gt+dO3bt
  70. | 5eHPcMv6trFSSv6A08sYVPjJhPa21rDROZUbvfhfTONEvAFgnmddlQIDAQABo4IB
  71. | LzCCASswHwYDVR0jBBgwFoAUa2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/
  72. | BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAcBgNVHREEFTAT
  73. | ghFqb2JzLmNoYW5uZWw0LmNvbTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vcmFw
  74. | aWRzc2wtY3JsLmdlb3RydXN0LmNvbS9jcmxzL3JhcGlkc3NsLmNybDAdBgNVHQ4E
  75. | FgQUsOujljuC33BYvs/Bxa84UzpNjYowDAYDVR0TAQH/BAIwADBJBggrBgEFBQcB
  76. | AQQ9MDswOQYIKwYBBQUHMAKGLWh0dHA6Ly9yYXBpZHNzbC1haWEuZ2VvdHJ1c3Qu
  77. | Y29tL3JhcGlkc3NsLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAQzbr54qDiLaXJl3n
  78. | m70yNI2CDZEZJ154BUXWKPvcFtirKN2hjGvbGbJ2ix08UUAqIHA7AVVb4tZAQDtd
  79. | pHmVXlTSf3SB6k0UnQYJ/rIFsx+ov1uBuGG/sbIgrgygE9VEgF1ARIAn/YueT75C
  80. | iH2P+Dp+iZwE+oS0zPp0spjhI7PxLAVfqD6i4NOO0KgzcEscGFIqJ8rpWzQI6vfH
  81. | nvq5C6LlbI81BX53r6ZQIDIFl1FeUcb0phYdzMlT05DX//+dh/bz7cVMbzjdaLbW
  82. | b0ds2VnJZn0AODsx02D6olGkUCk0orzX+w6LepB6DJFUe2uUhgnyESbvYYcpn9wd
  83. | PhY4Pg==
  84. |_-----END CERTIFICATE-----
  85. |
  86. |_/
  87. | http-php-version: Logo query returned unknown hash 3864edfa2124069a3c041227ec03efb9
  88. |_Credits query returned unknown hash dee0feda8b227569785b8302208e646a
  89. |
  90. | http-title: Object moved
  91. |_Did not follow redirect to http://89.234.58.1/Default.aspx
  92. |
  93. | http-waf-detect: IDS/IPS/WAF detected:
  94. |_89.234.58.1:443/?p4yl04d3=<script>alert(document.cookie)</script>
  95. | http-headers:
  96. | Cache-Control: private
  97. | Content-Length: 148
  98. | Content-Type: text/html; charset=utf-8
  99. | Location: http://89.234.58.1/Default.aspx
  100. | X-Powered-By: ASP.NET
  101. | Date: Fri, 16 Mar 2012 13:13:28 GMT
  102. | Connection: close
  103. |
  104. |_ (Request type: GET)
  105. |
  106. | ssl-enum-ciphers:
  107. | SSLv3
  108. | Ciphers (3)
  109. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  110. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  111. | TLS_RSA_WITH_RC4_128_SHA - strong
  112. | Compressors (1)
  113. | NULL
  114. | TLSv1.0
  115. | Ciphers (3)
  116. | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
  117. | TLS_RSA_WITH_RC4_128_MD5 - unknown strength
  118. | TLS_RSA_WITH_RC4_128_SHA - strong
  119. | Compressors (1)
  120. | NULL
  121. |_ Least strength = unknown strength
  122. | http-enum:
  123. | /admin/: Possible admin folder
  124. | /admin/login.aspx: Possible admin folder
  125. | /Admin/: Possible admin folder
  126. |_ /robots.txt: Robots file
  127.  
  128. Host script results:
  129. |
  130. |_path-mtu: PMTU == 1500
  131. | asn-query:
  132. | BGP: 89.234.0.0/18 | Country: GB
  133. | Origin AS: 15395 - UK Rackspace
  134. |_ Peer AS: 174 3257 3356 6461 6939 8928
  135. | whois: Record found at whois.ripe.net
  136. | inetnum: 89.234.0.0 - 89.234.63.255
  137. | netname: UK-RACKSPACE-20060517
  138. | descr: Rackspace.com
  139. | country: GB
  140. | orgname: Rackspace.com
  141. | organisation: ORG-RA33-RIPE
  142. | email: hostmaster@rackspace.com
  143. | role: Rackspace Managed Hosting Contact Role
  144. | email: hostmaster@rackspace.com
  145. | person: Dennis Boline
  146. |_email: db-ripe@rackspace.com
  147. | ip-geolocation-geobytes:
  148. | 89.234.58.1
  149. | coordinates (lat,lon): 41.865,-87.6718
  150. |_ city: Chicago, Illinois, United States
  151. |_ipidseq: Random Positive Increments [used port 80]
  152. | qscan:
  153. | PORT FAMILY MEAN (us) STDDEV LOSS (%)
  154. | 80 0 409138.10 67959.95 0.0%
  155. |_443 0 405567.20 35504.22 0.0%
RAW Paste Data
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!