Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- EMAIL:
- email 01 - eu@brunofraga.me
- email 02 - bruno@tecnicasdeinvasao.com
- email 03 - brunofraga.net@gmail.com
- FACEBOOK:
- Erik Amoedo: https://www.facebook.com/erick.amoedo?fref=ts
- Login: NAO ENCONTRADO
- Senha: NAO ENCONTRADA
- Bruno Fraga: https://www.facebook.com/profile.brunofraga
- Login: brunofraga.net@gmail.com
- Senha: NAO ENCONTRADA
- Gabriel Brito: https://www.facebook.com/GabrieD.Brito?fref=ts
- Login: NAO ENCONTRADO
- Senha: NAO ENCONTRADA
- VIMEO:
- https://vimeo.com/brunofraga
- Login: brunofraga.net@gmail.com
- Senha: xxxxaxxxxx
- SITE:
- IP'S:
- 104.31.81.172
- 104.31.80.172
- PLATAFORMA:
- wordpress.
- campo de login: http://tecnicasdeinvasao.com/wp-login.php?redirect_to=http%3A%2F%2Ftecnicasdeinvasao.com%2Fwp-admin%2F&reauth=1
- Login-email: bruno@tecnicasdeinvasao.com
- Senha: NAO ENCONTRADA
- PORTAS TCP ABERTAS:
- PORT STATE SERVICE
- 80/tcp open http #SERVIÇO USADO -> Cloudflare nginx # http-dombased-xss: DOM baseado em XSS.
- #varias vulnerabilidades dentro de xss
- 443/tcp open https/ssl/http #SERVIÇO USADO -> Cloudflare nginx
- 8080/tcp open http-proxy/http #SERVIÇO USADO -> cloudflare-nginx
- 8443/tcp open https-alt/ssl/http #SERVIÇO USADO -> cloudflare-nginx
- PORTA TCP FILTRADAS:
- 21/tcp filtered ftp #POSSIVEL ATAQUE
- 22/tcp filtered ssh #POSSIVEL ATAQUE
- 25/tcp filtered smtp #POSSIVEL ATAQUE
- 445/tcp filtered microsoft-ds #POSSIVEL ATAQUE
- HTTP WORDPRESS
- | http-wordpress-users:
- | Username found: bruno/" />
- | <meta property="og:locale" content="en_US" />
- | <meta property="og:type" content="object" />
- | <meta property="og:title" content="Bruno Fraga, Autor em tecnicasdeinvasao.com" />
- | <meta property="og:url" content="http://tecnicasdeinvasao.com/author/bruno/" />
- | <meta property="og:site_name" content="tecnicasdeinvasao.com" />
- | <meta name="twitter:card" content="summary" />
- | <meta name="twitter:title" content="Bruno Fraga, Autor em tecnicasdeinvasao.com" />
- | <!-- / Yoast SEO plugin. -->
- |
- | <link rel="alternate" type="application/rss+xml" title="tecnicasdeinvasao.com » Feed" href="http://tecnicasdeinvasao.com
- | Username found: gabriel-brito/" />
- | <meta property="og:locale" content="en_US" />
- | <meta property="og:type" content="object" />
- | <meta property="og:title" content="Gabriel Brito, Autor em tecnicasdeinvasao.com" />
- | <meta property="og:url" content="http://tecnicasdeinvasao.com/author/gabriel-brito/" />
- | <meta property="og:site_name" content="tecnicasdeinvasao.com" />
- | <meta name="twitter:card" content="summary" />
- | <meta name="twitter:title" content="Gabriel Brito, Autor em tecnicasdeinvasao.com" />
- | <!-- / Yoast SEO plugin. -->
- |
- | <link rel="alternate" type="application/rss+xml" title="tecnicasdeinvasao.com » Feed" href="http://tecnicasdeinvasao.com
- |_Search stopped at ID #25. 'http-wordpress-users.limit'
- PLUGINS E TEMAS WORDPRESS
- | http-wordpress-enum:
- | Search limited to top 100 themes/plugins
- | themes
- | twentytwelve
- | sahifa
- | twentyfourteen
- | Avada
- | twentyten
- | twentyeleven
- | jarida
- | Divi
- | optimizePressTheme
- | hueman
- | enfold
- | canvas
- | Newspaper
- | twentythirteen
- | responsive
- | OptimizePress
- | genesis
- | point
- | thesis_185
- | graphene
- | suffusion
- | detube
- | salient
- | thesis
- | atahualpa
- | news
- | lifestyle
- | u-design
- | dt-the7
- | valenti
- | iconic-one
- | hottopix
- | mesocolumn
- | magazine-pro
- | headway
- | arras
- | default
- | smart-mag
- | vantage
- | premium
- | simplemag
- | news-pro
- | magazine
- | thesis_18
- | pinboard
- | lifestyle-pro
- | Nexus
- | frontier
- | customizr
- | foodie
- | metro-pro
- | jupiter
- | mantra
- | vip
- | magazine-basic
- | gonzo
- | x
- | prose
- | pagelines
- | maxmag
- | classipress
- | eleven40-pro
- | eleven40
- | mystique
- | metro
- | socrates
- | Avenue
- | modernbloggerpro
- | flatsome
- | mh-magazine-lite
- | kallyas
- | braxton
- | freshlife
- | thesis_182
- | inovado
- | weaver-ii
- | ribbon
- | clipper
- | inove
- | truepixel
- | Karma
- | catch-box
- | newsplus
- | max-magazine
- | genesis-sample
- | mh_magazine
- | gazette
- | presso
- | admired
- | weaver-ii-pro
- | virtue
- | theme
- | directorypress
- | sparkling
- | hiero
- | evolve
- | parabola
- | extranews
- | Aggregate
- | thesis_184
- | plugins
- | akismet
- | contact-form-7
- | all-in-one-seo-pack
- | google-sitemap-generator
- | wordpress-seo
- | jetpack
- | nextgen-gallery
- | wordpress-importer
- | google-analytics-for-wordpress
- | wp-super-cache
- | wptouch
- | si-contact-form
- | wp-pagenavi
- | woocommerce
- | tinymce-advanced
- | w3-total-cache
- | wordfence
- | google-analyticator
- | add-to-any
- | better-wp-security
- | stats
- | yet-another-related-posts-plugin
- | wysija-newsletters
- | wp-e-commerce
- | broken-link-checker
- | really-simple-captcha
- | advanced-custom-fields
- | contact-form-plugin
- | ultimate-tinymce
- | buddypress
- | sociable
- | captcha
- | wp-to-twitter
- | sexybookmarks
- | wp-db-backup
- | addthis
- | share-this
- | si-captcha-for-wordpress
- | redirection
- | smart-youtube
- | facebook
- | wp-polls
- | add-link-to-facebook
- | breadcrumb-navxt
- | gtranslate
- | bbpress
- | seo-ultimate
- | page-links-to
- | disqus-comment-system
- | regenerate-thumbnails
- | subscribe2
- | user-role-editor
- | wp-security-scan
- | backwpup
- | xhanch-my-twitter
- | wp-optimize
- | vipers-video-quicktags
- | wp-maintenance-mode
- | simple-tags
- | updraftplus
- | wp-postviews
- | bulletproof-security
- | qtranslate
- | social-media-widget
- | ml-slider
- | seo-image
- | social-networks-auto-poster-facebook-twitter-g
- | image-widget
- | google-analytics-dashboard-for-wp
- | wordpress-23-related-posts-plugin
- | wp-dbmanager
- | newsletter
- | twitter-tools
- | the-events-calendar
- | backupwordpress
- | lightbox-plus
- | wp-photo-album-plus
- | shareaholic
- | wp-slimstat
- | flash-album-gallery
- | wp-postratings
- | disable-comments
- | wp-multibyte-patch
- | contact-form-7-to-database-extension
- | gallery-plugin
- | secure-wordpress
- | platinum-seo-pack
- | really-simple-facebook-twitter-share-buttons
- | googleanalytics
- | shortcodes-ultimate
- | wp-smushit
- | events-manager
- | video-playlist-and-gallery-plugin
- | worker
- | black-studio-tinymce-widget
- | twitter-widget-pro
- | podpress
- | theme-my-login
- | exclude-pages
- |_ wp-mail-smtp
- SSL CIPHERS:
- | ssl-enum-ciphers:
- | TLSv1.0:
- | ciphers:
- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
- | compressors:
- | NULL
- | cipher preference: server
- | TLSv1.1:
- | ciphers:
- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
- | compressors:
- | NULL
- | cipher preference: server
- | TLSv1.2:
- | ciphers:
- | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
- | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
- | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
- | compressors:
- | NULL
- | cipher preference: server
- |_ least strength: C
- POSSIVEL VULNERABILIDADES:
- +---------------------------------------------1-----------------------------------------+
- |_http-dombased-xss: Couldn't find any DOM based XSS. |
- | http-enum: |
- | /images/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' |
- |_ /shared/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' |
- |_http-fileupload-exploiter: |
- |_http-frontpage-login: false |
- |_http-stored-xss: Couldn't find any stored XSS vulnerabilities. |
- +---------------------------------------------------------------------------------------+
- POSSIBILIDADES DE OS
- Linux 3.12 - 3.18 (92%), Crestron XPanel control system (90%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (90%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (88%), OpenWrt White Russian 0.9 (Linux 2.4.30) (88%), Linux 3.18 (88%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement