API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 11th, 2017
450
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.40 KB | None | 0 0
raw download clone embed print report
  1. EMAIL:
  2. email 01 - eu@brunofraga.me
  3. email 02 - bruno@tecnicasdeinvasao.com
  4. email 03 - brunofraga.net@gmail.com
  5.  
  6. FACEBOOK:
  7. Erik Amoedo: https://www.facebook.com/erick.amoedo?fref=ts
  8. Login: NAO ENCONTRADO
  9. Senha: NAO ENCONTRADA
  10. Bruno Fraga: https://www.facebook.com/profile.brunofraga
  11. Login: brunofraga.net@gmail.com
  12. Senha: NAO ENCONTRADA
  13.  
  14. Gabriel Brito: https://www.facebook.com/GabrieD.Brito?fref=ts
  15. Login: NAO ENCONTRADO
  16. Senha: NAO ENCONTRADA
  17. VIMEO:
  18. https://vimeo.com/brunofraga
  19. Login: brunofraga.net@gmail.com
  20. Senha: xxxxaxxxxx
  21. SITE:
  22. IP'S:
  23. 104.31.81.172
  24. 104.31.80.172
  25.  
  26. PLATAFORMA:
  27. wordpress.
  28. campo de login: http://tecnicasdeinvasao.com/wp-login.php?redirect_to=http%3A%2F%2Ftecnicasdeinvasao.com%2Fwp-admin%2F&reauth=1
  29. Login-email: bruno@tecnicasdeinvasao.com
  30. Senha: NAO ENCONTRADA
  31.  
  32. PORTAS TCP ABERTAS:
  33. PORT STATE SERVICE
  34. 80/tcp open http #SERVIÇO USADO -> Cloudflare nginx # http-dombased-xss: DOM baseado em XSS.
  35. #varias vulnerabilidades dentro de xss
  36.  
  37. 443/tcp open https/ssl/http #SERVIÇO USADO -> Cloudflare nginx
  38. 8080/tcp open http-proxy/http #SERVIÇO USADO -> cloudflare-nginx
  39. 8443/tcp open https-alt/ssl/http #SERVIÇO USADO -> cloudflare-nginx
  40.  
  41. PORTA TCP FILTRADAS:
  42. 21/tcp filtered ftp #POSSIVEL ATAQUE
  43. 22/tcp filtered ssh #POSSIVEL ATAQUE
  44. 25/tcp filtered smtp #POSSIVEL ATAQUE
  45. 445/tcp filtered microsoft-ds #POSSIVEL ATAQUE
  46.  
  47. HTTP WORDPRESS
  48. | http-wordpress-users:
  49. | Username found: bruno/" />
  50. | <meta property="og:locale" content="en_US" />
  51. | <meta property="og:type" content="object" />
  52. | <meta property="og:title" content="Bruno Fraga, Autor em tecnicasdeinvasao.com" />
  53. | <meta property="og:url" content="http://tecnicasdeinvasao.com/author/bruno/" />
  54. | <meta property="og:site_name" content="tecnicasdeinvasao.com" />
  55. | <meta name="twitter:card" content="summary" />
  56. | <meta name="twitter:title" content="Bruno Fraga, Autor em tecnicasdeinvasao.com" />
  57. | <!-- / Yoast SEO plugin. -->
  58. |
  59. | <link rel="alternate" type="application/rss+xml" title="tecnicasdeinvasao.com &raquo; Feed" href="http://tecnicasdeinvasao.com
  60. | Username found: gabriel-brito/" />
  61. | <meta property="og:locale" content="en_US" />
  62. | <meta property="og:type" content="object" />
  63. | <meta property="og:title" content="Gabriel Brito, Autor em tecnicasdeinvasao.com" />
  64. | <meta property="og:url" content="http://tecnicasdeinvasao.com/author/gabriel-brito/" />
  65. | <meta property="og:site_name" content="tecnicasdeinvasao.com" />
  66. | <meta name="twitter:card" content="summary" />
  67. | <meta name="twitter:title" content="Gabriel Brito, Autor em tecnicasdeinvasao.com" />
  68. | <!-- / Yoast SEO plugin. -->
  69. |
  70. | <link rel="alternate" type="application/rss+xml" title="tecnicasdeinvasao.com &raquo; Feed" href="http://tecnicasdeinvasao.com
  71. |_Search stopped at ID #25. 'http-wordpress-users.limit'
  72.  
  73. PLUGINS E TEMAS WORDPRESS
  74. | http-wordpress-enum:
  75. | Search limited to top 100 themes/plugins
  76. | themes
  77. | twentytwelve
  78. | sahifa
  79. | twentyfourteen
  80. | Avada
  81. | twentyten
  82. | twentyeleven
  83. | jarida
  84. | Divi
  85. | optimizePressTheme
  86. | hueman
  87. | enfold
  88. | canvas
  89. | Newspaper
  90. | twentythirteen
  91. | responsive
  92. | OptimizePress
  93. | genesis
  94. | point
  95. | thesis_185
  96. | graphene
  97. | suffusion
  98. | detube
  99. | salient
  100. | thesis
  101. | atahualpa
  102. | news
  103. | lifestyle
  104. | u-design
  105. | dt-the7
  106. | valenti
  107. | iconic-one
  108. | hottopix
  109. | mesocolumn
  110. | magazine-pro
  111. | headway
  112. | arras
  113. | default
  114. | smart-mag
  115. | vantage
  116. | premium
  117. | simplemag
  118. | news-pro
  119. | magazine
  120. | thesis_18
  121. | pinboard
  122. | lifestyle-pro
  123. | Nexus
  124. | frontier
  125. | customizr
  126. | foodie
  127. | metro-pro
  128. | jupiter
  129. | mantra
  130. | vip
  131. | magazine-basic
  132. | gonzo
  133. | x
  134. | prose
  135. | pagelines
  136. | maxmag
  137. | classipress
  138. | eleven40-pro
  139. | eleven40
  140. | mystique
  141. | metro
  142. | socrates
  143. | Avenue
  144. | modernbloggerpro
  145. | flatsome
  146. | mh-magazine-lite
  147. | kallyas
  148. | braxton
  149. | freshlife
  150. | thesis_182
  151. | inovado
  152. | weaver-ii
  153. | ribbon
  154. | clipper
  155. | inove
  156. | truepixel
  157. | Karma
  158. | catch-box
  159. | newsplus
  160. | max-magazine
  161. | genesis-sample
  162. | mh_magazine
  163. | gazette
  164. | presso
  165. | admired
  166. | weaver-ii-pro
  167. | virtue
  168. | theme
  169. | directorypress
  170. | sparkling
  171. | hiero
  172. | evolve
  173. | parabola
  174. | extranews
  175. | Aggregate
  176. | thesis_184
  177. | plugins
  178. | akismet
  179. | contact-form-7
  180. | all-in-one-seo-pack
  181. | google-sitemap-generator
  182. | wordpress-seo
  183. | jetpack
  184. | nextgen-gallery
  185. | wordpress-importer
  186. | google-analytics-for-wordpress
  187. | wp-super-cache
  188. | wptouch
  189. | si-contact-form
  190. | wp-pagenavi
  191. | woocommerce
  192. | tinymce-advanced
  193. | w3-total-cache
  194. | wordfence
  195. | google-analyticator
  196. | add-to-any
  197. | better-wp-security
  198. | stats
  199. | yet-another-related-posts-plugin
  200. | wysija-newsletters
  201. | wp-e-commerce
  202. | broken-link-checker
  203. | really-simple-captcha
  204. | advanced-custom-fields
  205. | contact-form-plugin
  206. | ultimate-tinymce
  207. | buddypress
  208. | sociable
  209. | captcha
  210. | wp-to-twitter
  211. | sexybookmarks
  212. | wp-db-backup
  213. | addthis
  214. | share-this
  215. | si-captcha-for-wordpress
  216. | redirection
  217. | smart-youtube
  218. | facebook
  219. | wp-polls
  220. | add-link-to-facebook
  221. | breadcrumb-navxt
  222. | gtranslate
  223. | bbpress
  224. | seo-ultimate
  225. | page-links-to
  226. | disqus-comment-system
  227. | regenerate-thumbnails
  228. | subscribe2
  229. | user-role-editor
  230. | wp-security-scan
  231. | backwpup
  232. | xhanch-my-twitter
  233. | wp-optimize
  234. | vipers-video-quicktags
  235. | wp-maintenance-mode
  236. | simple-tags
  237. | updraftplus
  238. | wp-postviews
  239. | bulletproof-security
  240. | qtranslate
  241. | social-media-widget
  242. | ml-slider
  243. | seo-image
  244. | social-networks-auto-poster-facebook-twitter-g
  245. | image-widget
  246. | google-analytics-dashboard-for-wp
  247. | wordpress-23-related-posts-plugin
  248. | wp-dbmanager
  249. | newsletter
  250. | twitter-tools
  251. | the-events-calendar
  252. | backupwordpress
  253. | lightbox-plus
  254. | wp-photo-album-plus
  255. | shareaholic
  256. | wp-slimstat
  257. | flash-album-gallery
  258. | wp-postratings
  259. | disable-comments
  260. | wp-multibyte-patch
  261. | contact-form-7-to-database-extension
  262. | gallery-plugin
  263. | secure-wordpress
  264. | platinum-seo-pack
  265. | really-simple-facebook-twitter-share-buttons
  266. | googleanalytics
  267. | shortcodes-ultimate
  268. | wp-smushit
  269. | events-manager
  270. | video-playlist-and-gallery-plugin
  271. | worker
  272. | black-studio-tinymce-widget
  273. | twitter-widget-pro
  274. | podpress
  275. | theme-my-login
  276. | exclude-pages
  277. |_ wp-mail-smtp
  278.  
  279.  
  280.  
  281. SSL CIPHERS:
  282. | ssl-enum-ciphers:
  283. | TLSv1.0:
  284. | ciphers:
  285. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
  286. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
  287. | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
  288. | compressors:
  289. | NULL
  290. | cipher preference: server
  291. | TLSv1.1:
  292. | ciphers:
  293. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
  294. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
  295. | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
  296. | compressors:
  297. | NULL
  298. | cipher preference: server
  299. | TLSv1.2:
  300. | ciphers:
  301. | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
  302. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
  303. | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
  304. | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
  305. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
  306. | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
  307. | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
  308. | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
  309. | compressors:
  310. | NULL
  311. | cipher preference: server
  312. |_ least strength: C
  313.  
  314.  
  315.  
  316. POSSIVEL VULNERABILIDADES:
  317.  
  318. +---------------------------------------------1-----------------------------------------+
  319. |_http-dombased-xss: Couldn't find any DOM based XSS. |
  320. | http-enum: |
  321. | /images/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' |
  322. |_ /shared/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' |
  323. |_http-fileupload-exploiter: |
  324. |_http-frontpage-login: false |
  325. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities. |
  326. +---------------------------------------------------------------------------------------+
  327.  
  328. POSSIBILIDADES DE OS
  329. Linux 3.12 - 3.18 (92%), Crestron XPanel control system (90%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (90%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (88%), OpenWrt White Russian 0.9 (Linux 2.4.30) (88%), Linux 3.18 (88%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!