Anonymous JTSEC #OpSudan Full Recon #93

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.ncr.gov.sd ISP NICDC
4. Continent Africa Flag
5. SD
6. Country Sudan Country Code SD
7. Region Unknown Local time 15 Jun 2019 08:44 CAT
8. City Unknown Postal Code Unknown
9. IP Address 62.12.105.2 Latitude 15
10. Longitude 30
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > www.ncr.gov.sd
14. Server: 185.93.180.131
15. Address: 185.93.180.131#53
16.  
17. Non-authoritative answer:
18. Name: www.ncr.gov.sd
19. Address: 62.12.105.2
20. >
21. #######################################################################################################################################
22. [+] Target : www.ncr.gov.sd
23.  
24. [+] IP Address : 62.12.105.2
25.  
26. [+] Headers :
27.  
28. [+] Server : nginx
29. [+] Date : Sun, 16 Jun 2019 12:57:47 GMT
30. [+] Content-Type : text/html; charset=utf-8
31. [+] Transfer-Encoding : chunked
32. [+] Connection : keep-alive
33. [+] X-Powered-By : PHP/5.6.40, PleskLin
34. [+] P3P : CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
35. [+] Cache-Control : no-cache
36. [+] Pragma : no-cache
37. [+] Set-Cookie : e0ddbc0e0e8bfa0175c84685f00835f0=jjs4mp25sqjbkc3c9kgmibm2c6; path=/
38.  
39. [+] SSL Certificate Information :
40.  
41. [+] countryName : US
42. [+] stateOrProvinceName : Washington
43. [+] localityName : Seattle
44. [+] organizationName : Odin
45. [+] organizationalUnitName : Plesk
46. [+] commonName : Plesk
47. [+] emailAddress : info@plesk.com
48. [+] countryName : US
49. [+] stateOrProvinceName : Washington
50. [+] localityName : Seattle
51. [+] organizationName : Odin
52. [+] organizationalUnitName : Plesk
53. [+] commonName : Plesk
54. [+] emailAddress : info@plesk.com
55. [+] Version : 1
56. [+] Serial Number : 5716EC1B
57. [+] Not Before : Apr 20 02:40:27 2016 GMT
58. [+] Not After : Apr 20 02:40:27 2017 GMT
59.  
60. [+] Whois Lookup :
61.  
62. [+] NIR : None
63. [+] ASN Registry : afrinic
64. [+] ASN : 327881
65. [+] ASN CIDR : 62.12.105.0/24
66. [+] ASN Country Code : SD
67. [+] ASN Date : 2015-05-11
68. [+] ASN Description : NICDC, SD
69. [+] cidr : 62.12.105.0/24
70. [+] name : ORG-MoTa1-AFRINIC
71. [+] handle : IAEI1-AFRINIC
72. [+] range : 62.12.105.0 - 62.12.105.255
73. [+] description : National Information Center (NIC)
74. [+] country : SD
75. [+] state : None
76. [+] city : None
77. [+] address : National Information Center (NIC)
78. [+] postal_code : None
79. [+] emails : None
80. [+] created : None
81. [+] updated : None
82.  
83. [+] Crawling Target...
84.  
85. [+] Looking for robots.txt........[ Found ]
86. [+] Extracting robots Links.......[ 16 ]
87. [+] Looking for sitemap.xml.......[ Not Found ]
88. [+] Extracting CSS Links..........[ 17 ]
89. [+] Extracting Javascript Links...[ 10 ]
90. [+] Extracting Internal Links.....[ 1 ]
91. [+] Extracting External Links.....[ 12 ]
92. [+] Extracting Images.............[ 14 ]
93.  
94. [+] Total Links Extracted : 70
95.  
96. [+] Dumping Links in /opt/FinalRecon/dumps/www.ncr.gov.sd.dump
97. [+] Completed!
98. #######################################################################################################################################
99. [+] Starting At 2019-06-16 09:55:17.850170
100. [+] Collecting Information On: www.ncr.gov.sd
101. [#] Status: 200
102. ---------------------------------------------------------------------------------------------------------------------------------------
103. [#] Web Server Detected: nginx
104. [#] X-Powered-By: PleskLin
105. [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
106. - Server: nginx
107. - Date: Sun, 16 Jun 2019 12:57:46 GMT
108. - Content-Type: text/html
109. - Content-Length: 7199
110. - Connection: keep-alive
111. - Last-Modified: Mon, 03 Mar 2014 12:38:04 GMT
112. - ETag: "1c1f-4f3b30f0c4300"
113. - Accept-Ranges: bytes
114. - X-Powered-By: PleskLin
115. ---------------------------------------------------------------------------------------------------------------------------------------
116. [#] Finding Location..!
117. [#] as: AS327881 National Information Center (NIC)
118. [#] city: Khartoum
119. [#] country: Sudan
120. [#] countryCode: SD
121. [#] isp: National Information Center
122. [#] lat: 15.5007
123. [#] lon: 32.5599
124. [#] org: ORG MoTa1 AFRINIC
125. [#] query: 62.12.105.2
126. [#] region: KH
127. [#] regionName: Khartoum
128. [#] status: success
129. [#] timezone: Africa/Khartoum
130. [#] zip:
131. ---------------------------------------------------------------------------------------------------------------------------------------
132. [x] Didn't Detect WAF Presence on: https://www.ncr.gov.sd/
133. ---------------------------------------------------------------------------------------------------------------------------------------
134. [#] Starting Reverse DNS
135. [!] Found 20 any Domain
136. - agricmi.gov.sd
137. - cpd.gov.sd
138. - eastgezira.gov.sd
139. - fdrf.gov.sd
140. - health.gov.sd
141. - kassalamoe.gov.sd
142. - mocit.gov.sd
143. - mohgs.gov.sd
144. - nbtc.gov.sd
145. - nccw.gov.sd
146. - ncr.gov.sd
147. - nileuniversity.edu.sd
148. - rivernilestate.gov.sd
149. - rnspolice.gov.sd
150. - sloc.gov.sd
151. - sudan.gov.sd
152. - unionkhr.sd
153. - wgpolice.gov.sd
154. - www.moi.gov.sd
155. - www.sudan.gov.sd
156. ---------------------------------------------------------------------------------------------------------------------------------------
157. [!] Scanning Open Port
158. [#] 21/tcp open ftp
159. [#] 80/tcp open http
160. [#] 110/tcp open pop3
161. [#] 143/tcp open imap
162. [#] 443/tcp open https
163. [#] 993/tcp open imaps
164. [#] 995/tcp open pop3s
165. [#] 8443/tcp open https-alt
166. ---------------------------------------------------------------------------------------------------------------------------------------
167. [+] Collecting Information Disclosure!
168. #######################################################################################################################################
169. [i] Scanning Site: http://www.ncr.gov.sd
170.  
171.  
172.  
173. B A S I C I N F O
174. ====================
175.  
176.  
177. [+] Site Title: المركز القومي للبحوث
178. [+] IP address: 62.12.105.2
179. [+] Web Server: nginx
180. [+] CMS: Joomla
181. [+] Cloudflare: Not Detected
182. [+] Robots File: Found
183.  
184. -------------[ contents ]----------------
185. # If the Joomla site is installed within a folder such as at
186. # e.g. www.example.com/joomla/ the robots.txt file MUST be
187. # moved to the site root at e.g. www.example.com/robots.txt
188. # AND the joomla folder name MUST be prefixed to the disallowed
189. # path, e.g. the Disallow rule for the /administrator/ folder
190. # MUST be changed to read Disallow: /joomla/administrator/
191. #
192. # For more information about the robots.txt standard, see:
193. # http://www.robotstxt.org/orig.html
194. #
195. # For syntax checking, see:
196. # http://www.sxw.org.uk/computing/robots/check.html
197.  
198. User-agent: *
199. Disallow: /administrator/
200. Disallow: /cache/
201. Disallow: /cli/
202. Disallow: /components/
203. Disallow: /images/
204. Disallow: /includes/
205. Disallow: /installation/
206. Disallow: /language/
207. Disallow: /libraries/
208. Disallow: /logs/
209. Disallow: /media/
210. Disallow: /modules/
211. Disallow: /plugins/
212. Disallow: /templates/
213. Disallow: /tmp/
214.  
215.  
216. -----------[end of contents]-------------
217. #######################################################################################################################################
218.  
219.  
220.  
221. G E O I P L O O K U P
222. =========================
223.  
224. [i] IP Address: 62.12.105.2
225. [i] Country: Sudan
226. [i] State:
227. [i] City:
228. [i] Latitude: 15.0
229. [i] Longitude: 30.0
230. #######################################################################################################################################
231.  
232.  
233.  
234. H T T P H E A D E R S
235. =======================
236.  
237.  
238. [i] HTTP/1.1 200 OK
239. [i] Server: nginx
240. [i] Date: Sun, 16 Jun 2019 12:57:49 GMT
241. [i] Content-Type: text/html; charset=utf-8
242. [i] Connection: close
243. [i] X-Powered-By: PHP/5.6.40
244. [i] P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
245. [i] Cache-Control: no-cache
246. [i] Pragma: no-cache
247. [i] Set-Cookie: e0ddbc0e0e8bfa0175c84685f00835f0=pi0hq3r6gblqvo3n78l1srmkv4; path=/
248. [i] X-Powered-By: PleskLin
249. #######################################################################################################################################
250.  
251.  
252.  
253. D N S L O O K U P
254. ===================
255.  
256. ncr.gov.sd. 21595 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017072600 10800 900 604800 86400
257. ncr.gov.sd. 21595 IN NS ns0.ndc.gov.sd.
258. ncr.gov.sd. 21595 IN NS ns1.ndc.gov.sd.
259. ncr.gov.sd. 21595 IN A 62.12.105.2
260. ncr.gov.sd. 21595 IN MX 10 mail.ncr.gov.sd.
261. ncr.gov.sd. 21595 IN TXT "v=spf1 mx -all"
262. #######################################################################################################################################
263.  
264.  
265.  
266. S U B N E T C A L C U L A T I O N
267. ====================================
268.  
269. Address = 62.12.105.2
270. Network = 62.12.105.2 / 32
271. Netmask = 255.255.255.255
272. Broadcast = not needed on Point-to-Point links
273. Wildcard Mask = 0.0.0.0
274. Hosts Bits = 0
275. Max. Hosts = 1 (2^0 - 0)
276. Host Range = { 62.12.105.2 - 62.12.105.2 }
277. #######################################################################################################################################
278.  
279.  
280. N M A P P O R T S C A N
281. ============================
282.  
283. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 13:55 UTC
284. Nmap scan report for ncr.gov.sd (62.12.105.2)
285. Host is up (0.20s latency).
286. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
287.  
288. PORT STATE SERVICE
289. 21/tcp open ftp
290. 22/tcp filtered ssh
291. 23/tcp filtered telnet
292. 80/tcp open http
293. 110/tcp open pop3
294. 143/tcp open imap
295. 443/tcp open https
296. 3389/tcp filtered ms-wbt-server
297.  
298. Nmap done: 1 IP address (1 host up) scanned in 2.50 seconds
299.  
300. #######################################################################################################################################
301. Enter Address Website = ncr.gov.sd
302.  
303.  
304.  
305. Reversing IP With HackTarget 'ncr.gov.sd'
306. --------------------------------------------
307.  
308. [+] dalil.sd
309. [+] f03-web02.nic.gov.sd
310. [+] gras.gov.sd
311. [+] hasahisa.gov.sd
312. [+] maadin.gov.sd
313. [+] mail.gras.gov.sd
314. [+] mail.his.gov.sd
315. [+] mail.moekh.gov.sd
316. [+] mail.nahralnileinvest.gov.sd
317. [+] mail.nileuniversity.edu.sd
318. [+] mail.ocewc.gov.sd
319. [+] mail.sas.edu.sd
320. [+] mail.snapcw.gov.sd
321. [+] mail.sudan.gov.sd
322. [+] mocit.gov.sd
323. [+] napo.gov.sd
324. [+] nbtc.gov.sd
325. [+] ndcc.gov.sd
326. [+] nileuniversity.edu.sd
327. [+] redseastate.gov.sd
328. [+] rivernilestate.gov.sd
329. [+] rnspolice.gov.sd
330. [+] sas.edu.sd
331. [+] sloc.gov.sd
332. [+] sudan.gov.sd
333. [+] webmail.mic.gov.sd
334. [+] www.gazirastate.gov.sd
335. [+] www.gisc.gov.sd
336. [+] www.kassalamoe.gov.sd
337. [+] www.ksp.gov.sd
338. [+] www.moi.gov.sd
339. [+] www.nccw.gov.sd
340. [+] www.ndcc.gov.sd
341. [+] www.nileuniversity.edu.sd
342. [+] www.nswtoa.gov.sd
343. [+] www.redseastate.gov.sd
344. [+] www.rivernilestate.gov.sd
345. [+] www.scvta.gov.sd
346. [+] www.sloc.gov.sd
347. [+] www.wrc.org.sd
348. #######################################################################################################################################
349.  
350.  
351. Reverse IP With YouGetSignal 'ncr.gov.sd'
352. --------------------------------------------
353.  
354. [*] IP: 62.12.105.2
355. [*] Domain: ncr.gov.sd
356. [*] Total Domains: 20
357.  
358. [+] agricmi.gov.sd
359. [+] cpd.gov.sd
360. [+] eastgezira.gov.sd
361. [+] fdrf.gov.sd
362. [+] health.gov.sd
363. [+] kassalamoe.gov.sd
364. [+] mocit.gov.sd
365. [+] mohgs.gov.sd
366. [+] nbtc.gov.sd
367. [+] nccw.gov.sd
368. [+] ncr.gov.sd
369. [+] nileuniversity.edu.sd
370. [+] rivernilestate.gov.sd
371. [+] rnspolice.gov.sd
372. [+] sloc.gov.sd
373. [+] sudan.gov.sd
374. [+] unionkhr.sd
375. [+] wgpolice.gov.sd
376. [+] www.moi.gov.sd
377. [+] www.sudan.gov.sd
378. #######################################################################################################################################
379.  
380.  
381. Geo IP Lookup 'ncr.gov.sd'
382. -----------------------------
383.  
384. [+] IP Address: 62.12.105.2
385. [+] Country: Sudan
386. [+] State:
387. [+] City:
388. [+] Latitude: 15.0
389. [+] Longitude: 30.0
390. #######################################################################################################################################
391.  
392.  
393. Bypass Cloudflare 'ncr.gov.sd'
394. ---------------------------------
395.  
396. [!] CloudFlare Bypass 62.12.105.2 | webmail.ncr.gov.sd
397. [!] CloudFlare Bypass 62.12.105.2 | mail.ncr.gov.sd
398. [!] CloudFlare Bypass 62.12.105.2 | www.ncr.gov.sd
399. #######################################################################################################################################
400.  
401.  
402. DNS Lookup 'ncr.gov.sd'
403. --------------------------
404.  
405. [+] ncr.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017072600 10800 900 604800 86400
406. [+] ncr.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
407. [+] ncr.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
408. [+] ncr.gov.sd. 21599 IN A 62.12.105.2
409. [+] ncr.gov.sd. 21599 IN MX 10 mail.ncr.gov.sd.
410. [+] ncr.gov.sd. 21599 IN TXT "v=spf1 mx -all"
411. #######################################################################################################################################
412.  
413.  
414. Show HTTP Header 'ncr.gov.sd'
415. --------------------------------
416.  
417. [+] HTTP/1.1 200 OK
418. [+] Server: nginx
419. [+] Date: Sun, 16 Jun 2019 12:57:50 GMT
420. [+] Content-Type: text/html; charset=utf-8
421. [+] Connection: keep-alive
422. [+] X-Powered-By: PHP/5.6.40
423. [+] P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
424. [+] Cache-Control: no-cache
425. [+] Pragma: no-cache
426. [+] Set-Cookie: e0ddbc0e0e8bfa0175c84685f00835f0=fjrg79tequ20i5pghuelf4fmt1; path=/
427. [+] X-Powered-By: PleskLin
428. #######################################################################################################################################
429.  
430. Port Scan 'ncr.gov.sd'
431. -------------------------
432.  
433. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 13:55 UTC
434. Nmap scan report for ncr.gov.sd (62.12.105.2)
435. Host is up (0.20s latency).
436. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
437.  
438. PORT STATE SERVICE
439. 21/tcp open ftp
440. 22/tcp filtered ssh
441. 23/tcp filtered telnet
442. 80/tcp open http
443. 110/tcp open pop3
444. 143/tcp open imap
445. 443/tcp open https
446. 3389/tcp filtered ms-wbt-server
447.  
448. Nmap done: 1 IP address (1 host up) scanned in 3.46 seconds
449. #######################################################################################################################################
450.  
451. Cms Scan 'ncr.gov.sd'
452. ------------------------
453.  
454. [+] Cms : Joomla
455. [+] Web Servers : Nginx
456. [+] Programming Languages : PHP
457. #######################################################################################################################################
458.  
459.  
460. Robot.txt 'ncr.gov.sd'
461. -------------------------
462.  
463. # If the Joomla site is installed within a folder such as at
464. # e.g. www.example.com/joomla/ the robots.txt file MUST be
465. # moved to the site root at e.g. www.example.com/robots.txt
466. # AND the joomla folder name MUST be prefixed to the disallowed
467. # path, e.g. the Disallow rule for the /administrator/ folder
468. # MUST be changed to read Disallow: /joomla/administrator/
469. #
470. # For more information about the robots.txt standard, see:
471. # http://www.robotstxt.org/orig.html
472. #
473. # For syntax checking, see:
474. # http://www.sxw.org.uk/computing/robots/check.html
475.  
476. User-agent: *
477. Disallow: /administrator/
478. Disallow: /cache/
479. Disallow: /cli/
480. Disallow: /components/
481. Disallow: /images/
482. Disallow: /includes/
483. Disallow: /installation/
484. Disallow: /language/
485. Disallow: /libraries/
486. Disallow: /logs/
487. Disallow: /media/
488. Disallow: /modules/
489. Disallow: /plugins/
490. Disallow: /templates/
491. Disallow: /tmp/
492. #######################################################################################################################################
493.  
494.  
495. Traceroute 'ncr.gov.sd'
496. --------------------------
497.  
498. Start: 2019-06-16T13:55:32+0000
499. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
500. 1.|-- 45.79.12.201 0.0% 3 0.6 0.7 0.6 0.9 0.2
501. 2.|-- 45.79.12.0 0.0% 3 0.5 1.3 0.5 2.8 1.3
502. 3.|-- ix-et-5-1-2-0.tcore1.dt8-dallas.as6453.net 0.0% 3 1.6 1.3 1.2 1.6 0.2
503. 4.|-- if-ae-2-2.tcore2.dt8-dallas.as6453.net 0.0% 3 145.8 145.7 145.6 145.8 0.1
504. 5.|-- if-ae-34-2.tcore1.lvw-los-angeles.as6453.net 0.0% 3 139.4 140.2 139.3 142.0 1.5
505. 6.|-- if-ae-2-2.tcore2.lvw-los-angeles.as6453.net 0.0% 3 133.9 133.4 133.0 133.9 0.5
506. 7.|-- if-et-53-2.hcore2.kv8-chiba.as6453.net 0.0% 3 137.9 138.9 137.9 140.8 1.6
507. 8.|-- if-ae-24-2.tcore2.tv2-tokyo.as6453.net 0.0% 3 145.1 145.0 145.0 145.1 0.0
508. 9.|-- 180.87.181.34 0.0% 3 139.2 139.4 139.2 139.6 0.2
509. 10.|-- ae0.0.pjr02.wad001.flagtel.com 0.0% 3 290.8 291.8 290.8 293.7 1.6
510. 11.|-- ge-0-2-0.0.pjr02.hkg005.flagtel.com 0.0% 3 292.0 291.8 291.3 292.1 0.4
511. 12.|-- so-3-0-0.0.pjr02.mmb004.flagtel.com 0.0% 3 291.2 291.4 291.2 291.6 0.2
512. 13.|-- xe-8-3-0.0.pjr04.mmb004.flagtel.com 0.0% 3 267.0 267.7 267.0 268.6 0.8
513. 14.|-- xe-11-0-1.0.pjr04.dxb001.flagtel.com 0.0% 3 291.0 291.2 291.0 291.4 0.2
514. 15.|-- 80.77.2.42 0.0% 3 266.4 266.3 266.2 266.4 0.1
515. 16.|-- 196.29.177.113 0.0% 3 269.8 269.8 269.7 269.8 0.1
516. 17.|-- 197.254.196.62 0.0% 3 272.9 273.4 272.9 274.0 0.5
517. 18.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
518. #######################################################################################################################################
519.  
520.  
521. Page Admin Finder 'ncr.gov.sd'
522. ---------------------------------
523.  
524.  
525.  
526. Avilable Links :
527.  
528. Find Page >> http://ncr.gov.sd/administrator/
529.  
530. Find Page >> http://ncr.gov.sd/administrator/index.php
531. #######################################################################################################################################
532. Trying "ncr.gov.sd"
533. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26726
534. ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 2
535.  
536. ;; QUESTION SECTION:
537. ;ncr.gov.sd. IN ANY
538.  
539. ;; ANSWER SECTION:
540. ncr.gov.sd. 86400 IN TXT "v=spf1 mx -all"
541. ncr.gov.sd. 86400 IN MX 10 mail.ncr.gov.sd.
542. ncr.gov.sd. 86400 IN A 62.12.105.2
543. ncr.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017072600 10800 900 604800 86400
544. ncr.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
545. ncr.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
546.  
547. ;; AUTHORITY SECTION:
548. ncr.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
549. ncr.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
550.  
551. ;; ADDITIONAL SECTION:
552. ns1.ndc.gov.sd. 12531 IN A 62.12.109.3
553. ns0.ndc.gov.sd. 12531 IN A 62.12.109.2
554.  
555. Received 236 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 371 ms
556. #######################################################################################################################################
557. ; <<>> DiG 9.11.5-P4-5-Debian <<>> ncr.gov.sd ns
558. ;; global options: +cmd
559. ;; Got answer:
560. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3526
561. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
562.  
563. ;; OPT PSEUDOSECTION:
564. ; EDNS: version: 0, flags:; udp: 4096
565. ;; QUESTION SECTION:
566. ;ncr.gov.sd. IN NS
567.  
568. ;; ANSWER SECTION:
569. ncr.gov.sd. 84259 IN NS ns1.ndc.gov.sd.
570. ncr.gov.sd. 84259 IN NS ns0.ndc.gov.sd.
571.  
572. ;; Query time: 33 msec
573. ;; SERVER: 38.132.106.139#53(38.132.106.139)
574. ;; WHEN: dim jun 16 10:27:56 EDT 2019
575. ;; MSG SIZE rcvd: 79
576. ######################################################################################################################################
577. ; <<>> DiG 9.11.5-P4-5-Debian <<>> +trace ncr.gov.sd
578. ;; global options: +cmd
579. . 83966 IN NS l.root-servers.net.
580. . 83966 IN NS f.root-servers.net.
581. . 83966 IN NS g.root-servers.net.
582. . 83966 IN NS d.root-servers.net.
583. . 83966 IN NS h.root-servers.net.
584. . 83966 IN NS e.root-servers.net.
585. . 83966 IN NS k.root-servers.net.
586. . 83966 IN NS a.root-servers.net.
587. . 83966 IN NS i.root-servers.net.
588. . 83966 IN NS m.root-servers.net.
589. . 83966 IN NS c.root-servers.net.
590. . 83966 IN NS b.root-servers.net.
591. . 83966 IN NS j.root-servers.net.
592. . 83966 IN RRSIG NS 8 0 518400 20190629050000 20190616040000 25266 . PP10xVvgFP8E/QTmJS0CuNphW+3a4CM9z/vNH/Tf97Q6DMRRoXheaT71 OC9A2R8uDT7jRHwv8hq/3sZijaJ62FWImkU6WEhvTecllaQuk2NApCCf EB6vjXe+yed9TV1rQbLu87C757E0Wu7VuihVGcLRgTk2skEpVQZ2FFgx 2AxyadeCnYOEcMOte8SkQ2p8j+GiMf8TK/cfD4DU/Ih5rvUHrxJxeJwF Jb1sgpA5K7HgMfDyOdlOchCXckpJG66RaH858zsG8G35WALxCPN0GHqp oo2g88vVz+bVCDp+Mh3H6ySx+/+cKnBCcJSZgt/YP9pwRFlx9eTZl3+Z F6PLWw==
593. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 36 ms
594.  
595. sd. 172800 IN NS ans2.canar.sd.
596. sd. 172800 IN NS ans1.canar.sd.
597. sd. 172800 IN NS ns1.uaenic.ae.
598. sd. 172800 IN NS sd.cctld.authdns.ripe.net.
599. sd. 172800 IN NS ns2.uaenic.ae.
600. sd. 172800 IN NS ans1.sis.sd.
601. sd. 172800 IN NS ns-sd.afrinic.net.
602. sd. 86400 IN NSEC se. NS RRSIG NSEC
603. sd. 86400 IN RRSIG NSEC 8 1 86400 20190629050000 20190616040000 25266 . yziPFV0NtbF+d6N2faDv5uZ0ztYPMZ3+rp7ti8Crxm/wNExNrQ4xermT TDAC8Ab21NOQ77NfeJqV11Af0ZrZckITiQokyOArMcypoecYZVuagIp/ m/c/z5AXBuShuTSGGwH/bnmiSur1RIJ8Z7dPQNttPojK5feNdyGGx2II gmZL9/3WuPJf+THMrd8+Cn/HLqFGSolx1WlFVFAY7FtJrz4NaM5dVGAH OTCK+0Kv/8v5AWQynu7VzCnzADVpiccQpsHDpcNbhnireSNJCXbyAoEg H5swVj7+h6LR3QcZ2gJpsicPU2KurR9Vw8izseo8Wi81yj4EnZrfyblL 6IS57Q==
604. ;; Received 697 bytes from 2001:503:ba3e::2:30#53(a.root-servers.net) in 47 ms
605.  
606. gov.sd. 14400 IN NS sd.cctld.authdns.ripe.net.
607. gov.sd. 14400 IN NS ns1.uaenic.ae.
608. gov.sd. 14400 IN NS ns2.uaenic.ae.
609. gov.sd. 14400 IN NS ans1.sis.sd.
610. gov.sd. 14400 IN NS ans1.canar.sd.
611. gov.sd. 14400 IN NS ans2.canar.sd.
612. gov.sd. 14400 IN NS ns-sd.afrinic.net.
613. ;; Received 266 bytes from 196.216.168.26#53(ns-sd.afrinic.net) in 273 ms
614.  
615. ncr.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
616. ncr.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
617. ;; Received 111 bytes from 193.0.9.109#53(sd.cctld.authdns.ripe.net) in 101 ms
618.  
619. ncr.gov.sd. 86400 IN A 62.12.105.2
620. ncr.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
621. ncr.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
622. ;; Received 127 bytes from 62.12.109.2#53(ns0.ndc.gov.sd) in 232 ms
623. #######################################################################################################################################
624.  
625.  
626. AVAILABLE PLUGINS
627. --------------------------------------------------------------------------------------------------------------------------------------
628.  
629. SessionRenegotiationPlugin
630. FallbackScsvPlugin
631. OpenSslCipherSuitesPlugin
632. EarlyDataPlugin
633. HttpHeadersPlugin
634. CertificateInfoPlugin
635. OpenSslCcsInjectionPlugin
636. RobotPlugin
637. CompressionPlugin
638. SessionResumptionPlugin
639. HeartbleedPlugin
640.  
641.  
642.  
643. CHECKING HOST(S) AVAILABILITY
644. --------------------------------------------------------------------------------------------------------------------------------------
645.  
646. 62.12.105.2:443 => 62.12.105.2
647.  
648.  
649.  
650.  
651. SCAN RESULTS FOR 62.12.105.2:443 - 62.12.105.2
652. --------------------------------------------------------------------------------------------------------------------------------------
653.  
654. * TLSV1_3 Cipher Suites:
655. Server rejected all cipher suites.
656.  
657. * Certificate Information:
658. Content
659. SHA1 Fingerprint: 14796658f80369878f4254739eaf97e150dd2d68
660. Common Name: Plesk
661. Issuer: Plesk
662. Serial Number: 1461120027
663. Not Before: 2016-04-20 02:40:27
664. Not After: 2017-04-20 02:40:27
665. Signature Algorithm: sha256
666. Public Key Algorithm: RSA
667. Key Size: 2048
668. Exponent: 65537 (0x10001)
669. DNS Subject Alternative Names: []
670.  
671. Trust
672. Hostname Validation: FAILED - Certificate does NOT match 62.12.105.2
673. Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate
674. iOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
675. Java CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
676. macOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
677. Mozilla CA Store (2018-11-22): FAILED - Certificate is NOT Trusted: self signed certificate
678. OPENJDK CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
679. Windows CA Store (2018-12-08): FAILED - Certificate is NOT Trusted: self signed certificate
680. Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
681. Received Chain: Plesk
682. Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
683. Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
684. Received Chain Order: OK - Order is valid
685. Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
686.  
687. Extensions
688. OCSP Must-Staple: NOT SUPPORTED - Extension not found
689. Certificate Transparency: NOT SUPPORTED - Extension not found
690.  
691. OCSP Stapling
692. NOT SUPPORTED - Server did not send back an OCSP response
693.  
694. * Session Renegotiation:
695. Client-initiated Renegotiation: OK - Rejected
696. Secure Renegotiation: OK - Supported
697.  
698. * Downgrade Attacks:
699. TLS_FALLBACK_SCSV: OK - Supported
700.  
701. * OpenSSL Heartbleed:
702. OK - Not vulnerable to Heartbleed
703.  
704. * TLSV1_1 Cipher Suites:
705. Forward Secrecy OK - Supported
706. RC4 OK - Not Supported
707.  
708. Preferred:
709. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
710. Accepted:
711. TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
712. TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
713. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
714. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
715. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
716. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
717.  
718. * TLSV1_2 Cipher Suites:
719. Forward Secrecy OK - Supported
720. RC4 OK - Not Supported
721.  
722. Preferred:
723. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
724. Accepted:
725. TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
726. TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
727. TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
728. TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
729. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
730. TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
731. TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
732. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
733. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
734. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
735. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
736. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
737. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
738. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
739.  
740. * TLSV1 Cipher Suites:
741. Forward Secrecy OK - Supported
742. RC4 OK - Not Supported
743.  
744. Preferred:
745. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
746. Accepted:
747. TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
748. TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
749. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
750. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
751. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
752. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
753.  
754. * OpenSSL CCS Injection:
755. OK - Not vulnerable to OpenSSL CCS injection
756.  
757. * SSLV2 Cipher Suites:
758. Server rejected all cipher suites.
759.  
760. * SSLV3 Cipher Suites:
761. Server rejected all cipher suites.
762.  
763. * Deflate Compression:
764. OK - Compression disabled
765.  
766. * TLS 1.2 Session Resumption Support:
767. With Session IDs: NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
768. With TLS Tickets: OK - Supported
769.  
770. * ROBOT Attack:
771. OK - Not vulnerable
772.  
773.  
774. SCAN COMPLETED IN 22.25 S
775. -------------------------------------------------------------------------------------------------------------------------------------
776. #######################################################################################################################################
777. adding 62.12.105.2/32 mode `TCPscan' ports `7,9,11,13,18,19,21-23,25,37,39,42,49,50,53,65,67-70,79-81,88,98,100,105-107,109-111,113,118,119,123,129,135,137-139,143,150,161-164,174,177-179,191,199-202,204,206,209,210,213,220,345,346,347,369-372,389,406,407,422,443-445,487,500,512-514,517,518,520,525,533,538,548,554,563,587,610-612,631-634,636,642,653,655,657,666,706,750-752,765,779,808,873,901,923,941,946,992-995,1001,1023-1030,1080,1210,1214,1234,1241,1334,1349,1352,1423-1425,1433,1434,1524,1525,1645,1646,1649,1701,1718,1719,1720,1723,1755,1812,1813,2048-2050,2101-2104,2140,2150,2233,2323,2345,2401,2430,2431,2432,2433,2583,2628,2776,2777,2988,2989,3050,3130,3150,3232,3306,3389,3456,3493,3542-3545,3632,3690,3801,4000,4400,4321,4567,4899,5002,5136-5139,5150,5151,5222,5269,5308,5354,5355,5422-5425,5432,5503,5555,5556,5678,6000-6007,6346,6347,6543,6544,6789,6838,6666-6670,7000-7009,7028,7100,7983,8079-8082,8088,8787,8879,9090,9101-9103,9325,9359,10000,10026,10027,10067,10080,10081,10167,10498,11201,15345,17001-17003,18753,20011,20012,21554,22273,26274,27374,27444,27573,31335-31338,31787,31789,31790,31791,32668,32767-32780,33390,47262,49301,54320,54321,57341,58008,58009,58666,59211,60000,60006,61000,61348,61466,61603,63485,63808,63809,64429,65000,65506,65530-65535' pps 300
778. using interface(s) eth0
779. added module payload for port 80 proto 6
780. added module payload for port 518 proto 17
781. added module payload for port 1900 proto 17
782. added module payload for port 5060 proto 17
783. added module payload for port 80 proto 6
784. added module payload for port 53 proto 17
785. scaning 1.00e+00 total hosts with 3.38e+02 total packets, should take a little longer than 8 Seconds
786. drone type Unknown on fd 4 is version 1.1
787. drone type Unknown on fd 3 is version 1.1
788. added module payload for port 80 proto 6
789. added module payload for port 518 proto 17
790. added module payload for port 1900 proto 17
791. added module payload for port 5060 proto 17
792. added module payload for port 80 proto 6
793. added module payload for port 53 proto 17
794. scan iteration 1 out of 1
795. using pcap filter: `dst 192.168.0.52 and ! src 192.168.0.52 and (tcp)'
796. using TSC delay
797. sender statistics 299.9 pps with 338 packets sent total
798. listener statistics 0 packets recieved 0 packets droped and 0 interface drops
799. #######################################################################################################################################
800. =======================================================================================================================================
801. | E-mails:
802. | [+] E-mail Found: ebtihalalassam@hotmail.com
803. | [+] E-mail Found: rssa@ncr.gov.sd
804. | [+] E-mail Found: lologimiabi@hotmail.com
805. | [+] E-mail Found: hashim225@hotmail.com
806. | [+] E-mail Found: kevinh@kevcom.com
807. | [+] E-mail Found: swiba888@hotmail.com
808. | [+] E-mail Found: rikbe2015@gmail.com,
809. | [+] E-mail Found: saad_krom@yahoo.com
810. | [+] E-mail Found: rikbe2015@gmail.co
811. | [+] E-mail Found: cbge@ncr.net
812. | [+] E-mail Found: rikbe2015@gmail.com
813. | [+] E-mail Found: lubnatag@hotmail.com
814. | [+] E-mail Found: ashtmri@gmail.com
815. | [+] E-mail Found: mike@hyperreal.org
816. | [+] E-mail Found: rikbe2015@ncr.gov.sd
817. | [+] E-mail Found: rikbe2015@ncr.gov.com
818. | [+] E-mail Found: info@ncr.gov.sd
819. | [+] E-mail Found: abdullasharief@postmaster.co.uk
820. | [+] E-mail Found: smohieldin@gmail.com
821. | [+] E-mail Found: hibahassan50@hotmail.com
822. | [+] E-mail Found: smohieldin@ncr.gov.sd
823. | [+] E-mail Found: adeel2007_zl@hotmail.com
824. | [+] E-mail Found: hindahmed98@hotmail.com
825. | [+] E-mail Found: esh.tmri@hotmail.com
826. | [+] E-mail Found: bashirm59@yahoo.com
827. | [+] E-mail Found: humbedooh@apache.org
828. | [+] E-mail Found: amandagimmy@yahoo.com
829. =======================================================================================================================================
830. | External hosts:
831. | [+] External Host Found: http://www.saadyaseen.com
832. | [+] External Host Found: http://intimm.oxfordjournals.org
833. | [+] External Host Found: http://www.sciencedirect.com
834. | [+] External Host Found: http://www.pnas.org
835. | [+] External Host Found: http://httpd.apache.org
836. | [+] External Host Found: http://www.biomedcentral.com
837. | [+] External Host Found: http://www.amazon.com
838. | [+] External Host Found: http://www.academicjournals.org
839. | [+] External Host Found: http://www.scihub.org
840. | [+] External Host Found: http://www.msc.gov.sd
841. =======================================================================================================================================
842. #######################################################################################################################################
843. Starting Parsero v0.75 (https://github.com/behindthefirewalls/Parsero) at 06/16/19 10:48:11
844. Parsero scan report for www.ncr.gov.sd
845. http://www.ncr.gov.sd/media/ 200 OK
846. http://www.ncr.gov.sd/language/ 200 OK
847. http://www.ncr.gov.sd/administrator/ 303 See other
848. http://www.ncr.gov.sd/images/ 200 OK
849. http://www.ncr.gov.sd/logs/ 200 OK
850. http://www.ncr.gov.sd/cli/ 200 OK
851. http://www.ncr.gov.sd/components/ 200 OK
852. http://www.ncr.gov.sd/modules/ 200 OK
853. http://www.ncr.gov.sd/installation/ 404 Not Found
854. http://www.ncr.gov.sd/includes/ 200 OK
855. http://www.ncr.gov.sd/libraries/ 200 OK
856. http://www.ncr.gov.sd/tmp/ 200 OK
857. http://www.ncr.gov.sd/templates/ 200 OK
858. http://www.ncr.gov.sd/plugins/ 200 OK
859. http://www.ncr.gov.sd/cache/ 200 OK
860.  
861. [+] 15 links have been analyzed and 13 of them are available!!!
862. #######################################################################################################################################
863. WhatWeb report for http://ncr.gov.sd
864. Status : 200 OK
865. Title : المركز القومي للبحوث
866. IP : <Unknown>
867. Country : <Unknown>
868.  
869. Summary : Script[text/javascript], nginx, PHP[5.6.40,], JQuery[1.4.2], maybe Joomla, MetaGenerator[Joomla! - Open Source Content Management], Plesk[Lin], Cookies[e0ddbc0e0e8bfa0175c84685f00835f0], X-Powered-By[PHP/5.6.40, PleskLin], HTTPServer[nginx]
870.  
871. Detected Plugins:
872. [ Cookies ]
873. Display the names of cookies in the HTTP headers. The
874. values are not returned to save on space.
875.  
876. String : e0ddbc0e0e8bfa0175c84685f00835f0
877.  
878. [ HTTPServer ]
879. HTTP server header string. This plugin also attempts to
880. identify the operating system from the server header.
881.  
882. String : nginx (from server string)
883.  
884. [ JQuery ]
885. A fast, concise, JavaScript that simplifies how to traverse
886. HTML documents, handle events, perform animations, and add
887. AJAX.
888.  
889. Version : 1.4.2
890. Website : http://jquery.com/
891.  
892. [ Joomla ]
893. Opensource CMS written in PHP. Aggressive version detection
894. compares just 5 files, valid for versions 1.5.0-1.5.22 and
895. 1.6.0-1.6.1.
896.  
897. Certainty : maybe
898. Aggressive function available (check plugin file or details).
899. Google Dorks: (1)
900. Website : http://joomla.org
901.  
902. [ MetaGenerator ]
903. This plugin identifies meta generator tags and extracts its
904. value.
905.  
906. String : Joomla! - Open Source Content Management
907.  
908. [ PHP ]
909. PHP is a widely-used general-purpose scripting language
910. that is especially suited for Web development and can be
911. embedded into HTML. This plugin identifies PHP errors,
912. modules and versions and extracts the local file path and
913. username if present.
914.  
915. Version : 5.6.40,
916. Google Dorks: (2)
917. Website : http://www.php.net/
918.  
919. [ Plesk ]
920. Plesk is a web control panel
921.  
922. String : Lin
923. Google Dorks: (1)
924. Website : http://www.parallels.com/products/plesk/
925.  
926. [ Script ]
927. This plugin detects instances of script HTML elements and
928. returns the script language/type.
929.  
930. String : text/javascript
931.  
932. [ X-Powered-By ]
933. X-Powered-By HTTP header
934.  
935. String : PHP/5.6.40, PleskLin (from x-powered-by string)
936.  
937. [ nginx ]
938. Nginx (Engine-X) is a free, open-source, high-performance
939. HTTP server and reverse proxy, as well as an IMAP/POP3
940. proxy server.
941.  
942. Website : http://nginx.net/
943.  
944. HTTP Headers:
945. HTTP/1.1 200 OK
946. Server: nginx
947. Date: Sun, 16 Jun 2019 13:52:46 GMT
948. Content-Type: text/html; charset=utf-8
949. Transfer-Encoding: chunked
950. Connection: close
951. X-Powered-By: PHP/5.6.40
952. P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
953. Cache-Control: no-cache
954. Pragma: no-cache
955. Set-Cookie: e0ddbc0e0e8bfa0175c84685f00835f0=hid92er0svi3t5dq6t76cbjge4; path=/
956. X-Powered-By: PleskLin
957. #######################################################################################################################################
958. DNS Servers for ncr.gov.sd:
959. ns0.ndc.gov.sd
960. ns1.ndc.gov.sd
961.  
962. Trying zone transfer first...
963. Testing ns0.ndc.gov.sd
964.  
965. Whoah, it worked - misconfigured DNS server found:
966. ncr.gov.sd. 86400 IN SOA ( ns0.ndc.gov.sd. root.ndc.gov.sd.
967. 2017072600 ;serial
968. 10800 ;refresh
969. 900 ;retry
970. 604800 ;expire
971. 86400 ;minimum
972. )
973. ncr.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
974. ncr.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
975. ncr.gov.sd. 86400 IN A 62.12.105.2
976. ncr.gov.sd. 86400 IN MX 10 mail.ncr.gov.sd.
977. ncr.gov.sd. 86400 IN TXT "v=spf1 mx -all"
978. mail.ncr.gov.sd. 86400 IN A 62.12.105.2
979. mail.ncr.gov.sd. 86400 IN MX 10 mail.ncr.gov.sd.
980. webmail.ncr.gov.sd. 86400 IN CNAME mail.ncr.gov.sd.
981. www.ncr.gov.sd. 86400 IN A 62.12.105.2
982.  
983. There isn't much point continuing, you have everything.
984. Have a nice day.
985. Exiting...
986. #######################################################################################################################################
987. Domains still to check: 1
988. Checking if the hostname ncr.gov.sd. given is in fact a domain...
989.  
990. Analyzing domain: ncr.gov.sd.
991. Checking NameServers using system default resolver...
992. IP: 62.12.109.2 (Sudan)
993. HostName: ns0.ndc.gov.sd Type: NS
994. IP: 62.12.109.3 (Sudan)
995. HostName: ns1.ndc.gov.sd Type: NS
996.  
997. Checking MailServers using system default resolver...
998. IP: 62.12.105.2 (Sudan)
999. HostName: mail.ncr.gov.sd Type: MX
1000. HostName: f03-web02.nic.gov.sd Type: PTR
1001.  
1002. Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1003. Zone transfer successful on name server 62.12.109.2 (4 hosts)
1004. Zone transfer successful on name server 62.12.109.3 (4 hosts)
1005.  
1006. Checking SPF record...
1007.  
1008. Checking 4 most common hostnames using system default resolver...
1009. IP: 62.12.105.2 (Sudan)
1010. HostName: mail.ncr.gov.sd Type: MX
1011. HostName: f03-web02.nic.gov.sd Type: PTR
1012. HostName: webmail.ncr.gov.sd. Type: A
1013. IP: 62.12.105.2 (Sudan)
1014. HostName: mail.ncr.gov.sd Type: MX
1015. HostName: f03-web02.nic.gov.sd Type: PTR
1016. HostName: webmail.ncr.gov.sd. Type: A
1017. HostName: mail.ncr.gov.sd. Type: A
1018. IP: 62.12.105.2 (Sudan)
1019. HostName: mail.ncr.gov.sd Type: MX
1020. HostName: f03-web02.nic.gov.sd Type: PTR
1021. HostName: webmail.ncr.gov.sd. Type: A
1022. HostName: mail.ncr.gov.sd. Type: A
1023. HostName: www.ncr.gov.sd. Type: A
1024.  
1025. Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1026. Checking netblock 62.12.109.0
1027. Checking netblock 62.12.105.0
1028.  
1029. Searching for ncr.gov.sd. emails in Google
1030. drsarrasaad@ncr.gov.sd.
1031.  
1032. Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1033. Host 62.12.109.2 is up (reset ttl 64)
1034. Host 62.12.109.3 is up (reset ttl 64)
1035. Host 62.12.105.2 is up (reset ttl 64)
1036.  
1037. Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1038. Scanning ip 62.12.109.2 (ns0.ndc.gov.sd):
1039. 53/tcp open domain syn-ack ttl 43 (unknown banner: you guess!)
1040. | dns-nsid:
1041. |_ bind.version: you guess!
1042. | fingerprint-strings:
1043. | DNSVersionBindReqTCP:
1044. | version
1045. | bind
1046. |_ guess!
1047. Scanning ip 62.12.109.3 (ns1.ndc.gov.sd):
1048. 53/tcp open domain syn-ack ttl 43 (unknown banner: you guess!)
1049. | dns-nsid:
1050. |_ bind.version: you guess!
1051. | fingerprint-strings:
1052. | DNSVersionBindReqTCP:
1053. | version
1054. | bind
1055. |_ guess!
1056. Scanning ip 62.12.105.2 (www.ncr.gov.sd.):
1057. 21/tcp open tcpwrapped syn-ack ttl 43
1058. 80/tcp open http syn-ack ttl 43 nginx
1059. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
1060. | http-methods:
1061. |_ Supported Methods: POST OPTIONS GET HEAD
1062. |_http-server-header: nginx
1063. |_http-title: Domain Default page
1064. 110/tcp open pop3 syn-ack ttl 43 Dovecot pop3d
1065. |_pop3-capabilities: PIPELINING TOP RESP-CODES AUTH-RESP-CODE USER UIDL SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) STLS CAPA APOP
1066. |_ssl-date: TLS randomness does not represent time
1067. 143/tcp open imap syn-ack ttl 43 Dovecot imapd
1068. |_imap-capabilities: listed ID more AUTH=PLAIN capabilities post-login LOGIN-REFERRALS IMAP4rev1 STARTTLS OK AUTH=LOGIN AUTH=CRAM-MD5A0001 have ENABLE LITERAL+ IDLE AUTH=DIGEST-MD5 Pre-login SASL-IR
1069. |_ssl-date: TLS randomness does not represent time
1070. 443/tcp open ssl/http syn-ack ttl 44 nginx
1071. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
1072. | http-methods:
1073. |_ Supported Methods: POST OPTIONS GET HEAD
1074. |_http-server-header: nginx
1075. |_http-title: Domain Default page
1076. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1077. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1078. | Public Key type: rsa
1079. | Public Key bits: 2048
1080. | Signature Algorithm: sha256WithRSAEncryption
1081. | Not valid before: 2016-04-20T02:40:27
1082. | Not valid after: 2017-04-20T02:40:27
1083. | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1084. |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1085. |_ssl-date: TLS randomness does not represent time
1086. | tls-alpn:
1087. |_ http/1.1
1088. | tls-nextprotoneg:
1089. |_ http/1.1
1090. 993/tcp open ssl/imaps? syn-ack ttl 43
1091. |_ssl-date: TLS randomness does not represent time
1092. 995/tcp open ssl/pop3s? syn-ack ttl 43
1093. |_ssl-date: TLS randomness does not represent time
1094. 8443/tcp open ssl/http syn-ack ttl 44 sw-cp-server httpd (Plesk Onyx 17.5.3)
1095. | http-methods:
1096. |_ Supported Methods: GET HEAD POST
1097. |_http-server-header: sw-cp-server
1098. |_http-title: Plesk Onyx 17.5.3
1099. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1100. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1101. | Public Key type: rsa
1102. | Public Key bits: 2048
1103. | Signature Algorithm: sha256WithRSAEncryption
1104. | Not valid before: 2016-04-20T02:40:27
1105. | Not valid after: 2017-04-20T02:40:27
1106. | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1107. |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1108. |_ssl-date: TLS randomness does not represent time
1109. | tls-nextprotoneg:
1110. |_ http/1.1
1111. OS Info: Service Info: Host: fo3-web02.nic.gov.sd
1112. WebCrawling domain's web servers... up to 50 max links.
1113.  
1114. + URL to crawl: http://www.ncr.gov.sd.
1115. + Date: 2019-06-16
1116.  
1117. + Crawling URL: http://www.ncr.gov.sd.:
1118. + Links:
1119. + Crawling http://www.ncr.gov.sd.
1120. + Crawling http://www.ncr.gov.sd./index.php/explore/features
1121. + Crawling http://www.ncr.gov.sd./index.php/explore/rtl-demos
1122. + Crawling http://www.ncr.gov.sd./index.php/explore/2015-02-23-21-43-56
1123. + Crawling http://www.ncr.gov.sd./index.php/styles/style2/2015-02-23-21-46-04
1124. + Crawling http://www.ncr.gov.sd./index.php/styles/style2/2015-02-23-21-46-33
1125. + Crawling http://www.ncr.gov.sd./index.php/styles/style3/2015-02-23-21-49-01
1126. + Crawling http://www.ncr.gov.sd./index.php/styles/style3/2015-02-23-21-49-25
1127. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/2015-02-23-21-49-46
1128. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/2015-02-23-21-50-07
1129. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/2015-02-23-21-50-41
1130. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/2015-02-23-21-51-05
1131. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-03
1132. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-41
1133. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/2015-02-28-11-49-36
1134. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/2015-02-28-11-50-52
1135. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/2015-02-28-11-51-58
1136. + Crawling http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/2015-02-28-11-52-31
1137. + Crawling http://www.ncr.gov.sd./index.php/styles/style1/2015-02-28-11-54-35
1138. + Crawling http://www.ncr.gov.sd./index.php/styles/style1/2015-02-28-11-55-15
1139. + Crawling http://www.ncr.gov.sd./index.php/isdarat
1140. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21
1141. + Crawling http://www.ncr.gov.sd./index.php/sitemap
1142. + Crawling http://www.ncr.gov.sd./index.php/2016-09-01-08-50-22
1143. + Crawling http://www.ncr.gov.sd./index.php/2019-04-01-10-42-10
1144. + Crawling http://www.ncr.gov.sd./index.php/contactus
1145. + Crawling http://www.ncr.gov.sd./en/index.php
1146. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/235-2018-07-11-09-28-53
1147. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/233-2018-04-17-05-28-19
1148. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/231-2018-04-15-10-45-57
1149. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/230-2018-03-06-08-22-22
1150. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=122
1151. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=116
1152. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=117
1153. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=121
1154. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=120
1155. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=119
1156. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=115
1157. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=118
1158. + Crawling http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/229-2017-12-07-06-38-44
1159. + Crawling http://www.ncr.gov.sd./index.php/isdarat/237-2019-04-03-07-06-14
1160. + Crawling http://www.ncr.gov.sd./index.php/isdarat/194-2016-11-03-09-42-53
1161. + Crawling http://www.ncr.gov.sd./index.php/isdarat/228-2017-12-05-10-35-53
1162. + Crawling http://www.ncr.gov.sd./index.php/isdarat/139-2015-03-18-10-36-05
1163. + Crawling http://www.ncr.gov.sd./index.php/94-2015-02-28-12-31-48/132-2015-03-02-12-46-26
1164. + Crawling http://www.ncr.gov.sd./index.php/92-2015-02-28-12-31-16/133-2015-03-02-12-47-15
1165. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=133
1166. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=134
1167. + Crawling http://www.ncr.gov.sd./index.php/component/content/article?id=132
1168. + Crawling http://www.ncr.gov.sd./index.php/explore/features?id=122
1169. + Searching for directories...
1170. - Found: http://www.ncr.gov.sd./index.php/
1171. - Found: http://www.ncr.gov.sd./index.php/explore/
1172. - Found: http://www.ncr.gov.sd./index.php/styles/
1173. - Found: http://www.ncr.gov.sd./index.php/styles/style2/
1174. - Found: http://www.ncr.gov.sd./index.php/styles/style3/
1175. - Found: http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/
1176. - Found: http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/
1177. - Found: http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/
1178. - Found: http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/
1179. - Found: http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/
1180. - Found: http://www.ncr.gov.sd./index.php/styles/style1/
1181. - Found: http://www.ncr.gov.sd./en/
1182. - Found: http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/
1183. - Found: http://www.ncr.gov.sd./index.php/component/
1184. - Found: http://www.ncr.gov.sd./index.php/component/content/
1185. - Found: http://www.ncr.gov.sd./index.php/isdarat/
1186. - Found: http://www.ncr.gov.sd./index.php/94-2015-02-28-12-31-48/
1187. - Found: http://www.ncr.gov.sd./index.php/92-2015-02-28-12-31-16/
1188. - Found: http://www.ncr.gov.sd./templates/
1189. - Found: http://www.ncr.gov.sd./templates/system/
1190. - Found: http://www.ncr.gov.sd./templates/system/css/
1191. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/
1192. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/css/
1193. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/css/styles/
1194. - Found: http://www.ncr.gov.sd./modules/
1195. - Found: http://www.ncr.gov.sd./modules/mod_vvisit_counter/
1196. - Found: http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/
1197. - Found: http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/
1198. - Found: http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/css/
1199. - Found: http://www.ncr.gov.sd./modules/mod_news_show_sp1/
1200. - Found: http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/
1201. - Found: http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/css/
1202. - Found: http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/
1203. - Found: http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/
1204. - Found: http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/css/
1205. - Found: http://www.ncr.gov.sd./media/
1206. - Found: http://www.ncr.gov.sd./media/system/
1207. - Found: http://www.ncr.gov.sd./media/system/js/
1208. - Found: http://www.ncr.gov.sd./plugins/
1209. - Found: http://www.ncr.gov.sd./plugins/system/
1210. - Found: http://www.ncr.gov.sd./plugins/system/helix/
1211. - Found: http://www.ncr.gov.sd./plugins/system/helix/js/
1212. - Found: http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/js/
1213. - Found: http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/js/
1214. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/images/
1215. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/css/icons/
1216. - Found: http://www.ncr.gov.sd./images/
1217. - Found: http://www.ncr.gov.sd./images/pdf/
1218. - Found: http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/
1219. - Found: http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/
1220. - Found: http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/
1221. - Found: http://www.ncr.gov.sd./templates/shaper_myestate/images/system/
1222. - Found: http://www.ncr.gov.sd./images/logos/
1223. - Found: http://www.ncr.gov.sd./images/TMRI/
1224. - Found: http://www.ncr.gov.sd./components/
1225. - Found: http://www.ncr.gov.sd./components/com_rsform/
1226. - Found: http://www.ncr.gov.sd./components/com_rsform/assets/
1227. - Found: http://www.ncr.gov.sd./components/com_rsform/assets/css/
1228. - Found: http://www.ncr.gov.sd./components/com_rsform/assets/js/
1229. - Found: http://www.ncr.gov.sd./en/templates/
1230. - Found: http://www.ncr.gov.sd./en/templates/system/
1231. - Found: http://www.ncr.gov.sd./en/templates/system/css/
1232. - Found: http://www.ncr.gov.sd./en/templates/shaper_myestate/
1233. - Found: http://www.ncr.gov.sd./en/templates/shaper_myestate/css/
1234. - Found: http://www.ncr.gov.sd./en/templates/shaper_myestate/css/styles/
1235. - Found: http://www.ncr.gov.sd./en/modules/
1236. - Found: http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/
1237. - Found: http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/
1238. - Found: http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/
1239. - Found: http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/css/
1240. - Found: http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/
1241. - Found: http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/
1242. - Found: http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/css/
1243. - Found: http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/
1244. - Found: http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/
1245. - Found: http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/css/
1246. - Found: http://www.ncr.gov.sd./en/media/
1247. - Found: http://www.ncr.gov.sd./en/media/system/
1248. - Found: http://www.ncr.gov.sd./en/media/system/js/
1249. - Found: http://www.ncr.gov.sd./en/plugins/
1250. - Found: http://www.ncr.gov.sd./en/plugins/system/
1251. - Found: http://www.ncr.gov.sd./en/plugins/system/helix/
1252. - Found: http://www.ncr.gov.sd./en/plugins/system/helix/js/
1253. - Found: http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/js/
1254. - Found: http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/js/
1255. - Found: http://www.ncr.gov.sd./en/templates/shaper_myestate/images/
1256. - Found: http://www.ncr.gov.sd./en/templates/shaper_myestate/css/icons/
1257. - Found: http://www.ncr.gov.sd./en/images/
1258. - Found: http://www.ncr.gov.sd./en/images/pdf/
1259. - Found: http://www.ncr.gov.sd./en/images/stories/
1260. - Found: http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/
1261. - Found: http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/
1262. - Found: http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/
1263. + Searching open folders...
1264. - http://www.ncr.gov.sd./index.php/ (No Open Folder)
1265. - http://www.ncr.gov.sd./index.php/explore/ (No Open Folder)
1266. - http://www.ncr.gov.sd./index.php/styles/ (No Open Folder)
1267. - http://www.ncr.gov.sd./index.php/styles/style2/ (No Open Folder)
1268. - http://www.ncr.gov.sd./index.php/styles/style3/ (No Open Folder)
1269. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/ (No Open Folder)
1270. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/ (No Open Folder)
1271. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/ (No Open Folder)
1272. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/ (No Open Folder)
1273. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/ (No Open Folder)
1274. - http://www.ncr.gov.sd./index.php/styles/style1/ (No Open Folder)
1275. - http://www.ncr.gov.sd./en/ (No Open Folder)
1276. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/ (No Open Folder)
1277. - http://www.ncr.gov.sd./index.php/component/ (500 Internal Server Error)
1278. - http://www.ncr.gov.sd./index.php/component/content/ (No Open Folder)
1279. - http://www.ncr.gov.sd./index.php/isdarat/ (No Open Folder)
1280. - http://www.ncr.gov.sd./index.php/94-2015-02-28-12-31-48/ (No Open Folder)
1281. - http://www.ncr.gov.sd./index.php/92-2015-02-28-12-31-16/ (No Open Folder)
1282. - http://www.ncr.gov.sd./templates/ (No Open Folder)
1283. - http://www.ncr.gov.sd./templates/system/ (No Open Folder)
1284. - http://www.ncr.gov.sd./templates/system/css/ (No Open Folder)
1285. - http://www.ncr.gov.sd./templates/shaper_myestate/ (No Open Folder)
1286. - http://www.ncr.gov.sd./templates/shaper_myestate/css/ (No Open Folder)
1287. - http://www.ncr.gov.sd./templates/shaper_myestate/css/styles/ (No Open Folder)
1288. - http://www.ncr.gov.sd./modules/ (No Open Folder)
1289. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/ (No Open Folder)
1290. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/ (No Open Folder)
1291. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/ (No Open Folder)
1292. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/css/ (No Open Folder)
1293. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/ (No Open Folder)
1294. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/ (No Open Folder)
1295. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/css/ (No Open Folder)
1296. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/ (No Open Folder)
1297. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/ (No Open Folder)
1298. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/css/ (No Open Folder)
1299. - http://www.ncr.gov.sd./media/ (No Open Folder)
1300. - http://www.ncr.gov.sd./media/system/ (No Open Folder)
1301. - http://www.ncr.gov.sd./media/system/js/ (No Open Folder)
1302. - http://www.ncr.gov.sd./plugins/ (No Open Folder)
1303. - http://www.ncr.gov.sd./plugins/system/ (No Open Folder)
1304. - http://www.ncr.gov.sd./plugins/system/helix/ (No Open Folder)
1305. - http://www.ncr.gov.sd./plugins/system/helix/js/ (No Open Folder)
1306. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/js/ (No Open Folder)
1307. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/js/ (No Open Folder)
1308. - http://www.ncr.gov.sd./templates/shaper_myestate/images/ (No Open Folder)
1309. - http://www.ncr.gov.sd./templates/shaper_myestate/css/icons/ (No Open Folder)
1310. - http://www.ncr.gov.sd./images/ (No Open Folder)
1311. - http://www.ncr.gov.sd./images/pdf/ (No Open Folder)
1312. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/ (No Open Folder)
1313. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/ (No Open Folder)
1314. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/ (No Open Folder)
1315. - http://www.ncr.gov.sd./templates/shaper_myestate/images/system/ (No Open Folder)
1316. - http://www.ncr.gov.sd./images/logos/ (403 Forbidden)
1317. - http://www.ncr.gov.sd./images/TMRI/ (No Open Folder)
1318. - http://www.ncr.gov.sd./components/ (No Open Folder)
1319. - http://www.ncr.gov.sd./components/com_rsform/ (No Open Folder)
1320. - http://www.ncr.gov.sd./components/com_rsform/assets/ (No Open Folder)
1321. - http://www.ncr.gov.sd./components/com_rsform/assets/css/ (No Open Folder)
1322. - http://www.ncr.gov.sd./components/com_rsform/assets/js/ (No Open Folder)
1323. - http://www.ncr.gov.sd./en/templates/ (No Open Folder)
1324. - http://www.ncr.gov.sd./en/templates/system/ (No Open Folder)
1325. - http://www.ncr.gov.sd./en/templates/system/css/ (No Open Folder)
1326. - http://www.ncr.gov.sd./en/templates/shaper_myestate/ (No Open Folder)
1327. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/ (No Open Folder)
1328. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/styles/ (No Open Folder)
1329. - http://www.ncr.gov.sd./en/modules/ (No Open Folder)
1330. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/ (No Open Folder)
1331. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/ (No Open Folder)
1332. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/ (No Open Folder)
1333. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/css/ (No Open Folder)
1334. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/ (No Open Folder)
1335. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/ (No Open Folder)
1336. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/css/ (No Open Folder)
1337. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/ (No Open Folder)
1338. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/ (No Open Folder)
1339. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/css/ (No Open Folder)
1340. - http://www.ncr.gov.sd./en/media/ (No Open Folder)
1341. - http://www.ncr.gov.sd./en/media/system/ (No Open Folder)
1342. - http://www.ncr.gov.sd./en/media/system/js/ (No Open Folder)
1343. - http://www.ncr.gov.sd./en/plugins/ (No Open Folder)
1344. - http://www.ncr.gov.sd./en/plugins/system/ (No Open Folder)
1345. - http://www.ncr.gov.sd./en/plugins/system/helix/ (No Open Folder)
1346. - http://www.ncr.gov.sd./en/plugins/system/helix/js/ (No Open Folder)
1347. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/js/ (No Open Folder)
1348. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/js/ (No Open Folder)
1349. - http://www.ncr.gov.sd./en/templates/shaper_myestate/images/ (No Open Folder)
1350. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/icons/ (No Open Folder)
1351. - http://www.ncr.gov.sd./en/images/ (No Open Folder)
1352. - http://www.ncr.gov.sd./en/images/pdf/ (No Open Folder)
1353. - http://www.ncr.gov.sd./en/images/stories/ (No Open Folder)
1354. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/ (No Open Folder)
1355. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/ (No Open Folder)
1356. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/ (No Open Folder)
1357. + Crawl finished successfully.
1358. ---------------------------------------------------------------------------------------------------------------------------------------
1359. Summary of http://http://www.ncr.gov.sd.
1360. ---------------------------------------------------------------------------------------------------------------------------------------
1361. + Links crawled:
1362. - http://www.ncr.gov.sd.
1363. - http://www.ncr.gov.sd./en/index.php
1364. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21
1365. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/229-2017-12-07-06-38-44
1366. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/230-2018-03-06-08-22-22
1367. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/231-2018-04-15-10-45-57
1368. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/233-2018-04-17-05-28-19
1369. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/235-2018-07-11-09-28-53
1370. - http://www.ncr.gov.sd./index.php/2016-09-01-08-50-22
1371. - http://www.ncr.gov.sd./index.php/2019-04-01-10-42-10
1372. - http://www.ncr.gov.sd./index.php/92-2015-02-28-12-31-16/133-2015-03-02-12-47-15
1373. - http://www.ncr.gov.sd./index.php/94-2015-02-28-12-31-48/132-2015-03-02-12-46-26
1374. - http://www.ncr.gov.sd./index.php/component/content/article?id=115
1375. - http://www.ncr.gov.sd./index.php/component/content/article?id=116
1376. - http://www.ncr.gov.sd./index.php/component/content/article?id=117
1377. - http://www.ncr.gov.sd./index.php/component/content/article?id=118
1378. - http://www.ncr.gov.sd./index.php/component/content/article?id=119
1379. - http://www.ncr.gov.sd./index.php/component/content/article?id=120
1380. - http://www.ncr.gov.sd./index.php/component/content/article?id=121
1381. - http://www.ncr.gov.sd./index.php/component/content/article?id=122
1382. - http://www.ncr.gov.sd./index.php/component/content/article?id=132
1383. - http://www.ncr.gov.sd./index.php/component/content/article?id=133
1384. - http://www.ncr.gov.sd./index.php/component/content/article?id=134
1385. - http://www.ncr.gov.sd./index.php/contactus
1386. - http://www.ncr.gov.sd./index.php/explore/2015-02-23-21-43-56
1387. - http://www.ncr.gov.sd./index.php/explore/features
1388. - http://www.ncr.gov.sd./index.php/explore/features?id=122
1389. - http://www.ncr.gov.sd./index.php/explore/rtl-demos
1390. - http://www.ncr.gov.sd./index.php/isdarat
1391. - http://www.ncr.gov.sd./index.php/isdarat/139-2015-03-18-10-36-05
1392. - http://www.ncr.gov.sd./index.php/isdarat/194-2016-11-03-09-42-53
1393. - http://www.ncr.gov.sd./index.php/isdarat/228-2017-12-05-10-35-53
1394. - http://www.ncr.gov.sd./index.php/isdarat/237-2019-04-03-07-06-14
1395. - http://www.ncr.gov.sd./index.php/sitemap
1396. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/2015-02-23-21-49-46
1397. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/2015-02-23-21-50-07
1398. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/2015-02-23-21-50-41
1399. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/2015-02-23-21-51-05
1400. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-03
1401. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-41
1402. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/2015-02-28-11-49-36
1403. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/2015-02-28-11-50-52
1404. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/2015-02-28-11-51-58
1405. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/2015-02-28-11-52-31
1406. - http://www.ncr.gov.sd./index.php/styles/style1/2015-02-28-11-54-35
1407. - http://www.ncr.gov.sd./index.php/styles/style1/2015-02-28-11-55-15
1408. - http://www.ncr.gov.sd./index.php/styles/style2/2015-02-23-21-46-04
1409. - http://www.ncr.gov.sd./index.php/styles/style2/2015-02-23-21-46-33
1410. - http://www.ncr.gov.sd./index.php/styles/style3/2015-02-23-21-49-01
1411. - http://www.ncr.gov.sd./index.php/styles/style3/2015-02-23-21-49-25
1412. Total links crawled: 50
1413.  
1414. + Links to files found:
1415. - http://www.ncr.gov.sd./components/com_rsform/assets/css/front.css
1416. - http://www.ncr.gov.sd./components/com_rsform/assets/js/script.js
1417. - http://www.ncr.gov.sd./en/images/1.png
1418. - http://www.ncr.gov.sd./en/images/3.png
1419. - http://www.ncr.gov.sd./en/images/4.png
1420. - http://www.ncr.gov.sd./en/images/pdf/1991.pdf
1421. - http://www.ncr.gov.sd./en/images/stories/news1-Rec_thumb106.jpg
1422. - http://www.ncr.gov.sd./en/images/stories/news1-Recovere_thumb106.jpg
1423. - http://www.ncr.gov.sd./en/images/stories/news1-Recovered_thumb106.jpg
1424. - http://www.ncr.gov.sd./en/images/up.png
1425. - http://www.ncr.gov.sd./en/media/system/js/caption.js
1426. - http://www.ncr.gov.sd./en/media/system/js/core.js
1427. - http://www.ncr.gov.sd./en/media/system/js/mootools-core.js
1428. - http://www.ncr.gov.sd./en/media/system/js/mootools-more.js
1429. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/css/style.css
1430. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/css/mod_slideshow_pro_sp2_movie.css
1431. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/js/mod_slideshow_pro_sp2.js
1432. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/css/style.css
1433. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/js/sp_highlighter.js
1434. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/vall.gif
1435. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif
1436. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif
1437. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif
1438. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/mvc.css
1439. - http://www.ncr.gov.sd./en/plugins/system/helix/js/menu.js
1440. - http://www.ncr.gov.sd./en/plugins/system/helix/js/totop.js
1441. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/css3.css
1442. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/custom.css
1443. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/font.css
1444. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/icons/logo.png
1445. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/joomla.css
1446. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/media_queries.css
1447. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/menu.css
1448. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/modules.css
1449. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/styles/style1.css
1450. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/template.css
1451. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/typography.css
1452. - http://www.ncr.gov.sd./en/templates/shaper_myestate/images/favicon.ico
1453. - http://www.ncr.gov.sd./en/templates/system/css/general.css
1454. - http://www.ncr.gov.sd./en/templates/system/css/system.css
1455. - http://www.ncr.gov.sd./favicon.ico
1456. - http://www.ncr.gov.sd./images/1.png
1457. - http://www.ncr.gov.sd./images/10scien_thumb106.png
1458. - http://www.ncr.gov.sd./images/149.jpg
1459. - http://www.ncr.gov.sd./images/3.png
1460. - http://www.ncr.gov.sd./images/4.png
1461. - http://www.ncr.gov.sd./images/8U5A0298 2.jpg
1462. - http://www.ncr.gov.sd./images/DS417.jpg
1463. - http://www.ncr.gov.sd./images/DSC_45944.jpg
1464. - http://www.ncr.gov.sd./images/DSC_5159.jpg
1465. - http://www.ncr.gov.sd./images/IMG-20180412-WA0023.jpg
1466. - http://www.ncr.gov.sd./images/TMRI/Abdalla.pdf
1467. - http://www.ncr.gov.sd./images/TMRI/Amanda.pdf
1468. - http://www.ncr.gov.sd./images/TMRI/Amna.pdf
1469. - http://www.ncr.gov.sd./images/TMRI/Ashraf.pdf
1470. - http://www.ncr.gov.sd./images/TMRI/DR.Awad.pdf
1471. - http://www.ncr.gov.sd./images/TMRI/Hadeel.pdf
1472. - http://www.ncr.gov.sd./images/TMRI/Haitham.pdf
1473. - http://www.ncr.gov.sd./images/TMRI/Hind.pdf
1474. - http://www.ncr.gov.sd./images/TMRI/Korti.pdf
1475. - http://www.ncr.gov.sd./images/TMRI/Mayada.pdf
1476. - http://www.ncr.gov.sd./images/TMRI/Moawia.pdf
1477. - http://www.ncr.gov.sd./images/TMRI/Mohammed.pdf
1478. - http://www.ncr.gov.sd./images/TMRI/Muataz.pdf
1479. - http://www.ncr.gov.sd./images/TMRI/Mubarak.pdf
1480. - http://www.ncr.gov.sd./images/TMRI/Naglas.pdf
1481. - http://www.ncr.gov.sd./images/TMRI/Nihad.pdf
1482. - http://www.ncr.gov.sd./images/TMRI/Omnia.pdf
1483. - http://www.ncr.gov.sd./images/TMRI/Samia.pdf
1484. - http://www.ncr.gov.sd./images/TMRI/Suhaib.pdf
1485. - http://www.ncr.gov.sd./images/TMRI/Tahani.pdf
1486. - http://www.ncr.gov.sd./images/TMRI/Tellal.pdf
1487. - http://www.ncr.gov.sd./images/TMRI/lubna.pdf
1488. - http://www.ncr.gov.sd./images/albah.pdf
1489. - http://www.ncr.gov.sd./images/brochre1.jpg
1490. - http://www.ncr.gov.sd./images/cover1.jpg
1491. - http://www.ncr.gov.sd./images/hikal.jpg
1492. - http://www.ncr.gov.sd./images/khardel.jpg
1493. - http://www.ncr.gov.sd./images/logos/engtec.jpg
1494. - http://www.ncr.gov.sd./images/logos/envor.jpg
1495. - http://www.ncr.gov.sd./images/logos/isra.jpg
1496. - http://www.ncr.gov.sd./images/logos/med.jpg
1497. - http://www.ncr.gov.sd./images/logos/plants.jpg
1498. - http://www.ncr.gov.sd./images/logos/rssa.jpg
1499. - http://www.ncr.gov.sd./images/logos/twthig.jpg
1500. - http://www.ncr.gov.sd./images/logos/wra.jpg
1501. - http://www.ncr.gov.sd./images/pdf/1991.pdf
1502. - http://www.ncr.gov.sd./images/pdf/Dr.%20Nasr%20C.V1.pdf
1503. - http://www.ncr.gov.sd./images/pdf/NCR%20Rep.for%202015%20.pdf
1504. - http://www.ncr.gov.sd./images/pdf/khardel.pdf
1505. - http://www.ncr.gov.sd./images/pdf/rafaapub.pdf
1506. - http://www.ncr.gov.sd./images/up.png
1507. - http://www.ncr.gov.sd./media/system/js/caption.js
1508. - http://www.ncr.gov.sd./media/system/js/core.js
1509. - http://www.ncr.gov.sd./media/system/js/mootools-core.js
1510. - http://www.ncr.gov.sd./media/system/js/mootools-more.js
1511. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/css/style.css
1512. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/css/mod_slideshow_pro_sp2_movie.css
1513. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/js/mod_slideshow_pro_sp2.js
1514. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/css/style.css
1515. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/js/sp_highlighter.js
1516. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/vall.gif
1517. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif
1518. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif
1519. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif
1520. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/mvc.css
1521. - http://www.ncr.gov.sd./plugins/system/helix/js/menu.js
1522. - http://www.ncr.gov.sd./plugins/system/helix/js/totop.js
1523. - http://www.ncr.gov.sd./templates/shaper_myestate/css/css3.css
1524. - http://www.ncr.gov.sd./templates/shaper_myestate/css/custom.css
1525. - http://www.ncr.gov.sd./templates/shaper_myestate/css/font.css
1526. - http://www.ncr.gov.sd./templates/shaper_myestate/css/icons/logo.png
1527. - http://www.ncr.gov.sd./templates/shaper_myestate/css/joomla.css
1528. - http://www.ncr.gov.sd./templates/shaper_myestate/css/media_queries.css
1529. - http://www.ncr.gov.sd./templates/shaper_myestate/css/menu.css
1530. - http://www.ncr.gov.sd./templates/shaper_myestate/css/modules.css
1531. - http://www.ncr.gov.sd./templates/shaper_myestate/css/styles/style1.css
1532. - http://www.ncr.gov.sd./templates/shaper_myestate/css/template.css
1533. - http://www.ncr.gov.sd./templates/shaper_myestate/css/template_rtl.css
1534. - http://www.ncr.gov.sd./templates/shaper_myestate/css/typography.css
1535. - http://www.ncr.gov.sd./templates/shaper_myestate/images/favicon.ico
1536. - http://www.ncr.gov.sd./templates/shaper_myestate/images/system/emailButton.png
1537. - http://www.ncr.gov.sd./templates/shaper_myestate/images/system/printButton.png
1538. - http://www.ncr.gov.sd./templates/system/css/general.css
1539. - http://www.ncr.gov.sd./templates/system/css/system.css
1540. Total links to files: 125
1541.  
1542. + Externals links found:
1543. - http://centrallaboratory.org
1544. - http://frc.gov.sd/
1545. - http://mail.ncr.gov.sd/
1546. - http://maps.google.com/maps/api/js?sensor=false
1547. - http://mohe.gov.sd
1548. - http://msc.gov.sd
1549. - http://ndcc.gov.sd/
1550. - http://nerc.gov.sd/
1551. - http://nic.gov.sd/
1552. - http://ntc.gov.sd/index.php/en/
1553. - http://webmail.ncr.gov.sd/
1554. - http://www.act.sd/
1555. - http://www.facebook.com/
1556. - http://www.msc.gov.sd/index.php/%D8%AF%D8%A7%D8%A6%D8%B1%D8%A9-%D8%A7%D9%84%D8%A7%D8%A8%D8%AD%D8%A7%D8%AB-%D8%A7%D9%84%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%D9%8A%D8%A9-%D9%88%D8%A7%D9%84%D8%A7%D8%AC%D8%AA%D9%85%D8%A7%D8%B9%D9%8A%D8%A9.html
1557. - http://www.ncr.gov.sd/
1558. - http://www.ncr.gov.sd/en/
1559. - http://www.ncr.gov.sd/en/index.php
1560. - http://www.ncr.gov.sd/en/modules/mod_slideshow_pro_sp2/assets/images/none.gif
1561. - http://www.ncr.gov.sd/en/modules/mod_vtem_gmap/js/jquery-1.4.2.min.js
1562. - http://www.ncr.gov.sd/en/modules/mod_vtem_gmap/js/jquery.gmap.js
1563. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21
1564. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21/229-2017-12-07-06-38-44
1565. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21/230-2018-03-06-08-22-22
1566. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21/231-2018-04-15-10-45-57
1567. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21/233-2018-04-17-05-28-19
1568. - http://www.ncr.gov.sd/index.php/2015-02-27-08-29-21/235-2018-07-11-09-28-53
1569. - http://www.ncr.gov.sd/index.php/2016-09-01-08-50-22
1570. - http://www.ncr.gov.sd/index.php/2019-04-01-10-42-10
1571. - http://www.ncr.gov.sd/index.php/92-2015-02-28-12-31-16/133-2015-03-02-12-47-15
1572. - http://www.ncr.gov.sd/index.php/94-2015-02-28-12-31-48/132-2015-03-02-12-46-26
1573. - http://www.ncr.gov.sd/index.php/component/content/article
1574. - http://www.ncr.gov.sd/index.php/contactus
1575. - http://www.ncr.gov.sd/index.php/explore/2015-02-23-21-43-56
1576. - http://www.ncr.gov.sd/index.php/explore/features
1577. - http://www.ncr.gov.sd/index.php/explore/rtl-demos
1578. - http://www.ncr.gov.sd/index.php/isdarat
1579. - http://www.ncr.gov.sd/index.php/isdarat/139-2015-03-18-10-36-05
1580. - http://www.ncr.gov.sd/index.php/isdarat/194-2016-11-03-09-42-53
1581. - http://www.ncr.gov.sd/index.php/isdarat/228-2017-12-05-10-35-53
1582. - http://www.ncr.gov.sd/index.php/isdarat/237-2019-04-03-07-06-14
1583. - http://www.ncr.gov.sd/index.php/sitemap
1584. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-22-24/2015-02-23-21-49-46
1585. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-22-24/2015-02-23-21-50-07
1586. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-26-52/2015-02-23-21-50-41
1587. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-26-52/2015-02-23-21-51-05
1588. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-03
1589. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-27-18/2015-02-28-11-48-41
1590. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-27-45/2015-02-28-11-49-36
1591. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-27-45/2015-02-28-11-50-52
1592. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-31-01/2015-02-28-11-51-58
1593. - http://www.ncr.gov.sd/index.php/styles/2015-02-19-14-31-01/2015-02-28-11-52-31
1594. - http://www.ncr.gov.sd/index.php/styles/style1/2015-02-28-11-54-35
1595. - http://www.ncr.gov.sd/index.php/styles/style1/2015-02-28-11-55-15
1596. - http://www.ncr.gov.sd/index.php/styles/style2/2015-02-23-21-46-04
1597. - http://www.ncr.gov.sd/index.php/styles/style2/2015-02-23-21-46-33
1598. - http://www.ncr.gov.sd/index.php/styles/style3/2015-02-23-21-49-01
1599. - http://www.ncr.gov.sd/index.php/styles/style3/2015-02-23-21-49-25
1600. - http://www.ncr.gov.sd/modules/mod_slideshow_pro_sp2/assets/images/none.gif
1601. - http://www.ncr.gov.sd/modules/mod_vtem_gmap/js/jquery-1.4.2.min.js
1602. - http://www.ncr.gov.sd/modules/mod_vtem_gmap/js/jquery.gmap.js
1603. - http://www.saadyaseen.com
1604. - http://www.saec.gov.sd/
1605. - http://www.sas.edu.sd/
1606. - http://www.twitter.com/
1607. - http://www.youtube.com/
1608. - https://www.facebook.com/pages/المركز-القومي-للبحوث-National-Centre-for-Research/1400956583559098
1609. Total external links: 66
1610.  
1611. + Email addresses found:
1612. Total email address found: 0
1613.  
1614. + Directories found:
1615. - http://www.ncr.gov.sd./components/ (No open folder)
1616. - http://www.ncr.gov.sd./components/com_rsform/ (No open folder)
1617. - http://www.ncr.gov.sd./components/com_rsform/assets/ (No open folder)
1618. - http://www.ncr.gov.sd./components/com_rsform/assets/css/ (No open folder)
1619. - http://www.ncr.gov.sd./components/com_rsform/assets/js/ (No open folder)
1620. - http://www.ncr.gov.sd./en/ (No open folder)
1621. - http://www.ncr.gov.sd./en/images/ (No open folder)
1622. - http://www.ncr.gov.sd./en/images/pdf/ (No open folder)
1623. - http://www.ncr.gov.sd./en/images/stories/ (No open folder)
1624. - http://www.ncr.gov.sd./en/media/ (No open folder)
1625. - http://www.ncr.gov.sd./en/media/system/ (No open folder)
1626. - http://www.ncr.gov.sd./en/media/system/js/ (No open folder)
1627. - http://www.ncr.gov.sd./en/modules/ (No open folder)
1628. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/ (No open folder)
1629. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/ (No open folder)
1630. - http://www.ncr.gov.sd./en/modules/mod_news_show_sp1/assets/css/ (No open folder)
1631. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/ (No open folder)
1632. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/ (No open folder)
1633. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/css/ (No open folder)
1634. - http://www.ncr.gov.sd./en/modules/mod_slideshow_pro_sp2/assets/js/ (No open folder)
1635. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/ (No open folder)
1636. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/ (No open folder)
1637. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/css/ (No open folder)
1638. - http://www.ncr.gov.sd./en/modules/mod_sp_news_highlighter/assets/js/ (No open folder)
1639. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/ (No open folder)
1640. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/ (No open folder)
1641. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/ (No open folder)
1642. - http://www.ncr.gov.sd./en/modules/mod_vvisit_counter/images/tbl/peoples/ (No open folder)
1643. - http://www.ncr.gov.sd./en/plugins/ (No open folder)
1644. - http://www.ncr.gov.sd./en/plugins/system/ (No open folder)
1645. - http://www.ncr.gov.sd./en/plugins/system/helix/ (No open folder)
1646. - http://www.ncr.gov.sd./en/plugins/system/helix/js/ (No open folder)
1647. - http://www.ncr.gov.sd./en/templates/ (No open folder)
1648. - http://www.ncr.gov.sd./en/templates/shaper_myestate/ (No open folder)
1649. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/ (No open folder)
1650. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/icons/ (No open folder)
1651. - http://www.ncr.gov.sd./en/templates/shaper_myestate/css/styles/ (No open folder)
1652. - http://www.ncr.gov.sd./en/templates/shaper_myestate/images/ (No open folder)
1653. - http://www.ncr.gov.sd./en/templates/system/ (No open folder)
1654. - http://www.ncr.gov.sd./en/templates/system/css/ (No open folder)
1655. - http://www.ncr.gov.sd./images/ (No open folder)
1656. - http://www.ncr.gov.sd./images/TMRI/ (No open folder)
1657. - http://www.ncr.gov.sd./images/logos/ (403 Forbidden)
1658. - http://www.ncr.gov.sd./images/pdf/ (No open folder)
1659. - http://www.ncr.gov.sd./index.php/ (No open folder)
1660. - http://www.ncr.gov.sd./index.php/2015-02-27-08-29-21/ (No open folder)
1661. - http://www.ncr.gov.sd./index.php/92-2015-02-28-12-31-16/ (No open folder)
1662. - http://www.ncr.gov.sd./index.php/94-2015-02-28-12-31-48/ (No open folder)
1663. - http://www.ncr.gov.sd./index.php/component/ (500 Internal Server Error)
1664. - http://www.ncr.gov.sd./index.php/component/content/ (No open folder)
1665. - http://www.ncr.gov.sd./index.php/explore/ (No open folder)
1666. - http://www.ncr.gov.sd./index.php/isdarat/ (No open folder)
1667. - http://www.ncr.gov.sd./index.php/styles/ (No open folder)
1668. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-22-24/ (No open folder)
1669. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-26-52/ (No open folder)
1670. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-18/ (No open folder)
1671. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-27-45/ (No open folder)
1672. - http://www.ncr.gov.sd./index.php/styles/2015-02-19-14-31-01/ (No open folder)
1673. - http://www.ncr.gov.sd./index.php/styles/style1/ (No open folder)
1674. - http://www.ncr.gov.sd./index.php/styles/style2/ (No open folder)
1675. - http://www.ncr.gov.sd./index.php/styles/style3/ (No open folder)
1676. - http://www.ncr.gov.sd./media/ (No open folder)
1677. - http://www.ncr.gov.sd./media/system/ (No open folder)
1678. - http://www.ncr.gov.sd./media/system/js/ (No open folder)
1679. - http://www.ncr.gov.sd./modules/ (No open folder)
1680. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/ (No open folder)
1681. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/ (No open folder)
1682. - http://www.ncr.gov.sd./modules/mod_news_show_sp1/assets/css/ (No open folder)
1683. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/ (No open folder)
1684. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/ (No open folder)
1685. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/css/ (No open folder)
1686. - http://www.ncr.gov.sd./modules/mod_slideshow_pro_sp2/assets/js/ (No open folder)
1687. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/ (No open folder)
1688. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/ (No open folder)
1689. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/css/ (No open folder)
1690. - http://www.ncr.gov.sd./modules/mod_sp_news_highlighter/assets/js/ (No open folder)
1691. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/ (No open folder)
1692. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/ (No open folder)
1693. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/ (No open folder)
1694. - http://www.ncr.gov.sd./modules/mod_vvisit_counter/images/tbl/peoples/ (No open folder)
1695. - http://www.ncr.gov.sd./plugins/ (No open folder)
1696. - http://www.ncr.gov.sd./plugins/system/ (No open folder)
1697. - http://www.ncr.gov.sd./plugins/system/helix/ (No open folder)
1698. - http://www.ncr.gov.sd./plugins/system/helix/js/ (No open folder)
1699. - http://www.ncr.gov.sd./templates/ (No open folder)
1700. - http://www.ncr.gov.sd./templates/shaper_myestate/ (No open folder)
1701. - http://www.ncr.gov.sd./templates/shaper_myestate/css/ (No open folder)
1702. - http://www.ncr.gov.sd./templates/shaper_myestate/css/icons/ (No open folder)
1703. - http://www.ncr.gov.sd./templates/shaper_myestate/css/styles/ (No open folder)
1704. - http://www.ncr.gov.sd./templates/shaper_myestate/images/ (No open folder)
1705. - http://www.ncr.gov.sd./templates/shaper_myestate/images/system/ (No open folder)
1706. - http://www.ncr.gov.sd./templates/system/ (No open folder)
1707. - http://www.ncr.gov.sd./templates/system/css/ (No open folder)
1708. Total directories: 93
1709.  
1710. + Directory indexing found:
1711. Total directories with indexing: 0
1712.  
1713. ---------------------------------------------------------------------------------------------------------------------------------------
1714.  
1715.  
1716. + URL to crawl: http://mail.ncr.gov.sd
1717. + Date: 2019-06-16
1718.  
1719. + Crawling URL: http://mail.ncr.gov.sd:
1720. + Links:
1721. + Crawling http://mail.ncr.gov.sd
1722. + Searching for directories...
1723. - Found: http://mail.ncr.gov.sd/css/
1724. - Found: http://mail.ncr.gov.sd/img/
1725. + Searching open folders...
1726. - http://mail.ncr.gov.sd/css/ (403 Forbidden)
1727. - http://mail.ncr.gov.sd/img/ (403 Forbidden)
1728.  
1729.  
1730. + URL to crawl: http://webmail.ncr.gov.sd.
1731. + Date: 2019-06-16
1732.  
1733. + Crawling URL: http://webmail.ncr.gov.sd.:
1734. + Links:
1735. + Crawling http://webmail.ncr.gov.sd.
1736. + Crawling http://webmail.ncr.gov.sd./skins/larry/styles.min.css?s=1510737769 (File! Not crawling it.)
1737. + Crawling http://webmail.ncr.gov.sd./skins/larry/svggradients.min.css?s=1510737769 (File! Not crawling it.)
1738. + Crawling http://webmail.ncr.gov.sd./plugins/jqueryui/themes/larry/jquery-ui-1.10.4.custom.css?s=1510737769 (File! Not crawling it.)
1739. + Crawling http://webmail.ncr.gov.sd./skins/larry/ui.min.js?s=1510737769 (File! Not crawling it.)
1740. + Crawling http://webmail.ncr.gov.sd./program/js/jquery.min.js?s=1510737769 (File! Not crawling it.)
1741. + Crawling http://webmail.ncr.gov.sd./program/js/common.min.js?s=1510737769 (File! Not crawling it.)
1742. + Crawling http://webmail.ncr.gov.sd./program/js/app.min.js?s=1510737769 (File! Not crawling it.)
1743. + Crawling http://webmail.ncr.gov.sd./program/js/jstz.min.js?s=1510737769 (File! Not crawling it.)
1744. + Crawling http://webmail.ncr.gov.sd./plugins/jqueryui/js/jquery-ui-1.10.4.custom.min.js?s=1510737769 (File! Not crawling it.)
1745. + Searching for directories...
1746. - Found: http://webmail.ncr.gov.sd./skins/
1747. - Found: http://webmail.ncr.gov.sd./skins/larry/
1748. - Found: http://webmail.ncr.gov.sd./skins/larry/images/
1749. - Found: http://webmail.ncr.gov.sd./plugins/
1750. - Found: http://webmail.ncr.gov.sd./plugins/jqueryui/
1751. - Found: http://webmail.ncr.gov.sd./plugins/jqueryui/themes/
1752. - Found: http://webmail.ncr.gov.sd./plugins/jqueryui/themes/larry/
1753. - Found: http://webmail.ncr.gov.sd./program/
1754. - Found: http://webmail.ncr.gov.sd./program/js/
1755. - Found: http://webmail.ncr.gov.sd./plugins/jqueryui/js/
1756. + Searching open folders...
1757. - http://webmail.ncr.gov.sd./skins/ (403 Forbidden)
1758. - http://webmail.ncr.gov.sd./skins/larry/ (403 Forbidden)
1759. - http://webmail.ncr.gov.sd./skins/larry/images/ (403 Forbidden)
1760. - http://webmail.ncr.gov.sd./plugins/ (403 Forbidden)
1761. - http://webmail.ncr.gov.sd./plugins/jqueryui/ (403 Forbidden)
1762. - http://webmail.ncr.gov.sd./plugins/jqueryui/themes/ (403 Forbidden)
1763. - http://webmail.ncr.gov.sd./plugins/jqueryui/themes/larry/ (403 Forbidden)
1764. - http://webmail.ncr.gov.sd./program/ (403 Forbidden)
1765. - http://webmail.ncr.gov.sd./program/js/ (403 Forbidden)
1766. - http://webmail.ncr.gov.sd./plugins/jqueryui/js/ (403 Forbidden)
1767.  
1768.  
1769. + URL to crawl: http://mail.ncr.gov.sd.
1770. + Date: 2019-06-16
1771.  
1772. + Crawling URL: http://mail.ncr.gov.sd.:
1773. + Links:
1774. + Crawling http://mail.ncr.gov.sd.
1775. + Searching for directories...
1776. - Found: http://mail.ncr.gov.sd./css/
1777. - Found: http://mail.ncr.gov.sd./img/
1778. + Searching open folders...
1779. - http://mail.ncr.gov.sd./css/ (403 Forbidden)
1780. - http://mail.ncr.gov.sd./img/ (403 Forbidden)
1781.  
1782.  
1783. + URL to crawl: https://www.ncr.gov.sd.
1784. + Date: 2019-06-16
1785.  
1786. + Crawling URL: https://www.ncr.gov.sd.:
1787. + Links:
1788. + Crawling https://www.ncr.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1789. + Searching for directories...
1790. + Searching open folders...
1791.  
1792.  
1793. + URL to crawl: https://mail.ncr.gov.sd
1794. + Date: 2019-06-16
1795.  
1796. + Crawling URL: https://mail.ncr.gov.sd:
1797. + Links:
1798. + Crawling https://mail.ncr.gov.sd ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1799. + Searching for directories...
1800. + Searching open folders...
1801.  
1802.  
1803. + URL to crawl: https://webmail.ncr.gov.sd.
1804. + Date: 2019-06-16
1805.  
1806. + Crawling URL: https://webmail.ncr.gov.sd.:
1807. + Links:
1808. + Crawling https://webmail.ncr.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1809. + Searching for directories...
1810. + Searching open folders...
1811.  
1812.  
1813. + URL to crawl: https://mail.ncr.gov.sd.
1814. + Date: 2019-06-16
1815.  
1816. + Crawling URL: https://mail.ncr.gov.sd.:
1817. + Links:
1818. + Crawling https://mail.ncr.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1819. + Searching for directories...
1820. + Searching open folders...
1821.  
1822.  
1823. + URL to crawl: https://www.ncr.gov.sd.:8443
1824. + Date: 2019-06-16
1825.  
1826. + Crawling URL: https://www.ncr.gov.sd.:8443:
1827. + Links:
1828. + Crawling https://www.ncr.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1829. + Searching for directories...
1830. + Searching open folders...
1831.  
1832.  
1833. + URL to crawl: https://mail.ncr.gov.sd:8443
1834. + Date: 2019-06-16
1835.  
1836. + Crawling URL: https://mail.ncr.gov.sd:8443:
1837. + Links:
1838. + Crawling https://mail.ncr.gov.sd:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1839. + Searching for directories...
1840. + Searching open folders...
1841.  
1842.  
1843. + URL to crawl: https://webmail.ncr.gov.sd.:8443
1844. + Date: 2019-06-16
1845.  
1846. + Crawling URL: https://webmail.ncr.gov.sd.:8443:
1847. + Links:
1848. + Crawling https://webmail.ncr.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1849. + Searching for directories...
1850. + Searching open folders...
1851.  
1852.  
1853. + URL to crawl: https://mail.ncr.gov.sd.:8443
1854. + Date: 2019-06-16
1855.  
1856. + Crawling URL: https://mail.ncr.gov.sd.:8443:
1857. + Links:
1858. + Crawling https://mail.ncr.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1859. + Searching for directories...
1860. + Searching open folders...
1861.  
1862. --Finished--
1863. Summary information for domain ncr.gov.sd.
1864. ---------------------------------------------------------------------------------------------------------------------------------------
1865. Domain Specific Information:
1866. Email: drsarrasaad@ncr.gov.sd.
1867.  
1868. Domain Ips Information:
1869. IP: 62.12.109.2
1870. HostName: ns0.ndc.gov.sd Type: NS
1871. Country: Sudan
1872. Zone Transfer: 4
1873. Is Active: True (reset ttl 64)
1874. Port: 53/tcp open domain syn-ack ttl 43 (unknown banner: you guess!)
1875. Script Info: | dns-nsid:
1876. Script Info: |_ bind.version: you guess!
1877. Script Info: | fingerprint-strings:
1878. Script Info: | DNSVersionBindReqTCP:
1879. Script Info: | version
1880. Script Info: | bind
1881. Script Info: |_ guess!
1882. IP: 62.12.109.3
1883. HostName: ns1.ndc.gov.sd Type: NS
1884. Country: Sudan
1885. Zone Transfer: 4
1886. Is Active: True (reset ttl 64)
1887. Port: 53/tcp open domain syn-ack ttl 43 (unknown banner: you guess!)
1888. Script Info: | dns-nsid:
1889. Script Info: |_ bind.version: you guess!
1890. Script Info: | fingerprint-strings:
1891. Script Info: | DNSVersionBindReqTCP:
1892. Script Info: | version
1893. Script Info: | bind
1894. Script Info: |_ guess!
1895. IP: 62.12.105.2
1896. HostName: mail.ncr.gov.sd Type: MX
1897. HostName: f03-web02.nic.gov.sd Type: PTR
1898. HostName: webmail.ncr.gov.sd. Type: A
1899. HostName: mail.ncr.gov.sd. Type: A
1900. HostName: www.ncr.gov.sd. Type: A
1901. Country: Sudan
1902. Is Active: True (reset ttl 64)
1903. Port: 21/tcp open tcpwrapped syn-ack ttl 43
1904. Port: 80/tcp open http syn-ack ttl 43 nginx
1905. Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
1906. Script Info: | http-methods:
1907. Script Info: |_ Supported Methods: POST OPTIONS GET HEAD
1908. Script Info: |_http-server-header: nginx
1909. Script Info: |_http-title: Domain Default page
1910. Port: 110/tcp open pop3 syn-ack ttl 43 Dovecot pop3d
1911. Script Info: |_pop3-capabilities: PIPELINING TOP RESP-CODES AUTH-RESP-CODE USER UIDL SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) STLS CAPA APOP
1912. Script Info: |_ssl-date: TLS randomness does not represent time
1913. Port: 143/tcp open imap syn-ack ttl 43 Dovecot imapd
1914. Script Info: |_imap-capabilities: listed ID more AUTH=PLAIN capabilities post-login LOGIN-REFERRALS IMAP4rev1 STARTTLS OK AUTH=LOGIN AUTH=CRAM-MD5A0001 have ENABLE LITERAL+ IDLE AUTH=DIGEST-MD5 Pre-login SASL-IR
1915. Script Info: |_ssl-date: TLS randomness does not represent time
1916. Port: 443/tcp open ssl/http syn-ack ttl 44 nginx
1917. Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
1918. Script Info: | http-methods:
1919. Script Info: |_ Supported Methods: POST OPTIONS GET HEAD
1920. Script Info: |_http-server-header: nginx
1921. Script Info: |_http-title: Domain Default page
1922. Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1923. Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1924. Script Info: | Public Key type: rsa
1925. Script Info: | Public Key bits: 2048
1926. Script Info: | Signature Algorithm: sha256WithRSAEncryption
1927. Script Info: | Not valid before: 2016-04-20T02:40:27
1928. Script Info: | Not valid after: 2017-04-20T02:40:27
1929. Script Info: | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1930. Script Info: |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1931. Script Info: |_ssl-date: TLS randomness does not represent time
1932. Script Info: | tls-alpn:
1933. Script Info: |_ http/1.1
1934. Script Info: | tls-nextprotoneg:
1935. Script Info: |_ http/1.1
1936. Port: 993/tcp open ssl/imaps? syn-ack ttl 43
1937. Script Info: |_ssl-date: TLS randomness does not represent time
1938. Port: 995/tcp open ssl/pop3s? syn-ack ttl 43
1939. Script Info: |_ssl-date: TLS randomness does not represent time
1940. Port: 8443/tcp open ssl/http syn-ack ttl 44 sw-cp-server httpd (Plesk Onyx 17.5.3)
1941. Script Info: | http-methods:
1942. Script Info: |_ Supported Methods: GET HEAD POST
1943. Script Info: |_http-server-header: sw-cp-server
1944. Script Info: |_http-title: Plesk Onyx 17.5.3
1945. Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1946. Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1947. Script Info: | Public Key type: rsa
1948. Script Info: | Public Key bits: 2048
1949. Script Info: | Signature Algorithm: sha256WithRSAEncryption
1950. Script Info: | Not valid before: 2016-04-20T02:40:27
1951. Script Info: | Not valid after: 2017-04-20T02:40:27
1952. Script Info: | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1953. Script Info: |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1954. Script Info: |_ssl-date: TLS randomness does not represent time
1955. Script Info: | tls-nextprotoneg:
1956. Script Info: |_ http/1.1
1957. Os Info: Host: fo3-web02.nic.gov.sd
1958. #######################################################################################################################################
1959. [*] Processing domain ncr.gov.sd
1960. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1961. [+] Getting nameservers
1962. 62.12.109.2 - ns0.ndc.gov.sd
1963. [+] Zone transfer sucessful using nameserver ns0.ndc.gov.sd
1964. ncr.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017072600 10800 900 604800 86400
1965. ncr.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
1966. ncr.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
1967. ncr.gov.sd. 86400 IN A 62.12.105.2
1968. ncr.gov.sd. 86400 IN MX 10 mail.ncr.gov.sd.
1969. ncr.gov.sd. 86400 IN TXT "v=spf1 mx -all"
1970. mail.ncr.gov.sd. 86400 IN A 62.12.105.2
1971. mail.ncr.gov.sd. 86400 IN MX 10 mail.ncr.gov.sd.
1972. webmail.ncr.gov.sd. 86400 IN CNAME mail.ncr.gov.sd.
1973. www.ncr.gov.sd. 86400 IN A 62.12.105.2
1974. #######################################################################################################################################
1975. [*] Performing General Enumeration of Domain: ncr.gov.sd
1976. [-] DNSSEC is not configured for ncr.gov.sd
1977. [*] SOA ns0.ndc.gov.sd 62.12.109.2
1978. [*] NS ns0.ndc.gov.sd 62.12.109.2
1979. [*] Bind Version for 62.12.109.2 you guess!
1980. [*] NS ns1.ndc.gov.sd 62.12.109.3
1981. [*] Bind Version for 62.12.109.3 you guess!
1982. [*] MX mail.ncr.gov.sd 62.12.105.2
1983. [*] A ncr.gov.sd 62.12.105.2
1984. [*] TXT ncr.gov.sd v=spf1 mx -all
1985. [*] Enumerating SRV Records
1986. [-] No SRV Records Found for ncr.gov.sd
1987. [+] 0 Records Found
1988. #######################################################################################################################################
1989. Ip Address Status Type Domain Name Server
1990. ---------- ------ ---- ----------- ------
1991. 62.12.105.2 200 host mail.ncr.gov.sd nginx
1992. 62.12.105.2 200 alias webmail.ncr.gov.sd nginx
1993. 62.12.105.2 200 host mail.ncr.gov.sd nginx
1994. 62.12.105.2 200 host www.ncr.gov.sd nginx
1995. #######################################################################################################################################
1996. [+] Testing domain
1997. www.ncr.gov.sd 62.12.105.2
1998. [+] Dns resolving
1999. Domain name Ip address Name server
2000. ncr.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
2001. Found 1 host(s) for ncr.gov.sd
2002. [+] Testing wildcard
2003. Ok, no wildcard found.
2004.  
2005. [+] Scanning for subdomain on ncr.gov.sd
2006. [!] Wordlist not specified. I scannig with my internal wordlist...
2007. Estimated time about 144.78 seconds
2008.  
2009. Subdomain Ip address Name server
2010.  
2011. mail.ncr.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
2012. webmail.ncr.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
2013. www.ncr.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
2014. #######################################################################################################################################
2015. ----- ncr.gov.sd -----
2016.  
2017.  
2018. Host's addresses:
2019. __________________
2020.  
2021. ncr.gov.sd. 80311 IN A 62.12.105.2
2022.  
2023. ----------------
2024. Wildcards test:
2025. ----------------
2026. good
2027.  
2028.  
2029. Name Servers:
2030. ______________
2031.  
2032. ns0.ndc.gov.sd. 10263 IN A 62.12.109.2
2033. ns1.ndc.gov.sd. 10263 IN A 62.12.109.3
2034.  
2035.  
2036. Mail (MX) Servers:
2037. ___________________
2038.  
2039. mail.ncr.gov.sd. 84847 IN A 62.12.105.2
2040.  
2041.  
2042. Trying Zone Transfers and getting Bind Versions:
2043. _________________________________________________
2044.  
2045.  
2046. Trying Zone Transfer for ncr.gov.sd on ns0.ndc.gov.sd ...
2047. ncr.gov.sd. 86400 IN SOA (
2048. ncr.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
2049. ncr.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
2050. ncr.gov.sd. 86400 IN A 62.12.105.2
2051. ncr.gov.sd. 86400 IN MX 10
2052. ncr.gov.sd. 86400 IN TXT "v=spf1
2053. mail.ncr.gov.sd. 86400 IN A 62.12.105.2
2054. mail.ncr.gov.sd. 86400 IN MX 10
2055. webmail.ncr.gov.sd. 86400 IN CNAME mail.ncr.gov.sd.
2056. www.ncr.gov.sd. 86400 IN A 62.12.105.2
2057.  
2058. Trying Zone Transfer for ncr.gov.sd on ns1.ndc.gov.sd ...
2059. ncr.gov.sd. 86400 IN SOA (
2060. ncr.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
2061. ncr.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
2062. ncr.gov.sd. 86400 IN A 62.12.105.2
2063. ncr.gov.sd. 86400 IN MX 10
2064. ncr.gov.sd. 86400 IN TXT "v=spf1
2065. mail.ncr.gov.sd. 86400 IN A 62.12.105.2
2066. mail.ncr.gov.sd. 86400 IN MX 10
2067. webmail.ncr.gov.sd. 86400 IN CNAME mail.ncr.gov.sd.
2068. www.ncr.gov.sd. 86400 IN A 62.12.105.2
2069.  
2070. brute force file not specified, bay.
2071. #######################################################################################################################################
2072.  
2073. ===============================================
2074. -=Subfinder v1.1.3 github.com/subfinder/subfinder
2075. ===============================================
2076.  
2077.  
2078. Running Source: Ask
2079. Running Source: Archive.is
2080. Running Source: Baidu
2081. Running Source: Bing
2082. Running Source: CertDB
2083. Running Source: CertificateTransparency
2084. Running Source: Certspotter
2085. Running Source: Commoncrawl
2086. Running Source: Crt.sh
2087. Running Source: Dnsdb
2088. Running Source: DNSDumpster
2089. Running Source: DNSTable
2090. Running Source: Dogpile
2091. Running Source: Exalead
2092. Running Source: Findsubdomains
2093. Running Source: Googleter
2094. Running Source: Hackertarget
2095. Running Source: Ipv4Info
2096. Running Source: PTRArchive
2097. Running Source: Sitedossier
2098. Running Source: Threatcrowd
2099. Running Source: ThreatMiner
2100. Running Source: WaybackArchive
2101. Running Source: Yahoo
2102.  
2103. Running enumeration on www.ncr.gov.sd
2104.  
2105. dnsdb: Unexpected return status 503
2106.  
2107. waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.www.ncr.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
2108.  
2109. dogpile: Get https://www.dogpile.com/search/web?q=www.ncr.gov.sd&qsi=1: EOF
2110.  
2111. ipv4info: <nil>
2112.  
2113.  
2114. Starting Bruteforcing of www.ncr.gov.sd with 9985 words
2115.  
2116. Total 1 Unique subdomains found for www.ncr.gov.sd
2117.  
2118. .www.ncr.gov.sd
2119. #######################################################################################################################################
2120. [+] www.ncr.gov.sd has no SPF record!
2121. [*] No DMARC record found. Looking for organizational record
2122. [+] No organizational DMARC record
2123. [+] Spoofing possible for www.ncr.gov.sd!
2124.  
2125. #######################################################################################################################################
2126. dig: '.www.ncr.gov.sd' is not a legal name (empty label)
2127.  
2128. SubOver v.1.2 Nizamul Rana (@Ice3man)
2129. ==================================================
2130.  
2131.  
2132. [~] Enjoy your hunt !
2133. [Not Vulnerable] domain
2134. [Not Vulnerable] .www.ncr.gov.sd
2135. [Not Vulnerable] 77.72.0.146
2136. [Not Vulnerable] 147.237.77.18
2137. [Not Vulnerable] 62.12.105.4
2138. [Not Vulnerable] 52.64.99.208
2139. [Not Vulnerable] www.cbs.gov.ws
2140. [Not Vulnerable] www.sviva.gov.il
2141. [Not Vulnerable] 62.12.105.3
2142. [Not Vulnerable] sennarstate.gov.sd
2143. [Not Vulnerable] whitenilestate.gov.sd
2144. [Not Vulnerable] www.ncr.gov.sd
2145. [Not Vulnerable] ombudsman.gov.sd
2146. #######################################################################################################################################
2147. INFO[0000] Starting to process queue....
2148. INFO[0000] Starting to process permutations....
2149. INFO[0000] FORBIDDEN http://ncr-test.s3.amazonaws.com (http://ncr.gov.sd)
2150. INFO[0000] FORBIDDEN http://terraform-ncr.s3.amazonaws.com (http://ncr.gov.sd)
2151. INFO[0000] FORBIDDEN http://ncr-reports.s3.amazonaws.com (http://ncr.gov.sd)
2152. INFO[0000] FORBIDDEN http://ncr-logs.s3.amazonaws.com (http://ncr.gov.sd)
2153. INFO[0000] FORBIDDEN http://ncr-backup.s3.amazonaws.com (http://ncr.gov.sd)
2154. INFO[0000] FORBIDDEN http://ncr.s3.amazonaws.com (http://ncr.gov.sd)
2155. INFO[0000] FORBIDDEN http://ncr-cloudformation.s3.amazonaws.com (http://ncr.gov.sd)
2156. #######################################################################################################################################
2157. 62.12.96.0/20
2158. 62.12.96.0/24
2159. 62.12.97.0/24
2160. 62.12.98.0/24
2161. 62.12.99.0/24
2162. 62.12.100.0/24
2163. 62.12.101.0/24
2164. 62.12.102.0/23
2165. 62.12.104.0/24
2166. 62.12.105.0/24
2167. 62.12.106.0/24
2168. 62.12.107.0/24
2169. 62.12.108.0/24
2170. 62.12.109.0/24
2171. 62.12.110.0/24
2172. 62.12.111.0/24
2173. #######################################################################################################################################
2174. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 10:20 EDT
2175. Nmap scan report for www.ncr.gov.sd (62.12.105.2)
2176. Host is up (0.19s latency).
2177. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2178. Not shown: 464 filtered ports, 4 closed ports
2179. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2180. PORT STATE SERVICE
2181. 21/tcp open ftp
2182. 80/tcp open http
2183. 110/tcp open pop3
2184. 143/tcp open imap
2185. 443/tcp open https
2186. 993/tcp open imaps
2187. 995/tcp open pop3s
2188. 8443/tcp open https-alt
2189.  
2190. Nmap done: 1 IP address (1 host up) scanned in 6.01 seconds
2191. #######################################################################################################################################
2192. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 10:20 EDT
2193. Nmap scan report for www.ncr.gov.sd (62.12.105.2)
2194. Host is up (0.022s latency).
2195. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2196. Not shown: 2 filtered ports
2197. PORT STATE SERVICE
2198. 53/udp open|filtered domain
2199. 67/udp open|filtered dhcps
2200. 68/udp open|filtered dhcpc
2201. 69/udp open|filtered tftp
2202. 88/udp open|filtered kerberos-sec
2203. 123/udp open|filtered ntp
2204. 139/udp open|filtered netbios-ssn
2205. 161/udp open|filtered snmp
2206. 162/udp open|filtered snmptrap
2207. 389/udp open|filtered ldap
2208. 520/udp open|filtered route
2209. 2049/udp open|filtered nfs
2210.  
2211. Nmap done: 1 IP address (1 host up) scanned in 1.39 seconds
2212. #######################################################################################################################################
2213. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 10:20 EDT
2214. Nmap scan report for www.ncr.gov.sd (62.12.105.2)
2215. Host is up (0.23s latency).
2216. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2217.  
2218. PORT STATE SERVICE VERSION
2219. 21/tcp open tcpwrapped
2220. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2221. Device type: specialized|WAP|general purpose|router
2222. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
2223. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
2224. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
2225. Network Distance: 20 hops
2226.  
2227. TRACEROUTE (using port 21/tcp)
2228. HOP RTT ADDRESS
2229. 1 25.20 ms 10.249.200.1
2230. 2 55.73 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2231. 3 31.55 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2232. 4 25.43 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2233. 5 25.84 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2234. 6 25.99 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2235. 7 31.20 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2236. 8 34.01 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
2237. 9 33.82 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
2238. 10 34.31 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2239. 11 34.12 ms te0-0-1-1.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.18)
2240. 12 33.28 ms 149.14.125.130
2241. 13 282.05 ms xe-8-3-0.0.cjr03.prs001.flagtel.com (85.95.26.222)
2242. 14 116.24 ms xe-8-0-2.0.cjr04.prs001.flagtel.com (85.95.25.158)
2243. 15 272.90 ms xe-11-3-1.0.pjr04.dxb001.flagtel.com (62.216.134.210)
2244. 16 338.11 ms 80.77.2.42
2245. 17 223.51 ms 196.29.177.113
2246. 18 226.10 ms 197.254.196.62
2247. 19 ...
2248. 20 226.40 ms f03-web02.nic.gov.sd (62.12.105.2)
2249. #######################################################################################################################################
2250. http://www.ncr.gov.sd [200 OK] Cookies[e0ddbc0e0e8bfa0175c84685f00835f0], HTTPServer[nginx], IP[62.12.105.2], JQuery[1.4.2], maybe Joomla, MetaGenerator[Joomla! - Open Source Content Management], PHP[5.6.40,], Plesk[Lin], Script[text/javascript], Title[المركز القومي للبحوث], X-Powered-By[PHP/5.6.40, PleskLin], nginx
2251. #######################################################################################################################################
2252.  
2253. wig - WebApp Information Gatherer
2254.  
2255.  
2256. Scanning http://www.ncr.gov.sd...
2257. _________________________________________________ SITE INFO _________________________________________________
2258. IP Title
2259. 62.12.105.2 المركز القومي للبحوث
2260.  
2261. __________________________________________________ VERSION __________________________________________________
2262. Name Versions Type
2263. Joomla! 2.5.8 CMS
2264. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2265. 2.4.9
2266. PHP 5.6.40 Platform
2267. nginx Platform
2268. jQuery 1.4.2 JavaScript
2269.  
2270. ________________________________________________ INTERESTING ________________________________________________
2271. URL Note Type
2272. /robots.txt robots.txt index Interesting
2273.  
2274. ___________________________________________________ TOOLS ___________________________________________________
2275. Name Link Software
2276. CMSmap https://github.com/Dionach/CMSmap Joomla!
2277. joomscan http://sourceforge.net/projects/joomscan/ Joomla!
2278.  
2279. ______________________________________________ VULNERABILITIES ______________________________________________
2280. Affected #Vulns Link
2281. Joomla! 2.5.8 0 http://cvedetails.com/version/53838
2282.  
2283. _____________________________________________________________________________________________________________
2284. Time: 50.0 sec Urls: 624 Fingerprints: 40401
2285. #######################################################################################################################################
2286. HTTP/1.1 200 OK
2287. Server: nginx
2288. Date: Sun, 16 Jun 2019 13:35:46 GMT
2289. Content-Type: text/html; charset=utf-8
2290. Connection: keep-alive
2291. X-Powered-By: PHP/5.6.40
2292. P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
2293. Cache-Control: no-cache
2294. Pragma: no-cache
2295. Set-Cookie: e0ddbc0e0e8bfa0175c84685f00835f0=bomna2cskh4uehu0gitc79s5u5; path=/
2296. X-Powered-By: PleskLin
2297.  
2298. HTTP/1.1 200 OK
2299. Server: nginx
2300. Date: Sun, 16 Jun 2019 13:35:47 GMT
2301. Content-Type: text/html; charset=utf-8
2302. Connection: keep-alive
2303. X-Powered-By: PHP/5.6.40
2304. P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
2305. Cache-Control: no-cache
2306. Pragma: no-cache
2307. Set-Cookie: e0ddbc0e0e8bfa0175c84685f00835f0=ijut9lkfi5aih75g2c3vmpu571; path=/
2308. X-Powered-By: PleskLin
2309. #######################################################################################################################################
2310. jQuery 1.4.2
2311. PHP 5.6.40
2312. Joomla
2313. Nginx
2314. MooTools
2315. #######################################################################################################################################
2316. tee: /usr/share/sniper/loot//output/nmap-www.ncr.gov.sd-port110.txt: Aucun fichier ou dossier de ce type
2317. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 10:33 EDT
2318. Nmap scan report for www.ncr.gov.sd (62.12.105.2)
2319. Host is up (0.23s latency).
2320. rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2321.  
2322. PORT STATE SERVICE VERSION
2323. 110/tcp open pop3 Dovecot pop3d
2324. | pop3-brute:
2325. | Accounts: No valid accounts found
2326. |_ Statistics: Performed 212 guesses in 183 seconds, average tps: 1.1
2327. |_pop3-capabilities: STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES CAPA AUTH-RESP-CODE USER APOP UIDL TOP PIPELINING
2328. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2329. Device type: specialized|WAP|general purpose|router
2330. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
2331. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
2332. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
2333. Network Distance: 20 hops
2334. Service Info: Host: fo3-web02.nic.gov.sd
2335.  
2336. TRACEROUTE (using port 443/tcp)
2337. HOP RTT ADDRESS
2338. 1 22.43 ms 10.249.200.1
2339. 2 29.70 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2340. 3 28.08 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2341. 4 22.59 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2342. 5 23.29 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2343. 6 23.49 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2344. 7 28.50 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2345. 8 31.14 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2346. 9 31.57 ms be2854.ccr22.jfk04.atlas.cogentco.com (154.54.6.234)
2347. 10 31.58 ms te0-0-0-3.agr11.jfk04.atlas.cogentco.com (154.54.5.178)
2348. 11 30.90 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2349. 12 37.79 ms 149.14.125.130
2350. 13 280.11 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2351. 14 309.53 ms xe-11-1-1.0.pjr03.dxb001.flagtel.com (85.95.27.114)
2352. 15 279.63 ms xe-11-3-1.0.pjr04.dxb001.flagtel.com (62.216.134.210)
2353. 16 346.74 ms 80.77.2.42
2354. 17 229.99 ms 196.29.177.113
2355. 18 229.04 ms 197.254.196.62
2356. 19 ...
2357. 20 227.64 ms f03-web02.nic.gov.sd (62.12.105.2)
2358. #######################################################################################################################################
2359. Version: 1.11.13-static
2360. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2361.  
2362. Connected to 62.12.105.2
2363.  
2364. Testing SSL server www.ncr.gov.sd on port 443 using SNI name www.ncr.gov.sd
2365.  
2366. TLS Fallback SCSV:
2367. Server supports TLS Fallback SCSV
2368.  
2369. TLS renegotiation:
2370. Secure session renegotiation supported
2371.  
2372. TLS Compression:
2373. Compression disabled
2374.  
2375. Heartbleed:
2376. TLS 1.2 not vulnerable to heartbleed
2377. TLS 1.1 not vulnerable to heartbleed
2378. TLS 1.0 not vulnerable to heartbleed
2379.  
2380. Supported Server Cipher(s):
2381. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2382. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2383. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2384. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2385. Accepted TLSv1.2 256 bits AES256-SHA256
2386. Accepted TLSv1.2 256 bits AES256-SHA
2387. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2388. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2389. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2390. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2391. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2392. Accepted TLSv1.2 128 bits AES128-SHA256
2393. Accepted TLSv1.2 128 bits AES128-SHA
2394. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2395. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2396. Accepted TLSv1.1 256 bits AES256-SHA
2397. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2398. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2399. Accepted TLSv1.1 128 bits AES128-SHA
2400. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2401. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2402. Accepted TLSv1.0 256 bits AES256-SHA
2403. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2404. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2405. Accepted TLSv1.0 128 bits AES128-SHA
2406. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2407.  
2408. SSL Certificate:
2409. Signature Algorithm: sha256WithRSAEncryption
2410. RSA Key Strength: 2048
2411.  
2412. Subject: Plesk
2413. Issuer: Plesk
2414.  
2415. Not valid before: Apr 20 02:40:27 2016 GMT
2416. Not valid after: Apr 20 02:40:27 2017 GMT
2417. #######################################################################################################################################
2418. --------------------------------------------------------
2419. <<<Yasuo discovered following vulnerable applications>>>
2420. --------------------------------------------------------
2421. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2422. | App Name | URL to Application | Potential Exploit | Username | Password |
2423. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2424. | phpMyAdmin | https://62.12.105.2:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
2425. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2426. #######################################################################################################################################
2427. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:19 EDT
2428. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2429. Host is up (0.19s latency).
2430. Not shown: 464 filtered ports, 4 closed ports
2431. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2432. PORT STATE SERVICE
2433. 21/tcp open ftp
2434. 80/tcp open http
2435. 110/tcp open pop3
2436. 143/tcp open imap
2437. 443/tcp open https
2438. 993/tcp open imaps
2439. 995/tcp open pop3s
2440. 8443/tcp open https-alt
2441.  
2442. Nmap done: 1 IP address (1 host up) scanned in 6.04 seconds
2443. #######################################################################################################################################
2444. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:20 EDT
2445. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2446. Host is up (0.025s latency).
2447. Not shown: 2 filtered ports
2448. PORT STATE SERVICE
2449. 53/udp open|filtered domain
2450. 67/udp open|filtered dhcps
2451. 68/udp open|filtered dhcpc
2452. 69/udp open|filtered tftp
2453. 88/udp open|filtered kerberos-sec
2454. 123/udp open|filtered ntp
2455. 139/udp open|filtered netbios-ssn
2456. 161/udp open|filtered snmp
2457. 162/udp open|filtered snmptrap
2458. 389/udp open|filtered ldap
2459. 520/udp open|filtered route
2460. 2049/udp open|filtered nfs
2461.  
2462. Nmap done: 1 IP address (1 host up) scanned in 1.34 seconds
2463. #######################################################################################################################################
2464. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:20 EDT
2465. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2466. Host is up (0.23s latency).
2467.  
2468. PORT STATE SERVICE VERSION
2469. 21/tcp open tcpwrapped
2470. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2471. Device type: specialized|WAP|general purpose|router
2472. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
2473. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
2474. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
2475. Network Distance: 20 hops
2476.  
2477. TRACEROUTE (using port 21/tcp)
2478. HOP RTT ADDRESS
2479. 1 22.18 ms 10.249.200.1
2480. 2 22.53 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2481. 3 32.95 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2482. 4 22.27 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2483. 5 22.68 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2484. 6 22.63 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2485. 7 28.22 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2486. 8 30.99 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
2487. 9 31.41 ms be2854.ccr22.jfk04.atlas.cogentco.com (154.54.6.234)
2488. 10 31.66 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2489. 11 33.39 ms te0-0-1-1.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.18)
2490. 12 33.29 ms 149.14.125.130
2491. 13 290.77 ms xe-2-0-0.0.pjr02.nyc005.flagtel.com (85.95.25.149)
2492. 14 316.08 ms xe-11-1-1.0.pjr03.dxb001.flagtel.com (85.95.27.114)
2493. 15 283.56 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
2494. 16 348.37 ms 80.77.2.42
2495. 17 231.21 ms 196.29.177.113
2496. 18 234.55 ms 197.254.196.62
2497. 19 ...
2498. 20 228.59 ms f03-web02.nic.gov.sd (62.12.105.2)
2499. #######################################################################################################################################
2500. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:30 EDT
2501. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2502. Host is up.
2503.  
2504. PORT STATE SERVICE VERSION
2505. 67/udp open|filtered dhcps
2506. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2507. Too many fingerprints match this host to give specific OS details
2508.  
2509. TRACEROUTE (using proto 1/icmp)
2510. HOP RTT ADDRESS
2511. 1 26.54 ms 10.249.200.1
2512. 2 27.96 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2513. 3 62.29 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2514. 4 21.22 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2515. 5 21.62 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2516. 6 21.66 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2517. 7 28.05 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2518. 8 30.79 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2519. 9 30.83 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2520. 10 30.91 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2521. 11 29.86 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2522. 12 29.20 ms 149.14.125.130
2523. 13 272.23 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2524. 14 307.24 ms xe-11-1-2.0.pjr03.dxb001.flagtel.com (85.95.26.161)
2525. 15 283.42 ms xe-11-3-0.0.pjr04.dxb001.flagtel.com (62.216.129.134)
2526. 16 347.90 ms 80.77.2.42
2527. 17 227.26 ms 196.29.177.113
2528. 18 230.82 ms 197.254.196.62
2529. 19 ... 30
2530. #######################################################################################################################################
2531. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:32 EDT
2532. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2533. Host is up.
2534.  
2535. PORT STATE SERVICE VERSION
2536. 68/udp open|filtered dhcpc
2537. Too many fingerprints match this host to give specific OS details
2538.  
2539. TRACEROUTE (using proto 1/icmp)
2540. HOP RTT ADDRESS
2541. 1 22.91 ms 10.249.200.1
2542. 2 23.30 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2543. 3 44.37 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2544. 4 23.28 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2545. 5 23.69 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2546. 6 23.43 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2547. 7 29.17 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2548. 8 31.83 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2549. 9 31.88 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2550. 10 32.47 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2551. 11 31.76 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2552. 12 32.35 ms 149.14.125.130
2553. 13 274.42 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2554. 14 306.81 ms xe-11-1-2.0.pjr03.dxb001.flagtel.com (85.95.26.161)
2555. 15 279.50 ms xe-11-3-0.0.pjr04.dxb001.flagtel.com (62.216.129.134)
2556. 16 343.35 ms 80.77.2.42
2557. 17 227.12 ms 196.29.177.113
2558. 18 239.77 ms 197.254.196.62
2559. 19 ... 30
2560. #######################################################################################################################################
2561. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:34 EDT
2562. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2563. Host is up.
2564.  
2565. PORT STATE SERVICE VERSION
2566. 69/udp open|filtered tftp
2567. Too many fingerprints match this host to give specific OS details
2568.  
2569. TRACEROUTE (using proto 1/icmp)
2570. HOP RTT ADDRESS
2571. 1 27.61 ms 10.249.200.1
2572. 2 22.73 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2573. 3 41.63 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2574. 4 22.56 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2575. 5 22.91 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2576. 6 23.39 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2577. 7 28.23 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2578. 8 31.46 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2579. 9 31.10 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2580. 10 31.76 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2581. 11 31.30 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2582. 12 30.86 ms 149.14.125.130
2583. 13 273.82 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2584. 14 309.43 ms xe-11-1-2.0.pjr03.dxb001.flagtel.com (85.95.26.161)
2585. 15 279.16 ms xe-11-3-0.0.pjr04.dxb001.flagtel.com (62.216.129.134)
2586. 16 342.55 ms 80.77.2.42
2587. 17 228.53 ms 196.29.177.113
2588. 18 231.88 ms 197.254.196.62
2589. 19 ... 30
2590. #######################################################################################################################################
2591.  
2592. wig - WebApp Information Gatherer
2593.  
2594.  
2595. Scanning http://62.12.105.2...
2596. _________________________________________ SITE INFO _________________________________________
2597. IP Title
2598. 62.12.105.2 Domain Default page
2599.  
2600. __________________________________________ VERSION __________________________________________
2601. Name Versions Type
2602. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2603. 2.4.9
2604. nginx Platform
2605.  
2606. _____________________________________________________________________________________________
2607. Time: 45.6 sec Urls: 811 Fingerprints: 40401
2608. #######################################################################################################################################
2609. HTTP/1.1 200 OK
2610. Server: nginx
2611. Date: Sun, 16 Jun 2019 14:40:15 GMT
2612. Content-Type: text/html
2613. Content-Length: 3750
2614. Connection: keep-alive
2615. Last-Modified: Wed, 07 Feb 2018 11:25:44 GMT
2616. ETag: "ea6-5649d8e57844b"
2617. Accept-Ranges: bytes
2618.  
2619. HTTP/1.1 200 OK
2620. Server: nginx
2621. Date: Sun, 16 Jun 2019 14:40:15 GMT
2622. Content-Type: text/html
2623. Content-Length: 3750
2624. Connection: keep-alive
2625. Last-Modified: Wed, 07 Feb 2018 11:25:44 GMT
2626. ETag: "ea6-5649d8e57844b"
2627. Accept-Ranges: bytes
2628.  
2629. Allow: POST,OPTIONS,GET,HEAD
2630. #######################################################################################################################################
2631. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:37 EDT
2632. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2633. Host is up (0.23s latency).
2634.  
2635. PORT STATE SERVICE VERSION
2636. 110/tcp open pop3 Dovecot pop3d
2637. | pop3-brute:
2638. | Accounts: No valid accounts found
2639. |_ Statistics: Performed 213 guesses in 184 seconds, average tps: 1.1
2640. |_pop3-capabilities: CAPA AUTH-RESP-CODE PIPELINING USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) UIDL APOP RESP-CODES STLS TOP
2641. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2642. Device type: specialized|WAP|general purpose|router
2643. Running: AVtech embedded, Linux 2.4.X|2.6.X|3.X, MikroTik RouterOS 6.X
2644. OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15
2645. OS details: AVtech Room Alert 26W environmental monitor, Tomato 1.27 - 1.28 (Linux 2.4.20), Linux 2.6.18 - 2.6.22, Linux 3.2.0, MikroTik RouterOS 6.15 (Linux 3.3.5)
2646. Network Distance: 20 hops
2647. Service Info: Host: fo3-web02.nic.gov.sd
2648.  
2649. TRACEROUTE (using port 443/tcp)
2650. HOP RTT ADDRESS
2651. 1 21.39 ms 10.249.200.1
2652. 2 21.74 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2653. 3 31.54 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2654. 4 22.43 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2655. 5 21.81 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2656. 6 21.54 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2657. 7 27.01 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
2658. 8 29.62 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2659. 9 29.85 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2660. 10 30.28 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2661. 11 30.13 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2662. 12 30.03 ms 149.14.125.130
2663. 13 278.04 ms xe-8-3-0.0.cjr03.prs001.flagtel.com (85.95.26.222)
2664. 14 112.22 ms ae5.0.cjr04.prs001.flagtel.com (62.216.131.30)
2665. 15 274.66 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
2666. 16 344.27 ms 80.77.2.42
2667. 17 228.60 ms 196.29.177.113
2668. 18 231.60 ms 197.254.196.62
2669. 19 ...
2670. 20 231.22 ms f03-web02.nic.gov.sd (62.12.105.2)
2671. #######################################################################################################################################
2672. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:41 EDT
2673. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2674. Host is up.
2675.  
2676. PORT STATE SERVICE VERSION
2677. 123/udp open|filtered ntp
2678. Too many fingerprints match this host to give specific OS details
2679.  
2680. TRACEROUTE (using proto 1/icmp)
2681. HOP RTT ADDRESS
2682. 1 21.27 ms 10.249.200.1
2683. 2 21.72 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2684. 3 70.70 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2685. 4 21.72 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2686. 5 22.08 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2687. 6 21.69 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2688. 7 27.40 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2689. 8 30.39 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2690. 9 30.54 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2691. 10 30.63 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2692. 11 29.74 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2693. 12 48.33 ms 149.14.125.130
2694. 13 272.34 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2695. 14 302.36 ms xe-11-1-2.0.pjr03.dxb001.flagtel.com (85.95.26.161)
2696. 15 277.66 ms xe-11-3-0.0.pjr04.dxb001.flagtel.com (62.216.129.134)
2697. 16 347.30 ms 80.77.2.42
2698. 17 231.64 ms 196.29.177.113
2699. 18 235.32 ms 197.254.196.62
2700. 19 ... 30
2701. #######################################################################################################################################
2702. Version: 1.11.13-static
2703. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2704.  
2705. Connected to 62.12.105.2
2706.  
2707. Testing SSL server 62.12.105.2 on port 443 using SNI name 62.12.105.2
2708.  
2709. TLS Fallback SCSV:
2710. Server supports TLS Fallback SCSV
2711.  
2712. TLS renegotiation:
2713. Secure session renegotiation supported
2714.  
2715. TLS Compression:
2716. Compression disabled
2717.  
2718. Heartbleed:
2719. TLS 1.2 not vulnerable to heartbleed
2720. TLS 1.1 not vulnerable to heartbleed
2721. TLS 1.0 not vulnerable to heartbleed
2722.  
2723. Supported Server Cipher(s):
2724. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2725. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2726. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2727. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2728. Accepted TLSv1.2 256 bits AES256-SHA256
2729. Accepted TLSv1.2 256 bits AES256-SHA
2730. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2731. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2732. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2733. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2734. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2735. Accepted TLSv1.2 128 bits AES128-SHA256
2736. Accepted TLSv1.2 128 bits AES128-SHA
2737. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2738. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2739. Accepted TLSv1.1 256 bits AES256-SHA
2740. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2741. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2742. Accepted TLSv1.1 128 bits AES128-SHA
2743. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2744. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2745. Accepted TLSv1.0 256 bits AES256-SHA
2746. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2747. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2748. Accepted TLSv1.0 128 bits AES128-SHA
2749. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2750.  
2751. SSL Certificate:
2752. Signature Algorithm: sha256WithRSAEncryption
2753. RSA Key Strength: 2048
2754.  
2755. Subject: Plesk
2756. Issuer: Plesk
2757.  
2758. Not valid before: Apr 20 02:40:27 2016 GMT
2759. Not valid after: Apr 20 02:40:27 2017 GMT
2760. #######################################################################################################################################
2761. --------------------------------------------------------
2762. <<<Yasuo discovered following vulnerable applications>>>
2763. --------------------------------------------------------
2764. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2765. | App Name | URL to Application | Potential Exploit | Username | Password |
2766. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2767. | phpMyAdmin | https://62.12.105.2:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
2768. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
2769. #######################################################################################################################################
2770. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:51 EDT
2771. NSE: Loaded 148 scripts for scanning.
2772. NSE: Script Pre-scanning.
2773. NSE: Starting runlevel 1 (of 2) scan.
2774. Initiating NSE at 11:51
2775. Completed NSE at 11:51, 0.00s elapsed
2776. NSE: Starting runlevel 2 (of 2) scan.
2777. Initiating NSE at 11:51
2778. Completed NSE at 11:51, 0.00s elapsed
2779. Initiating Ping Scan at 11:51
2780. Scanning 62.12.105.2 [4 ports]
2781. Completed Ping Scan at 11:51, 0.27s elapsed (1 total hosts)
2782. Initiating Parallel DNS resolution of 1 host. at 11:51
2783. Completed Parallel DNS resolution of 1 host. at 11:51, 0.04s elapsed
2784. Initiating Connect Scan at 11:51
2785. Scanning f03-web02.nic.gov.sd (62.12.105.2) [65535 ports]
2786. Discovered open port 995/tcp on 62.12.105.2
2787. Discovered open port 21/tcp on 62.12.105.2
2788. Discovered open port 993/tcp on 62.12.105.2
2789. Discovered open port 110/tcp on 62.12.105.2
2790. Discovered open port 80/tcp on 62.12.105.2
2791. Discovered open port 443/tcp on 62.12.105.2
2792. Discovered open port 143/tcp on 62.12.105.2
2793. Connect Scan Timing: About 7.92% done; ETC: 11:57 (0:06:00 remaining)
2794. Connect Scan Timing: About 42.67% done; ETC: 11:53 (0:01:22 remaining)
2795. Completed Connect Scan at 11:52, 98.75s elapsed (65535 total ports)
2796. Initiating Service scan at 11:52
2797. Scanning 7 services on f03-web02.nic.gov.sd (62.12.105.2)
2798. Completed Service scan at 11:53, 14.47s elapsed (7 services on 1 host)
2799. Initiating OS detection (try #1) against f03-web02.nic.gov.sd (62.12.105.2)
2800. Retrying OS detection (try #2) against f03-web02.nic.gov.sd (62.12.105.2)
2801. WARNING: OS didn't match until try #2
2802. Initiating Traceroute at 11:53
2803. Completed Traceroute at 11:53, 6.08s elapsed
2804. Initiating Parallel DNS resolution of 18 hosts. at 11:53
2805. Completed Parallel DNS resolution of 18 hosts. at 11:53, 0.12s elapsed
2806. NSE: Script scanning 62.12.105.2.
2807. NSE: Starting runlevel 1 (of 2) scan.
2808. Initiating NSE at 11:53
2809. NSE Timing: About 99.27% done; ETC: 11:53 (0:00:00 remaining)
2810. NSE Timing: About 99.37% done; ETC: 11:54 (0:00:00 remaining)
2811. NSE Timing: About 99.48% done; ETC: 11:54 (0:00:00 remaining)
2812. NSE Timing: About 99.58% done; ETC: 11:55 (0:00:01 remaining)
2813. Completed NSE at 11:55, 138.59s elapsed
2814. NSE: Starting runlevel 2 (of 2) scan.
2815. Initiating NSE at 11:55
2816. Completed NSE at 11:55, 0.51s elapsed
2817. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2818. Host is up, received syn-ack ttl 45 (0.021s latency).
2819. Scanned at 2019-06-16 11:51:09 EDT for 264s
2820. Not shown: 65524 filtered ports
2821. Reason: 65523 no-responses and 1 host-unreach
2822. PORT STATE SERVICE REASON VERSION
2823. 21/tcp open tcpwrapped syn-ack
2824. 25/tcp closed smtp conn-refused
2825. 80/tcp open http syn-ack nginx
2826. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
2827. | http-methods:
2828. |_ Supported Methods: POST OPTIONS GET HEAD
2829. |_http-server-header: nginx
2830. |_http-title: Domain Default page
2831. 110/tcp open pop3 syn-ack Dovecot pop3d
2832. |_pop3-capabilities: USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) TOP RESP-CODES APOP CAPA AUTH-RESP-CODE PIPELINING STLS UIDL
2833. |_ssl-date: TLS randomness does not represent time
2834. 113/tcp closed ident conn-refused
2835. 139/tcp closed netbios-ssn conn-refused
2836. 143/tcp open imap syn-ack Dovecot imapd
2837. |_imap-capabilities: OK SASL-IR STARTTLS LITERAL+ post-login AUTH=CRAM-MD5A0001 have IMAP4rev1 listed AUTH=DIGEST-MD5 capabilities LOGIN-REFERRALS AUTH=PLAIN ENABLE ID more AUTH=LOGIN Pre-login IDLE
2838. |_ssl-date: TLS randomness does not represent time
2839. 443/tcp open ssl/http syn-ack nginx
2840. | http-methods:
2841. |_ Supported Methods: POST OPTIONS GET HEAD
2842. |_http-server-header: nginx
2843. |_http-title: Domain Default page
2844. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/localityName=Seattle/organizationalUnitName=Plesk/emailAddress=info@plesk.com
2845. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/localityName=Seattle/organizationalUnitName=Plesk/emailAddress=info@plesk.com
2846. | Public Key type: rsa
2847. | Public Key bits: 2048
2848. | Signature Algorithm: sha256WithRSAEncryption
2849. | Not valid before: 2016-04-20T02:40:27
2850. | Not valid after: 2017-04-20T02:40:27
2851. | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
2852. | SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
2853. | -----BEGIN CERTIFICATE-----
2854. | MIIDfTCCAmUCBFcW7BswDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
2855. | EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
2856. | ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
2857. | CQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDQyMDAyNDAyN1oXDTE3MDQyMDAyNDAy
2858. | N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
2859. | EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
2860. | AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
2861. | hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZDNfEWzRPuiKR6QpFWONPYHX+Pl6rwn
2862. | 6ctlVkGd2xcdnPKqzuL8z06rprVz1ro/kK7O9Xna4YfMzqoZjanxdzvjg5936PKF
2863. | jjf5+AA4mmbD1SD1wFCE4+U4PnE2lz/Ae/Nj5wSLK1xAL3zitACHRLTXs3a4GMQC
2864. | Q1LD36PSzhTl2EhDgQbSK+HB3YqsuJ8tKvn7P4qIGTZJ+HPikTXZ2e+bztPJGN4H
2865. | iL16zcL5F8DcIKuRx6qpmGjji8As/JsNLckYD0O8CFWZHNjbAniQ+c64Umif9UrD
2866. | IMcNJ3sgChQA7o8A1Qlu63FqJWGwxKlnPGt94tRpTUT1SGDCCMTTTwIDAQABMA0G
2867. | CSqGSIb3DQEBCwUAA4IBAQAmNWQp2HI7DaKdIhVqqviur4Z852Z1RCrqWXMl95DP
2868. | vtMpgRNrfdqC33xw627iWLJo4vKLvFK0OBgZ6O1gcLhcOeTGGbJLykhNjiPd0YU1
2869. | oIg7G6HWKeQ30q2FTv43qoc1s6uiuflihbctsF7tnLxMXQcZO3nwWkkLcuQtMDFS
2870. | RAkfBKbIoI/36MFs4GUh/nS78k9b3RgnSWwAD7DQi2+FrVr712EelRT627XIDp0U
2871. | t3D2RhpH0SqBX1ncmzF5P9wll3Yqoy0nrJOpXXEf3nP9LyTBA2imWclm4NHaBVat
2872. | CfsxXtJeFHpedfALThLxsTPAz/fsZoMC4s4N/ViMbF62
2873. |_-----END CERTIFICATE-----
2874. |_ssl-date: TLS randomness does not represent time
2875. | tls-alpn:
2876. |_ http/1.1
2877. | tls-nextprotoneg:
2878. |_ http/1.1
2879. 445/tcp closed microsoft-ds conn-refused
2880. 993/tcp open ssl/imaps? syn-ack
2881. |_ssl-date: TLS randomness does not represent time
2882. 995/tcp open ssl/pop3s? syn-ack
2883. |_ssl-date: TLS randomness does not represent time
2884. Device type: general purpose
2885. Running: Linux 2.6.X
2886. OS CPE: cpe:/o:linux:linux_kernel:2.6
2887. OS details: Linux 2.6.18 - 2.6.22
2888. TCP/IP fingerprint:
2889. OS:SCAN(V=7.70%E=4%D=6/16%OT=80%CT=25%CU=%PV=N%G=N%TM=5D066675%P=x86_64-pc-
2890. OS:linux-gnu)SEQ(SP=106%GCD=1%ISR=107%TI=Z%CI=Z%TS=A)SEQ(CI=Z)OPS(O1=M44FST
2891. OS:11NW7%O2=M44FST11NW7%O3=M44FNNT11NW7%O4=M44FST11NW7%O5=M44FST11NW7%O6=M4
2892. OS:4FST11)WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)ECN(R=Y%DF=Y%
2893. OS:TG=40%W=7210%O=M44FNNSNW7%CC=Y%Q=)ECN(R=N)T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=A
2894. OS:S%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD
2895. OS:=0%Q=)T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=N)IE(R=N)
2896.  
2897. Service Info: Host: fo3-web02.nic.gov.sd
2898.  
2899. TRACEROUTE (using proto 1/icmp)
2900. HOP RTT ADDRESS
2901. 1 25.97 ms 10.249.200.1
2902. 2 26.20 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2903. 3 39.31 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2904. 4 20.73 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2905. 5 21.10 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2906. 6 21.53 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
2907. 7 26.28 ms be2104.ccr22.alb02.atlas.cogentco.com (154.54.43.22)
2908. 8 29.07 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
2909. 9 29.45 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
2910. 10 29.70 ms te0-0-0-3.agr12.jfk04.atlas.cogentco.com (154.54.31.42)
2911. 11 31.90 ms te0-0-1-0.nr11.b001587-3.jfk04.atlas.cogentco.com (154.24.2.22)
2912. 12 31.32 ms 149.14.125.130
2913. 13 274.99 ms xe-8-3-3.0.cjr03.prs001.flagtel.com (85.95.27.25)
2914. 14 310.11 ms xe-11-1-2.0.pjr03.dxb001.flagtel.com (85.95.26.161)
2915. 15 279.62 ms xe-11-3-0.0.pjr04.dxb001.flagtel.com (62.216.129.134)
2916. 16 343.17 ms 80.77.2.42
2917. 17 227.50 ms 196.29.177.113
2918. 18 231.01 ms 197.254.196.62
2919. 19 ... 30
2920.  
2921. NSE: Script Post-scanning.
2922. NSE: Starting runlevel 1 (of 2) scan.
2923. Initiating NSE at 11:55
2924. Completed NSE at 11:55, 0.00s elapsed
2925. NSE: Starting runlevel 2 (of 2) scan.
2926. Initiating NSE at 11:55
2927. Completed NSE at 11:55, 0.00s elapsed
2928. Read data files from: /usr/bin/../share/nmap
2929. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2930. Nmap done: 1 IP address (1 host up) scanned in 264.64 seconds
2931. Raw packets sent: 174 (12.288KB) | Rcvd: 143 (22.651KB)
2932. #######################################################################################################################################
2933. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-16 11:55 EDT
2934. NSE: Loaded 148 scripts for scanning.
2935. NSE: Script Pre-scanning.
2936. Initiating NSE at 11:55
2937. Completed NSE at 11:55, 0.00s elapsed
2938. Initiating NSE at 11:55
2939. Completed NSE at 11:55, 0.00s elapsed
2940. Initiating Parallel DNS resolution of 1 host. at 11:55
2941. Completed Parallel DNS resolution of 1 host. at 11:55, 0.03s elapsed
2942. Initiating UDP Scan at 11:55
2943. Scanning f03-web02.nic.gov.sd (62.12.105.2) [14 ports]
2944. Completed UDP Scan at 11:55, 1.52s elapsed (14 total ports)
2945. Initiating Service scan at 11:55
2946. Scanning 12 services on f03-web02.nic.gov.sd (62.12.105.2)
2947. Service scan Timing: About 8.33% done; ETC: 12:15 (0:17:58 remaining)
2948. Completed Service scan at 11:57, 102.58s elapsed (12 services on 1 host)
2949. Initiating OS detection (try #1) against f03-web02.nic.gov.sd (62.12.105.2)
2950. Retrying OS detection (try #2) against f03-web02.nic.gov.sd (62.12.105.2)
2951. Initiating Traceroute at 11:57
2952. Completed Traceroute at 11:57, 7.06s elapsed
2953. Initiating Parallel DNS resolution of 1 host. at 11:57
2954. Completed Parallel DNS resolution of 1 host. at 11:57, 0.00s elapsed
2955. NSE: Script scanning 62.12.105.2.
2956. Initiating NSE at 11:57
2957. Completed NSE at 11:57, 20.33s elapsed
2958. Initiating NSE at 11:57
2959. Completed NSE at 11:57, 1.02s elapsed
2960. Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2961. Host is up (0.026s latency).
2962.  
2963. PORT STATE SERVICE VERSION
2964. 53/udp open|filtered domain
2965. 67/udp open|filtered dhcps
2966. 68/udp open|filtered dhcpc
2967. 69/udp open|filtered tftp
2968. 88/udp open|filtered kerberos-sec
2969. 123/udp open|filtered ntp
2970. 137/udp filtered netbios-ns
2971. 138/udp filtered netbios-dgm
2972. 139/udp open|filtered netbios-ssn
2973. 161/udp open|filtered snmp
2974. 162/udp open|filtered snmptrap
2975. 389/udp open|filtered ldap
2976. 520/udp open|filtered route
2977. 2049/udp open|filtered nfs
2978. Too many fingerprints match this host to give specific OS details
2979.  
2980. TRACEROUTE (using port 137/udp)
2981. HOP RTT ADDRESS
2982. 1 21.07 ms 10.249.200.1
2983. 2 ... 3
2984. 4 21.22 ms 10.249.200.1
2985. 5 21.73 ms 10.249.200.1
2986. 6 21.72 ms 10.249.200.1
2987. 7 21.70 ms 10.249.200.1
2988. 8 21.58 ms 10.249.200.1
2989. 9 21.57 ms 10.249.200.1
2990. 10 21.57 ms 10.249.200.1
2991. 11 ... 18
2992. 19 23.11 ms 10.249.200.1
2993. 20 21.00 ms 10.249.200.1
2994. 21 ... 27
2995. 28 20.99 ms 10.249.200.1
2996. 29 ...
2997. 30 21.48 ms 10.249.200.1
2998.  
2999. NSE: Script Post-scanning.
3000. Initiating NSE at 11:57
3001. Completed NSE at 11:57, 0.00s elapsed
3002. Initiating NSE at 11:57
3003. Completed NSE at 11:57, 0.00s elapsed
3004. Read data files from: /usr/bin/../share/nmap
3005. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3006. Nmap done: 1 IP address (1 host up) scanned in 135.68 seconds
3007. Raw packets sent: 147 (13.614KB) | Rcvd: 109 (15.748KB)
3008. #######################################################################################################################################
3009.  
3010. Hosts
3011. =====
3012.  
3013. address mac name os_name os_flavor os_sp purpose info comments
3014. ------- --- ---- ------- --------- ----- ------- ---- --------
3015. 52.64.99.208 cbs.gov.ws Linux 3.X server
3016. 62.12.105.2 f03-web02.nic.gov.sd Linux 2.6.X server
3017. 62.12.105.3 f03-web01.nic.gov.sd embedded 2.6.X device
3018. 62.12.105.4 f05-web03.nic.gov.sd Linux 2.6.X server
3019. 77.72.0.146 argon.cloudhosting.co.uk Unknown device
3020. 147.237.77.18 Unknown device
3021.  
3022. Services
3023. ========
3024.  
3025. host port proto name state info
3026. ---- ---- ----- ---- ----- ----
3027. 52.64.99.208 20 tcp ftp-data closed
3028. 52.64.99.208 21 tcp ftp open vsftpd 3.0.2
3029. 52.64.99.208 25 tcp smtp closed
3030. 52.64.99.208 53 udp domain unknown
3031. 52.64.99.208 67 udp dhcps unknown
3032. 52.64.99.208 68 udp dhcpc unknown
3033. 52.64.99.208 69 udp tftp unknown
3034. 52.64.99.208 80 tcp http open Apache httpd
3035. 52.64.99.208 88 udp kerberos-sec unknown
3036. 52.64.99.208 123 udp ntp unknown
3037. 52.64.99.208 137 udp netbios-ns filtered
3038. 52.64.99.208 138 udp netbios-dgm filtered
3039. 52.64.99.208 139 tcp netbios-ssn closed
3040. 52.64.99.208 139 udp netbios-ssn unknown
3041. 52.64.99.208 161 udp snmp unknown
3042. 52.64.99.208 162 udp snmptrap unknown
3043. 52.64.99.208 389 udp ldap unknown
3044. 52.64.99.208 443 tcp ssl/http open Apache httpd
3045. 52.64.99.208 445 tcp microsoft-ds closed
3046. 52.64.99.208 520 udp route unknown
3047. 52.64.99.208 1024 tcp kdm closed
3048. 52.64.99.208 1025 tcp nfs-or-iis closed
3049. 52.64.99.208 1026 tcp lsa-or-nterm closed
3050. 52.64.99.208 1027 tcp iis closed
3051. 52.64.99.208 1028 tcp unknown closed
3052. 52.64.99.208 1029 tcp ms-lsa closed
3053. 52.64.99.208 1030 tcp iad1 closed
3054. 52.64.99.208 1031 tcp iad2 closed
3055. 52.64.99.208 1032 tcp iad3 closed
3056. 52.64.99.208 1033 tcp netinfo closed
3057. 52.64.99.208 1034 tcp zincite-a closed
3058. 52.64.99.208 1035 tcp multidropper closed
3059. 52.64.99.208 1036 tcp nsstp closed
3060. 52.64.99.208 1037 tcp ams closed
3061. 52.64.99.208 1038 tcp mtqp closed
3062. 52.64.99.208 1039 tcp sbl closed
3063. 52.64.99.208 1040 tcp netsaint closed
3064. 52.64.99.208 1041 tcp danf-ak2 closed
3065. 52.64.99.208 1042 tcp afrog closed
3066. 52.64.99.208 1043 tcp boinc closed
3067. 52.64.99.208 1044 tcp dcutility closed
3068. 52.64.99.208 1045 tcp fpitp closed
3069. 52.64.99.208 1046 tcp wfremotertm closed
3070. 52.64.99.208 1047 tcp neod1 closed
3071. 52.64.99.208 1048 tcp neod2 closed
3072. 52.64.99.208 2049 udp nfs unknown
3073. 62.12.105.2 21 tcp tcpwrapped open
3074. 62.12.105.2 25 tcp smtp closed
3075. 62.12.105.2 53 udp domain unknown
3076. 62.12.105.2 67 udp dhcps unknown
3077. 62.12.105.2 68 udp dhcpc unknown
3078. 62.12.105.2 69 udp tftp unknown
3079. 62.12.105.2 80 tcp http open nginx
3080. 62.12.105.2 88 udp kerberos-sec unknown
3081. 62.12.105.2 110 tcp pop3 open Dovecot pop3d
3082. 62.12.105.2 113 tcp ident closed
3083. 62.12.105.2 123 udp ntp unknown
3084. 62.12.105.2 137 udp netbios-ns filtered
3085. 62.12.105.2 138 udp netbios-dgm filtered
3086. 62.12.105.2 139 tcp netbios-ssn closed
3087. 62.12.105.2 139 udp netbios-ssn unknown
3088. 62.12.105.2 143 tcp imap open Dovecot imapd
3089. 62.12.105.2 161 udp snmp unknown
3090. 62.12.105.2 162 udp snmptrap unknown
3091. 62.12.105.2 389 udp ldap unknown
3092. 62.12.105.2 443 tcp ssl/http open nginx
3093. 62.12.105.2 445 tcp microsoft-ds closed
3094. 62.12.105.2 520 udp route unknown
3095. 62.12.105.2 993 tcp ssl/imaps open
3096. 62.12.105.2 995 tcp ssl/pop3s open
3097. 62.12.105.2 2049 udp nfs unknown
3098. 62.12.105.2 8443 tcp https-alt open
3099. 62.12.105.3 20 tcp ftp-data closed
3100. 62.12.105.3 21 tcp ftp open Microsoft ftpd
3101. 62.12.105.3 25 tcp smtp closed
3102. 62.12.105.3 53 udp domain unknown
3103. 62.12.105.3 67 udp dhcps unknown
3104. 62.12.105.3 68 udp dhcpc unknown
3105. 62.12.105.3 69 udp tftp unknown
3106. 62.12.105.3 80 tcp http open Microsoft IIS httpd 8.5
3107. 62.12.105.3 88 udp kerberos-sec unknown
3108. 62.12.105.3 110 tcp pop3 open MailEnable POP3 Server
3109. 62.12.105.3 113 tcp ident closed
3110. 62.12.105.3 123 udp ntp unknown
3111. 62.12.105.3 137 udp netbios-ns filtered
3112. 62.12.105.3 138 udp netbios-dgm filtered
3113. 62.12.105.3 139 tcp netbios-ssn closed
3114. 62.12.105.3 139 udp netbios-ssn unknown
3115. 62.12.105.3 143 tcp imap open MailEnable imapd
3116. 62.12.105.3 161 udp snmp unknown
3117. 62.12.105.3 162 udp snmptrap unknown
3118. 62.12.105.3 389 udp ldap unknown
3119. 62.12.105.3 443 tcp https open
3120. 62.12.105.3 445 tcp microsoft-ds closed
3121. 62.12.105.3 520 udp route unknown
3122. 62.12.105.3 993 tcp imaps closed
3123. 62.12.105.3 995 tcp pop3s closed
3124. 62.12.105.3 1025 tcp nfs-or-iis closed
3125. 62.12.105.3 2049 udp nfs unknown
3126. 62.12.105.3 5224 tcp hpvirtctrl closed
3127. 62.12.105.3 8443 tcp ssl/http open Microsoft IIS httpd 8.5
3128. 62.12.105.4 21 tcp ftp open ProFTPD 1.3.5d
3129. 62.12.105.4 25 tcp smtp closed
3130. 62.12.105.4 53 udp domain unknown
3131. 62.12.105.4 67 udp dhcps unknown
3132. 62.12.105.4 68 udp dhcpc unknown
3133. 62.12.105.4 69 udp tftp unknown
3134. 62.12.105.4 80 tcp http open nginx
3135. 62.12.105.4 88 udp kerberos-sec unknown
3136. 62.12.105.4 110 tcp pop3 open Dovecot pop3d
3137. 62.12.105.4 113 tcp ident closed
3138. 62.12.105.4 123 udp ntp unknown
3139. 62.12.105.4 137 udp netbios-ns filtered
3140. 62.12.105.4 138 udp netbios-dgm filtered
3141. 62.12.105.4 139 tcp netbios-ssn closed
3142. 62.12.105.4 139 udp netbios-ssn unknown
3143. 62.12.105.4 143 tcp imap open Dovecot imapd
3144. 62.12.105.4 161 udp snmp unknown
3145. 62.12.105.4 162 udp snmptrap unknown
3146. 62.12.105.4 389 udp ldap unknown
3147. 62.12.105.4 443 tcp ssl/http open nginx
3148. 62.12.105.4 445 tcp microsoft-ds closed
3149. 62.12.105.4 520 udp route unknown
3150. 62.12.105.4 993 tcp ssl/imaps open
3151. 62.12.105.4 995 tcp ssl/pop3s open
3152. 62.12.105.4 2049 udp nfs unknown
3153. 62.12.105.4 8443 tcp https-alt open
3154. 77.72.0.146 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:05. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3155. 77.72.0.146 67 udp dhcps unknown
3156. 77.72.0.146 68 udp dhcpc unknown
3157. 77.72.0.146 69 udp tftp unknown
3158. 77.72.0.146 80 tcp http open
3159. 77.72.0.146 88 udp kerberos-sec unknown
3160. 77.72.0.146 110 tcp pop3 open
3161. 77.72.0.146 123 udp ntp unknown
3162. 77.72.0.146 139 udp netbios-ssn unknown
3163. 77.72.0.146 143 tcp imap open
3164. 77.72.0.146 389 udp ldap unknown
3165. 77.72.0.146 443 tcp https open
3166. 77.72.0.146 465 tcp smtps open
3167. 77.72.0.146 520 udp route unknown
3168. 77.72.0.146 587 tcp submission open
3169. 77.72.0.146 993 tcp imaps open
3170. 77.72.0.146 995 tcp pop3s open
3171. 77.72.0.146 2049 udp nfs unknown
3172. 147.237.77.18 53 udp domain unknown
3173. 147.237.77.18 67 udp dhcps unknown
3174. 147.237.77.18 68 udp dhcpc unknown
3175. 147.237.77.18 69 udp tftp unknown
3176. 147.237.77.18 80 tcp http open
3177. 147.237.77.18 88 udp kerberos-sec unknown
3178. 147.237.77.18 123 udp ntp unknown
3179. 147.237.77.18 139 udp netbios-ssn unknown
3180. 147.237.77.18 161 udp snmp unknown
3181. 147.237.77.18 162 udp snmptrap unknown
3182. 147.237.77.18 389 udp ldap unknown
3183. 147.237.77.18 520 udp route unknown
3184. 147.237.77.18 2049 udp nfs unknown
3185. #######################################################################################################################################
3186. ---------------------------------------------------------------------------------------------------------------------------------------
3187. + Target IP: 62.12.105.2
3188. + Target Hostname: 62.12.105.2
3189. + Target Port: 443
3190. ---------------------------------------------------------------------------------------------------------------------------------------
3191. + SSL Info: Subject: /C=US/ST=Washington/L=Seattle/O=Odin/OU=Plesk/CN=Plesk/emailAddress=info@plesk.com
3192. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
3193. Issuer: /C=US/ST=Washington/L=Seattle/O=Odin/OU=Plesk/CN=Plesk/emailAddress=info@plesk.com
3194. + Start Time: 2019-06-16 11:17:03 (GMT-4)
3195. ---------------------------------------------------------------------------------------------------------------------------------------
3196. + Server: nginx
3197. + The anti-clickjacking X-Frame-Options header is not present.
3198. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3199. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
3200. + The site uses SSL and Expect-CT header is not present.
3201. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3202. + Hostname '62.12.105.2' does not match certificate's names: Plesk
3203. + Allowed HTTP Methods: POST, OPTIONS, GET, HEAD
3204. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
3205. + OSVDB-3268: /icons/: Directory indexing found.
3206. + OSVDB-3233: /icons/README: Apache default file found.
3207. + ERROR: Error limit (20) reached for host, giving up. Last error:
3208. + Scan terminated: 11 error(s) and 10 item(s) reported on remote host
3209. + End Time: 2019-06-16 12:57:28 (GMT-4) (6025 seconds)
3210. ---------------------------------------------------------------------------------------------------------------------------------------
3211. #######################################################################################################################################
3212. [I] Threads: 5
3213. [-] Target: http://www.ncr.gov.sd (62.12.105.2)
3214. [M] Website Not in HTTPS: http://www.ncr.gov.sd
3215. [I] Server: nginx
3216. [I] X-Powered-By: PHP/5.6.40
3217. [L] X-Frame-Options: Not Enforced
3218. [I] Strict-Transport-Security: Not Enforced
3219. [I] X-Content-Security-Policy: Not Enforced
3220. [I] X-Content-Type-Options: Not Enforced
3221. [L] Robots.txt Found: http://www.ncr.gov.sd/robots.txt
3222. [I] CMS Detection: Joomla
3223. [I] Joomla Version: 2.5.8
3224. [M] EDB-ID: 46710 "Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion"
3225. [M] EDB-ID: 46200 "Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings"
3226. [M] EDB-ID: 42033 "Joomla! 3.7.0 - 'com_fields' SQL Injection"
3227. [M] EDB-ID: 40637 "Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation"
3228. [M] EDB-ID: 41157 "Joomla! < 3.6.4 - Admin Takeover"
3229. [M] EDB-ID: 38977 "Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution"
3230. [M] EDB-ID: 39033 "Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution"
3231. [M] EDB-ID: 38534 "Joomla! 3.2.x < 3.4.4 - SQL Injection"
3232. [M] EDB-ID: 31459 "Joomla! 3.2.1 - SQL Injection"
3233. [M] EDB-ID: 25087 "Joomla! 3.0.3 - 'remember.php' PHP Object Injection"
3234. [M] EDB-ID: 24551 "Joomla! 3.0.2 - 'highlight.php' PHP Object Injection"
3235. [M] EDB-ID: 44227 "Joomla! 3.7 - SQL Injection"
3236. [I] Joomla Website Template: shaper_myestate
3237. [I] Joomla Website Template: system
3238. [I] Autocomplete Off Not Found: http://www.ncr.gov.sd/administrator/index.php
3239. [-] Joomla Default Files:
3240. [-] Joomla is likely to have a large number of default files
3241. [-] Would you like to list them all?
3242. [y/N]: y
3243. [I] http://www.ncr.gov.sd/LICENSE.txt
3244. [I] http://www.ncr.gov.sd/README.txt
3245. [I] http://www.ncr.gov.sd/administrator/cache/index.html
3246. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-06.sql
3247. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-16.sql
3248. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-19.sql
3249. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-20.sql
3250. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-21-1.sql
3251. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-21-2.sql
3252. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-22.sql
3253. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-23.sql
3254. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2011-12-24.sql
3255. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2012-01-10.sql
3256. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.0-2012-01-14.sql
3257. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.1-2012-01-26.sql
3258. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.2-2012-03-05.sql
3259. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.3-2012-03-13.sql
3260. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.4-2012-03-18.sql
3261. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.4-2012-03-19.sql
3262. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.5.sql
3263. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.6.sql
3264. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/mysql/2.5.7.sql
3265. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.2-2012-03-05.sql
3266. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.3-2012-03-13.sql
3267. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.4-2012-03-18.sql
3268. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.4-2012-03-19.sql
3269. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.5.sql
3270. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.6.sql
3271. [I] http://www.ncr.gov.sd/administrator/components/com_admin/sql/updates/sqlazure/2.5.7.sql
3272. [I] http://www.ncr.gov.sd/administrator/components/com_banners/sql/install.mysql.utf8.sql
3273. [I] http://www.ncr.gov.sd/administrator/components/com_banners/sql/uninstall.mysql.utf8.sql
3274. [I] http://www.ncr.gov.sd/administrator/components/com_contact/sql/install.mysql.utf8.sql
3275. [I] http://www.ncr.gov.sd/administrator/components/com_contact/sql/uninstall.mysql.utf8.sql
3276. [I] http://www.ncr.gov.sd/administrator/components/com_finder/sql/install.mysql.sql
3277. [I] http://www.ncr.gov.sd/administrator/components/com_finder/sql/install.postgresql.sql
3278. [I] http://www.ncr.gov.sd/administrator/components/com_finder/sql/uninstall.mysql.sql
3279. [I] http://www.ncr.gov.sd/administrator/components/com_finder/sql/uninstall.postgresql.sql
3280. [I] http://www.ncr.gov.sd/administrator/components/com_newsfeeds/sql/install.mysql.utf8.sql
3281. [I] http://www.ncr.gov.sd/administrator/components/com_newsfeeds/sql/uninstall.mysql.utf8.sql
3282. [I] http://www.ncr.gov.sd/administrator/language/overrides/index.html
3283. [I] http://www.ncr.gov.sd/administrator/manifests/packages/index.html
3284. [I] http://www.ncr.gov.sd/administrator/templates/hathor/LICENSE.txt
3285. [I] http://www.ncr.gov.sd/cache/index.html
3286. [I] http://www.ncr.gov.sd/cli/index.html
3287. [I] http://www.ncr.gov.sd/components/index.html
3288. [I] http://www.ncr.gov.sd/htaccess.txt
3289. [I] http://www.ncr.gov.sd/images/index.html
3290. [I] http://www.ncr.gov.sd/includes/index.html
3291. [I] http://www.ncr.gov.sd/language/index.html
3292. [I] http://www.ncr.gov.sd/language/overrides/index.html
3293. [I] http://www.ncr.gov.sd/libraries/index.html
3294. [I] http://www.ncr.gov.sd/media/editors/tinymce/templates/layout1.html
3295. [I] http://www.ncr.gov.sd/media/editors/tinymce/templates/snippet1.html
3296. [I] http://www.ncr.gov.sd/media/index.html
3297. [I] http://www.ncr.gov.sd/modules/index.html
3298. [I] http://www.ncr.gov.sd/plugins/index.html
3299. [I] http://www.ncr.gov.sd/templates/index.html
3300. [I] http://www.ncr.gov.sd/tmp/index.html
3301. [I] http://www.ncr.gov.sd/web.config.txt
3302. [-] Searching Joomla Components ...
3303. [I] mod_news_show_sp1
3304. [I] mod_slideshow_pro_sp2
3305. [I] mod_sp_news_highlighter
3306. [I] mod_vtem_gmap
3307. [I] mod_vvisit_counter
3308. [I] Checking for Directory Listing Enabled ...
3309. [-] Date & Time: 15/06/2019 03:07:44
3310. [-] Completed in: 0:18:34
3311. #######################################################################################################################################
3312. [+] FireWall Detector
3313. [++] Firewall not detected
3314.  
3315. [+] Detecting Joomla Version
3316. [++] Joomla 2.5.8
3317.  
3318. [+] Core Joomla Vulnerability
3319. [++] Joomla! Core Remote Privilege Escalation Vulnerability
3320. CVE : CVE-2016-9838
3321. EDB : https://www.exploit-db.com/exploits/41157/
3322.  
3323. Joomla! Component Akeeba Kickstart - Unserialize Remote Code Execution
3324. CVE : CVE-2014-7228
3325. EDB : https://www.exploit-db.com/exploits/35033/
3326.  
3327. Joomla! Highlighter Plugin Unspecified Cross-Site Scripting Vulnerability
3328. CVE : CVE-2013-3267
3329. https://developer.joomla.org/security/86-20130407-core-xss-vulnerability.html
3330.  
3331. Joomla! Unspecified Cross-Site Scripting Vulnerability
3332. CVE : CVE-2013-3058
3333. http://www.securityfocus.com/bid/59483
3334. http://developer.joomla.org/security/81-20130403-core-xss-vulnerability.html
3335.  
3336. Joomla! Unspecified Cross-Site Scripting Vulnerability
3337. CVE : CVE-2013-3059
3338. https://developer.joomla.org/security/80-20130405-core-xss-vulnerability.html
3339.  
3340. Joomla! Core Authentication Bypass Vulnerability
3341. CVE :CVE-2014-6632
3342. http://developer.joomla.org/security/594-20140902-core-unauthorised-logins.html
3343.  
3344. Joomla! Core Remote Denial of Service Vulnerability
3345. CVE : CVE-2014-7229
3346. https://developer.joomla.org/security/596-20140904-core-denial-of-service.html
3347.  
3348. PHPMailer Remote Code Execution Vulnerability
3349. CVE : CVE-2016-10033
3350. https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection
3351. https://github.com/opsxcq/exploit-CVE-2016-10033
3352. EDB : https://www.exploit-db.com/exploits/40969/
3353.  
3354. PPHPMailer Incomplete Fix Remote Code Execution Vulnerability
3355. CVE : CVE-2016-10045
3356. https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection
3357. EDB : https://www.exploit-db.com/exploits/40969/
3358.  
3359.  
3360.  
3361. [+] Checking apache info/status files
3362. [++] Readable info/status files are not found
3363.  
3364. [+] admin finder
3365. [++] Admin page : http://www.ncr.gov.sd/administrator/
3366.  
3367. [+] Checking robots.txt existing
3368. [++] robots.txt is found
3369. path : http://www.ncr.gov.sd/robots.txt
3370.  
3371. Interesting path found from robots.txt
3372. http://www.ncr.gov.sd/joomla/administrator/
3373. http://www.ncr.gov.sd/administrator/
3374. http://www.ncr.gov.sd/cache/
3375. http://www.ncr.gov.sd/cli/
3376. http://www.ncr.gov.sd/components/
3377. http://www.ncr.gov.sd/images/
3378. http://www.ncr.gov.sd/includes/
3379. http://www.ncr.gov.sd/installation/
3380. http://www.ncr.gov.sd/language/
3381. http://www.ncr.gov.sd/libraries/
3382. http://www.ncr.gov.sd/logs/
3383. http://www.ncr.gov.sd/media/
3384. http://www.ncr.gov.sd/modules/
3385. http://www.ncr.gov.sd/plugins/
3386. http://www.ncr.gov.sd/templates/
3387. http://www.ncr.gov.sd/tmp/
3388.  
3389.  
3390. [+] Finding common backup files name
3391. [++] Backup files are not found
3392.  
3393. [+] Finding common log files name
3394. [++] error_log path : http://www.ncr.gov.sd/error_log
3395.  
3396.  
3397. [+] Checking sensitive config.php.x file
3398. [++] Readable config files are not found
3399. #######################################################################################################################################
3400. [✔] Target: http://ncr.gov.sd
3401. [✔] Detected CMS: Joomla
3402. [✔] CMS URL: https://joomla.org
3403. [✔] Joomla Version: 2.5.8
3404. [✔] Readme file: http://ncr.gov.sd/README.txt
3405. [✔] Admin URL: http://ncr.gov.sdadministrator
3406.  
3407.  
3408. [✔] Total joomla core vulnerabilities: 9
3409. [i] Vulnerabilities found:
3410.  
3411. [v] Joomla! Core Remote Privilege Escalation Vulnerability
3412. CVE : CVE-2016-9838
3413. EDB : https://www.exploit-db.com/exploits/41157/
3414.  
3415.  
3416. [v] Joomla! Component Akeeba Kickstart - Unserialize Remote Code Execution
3417. CVE : CVE-2014-7228
3418. EDB : https://www.exploit-db.com/exploits/35033/
3419.  
3420.  
3421. [v] Joomla! Highlighter Plugin Unspecified Cross-Site Scripting Vulnerability
3422. CVE : CVE-2013-3267
3423. https://developer.joomla.org/security/86-20130407-core-xss-vulnerability.html
3424.  
3425.  
3426. [v] Joomla! Unspecified Cross-Site Scripting Vulnerability
3427. CVE : CVE-2013-3058
3428. http://www.securityfocus.com/bid/59483
3429. http://developer.joomla.org/security/81-20130403-core-xss-vulnerability.html
3430.  
3431.  
3432. [v] Joomla! Unspecified Cross-Site Scripting Vulnerability
3433. CVE : CVE-2013-3059
3434. https://developer.joomla.org/security/80-20130405-core-xss-vulnerability.html
3435.  
3436.  
3437. [v] Joomla! Core Authentication Bypass Vulnerability
3438. CVE :CVE-2014-6632
3439. http://developer.joomla.org/security/594-20140902-core-unauthorised-logins.html
3440.  
3441.  
3442. [v] Joomla! Core Remote Denial of Service Vulnerability
3443. CVE : CVE-2014-7229
3444. https://developer.joomla.org/security/596-20140904-core-denial-of-service.html
3445.  
3446.  
3447. [v] PHPMailer Remote Code Execution Vulnerability
3448. CVE : CVE-2016-10033
3449. https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection
3450. https://github.com/opsxcq/exploit-CVE-2016-10033
3451. EDB : https://www.exploit-db.com/exploits/40969/
3452.  
3453.  
3454. [v] PPHPMailer Incomplete Fix Remote Code Execution Vulnerability
3455. CVE : CVE-2016-10045
3456. https://www.rapid7.com/db/modules/exploit/multi/http/phpmailer_arg_injection
3457. EDB : https://www.exploit-db.com/exploits/40969/
3458. #######################################################################################################################################
3459. Anonymous JTSEC #OpSudan Full Recon #93