Anonymous JTSEC #OpAmazonia Full Recon #21

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.glmmg.org.br ISP CLARO S.A.
4. Continent South America Flag
5. BR
6. Country Brazil Country Code BR
7. Region Rio de Janeiro Local time 9 Sep 2019 03:15
8. City Niterói Postal Code 24000
9. IP Address 189.3.58.120 Latitude -22.922
10. Longitude -43.103
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > www.glmmg.org.br
14. Server: 185.93.180.131
15. Address: 185.93.180.131#53
16.  
17. Non-authoritative answer:
18. Name: www.glmmg.org.br
19. Address: 189.3.58.120
20. >
21. #######################################################################################################################################
22.  
23. domain: glmmg.org.br
24. owner: GRANDE LOJA MACONICA DE MINAS GERAIS
25. ownerid: 17.416.355/0001-69
26. responsible: Edilson de Oliveira
27. country: BR
28. owner-c: GLMMG
29. admin-c: GLMMG
30. tech-c: GLMMG
31. billing-c: GLMMG
32. nserver: ns.embratel.net.br
33. nsstat: 20190907 AA
34. nslastaa: 20190907
35. nserver: ns2.embratel.net.br
36. nsstat: 20190907 AA
37. nslastaa: 20190907
38. created: 19970714 #47237
39. changed: 20180622
40. expires: 20210714
41. status: published
42.  
43. nic-hdl-br: GLMMG
44. person: Grande Loja Maçonica MG
45. e-mail: cpd@glmmg.org.br
46. country: BR
47. created: 20080926
48. changed: 20190225
49. ######################################################################################################################################
50. [+] Target : www.glmmg.org.br
51.  
52. [+] IP Address : 189.3.58.120
53.  
54. [+] Headers :
55.  
56. [+] Date : Mon, 09 Sep 2019 06:22:29 GMT
57. [+] Server : Apache
58. [+] X-Powered-By : PHP/5.4.36
59. [+] Content-Length : 63
60. [+] Keep-Alive : timeout=5, max=100
61. [+] Connection : Keep-Alive
62. [+] Content-Type : text/html
63.  
64. [+] SSL Certificate Information :
65.  
66. [-] SSL is not Present on Target URL...Skipping...
67.  
68. [+] Whois Lookup :
69.  
70. [+] NIR : None
71. [+] ASN Registry : lacnic
72. [+] ASN : 4230
73. [+] ASN CIDR : 189.3.0.0/16
74. [+] ASN Country Code : BR
75. [+] ASN Date : 2006-09-06
76. [+] ASN Description : CLARO S.A., BR
77. [+] cidr : 189.3.58.112/28
78. [+] name : None
79. [+] handle : None
80. [+] range : 189.3.58.112 - 189.3.58.127
81. [+] description : GRANDE LOJA MACONICA DE MINAS GERAIS
82. [+] country : BR
83. [+] state : None
84. [+] city : None
85. [+] address : None
86. [+] postal_code : None
87. [+] emails : ['cpd@glmmg.org.br', 'abuse@embratel.net.br', 'cert@cert.br']
88. [+] created : 20100415
89. [+] updated : 20100415
90.  
91. [+] Crawling Target...
92.  
93. [+] Looking for robots.txt........[ Found ]
94. [+] Extracting robots Links.......[ 11 ]
95. [+] Looking for sitemap.xml.......[ Not Found ]
96. [+] Extracting CSS Links..........[ 0 ]
97. [+] Extracting Javascript Links...[ 0 ]
98. [+] Extracting Internal Links.....[ 0 ]
99. [+] Extracting External Links.....[ 0 ]
100. [+] Extracting Images.............[ 0 ]
101.  
102. [+] Total Links Extracted : 11
103.  
104. [+] Dumping Links in /opt/FinalRecon/dumps/www.glmmg.org.br.dump
105. [+] Completed!
106. #######################################################################################################################################
107. [+] Starting At 2019-09-09 02:23:21.576737
108. [+] Collecting Information On: http://www.glmmg.org.br/novo/
109. [#] Status: 200
110. --------------------------------------------------
111. [#] Web Server Detected: Apache
112. [#] X-Powered-By: PHP/5.4.36
113. [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
114. - Date: Mon, 09 Sep 2019 06:23:20 GMT
115. - Server: Apache
116. - X-Powered-By: PHP/5.4.36
117. - Set-Cookie: PHPSESSID=1epd7qkkmbfe9rmmie5m8up007; path=/
118. - Expires: Thu, 19 Nov 1981 08:52:00 GMT
119. - Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
120. - Pragma: no-cache
121. - Keep-Alive: timeout=5, max=100
122. - Connection: Keep-Alive
123. - Transfer-Encoding: chunked
124. - Content-Type: text/html
125. --------------------------------------------------
126. [#] Finding Location..!
127. [#] as: AS4230 Latin American and Caribbean IP address Regional Registry
128. [#] city: Santa Efigênia
129. [#] country: Brazil
130. [#] countryCode: BR
131. [#] isp: Claro S.A
132. [#] lat: -19.9254
133. [#] lon: -43.9246
134. [#] org: Grande Loja Maconica De Minas Gerais
135. [#] query: 189.3.58.120
136. [#] region: MG
137. [#] regionName: Minas Gerais
138. [#] status: success
139. [#] timezone: America/Cuiaba
140. [#] zip:
141. --------------------------------------------------
142. [x] Didn't Detect WAF Presence on: http://www.glmmg.org.br/novo/
143. --------------------------------------------------
144. [#] Starting Reverse DNS
145. [-] Failed ! Fail
146. --------------------------------------------------
147. [!] Scanning Open Port
148. [#] 21/tcp open ftp
149. [#] 80/tcp open http
150. [#] 110/tcp open pop3
151. [#] 143/tcp open imap
152. [#] 366/tcp open odmr
153. [#] 587/tcp open submission
154. [#] 1000/tcp open cadlock
155. [#] 3000/tcp open ppp
156. [#] 8080/tcp open http-proxy
157. --------------------------------------------------
158. [+] Collecting Information Disclosure!
159. [#] Detecting sitemap.xml file
160. [!] sitemap.xml File Found: http://www.glmmg.org.br/novo//sitemap.xml
161. [#] Detecting robots.txt file
162. [!] robots.txt File Found: http://www.glmmg.org.br/novo//robots.txt
163. [#] Detecting GNU Mailman
164. [-] GNU Mailman App Not Detected!?
165. --------------------------------------------------
166. [+] Crawling Url Parameter On: http://www.glmmg.org.br/novo/
167. --------------------------------------------------
168. [#] Searching Html Form !
169. [+] Html Form Discovered
170. [#] action: http://www.glmmg.org.br:3000/WorldClient.dll?View=Main
171. [#] class: ['form-horizontal']
172. [#] id: None
173. [#] method: post
174. --------------------------------------------------
175. [!] Found 14 dom parameter
176. [#] http://www.glmmg.org.br/novo/#
177. [#] http://www.glmmg.org.br/novo//#ccr-slide-main
178. [#] http://www.glmmg.org.br/novo//#ccr-slide-main
179. [#] http://www.glmmg.org.br/novo//#
180. [#] http://www.glmmg.org.br/novo//#
181. [#] http://www.glmmg.org.br/novo//#
182. [#] http://www.glmmg.org.br/novo//#
183. [#] http://www.glmmg.org.br/novo//#
184. [#] http://www.glmmg.org.br/novo//#
185. [#] http://www.glmmg.org.br/novo//#
186. [#] http://www.glmmg.org.br/novo//#
187. [#] http://www.glmmg.org.br/novo//#
188. [#] http://www.glmmg.org.br/novo//#
189. [#] http://www.glmmg.org.br/novo//#
190. --------------------------------------------------
191. [-] No internal Dynamic Parameter Found!?
192. --------------------------------------------------
193. [!] 2 External Dynamic Parameter Discovered
194. [#] https://www.instagram.com/glmmg_oficial/?hl=pt-br
195. [#] https://www.instagram.com/glmmg_oficial/?hl=pt-br
196. --------------------------------------------------
197. [!] 52 Internal links Discovered
198. [+] http://www.glmmg.org.br/novo/css/bootstrap.min.css
199. [+] http://www.glmmg.org.br/novo/css/bootstrap-theme.min.css
200. [+] http://www.glmmg.org.br/novo/css/font-awesome.min.css
201. [+] http://www.glmmg.org.br/novo/css/style.css
202. [+] http://www.glmmg.org.br/novo/principal/
203. [+] http://www.glmmg.org.br/novo/faleConosco
204. [+] http://www.glmmg.org.br/novo//principal
205. [+] http://www.glmmg.org.br/novo//principal
206. [+] http://www.glmmg.org.br/novo/faleConosco
207. [+] http://www.glmmg.org.br/novo/noticias/nome/Desfile-Cívico-Militar-de-7-de-Setembro-em-Belo-Horizonte/id/2779
208. [+] http://www.glmmg.org.br/novo/Quem-somos
209. [+] http://www.glmmg.org.br/novo/Quem-somos
210. [+] http://www.glmmg.org.br/novo/Quem-somos
211. [+] http://www.glmmg.org.br/novo/Quem-somos
212. [+] http://www.glmmg.org.br/novo/Quem-somos
213. [+] http://www.glmmg.org.br/novo/Quem-somos
214. [+] http://www.glmmg.org.br/novo/Quem-somos
215. [+] http://www.glmmg.org.br/novo/Quem-somos
216. [+] http://www.glmmg.org.br/novo/Quem-somos
217. [+] http://www.glmmg.org.br/novo/Quem-somos
218. [+] http://www.glmmg.org.br/novo/Quem-somos
219. [+] http://www.glmmg.org.br/novo/Quem-somos
220. [+] http://www.glmmg.org.br/novo/Quem-somos
221. [+] http://www.glmmg.org.br/novo/Quem-somos
222. [+] http://www.glmmg.org.br/novo/Quem-somos
223. [+] http://www.glmmg.org.br/novo/Quem-somos
224. [+] http://www.glmmg.org.br/novo/Quem-somos
225. [+] http://www.glmmg.org.br/novo/Quem-somos
226. [+] http://www.glmmg.org.br/novo/Quem-somos
227. [+] http://www.glmmg.org.br/novo/Quem-somos
228. [+] http://www.glmmg.org.br/novo/Quem-somos
229. [+] http://www.glmmg.org.br/novo/Quem-somos
230. [+] http://www.glmmg.org.br/novo/Quem-somos
231. [+] http://www.glmmg.org.br/novo/Quem-somos
232. [+] http://www.glmmg.org.br/novo/Quem-somos
233. [+] http://www.glmmg.org.br/novo/Quem-somos
234. [+] http://www.glmmg.org.br/novo/Quem-somos
235. [+] http://www.glmmg.org.br/novo/Quem-somos
236. [+] http://www.glmmg.org.br/novo/Quem-somos
237. [+] http://www.glmmg.org.br/novo/Quem-somos
238. [+] http://www.glmmg.org.br/novo/noticias/nome/Desfile-Cívico-Militar-de-7-de-Setembro-em-Belo-Horizonte/id/2779
239. [+] http://www.glmmg.org.br/novo/noticias/nome/Programação-para-a-Investidura-â-Grau-33/id/2778
240. [+] http://www.glmmg.org.br/novo/noticias/nome/Convite---Desfile-7-de-Setembro---GLMMG/id/2777
241. [+] http://www.glmmg.org.br/novo/noticias/nome/Sessão-Solene-do-Congresso-Nacional---Vice-presidente-da-República,-Hamilton-Mourão/id/2776
242. [+] http://www.glmmg.org.br/novo/noticias/nome/21-08-19---Reunião-Especial-alusiva-ao-Dia-do-Maçom---Câmara-Municipal-de-Belo-Horizonte/id/2775
243. [+] http://www.glmmg.org.br/novo/noticias/nome/Sessão-Solene-do-Congresso-Nacional/id/2774
244. [+] http://www.glmmg.org.br/novo/noticias/nome/Desfile-Cívico-Militar-de-7-de-Setembro-em-Belo-Horizonte/id/2779
245. [+] http://www.glmmg.org.br/novo/noticias/nome/Programação-para-a-Investidura-â-Grau-33/id/2778
246. [+] http://www.glmmg.org.br/novo/noticias/nome/Convite---Desfile-7-de-Setembro---GLMMG/id/2777
247. [+] http://www.glmmg.org.br/novo/noticias/nome/21-08-19---Reunião-Especial-alusiva-ao-Dia-do-Maçom---Câmara-Municipal-de-Belo-Horizonte/id/2775
248. [+] http://www.glmmg.org.br/novo/index.html
249. [+] http://glmmg.org.br
250. --------------------------------------------------
251. [!] 7 External links Discovered
252. [#] https://www.youtube.com/channel/UC1qmjh2BUc2-ZhNKm041VhQ
253. [#] https://twitter.com/glmmg
254. [#] https://www.facebook.com/GLMMG/
255. [#] https://www.facebook.com/GLMMG
256. [#] https://www.youtube.com/channel/UC1qmjh2BUc2-ZhNKm041VhQ
257. [#] https://twitter.com/glmmg
258. [#] https://www.facebook.com/GLMMG/
259. --------------------------------------------------
260. [#] Mapping Subdomain..
261. [!] Found 7 Subdomain
262. - acacia3.glmmg.org.br
263. - mail.glmmg.org.br
264. - financeiro.glmmg.org.br
265. - lojas.glmmg.org.br
266. - obreiros.glmmg.org.br
267. - news.glmmg.org.br
268. - www.glmmg.org.br
269. --------------------------------------------------
270. [!] Done At 2019-09-09 02:24:39.341216
271. #######################################################################################################################################
272. [i] Scanning Site: http://www.glmmg.org.br
273.  
274.  
275.  
276. B A S I C I N F O
277. ====================
278.  
279.  
280. [+] Site Title:
281. [+] IP address: 189.3.58.120
282. [+] Web Server: Apache
283. [+] CMS: Could Not Detect
284. [+] Cloudflare: Not Detected
285. [+] Robots File: Found
286.  
287. -------------[ contents ]----------------
288. User-agent: Googlebot
289. Disallow: /
290. User-agent: Slurp
291. Disallow: /
292. User-agent: MSNBot
293. Disallow: /
294. User-agent: Googlebot-Image
295. Disallow: /
296. User-agent: yahoo-mmcrawler
297. Disallow: /
298. User-agent: psbot
299. Disallow: /
300. User-agent: *
301. Disallow: /
302. Disallow: /app/files
303. Disallow: /app/imagens
304. Disallow: /app/
305. Disallow: /lojas
306. Disallow: /admin
307. Disallow: /files
308. Disallow: /Gestao.Cadastro
309. Disallow: /Gestao.Financeiro
310. Disallow: /Gestao.News
311. Disallow: /Gestao.Revista
312. -----------[end of contents]-------------
313.  
314.  
315.  
316. W H O I S L O O K U P
317. ========================
318.  
319.  
320. % Copyright (c) Nic.br
321. % The use of the data below is only permitted as described in
322. % full by the terms of use at https://registro.br/termo/en.html ,
323. % being prohibited its distribution, commercialization or
324. % reproduction, in particular, to use it for advertising or
325. % any similar purpose.
326. % 2019-09-09T03:23:16-03:00
327.  
328. domain: glmmg.org.br
329. owner: GRANDE LOJA MACONICA DE MINAS GERAIS
330. ownerid: 17.416.355/0001-69
331. responsible: Edilson de Oliveira
332. country: BR
333. owner-c: GLMMG
334. admin-c: GLMMG
335. tech-c: GLMMG
336. billing-c: GLMMG
337. nserver: ns.embratel.net.br
338. nsstat: 20190907 AA
339. nslastaa: 20190907
340. nserver: ns2.embratel.net.br
341. nsstat: 20190907 AA
342. nslastaa: 20190907
343. created: 19970714 #47237
344. changed: 20180622
345. expires: 20210714
346. status: published
347.  
348. nic-hdl-br: GLMMG
349. person: Grande Loja Maçonica MG
350. e-mail: cpd@glmmg.org.br
351. country: BR
352. created: 20080926
353. changed: 20190225
354.  
355. % Security and mail abuse issues should also be addressed to
356. % cert.br, http://www.cert.br/ , respectivelly to cert@cert.br
357. % and mail-abuse@cert.br
358. %
359. % whois.registro.br accepts only direct match queries. Types
360. % of queries are: domain (.br), registrant (tax ID), ticket,
361. % provider, contact handle (ID), CIDR block, IP and ASN.
362.  
363.  
364.  
365.  
366. G E O I P L O O K U P
367. =========================
368.  
369. [i] IP Address: 189.3.58.120
370. [i] Country: Brazil
371. [i] State:
372. [i] City:
373. [i] Latitude: -22.8305
374. [i] Longitude: -43.2192
375.  
376.  
377.  
378.  
379. H T T P H E A D E R S
380. =======================
381.  
382.  
383. [i] HTTP/1.1 200 OK
384. [i] Date: Mon, 09 Sep 2019 06:23:18 GMT
385. [i] Server: Apache
386. [i] X-Powered-By: PHP/5.4.36
387. [i] Content-Length: 63
388. [i] Connection: close
389. [i] Content-Type: text/html
390.  
391.  
392.  
393.  
394. D N S L O O K U P
395. ===================
396.  
397. glmmg.org.br. 3599 IN SOA ns.embratel.net.br. admin.embratel.net.br. 2018090301 3600 900 604800 86400
398. glmmg.org.br. 3599 IN NS ns.embratel.net.br.
399. glmmg.org.br. 3599 IN NS ns2.embratel.net.br.
400. glmmg.org.br. 3599 IN A 189.3.58.120
401. glmmg.org.br. 3599 IN MX 5 mail.glmmg.org.br.
402.  
403.  
404.  
405.  
406. S U B N E T C A L C U L A T I O N
407. ====================================
408.  
409. Address = 189.3.58.120
410. Network = 189.3.58.120 / 32
411. Netmask = 255.255.255.255
412. Broadcast = not needed on Point-to-Point links
413. Wildcard Mask = 0.0.0.0
414. Hosts Bits = 0
415. Max. Hosts = 1 (2^0 - 0)
416. Host Range = { 189.3.58.120 - 189.3.58.120 }
417.  
418.  
419.  
420. N M A P P O R T S C A N
421. ============================
422.  
423. Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-09 06:23 UTC
424. Nmap scan report for glmmg.org.br (189.3.58.120)
425. Host is up (0.14s latency).
426. rDNS record for 189.3.58.120: mail.glmmg.org.br
427.  
428. PORT STATE SERVICE
429. 21/tcp open ftp
430. 22/tcp filtered ssh
431. 23/tcp filtered telnet
432. 80/tcp open http
433. 110/tcp open pop3
434. 143/tcp open imap
435. 443/tcp filtered https
436. 3389/tcp filtered ms-wbt-server
437.  
438. Nmap done: 1 IP address (1 host up) scanned in 2.72 seconds
439.  
440.  
441.  
442. S U B - D O M A I N F I N D E R
443. ==================================
444.  
445.  
446. [i] Total Subdomains Found : 6
447.  
448. [+] Subdomain: mail.glmmg.org.br
449. [-] IP: 189.3.58.120
450.  
451. [+] Subdomain: financeiro.glmmg.org.br
452. [-] IP: 189.3.58.120
453.  
454. [+] Subdomain: lojas.glmmg.org.br
455. [-] IP: 189.3.58.120
456.  
457. [+] Subdomain: obreiros.glmmg.org.br
458. [-] IP: 189.3.58.120
459.  
460. [+] Subdomain: news.glmmg.org.br
461. [-] IP: 189.3.58.120
462.  
463. [+] Subdomain: www.glmmg.org.br
464. [-] IP: 189.3.58.120
465. #######################################################################################################################################
466. [INFO] ------TARGET info------
467. [*] TARGET: http://www.glmmg.org.br/novo/
468. [*] TARGET IP: 189.3.58.120
469. [INFO] NO load balancer detected for www.glmmg.org.br...
470. [*] DNS servers: ns.embratel.net.br.
471. [*] TARGET server: Apache
472. [*] CC: BR
473. [*] Country: Brazil
474. [*] RegionCode: MG
475. [*] RegionName: Minas Gerais
476. [*] City: Santa Efigênia
477. [*] ASN: AS4230
478. [*] BGP_PREFIX: 189.3.0.0/16
479. [*] ISP: CLARO S.A., BR
480. [INFO] DNS enumeration:
481. [*] mail.glmmg.org.br 189.3.58.120
482. [*] news.glmmg.org.br 189.3.58.120
483. [INFO] Possible abuse mails are:
484. [*] abuse@glmmg.org.br
485. [*] abuse@www.glmmg.org.br
486. [*] amartins@embratel.net.br
487. [*] mail-abuse@cert.br
488. [*] postmaster@embratel.net.br
489. [INFO] NO PAC (Proxy Auto Configuration) file FOUND
490. [ALERT] robots.txt file FOUND in http://www.glmmg.org.br/robots.txt
491. [INFO] Checking for HTTP status codes recursively from http://www.glmmg.org.br/robots.txt
492. [INFO] Status code Folders
493. [*] 200 http://www.glmmg.org.br/Gestao.Revista
494. [INFO] Starting FUZZing in http://www.glmmg.org.br/FUzZzZzZzZz...
495. [INFO] Status code Folders
496. [ALERT] Look in the source code. It may contain passwords
497. [INFO] SAME content in http://www.glmmg.org.br/ AND http://189.3.58.120/
498. [INFO] Links found from http://www.glmmg.org.br/novo/:
499. [*] http://glmmg.org.br/
500. [*] https://twitter.com/glmmg
501. [*] https://www.facebook.com/GLMMG/
502. [*] https://www.instagram.com/glmmg_oficial/?hl=pt-br
503. [*] https://www.youtube.com/channel/UC1qmjh2BUc2-ZhNKm041VhQ
504. [*] http://www.glmmg.org.br/novo/
505. [*] http://www.glmmg.org.br/novo/Administração/
506. [*] http://www.glmmg.org.br/novo/Câmaras-da-GLMMG/
507. [*] http://www.glmmg.org.br/novo/Casa-de-Apoio/
508. [*] http://www.glmmg.org.br/novo/#ccr-slide-main
509. [*] http://www.glmmg.org.br/novo/Clube-Pelicanos
510. [*] http://www.glmmg.org.br/novo/Como-tornar-me-um-maçom-/
511. [*] http://www.glmmg.org.br/novo/Definição/
512. [*] http://www.glmmg.org.br/novo/Escola-Maçônica/
513. [*] http://www.glmmg.org.br/novo/faleConosco
514. [*] http://www.glmmg.org.br/novo/Fotos/
515. [*] http://www.glmmg.org.br/novo/GLMMG
516. [*] http://www.glmmg.org.br/novo/Grandes-Lojas-do-Brasil/
517. [*] http://www.glmmg.org.br/novo/Grandes-Lojas-do-Mundo/
518. [*] http://www.glmmg.org.br/novo/Graus-Filosóficos/
519. [*] http://www.glmmg.org.br/novo/História/
520. [*] http://www.glmmg.org.br/novo/Histórico/
521. [*] http://www.glmmg.org.br/novo/index.html
522. [*] http://www.glmmg.org.br/novo/Links
523. [*] http://www.glmmg.org.br/novo/Localização-dos-Apartamentos/
524. [*] http://www.glmmg.org.br/novo/Loja-de-Pesquisas/
525. [*] http://www.glmmg.org.br/novo/Lojas-Filiadas
526. [*] http://www.glmmg.org.br/novo/Maçonaria
527. [*] http://www.glmmg.org.br/novo/Maçonaria-em-Destaque/
528. [*] http://www.glmmg.org.br/novo/Normas-de-Utilização/
529. [*] http://www.glmmg.org.br/novo/Notícias
530. [*] http://www.glmmg.org.br/novo/noticias/nome/21-08-19---Reunião-Especial-alusiva-ao-Dia-do-Maçom---Câmara-Municipal-de-Belo-Horizonte/id/2775
531. [*] http://www.glmmg.org.br/novo/noticias/nome/Convite---Desfile-7-de-Setembro---GLMMG/id/2777
532. [*] http://www.glmmg.org.br/novo/noticias/nome/Desfile-Cívico-Militar-de-7-de-Setembro-em-Belo-Horizonte/id/2779
533. [*] http://www.glmmg.org.br/novo/noticias/nome/GLMMG-lança-o-"PROGRAMA-FRAT"/id/2754
534. [*] http://www.glmmg.org.br/novo/noticias/nome/Programação-para-a-Investidura-–-Grau-33/id/2778
535. [*] http://www.glmmg.org.br/novo/noticias/nome/Projeto-“Cidadania-Efetiva”/id/2753
536. [*] http://www.glmmg.org.br/novo/noticias/nome/Sessão-Solene-do-Congresso-Nacional/id/2774
537. [*] http://www.glmmg.org.br/novo/noticias/nome/Sessão-Solene-do-Congresso-Nacional---Vice-presidente-da-República,-Hamilton-Mourão/id/2776
538. [*] http://www.glmmg.org.br/novo/Onde-Fica/
539. [*] http://www.glmmg.org.br/novo/Paramaçônicas
540. [*] http://www.glmmg.org.br/novo/Potências
541. [*] http://www.glmmg.org.br/novo//principal
542. [*] http://www.glmmg.org.br/novo/principal/
543. [*] http://www.glmmg.org.br/novo/Princípios/
544. [*] http://www.glmmg.org.br/novo/Projetos
545. [*] http://www.glmmg.org.br/novo/Quem-somos
546. [*] http://www.glmmg.org.br/novo/Reservas/
547. [*] http://www.glmmg.org.br/novo/Revista-Arte-Real/
548. [*] http://www.glmmg.org.br/novo/Revistas
549. [*] http://www.glmmg.org.br/novo/Secretarias-da-GLMMG/
550. [*] http://www.glmmg.org.br/novo/Ser-Maçom/
551. [INFO] GOOGLE has 29,300 results (0.19 seconds) about http://www.glmmg.org.br/
552. [INFO] Shodan detected the following opened ports on 189.3.58.120:
553. [*] 1
554. [*] 110
555. [*] 13
556. [*] 143
557. [*] 21
558. [*] 214
559. [*] 25
560. [*] 3000
561. [*] 4
562. [*] 5
563. [*] 50
564. [*] 587
565. [*] 80
566. [*] 8080
567. [INFO] ------VirusTotal SECTION------
568. [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
569. [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
570. [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
571. [INFO] ------Alexa Rank SECTION------
572. [INFO] Percent of Visitors Rank in Country:
573. [INFO] Percent of Search Traffic:
574. [INFO] Percent of Unique Visits:
575. [INFO] Total Sites Linking In:
576. [*] Total Sites
577. [INFO] Useful links related to www.glmmg.org.br - 189.3.58.120:
578. [*] https://www.virustotal.com/pt/ip-address/189.3.58.120/information/
579. [*] https://www.hybrid-analysis.com/search?host=189.3.58.120
580. [*] https://www.shodan.io/host/189.3.58.120
581. [*] https://www.senderbase.org/lookup/?search_string=189.3.58.120
582. [*] https://www.alienvault.com/open-threat-exchange/ip/189.3.58.120
583. [*] http://pastebin.com/search?q=189.3.58.120
584. [*] http://urlquery.net/search.php?q=189.3.58.120
585. [*] http://www.alexa.com/siteinfo/www.glmmg.org.br
586. [*] http://www.google.com/safebrowsing/diagnostic?site=www.glmmg.org.br
587. [*] https://censys.io/ipv4/189.3.58.120
588. [*] https://www.abuseipdb.com/check/189.3.58.120
589. [*] https://urlscan.io/search/#189.3.58.120
590. [*] https://github.com/search?q=189.3.58.120&type=Code
591. [INFO] Useful links related to AS4230 - 189.3.0.0/16:
592. [*] http://www.google.com/safebrowsing/diagnostic?site=AS:4230
593. [*] https://www.senderbase.org/lookup/?search_string=189.3.0.0/16
594. [*] http://bgp.he.net/AS4230
595. [*] https://stat.ripe.net/AS4230
596. [INFO] Date: 09/09/19 | Time: 02:25:54
597. [INFO] Total time: 2 minute(s) and 29 second(s)
598. #######################################################################################################################################
599. [*] Load target domain: glmmg.org.br
600. - starting scanning @ 2019-09-09 02:29:43
601.  
602. [+] Running & Checking source to be used
603. ---------------------------------------------
604.  
605. ⍥ Shodan [ ✕ ]
606. ⍥ Webarchive [ ✔ ]
607. ⍥ Dnsdumpster [ ✔ ]
608. ⍥ Certspotter [ ✔ ]
609. ⍥ Entrust [ ✔ ]
610. ⍥ Riddler [ ✔ ]
611. ⍥ Bufferover [ ✔ ]
612. ⍥ Hackertarget [ ✔ ]
613. ⍥ Threatcrowd [ ✔ ]
614. ⍥ Censys [ ✕ ]
615. ⍥ Securitytrails [ ✕ ]
616. ⍥ Binaryedge [ ✕ ]
617. ⍥ Virustotal [ ✕ ]
618. ⍥ Threatminer [ ✔ ]
619. ⍥ Certsh [ ✔ ]
620. ⍥ Findsubdomain [ ✔ ]
621.  
622. [+] Get & Count subdomain total From source
623. ---------------------------------------------
624.  
625. ⍥ Hackertarget: Total Subdomain (7)
626. ⍥ Findsubdomain: Total Subdomain (1)
627. ⍥ Certspotter: Total Subdomain (2)
628. ⍥ Threatminer: Total Subdomain (0)
629. ⍥ Certsh: Total Subdomain (1)
630. ⍥ BufferOver: Total Subdomain (7)
631. ⍥ Entrust: Total Subdomain (1)
632. ⍥ Threatcrowd: Total Subdomain (0)
633. ⍥ Dnsdumpster: Total Subdomain (10)
634. ⍥ Riddler: Total Subdomain (1)
635. ⍥ Webarchive: Total Subdomain (1)
636.  
637. [+] Parsing & Sorting list Domain
638. ---------------------------------------------
639.  
640. ⍥ Total [9]
641.  
642. - 5 mail.glmmg.org.br.
643. - acacia3.glmmg.org.br
644. - financeiro.glmmg.org.br
645. - glmmg.org.br
646. - lojas.glmmg.org.br
647. - mail.glmmg.org.br
648. - news.glmmg.org.br
649. - obreiros.glmmg.org.br
650. - www.glmmg.org.br
651.  
652. ⍥ Total [9]
653.  
654. [+] Probe subdomain for working on http/https
655. ---------------------------------------------
656.  
657. - http://www.glmmg.org.br
658. - http://glmmg.org.br
659. - http://news.glmmg.org.br
660. - http://financeiro.glmmg.org.br
661. - http://acacia3.glmmg.org.br
662. - http://lojas.glmmg.org.br
663. - http://obreiros.glmmg.org.br
664. - http://mail.glmmg.org.br
665.  
666. ⍥ Total [8]
667.  
668.  
669. [+] Check Live Host: Ping Sweep - ICMP PING
670. ---------------------------------------------
671.  
672. ⍥ [DEAD] 5
673. ⍥ [LIVE] mail.glmmg.org.br.
674. ⍥ [LIVE] acacia3.glmmg.org.br
675. ⍥ [LIVE] financeiro.glmmg.org.br
676. ⍥ [LIVE] glmmg.org.br
677. ⍥ [LIVE] lojas.glmmg.org.br
678. ⍥ [LIVE] mail.glmmg.org.br
679. ⍥ [LIVE] news.glmmg.org.br
680. ⍥ [LIVE] obreiros.glmmg.org.br
681. ⍥ [LIVE] www.glmmg.org.br
682.  
683. [+] Check Resolving: Subdomains & Domains
684. ---------------------------------------------
685.  
686. ⍥ Resolving domains to: RESOLVE ERROR
687. ⍥ Resolving domains to: 189.3.58.120
688. ⍥ Resolving domains to: 189.3.58.120
689. ⍥ Resolving domains to: 189.3.58.120
690. ⍥ Resolving domains to: 189.3.58.120
691. ⍥ Resolving domains to: 189.3.58.120
692. ⍥ Resolving domains to: 189.3.58.120
693. ⍥ Resolving domains to: 189.3.58.120
694. ⍥ Resolving domains to: 189.3.58.120
695. ⍥ Resolving domains to: 189.3.58.120
696.  
697. [+] Subdomain TakeOver - Check Possible Vulns
698. ---------------------------------------------
699.  
700. ⍥ [FAILS] En: Unknown http://acacia3.glmmg.org.br
701. ⍥ [FAILS] En: Unknown http://lojas.glmmg.org.br
702. ⍥ [FAILS] En: Unknown http://www.glmmg.org.br
703. ⍥ [FAILS] En: Unknown http://news.glmmg.org.br
704. ⍥ [FAILS] En: Unknown http://glmmg.org.br
705. ⍥ [FAILS] En: Unknown http://financeiro.glmmg.org.br
706. ⍥ [FAILS] En: Unknown http://obreiros.glmmg.org.br
707. ⍥ [FAILS] En: Unknown http://mail.glmmg.org.br
708.  
709. [+] Checks status code on port 80 and 443
710. ---------------------------------------------
711.  
712. ⍥ [200] http://acacia3.glmmg.org.br
713. ⍥ [200] http://lojas.glmmg.org.br
714. ⍥ [200] http://www.glmmg.org.br
715. ⍥ [200] http://news.glmmg.org.br
716. ⍥ [200] http://glmmg.org.br
717. ⍥ [200] http://financeiro.glmmg.org.br
718. ⍥ [200] http://obreiros.glmmg.org.br
719. ⍥ [200] http://mail.glmmg.org.br
720.  
721. [+] Web Screenshots: from domain list
722. ---------------------------------------------
723.  
724. [+] 8 URLs to be screenshot
725.  
726. [+] 8 actual URLs screenshot
727. [+] 0 error(s)
728.  
729. [+] Sud⍥my has been sucessfully completed
730. ---------------------------------------------
731.  
732. ⍥ Location output:
733. - output/09-09-2019/glmmg.org.br
734. - output/09-09-2019/glmmg.org.br/report
735. - output/09-09-2019/glmmg.org.br/screenshots
736. #######################################################################################################################################
737. Trying "glmmg.org.br"
738. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39695
739. ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 2
740.  
741. ;; QUESTION SECTION:
742. ;glmmg.org.br. IN ANY
743.  
744. ;; ANSWER SECTION:
745. glmmg.org.br. 3600 IN MX 5 mail.glmmg.org.br.
746. glmmg.org.br. 3600 IN A 189.3.58.120
747. glmmg.org.br. 3600 IN SOA ns.embratel.net.br. admin.embratel.net.br. 2018090301 3600 900 604800 86400
748. glmmg.org.br. 3600 IN NS ns.embratel.net.br.
749. glmmg.org.br. 3600 IN NS ns2.embratel.net.br.
750.  
751. ;; AUTHORITY SECTION:
752. glmmg.org.br. 3600 IN NS ns2.embratel.net.br.
753. glmmg.org.br. 3600 IN NS ns.embratel.net.br.
754.  
755. ;; ADDITIONAL SECTION:
756. ns2.embratel.net.br. 580 IN A 200.245.255.33
757. ns.embratel.net.br. 580 IN A 200.255.253.241
758.  
759. Received 217 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 281 ms
760. #######################################################################################################################################
761. ; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace glmmg.org.br
762. ;; global options: +cmd
763. . 84852 IN NS g.root-servers.net.
764. . 84852 IN NS d.root-servers.net.
765. . 84852 IN NS m.root-servers.net.
766. . 84852 IN NS l.root-servers.net.
767. . 84852 IN NS f.root-servers.net.
768. . 84852 IN NS j.root-servers.net.
769. . 84852 IN NS e.root-servers.net.
770. . 84852 IN NS k.root-servers.net.
771. . 84852 IN NS c.root-servers.net.
772. . 84852 IN NS b.root-servers.net.
773. . 84852 IN NS h.root-servers.net.
774. . 84852 IN NS a.root-servers.net.
775. . 84852 IN NS i.root-servers.net.
776. . 84852 IN RRSIG NS 8 0 518400 20190922050000 20190909040000 59944 . UdevRT5xRd+xLrIiCOgOJvCQyYg+GtsS+27xyFTrdzuu147InV6Z3rJG 588jQ6Qkv54DO2olI94IRTo+7rGpvBg3QR3uPNAI2CXyL3RtADrjQ1Eh AhvGuq3VAjGoLh4upughjB5Vz3ZFnj8hv+KeEodYDXEk58uAHnWM+fVt EI660UE2Lsm20pjkt6DC7ePkdad9c4tSboSCWUtqWJASkWDMJ27Jn4ww EWGx/QqfPV+gnd/dvB1iGbuk9KeUR7ZSVktrfsgAf3MWVx2yL9irmqf3 8haedccQxutc8B19xH9jUrW3BdLV0/BzINhBjmG1DVRi5P69ZonS5f/G PVh+Zg==
777. ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 162 ms
778.  
779. br. 172800 IN NS a.dns.br.
780. br. 172800 IN NS b.dns.br.
781. br. 172800 IN NS c.dns.br.
782. br. 172800 IN NS d.dns.br.
783. br. 172800 IN NS e.dns.br.
784. br. 172800 IN NS f.dns.br.
785. br. 86400 IN DS 2471 13 2 5E4F35998B8F909557FA119C4CBFDCA2D660A26F069EF006B403758A 07D1A2E4
786. br. 86400 IN RRSIG DS 8 1 86400 20190922050000 20190909040000 59944 . eathNtSWCMFofqyFnBqLlcsVVKDFAlK+PamhkBp3lhY4m7S4PvLLwgkn //H85vSB0LAn38S0rDACEJKfhIVXapb6BQXMkHAcY9ULvb30tckH7J2k q+ivqz/dvBpyFIpRcmIf1M6ugMvlSxeU16gRvUPcCodj5iX3rzwa+vU6 xp+DD8GKOf6uNe5F3Si/1yB51c59JAa9V2IIH+aYQRziP8VKt9zQtMQR v2qGYOEnKHBdpt+Slv1uIwFNL5o941DtR7OQl/IZ9LRPq7zuQtHDirPA /+4LeVKOYEFyy61xg5KBq+17yMAYk59mCl3OQc+KjMbdK1iZat1ucnbn F4poUQ==
787. ;; Received 740 bytes from 199.7.83.42#53(l.root-servers.net) in 435 ms
788.  
789. glmmg.org.br. 3600 IN NS ns.embratel.net.br.
790. glmmg.org.br. 3600 IN NS ns2.embratel.net.br.
791. 8ibcveen5720n44l12on35ti99p48dfq.org.br. 900 IN NSEC3 1 1 10 1ED197E8FB8CAF6322BC 8ICM44EE54CNOQDKEDVKHHOQFOIQG8RR NS SOA RRSIG DNSKEY NSEC3PARAM
792. 8ibcveen5720n44l12on35ti99p48dfq.org.br. 900 IN RRSIG NSEC3 13 3 900 20190923063007 20190909053007 50774 org.br. 6Iej9vt1EnEy2boJOXo7RRIic1oxpNxBvPEEksLdapvNBmKIjmCy6uZ5 ZYdPPOX/yg3Pyi0z9ZrNShBpKmaf0Q==
793. asks2h5ctbmgsq815p1b554uj3ee3kc8.org.br. 900 IN NSEC3 1 1 10 1ED197E8FB8CAF6322BC AT3V26E6OMLBE2AO6O3KVDMS20RG27B0 NS DS RRSIG
794. asks2h5ctbmgsq815p1b554uj3ee3kc8.org.br. 900 IN RRSIG NSEC3 13 3 900 20190919202508 20190905192508 50774 org.br. GxkJllUI9YKSjT/+py3GfoKg1T1tp4lrwaGHlWbdH2dyMiW0Ow3jMs80 hqpb6S345mj8fdLauAIHYTvo5L7f8Q==
795. ;; Received 500 bytes from 200.229.248.10#53(e.dns.br) in 222 ms
796.  
797. glmmg.org.br. 3600 IN A 189.3.58.120
798. glmmg.org.br. 3600 IN NS ns2.embratel.net.br.
799. glmmg.org.br. 3600 IN NS ns.embratel.net.br.
800. ;; Received 137 bytes from 200.245.255.33#53(ns2.embratel.net.br) in 399 ms
801. #######################################################################################################################################
802. [*] Processing domain glmmg.org.br
803. [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
804. [+] Getting nameservers
805. 200.245.255.33 - ns2.embratel.net.br
806. 200.255.253.241 - ns.embratel.net.br
807. [-] Zone transfer failed
808.  
809. [+] MX records found, added to target list
810. 5 mail.glmmg.org.br.
811.  
812. [*] Scanning glmmg.org.br for A records
813. 189.3.58.120 - glmmg.org.br
814. 189.3.58.120 - mail.glmmg.org.br
815. 189.3.58.120 - news.glmmg.org.br
816. 189.3.58.120 - www.glmmg.org.br
817. #######################################################################################################################################
818. Parsero scan report for www.glmmg.org.br
819. http://www.glmmg.org.br/ 200 OK
820. http://www.glmmg.org.br/Gestao.Financeiro 301 Moved Permanently
821. http://www.glmmg.org.br/files 301 Moved Permanently
822. http://www.glmmg.org.br/Gestao.News 301 Moved Permanently
823. http://www.glmmg.org.br/Gestao.Revista 301 Moved Permanently
824. http://www.glmmg.org.br/app/ 403 Forbidden
825. http://www.glmmg.org.br/lojas 404 Not Found
826. http://www.glmmg.org.br/admin 301 Moved Permanently
827. http://www.glmmg.org.br/Gestao.Cadastro 403 Forbidden
828. http://www.glmmg.org.br/app/files 301 Moved Permanently
829. http://www.glmmg.org.br/app/imagens 301 Moved Permanently
830. #######################################################################################################################################
831. Domains still to check: 1
832. Checking if the hostname glmmg.org.br. given is in fact a domain...
833.  
834. Analyzing domain: glmmg.org.br.
835. Checking NameServers using system default resolver...
836. IP: 200.245.255.33 (Brazil)
837. HostName: ns2.embratel.net.br Type: NS
838. HostName: wks01.rjoen.embratel.net.br Type: PTR
839. IP: 200.255.253.241 (Brazil)
840. HostName: ns.embratel.net.br Type: NS
841. HostName: wks01.rjo.embratel.net.br Type: PTR
842.  
843. Checking MailServers using system default resolver...
844. IP: 189.3.58.120 (Brazil)
845. HostName: mail.glmmg.org.br Type: MX
846. HostName: mail.glmmg.org.br Type: PTR
847.  
848. Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
849. No zone transfer found on nameserver 200.255.253.241
850. No zone transfer found on nameserver 200.245.255.33
851.  
852. Checking SPF record...
853. No SPF record
854.  
855. Checking 192 most common hostnames using system default resolver...
856. IP: 189.3.58.120 (Brazil)
857. HostName: mail.glmmg.org.br Type: MX
858. HostName: mail.glmmg.org.br Type: PTR
859. HostName: www.glmmg.org.br. Type: A
860. IP: 189.3.58.120 (Brazil)
861. HostName: mail.glmmg.org.br Type: MX
862. HostName: mail.glmmg.org.br Type: PTR
863. HostName: www.glmmg.org.br. Type: A
864. HostName: mail.glmmg.org.br. Type: A
865.  
866. Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
867. Checking netblock 200.255.253.0
868. Checking netblock 189.3.58.0
869. Checking netblock 200.245.255.0
870.  
871. Searching for glmmg.org.br. emails in Google
872. obreirosdobem@glmmg.org.br.
873. gerencia@glmmg.org.br.
874. macons@glmmg.org.br.
875. tataco@glmmg.org.br.
876. teatrodamaconaria@glmmg.org.br.
877. cpd@glmmg.org.br.
878. rodrigo@glmmg.org.br.
879. macons@glmmg.org.br&
880. grao.mestre@glmmg.org.br.
881. marlos@glmmg.org.brb
882. grao-mestre@glmmg.org.br
883. quirino@glmmg.org.br
884.  
885. Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
886. Host 200.255.253.241 is up (reset ttl 64)
887. Host 189.3.58.120 is up (reset ttl 64)
888. Host 200.245.255.33 is up (reset ttl 64)
889.  
890. Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
891. Scanning ip 200.255.253.241 (wks01.rjo.embratel.net.br (PTR)):
892. Scanning ip 189.3.58.120 (mail.glmmg.org.br.):
893. 21/tcp open ftp syn-ack ttl 117 Microsoft ftpd
894. | ftp-syst:
895. |_ SYST: Windows_NT
896. 80/tcp open http syn-ack ttl 117 Apache httpd (PHP 5.4.36)
897. |_http-favicon: Unknown favicon MD5: DC73893A813A0BBAED9C9AB13B110D43
898. | http-methods:
899. |_ Supported Methods: GET HEAD POST OPTIONS
900. | http-robots.txt: 11 disallowed entries
901. | / /app/files /app/imagens /app/ /lojas /admin /files
902. |_/Gestao.Cadastro /Gestao.Financeiro /Gestao.News /Gestao.Revista
903. |_http-server-header: Apache
904. |_http-title: Site doesn't have a title (text/html).
905. 110/tcp open pop3 syn-ack ttl 117 MDaemon pop3d 13.5.1
906. |_pop3-capabilities: USER UIDL TOP APOP STLS
907. |_ssl-date: 2019-09-09T06:40:34+00:00; -5s from scanner time.
908. 143/tcp open imap syn-ack ttl 117 Alt-N MDaemon imapd 13.5.1
909. |_imap-capabilities: COMPRESS=DEFLATE ACL AUTH=LOGIN XLISTA0001 STARTTLS CAPABILITY IDLE AUTH=CRAM-MD5 UNSELECT UIDPLUS OK BINARY QUOTA NAMESPACE completed IMAP4rev1 AUTH=PLAIN
910. |_ssl-date: 2019-09-09T06:40:35+00:00; -4s from scanner time.
911. 587/tcp open smtp syn-ack ttl 117 MDaemon smtpd 13.5.1 (Unregistered)
912. | smtp-commands: mail.glmmg.org.br Hello nmap.scanme.org, pleased to meet you, AUTH LOGIN CRAM-MD5 PLAIN, 8BITMIME, STARTTLS, SIZE,
913. |_ Help system currently inactive
914. |_ssl-date: 2019-09-09T06:40:35+00:00; -4s from scanner time.
915. 3000/tcp open http syn-ack ttl 117 World Client WDaemon httpd 4.0 (Alt-N MDaemon webmail)
916. |_http-favicon: Unknown favicon MD5: C20D6ACF6F2EF7662FF5EA83DEE4B4CE
917. | http-methods:
918. |_ Supported Methods: GET HEAD POST OPTIONS
919. | http-robots.txt: 19 disallowed entries (15 shown)
920. | /.WML/ /.XHTML/ /All/ /apple-touch-icon.png /BES/
921. | /ckeditor/ /ComAgentInstall.exe /Debug/ /favicon.ico /Help/
922. | /LookOut/ /MDAirSync.dll /MDAutoDiscover.dll /MDBis.dll
923. |_/MDSyncML.dll
924. |_http-title: WorldClient
925. 8080/tcp open http syn-ack ttl 117 Microsoft IIS httpd 8.5
926. | http-methods:
927. | Supported Methods: OPTIONS TRACE GET HEAD POST
928. |_ Potentially risky methods: TRACE
929. |_http-server-header: Microsoft-IIS/8.5
930. | http-title: G2L. Gestor Grande Loja.
931. |_Requested resource was http://189.3.58.120:8080/g2lAccessCredential.aspx
932. Device type: general purpose|WAP
933. Running (JUST GUESSING): Linux 2.6.X|2.4.X (88%)
934. OS Info: Service Info: Host: mail.glmmg.org.br; OS: Windows; CPE: cpe:/o:microsoft:windows
935. |_clock-skew: mean: -4s, deviation: 0s, median: -4s
936. Scanning ip 200.245.255.33 (wks01.rjoen.embratel.net.br (PTR)):
937. 21/tcp open ftp syn-ack ttl 56 vsftpd 2.0.8 or later
938. | ftp-anon: Anonymous FTP login allowed (FTP code 230)
939. | drwxr-xr-x 3 0 0 4096 Oct 18 2017 incoming
940. |_dr-xr-xr-x 5 0 1 4096 Aug 18 2010 pub
941. | ftp-syst:
942. | STAT:
943. | FTP server status:
944. | Connected to 45.131.4.19
945. | Logged in as ftp
946. | TYPE: ASCII
947. | No session bandwidth limit
948. | Session timeout in seconds is 60
949. | Control connection is plain text
950. | Data connections will be plain text
951. | At session startup, client count was 3
952. | vsFTPd 2.0.5 - secure, fast, stable
953. |_End of status
954. 53/tcp open domain syn-ack ttl 56 ISC BIND
955. WebCrawling domain's web servers... up to 50 max links.
956.  
957. + URL to crawl: http://www.glmmg.org.br.
958. + Date: 2019-09-09
959.  
960. + Crawling URL: http://www.glmmg.org.br.:
961. + Links:
962. + Crawling http://www.glmmg.org.br.
963. + Searching for directories...
964. + Searching open folders...
965.  
966.  
967. + URL to crawl: http://mail.glmmg.org.br.
968. + Date: 2019-09-09
969.  
970. + Crawling URL: http://mail.glmmg.org.br.:
971. + Links:
972. + Crawling http://mail.glmmg.org.br.
973. + Searching for directories...
974. + Searching open folders...
975.  
976.  
977. + URL to crawl: http://mail.glmmg.org.br
978. + Date: 2019-09-09
979.  
980. + Crawling URL: http://mail.glmmg.org.br:
981. + Links:
982. + Crawling http://mail.glmmg.org.br
983. + Searching for directories...
984. + Searching open folders...
985.  
986.  
987. + URL to crawl: http://www.glmmg.org.br.:3000
988. + Date: 2019-09-09
989.  
990. + Crawling URL: http://www.glmmg.org.br.:3000:
991. + Links:
992. + Crawling http://www.glmmg.org.br.:3000
993. + Crawling http://www.glmmg.org.br.:3000/favicon.ico?v=13.5.1c
994. + Crawling http://www.glmmg.org.br.:3000/LookOut/pages/logon.css?v=13.5.1 (File! Not crawling it.)
995. + Crawling http://www.glmmg.org.br.:3000/LookOut/globals.min.js?v=13.5.1 (File! Not crawling it.)
996. + Crawling http://www.glmmg.org.br.:3000/All/JavaScript/jquery-latest.js?v=13.5.1 (File! Not crawling it.)
997. + Searching for directories...
998. - Found: http://www.glmmg.org.br.:3000/All/
999. - Found: http://www.glmmg.org.br.:3000/All/Images/
1000. - Found: http://www.glmmg.org.br.:3000/LookOut/
1001. - Found: http://www.glmmg.org.br.:3000/LookOut/pages/
1002. - Found: http://www.glmmg.org.br.:3000/All/JavaScript/
1003. + Searching open folders...
1004. - http://www.glmmg.org.br.:3000/All/ (403 Forbidden)
1005. - http://www.glmmg.org.br.:3000/All/Images/ (403 Forbidden)
1006. - http://www.glmmg.org.br.:3000/LookOut/ (403 Forbidden)
1007. - http://www.glmmg.org.br.:3000/LookOut/pages/ (403 Forbidden)
1008. - http://www.glmmg.org.br.:3000/All/JavaScript/ (403 Forbidden)
1009.  
1010.  
1011. + URL to crawl: http://mail.glmmg.org.br.:3000
1012. + Date: 2019-09-09
1013.  
1014. + Crawling URL: http://mail.glmmg.org.br.:3000:
1015. + Links:
1016. + Crawling http://mail.glmmg.org.br.:3000
1017. + Crawling http://mail.glmmg.org.br.:3000/favicon.ico?v=13.5.1c
1018. + Crawling http://mail.glmmg.org.br.:3000/LookOut/pages/logon.css?v=13.5.1 (File! Not crawling it.)
1019. + Crawling http://mail.glmmg.org.br.:3000/LookOut/globals.min.js?v=13.5.1 (File! Not crawling it.)
1020. + Crawling http://mail.glmmg.org.br.:3000/All/JavaScript/jquery-latest.js?v=13.5.1 (File! Not crawling it.)
1021. + Searching for directories...
1022. - Found: http://mail.glmmg.org.br.:3000/All/
1023. - Found: http://mail.glmmg.org.br.:3000/All/Images/
1024. - Found: http://mail.glmmg.org.br.:3000/LookOut/
1025. - Found: http://mail.glmmg.org.br.:3000/LookOut/pages/
1026. - Found: http://mail.glmmg.org.br.:3000/All/JavaScript/
1027. + Searching open folders...
1028. - http://mail.glmmg.org.br.:3000/All/ (403 Forbidden)
1029. - http://mail.glmmg.org.br.:3000/All/Images/ (403 Forbidden)
1030. - http://mail.glmmg.org.br.:3000/LookOut/ (403 Forbidden)
1031. - http://mail.glmmg.org.br.:3000/LookOut/pages/ (403 Forbidden)
1032. - http://mail.glmmg.org.br.:3000/All/JavaScript/ (403 Forbidden)
1033.  
1034.  
1035. + URL to crawl: http://mail.glmmg.org.br:3000
1036. + Date: 2019-09-09
1037.  
1038. + Crawling URL: http://mail.glmmg.org.br:3000:
1039. + Links:
1040. + Crawling http://mail.glmmg.org.br:3000
1041. + Crawling http://mail.glmmg.org.br:3000/favicon.ico?v=13.5.1c
1042. + Crawling http://mail.glmmg.org.br:3000/LookOut/pages/logon.css?v=13.5.1 (File! Not crawling it.)
1043. + Crawling http://mail.glmmg.org.br:3000/LookOut/globals.min.js?v=13.5.1 (File! Not crawling it.)
1044. + Crawling http://mail.glmmg.org.br:3000/All/JavaScript/jquery-latest.js?v=13.5.1 (File! Not crawling it.)
1045. + Searching for directories...
1046. - Found: http://mail.glmmg.org.br:3000/All/
1047. - Found: http://mail.glmmg.org.br:3000/All/Images/
1048. - Found: http://mail.glmmg.org.br:3000/LookOut/
1049. - Found: http://mail.glmmg.org.br:3000/LookOut/pages/
1050. - Found: http://mail.glmmg.org.br:3000/All/JavaScript/
1051. + Searching open folders...
1052. - http://mail.glmmg.org.br:3000/All/ (403 Forbidden)
1053. - http://mail.glmmg.org.br:3000/All/Images/ (403 Forbidden)
1054. - http://mail.glmmg.org.br:3000/LookOut/ (403 Forbidden)
1055. - http://mail.glmmg.org.br:3000/LookOut/pages/ (403 Forbidden)
1056. - http://mail.glmmg.org.br:3000/All/JavaScript/ (403 Forbidden)
1057.  
1058.  
1059. + URL to crawl: http://www.glmmg.org.br.:8080
1060. + Date: 2019-09-09
1061.  
1062. + Crawling URL: http://www.glmmg.org.br.:8080:
1063. + Links:
1064. + Crawling http://www.glmmg.org.br.:8080 (400 Bad Request)
1065. + Searching for directories...
1066. + Searching open folders...
1067.  
1068.  
1069. + URL to crawl: http://mail.glmmg.org.br.:8080
1070. + Date: 2019-09-09
1071.  
1072. + Crawling URL: http://mail.glmmg.org.br.:8080:
1073. + Links:
1074. + Crawling http://mail.glmmg.org.br.:8080 (400 Bad Request)
1075. + Searching for directories...
1076. + Searching open folders...
1077.  
1078.  
1079. + URL to crawl: http://mail.glmmg.org.br:8080
1080. + Date: 2019-09-09
1081.  
1082. + Crawling URL: http://mail.glmmg.org.br:8080:
1083. + Links:
1084. + Crawling http://mail.glmmg.org.br:8080
1085. + Crawling http://mail.glmmg.org.br:8080/extjs/resources/css/ext-all-embedded-css/ext.axd?v=24026 (File! Not crawling it.)
1086. + Crawling http://mail.glmmg.org.br:8080/extjs/resources/css/xtheme-slate-embedded-css/ext.axd?v=24026 (File! Not crawling it.)
1087. + Crawling http://mail.glmmg.org.br:8080/extjs/adapter/ext/ext-base-js/ext.axd?v=24026 (File! Not crawling it.)
1088. + Crawling http://mail.glmmg.org.br:8080/extjs/ext-all-js/ext.axd?v=24026 (File! Not crawling it.)
1089. + Crawling http://mail.glmmg.org.br:8080/extnet/extnet-core-js/ext.axd?v=24026 (File! Not crawling it.)
1090. + Crawling http://mail.glmmg.org.br:8080/extnet/locale/ext-lang-pt-BR-js/ext.axd?v=24026 (File! Not crawling it.)
1091. + Searching for directories...
1092. - Found: http://mail.glmmg.org.br:8080/Resources/
1093. - Found: http://mail.glmmg.org.br:8080/Resources/CSS/
1094. - Found: http://mail.glmmg.org.br:8080/Resources/Icon/
1095. - Found: http://mail.glmmg.org.br:8080/extjs/
1096. - Found: http://mail.glmmg.org.br:8080/extjs/resources/
1097. - Found: http://mail.glmmg.org.br:8080/extjs/resources/css/
1098. - Found: http://mail.glmmg.org.br:8080/extjs/resources/css/ext-all-embedded-css/
1099. - Found: http://mail.glmmg.org.br:8080/extjs/resources/css/xtheme-slate-embedded-css/
1100. - Found: http://mail.glmmg.org.br:8080/extjs/adapter/
1101. - Found: http://mail.glmmg.org.br:8080/extjs/adapter/ext/
1102. - Found: http://mail.glmmg.org.br:8080/extjs/adapter/ext/ext-base-js/
1103. - Found: http://mail.glmmg.org.br:8080/extjs/ext-all-js/
1104. - Found: http://mail.glmmg.org.br:8080/extnet/
1105. - Found: http://mail.glmmg.org.br:8080/extnet/extnet-core-js/
1106. - Found: http://mail.glmmg.org.br:8080/extnet/locale/
1107. - Found: http://mail.glmmg.org.br:8080/extnet/locale/ext-lang-pt-BR-js/
1108. + Searching open folders...
1109. - http://mail.glmmg.org.br:8080/Resources/ (403 Forbidden)
1110. - http://mail.glmmg.org.br:8080/Resources/CSS/ (403 Forbidden)
1111. - http://mail.glmmg.org.br:8080/Resources/Icon/ (403 Forbidden)
1112. - http://mail.glmmg.org.br:8080/extjs/ (404 Not Found)
1113. - http://mail.glmmg.org.br:8080/extjs/resources/ (404 Not Found)
1114. - http://mail.glmmg.org.br:8080/extjs/resources/css/ (404 Not Found)
1115. - http://mail.glmmg.org.br:8080/extjs/resources/css/ext-all-embedded-css/ (404 Not Found)
1116. - http://mail.glmmg.org.br:8080/extjs/resources/css/xtheme-slate-embedded-css/ (404 Not Found)
1117. - http://mail.glmmg.org.br:8080/extjs/adapter/ (404 Not Found)
1118. - http://mail.glmmg.org.br:8080/extjs/adapter/ext/ (404 Not Found)
1119. - http://mail.glmmg.org.br:8080/extjs/adapter/ext/ext-base-js/ (404 Not Found)
1120. - http://mail.glmmg.org.br:8080/extjs/ext-all-js/ (404 Not Found)
1121. - http://mail.glmmg.org.br:8080/extnet/ (404 Not Found)
1122. - http://mail.glmmg.org.br:8080/extnet/extnet-core-js/ (404 Not Found)
1123. - http://mail.glmmg.org.br:8080/extnet/locale/ (404 Not Found)
1124. - http://mail.glmmg.org.br:8080/extnet/locale/ext-lang-pt-BR-js/ (404 Not Found)
1125.  
1126. --Finished--
1127. Summary information for domain glmmg.org.br.
1128. -----------------------------------------
1129. Domain Specific Information:
1130. Email: obreirosdobem@glmmg.org.br.
1131. Email: gerencia@glmmg.org.br.
1132. Email: macons@glmmg.org.br.
1133. Email: tataco@glmmg.org.br.
1134. Email: teatrodamaconaria@glmmg.org.br.
1135. Email: cpd@glmmg.org.br.
1136. Email: rodrigo@glmmg.org.br.
1137. Email: macons@glmmg.org.br&
1138. Email: grao.mestre@glmmg.org.br.
1139. Email: marlos@glmmg.org.brb
1140. Email: grao-mestre@glmmg.org.br
1141. Email: quirino@glmmg.org.br
1142.  
1143. Domain Ips Information:
1144. IP: 200.255.253.241
1145. HostName: ns.embratel.net.br Type: NS
1146. HostName: wks01.rjo.embratel.net.br Type: PTR
1147. Country: Brazil
1148. Is Active: True (reset ttl 64)
1149. IP: 189.3.58.120
1150. HostName: mail.glmmg.org.br Type: MX
1151. HostName: mail.glmmg.org.br Type: PTR
1152. HostName: www.glmmg.org.br. Type: A
1153. HostName: mail.glmmg.org.br. Type: A
1154. Country: Brazil
1155. Is Active: True (reset ttl 64)
1156. Port: 21/tcp open ftp syn-ack ttl 117 Microsoft ftpd
1157. Script Info: | ftp-syst:
1158. Script Info: |_ SYST: Windows_NT
1159. Port: 80/tcp open http syn-ack ttl 117 Apache httpd (PHP 5.4.36)
1160. Script Info: |_http-favicon: Unknown favicon MD5: DC73893A813A0BBAED9C9AB13B110D43
1161. Script Info: | http-methods:
1162. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1163. Script Info: | http-robots.txt: 11 disallowed entries
1164. Script Info: | / /app/files /app/imagens /app/ /lojas /admin /files
1165. Script Info: |_/Gestao.Cadastro /Gestao.Financeiro /Gestao.News /Gestao.Revista
1166. Script Info: |_http-server-header: Apache
1167. Script Info: |_http-title: Site doesn't have a title (text/html).
1168. Port: 110/tcp open pop3 syn-ack ttl 117 MDaemon pop3d 13.5.1
1169. Script Info: |_pop3-capabilities: USER UIDL TOP APOP STLS
1170. Script Info: |_ssl-date: 2019-09-09T06:40:34+00:00; -5s from scanner time.
1171. Port: 143/tcp open imap syn-ack ttl 117 Alt-N MDaemon imapd 13.5.1
1172. Script Info: |_imap-capabilities: COMPRESS=DEFLATE ACL AUTH=LOGIN XLISTA0001 STARTTLS CAPABILITY IDLE AUTH=CRAM-MD5 UNSELECT UIDPLUS OK BINARY QUOTA NAMESPACE completed IMAP4rev1 AUTH=PLAIN
1173. Script Info: |_ssl-date: 2019-09-09T06:40:35+00:00; -4s from scanner time.
1174. Port: 587/tcp open smtp syn-ack ttl 117 MDaemon smtpd 13.5.1 (Unregistered)
1175. Script Info: | smtp-commands: mail.glmmg.org.br Hello nmap.scanme.org, pleased to meet you, AUTH LOGIN CRAM-MD5 PLAIN, 8BITMIME, STARTTLS, SIZE,
1176. Script Info: |_ Help system currently inactive
1177. Script Info: |_ssl-date: 2019-09-09T06:40:35+00:00; -4s from scanner time.
1178. Port: 3000/tcp open http syn-ack ttl 117 World Client WDaemon httpd 4.0 (Alt-N MDaemon webmail)
1179. Script Info: |_http-favicon: Unknown favicon MD5: C20D6ACF6F2EF7662FF5EA83DEE4B4CE
1180. Script Info: | http-methods:
1181. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1182. Script Info: | http-robots.txt: 19 disallowed entries (15 shown)
1183. Script Info: | /.WML/ /.XHTML/ /All/ /apple-touch-icon.png /BES/
1184. Script Info: | /ckeditor/ /ComAgentInstall.exe /Debug/ /favicon.ico /Help/
1185. Script Info: | /LookOut/ /MDAirSync.dll /MDAutoDiscover.dll /MDBis.dll
1186. Script Info: |_/MDSyncML.dll
1187. Script Info: |_http-title: WorldClient
1188. Port: 8080/tcp open http syn-ack ttl 117 Microsoft IIS httpd 8.5
1189. Script Info: | http-methods:
1190. Script Info: | Supported Methods: OPTIONS TRACE GET HEAD POST
1191. Script Info: |_ Potentially risky methods: TRACE
1192. Script Info: |_http-server-header: Microsoft-IIS/8.5
1193. Script Info: | http-title: G2L. Gestor Grande Loja.
1194. Script Info: |_Requested resource was http://189.3.58.120:8080/g2lAccessCredential.aspx
1195. Script Info: Device type: general purpose|WAP
1196. Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X (88%)
1197. Os Info: Host: mail.glmmg.org.br; OS: Windows; CPE: cpe:/o:microsoft:windows
1198. Script Info: |_clock-skew: mean: -4s, deviation: 0s, median: -4s
1199. IP: 200.245.255.33
1200. HostName: ns2.embratel.net.br Type: NS
1201. HostName: wks01.rjoen.embratel.net.br Type: PTR
1202. Country: Brazil
1203. Is Active: True (reset ttl 64)
1204. Port: 21/tcp open ftp syn-ack ttl 56 vsftpd 2.0.8 or later
1205. Script Info: | ftp-anon: Anonymous FTP login allowed (FTP code 230)
1206. Script Info: | drwxr-xr-x 3 0 0 4096 Oct 18 2017 incoming
1207. Script Info: |_dr-xr-xr-x 5 0 1 4096 Aug 18 2010 pub
1208. Script Info: | ftp-syst:
1209. Script Info: | STAT:
1210. Script Info: | FTP server status:
1211. Script Info: | Connected to 45.131.4.19
1212. Script Info: | Logged in as ftp
1213. Script Info: | TYPE: ASCII
1214. Script Info: | No session bandwidth limit
1215. Script Info: | Session timeout in seconds is 60
1216. Script Info: | Control connection is plain text
1217. Script Info: | Data connections will be plain text
1218. Script Info: | At session startup, client count was 3
1219. Script Info: | vsFTPd 2.0.5 - secure, fast, stable
1220. Script Info: |_End of status
1221. Port: 53/tcp open domain syn-ack ttl 56 ISC BIND
1222. #######################################################################################################################################
1223. [+] www.glmmg.org.br has no SPF record!
1224. [*] No DMARC record found. Looking for organizational record
1225. [+] No organizational DMARC record
1226. [+] Spoofing possible for www.glmmg.org.br!
1227. #######################################################################################################################################
1228. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:57 EDT
1229. Warning: 189.3.58.120 giving up on port because retransmission cap hit (2).
1230. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1231. Host is up (0.41s latency).
1232. rDNS record for 189.3.58.120: mail.glmmg.org.br
1233. Not shown: 468 filtered ports, 7 closed ports
1234. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1235. PORT STATE SERVICE
1236. 21/tcp open ftp
1237. 80/tcp open http
1238. 110/tcp open pop3
1239. 143/tcp open imap
1240. 587/tcp open submission
1241. 1000/tcp open cadlock
1242. 3000/tcp open ppp
1243. 8080/tcp open http-proxy
1244.  
1245. Nmap done: 1 IP address (1 host up) scanned in 97.52 seconds
1246. #######################################################################################################################################
1247. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:59 EDT
1248. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1249. Host is up (0.24s latency).
1250. rDNS record for 189.3.58.120: mail.glmmg.org.br
1251. Not shown: 3 closed ports, 2 filtered ports
1252. PORT STATE SERVICE
1253. 67/udp open|filtered dhcps
1254. 69/udp open|filtered tftp
1255. 88/udp open|filtered kerberos-sec
1256. 123/udp open|filtered ntp
1257. 139/udp open|filtered netbios-ssn
1258. 161/udp open|filtered snmp
1259. 162/udp open|filtered snmptrap
1260. 500/udp open|filtered isakmp
1261. 520/udp open|filtered route
1262. 2049/udp open|filtered nfs
1263.  
1264. Nmap done: 1 IP address (1 host up) scanned in 6.18 seconds
1265. #######################################################################################################################################
1266. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:59 EDT
1267. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1268. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1269. NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
1270. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1271. Host is up (0.32s latency).
1272. rDNS record for 189.3.58.120: mail.glmmg.org.br
1273.  
1274. PORT STATE SERVICE VERSION
1275. 21/tcp open ftp Microsoft ftpd
1276. | ftp-brute:
1277. | Accounts: No valid accounts found
1278. |_ Statistics: Performed 1788 guesses in 181 seconds, average tps: 9.3
1279. | ftp-syst:
1280. |_ SYST: Windows_NT
1281. |_vulscan: ERROR: Script execution failed (use -d to debug)
1282. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1283. OS fingerprint not ideal because: Timing level 5 (Insane) used
1284. No OS matches for host
1285. Network Distance: 13 hops
1286. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1287.  
1288. TRACEROUTE (using port 21/tcp)
1289. HOP RTT ADDRESS
1290. 1 140.17 ms 10.240.204.1
1291. 2 251.62 ms 45.131.4.3
1292. 3 251.59 ms 109.236.95.228
1293. 4 251.65 ms hu0-1-0-7.rcr21.ams06.atlas.cogentco.com (149.14.93.73)
1294. 5 251.67 ms be3458.ccr42.ams03.atlas.cogentco.com (154.54.39.185)
1295. 6 251.69 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
1296. 7 251.74 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
1297. 8 251.73 ms 38.88.194.106
1298. 9 251.78 ms 38.88.194.106
1299. 10 356.51 ms ebt-Plag-111-core01.bhe.embratel.net.br (200.230.220.93)
1300. 11 530.29 ms 200.244.22.149
1301. 12 418.82 ms ebt-P3-2-1-agg02.bhe.embratel.net.br (200.244.24.42)
1302. 13 418.81 ms mail.glmmg.org.br (189.3.58.120)
1303. #######################################################################################################################################
1304. wig - WebApp Information Gatherer
1305.  
1306.  
1307. Scanning http://www.glmmg.org.br...
1308. _____________________ SITE INFO _____________________
1309. IP Title
1310. 189.3.58.120
1311.  
1312. ______________________ VERSION ______________________
1313. Name Versions Type
1314. Apache Platform
1315. PHP 5.4.36 Platform
1316.  
1317. ____________________ INTERESTING ____________________
1318. URL Note Type
1319. /robots.txt robots.txt index Interesting
1320.  
1321. _____________________________________________________
1322. Time: 17.1 sec Urls: 598 Fingerprints: 40401
1323. #######################################################################################################################################
1324. HTTP/1.1 200 OK
1325. Date: Mon, 09 Sep 2019 07:04:36 GMT
1326. Server: Apache
1327. X-Powered-By: PHP/5.4.36
1328. Content-Type: text/html
1329.  
1330. HTTP/1.1 200 OK
1331. Date: Mon, 09 Sep 2019 07:04:37 GMT
1332. Server: Apache
1333. X-Powered-By: PHP/5.4.36
1334. Content-Type: text/html
1335. ######################################################################################################################################
1336. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 03:05 EDT
1337. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1338. Host is up (0.36s latency).
1339. rDNS record for 189.3.58.120: mail.glmmg.org.br
1340.  
1341. PORT STATE SERVICE VERSION
1342. 110/tcp open pop3 MDaemon pop3d 13.5.1
1343. | pop3-brute:
1344. | Accounts: No valid accounts found
1345. | Statistics: Performed 15 guesses in 3 seconds, average tps: 5.0
1346. |_ ERROR: Failed to make a pop-connection.
1347. |_pop3-capabilities: UIDL USER TOP APOP STLS
1348. |_vulscan: ERROR: Script execution failed (use -d to debug)
1349. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1350. Device type: general purpose|WAP
1351. Running (JUST GUESSING): Microsoft Windows 2008|7 (86%), AirSpan embedded (85%)
1352. OS CPE: cpe:/o:microsoft:windows_server_2008::beta3 cpe:/o:microsoft:windows_server_2008 cpe:/o:microsoft:windows_8 cpe:/o:microsoft:windows_7::sp1
1353. Aggressive OS guesses: Microsoft Windows Server 2008 or 2008 Beta 3 (86%), Microsoft Windows Server 2008 R2 SP1 (86%), AirSpan ProST WiMAX access point (85%), Microsoft Windows Server 2008 (85%), Microsoft Windows Server 2008 R2 or Windows 8 (85%), Microsoft Windows 7 SP1 (85%)
1354. No exact OS matches for host (test conditions non-ideal).
1355. Network Distance: 15 hops
1356. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1357.  
1358. TRACEROUTE (using port 110/tcp)
1359. HOP RTT ADDRESS
1360. 1 192.42 ms 10.240.204.1
1361. 2 192.49 ms 45.131.4.2
1362. 3 192.49 ms 109.236.95.228
1363. 4 192.52 ms hu0-1-0-7.rcr21.ams06.atlas.cogentco.com (149.14.93.73)
1364. 5 192.54 ms be3383.ccr42.lon13.atlas.cogentco.com (154.54.57.253)
1365. 6 297.57 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142)
1366. 7 297.60 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
1367. 8 297.53 ms be3472.ccr42.jfk02.atlas.cogentco.com (154.54.46.34)
1368. 9 297.64 ms 38.88.194.106
1369. 10 402.65 ms ebt-P7-2-1-agg02.bhe.embratel.net.br (200.244.24.6)
1370. 11 408.77 ms ebt-Plag-10-core01.cem.embratel.net.br (200.244.24.8)
1371. 12 408.73 ms grdeloja-M102232-gacc06.bhe.embratel.net.br (200.254.243.210)
1372. 13 408.75 ms ebt-P3-2-1-agg02.bhe.embratel.net.br (200.244.24.42)
1373. 14 408.65 ms 200.244.22.149
1374. 15 408.69 ms mail.glmmg.org.br (189.3.58.120)
1375. #######################################################################################################################################
1376. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:31 EDT
1377. Warning: 189.3.58.120 giving up on port because retransmission cap hit (2).
1378. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1379. Host is up (0.38s latency).
1380. rDNS record for 189.3.58.120: mail.glmmg.org.br
1381. Not shown: 468 filtered ports, 7 closed ports
1382. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1383. PORT STATE SERVICE
1384. 21/tcp open ftp
1385. 80/tcp open http
1386. 110/tcp open pop3
1387. 143/tcp open imap
1388. 587/tcp open submission
1389. 1000/tcp open cadlock
1390. 3000/tcp open ppp
1391. 8080/tcp open http-proxy
1392.  
1393. Nmap done: 1 IP address (1 host up) scanned in 89.92 seconds
1394. ######################################################################################################################################
1395. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:33 EDT
1396. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1397. Host is up (0.22s latency).
1398. rDNS record for 189.3.58.120: mail.glmmg.org.br
1399. Not shown: 3 closed ports, 2 filtered ports
1400. PORT STATE SERVICE
1401. 67/udp open|filtered dhcps
1402. 69/udp open|filtered tftp
1403. 88/udp open|filtered kerberos-sec
1404. 123/udp open|filtered ntp
1405. 139/udp open|filtered netbios-ssn
1406. 161/udp open|filtered snmp
1407. 162/udp open|filtered snmptrap
1408. 500/udp open|filtered isakmp
1409. 520/udp open|filtered route
1410. 2049/udp open|filtered nfs
1411.  
1412. Nmap done: 1 IP address (1 host up) scanned in 6.86 seconds
1413. #######################################################################################################################################
1414. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:33 EDT
1415. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1416. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1417. NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
1418. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1419. Host is up (0.31s latency).
1420. rDNS record for 189.3.58.120: mail.glmmg.org.br
1421.  
1422. PORT STATE SERVICE VERSION
1423. 21/tcp open ftp Microsoft ftpd
1424. | ftp-brute:
1425. | Accounts: No valid accounts found
1426. |_ Statistics: Performed 1895 guesses in 184 seconds, average tps: 10.4
1427. | ftp-syst:
1428. |_ SYST: Windows_NT
1429. |_vulscan: ERROR: Script execution failed (use -d to debug)
1430. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1431. OS fingerprint not ideal because: Timing level 5 (Insane) used
1432. No OS matches for host
1433. Network Distance: 14 hops
1434. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1435.  
1436. TRACEROUTE (using port 21/tcp)
1437. HOP RTT ADDRESS
1438. 1 210.81 ms 10.240.204.1
1439. 2 314.66 ms 45.131.4.3
1440. 3 314.63 ms 109.236.95.228
1441. 4 314.70 ms be4380.rcr21.rtm01.atlas.cogentco.com (149.6.110.73)
1442. 5 314.73 ms be3433.ccr41.ams03.atlas.cogentco.com (154.54.58.201)
1443. 6 314.78 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
1444. 7 314.76 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
1445. 8 314.79 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
1446. 9 424.43 ms ebt-Plag-102-core01.cem.embratel.net.br (200.230.220.97)
1447. 10 424.45 ms ebt-P3-2-1-agg02.bhe.embratel.net.br (200.244.24.42)
1448. 11 316.21 ms ebt-Plag-10-core01.cem.embratel.net.br (200.244.24.8)
1449. 12 450.95 ms ebt-P7-2-1-agg02.bhe.embratel.net.br (200.244.24.6)
1450. 13 450.98 ms grdeloja-M102232-gacc06.bhe.embratel.net.br (200.254.243.210)
1451. 14 450.94 ms mail.glmmg.org.br (189.3.58.120)
1452. #######################################################################################################################################
1453. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:37 EDT
1454. NSE: Loaded 164 scripts for scanning.
1455. NSE: Script Pre-scanning.
1456. Initiating NSE at 02:37
1457. Completed NSE at 02:37, 0.00s elapsed
1458. Initiating NSE at 02:37
1459. Completed NSE at 02:37, 0.00s elapsed
1460. Initiating Parallel DNS resolution of 1 host. at 02:37
1461. Completed Parallel DNS resolution of 1 host. at 02:37, 0.03s elapsed
1462. Initiating SYN Stealth Scan at 02:37
1463. Scanning www.glmmg.org.br (189.3.58.120) [1 port]
1464. Discovered open port 80/tcp on 189.3.58.120
1465. Completed SYN Stealth Scan at 02:37, 0.60s elapsed (1 total ports)
1466. Initiating Service scan at 02:37
1467. Scanning 1 service on www.glmmg.org.br (189.3.58.120)
1468. Completed Service scan at 02:37, 6.72s elapsed (1 service on 1 host)
1469. Initiating OS detection (try #1) against www.glmmg.org.br (189.3.58.120)
1470. Retrying OS detection (try #2) against www.glmmg.org.br (189.3.58.120)
1471. Initiating Traceroute at 02:38
1472. Completed Traceroute at 02:38, 0.83s elapsed
1473. Initiating Parallel DNS resolution of 13 hosts. at 02:38
1474. Completed Parallel DNS resolution of 13 hosts. at 02:38, 0.44s elapsed
1475. NSE: Script scanning 189.3.58.120.
1476. Initiating NSE at 02:38
1477. NSE: [http-wordpress-enum 189.3.58.120:80] got no answers from pipelined queries
1478. Completed NSE at 02:40, 133.64s elapsed
1479. Initiating NSE at 02:40
1480. Completed NSE at 02:40, 1.56s elapsed
1481. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1482. Host is up (0.36s latency).
1483. rDNS record for 189.3.58.120: mail.glmmg.org.br
1484.  
1485. PORT STATE SERVICE VERSION
1486. 80/tcp open http Apache httpd (PHP 5.4.36)
1487. | http-brute:
1488. |_ Path "/" does not require authentication
1489. |_http-chrono: Request times for /; avg: 5944.33ms; min: 1099.13ms; max: 23227.00ms
1490. |_http-csrf: Couldn't find any CSRF vulnerabilities.
1491. |_http-date: Mon, 09 Sep 2019 06:38:04 GMT; -19s from local time.
1492. |_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1493. |_http-dombased-xss: Couldn't find any DOM based XSS.
1494. |_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1495. |_http-errors: Couldn't find any error pages.
1496. |_http-feed: Couldn't find any feeds.
1497. |_http-fetch: Please enter the complete path of the directory to save data in.
1498. | http-headers:
1499. | Date: Mon, 09 Sep 2019 06:38:24 GMT
1500. | Server: Apache
1501. | X-Powered-By: PHP/5.4.36
1502. | Content-Length: 63
1503. | Connection: close
1504. | Content-Type: text/html
1505. |
1506. |_ (Request type: GET)
1507. |_http-jsonp-detection: Couldn't find any JSONP endpoints.
1508. | http-methods:
1509. |_ Supported Methods: HEAD POST OPTIONS
1510. |_http-mobileversion-checker: No mobile version detected.
1511. | http-php-version: Versions from logo query (less accurate): 5.3.0 - 5.3.29, 5.4.0 - 5.4.45
1512. | Versions from credits query (more accurate): 5.4.15 - 5.4.45
1513. |_Version from header x-powered-by: PHP/5.4.36
1514. | http-robots.txt: 11 disallowed entries
1515. | / /app/files /app/imagens /app/ /lojas /admin /files
1516. |_/Gestao.Cadastro /Gestao.Financeiro /Gestao.News /Gestao.Revista
1517. |_http-security-headers:
1518. |_http-server-header: Apache
1519. | http-sitemap-generator:
1520. | Directory structure:
1521. | /
1522. | Other: 1
1523. | Longest directory structure:
1524. | Depth: 0
1525. | Dir: /
1526. | Total files found (by extension):
1527. |_ Other: 1
1528. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1529. |_http-title: Site doesn't have a title (text/html).
1530. | http-trace: TRACE is enabled
1531. | Headers:
1532. | Date: Mon, 09 Sep 2019 06:38:02 GMT
1533. | Server: Apache
1534. | Connection: close
1535. | Transfer-Encoding: chunked
1536. |_Content-Type: message/http
1537. | http-vhosts:
1538. | 115 names had status 200
1539. |_12 names had status ERROR
1540. |_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
1541. |_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1542. |_http-xssed: No previously reported XSS vuln.
1543. |_vulscan: ERROR: Script execution failed (use -d to debug)
1544. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1545. OS fingerprint not ideal because: Timing level 5 (Insane) used
1546. No OS matches for host
1547. Uptime guess: 39.485 days (since Wed Jul 31 15:02:12 2019)
1548. Network Distance: 13 hops
1549. TCP Sequence Prediction: Difficulty=261 (Good luck!)
1550. IP ID Sequence Generation: Incremental
1551.  
1552. TRACEROUTE (using port 80/tcp)
1553. HOP RTT ADDRESS
1554. 1 257.73 ms 10.240.204.1
1555. 2 363.39 ms 45.131.4.2
1556. 3 363.38 ms 109.236.95.230
1557. 4 363.42 ms be4381.rcr21.rtm01.atlas.cogentco.com (149.6.110.89)
1558. 5 363.43 ms be3457.ccr41.ams03.atlas.cogentco.com (130.117.1.9)
1559. 6 363.47 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
1560. 7 363.47 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
1561. 8 363.50 ms 38.88.194.106
1562. 9 363.51 ms 38.88.194.106
1563. 10 363.52 ms ebt-Plag-102-core01.cem.embratel.net.br (200.230.220.97)
1564. 11 353.86 ms ebt-Plag-111-core01.bhe.embratel.net.br (200.230.220.93)
1565. 12 461.17 ms ebt-Plag-10-core01.cem.embratel.net.br (200.244.24.8)
1566. 13 461.16 ms mail.glmmg.org.br (189.3.58.120)
1567.  
1568. NSE: Script Post-scanning.
1569. Initiating NSE at 02:40
1570. Completed NSE at 02:40, 0.00s elapsed
1571. Initiating NSE at 02:40
1572. Completed NSE at 02:40, 0.00s elapsed
1573. #######################################################################################################################################
1574. HTTP/1.1 200 OK
1575. Date: Mon, 09 Sep 2019 06:47:27 GMT
1576. Server: Apache
1577. X-Powered-By: PHP/5.4.36
1578. Content-Type: text/html
1579.  
1580. HTTP/1.1 200 OK
1581. Date: Mon, 09 Sep 2019 06:47:28 GMT
1582. Server: Apache
1583. X-Powered-By: PHP/5.4.36
1584. Content-Type: text/html
1585. #######################################################################################################################################
1586. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:47 EDT
1587. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1588. Host is up (0.38s latency).
1589. rDNS record for 189.3.58.120: mail.glmmg.org.br
1590.  
1591. PORT STATE SERVICE VERSION
1592. 110/tcp open pop3 MDaemon pop3d 13.5.1
1593. | pop3-brute:
1594. | Accounts: No valid accounts found
1595. | Statistics: Performed 25 guesses in 4 seconds, average tps: 6.2
1596. |_ ERROR: Failed to make a pop-connection.
1597. |_pop3-capabilities: USER UIDL TOP STLS APOP
1598. |_vulscan: ERROR: Script execution failed (use -d to debug)
1599. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1600. Device type: general purpose|WAP
1601. Running (JUST GUESSING): Microsoft Windows 2008|7 (87%), AirSpan embedded (85%)
1602. OS CPE: cpe:/o:microsoft:windows_server_2008::beta3 cpe:/o:microsoft:windows_server_2008 cpe:/o:microsoft:windows_8 cpe:/o:microsoft:windows_7::sp1
1603. Aggressive OS guesses: Microsoft Windows Server 2008 or 2008 Beta 3 (87%), Microsoft Windows Server 2008 (86%), Microsoft Windows Server 2008 R2 (86%), Microsoft Windows Server 2008 R2 or Windows 8 (86%), Microsoft Windows 7 SP1 (86%), AirSpan ProST WiMAX access point (85%)
1604. No exact OS matches for host (test conditions non-ideal).
1605. Network Distance: 14 hops
1606. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1607.  
1608. TRACEROUTE (using port 110/tcp)
1609. HOP RTT ADDRESS
1610. 1 160.33 ms 10.240.204.1
1611. 2 160.38 ms 45.131.4.3
1612. 3 160.40 ms 109.236.95.230
1613. 4 160.42 ms be4380.rcr21.rtm01.atlas.cogentco.com (149.6.110.73)
1614. 5 160.45 ms be3433.ccr41.ams03.atlas.cogentco.com (154.54.58.201)
1615. 6 264.38 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
1616. 7 264.31 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
1617. 8 264.39 ms 38.88.194.106
1618. 9 368.54 ms ebt-Plag-102-core01.cem.embratel.net.br (200.230.220.97)
1619. 10 264.45 ms 38.88.194.106
1620. 11 546.27 ms ebt-Plag-10-core01.cem.embratel.net.br (200.244.24.8)
1621. 12 546.25 ms ebt-P3-2-1-agg02.bhe.embratel.net.br (200.244.24.42)
1622. 13 399.47 ms 200.244.22.149
1623. 14 546.23 ms mail.glmmg.org.br (189.3.58.120)
1624. #######################################################################################################################################
1625. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 02:58 EDT
1626. NSE: Loaded 47 scripts for scanning.
1627. NSE: Script Pre-scanning.
1628. Initiating NSE at 02:58
1629. Completed NSE at 02:58, 0.00s elapsed
1630. Initiating NSE at 02:58
1631. Completed NSE at 02:58, 0.00s elapsed
1632. Initiating Ping Scan at 02:58
1633. Scanning www.glmmg.org.br (189.3.58.120) [4 ports]
1634. Completed Ping Scan at 02:58, 0.42s elapsed (1 total hosts)
1635. Initiating Parallel DNS resolution of 1 host. at 02:58
1636. Completed Parallel DNS resolution of 1 host. at 02:58, 0.02s elapsed
1637. Initiating SYN Stealth Scan at 02:58
1638. Scanning www.glmmg.org.br (189.3.58.120) [65535 ports]
1639. Discovered open port 80/tcp on 189.3.58.120
1640. Discovered open port 587/tcp on 189.3.58.120
1641. Discovered open port 8080/tcp on 189.3.58.120
1642. Discovered open port 21/tcp on 189.3.58.120
1643. Discovered open port 143/tcp on 189.3.58.120
1644. Discovered open port 110/tcp on 189.3.58.120
1645. Discovered open port 366/tcp on 189.3.58.120
1646. SYN Stealth Scan Timing: About 1.67% done; ETC: 03:29 (0:30:22 remaining)
1647. SYN Stealth Scan Timing: About 5.25% done; ETC: 03:18 (0:18:20 remaining)
1648. SYN Stealth Scan Timing: About 8.29% done; ETC: 03:17 (0:16:47 remaining)
1649. SYN Stealth Scan Timing: About 9.00% done; ETC: 03:21 (0:20:24 remaining)
1650. SYN Stealth Scan Timing: About 9.82% done; ETC: 03:24 (0:23:06 remaining)
1651. SYN Stealth Scan Timing: About 13.25% done; ETC: 03:21 (0:19:45 remaining)
1652. SYN Stealth Scan Timing: About 17.90% done; ETC: 03:18 (0:16:08 remaining)
1653. SYN Stealth Scan Timing: About 21.85% done; ETC: 03:17 (0:14:22 remaining)
1654. SYN Stealth Scan Timing: About 26.09% done; ETC: 03:16 (0:12:48 remaining)
1655. SYN Stealth Scan Timing: About 32.40% done; ETC: 03:14 (0:10:28 remaining)
1656. Discovered open port 1000/tcp on 189.3.58.120
1657. SYN Stealth Scan Timing: About 39.20% done; ETC: 03:12 (0:08:33 remaining)
1658. Discovered open port 1306/tcp on 189.3.58.120
1659. SYN Stealth Scan Timing: About 46.60% done; ETC: 03:11 (0:06:54 remaining)
1660. Discovered open port 3000/tcp on 189.3.58.120
1661. SYN Stealth Scan Timing: About 48.77% done; ETC: 03:13 (0:07:34 remaining)
1662. Discovered open port 1357/tcp on 189.3.58.120
1663. SYN Stealth Scan Timing: About 55.97% done; ETC: 03:14 (0:06:46 remaining)
1664. SYN Stealth Scan Timing: About 60.93% done; ETC: 03:13 (0:05:50 remaining)
1665. SYN Stealth Scan Timing: About 66.97% done; ETC: 03:13 (0:04:44 remaining)
1666. SYN Stealth Scan Timing: About 74.19% done; ETC: 03:12 (0:03:31 remaining)
1667. Discovered open port 1307/tcp on 189.3.58.120
1668. SYN Stealth Scan Timing: About 81.88% done; ETC: 03:11 (0:02:21 remaining)
1669. SYN Stealth Scan Timing: About 89.42% done; ETC: 03:11 (0:01:19 remaining)
1670. Completed SYN Stealth Scan at 03:10, 705.54s elapsed (65535 total ports)
1671. Initiating Service scan at 03:10
1672. Scanning 12 services on www.glmmg.org.br (189.3.58.120)
1673. Completed Service scan at 03:11, 31.16s elapsed (12 services on 1 host)
1674. Initiating OS detection (try #1) against www.glmmg.org.br (189.3.58.120)
1675. Retrying OS detection (try #2) against www.glmmg.org.br (189.3.58.120)
1676. Initiating Traceroute at 03:11
1677. Completed Traceroute at 03:11, 0.82s elapsed
1678. Initiating Parallel DNS resolution of 12 hosts. at 03:11
1679. Completed Parallel DNS resolution of 12 hosts. at 03:11, 0.31s elapsed
1680. NSE: Script scanning 189.3.58.120.
1681. Initiating NSE at 03:11
1682. ######################################################################################################################################
1683. Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-09 03:11 EDT
1684. NSE: Loaded 47 scripts for scanning.
1685. NSE: Script Pre-scanning.
1686. Initiating NSE at 03:11
1687. Completed NSE at 03:11, 0.00s elapsed
1688. Initiating NSE at 03:11
1689. Completed NSE at 03:11, 0.00s elapsed
1690. Initiating Parallel DNS resolution of 1 host. at 03:11
1691. Completed Parallel DNS resolution of 1 host. at 03:11, 0.03s elapsed
1692. Initiating UDP Scan at 03:11
1693. Scanning www.glmmg.org.br (189.3.58.120) [15 ports]
1694. Completed UDP Scan at 03:11, 6.01s elapsed (15 total ports)
1695. Initiating Service scan at 03:11
1696. Scanning 10 services on www.glmmg.org.br (189.3.58.120)
1697. Service scan Timing: About 10.00% done; ETC: 03:27 (0:14:42 remaining)
1698. Completed Service scan at 03:13, 102.60s elapsed (10 services on 1 host)
1699. Initiating OS detection (try #1) against www.glmmg.org.br (189.3.58.120)
1700. Retrying OS detection (try #2) against www.glmmg.org.br (189.3.58.120)
1701. Initiating Traceroute at 03:13
1702. Completed Traceroute at 03:13, 7.52s elapsed
1703. Initiating Parallel DNS resolution of 1 host. at 03:13
1704. Completed Parallel DNS resolution of 1 host. at 03:13, 0.00s elapsed
1705. NSE: Script scanning 189.3.58.120.
1706. Initiating NSE at 03:13
1707. Completed NSE at 03:13, 7.85s elapsed
1708. Initiating NSE at 03:13
1709. Completed NSE at 03:13, 2.00s elapsed
1710. Nmap scan report for www.glmmg.org.br (189.3.58.120)
1711. Host is up (0.35s latency).
1712. rDNS record for 189.3.58.120: mail.glmmg.org.br
1713.  
1714. PORT STATE SERVICE VERSION
1715. 53/udp closed domain
1716. 67/udp open|filtered dhcps
1717. 68/udp closed dhcpc
1718. 69/udp open|filtered tftp
1719. 88/udp open|filtered kerberos-sec
1720. 123/udp open|filtered ntp
1721. 137/udp filtered netbios-ns
1722. 138/udp filtered netbios-dgm
1723. 139/udp open|filtered netbios-ssn
1724. 161/udp open|filtered snmp
1725. 162/udp open|filtered snmptrap
1726. 389/udp closed ldap
1727. 500/udp open|filtered isakmp
1728. |_ike-version: ERROR: Script execution failed (use -d to debug)
1729. 520/udp open|filtered route
1730. 2049/udp open|filtered nfs
1731. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1732. Aggressive OS guesses: Linux 2.6.18 (92%), Linux 2.6.30 (92%), Linux 2.6.28 (92%), Check Point NGX R65 firewall (IPSO 4.2) (86%), Check Point VPN-1 firewall (IPSO 4.1) (86%), Compaq Tru64 UNIX 5.1 or HP OpenVMS 7.3-2 (86%), Compaq Tru64 UNIX 5.1B or HP OpenVMS 8.2 - 8.3 (86%), DEC OSF/1 V5.1 (86%), HP OpenVMS 6 (86%), HP OpenVMS 7.3-1 (86%)
1733. No exact OS matches for host (test conditions non-ideal).
1734. Network Distance: 17 hops
1735.  
1736. TRACEROUTE (using port 137/udp)
1737. HOP RTT ADDRESS
1738. 1 151.73 ms 10.240.204.1
1739. 2 ... 8
1740. 9 251.74 ms 10.240.204.1
1741. 10 ... 11
1742. 12 303.60 ms 10.240.204.1
1743. 13 303.58 ms 10.240.204.1
1744. 14 303.57 ms 10.240.204.1
1745. 15 303.56 ms 10.240.204.1
1746. 16 303.55 ms 10.240.204.1
1747. 17 303.54 ms 10.240.204.1
1748. 18 ... 21
1749. 22 104.72 ms 10.240.204.1
1750. 23 181.53 ms 10.240.204.1
1751. 24 ... 26
1752. 27 196.65 ms 10.240.204.1
1753. 28 ... 29
1754. 30 169.62 ms 10.240.204.1
1755.  
1756. NSE: Script Post-scanning.
1757. Initiating NSE at 03:13
1758. Completed NSE at 03:13, 0.00s elapsed
1759. Initiating NSE at 03:13
1760. Completed NSE at 03:13, 0.00s elapsed
1761. #######################################################################################################################################
1762.  
1763. Hosts
1764. =====
1765.  
1766. address mac name os_name os_flavor os_sp purpose info comments
1767. ------- --- ---- ------- --------- ----- ------- ---- --------
1768. 189.3.58.120 mail.glmmg.org.br Linux 2.6.X server
1769.  
1770. Services
1771. ========
1772.  
1773. host port proto name state info
1774. ---- ---- ----- ---- ----- ----
1775. 189.3.58.120 53 udp domain closed
1776. 189.3.58.120 67 udp dhcps unknown
1777. 189.3.58.120 68 udp dhcpc closed
1778. 189.3.58.120 69 udp tftp unknown
1779. 189.3.58.120 88 udp kerberos-sec unknown
1780. 189.3.58.120 123 udp ntp unknown
1781. 189.3.58.120 137 udp netbios-ns filtered
1782. 189.3.58.120 138 udp netbios-dgm filtered
1783. 189.3.58.120 139 udp netbios-ssn unknown
1784. 189.3.58.120 161 udp snmp unknown
1785. 189.3.58.120 162 udp snmptrap unknown
1786. 189.3.58.120 389 udp ldap closed
1787. 189.3.58.120 500 udp isakmp unknown
1788. 189.3.58.120 520 udp route unknown
1789. 189.3.58.120 2049 udp nfs unknown
1790. #######################################################################################################################################
1791. Anonymous JTSEC #OpAmazonia Full Recon #21