API tools faq
paste
Advertisement
Guest User

Anonymous #OpIsrael JTSEC Full Recon #4 2018

a guest
May 13th, 2018
672
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.34 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname www.space.gov.il ISP Tehila Project - Prime Minister Office's
  3. Continent Asia Flag
  4. IL
  5. Country Israel Country Code IL
  6. Region Unknown Local time 13 May 2018 22:29 IDT
  7. City Unknown Postal Code Unknown
  8. IP Address 147.237.1.168 Latitude 31.5
  9. Longitude 34.75
  10. #######################################################################################################################################
  11. ** server can't find A: NXDOMAIN
  12. > space.gov.il
  13. Server: 10.211.254.254
  14. Address: 10.211.254.254#53
  15.  
  16. Non-authoritative answer:
  17. Name: space.gov.il
  18. Address: 147.237.1.168
  19. #######################################################################################################################################
  20. HostIP:147.237.1.168
  21. HostName:space.gov.il
  22.  
  23. Gathered Inet-whois information for 147.237.1.168
  24. ---------------------------------------------------------------------------------------------------------------------------------------
  25.  
  26.  
  27. inetnum: 147.237.0.0 - 147.237.255.255
  28. netname: IL-GOVT-NET
  29. descr: Israeli Government Network
  30. country: IL
  31. admin-c: AT979-RIPE
  32. tech-c: TT441-RIPE
  33. status: LEGACY
  34. remarks: For information on "status:" attribute read https://www.ripe.net/data-tools/db/faq/faq-status-values-legacy-resources
  35. mnt-by: GOV-IL-DNS
  36. mnt-lower: GOV-IL-DNS
  37. mnt-routes: AS8867-MNT ANY
  38. mnt-routes: AS9116-MNT { 147.237.232.0/24^24-24 }
  39. created: 1970-01-01T00:00:00Z
  40. last-modified: 2015-05-05T01:38:51Z
  41. source: RIPE # Filtered
  42.  
  43. person: Admin Tehila
  44. address: Israel Ministry Of Finance
  45. address: 1 Netanel Lorech st
  46. address: Jerusalem Israel
  47. phone: +972 2 6664666
  48. fax-no: +972 2 6664650
  49. remarks: For ABUSE and security issues please contact
  50. remarks: email: abuse@tehila.gov.il
  51. remarks: or contact CERT.gov.il at report@CERT.gov.il
  52. nic-hdl: AT979-RIPE
  53. created: 2002-06-02T08:31:21Z
  54. last-modified: 2016-04-06T03:26:29Z
  55. mnt-by: RIPE-NCC-LOCKED-MNT
  56. source: RIPE # Filtered
  57.  
  58. person: Tech Tehila
  59. address: Israeli Ministry of Finance
  60. address: 1 Netanel Lorech st. , Jerusalem 91008, Israel
  61. phone: +972 2 6664666
  62. fax-no: +972 2 6664650
  63. remarks: For ABUSE and security issues please contact
  64. remarks: email: abuse@tehila.gov.il
  65. remarks: or contact CERT.gov.il at report@CERT.gov.il
  66. nic-hdl: TT441-RIPE
  67. created: 2002-06-02T08:31:22Z
  68. last-modified: 2016-04-06T03:26:28Z
  69. mnt-by: RIPE-NCC-LOCKED-MNT
  70. source: RIPE # Filtered
  71.  
  72. % Information related to '147.237.0.0/16AS8867'
  73.  
  74. route: 147.237.0.0/16
  75. descr: IL-GOVT-BLOCK
  76. origin: AS8867
  77. mnt-by: AS8867-MNT
  78. mnt-routes: AS8867-MNT ANY
  79. mnt-routes: AS9116-MNT { 147.237.232.0/24^24-24 }
  80. created: 1970-01-01T00:00:00Z
  81. last-modified: 2013-05-29T13:30:11Z
  82. source: RIPE
  83.  
  84. % This query was served by the RIPE Database Query Service version 1.91.2 (WAGYU)
  85.  
  86.  
  87.  
  88. Gathered Inic-whois information for space.gov.il
  89. ---------------------------------------------------------------------------------------------------------------------------------------
  90. ERROR: Unable to locate Name Whois data on space.gov.il
  91.  
  92. Gathered Netcraft information for space.gov.il
  93. ---------------------------------------------------------------------------------------------------------------------------------------
  94.  
  95. Retrieving Netcraft.com information for space.gov.il
  96. Netcraft.com Information gathered
  97.  
  98. Gathered Subdomain information for space.gov.il
  99. ---------------------------------------------------------------------------------------------------------------------------------------
  100. Searching Google.com:80...
  101. HostName:www.space.gov.il
  102. HostIP:147.237.1.168
  103. Searching Altavista.com:80...
  104. Found 1 possible subdomain(s) for host space.gov.il, Searched 0 pages containing 0 results
  105.  
  106. Gathered E-Mail information for space.gov.il
  107. ---------------------------------------------------------------------------------------------------------------------------------------
  108. Searching Google.com:80...
  109. Searching Altavista.com:80...
  110. Found 0 E-Mail(s) for host space.gov.il, Searched 0 pages containing 0 results
  111.  
  112. Gathered TCP Port information for 147.237.1.168
  113. ---------------------------------------------------------------------------------------------------------------------------------------
  114.  
  115. Port State
  116.  
  117.  
  118. Portscan Finished: Scanned 150 ports, 0 ports were in state closed
  119.  
  120. #######################################################################################################################################
  121. [i] Scanning Site: http://space.gov.il
  122.  
  123.  
  124.  
  125. B A S I C I N F O
  126. =======================================================================================================================================
  127.  
  128.  
  129. [+] Site Title: סוכנות החלל הישראלית - עמוד הבית
  130. [+] IP address: 147.237.1.168
  131. [+] Web Server: Apache
  132. [+] CMS: Drupal
  133. [+] Cloudflare: Not Detected
  134. [+] Robots File: Could NOT Find robots.txt!
  135.  
  136.  
  137.  
  138.  
  139. W H O I S L O O K U P
  140. =======================================================================================================================================
  141.  
  142.  
  143. % The data in the WHOIS database of the .il registry is provided
  144. % by ISOC-IL for information purposes, and to assist persons in
  145. % obtaining information about or related to a domain name
  146. % registration record. ISOC-IL does not guarantee its accuracy.
  147. % By submitting a WHOIS query, you agree that you will use this
  148. % Data only for lawful purposes and that, under no circumstances
  149. % will you use this Data to: (1) allow, enable, or otherwise
  150. % support the transmission of mass unsolicited, commercial
  151. % advertising or solicitations via e-mail (spam);
  152. % or (2) enable high volume, automated, electronic processes that
  153. % apply to ISOC-IL (or its systems).
  154. % ISOC-IL reserves the right to modify these terms at any time.
  155. % By submitting this query, you agree to abide by this policy.
  156.  
  157. % No data was found to match the request criteria.
  158.  
  159.  
  160. % Rights to the data above are restricted by copyright.
  161.  
  162.  
  163.  
  164.  
  165. G E O I P L O O K U P
  166. =======================================================================================================================================
  167.  
  168. [i] IP Address: 147.237.1.168
  169. [i] Country: IL
  170. [i] State: N/A
  171. [i] City: N/A
  172. [i] Latitude: 31.500000
  173. [i] Longitude: 34.750000
  174.  
  175.  
  176.  
  177.  
  178. H T T P H E A D E R S
  179. =======================================================================================================================================
  180.  
  181.  
  182. [i] HTTP/1.1 301 Moved Permanently
  183. [i] Date: Sun, 13 May 2018 19:34:52 GMT
  184. [i] Server: Apache
  185. [i] X-Content-Type-Options: nosniff
  186. [i] Location: http://www.space.gov.il/
  187. [i] Cache-Control: max-age=1209600
  188. [i] Expires: Sun, 27 May 2018 19:34:52 GMT
  189. [i] Vary: Accept-Encoding
  190. [i] Content-Length: 232
  191. [i] Connection: close
  192. [i] Content-Type: text/html; charset=iso-8859-1
  193. [i] HTTP/1.1 200 OK
  194. [i] Date: Sun, 13 May 2018 19:34:53 GMT
  195. [i] Server: Apache
  196. [i] X-Content-Type-Options: nosniff
  197. [i] Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
  198. [i] X-Content-Type-Options: nosniff
  199. [i] Content-Language: he
  200. [i] X-Frame-Options: SAMEORIGIN
  201. [i] Vary: Accept-Encoding,User-Agent
  202. [i] Connection: keep-alive, close
  203. [i] X-XSS-Protection: 1; mode=block
  204. [i] Pragma: no-cache
  205. [i] Content-Type: text/html; charset=utf-8
  206.  
  207.  
  208.  
  209.  
  210. D N S L O O K U P
  211. =======================================================================================================================================
  212.  
  213. ;; Truncated, retrying in TCP mode.
  214. space.gov.il. 600 IN A 147.237.1.168
  215.  
  216.  
  217.  
  218.  
  219. S U B N E T C A L C U L A T I O N
  220. =======================================================================================================================================
  221.  
  222. Address = 147.237.1.168
  223. Network = 147.237.1.168 / 32
  224. Netmask = 255.255.255.255
  225. Broadcast = not needed on Point-to-Point links
  226. Wildcard Mask = 0.0.0.0
  227. Hosts Bits = 0
  228. Max. Hosts = 1 (2^0 - 0)
  229. Host Range = { 147.237.1.168 - 147.237.1.168 }
  230.  
  231.  
  232.  
  233. N M A P P O R T S C A N
  234. =======================================================================================================================================
  235.  
  236.  
  237. Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-13 19:34 UTC
  238. Nmap scan report for space.gov.il (147.237.1.168)
  239. Host is up (0.15s latency).
  240. PORT STATE SERVICE VERSION
  241. 21/tcp filtered ftp
  242. 22/tcp filtered ssh
  243. 23/tcp filtered telnet
  244. 25/tcp filtered smtp
  245. 80/tcp open http?
  246. 110/tcp filtered pop3
  247. 143/tcp filtered imap
  248. 443/tcp filtered https
  249. 445/tcp filtered microsoft-ds
  250. 3389/tcp filtered ms-wbt-server
  251.  
  252.  
  253.  
  254. S U B - D O M A I N F I N D E R
  255. =======================================================================================================================================
  256.  
  257.  
  258. [i] Total Subdomains Found : 2
  259.  
  260. [+] Subdomain: www.space.gov.il
  261. [-] IP: 147.237.1.168
  262.  
  263. [+] Subdomain: acssesability.space.gov.il
  264. [-] IP: 147.237.1.168
  265. #######################################################################################################################################
  266. [!] IP Address : 147.237.1.168
  267. [!] Server: Apache
  268. [!] CMS Detected : Drupal
  269. [+] Honeypot Probabilty: 0%
  270. ---------------------------------------------------------------------------------------------------------------------------------------
  271. [~] Trying to gather whois information for www.space.gov.il
  272. [+] Whois information found
  273. [-] Unable to build response, visit https://who.is/whois/www.space.gov.il
  274. ---------------------------------------------------------------------------------------------------------------------------------------
  275. PORT STATE SERVICE VERSION
  276. 21/tcp filtered ftp
  277. 22/tcp filtered ssh
  278. 23/tcp filtered telnet
  279. 25/tcp filtered smtp
  280. 80/tcp open http?
  281. 110/tcp filtered pop3
  282. 143/tcp filtered imap
  283. 443/tcp filtered https
  284. 445/tcp filtered microsoft-ds
  285. 3389/tcp filtered ms-wbt-server
  286.  
  287. [+] DNS Records
  288.  
  289. [+] Host Records (A)
  290. www.space.gov.il (147.237.1.168) AS8867 Tehila Project - Prime Minister Office's Israel
  291.  
  292. [+] TXT Records
  293.  
  294. [+] DNS Map: https://dnsdumpster.com/static/map/space.gov.il.png
  295.  
  296. [>] Initiating 3 intel modules
  297. [>] Loading Alpha module (1/3)
  298. [>] Beta module deployed (2/3)
  299. [>] Gamma module initiated (3/3)
  300.  
  301.  
  302. [+] Emails found:
  303. ---------------------------------------------------------------------------------------------------------------------------------------
  304. pixel-1526240121345206-web-@www.space.gov.il
  305. pixel-1526240124546864-web-@www.space.gov.il
  306. No hosts found
  307. [+] Virtual hosts:
  308. ---------------------------------------------------------------------------------------------------------------------------------------
  309. [~] Crawling the target for fuzzable URLs
  310. [+] Found 1 fuzzable URLs
  311. http://www.space.gov.il///node/13?page=1
  312. [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
  313. #######################################################################################################################################
  314. Original* space.gov.il 147.237.1.168
  315. ######################################################################################################################################
  316. Ip Address Status Type Domain Name Server
  317. ---------- ------ ---- ----------- ------
  318. 147.237.9.56 host e.space.gov.il
  319. 147.237.9.57 host et.space.gov.il
  320. 82.102.134.205 host isa.space.gov.il
  321. 147.237.1.168 200 host www.space.gov.il Apache
  322. #######################################################################################################################################
  323. [*] Performing General Enumeration of Domain: space.gov.il
  324. [-] DNSSEC is not configured for space.gov.il
  325. [*] SOA dns.gov.il 147.237.71.1
  326. [-] Could not Resolve NS Records for space.gov.il
  327. [-] Could not Resolve MX Records for space.gov.il
  328. [*] A space.gov.il 147.237.1.168
  329. [*] Enumerating SRV Records
  330. [-] No SRV Records Found for space.gov.il
  331. #######################################################################################################################################
  332. [*] Processing domain space.gov.il
  333. [+] Getting nameservers
  334. [-] Getting nameservers failed
  335. [-] Zone transfer failed
  336. [*] Scanning space.gov.il for A records
  337. 147.237.1.168 - space.gov.il
  338. 147.237.9.56 - e.space.gov.il
  339. 82.102.134.205 - isa.space.gov.il
  340. 147.237.1.169 - test.space.gov.il
  341. 147.237.1.168 - www.space.gov.il
  342. #######################################################################################################################################
  343. [+] searching (sub)domains for space.gov.il using built-in wordlist
  344. [+] using maximum random delay of 10 millisecond(s) between requests
  345.  
  346. e.space.gov.il
  347. IP address #1: 147.237.9.56
  348.  
  349. et.space.gov.il
  350. IP address #1: 147.237.9.57
  351.  
  352. isa.space.gov.il
  353. IP address #1: 82.102.134.205
  354.  
  355. test.space.gov.il
  356. IP address #1: 147.237.1.169
  357.  
  358. www.space.gov.il
  359. IP address #1: 147.237.1.168
  360.  
  361. #######################################################################################################################################
  362. ; <<>> DiG 9.11.3-1-Debian <<>> space.gov.il +dnssec
  363. ;; global options: +cmd
  364. ;; Got answer:
  365. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35480
  366. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  367. ;; OPT PSEUDOSECTION:
  368. ; EDNS: version: 0, flags: do; udp: 512
  369. ;; QUESTION SECTION:
  370. ;space.gov.il. IN A
  371. ;; ANSWER SECTION:
  372. space.gov.il. 600 IN A 147.237.1.168
  373. ;; Query time: 359 msec
  374. ;; SERVER: 10.211.254.254#53(10.211.254.254)
  375. ;; WHEN: Sun May 13 18:10:49 EDT 2018
  376. ;; MSG SIZE rcvd: 57
  377. #######################################################################################################################################
  378. Anonymous #OpIsrael JTSEC Full Recon #4 2018
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!