PoliceWives.org Scanned

1. http://www.policewives.org
2.  
3. WhoIs
4. Created on 05-04-2002
5. Updated on 07-29-2014
6. Expires on 05-04-2015
7.  
8. IP Address 184.171.247.34
9. IP Location United States - Massachusetts - Lexington - Hostatom.net
10. ASN United States AS33182 DIMENOC - HostDime.com, Inc.,US (registered Oct 20, 2004)
11. Domain Status Registered And Active Website
12. Whois History 78 records have been archived since 2003-09-17
13. IP History 9 changes on 7 unique IP addresses over 8 years
14. Hosting History 12 changes on 9 unique name servers over 8 years
15.  
16. Also Admin
17. Registrant ID:c5dd0286ce4be711
18. Registrant Name:Angel Wood
19. Registrant Organization:PoliceWives Inc
20. Registrant Street:607 E 17th
21. Registrant City:Post Falls
22. Registrant State/Province:ID
23. Registrant Postal Code:83854
24. Registrant Country:US
25. Registrant Phone:+1.2085123845
26. Registrant Email:[email protected] [email protected]
27.  
28. Tech ID:5982a10285a
29. Tech Name:Sidney Dyess
30. Tech Organization:
31. Tech Street: 31675 Avants Rd.
32. Tech City:Walker
33. Tech State/Province:LA
34. Tech Postal Code:70785
35. Tech Country:US
36. Tech Phone:+1.2257912464
37. Tech Email: [email protected]
38.  
39. Name Server:NS1.TECHSERVERDNS.COM
40. Name Server:NS2.TECHSERVERDNS.COM
41. Name Server:NS3.TECHSERVERDNS.COM
42. Name Server:NS4.TECHSERVERDNS.COM
43.  
44.  
45. IP Address Reverse Lookup Name Reverse IP Address
46. 184.171.247.34 184-171-247-34.static.dimenoc.com. 34.247.171.184.in-addr.arpa.
47. 198.136.53.47 [ns1.techserverdns.com.] - Possible DNS forwarding issue.
48. 184.171.243.14 [ns3.techserverdns.com.] - Possible DNS forwarding issue.
49. 184.171.247.194 [ns4.techserverdns.com.] - Possible DNS forwarding issue.
50. 198.136.53.48 [ns2.techserverdns.com.] - Possible DNS forwarding issue.
51.  
52. Port 80
53.  
54. California - US - 78
55. Toronto - CA - 176
56. Singapore - SG - 1383
57. Chennai - IN - 1314
58. Johannesburg - ZA - 1306
59.  
60.  
61.  
62. - Nikto v2.1.6
63. ---------------------------------------------------------------------------
64. + Target IP: 184.171.247.34
65. + Target Hostname: www.policewives.org
66. + Target Port: 80
67. + Start Time: 2014-10-14 17:01:27 (GMT-4)
68. ---------------------------------------------------------------------------
69. + Server: Apache
70. + Retrieved x-powered-by header: PHP/5.2.17
71. + The anti-clickjacking X-Frame-Options header is not present.
72. + Root page / redirects to: http://www.policewives.org/new/index.php
73. + OSVDB-637: Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
74. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
75. + /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon.
76. + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
77. + OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
78. + OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
79. + OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
80. + OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
81. + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
82. + OSVDB-3092: /cgi-sys/FormMail-clone.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
83. + OSVDB-3092: /cgi-sys/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
84. + OSVDB-3268: /includes/: Directory indexing found.
85. + OSVDB-3092: /includes/: This might be interesting...
86. + Cookie bb_lastvisit created without the httponly flag
87. + Cookie bb_lastactivity created without the httponly flag
88. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
89. + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
90. + OSVDB-3268: /images/: Directory indexing found.
91. + OSVDB-3268: /images/?pattern=/etc/*&sort=name: Directory indexing found.
92. + Cookie PHPSESSID created without the httponly flag
93. + 8251 requests: 5 error(s) and 22 item(s) reported on remote host
94. + End Time: 2014-10-14 18:54:33 (GMT-4) (6786 seconds)
95. ---------------------------------------------------------------------------
96.  
97.  
98.  
99. SQL Injection
100. Resource: http://www.policewives.org/new/css.php
101. Classification: Input Validation Error
102. Parameters: amp;shee, amp;td, styleid, amp;langid
103. Method: GET
104. Detection Type: Blind Timing Analysis Checks
105.  
106.  
107. Cross Site Scripting
108. Resource: http://www.policewives.org/new/member.php
109. Classification: Input Validation Error
110. Parameters: 1-angelw, 12892-Sherivp, 8511-Hkinservik
111. Method: GET
112. Resource: http://www.policewives.org/new/misc.php
113. Classification: Input Validation Error
114. Parameter: do
115. Method: GET
116. Resource: http://www.policewives.org/new/search.php
117. Classification: Input Validation Error
118. Parameter: do
119. Method: GET
120. Resource: http://www.policewives.org/new/showthread.php
121. Classification: Input Validation Error
122. Parameter: p
123. Method: GET
124.  
125.  
126. Cross-Site Script Include
127. Classification: Environment
128. /new/activity.php
129. /new/blog.php
130. /new/calendar.php
131. /new/credits.php
132. /new/faq.php
133. /new/forms.php
134. /new/forum.php
135. /new/forumdisplay.php
136. /new/list.php
137. /new/login.php
138. /new/member.php
139. /new/misc.php
140. /new/newreply.php
141. /new/online.php
142. /new/portal.php
143. /new/printthread.php
144. /new/private.php
145. /new/profile.php
146. /new/register.php
147. /new/search.php
148. /new/sendmessage.php
149. /new/showgroups.php
150. /new/showthread.php
151. /new/subscription.php
152. /new/usercp.php
153. /new/usertag.php
154. /new/vbdonate.php
155.  
156.  
157. Cleartext Password over HTTP
158. Classification: Environment
159. /new/activity.php
160. /new/blog.php
161. /new/calendar.php
162. /new/credits.php
163. /new/faq.php
164. /new/forms.php
165. /new/forum.php
166. /new/forumdisplay.php
167. /new/list.php
168. /new/login.php
169. /new/member.php
170. /new/misc.php
171. /new/newreply.php
172. /new/online.php
173. /new/portal.php
174. /new/printthread.php
175. /new/private.php
176. /new/profile.php
177. /new/register.php
178. /new/search.php
179. /new/sendmessage.php
180. /new/showgroups.php
181. /new/showthread.php
182. /new/subscription.php
183. /new/usercp.php
184. /new/usertag.php
185. /new/vbdonate.php
186.  
187.  
188. Session Cookie Without Secure Flag
189. Resource: http://www.policewives.org/new/
190. Classification: Information
191.  
192.  
193. Possible Social Security Number Detected
194. 271733879; 271733878; 680876936; 389564586; 606105819; 176418897
195. 165796510; 643717713; 373897302; 701558691; 660478335; 405537848
196. 568446438; 187363961; 155497632; 681279174; 358537222; 722521979
197. 640364487; 421815835; 530742520; 198630844; 145523070; 718787259
198. 343485551