· 6 years ago · Jun 22, 2019, 07:42 AM
1######################################################################################################################################
2=======================================================================================================================================
3Hostname www.envkh.gov.sd ISP NICDC
4Continent Africa Flag
5SD
6Country Sudan Country Code SD
7Region Unknown Local time 22 Jun 2019 04:49 CAT
8City Unknown Postal Code Unknown
9IP Address 62.12.105.2 Latitude 15
10 Longitude 30
11=======================================================================================================================================
12#######################################################################################################################################
13> www.envkh.gov.sd
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: www.envkh.gov.sd
19Address: 62.12.105.2
20>
21#######################################################################################################################################
22[+] Target : www.envkh.gov.sd
23
24[+] IP Address : 62.12.105.2
25
26[+] Headers :
27
28[+] Server : nginx
29[+] Date : Sat, 22 Jun 2019 01:58:18 GMT
30[+] Content-Type : text/html
31[+] Transfer-Encoding : chunked
32[+] Connection : keep-alive
33[+] X-Powered-By : PHP/5.4.16, PleskLin
34
35[+] SSL Certificate Information :
36
37[+] countryName : US
38[+] stateOrProvinceName : Washington
39[+] localityName : Seattle
40[+] organizationName : Odin
41[+] organizationalUnitName : Plesk
42[+] commonName : Plesk
43[+] emailAddress : info@plesk.com
44[+] countryName : US
45[+] stateOrProvinceName : Washington
46[+] localityName : Seattle
47[+] organizationName : Odin
48[+] organizationalUnitName : Plesk
49[+] commonName : Plesk
50[+] emailAddress : info@plesk.com
51[+] Version : 1
52[+] Serial Number : 5716EC1B
53[+] Not Before : Apr 20 02:40:27 2016 GMT
54[+] Not After : Apr 20 02:40:27 2017 GMT
55
56[+] Whois Lookup :
57
58[+] NIR : None
59[+] ASN Registry : afrinic
60[+] ASN : 327881
61[+] ASN CIDR : 62.12.105.0/24
62[+] ASN Country Code : SD
63[+] ASN Date : 2015-05-11
64[+] ASN Description : NICDC, SD
65[+] cidr : 62.12.105.0/24
66[+] name : ORG-MoTa1-AFRINIC
67[+] handle : IAEI1-AFRINIC
68[+] range : 62.12.105.0 - 62.12.105.255
69[+] description : National Information Center (NIC)
70[+] country : SD
71[+] state : None
72[+] city : None
73[+] address : National Information Center (NIC)
74[+] postal_code : None
75[+] emails : None
76[+] created : None
77[+] updated : None
78
79[+] Crawling Target...
80
81[+] Looking for robots.txt........[ Not Found ]
82[+] Looking for sitemap.xml.......[ Not Found ]
83[+] Extracting CSS Links..........[ 13 ]
84[+] Extracting Javascript Links...[ 12 ]
85[+] Extracting Internal Links.....[ 0 ]
86[+] Extracting External Links.....[ 5 ]
87[+] Extracting Images.............[ 44 ]
88
89[+] Total Links Extracted : 74
90
91[+] Dumping Links in /opt/FinalRecon/dumps/www.envkh.gov.sd.dump
92[+] Completed!
93#######################################################################################################################################
94[+] Starting At 2019-06-21 22:55:48.437362
95[+] Collecting Information On: www.envkh.gov.sd
96[#] Status: 403
97---------------------------------------------------------------------------------------------------------------------------------------
98[#] Web Server Detected: nginx
99[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
100- Server: nginx
101- Date: Sat, 22 Jun 2019 01:58:21 GMT
102- Content-Type: text/html
103- Content-Length: 4897
104- Connection: keep-alive
105- Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
106- ETag: "1321-5058a1e728280"
107- Accept-Ranges: bytes
108---------------------------------------------------------------------------------------------------------------------------------------
109[#] Finding Location..!
110[#] as: AS327881 National Information Center (NIC)
111[#] city: Khartoum
112[#] country: Sudan
113[#] countryCode: SD
114[#] isp: National Information Center
115[#] lat: 15.5007
116[#] lon: 32.5599
117[#] org: ORG MoTa1 AFRINIC
118[#] query: 62.12.105.2
119[#] region: KH
120[#] regionName: Khartoum
121[#] status: success
122[#] timezone: Africa/Khartoum
123[#] zip:
124---------------------------------------------------------------------------------------------------------------------------------------
125[x] Didn't Detect WAF Presence on: https://www.envkh.gov.sd/
126---------------------------------------------------------------------------------------------------------------------------------------
127[#] Starting Reverse DNS
128[!] Found 22 any Domain
129- agricmi.gov.sd
130- cpd.gov.sd
131- eastgezira.gov.sd
132- envkh.gov.sd
133- fdrf.gov.sd
134- gras.gov.sd
135- health.gov.sd
136- kassalamoe.gov.sd
137- mocit.gov.sd
138- mohgs.gov.sd
139- nbtc.gov.sd
140- nccw.gov.sd
141- ncr.gov.sd
142- nileuniversity.edu.sd
143- rivernilestate.gov.sd
144- rnspolice.gov.sd
145- sloc.gov.sd
146- sudan.gov.sd
147- unionkhr.sd
148- wgpolice.gov.sd
149- www.moi.gov.sd
150- www.sudan.gov.sd
151---------------------------------------------------------------------------------------------------------------------------------------
152[!] Scanning Open Port
153[#] 21/tcp open ftp
154[#] 80/tcp open http
155[#] 110/tcp open pop3
156[#] 143/tcp open imap
157[#] 443/tcp open https
158[#] 993/tcp open imaps
159[#] 995/tcp open pop3s
160[#] 8443/tcp open https-alt
161---------------------------------------------------------------------------------------------------------------------------------------
162[+] Collecting Information Disclosure!
163#######################################################################################################################################
164[i] Scanning Site: http://www.envkh.gov.sd
165
166
167
168B A S I C I N F O
169====================
170
171
172[+] Site Title: المجلس الأعلى للبيئة-ولاية الخرطوم
173[+] IP address: 62.12.105.2
174[+] Web Server: nginx
175[+] CMS: Could Not Detect
176[+] Cloudflare: Not Detected
177[+] Robots File: Could NOT Find robots.txt!
178#######################################################################################################################################
179
180
181G E O I P L O O K U P
182=========================
183
184[i] IP Address: 62.12.105.2
185[i] Country: Sudan
186[i] State:
187[i] City:
188[i] Latitude: 15.0
189[i] Longitude: 30.0
190#######################################################################################################################################
191
192
193
194H T T P H E A D E R S
195=======================
196
197
198[i] HTTP/1.1 200 OK
199[i] Server: nginx
200[i] Date: Sat, 22 Jun 2019 01:58:23 GMT
201[i] Content-Type: text/html
202[i] Connection: close
203[i] X-Powered-By: PHP/5.4.16
204[i] X-Powered-By: PleskLin
205#######################################################################################################################################
206
207
208
209D N S L O O K U P
210===================
211
212envkh.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092700 10800 900 604800 86400
213envkh.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
214envkh.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
215envkh.gov.sd. 21599 IN A 62.12.105.2
216envkh.gov.sd. 21599 IN MX 10 f03-web02.nic.gov.sd.
217envkh.gov.sd. 21599 IN TXT "v=spf1 mx -all"
218#######################################################################################################################################
219
220
221
222S U B N E T C A L C U L A T I O N
223====================================
224
225Address = 62.12.105.2
226Network = 62.12.105.2 / 32
227Netmask = 255.255.255.255
228Broadcast = not needed on Point-to-Point links
229Wildcard Mask = 0.0.0.0
230Hosts Bits = 0
231Max. Hosts = 1 (2^0 - 0)
232Host Range = { 62.12.105.2 - 62.12.105.2 }
233#######################################################################################################################################
234
235
236N M A P P O R T S C A N
237============================
238
239Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 02:55 UTC
240Nmap scan report for envkh.gov.sd (62.12.105.2)
241Host is up (0.20s latency).
242rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
243
244PORT STATE SERVICE
24521/tcp open ftp
24622/tcp filtered ssh
24723/tcp filtered telnet
24880/tcp open http
249110/tcp open pop3
250143/tcp open imap
251443/tcp open https
2523389/tcp filtered ms-wbt-server
253
254Nmap done: 1 IP address (1 host up) scanned in 4.14 seconds
255#######################################################################################################################################
256Enter Address Website = envkh.gov.sd
257
258
259Reversing IP With HackTarget 'envkh.gov.sd'
260----------------------------------------------
261
262[+] dalil.sd
263[+] f03-web02.nic.gov.sd
264[+] gras.gov.sd
265[+] hasahisa.gov.sd
266[+] maadin.gov.sd
267[+] mail.gras.gov.sd
268[+] mail.his.gov.sd
269[+] mail.moekh.gov.sd
270[+] mail.nahralnileinvest.gov.sd
271[+] mail.nileuniversity.edu.sd
272[+] mail.ocewc.gov.sd
273[+] mail.sas.edu.sd
274[+] mail.snapcw.gov.sd
275[+] mail.sudan.gov.sd
276[+] mocit.gov.sd
277[+] napo.gov.sd
278[+] nbtc.gov.sd
279[+] ndcc.gov.sd
280[+] nileuniversity.edu.sd
281[+] redseastate.gov.sd
282[+] rivernilestate.gov.sd
283[+] rnspolice.gov.sd
284[+] sas.edu.sd
285[+] sloc.gov.sd
286[+] sudan.gov.sd
287[+] webmail.mic.gov.sd
288[+] www.gazirastate.gov.sd
289[+] www.gisc.gov.sd
290[+] www.kassalamoe.gov.sd
291[+] www.ksp.gov.sd
292[+] www.moi.gov.sd
293[+] www.nccw.gov.sd
294[+] www.ndcc.gov.sd
295[+] www.nileuniversity.edu.sd
296[+] www.nswtoa.gov.sd
297[+] www.redseastate.gov.sd
298[+] www.rivernilestate.gov.sd
299[+] www.scvta.gov.sd
300[+] www.sloc.gov.sd
301[+] www.wrc.org.sd
302#######################################################################################################################################
303
304Reverse IP With YouGetSignal 'envkh.gov.sd'
305----------------------------------------------
306
307[*] IP: 62.12.105.2
308[*] Domain: envkh.gov.sd
309[*] Total Domains: 22
310
311[+] agricmi.gov.sd
312[+] cpd.gov.sd
313[+] eastgezira.gov.sd
314[+] envkh.gov.sd
315[+] fdrf.gov.sd
316[+] gras.gov.sd
317[+] health.gov.sd
318[+] kassalamoe.gov.sd
319[+] mocit.gov.sd
320[+] mohgs.gov.sd
321[+] nbtc.gov.sd
322[+] nccw.gov.sd
323[+] ncr.gov.sd
324[+] nileuniversity.edu.sd
325[+] rivernilestate.gov.sd
326[+] rnspolice.gov.sd
327[+] sloc.gov.sd
328[+] sudan.gov.sd
329[+] unionkhr.sd
330[+] wgpolice.gov.sd
331[+] www.moi.gov.sd
332[+] www.sudan.gov.sd
333#######################################################################################################################################
334
335Geo IP Lookup 'envkh.gov.sd'
336-------------------------------
337
338[+] IP Address: 62.12.105.2
339[+] Country: Sudan
340[+] State:
341[+] City:
342[+] Latitude: 15.0
343[+] Longitude: 30.0
344#######################################################################################################################################
345
346Bypass Cloudflare 'envkh.gov.sd'
347-----------------------------------
348
349[!] CloudFlare Bypass 62.12.105.2 | webmail.envkh.gov.sd
350[!] CloudFlare Bypass 62.12.105.2 | mail.envkh.gov.sd
351[!] CloudFlare Bypass 62.12.105.2 | www.envkh.gov.sd
352#######################################################################################################################################
353
354DNS Lookup 'envkh.gov.sd'
355----------------------------
356
357[+] envkh.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092700 10800 900 604800 86400
358[+] envkh.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
359[+] envkh.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
360[+] envkh.gov.sd. 21599 IN A 62.12.105.2
361[+] envkh.gov.sd. 21599 IN MX 10 f03-web02.nic.gov.sd.
362[+] envkh.gov.sd. 21599 IN TXT "v=spf1 mx -all"
363#######################################################################################################################################
364
365
366Show HTTP Header 'envkh.gov.sd'
367----------------------------------
368
369[+] HTTP/1.1 301 Moved Permanently
370[+] Server: nginx
371[+] Date: Sat, 22 Jun 2019 01:58:38 GMT
372[+] Content-Type: text/html
373[+] Content-Length: 178
374[+] Connection: keep-alive
375[+] Location: http://www.envkh.gov.sd/
376[+] X-Powered-By: PleskLin
377#######################################################################################################################################
378
379Port Scan 'envkh.gov.sd'
380---------------------------
381
382Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 02:56 UTC
383Nmap scan report for envkh.gov.sd (62.12.105.2)
384Host is up (0.20s latency).
385rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
386
387PORT STATE SERVICE
38821/tcp open ftp
38922/tcp filtered ssh
39023/tcp filtered telnet
39180/tcp open http
392110/tcp open pop3
393143/tcp open imap
394443/tcp open https
3953389/tcp filtered ms-wbt-server
396
397Nmap done: 1 IP address (1 host up) scanned in 2.03 seconds
398#######################################################################################################################################
399
400Traceroute 'envkh.gov.sd'
401----------------------------
402
403Start: 2019-06-22T02:56:46+0000
404HOST: web01 Loss% Snt Last Avg Best Wrst StDev
405 1.|-- 45.79.12.201 0.0% 3 0.6 0.8 0.6 1.0 0.2
406 2.|-- 45.79.12.0 0.0% 3 3.5 1.5 0.5 3.5 1.7
407 3.|-- ix-et-5-1-2-0.tcore1.dt8-dallas.as6453.net 0.0% 3 1.1 1.1 1.1 1.2 0.1
408 4.|-- if-ae-2-2.tcore2.dt8-dallas.as6453.net 0.0% 3 146.2 146.1 146.0 146.2 0.1
409 5.|-- if-ae-34-2.tcore1.lvw-los-angeles.as6453.net 0.0% 3 141.5 140.3 139.4 141.5 1.1
410 6.|-- if-ae-2-2.tcore2.lvw-los-angeles.as6453.net 0.0% 3 133.3 133.1 132.9 133.3 0.2
411 7.|-- if-et-53-2.hcore2.kv8-chiba.as6453.net 0.0% 3 144.3 145.9 143.9 149.6 3.1
412 8.|-- if-ae-24-2.tcore2.tv2-tokyo.as6453.net 0.0% 3 145.2 145.1 145.0 145.2 0.1
413 9.|-- 180.87.181.34 0.0% 3 138.9 138.9 138.9 139.0 0.1
414 10.|-- ae0.0.pjr02.wad001.flagtel.com 0.0% 3 288.5 288.9 288.5 289.3 0.4
415 11.|-- ge-0-3-0.0.pjr02.hkg005.flagtel.com 0.0% 3 289.0 289.9 289.0 290.8 0.9
416 12.|-- so-3-0-0.0.pjr02.mmb004.flagtel.com 0.0% 3 290.8 290.3 289.1 290.8 1.0
417 13.|-- xe-8-3-0.0.pjr04.mmb004.flagtel.com 0.0% 3 266.2 265.0 264.3 266.2 1.0
418 14.|-- xe-11-0-1.0.pjr04.dxb001.flagtel.com 0.0% 3 290.3 289.4 288.7 290.3 0.9
419 15.|-- 80.77.2.42 0.0% 3 263.1 263.8 263.1 265.0 1.1
420 16.|-- 196.29.177.113 0.0% 3 267.4 267.4 267.4 267.4 0.0
421 17.|-- 197.254.196.62 0.0% 3 270.9 270.9 270.8 270.9 0.0
422 18.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
423#######################################################################################################################################
424Trying "envkh.gov.sd"
425;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37939
426;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 2
427
428;; QUESTION SECTION:
429;envkh.gov.sd. IN ANY
430
431;; ANSWER SECTION:
432envkh.gov.sd. 86400 IN TXT "v=spf1 mx -all"
433envkh.gov.sd. 86400 IN MX 10 f03-web02.nic.gov.sd.
434envkh.gov.sd. 86400 IN A 62.12.105.2
435envkh.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092700 10800 900 604800 86400
436envkh.gov.sd. 14399 IN NS ns1.ndc.gov.sd.
437envkh.gov.sd. 14399 IN NS ns0.ndc.gov.sd.
438
439;; AUTHORITY SECTION:
440envkh.gov.sd. 14399 IN NS ns0.ndc.gov.sd.
441envkh.gov.sd. 14399 IN NS ns1.ndc.gov.sd.
442
443;; ADDITIONAL SECTION:
444ns1.ndc.gov.sd. 13603 IN A 62.12.109.3
445ns0.ndc.gov.sd. 13603 IN A 62.12.109.2
446
447Received 247 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 581 ms
448#######################################################################################################################################
449; <<>> DiG 9.11.5-P4-5-Debian <<>> +trace envkh.gov.sd
450;; global options: +cmd
451. 81638 IN NS k.root-servers.net.
452. 81638 IN NS b.root-servers.net.
453. 81638 IN NS j.root-servers.net.
454. 81638 IN NS m.root-servers.net.
455. 81638 IN NS e.root-servers.net.
456. 81638 IN NS l.root-servers.net.
457. 81638 IN NS a.root-servers.net.
458. 81638 IN NS h.root-servers.net.
459. 81638 IN NS d.root-servers.net.
460. 81638 IN NS f.root-servers.net.
461. 81638 IN NS g.root-servers.net.
462. 81638 IN NS i.root-servers.net.
463. 81638 IN NS c.root-servers.net.
464. 81638 IN RRSIG NS 8 0 518400 20190705000000 20190621230000 25266 . sDEH2B9p4yKShBeyALg9Jb4DfI77cKCvaXksEL+milsHKA46AJH6QALd g1nSc9glOywir4816F6RKqWVUssV5Q5G2foJOYDp9N9LNocKPH31tVNQ qcbfFXvk8lAZ0Hx6rETr+Y0c2iYsGXUxz7/36wTe+c5rR2OwWa52OIdm Gu6V1HWOZHN+d45OE0qoeji/d2M8buXQuNvaLARMOkrpHw8QUNDTUCNf y6SQ1vVtgBijtfhli54a1I56O6irb0MN5rdLZafjJFmTCMO6jdjupmuo YRcnERHkJkgzj8SnzeOz4vMq2x5XiiHvQn+Wvrkf9usf3uoHXi2a+1uC ntqaZQ==
465;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 222 ms
466
467sd. 172800 IN NS ans1.sis.sd.
468sd. 172800 IN NS ns2.uaenic.ae.
469sd. 172800 IN NS ans1.canar.sd.
470sd. 172800 IN NS sd.cctld.authdns.ripe.net.
471sd. 172800 IN NS ns1.uaenic.ae.
472sd. 172800 IN NS ans2.canar.sd.
473sd. 172800 IN NS ns-sd.afrinic.net.
474sd. 86400 IN NSEC se. NS RRSIG NSEC
475sd. 86400 IN RRSIG NSEC 8 1 86400 20190705000000 20190621230000 25266 . IaJ1XAa5cVwsnI2fKYljvwe7xLzXI9nTeixs447PJEjnlY7pc2tvM1NC AftNv2yZVyOpegW3ATnWPN35z7ysp6EywfPDwvqn1YTISrB7Z2kfhZbm ds76aeqmX/ndbHThwVzCMhT59+0t9kdJK3CL4o/AYKtLJvhARHRW0U9Q ckBrQsKiPzINomAOVe0Cvv0/nBD5uCKGoadSuxfhebyqVFF/asB7lo77 o9YLjs1PuZXg7Ytwn+7hQCao67vFRNqf88IkZAgmaa8wsXkGCBGm2PCn L9ZQS1awDtOLynuMF2AJWF3jSJaRi7jbxHbit+L9zy49Qls0XE6+i7j7 8q5iSw==
476;; Received 699 bytes from 2001:dc3::35#53(m.root-servers.net) in 93 ms
477
478envkh.gov.sd. 14400 IN NS ns1.ndc.gov.sd.
479envkh.gov.sd. 14400 IN NS ns0.ndc.gov.sd.
480;; Received 113 bytes from 196.29.166.134#53(ans1.sis.sd) in 302 ms
481
482envkh.gov.sd. 86400 IN A 62.12.105.2
483envkh.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
484envkh.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
485;; Received 129 bytes from 62.12.109.2#53(ns0.ndc.gov.sd) in 362 ms
486#######################################################################################################################################
487[*] Performing General Enumeration of Domain: envkh.gov.sd
488[-] DNSSEC is not configured for envkh.gov.sd
489[*] SOA ns0.ndc.gov.sd 62.12.109.2
490[*] NS ns1.ndc.gov.sd 62.12.109.3
491[*] Bind Version for 62.12.109.3 you guess!
492[*] NS ns0.ndc.gov.sd 62.12.109.2
493[*] Bind Version for 62.12.109.2 you guess!
494[*] MX f03-web02.nic.gov.sd 62.12.105.2
495[*] A envkh.gov.sd 62.12.105.2
496[*] TXT envkh.gov.sd v=spf1 mx -all
497[*] Enumerating SRV Records
498[-] No SRV Records Found for envkh.gov.sd
499[+] 0 Records Found
500#######################################################################################################################################
501] Processing domain envkh.gov.sd
502[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
503[+] Getting nameservers
50462.12.109.3 - ns1.ndc.gov.sd
505[+] Zone transfer sucessful using nameserver ns1.ndc.gov.sd
506envkh.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2017092700 10800 900 604800 86400
507envkh.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
508envkh.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
509envkh.gov.sd. 86400 IN A 62.12.105.2
510envkh.gov.sd. 86400 IN MX 10 f03-web02.nic.gov.sd.
511envkh.gov.sd. 86400 IN TXT "v=spf1 mx -all"
512mail.envkh.gov.sd. 86400 IN A 62.12.105.2
513mail.envkh.gov.sd. 86400 IN MX 10 mail.envkh.gov.sd.
514webmail.envkh.gov.sd. 86400 IN CNAME mail.envkh.gov.sd.
515www.envkh.gov.sd. 86400 IN A 62.12.105.2
516#######################################################################################################################################
517=======================================================================================================================================
518| E-mails:
519| [+] E-mail Found: kevinh@kevcom.com
520| [+] E-mail Found: imir2526@gmail.com
521| [+] E-mail Found: info@krtstrategy.gov.sd
522| [+] E-mail Found: mike@hyperreal.org
523| [+] E-mail Found: info@envkh.gov.sd
524| [+] E-mail Found: humbedooh@apache.org
525=======================================================================================================================================
526| External hosts:
527| [+] External Host Found: http://mail.envkh.gov.sd
528| [+] External Host Found: http://httpd.apache.org
529| [+] External Host Found: http://www.parallels.com
530| [+] External Host Found: http://www.showmyweather.com
531=======================================================================================================================================
532#######################################################################################################################################
533Ip Address Status Type Domain Name Server
534---------- ------ ---- ----------- ------
53562.12.105.2 200 host mail.envkh.gov.sd nginx
53662.12.105.2 200 alias webmail.envkh.gov.sd nginx
53762.12.105.2 200 host mail.envkh.gov.sd nginx
53862.12.105.2 200 host www.envkh.gov.sd nginx
539#######################################################################################################################################
540
541[+] Testing domain
542 www.envkh.gov.sd 62.12.105.2
543[+] Dns resolving
544 Domain name Ip address Name server
545 envkh.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
546Found 1 host(s) for envkh.gov.sd
547[+] Testing wildcard
548 Ok, no wildcard found.
549
550[+] Scanning for subdomain on envkh.gov.sd
551[!] Wordlist not specified. I scannig with my internal wordlist...
552 Estimated time about 329.04 seconds
553
554 Subdomain Ip address Name server
555
556 mail.envkh.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
557 webmail.envkh.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
558 www.envkh.gov.sd 62.12.105.2 f03-web02.nic.gov.sd
559
560#######################################################################################################################################
561
562
563
564 AVAILABLE PLUGINS
565 --------------------------------------------------------------------------------------------------------------------------------------
566
567 HeartbleedPlugin
568 CertificateInfoPlugin
569 FallbackScsvPlugin
570 OpenSslCipherSuitesPlugin
571 CompressionPlugin
572 HttpHeadersPlugin
573 RobotPlugin
574 SessionResumptionPlugin
575 EarlyDataPlugin
576 OpenSslCcsInjectionPlugin
577 SessionRenegotiationPlugin
578
579
580
581 CHECKING HOST(S) AVAILABILITY
582 --------------------------------------------------------------------------------------------------------------------------------------
583
584 62.12.105.2:443 => 62.12.105.2
585
586
587
588
589 SCAN RESULTS FOR 62.12.105.2:443 - 62.12.105.2
590 --------------------------------------------------------------------------------------------------------------------------------------
591
592 * TLSV1_3 Cipher Suites:
593 Server rejected all cipher suites.
594
595 * Certificate Information:
596 Content
597 SHA1 Fingerprint: 14796658f80369878f4254739eaf97e150dd2d68
598 Common Name: Plesk
599 Issuer: Plesk
600 Serial Number: 1461120027
601 Not Before: 2016-04-20 02:40:27
602 Not After: 2017-04-20 02:40:27
603 Signature Algorithm: sha256
604 Public Key Algorithm: RSA
605 Key Size: 2048
606 Exponent: 65537 (0x10001)
607 DNS Subject Alternative Names: []
608
609 Trust
610 Hostname Validation: FAILED - Certificate does NOT match 62.12.105.2
611 Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate
612 iOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
613 Java CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
614 macOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
615 Mozilla CA Store (2018-11-22): FAILED - Certificate is NOT Trusted: self signed certificate
616 OPENJDK CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
617 Windows CA Store (2018-12-08): FAILED - Certificate is NOT Trusted: self signed certificate
618 Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
619 Received Chain: Plesk
620 Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
621 Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
622 Received Chain Order: OK - Order is valid
623 Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
624
625 Extensions
626 OCSP Must-Staple: NOT SUPPORTED - Extension not found
627 Certificate Transparency: NOT SUPPORTED - Extension not found
628
629 OCSP Stapling
630 NOT SUPPORTED - Server did not send back an OCSP response
631
632 * Downgrade Attacks:
633 TLS_FALLBACK_SCSV: OK - Supported
634
635 * Session Renegotiation:
636 Client-initiated Renegotiation: OK - Rejected
637 Secure Renegotiation: OK - Supported
638
639 * OpenSSL Heartbleed:
640 OK - Not vulnerable to Heartbleed
641
642 * SSLV2 Cipher Suites:
643 Server rejected all cipher suites.
644
645 * ROBOT Attack:
646 OK - Not vulnerable
647
648 * TLS 1.2 Session Resumption Support:
649 With Session IDs: NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
650 With TLS Tickets: OK - Supported
651
652 * TLSV1_2 Cipher Suites:
653 Forward Secrecy OK - Supported
654 RC4 OK - Not Supported
655
656 Preferred:
657 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
658 Accepted:
659 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
660 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
661 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
662 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
663 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
664 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
665 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
666 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
667 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
668 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
669 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
670 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
671 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
672 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
673
674 * TLSV1_1 Cipher Suites:
675 Forward Secrecy OK - Supported
676 RC4 OK - Not Supported
677
678 Preferred:
679 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
680 Accepted:
681 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
682 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
683 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
684 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
685 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
686 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
687
688 * OpenSSL CCS Injection:
689 OK - Not vulnerable to OpenSSL CCS injection
690
691 * Deflate Compression:
692 OK - Compression disabled
693
694 * SSLV3 Cipher Suites:
695 Server rejected all cipher suites.
696
697 * TLSV1 Cipher Suites:
698 Forward Secrecy OK - Supported
699 RC4 OK - Not Supported
700
701 Preferred:
702 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
703 Accepted:
704 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
705 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
706 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
707 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
708 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
709 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
710
711
712 SCAN COMPLETED IN 35.51 S
713 --------------------------------------------------------------------------------------------------------------------------------------
714#######################################################################################################################################
715WhatWeb report for http://envkh.gov.sd
716Status : 301 Moved Permanently
717Title : 301 Moved Permanently
718IP : <Unknown>
719Country : <Unknown>
720
721Summary : Plesk[Lin], nginx, HTTPServer[nginx], X-Powered-By[PleskLin], RedirectLocation[http://www.envkh.gov.sd/]
722
723Detected Plugins:
724[ HTTPServer ]
725 HTTP server header string. This plugin also attempts to
726 identify the operating system from the server header.
727
728 String : nginx (from server string)
729
730[ Plesk ]
731 Plesk is a web control panel
732
733 String : Lin
734 Google Dorks: (1)
735 Website : http://www.parallels.com/products/plesk/
736
737[ RedirectLocation ]
738 HTTP Server string location. used with http-status 301 and
739 302
740
741 String : http://www.envkh.gov.sd/ (from location)
742
743[ X-Powered-By ]
744 X-Powered-By HTTP header
745
746 String : PleskLin (from x-powered-by string)
747
748[ nginx ]
749 Nginx (Engine-X) is a free, open-source, high-performance
750 HTTP server and reverse proxy, as well as an IMAP/POP3
751 proxy server.
752
753 Website : http://nginx.net/
754
755HTTP Headers:
756 HTTP/1.1 301 Moved Permanently
757 Server: nginx
758 Date: Sat, 22 Jun 2019 02:41:03 GMT
759 Content-Type: text/html
760 Content-Length: 178
761 Connection: close
762 Location: http://www.envkh.gov.sd/
763 X-Powered-By: PleskLin
764
765WhatWeb report for http://www.envkh.gov.sd/
766Status : 200 OK
767Title : المجلس الأعلى للبيئة-ولاية الخرطوم
768IP : <Unknown>
769Country : <Unknown>
770
771Summary : X-UA-Compatible[IE=edge], Script[text/javascript], HTML5, PHP[5.4.16,], JQuery, Plesk[Lin], nginx, Email[info@krtstrategy.gov.sd], HTTPServer[nginx], X-Powered-By[PHP/5.4.16, PleskLin]
772
773Detected Plugins:
774[ Email ]
775 Extract email addresses. Find valid email address and
776 syntactically invalid email addresses from mailto: link
777 tags. We match syntactically invalid links containing
778 mailto: to catch anti-spam email addresses, eg. bob at
779 gmail.com. This uses the simplified email regular
780 expression from
781 http://www.regular-expressions.info/email.html for valid
782 email address matching.
783
784 String : info@krtstrategy.gov.sd
785
786[ HTML5 ]
787 HTML version 5, detected by the doctype declaration
788
789
790[ HTTPServer ]
791 HTTP server header string. This plugin also attempts to
792 identify the operating system from the server header.
793
794 String : nginx (from server string)
795
796[ JQuery ]
797 A fast, concise, JavaScript that simplifies how to traverse
798 HTML documents, handle events, perform animations, and add
799 AJAX.
800
801 Website : http://jquery.com/
802
803[ PHP ]
804 PHP is a widely-used general-purpose scripting language
805 that is especially suited for Web development and can be
806 embedded into HTML. This plugin identifies PHP errors,
807 modules and versions and extracts the local file path and
808 username if present.
809
810 Version : 5.4.16,
811 Google Dorks: (2)
812 Website : http://www.php.net/
813
814[ Plesk ]
815 Plesk is a web control panel
816
817 String : Lin
818 Google Dorks: (1)
819 Website : http://www.parallels.com/products/plesk/
820
821[ Script ]
822 This plugin detects instances of script HTML elements and
823 returns the script language/type.
824
825 String : text/javascript
826
827[ X-Powered-By ]
828 X-Powered-By HTTP header
829
830 String : PHP/5.4.16, PleskLin (from x-powered-by string)
831
832[ X-UA-Compatible ]
833 This plugin retrieves the X-UA-Compatible value from the
834 HTTP header and meta http-equiv tag. - More Info:
835 http://msdn.microsoft.com/en-us/library/cc817574.aspx
836
837 String : IE=edge
838
839[ nginx ]
840 Nginx (Engine-X) is a free, open-source, high-performance
841 HTTP server and reverse proxy, as well as an IMAP/POP3
842 proxy server.
843
844 Website : http://nginx.net/
845
846HTTP Headers:
847 HTTP/1.1 200 OK
848 Server: nginx
849 Date: Sat, 22 Jun 2019 02:41:05 GMT
850 Content-Type: text/html
851 Transfer-Encoding: chunked
852 Connection: close
853 X-Powered-By: PHP/5.4.16
854 X-Powered-By: PleskLin
855#######################################################################################################################################
856DNS Servers for envkh.gov.sd:
857 ns0.ndc.gov.sd
858 ns1.ndc.gov.sd
859
860Trying zone transfer first...
861 Testing ns0.ndc.gov.sd
862
863Whoah, it worked - misconfigured DNS server found:
864envkh.gov.sd. 86400 IN SOA ( ns0.ndc.gov.sd. root.ndc.gov.sd.
865 2017092700 ;serial
866 10800 ;refresh
867 900 ;retry
868 604800 ;expire
869 86400 ;minimum
870 )
871envkh.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
872envkh.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
873envkh.gov.sd. 86400 IN A 62.12.105.2
874envkh.gov.sd. 86400 IN MX 10 f03-web02.nic.gov.sd.
875envkh.gov.sd. 86400 IN TXT "v=spf1 mx -all"
876mail.envkh.gov.sd. 86400 IN A 62.12.105.2
877mail.envkh.gov.sd. 86400 IN MX 10 mail.envkh.gov.sd.
878webmail.envkh.gov.sd. 86400 IN CNAME mail.envkh.gov.sd.
879www.envkh.gov.sd. 86400 IN A 62.12.105.2
880
881There isn't much point continuing, you have everything.
882Have a nice day.
883Exiting...
884#######################################################################################################################################
885Domains still to check: 1
886 Checking if the hostname envkh.gov.sd. given is in fact a domain...
887
888Analyzing domain: envkh.gov.sd.
889 Checking NameServers using system default resolver...
890 IP: 62.12.109.2 (Sudan)
891 HostName: ns0.ndc.gov.sd Type: NS
892 IP: 62.12.109.3 (Sudan)
893 HostName: ns1.ndc.gov.sd Type: NS
894
895 Checking MailServers using system default resolver...
896 IP: 62.12.105.2 (Sudan)
897 HostName: f03-web02.nic.gov.sd Type: MX
898 HostName: f03-web02.nic.gov.sd Type: PTR
899
900 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
901 Zone transfer successful on name server 62.12.109.2 (4 hosts)
902 Zone transfer successful on name server 62.12.109.3 (4 hosts)
903
904 Checking SPF record...
905
906 Checking 4 most common hostnames using system default resolver...
907 IP: 62.12.105.2 (Sudan)
908 HostName: f03-web02.nic.gov.sd Type: MX
909 HostName: f03-web02.nic.gov.sd Type: PTR
910 HostName: webmail.envkh.gov.sd. Type: A
911 IP: 62.12.105.2 (Sudan)
912 HostName: f03-web02.nic.gov.sd Type: MX
913 HostName: f03-web02.nic.gov.sd Type: PTR
914 HostName: webmail.envkh.gov.sd. Type: A
915 HostName: mail.envkh.gov.sd. Type: A
916 IP: 62.12.105.2 (Sudan)
917 HostName: f03-web02.nic.gov.sd Type: MX
918 HostName: f03-web02.nic.gov.sd Type: PTR
919 HostName: webmail.envkh.gov.sd. Type: A
920 HostName: mail.envkh.gov.sd. Type: A
921 HostName: www.envkh.gov.sd. Type: A
922
923 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
924 Checking netblock 62.12.109.0
925 Checking netblock 62.12.105.0
926
927 Searching for envkh.gov.sd. emails in Google
928
929 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
930 Host 62.12.109.2 is up (reset ttl 64)
931 Host 62.12.109.3 is up (reset ttl 64)
932 Host 62.12.105.2 is up (reset ttl 64)
933
934 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
935 Scanning ip 62.12.109.2 (ns0.ndc.gov.sd):
936 53/tcp open domain syn-ack ttl 47 (unknown banner: you guess!)
937 | dns-nsid:
938 |_ bind.version: you guess!
939 | fingerprint-strings:
940 | DNSVersionBindReqTCP:
941 | version
942 | bind
943 |_ guess!
944 Scanning ip 62.12.109.3 (ns1.ndc.gov.sd):
945 53/tcp open domain syn-ack ttl 47 (unknown banner: you guess!)
946 | dns-nsid:
947 |_ bind.version: you guess!
948 | fingerprint-strings:
949 | DNSVersionBindReqTCP:
950 | version
951 | bind
952 |_ guess!
953 Scanning ip 62.12.105.2 (www.envkh.gov.sd.):
954 21/tcp open tcpwrapped syn-ack ttl 46
955 80/tcp open http syn-ack ttl 46 nginx
956 |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
957 | http-methods:
958 |_ Supported Methods: GET HEAD POST OPTIONS
959 |_http-server-header: nginx
960 |_http-title: Domain Default page
961 110/tcp open pop3 syn-ack ttl 46 Dovecot pop3d
962 |_pop3-capabilities: CAPA PIPELINING UIDL USER TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES STLS AUTH-RESP-CODE APOP
963 |_ssl-date: TLS randomness does not represent time
964 143/tcp open imap syn-ack ttl 46 Dovecot imapd
965 |_imap-capabilities: have AUTH=LOGIN AUTH=DIGEST-MD5 ENABLE IDLE LOGIN-REFERRALS IMAP4rev1 ID listed LITERAL+ AUTH=CRAM-MD5A0001 more AUTH=PLAIN Pre-login SASL-IR post-login capabilities OK STARTTLS
966 |_ssl-date: TLS randomness does not represent time
967 443/tcp open ssl/http syn-ack ttl 46 nginx
968 |_http-server-header: nginx
969 |_http-title: 400 The plain HTTP request was sent to HTTPS port
970 | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
971 | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
972 | Public Key type: rsa
973 | Public Key bits: 2048
974 | Signature Algorithm: sha256WithRSAEncryption
975 | Not valid before: 2016-04-20T02:40:27
976 | Not valid after: 2017-04-20T02:40:27
977 | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
978 |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
979 |_ssl-date: TLS randomness does not represent time
980 | tls-alpn:
981 |_ http/1.1
982 | tls-nextprotoneg:
983 |_ http/1.1
984 993/tcp open ssl/imaps? syn-ack ttl 45
985 |_ssl-date: TLS randomness does not represent time
986 995/tcp open ssl/pop3s? syn-ack ttl 46
987 |_ssl-date: TLS randomness does not represent time
988 8443/tcp open ssl/http syn-ack ttl 45 sw-cp-server httpd (Plesk Onyx 17.5.3)
989 | http-methods:
990 |_ Supported Methods: GET HEAD POST OPTIONS
991 |_http-server-header: sw-cp-server
992 |_http-title: Did not follow redirect to https://62.12.105.2:8443/
993 | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
994 | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
995 | Public Key type: rsa
996 | Public Key bits: 2048
997 | Signature Algorithm: sha256WithRSAEncryption
998 | Not valid before: 2016-04-20T02:40:27
999 | Not valid after: 2017-04-20T02:40:27
1000 | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1001 |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1002 |_ssl-date: TLS randomness does not represent time
1003 | tls-nextprotoneg:
1004 |_ http/1.1
1005 OS Info: Service Info: Host: fo3-web02.nic.gov.sd
1006 WebCrawling domain's web servers... up to 50 max links.
1007
1008 + URL to crawl: http://webmail.envkh.gov.sd.
1009 + Date: 2019-06-21
1010
1011 + Crawling URL: http://webmail.envkh.gov.sd.:
1012 + Links:
1013 + Crawling http://webmail.envkh.gov.sd.
1014 + Crawling http://webmail.envkh.gov.sd./skins/larry/styles.min.css?s=1510737769 (File! Not crawling it.)
1015 + Crawling http://webmail.envkh.gov.sd./skins/larry/svggradients.min.css?s=1510737769 (File! Not crawling it.)
1016 + Crawling http://webmail.envkh.gov.sd./plugins/jqueryui/themes/larry/jquery-ui-1.10.4.custom.css?s=1510737769 (File! Not crawling it.)
1017 + Crawling http://webmail.envkh.gov.sd./skins/larry/ui.min.js?s=1510737769 (File! Not crawling it.)
1018 + Crawling http://webmail.envkh.gov.sd./program/js/jquery.min.js?s=1510737769 (File! Not crawling it.)
1019 + Crawling http://webmail.envkh.gov.sd./program/js/common.min.js?s=1510737769 (File! Not crawling it.)
1020 + Crawling http://webmail.envkh.gov.sd./program/js/app.min.js?s=1510737769 (File! Not crawling it.)
1021 + Crawling http://webmail.envkh.gov.sd./program/js/jstz.min.js?s=1510737769 (File! Not crawling it.)
1022 + Crawling http://webmail.envkh.gov.sd./plugins/jqueryui/js/jquery-ui-1.10.4.custom.min.js?s=1510737769 (File! Not crawling it.)
1023 + Searching for directories...
1024 - Found: http://webmail.envkh.gov.sd./skins/
1025 - Found: http://webmail.envkh.gov.sd./skins/larry/
1026 - Found: http://webmail.envkh.gov.sd./skins/larry/images/
1027 - Found: http://webmail.envkh.gov.sd./plugins/
1028 - Found: http://webmail.envkh.gov.sd./plugins/jqueryui/
1029 - Found: http://webmail.envkh.gov.sd./plugins/jqueryui/themes/
1030 - Found: http://webmail.envkh.gov.sd./plugins/jqueryui/themes/larry/
1031 - Found: http://webmail.envkh.gov.sd./program/
1032 - Found: http://webmail.envkh.gov.sd./program/js/
1033 - Found: http://webmail.envkh.gov.sd./plugins/jqueryui/js/
1034 + Searching open folders...
1035 - http://webmail.envkh.gov.sd./skins/ (403 Forbidden)
1036 - http://webmail.envkh.gov.sd./skins/larry/ (403 Forbidden)
1037 - http://webmail.envkh.gov.sd./skins/larry/images/ (403 Forbidden)
1038 - http://webmail.envkh.gov.sd./plugins/ (403 Forbidden)
1039 - http://webmail.envkh.gov.sd./plugins/jqueryui/ (403 Forbidden)
1040 - http://webmail.envkh.gov.sd./plugins/jqueryui/themes/ (403 Forbidden)
1041 - http://webmail.envkh.gov.sd./plugins/jqueryui/themes/larry/ (403 Forbidden)
1042 - http://webmail.envkh.gov.sd./program/ (403 Forbidden)
1043 - http://webmail.envkh.gov.sd./program/js/ (403 Forbidden)
1044 - http://webmail.envkh.gov.sd./plugins/jqueryui/js/ (403 Forbidden)
1045
1046
1047 + URL to crawl: http://f03-web02.nic.gov.sd
1048 + Date: 2019-06-21
1049
1050 + Crawling URL: http://f03-web02.nic.gov.sd:
1051 + Links:
1052 + Crawling http://f03-web02.nic.gov.sd
1053 + Searching for directories...
1054 - Found: http://f03-web02.nic.gov.sd/css/
1055 - Found: http://f03-web02.nic.gov.sd/img/
1056 + Searching open folders...
1057 - http://f03-web02.nic.gov.sd/css/ (403 Forbidden)
1058 - http://f03-web02.nic.gov.sd/img/ (403 Forbidden)
1059
1060
1061 + URL to crawl: http://mail.envkh.gov.sd.
1062 + Date: 2019-06-21
1063
1064 + Crawling URL: http://mail.envkh.gov.sd.:
1065 + Links:
1066 + Crawling http://mail.envkh.gov.sd.
1067 + Searching for directories...
1068 - Found: http://mail.envkh.gov.sd./css/
1069 - Found: http://mail.envkh.gov.sd./img/
1070 + Searching open folders...
1071 - http://mail.envkh.gov.sd./css/ (403 Forbidden)
1072 - http://mail.envkh.gov.sd./img/ (403 Forbidden)
1073
1074
1075 + URL to crawl: http://www.envkh.gov.sd.
1076 + Date: 2019-06-21
1077
1078 + Crawling URL: http://www.envkh.gov.sd.:
1079 + Links:
1080 + Crawling http://www.envkh.gov.sd.
1081 + Crawling http://www.envkh.gov.sd./index.php
1082 + Crawling http://www.envkh.gov.sd./vcomment.php
1083 + Crawling http://www.envkh.gov.sd./aboutus.php
1084 + Crawling http://www.envkh.gov.sd./contactus.php
1085 + Crawling http://www.envkh.gov.sd./envnews.php
1086 + Crawling http://www.envkh.gov.sd./minister2.php
1087 + Crawling http://www.envkh.gov.sd./minister.php
1088 + Crawling http://www.envkh.gov.sd./controls.php
1089 + Crawling http://www.envkh.gov.sd./tawa.php
1090 + Crawling http://www.envkh.gov.sd./monitors.php
1091 + Crawling http://www.envkh.gov.sd./lab.php
1092 + Crawling http://www.envkh.gov.sd./trac.php
1093 + Crawling http://www.envkh.gov.sd./planning.php
1094 + Crawling http://www.envkh.gov.sd./financeadmin.php
1095 + Crawling http://www.envkh.gov.sd./structure.php
1096 + Crawling http://www.envkh.gov.sd./celebrations.php
1097 + Crawling http://www.envkh.gov.sd./laws.php
1098 + Crawling http://www.envkh.gov.sd./complains.php
1099 + Crawling http://www.envkh.gov.sd./press.php
1100 + Crawling http://www.envkh.gov.sd./android/index.php
1101 + Crawling http://www.envkh.gov.sd./suggestions.php
1102 + Crawling http://www.envkh.gov.sd./detailes.php?x=343
1103 + Crawling http://www.envkh.gov.sd./detailes.php?x=341
1104 + Crawling http://www.envkh.gov.sd./detailes.php?x=340
1105 + Crawling http://www.envkh.gov.sd./detailes.php?x=339
1106 + Crawling http://www.envkh.gov.sd./detailes.php?x=338
1107 + Crawling http://www.envkh.gov.sd./detailes.php?x=337
1108 + Crawling http://www.envkh.gov.sd./detailes.php?x=336
1109 + Crawling http://www.envkh.gov.sd./galary.php
1110 + Crawling http://www.envkh.gov.sd./detailes.php?y=43
1111 + Crawling http://www.envkh.gov.sd./detailes.php?y=42
1112 + Crawling http://www.envkh.gov.sd./weather.php
1113 + Crawling http://www.envkh.gov.sd./phbook.php
1114 + Crawling http://www.envkh.gov.sd./azan.php (500 Internal Server Error)
1115 + Crawling http://www.envkh.gov.sd./emergency.php
1116 + Crawling http://www.envkh.gov.sd./c1234p/files/ (403 Forbidden)
1117 + Crawling http://www.envkh.gov.sd./comments.php (404 Not Found)
1118 + Crawling http://www.envkh.gov.sd./sitemap.php
1119 + Crawling http://www.envkh.gov.sd./detailes.php?x=335
1120 + Crawling http://www.envkh.gov.sd./detailes.php?x=334
1121 + Crawling http://www.envkh.gov.sd./detailes.php?x=333
1122 + Crawling http://www.envkh.gov.sd./detailes.php?x=332
1123 + Crawling http://www.envkh.gov.sd./detailes.php?x=331
1124 + Crawling http://www.envkh.gov.sd./detailes.php?x=330
1125 + Crawling http://www.envkh.gov.sd./detailes.php?x=329
1126 + Crawling http://www.envkh.gov.sd./detailes.php?x=328
1127 + Crawling http://www.envkh.gov.sd./detailes.php?x=327
1128 + Crawling http://www.envkh.gov.sd./detailes.php?x=326
1129 + Crawling http://www.envkh.gov.sd./detailes.php?x=325
1130 + Searching for directories...
1131 - Found: http://www.envkh.gov.sd./android/
1132 - Found: http://www.envkh.gov.sd./c1234p/
1133 - Found: http://www.envkh.gov.sd./c1234p/files/
1134 - Found: http://www.envkh.gov.sd./assets/
1135 - Found: http://www.envkh.gov.sd./SpryAssets/
1136 - Found: http://www.envkh.gov.sd./ar.portal_files/
1137 - Found: http://www.envkh.gov.sd./pdf/
1138 - Found: http://www.envkh.gov.sd./resources/
1139 - Found: http://www.envkh.gov.sd./resources/js/
1140 + Searching open folders...
1141 - http://www.envkh.gov.sd./android/ (No Open Folder)
1142 - http://www.envkh.gov.sd./c1234p/ (No Open Folder)
1143 - http://www.envkh.gov.sd./c1234p/files/ (403 Forbidden)
1144 - http://www.envkh.gov.sd./assets/ (403 Forbidden)
1145 - http://www.envkh.gov.sd./SpryAssets/ (403 Forbidden)
1146 - http://www.envkh.gov.sd./ar.portal_files/ (404 Not Found)
1147 - http://www.envkh.gov.sd./pdf/ (403 Forbidden)
1148 - http://www.envkh.gov.sd./resources/ (404 Not Found)
1149 - http://www.envkh.gov.sd./resources/js/ (404 Not Found)
1150 + Crawl finished successfully.
1151---------------------------------------------------------------------------------------------------------------------------------------
1152Summary of http://http://www.envkh.gov.sd.
1153--------------------------------------------------------------------------------------------------------------------------------------
1154+ Links crawled:
1155 - http://www.envkh.gov.sd.
1156 - http://www.envkh.gov.sd./aboutus.php
1157 - http://www.envkh.gov.sd./android/index.php
1158 - http://www.envkh.gov.sd./azan.php (500 Internal Server Error)
1159 - http://www.envkh.gov.sd./c1234p/files/ (403 Forbidden)
1160 - http://www.envkh.gov.sd./celebrations.php
1161 - http://www.envkh.gov.sd./comments.php (404 Not Found)
1162 - http://www.envkh.gov.sd./complains.php
1163 - http://www.envkh.gov.sd./contactus.php
1164 - http://www.envkh.gov.sd./controls.php
1165 - http://www.envkh.gov.sd./detailes.php?x=325
1166 - http://www.envkh.gov.sd./detailes.php?x=326
1167 - http://www.envkh.gov.sd./detailes.php?x=327
1168 - http://www.envkh.gov.sd./detailes.php?x=328
1169 - http://www.envkh.gov.sd./detailes.php?x=329
1170 - http://www.envkh.gov.sd./detailes.php?x=330
1171 - http://www.envkh.gov.sd./detailes.php?x=331
1172 - http://www.envkh.gov.sd./detailes.php?x=332
1173 - http://www.envkh.gov.sd./detailes.php?x=333
1174 - http://www.envkh.gov.sd./detailes.php?x=334
1175 - http://www.envkh.gov.sd./detailes.php?x=335
1176 - http://www.envkh.gov.sd./detailes.php?x=336
1177 - http://www.envkh.gov.sd./detailes.php?x=337
1178 - http://www.envkh.gov.sd./detailes.php?x=338
1179 - http://www.envkh.gov.sd./detailes.php?x=339
1180 - http://www.envkh.gov.sd./detailes.php?x=340
1181 - http://www.envkh.gov.sd./detailes.php?x=341
1182 - http://www.envkh.gov.sd./detailes.php?x=343
1183 - http://www.envkh.gov.sd./detailes.php?y=42
1184 - http://www.envkh.gov.sd./detailes.php?y=43
1185 - http://www.envkh.gov.sd./emergency.php
1186 - http://www.envkh.gov.sd./envnews.php
1187 - http://www.envkh.gov.sd./financeadmin.php
1188 - http://www.envkh.gov.sd./galary.php
1189 - http://www.envkh.gov.sd./index.php
1190 - http://www.envkh.gov.sd./lab.php
1191 - http://www.envkh.gov.sd./laws.php
1192 - http://www.envkh.gov.sd./minister.php
1193 - http://www.envkh.gov.sd./minister2.php
1194 - http://www.envkh.gov.sd./monitors.php
1195 - http://www.envkh.gov.sd./phbook.php
1196 - http://www.envkh.gov.sd./planning.php
1197 - http://www.envkh.gov.sd./press.php
1198 - http://www.envkh.gov.sd./sitemap.php
1199 - http://www.envkh.gov.sd./structure.php
1200 - http://www.envkh.gov.sd./suggestions.php
1201 - http://www.envkh.gov.sd./tawa.php
1202 - http://www.envkh.gov.sd./trac.php
1203 - http://www.envkh.gov.sd./vcomment.php
1204 - http://www.envkh.gov.sd./weather.php
1205 Total links crawled: 50
1206
1207+ Links to files found:
1208 - http://www.envkh.gov.sd./SpryAssets/SpryCollapsiblePanel.css
1209 - http://www.envkh.gov.sd./SpryAssets/SpryCollapsiblePanel.js
1210 - http://www.envkh.gov.sd./android.jpg
1211 - http://www.envkh.gov.sd./ar.portal_files/right_government_up.jpg
1212 - http://www.envkh.gov.sd./assets/Seperator_new_portlet.jpg
1213 - http://www.envkh.gov.sd./assets/YouTube.jpg
1214 - http://www.envkh.gov.sd./assets/banner.jpg
1215 - http://www.envkh.gov.sd./assets/banner_may2011.jpg
1216 - http://www.envkh.gov.sd./assets/body.css
1217 - http://www.envkh.gov.sd./assets/book.css
1218 - http://www.envkh.gov.sd./assets/button.css
1219 - http://www.envkh.gov.sd./assets/calanderofevent.jpg
1220 - http://www.envkh.gov.sd./assets/complains-eco.jpg
1221 - http://www.envkh.gov.sd./assets/css_ar_v2.css
1222 - http://www.envkh.gov.sd./assets/dae.css
1223 - http://www.envkh.gov.sd./assets/dae.js
1224 - http://www.envkh.gov.sd./assets/delete.js
1225 - http://www.envkh.gov.sd./assets/emergency.gif
1226 - http://www.envkh.gov.sd./assets/emergency_phones.jpg
1227 - http://www.envkh.gov.sd./assets/facebook.jpg
1228 - http://www.envkh.gov.sd./assets/fader_v1.js
1229 - http://www.envkh.gov.sd./assets/float.js
1230 - http://www.envkh.gov.sd./assets/form.css
1231 - http://www.envkh.gov.sd./assets/g+.jpg
1232 - http://www.envkh.gov.sd./assets/ga.js
1233 - http://www.envkh.gov.sd./assets/head_darkgray_leftcurve_lightgraybg.jpg
1234 - http://www.envkh.gov.sd./assets/head_darkgray_rightcurve_lightgraybg.jpg
1235 - http://www.envkh.gov.sd./assets/header_foot.jpg
1236 - http://www.envkh.gov.sd./assets/icon_news.jpg
1237 - http://www.envkh.gov.sd./assets/icon_textEnglish.jpg
1238 - http://www.envkh.gov.sd./assets/layout.css
1239 - http://www.envkh.gov.sd./assets/left_bottom_new_portlet.jpg
1240 - http://www.envkh.gov.sd./assets/left_center_new_portlet.jpg
1241 - http://www.envkh.gov.sd./assets/left_center_sep_new_portlet.jpg
1242 - http://www.envkh.gov.sd./assets/left_top_new_portlet.jpg
1243 - http://www.envkh.gov.sd./assets/leftt_curve_header_bottom_u.jpg
1244 - http://www.envkh.gov.sd./assets/menu.js
1245 - http://www.envkh.gov.sd./assets/menufx.js
1246 - http://www.envkh.gov.sd./assets/missions1.jpg
1247 - http://www.envkh.gov.sd./assets/missions2.jpg
1248 - http://www.envkh.gov.sd./assets/missions3.jpg
1249 - http://www.envkh.gov.sd./assets/missions4.jpg
1250 - http://www.envkh.gov.sd./assets/missions5.jpg
1251 - http://www.envkh.gov.sd./assets/mosque.gif
1252 - http://www.envkh.gov.sd./assets/org.jpg
1253 - http://www.envkh.gov.sd./assets/phbook.gif
1254 - http://www.envkh.gov.sd./assets/photogallery.jpg
1255 - http://www.envkh.gov.sd./assets/portlet.css
1256 - http://www.envkh.gov.sd./assets/prayer_azan.jpg
1257 - http://www.envkh.gov.sd./assets/right_bottom_new_portlet.jpg
1258 - http://www.envkh.gov.sd./assets/right_center_new_portlet.jpg
1259 - http://www.envkh.gov.sd./assets/right_center_sep_new_portlet.jpg
1260 - http://www.envkh.gov.sd./assets/right_curve_header_bottom_u.jpg
1261 - http://www.envkh.gov.sd./assets/right_top_new_portlet.jpg
1262 - http://www.envkh.gov.sd./assets/search_button.jpg
1263 - http://www.envkh.gov.sd./assets/skin.js
1264 - http://www.envkh.gov.sd./assets/suggestions-eco.jpg
1265 - http://www.envkh.gov.sd./assets/time_krt.jpg
1266 - http://www.envkh.gov.sd./assets/twitter.jpg
1267 - http://www.envkh.gov.sd./assets/util.js
1268 - http://www.envkh.gov.sd./assets/visitorcount.jpg
1269 - http://www.envkh.gov.sd./assets/weather.gif
1270 - http://www.envkh.gov.sd./assets/window-alert.css
1271 - http://www.envkh.gov.sd./assets/window-plain.css
1272 - http://www.envkh.gov.sd./assets/window.css
1273 - http://www.envkh.gov.sd./c1234p/files/1079هلال.JPG
1274 - http://www.envkh.gov.sd./c1234p/files/1110_DSC5129.JPG
1275 - http://www.envkh.gov.sd./c1234p/files/113;كوارثمممم.jpg
1276 - http://www.envkh.gov.sd./c1234p/files/1289_DSC5234.JPG
1277 - http://www.envkh.gov.sd./c1234p/files/1306ب.jpg
1278 - http://www.envkh.gov.sd./c1234p/files/1703صور.jpg
1279 - http://www.envkh.gov.sd./c1234p/files/1835التغير المناخي44.jpg
1280 - http://www.envkh.gov.sd./c1234p/files/1868Untitled.png
1281 - http://www.envkh.gov.sd./c1234p/files/189500000000.jpg
1282 - http://www.envkh.gov.sd./c1234p/files/1927شعار2.jpg
1283 - http://www.envkh.gov.sd./c1234p/files/21اجتمااااااااااااااااااع.jpg
1284 - http://www.envkh.gov.sd./c1234p/files/224816298748_386758615017159_7955845145180426946_n.jpg
1285 - http://www.envkh.gov.sd./c1234p/files/232كوريا1.jpg
1286 - http://www.envkh.gov.sd./c1234p/files/2453جايكا3.jpg
1287 - http://www.envkh.gov.sd./c1234p/files/247912404091_10205298374889411_1168094863_n.jpg
1288 - http://www.envkh.gov.sd./c1234p/files/2594_DSC4504.JPG
1289 - http://www.envkh.gov.sd./c1234p/files/2653_DSC0303.JPG
1290 - http://www.envkh.gov.sd./c1234p/files/315020841351_10209716471339061_1440768841_o.jpg
1291 - http://www.envkh.gov.sd./c1234p/files/319500000000.jpg
1292 - http://www.envkh.gov.sd./c1234p/files/3225خالد شمبول.jpg
1293 - http://www.envkh.gov.sd./c1234p/files/3417مظاهرااااات.jpg
1294 - http://www.envkh.gov.sd./c1234p/files/3490وزير الدوله.png
1295 - http://www.envkh.gov.sd./c1234p/files/3553ب.jpg
1296 - http://www.envkh.gov.sd./c1234p/files/3617Meeting Youth Federation Youth Forum Africa.jpg
1297 - http://www.envkh.gov.sd./c1234p/files/3714_DSC.jpg
1298 - http://www.envkh.gov.sd./c1234p/files/3823نمر.jpg
1299 - http://www.envkh.gov.sd./c1234p/files/3873اليات جايكا.jpg
1300 - http://www.envkh.gov.sd./c1234p/files/39121170789_10209820916230118_1752600162_o.jpg
1301 - http://www.envkh.gov.sd./c1234p/files/4029IMG.jpg
1302 - http://www.envkh.gov.sd./c1234p/files/402j.jpg
1303 - http://www.envkh.gov.sd./c1234p/files/4233mutabaeat.jpg
1304 - http://www.envkh.gov.sd./c1234p/files/4240نمر وهلال.jpg
1305 - http://www.envkh.gov.sd./c1234p/files/4253_DSC0378.JPG
1306 - http://www.envkh.gov.sd./c1234p/files/4352777النظافه.jpg
1307 - http://www.envkh.gov.sd./c1234p/files/4550نمر علي التلفزيون المغربي.jpg
1308 - http://www.envkh.gov.sd./c1234p/files/4633الافارقه1.jpg
1309 - http://www.envkh.gov.sd./c1234p/files/478الوزير.jpg
1310 - http://www.envkh.gov.sd./c1234p/files/488518901019_10209131473474480_2026151349_o.jpg
1311 - http://www.envkh.gov.sd./c1234p/files/4912مؤتمر نمر.jpg
1312 - http://www.envkh.gov.sd./c1234p/files/4930ddd.jpg
1313 - http://www.envkh.gov.sd./c1234p/files/4975ddالقضاء.jpg
1314 - http://www.envkh.gov.sd./c1234p/files/4986IMG-20170406-WA0020.jpg
1315 - http://www.envkh.gov.sd./c1234p/files/4986الخطه الاستراتيجيه للحد من مخاطر الكوارث في ولايه الخرطوم121.jpg
1316 - http://www.envkh.gov.sd./c1234p/files/5021_D0.jpg
1317 - http://www.envkh.gov.sd./c1234p/files/5047thumbnail_IMG-20170129-WA0008_resized_20170129_110303115.jpg
1318 - http://www.envkh.gov.sd./c1234p/files/5071_DSC8625.JPG
1319 - http://www.envkh.gov.sd./c1234p/files/5214الوزير.jpg
1320 - http://www.envkh.gov.sd./c1234p/files/5345السويدفقهق.jpg
1321 - http://www.envkh.gov.sd./c1234p/files/5463تدشين.png
1322 - http://www.envkh.gov.sd./c1234p/files/5464بيئه.jpg
1323 - http://www.envkh.gov.sd./c1234p/files/548515826192_403707259970361_8945800935511651382_n.jpg
1324 - http://www.envkh.gov.sd./c1234p/files/5707Untitled4.jpg
1325 - http://www.envkh.gov.sd./c1234p/files/5727_DSC8033.JPG
1326 - http://www.envkh.gov.sd./c1234p/files/582جايكا4.jpg
1327 - http://www.envkh.gov.sd./c1234p/files/5871kkkkk.jpg
1328 - http://www.envkh.gov.sd./c1234p/files/5918ب.jpg
1329 - http://www.envkh.gov.sd./c1234p/files/602721081806_10209784808807455_250210706_o.jpg
1330 - http://www.envkh.gov.sd./c1234p/files/6049udp.jpg
1331 - http://www.envkh.gov.sd./c1234p/files/6140مؤتمر باريس.png
1332 - http://www.envkh.gov.sd./c1234p/files/616812319246_10205201624310707_140509848_n.jpg
1333 - http://www.envkh.gov.sd./c1234p/files/624416472987_390193311340356_2810716095354766518_n.jpg
1334 - http://www.envkh.gov.sd./c1234p/files/6402uhuhi.jpg
1335 - http://www.envkh.gov.sd./c1234p/files/6529الدكتور التجاني الشيخ الاصم.png
1336 - http://www.envkh.gov.sd./c1234p/files/652وووووووووووووووووووووووووووووووووفد.jpg
1337 - http://www.envkh.gov.sd./c1234p/files/6558السلمانيه11.jpg
1338 - http://www.envkh.gov.sd./c1234p/files/6599thumbnail_IMG-20170125-WA0009_resized_20170125_010051268.jpg
1339 - http://www.envkh.gov.sd./c1234p/files/6612بيئة1.jpg
1340 - http://www.envkh.gov.sd./c1234p/files/6645IMG-20180109-WA0005.jpg
1341 - http://www.envkh.gov.sd./c1234p/files/666616299029_389650211394666_7362550608903194371_n.jpg
1342 - http://www.envkh.gov.sd./c1234p/files/6786علم السودان.jpg
1343 - http://www.envkh.gov.sd./c1234p/files/6805Emergency plan for cleanlines.jpg
1344 - http://www.envkh.gov.sd./c1234p/files/6812788170_10205743939508248_377028217_n.jpg
1345 - http://www.envkh.gov.sd./c1234p/files/702815895405_404907949850292_5206912958511679572_n.jpg
1346 - http://www.envkh.gov.sd./c1234p/files/7241الكوارث.jpg
1347 - http://www.envkh.gov.sd./c1234p/files/7403خريطه11111.png
1348 - http://www.envkh.gov.sd./c1234p/files/7610ننمر هلال نمر.jpg
1349 - http://www.envkh.gov.sd./c1234p/files/7658شعار2.jpg
1350 - http://www.envkh.gov.sd./c1234p/files/7767ggg.jpg
1351 - http://www.envkh.gov.sd./c1234p/files/78751215454151111221.jpg
1352 - http://www.envkh.gov.sd./c1234p/files/791حسن هلال.png
1353 - http://www.envkh.gov.sd./c1234p/files/798صور توقيع.JPG
1354 - http://www.envkh.gov.sd./c1234p/files/8080IMG.jpg
1355 - http://www.envkh.gov.sd./c1234p/files/8205tاتراك.jpg
1356 - http://www.envkh.gov.sd./c1234p/files/845شعار2.jpg
1357 - http://www.envkh.gov.sd./c1234p/files/8656IMG-20180305-WA0017.jpg
1358 - http://www.envkh.gov.sd./c1234p/files/8657جايكا5.jpg
1359 - http://www.envkh.gov.sd./c1234p/files/8663الكوارث.jpg
1360 - http://www.envkh.gov.sd./c1234p/files/8665101010.jpg
1361 - http://www.envkh.gov.sd./c1234p/files/8696الفاو.jpg
1362 - http://www.envkh.gov.sd./c1234p/files/8969كوريا2.jpg
1363 - http://www.envkh.gov.sd./c1234p/files/902_DS011.jpg
1364 - http://www.envkh.gov.sd./c1234p/files/9097hff.jpg
1365 - http://www.envkh.gov.sd./c1234p/files/9371اوباما.png
1366 - http://www.envkh.gov.sd./c1234p/files/9450حسن هلال.png
1367 - http://www.envkh.gov.sd./c1234p/files/9542IMG-20180213-WA0001.jpg
1368 - http://www.envkh.gov.sd./c1234p/files/9569النظافه1.jpg
1369 - http://www.envkh.gov.sd./c1234p/files/963مؤتمر باريس.png
1370 - http://www.envkh.gov.sd./c1234p/files/9662جايكا2.jpg
1371 - http://www.envkh.gov.sd./c1234p/files/9812قرار.pdf
1372 - http://www.envkh.gov.sd./c1234p/files/984221.jpg
1373 - http://www.envkh.gov.sd./c1234p/files/9900مارينا.jpg
1374 - http://www.envkh.gov.sd./default.jpg
1375 - http://www.envkh.gov.sd./docs.png
1376 - http://www.envkh.gov.sd./gallerystyle.css
1377 - http://www.envkh.gov.sd./menuscript.js
1378 - http://www.envkh.gov.sd./menustylesrtl.css
1379 - http://www.envkh.gov.sd./menustylesrtlindex.css
1380 - http://www.envkh.gov.sd./motiongallery.js
1381 - http://www.envkh.gov.sd./pdf/dangerous lug.pdf
1382 - http://www.envkh.gov.sd./pdf/law.pdf
1383 - http://www.envkh.gov.sd./pdf/oil selling.pdf
1384 - http://www.envkh.gov.sd./pdf/sample.pdf
1385 - http://www.envkh.gov.sd./pdf/tours.pdf
1386 - http://www.envkh.gov.sd./pdf/validation.pdf
1387 - http://www.envkh.gov.sd./pdf/water.pdf
1388 - http://www.envkh.gov.sd./press.jpg
1389 - http://www.envkh.gov.sd./resources/js/helperfunctions.js
1390 - http://www.envkh.gov.sd./resources/js/mootools.svn.js
1391 - http://www.envkh.gov.sd./resources/js/newsscroll.js
1392 - http://www.envkh.gov.sd./resources/js/scroll.js
1393 - http://www.envkh.gov.sd./resources/js/slidermenu.js
1394 Total links to files: 186
1395---------------------------------------------------------------------------------------------------------------------------------------
1396+ Externals links found:
1397
1398 - http://24timezones.com/js/swfobject.js
1399 - http://24timezones.com/timescript/maindata.js.php?city=795517
1400 - http://24timezones.com/world_directory/time_in_khartoum.php
1401 - http://code.jquery.com/jquery-latest.min.js
1402 - http://mail.envkh.gov.sd
1403 - http://mail.mofeca.gov.sd
1404 - http://myfla.gs/NEdRaC
1405 - http://s09.flagcounter.com/count/E38u/bg_FFFFFF/txt_7A7A7A/border_FFFFFF/columns_1/maxflags_10/viewers_3/labels_1/pageviews_1/flags_1/
1406 - http://www.calendarlabs.com/
1407 - http://www.calendarlabs.com/calendars/web-content/calendar.php?cid=1002&uid=1055734752&c=8&l=en&cbg=FFFFFF&cfg=000033&hfg=5C0201&hfg1=660033&ct=80&cb=0&cbc=99FF99&cf=verdana&cp=top&sw=0&hp=t&ib=0&ibc=5C0201&i=http://s16.postimage.org/g4v6v17x1/Untitled_2.jpg
1408 - http://www.islamicfinder.org/prayer_service.php?country=sudan&city=khartoum_province&state=29&zipcode=&latitude=15.7500&longitude=32.5000&timezone=3&HanfiShafi=1&pmethod=2&fajrTwilight1=10&fajrTwilight2=10&ishaTwilight=10&ishaInterval=30&dhuhrInterval=1&maghribInterval=1&dayLight=0&page_background=&table_background=&table_lines=&text_color=&link_color=&prayerFajr=&prayerSunrise=&prayerDhuhr=&prayerAsr=&prayerMaghrib=&prayerIsha=&lang=arabic
1409 - http://www.showmyweather.com/sd/khartoum/
1410 - http://www.showmyweather.com/weather_widget.php?int=1&type=js&country=sd&state=&city=Khartoum&smallicon=1¤t=1&forecast=1&background_color=ffffff&color=000000&width=175&padding=10&border_width=1&border_color=000000&font_size=11&font_family=Verdana&showicons=1&measure=&d=2012-06-05
1411 - https://maps.google.com/maps/ms?msa=0&msid=206633953676480171820.0004f465f234b4588fc33&hl=en&ie=UTF8&ll=15.588896,32.511892&spn=0,0&t=m&output=embed
1412 - https://maps.google.com/maps/ms?msa=0&msid=206633953676480171820.0004f465f234b4588fc33&hl=en&ie=UTF8&ll=15.588896,32.511892&spn=0,0&t=m&source=embed
1413 - https://plus.google.com/u/0/106643888572842676124/posts
1414 - https://www.facebook.com/envi.awareness?fref=ts
1415 - https://www.facebook.com/groups/1053385978039840/
1416 - https://www.facebook.com/pages/المجلس-الاعلي-للبيئة-و-الترقية-الحضرية/177130069051680
1417 - https://www.youtube.com/channel/UCus4F15CA0YmQonxs1qXyhw
1418 - https://www.youtube.com/channel/UCzPpxM8gKGwElqRis_4_rwA
1419 - https://www.youtube.com/watch?v=5z_CkBjteEk&feature=youtu.be
1420 - https://www.youtube.com/watch?v=mBSjBCqBplQ&feature=youtu.be
1421 Total external links: 24
1422
1423+ Email addresses found:
1424 Total email address found: 0
1425
1426+ Directories found:
1427 - http://www.envkh.gov.sd./SpryAssets/ (403 Forbidden)
1428 - http://www.envkh.gov.sd./android/ (No open folder)
1429 - http://www.envkh.gov.sd./ar.portal_files/ (404 Not Found)
1430 - http://www.envkh.gov.sd./assets/ (403 Forbidden)
1431 - http://www.envkh.gov.sd./c1234p/ (No open folder)
1432 - http://www.envkh.gov.sd./c1234p/files/ (403 Forbidden)
1433 - http://www.envkh.gov.sd./pdf/ (403 Forbidden)
1434 - http://www.envkh.gov.sd./resources/ (404 Not Found)
1435 - http://www.envkh.gov.sd./resources/js/ (404 Not Found)
1436 Total directories: 9
1437
1438+ Directory indexing found:
1439 Total directories with indexing: 0
1440
1441---------------------------------------------------------------------------------------------------------------------------------------
1442
1443
1444 + URL to crawl: https://webmail.envkh.gov.sd.
1445 + Date: 2019-06-21
1446
1447 + Crawling URL: https://webmail.envkh.gov.sd.:
1448 + Links:
1449 + Crawling https://webmail.envkh.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1450 + Searching for directories...
1451 + Searching open folders...
1452
1453
1454 + URL to crawl: https://f03-web02.nic.gov.sd
1455 + Date: 2019-06-21
1456
1457 + Crawling URL: https://f03-web02.nic.gov.sd:
1458 + Links:
1459 + Crawling https://f03-web02.nic.gov.sd ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1460 + Searching for directories...
1461 + Searching open folders...
1462
1463
1464 + URL to crawl: https://mail.envkh.gov.sd.
1465 + Date: 2019-06-21
1466
1467 + Crawling URL: https://mail.envkh.gov.sd.:
1468 + Links:
1469 + Crawling https://mail.envkh.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1470 + Searching for directories...
1471 + Searching open folders...
1472
1473
1474 + URL to crawl: https://www.envkh.gov.sd.
1475 + Date: 2019-06-21
1476
1477 + Crawling URL: https://www.envkh.gov.sd.:
1478 + Links:
1479 + Crawling https://www.envkh.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1480 + Searching for directories...
1481 + Searching open folders...
1482
1483
1484 + URL to crawl: https://webmail.envkh.gov.sd.:8443
1485 + Date: 2019-06-21
1486
1487 + Crawling URL: https://webmail.envkh.gov.sd.:8443:
1488 + Links:
1489 + Crawling https://webmail.envkh.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1490 + Searching for directories...
1491 + Searching open folders...
1492
1493
1494 + URL to crawl: https://f03-web02.nic.gov.sd:8443
1495 + Date: 2019-06-21
1496
1497 + Crawling URL: https://f03-web02.nic.gov.sd:8443:
1498 + Links:
1499 + Crawling https://f03-web02.nic.gov.sd:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1500 + Searching for directories...
1501 + Searching open folders...
1502
1503
1504 + URL to crawl: https://mail.envkh.gov.sd.:8443
1505 + Date: 2019-06-21
1506
1507 + Crawling URL: https://mail.envkh.gov.sd.:8443:
1508 + Links:
1509 + Crawling https://mail.envkh.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1510 + Searching for directories...
1511 + Searching open folders...
1512
1513
1514 + URL to crawl: https://www.envkh.gov.sd.:8443
1515 + Date: 2019-06-21
1516
1517 + Crawling URL: https://www.envkh.gov.sd.:8443:
1518 + Links:
1519 + Crawling https://www.envkh.gov.sd.:8443 ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1520 + Searching for directories...
1521 + Searching open folders...
1522
1523--Finished--
1524Summary information for domain envkh.gov.sd.
1525-----------------------------------------
1526
1527 Domain Ips Information:
1528 IP: 62.12.109.2
1529 HostName: ns0.ndc.gov.sd Type: NS
1530 Country: Sudan
1531 Zone Transfer: 4
1532 Is Active: True (reset ttl 64)
1533 Port: 53/tcp open domain syn-ack ttl 47 (unknown banner: you guess!)
1534 Script Info: | dns-nsid:
1535 Script Info: |_ bind.version: you guess!
1536 Script Info: | fingerprint-strings:
1537 Script Info: | DNSVersionBindReqTCP:
1538 Script Info: | version
1539 Script Info: | bind
1540 Script Info: |_ guess!
1541 IP: 62.12.109.3
1542 HostName: ns1.ndc.gov.sd Type: NS
1543 Country: Sudan
1544 Zone Transfer: 4
1545 Is Active: True (reset ttl 64)
1546 Port: 53/tcp open domain syn-ack ttl 47 (unknown banner: you guess!)
1547 Script Info: | dns-nsid:
1548 Script Info: |_ bind.version: you guess!
1549 Script Info: | fingerprint-strings:
1550 Script Info: | DNSVersionBindReqTCP:
1551 Script Info: | version
1552 Script Info: | bind
1553 Script Info: |_ guess!
1554 IP: 62.12.105.2
1555 HostName: f03-web02.nic.gov.sd Type: MX
1556 HostName: f03-web02.nic.gov.sd Type: PTR
1557 HostName: webmail.envkh.gov.sd. Type: A
1558 HostName: mail.envkh.gov.sd. Type: A
1559 HostName: www.envkh.gov.sd. Type: A
1560 Country: Sudan
1561 Is Active: True (reset ttl 64)
1562 Port: 21/tcp open tcpwrapped syn-ack ttl 46
1563 Port: 80/tcp open http syn-ack ttl 46 nginx
1564 Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
1565 Script Info: | http-methods:
1566 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1567 Script Info: |_http-server-header: nginx
1568 Script Info: |_http-title: Domain Default page
1569 Port: 110/tcp open pop3 syn-ack ttl 46 Dovecot pop3d
1570 Script Info: |_pop3-capabilities: CAPA PIPELINING UIDL USER TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES STLS AUTH-RESP-CODE APOP
1571 Script Info: |_ssl-date: TLS randomness does not represent time
1572 Port: 143/tcp open imap syn-ack ttl 46 Dovecot imapd
1573 Script Info: |_imap-capabilities: have AUTH=LOGIN AUTH=DIGEST-MD5 ENABLE IDLE LOGIN-REFERRALS IMAP4rev1 ID listed LITERAL+ AUTH=CRAM-MD5A0001 more AUTH=PLAIN Pre-login SASL-IR post-login capabilities OK STARTTLS
1574 Script Info: |_ssl-date: TLS randomness does not represent time
1575 Port: 443/tcp open ssl/http syn-ack ttl 46 nginx
1576 Script Info: |_http-server-header: nginx
1577 Script Info: |_http-title: 400 The plain HTTP request was sent to HTTPS port
1578 Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1579 Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1580 Script Info: | Public Key type: rsa
1581 Script Info: | Public Key bits: 2048
1582 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1583 Script Info: | Not valid before: 2016-04-20T02:40:27
1584 Script Info: | Not valid after: 2017-04-20T02:40:27
1585 Script Info: | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1586 Script Info: |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1587 Script Info: |_ssl-date: TLS randomness does not represent time
1588 Script Info: | tls-alpn:
1589 Script Info: |_ http/1.1
1590 Script Info: | tls-nextprotoneg:
1591 Script Info: |_ http/1.1
1592 Port: 993/tcp open ssl/imaps? syn-ack ttl 45
1593 Script Info: |_ssl-date: TLS randomness does not represent time
1594 Port: 995/tcp open ssl/pop3s? syn-ack ttl 46
1595 Script Info: |_ssl-date: TLS randomness does not represent time
1596 Port: 8443/tcp open ssl/http syn-ack ttl 45 sw-cp-server httpd (Plesk Onyx 17.5.3)
1597 Script Info: | http-methods:
1598 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1599 Script Info: |_http-server-header: sw-cp-server
1600 Script Info: |_http-title: Did not follow redirect to https://62.12.105.2:8443/
1601 Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1602 Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
1603 Script Info: | Public Key type: rsa
1604 Script Info: | Public Key bits: 2048
1605 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1606 Script Info: | Not valid before: 2016-04-20T02:40:27
1607 Script Info: | Not valid after: 2017-04-20T02:40:27
1608 Script Info: | MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
1609 Script Info: |_SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
1610 Script Info: |_ssl-date: TLS randomness does not represent time
1611 Script Info: | tls-nextprotoneg:
1612 Script Info: |_ http/1.1
1613 Os Info: Host: fo3-web02.nic.gov.sd
1614#######################################################################################################################################
1615
1616----- envkh.gov.sd -----
1617
1618
1619Host's addresses:
1620__________________
1621
1622envkh.gov.sd. 83076 IN A 62.12.105.2
1623
1624----------------
1625Wildcards test:
1626----------------
1627 good
1628
1629
1630Name Servers:
1631______________
1632
1633ns1.ndc.gov.sd. 11938 IN A 62.12.109.3
1634ns0.ndc.gov.sd. 11938 IN A 62.12.109.2
1635
1636
1637Mail (MX) Servers:
1638___________________
1639
1640f03-web02.nic.gov.sd. 84020 IN A 62.12.105.2
1641
1642
1643Trying Zone Transfers and getting Bind Versions:
1644_________________________________________________
1645
1646
1647Trying Zone Transfer for envkh.gov.sd on ns1.ndc.gov.sd ...
1648envkh.gov.sd. 86400 IN SOA (
1649envkh.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
1650envkh.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
1651envkh.gov.sd. 86400 IN A 62.12.105.2
1652envkh.gov.sd. 86400 IN MX 10
1653envkh.gov.sd. 86400 IN TXT "v=spf1
1654mail.envkh.gov.sd. 86400 IN A 62.12.105.2
1655mail.envkh.gov.sd. 86400 IN MX 10
1656webmail.envkh.gov.sd. 86400 IN CNAME mail.envkh.gov.sd.
1657www.envkh.gov.sd. 86400 IN A 62.12.105.2
1658
1659Trying Zone Transfer for envkh.gov.sd on ns0.ndc.gov.sd ...
1660envkh.gov.sd. 86400 IN SOA (
1661envkh.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
1662envkh.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
1663envkh.gov.sd. 86400 IN A 62.12.105.2
1664envkh.gov.sd. 86400 IN MX 10
1665envkh.gov.sd. 86400 IN TXT "v=spf1
1666mail.envkh.gov.sd. 86400 IN A 62.12.105.2
1667mail.envkh.gov.sd. 86400 IN MX 10
1668webmail.envkh.gov.sd. 86400 IN CNAME mail.envkh.gov.sd.
1669www.envkh.gov.sd. 86400 IN A 62.12.105.2
1670
1671brute force file not specified, bay.
1672#######################################################################################################################################
1673Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:42 EDT
1674Warning: 62.12.105.2 giving up on port because retransmission cap hit (2).
1675Nmap scan report for www.envkh.gov.sd (62.12.105.2)
1676Host is up (0.38s latency).
1677rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
1678Not shown: 281 filtered ports, 4 closed ports
1679Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1680PORT STATE SERVICE
16817/tcp open echo
16829/tcp open discard
168313/tcp open daytime
168421/tcp open ftp
168542/tcp open nameserver
168649/tcp open tacacs
168767/tcp open dhcps
168868/tcp open dhcpc
168969/tcp open tftp
169080/tcp open http
169185/tcp open mit-ml-dev
169288/tcp open kerberos-sec
1693109/tcp open pop2
1694110/tcp open pop3
1695123/tcp open ntp
1696137/tcp open netbios-ns
1697143/tcp open imap
1698161/tcp open snmp
1699264/tcp open bgmp
1700402/tcp open genie
1701407/tcp open timbuktu
1702443/tcp open https
1703446/tcp open ddm-rdb
1704500/tcp open isakmp
1705512/tcp open exec
1706515/tcp open printer
1707523/tcp open ibm-db2
1708540/tcp open uucp
1709548/tcp open afp
1710617/tcp open sco-dtmgr
1711689/tcp open nmap
1712705/tcp open agentx
1713831/tcp open netconf-beep
1714902/tcp open iss-realsecure
1715912/tcp open apex-mesh
1716921/tcp open unknown
1717993/tcp open imaps
1718995/tcp open pop3s
1719998/tcp open busboy
17201000/tcp open cadlock
17211030/tcp open iad1
17221098/tcp open rmiactivation
17231100/tcp open mctp
17241102/tcp open adobeserver-1
17251103/tcp open xaudio
17261129/tcp open saphostctrls
17271158/tcp open lsnr
17281199/tcp open dmidi
17291220/tcp open quicktime
17301234/tcp open hotline
17311241/tcp open nessus
17321311/tcp open rxmon
17331352/tcp open lotusnotes
17341433/tcp open ms-sql-s
17351440/tcp open eicon-slp
17361471/tcp open csdmbase
17371521/tcp open oracle
17381530/tcp open rap-service
17391582/tcp open msims
17402000/tcp open cisco-sccp
17412001/tcp open dc
17422049/tcp open nfs
17432067/tcp open dlswpn
17442103/tcp open zephyr-clt
17452199/tcp open onehome-help
17462207/tcp open hpssd
17472222/tcp open EtherNetIP-1
17482323/tcp open 3d-nfsd
17492362/tcp open digiman
17502381/tcp open compaq-https
17512638/tcp open sybase
17522967/tcp open symantec-av
17533037/tcp open hp-san-mgmt
17543050/tcp open gds_db
17553128/tcp open squid-http
17563200/tcp open tick-port
17573310/tcp open dyna-access
17583460/tcp open edm-manager
17593465/tcp open edm-mgr-cntrl
17603628/tcp open ept-machine
17613632/tcp open distccd
17623790/tcp open quickbooksrds
17634000/tcp open remoteanything
17644433/tcp open vop
17654444/tcp open krb524
17664445/tcp open upnotifyp
17674659/tcp open playsta2-lob
17684679/tcp open mgesupervision
17694800/tcp open iims
17704848/tcp open appserv-http
17715000/tcp open upnp
17725009/tcp open airport-admin
17735040/tcp open unknown
17745051/tcp open ida-agent
17755060/tcp open sip
17765061/tcp open sip-tls
17775093/tcp open sentinel-lm
17785250/tcp open soagateway
17795353/tcp open mdns
17805400/tcp open pcduo-old
17815433/tcp open pyrrho
17825520/tcp open sdlog
17835554/tcp open sgi-esphttp
17845580/tcp open tmosms0
17855632/tcp open pcanywherestat
17865666/tcp open nrpe
17875814/tcp open spt-automation
17885901/tcp open vnc-1
17895905/tcp open unknown
17905906/tcp open unknown
17915909/tcp open unknown
17925910/tcp open cm
17935920/tcp open unknown
17945985/tcp open wsman
17955986/tcp open wsmans
17965999/tcp open ncd-conf
17976000/tcp open X11
17986050/tcp open arcserve
17996060/tcp open x11
18006082/tcp open p25cai
18016112/tcp open dtspc
18026161/tcp open patrol-ism
18036379/tcp open redis
18046405/tcp open boe-pagesvr
18056502/tcp open netop-rc
18066503/tcp open boks_clntd
18076504/tcp open unknown
18086542/tcp open unknown
18096661/tcp open unknown
18106667/tcp open irc
18116789/tcp open ibm-db2-admin
18127001/tcp open afs3-callback
18137080/tcp open empowerid
18147144/tcp open unknown
18157181/tcp open janus-disc
18167210/tcp open unknown
18177272/tcp open watchme-7272
18187414/tcp open unknown
18197426/tcp open pmdmgr
18207510/tcp open ovhpas
18217580/tcp open unknown
18227700/tcp open em7-secom
18237770/tcp open unknown
18247777/tcp open cbt
18257778/tcp open interwise
18267879/tcp open unknown
18277890/tcp open unknown
18288000/tcp open http-alt
18298008/tcp open http
18308014/tcp open unknown
18318020/tcp open intu-ec-svcdisc
18328023/tcp open unknown
18338028/tcp open unknown
18348030/tcp open unknown
18358050/tcp open unknown
18368082/tcp open blackice-alerts
18378086/tcp open d-s-n
18388205/tcp open lm-instmgr
18398300/tcp open tmi
18408333/tcp open bitcoin
18418400/tcp open cvd
18428443/tcp open https-alt
18438444/tcp open pcsync-http
18448503/tcp open lsp-self-ping
18458642/tcp open unknown
18468812/tcp open unknown
18478834/tcp open nessus-xmlrpc
18488880/tcp open cddbp-alt
18498890/tcp open ddi-tcp-3
18508899/tcp open ospf-lite
18518903/tcp open unknown
18529005/tcp open golem
18539080/tcp open glrpc
18549084/tcp open aurora
18559090/tcp open zeus-admin
18569099/tcp open unknown
18579111/tcp open DragonIDSConsole
18589152/tcp open ms-sql2000
18599390/tcp open otp
18609495/tcp open unknown
18619500/tcp open ismserver
18629788/tcp open unknown
18639809/tcp open unknown
18649810/tcp open unknown
18659811/tcp open unknown
18669815/tcp open unknown
18679855/tcp open unknown
18689910/tcp open unknown
18699991/tcp open issa
187010000/tcp open snet-sensor-mgmt
187127017/tcp open mongod
1872
1873Nmap done: 1 IP address (1 host up) scanned in 77.26 seconds
1874#######################################################################################################################################
1875Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:43 EDT
1876Nmap scan report for www.envkh.gov.sd (62.12.105.2)
1877Host is up (0.17s latency).
1878rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
1879Not shown: 2 filtered ports
1880PORT STATE SERVICE
188153/udp open|filtered domain
188267/udp open|filtered dhcps
188368/udp open|filtered dhcpc
188469/udp open|filtered tftp
188588/udp open|filtered kerberos-sec
1886123/udp open|filtered ntp
1887139/udp open|filtered netbios-ssn
1888161/udp open|filtered snmp
1889162/udp open|filtered snmptrap
1890389/udp open|filtered ldap
1891520/udp open|filtered route
18922049/udp open|filtered nfs
1893
1894Nmap done: 1 IP address (1 host up) scanned in 2.95 seconds
1895#######################################################################################################################################
1896Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:43 EDT
1897Nmap scan report for www.envkh.gov.sd (62.12.105.2)
1898Host is up (0.34s latency).
1899rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
1900
1901PORT STATE SERVICE VERSION
190221/tcp open tcpwrapped
1903Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1904Device type: broadband router
1905Running (JUST GUESSING): OneAccess embedded (86%)
1906OS CPE: cpe:/h:oneaccess:1641
1907Aggressive OS guesses: OneAccess 1641 router (86%)
1908No exact OS matches for host (test conditions non-ideal).
1909Network Distance: 15 hops
1910
1911TRACEROUTE (using port 21/tcp)
1912HOP RTT ADDRESS
19131 172.16 ms 10.253.200.1
19142 173.35 ms 213.184.122.97
19153 167.96 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
19164 167.42 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
19175 227.93 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
19186 229.45 ms peer1.ldn1.flagtel.com (195.66.224.146)
19197 235.26 ms peer1.ldn1.flagtel.com (195.66.224.146)
19208 235.30 ms peer1.ldn1.flagtel.com (195.66.224.146)
19219 237.91 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
192210 330.27 ms 80.77.2.42
192311 334.27 ms 80.77.2.42
192412 341.97 ms 196.29.177.113
192513 374.10 ms 197.254.196.62
192614 340.73 ms 196.29.177.113
192715 369.92 ms f03-web02.nic.gov.sd (62.12.105.2)
1928
1929#######################################################################################################################################
1930http://www.envkh.gov.sd [200 OK] Email[info@krtstrategy.gov.sd], HTML5, HTTPServer[nginx], IP[62.12.105.2], JQuery, PHP[5.4.16,], Plesk[Lin], Script[text/javascript], Title[المجلس الأعلى للبيئة-ولاية الخرطوم], X-Powered-By[PHP/5.4.16, PleskLin], X-UA-Compatible[IE=edge], nginx
1931#######################################################################################################################################
1932
1933wig - WebApp Information Gatherer
1934
1935
1936Scanning http://www.envkh.gov.sd...
1937________________________________________ SITE INFO _________________________________________
1938IP Title
193962.12.105.2 المجلس الأعلى للبيئة-ولاية الخرطوم
1940
1941_________________________________________ VERSION __________________________________________
1942Name Versions Type
1943Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1944 2.4.9
1945nginx Platform
1946
1947_______________________________________ INTERESTING ________________________________________
1948URL Note Type
1949/test.html Test file Interesting
1950
1951____________________________________________________________________________________________
1952Time: 3.8 sec Urls: 887 Fingerprints: 40401
1953#######################################################################################################################################
1954HTTP/1.1 200 OK
1955Server: nginx
1956Date: Sat, 22 Jun 2019 02:58:02 GMT
1957Content-Type: text/html
1958Connection: keep-alive
1959X-Powered-By: PHP/5.4.16
1960X-Powered-By: PleskLin
1961
1962HTTP/1.1 200 OK
1963Server: nginx
1964Date: Sat, 22 Jun 2019 02:58:03 GMT
1965Content-Type: text/html
1966Connection: keep-alive
1967X-Powered-By: PHP/5.4.16
1968X-Powered-By: PleskLin
1969#######################################################################################################################################
1970Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:55 EDT
1971Nmap scan report for www.envkh.gov.sd (62.12.105.2)
1972Host is up (0.33s latency).
1973rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
1974
1975PORT STATE SERVICE VERSION
1976110/tcp open pop3 Dovecot pop3d
1977| pop3-brute:
1978| Accounts: No valid accounts found
1979|_ Statistics: Performed 211 guesses in 187 seconds, average tps: 1.1
1980|_pop3-capabilities: PIPELINING RESP-CODES CAPA UIDL STLS APOP AUTH-RESP-CODE SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER TOP
1981Too many fingerprints match this host to give specific OS details
1982Network Distance: 16 hops
1983Service Info: Host: fo3-web02.nic.gov.sd
1984
1985TRACEROUTE (using port 443/tcp)
1986HOP RTT ADDRESS
19871 167.15 ms 10.253.200.1
19882 171.90 ms 213.184.122.97
19893 167.32 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
19904 167.58 ms bzq-219-189-185.dsl.bezeqint.net (62.219.189.185)
19915 227.62 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
19926 224.01 ms bzq-219-189-2.dsl.bezeqint.net (62.219.189.2)
19937 381.77 ms xe-8-1-3.0.pjr03.ldn001.flagtel.com (85.95.26.242)
19948 235.07 ms peer1.ldn1.flagtel.com (195.66.224.146)
19959 361.45 ms xe-9-1-0.0.pjr04.ldn004.flagtel.com (85.95.27.197)
199610 241.92 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
199711 239.55 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
199812 345.08 ms 196.29.177.113
199913 373.34 ms 197.254.196.62
200014 378.73 ms 197.254.196.62
200115 374.67 ms 197.254.196.62
200216 368.32 ms f03-web02.nic.gov.sd (62.12.105.2)
2003#######################################################################################################################################
2004Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:01 EDT
2005Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2006Host is up (0.38s latency).
2007rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2008
2009PORT STATE SERVICE VERSION
2010137/tcp filtered netbios-ns
2011Too many fingerprints match this host to give specific OS details
2012Network Distance: 15 hops
2013
2014TRACEROUTE (using port 443/tcp)
2015HOP RTT ADDRESS
20161 168.74 ms 10.253.200.1
20172 170.15 ms 213.184.122.97
20183 168.96 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
20194 169.22 ms bzq-219-189-185.dsl.bezeqint.net (62.219.189.185)
20205 229.21 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
20216 189.55 ms bzq-219-189-2.dsl.bezeqint.net (62.219.189.2)
20227 235.89 ms peer1.ldn1.flagtel.com (195.66.224.146)
20238 239.51 ms xe-8-0-0.0.cjr04.prs001.flagtel.com (85.95.25.182)
20249 369.28 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
202510 366.27 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
202611 329.43 ms 80.77.2.42
202712 332.94 ms 80.77.2.42
202813 345.95 ms 196.29.177.113
202914 ...
203015 374.30 ms f03-web02.nic.gov.sd (62.12.105.2)
2031#######################################################################################################################################
2032Version: 1.11.13-static
2033OpenSSL 1.0.2-chacha (1.0.2g-dev)
2034
2035Connected to 62.12.105.2
2036
2037Testing SSL server www.envkh.gov.sd on port 443 using SNI name www.envkh.gov.sd
2038
2039 TLS Fallback SCSV:
2040Server supports TLS Fallback SCSV
2041
2042 TLS renegotiation:
2043Secure session renegotiation supported
2044
2045 TLS Compression:
2046Compression disabled
2047
2048 Heartbleed:
2049TLS 1.2 not vulnerable to heartbleed
2050TLS 1.1 not vulnerable to heartbleed
2051TLS 1.0 not vulnerable to heartbleed
2052
2053 Supported Server Cipher(s):
2054Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2055Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2056Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2057Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2058Accepted TLSv1.2 256 bits AES256-SHA256
2059Accepted TLSv1.2 256 bits AES256-SHA
2060Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2061Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2062Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2063Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2064Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2065Accepted TLSv1.2 128 bits AES128-SHA256
2066Accepted TLSv1.2 128 bits AES128-SHA
2067Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2068Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2069Accepted TLSv1.1 256 bits AES256-SHA
2070Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2071Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2072Accepted TLSv1.1 128 bits AES128-SHA
2073Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2074Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2075Accepted TLSv1.0 256 bits AES256-SHA
2076Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2077Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2078Accepted TLSv1.0 128 bits AES128-SHA
2079Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2080
2081 SSL Certificate:
2082Signature Algorithm: sha256WithRSAEncryption
2083RSA Key Strength: 2048
2084
2085Subject: Plesk
2086Issuer: Plesk
2087
2088Not valid before: Apr 20 02:40:27 2016 GMT
2089Not valid after: Apr 20 02:40:27 2017 GMT
2090#######################################################################################################################################
2091Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:03 EDT
2092Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2093Host is up.
2094rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2095
2096PORT STATE SERVICE VERSION
2097512/tcp filtered exec
2098Too many fingerprints match this host to give specific OS details
2099
2100TRACEROUTE (using proto 1/icmp)
2101HOP RTT ADDRESS
21021 166.60 ms 10.253.200.1
21032 167.84 ms 213.184.122.97
21043 166.71 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
21054 166.96 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
21065 168.44 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
21076 229.05 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
21087 235.01 ms peer1.ldn1.flagtel.com (195.66.224.146)
21098 367.90 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
21109 238.69 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
211110 368.70 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
211211 333.61 ms 80.77.2.42
211312 345.80 ms 196.29.177.113
211413 378.01 ms 197.254.196.62
211514 ... 30
2116#######################################################################################################################################
2117Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:03 EDT
2118Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2119Host is up.
2120rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2121
2122PORT STATE SERVICE VERSION
21231433/tcp filtered ms-sql-s
2124Too many fingerprints match this host to give specific OS details
2125
2126TRACEROUTE (using proto 1/icmp)
2127HOP RTT ADDRESS
21281 167.28 ms 10.253.200.1
21292 168.48 ms 213.184.122.97
21303 167.47 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
21314 167.52 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
21325 167.75 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
21336 229.53 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
21347 235.49 ms peer1.ldn1.flagtel.com (195.66.224.146)
21358 368.27 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
21369 238.70 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
213710 369.08 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
213811 334.15 ms 80.77.2.42
213912 346.14 ms 196.29.177.113
214013 379.39 ms 197.254.196.62
214114 ... 30
2142#######################################################################################################################################
2143Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:03 EDT
2144Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2145Host is up.
2146rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2147
2148PORT STATE SERVICE VERSION
21492049/tcp filtered nfs
2150Too many fingerprints match this host to give specific OS details
2151
2152TRACEROUTE (using proto 1/icmp)
2153HOP RTT ADDRESS
21541 167.34 ms 10.253.200.1
21552 168.68 ms 213.184.122.97
21563 167.38 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
21574 167.70 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
21585 167.94 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
21596 229.57 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
21607 236.75 ms peer1.ldn1.flagtel.com (195.66.224.146)
21618 368.97 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
21629 238.96 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
216310 370.17 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
216411 334.92 ms 80.77.2.42
216512 346.87 ms 196.29.177.113
216613 379.78 ms 197.254.196.62
216714 ... 30
2168#######################################################################################################################################
2169Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:09 EDT
2170Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2171Host is up.
2172rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2173
2174PORT STATE SERVICE VERSION
21753310/tcp filtered dyna-access
2176Too many fingerprints match this host to give specific OS details
2177
2178TRACEROUTE (using proto 1/icmp)
2179HOP RTT ADDRESS
21801 173.00 ms 10.253.200.1
21812 174.19 ms 213.184.122.97
21823 173.13 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
21834 173.17 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
21845 173.68 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
21856 235.46 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
21867 241.24 ms peer1.ldn1.flagtel.com (195.66.224.146)
21878 373.97 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
21889 245.12 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
218910 371.43 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
219011 337.55 ms 80.77.2.42
219112 349.49 ms 196.29.177.113
219213 381.67 ms 197.254.196.62
219314 ... 30
2194#######################################################################################################################################
2195Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:09 EDT
2196Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2197Host is up.
2198rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2199
2200PORT STATE SERVICE VERSION
22013128/tcp filtered squid-http
2202Too many fingerprints match this host to give specific OS details
2203
2204TRACEROUTE (using proto 1/icmp)
2205HOP RTT ADDRESS
22061 171.90 ms 10.253.200.1
22072 173.31 ms 213.184.122.97
22083 172.95 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
22094 172.36 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
22105 172.61 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
22116 228.63 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
22127 265.22 ms peer1.ldn1.flagtel.com (195.66.224.146)
22138 368.60 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
22149 237.66 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
221510 368.27 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
221611 334.17 ms 80.77.2.42
221712 346.09 ms 196.29.177.113
221813 378.43 ms 197.254.196.62
221914 ... 30
2220#######################################################################################################################################
2221Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:09 EDT
2222Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2223Host is up.
2224rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2225
2226PORT STATE SERVICE VERSION
22273632/tcp filtered distccd
2228Too many fingerprints match this host to give specific OS details
2229
2230TRACEROUTE (using proto 1/icmp)
2231HOP RTT ADDRESS
22321 172.37 ms 10.253.200.1
22332 173.51 ms 213.184.122.97
22343 172.76 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
22354 172.89 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
22365 173.42 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
22376 234.82 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
22387 276.66 ms peer1.ldn1.flagtel.com (195.66.224.146)
22398 374.11 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
22409 237.68 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
224110 368.58 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
224211 335.65 ms 80.77.2.42
224312 347.37 ms 196.29.177.113
224413 379.59 ms 197.254.196.62
224514 ... 30
2246#######################################################################################################################################
2247tee: /usr/share/sniper/loot//output/nmap-www.envkh.gov.sd-port6667.txt: Aucun fichier ou dossier de ce type
2248Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:10 EDT
2249Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2250Host is up.
2251rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2252
2253PORT STATE SERVICE VERSION
22546667/tcp filtered irc
2255Too many fingerprints match this host to give specific OS details
2256
2257TRACEROUTE (using proto 1/icmp)
2258HOP RTT ADDRESS
22591 168.41 ms 10.253.200.1
22602 169.83 ms 213.184.122.97
22613 169.88 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
22624 168.99 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
22635 173.82 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
22646 230.62 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
22657 275.23 ms peer1.ldn1.flagtel.com (195.66.224.146)
22668 371.28 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
22679 240.04 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
226810 371.07 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
226911 334.17 ms 80.77.2.42
227012 346.08 ms 196.29.177.113
227113 378.05 ms 197.254.196.62
227214 ... 30
2273#######################################################################################################################################
2274--------------------------------------------------------
2275<<<Yasuo discovered following vulnerable applications>>>
2276--------------------------------------------------------
2277+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2278| App Name | URL to Application | Potential Exploit | Username | Password |
2279+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2280| phpMyAdmin | https://62.12.105.2:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
2281+------------+--------------------------------------
2282######################################################################################################################################
2283---------------------------------------------------------------------------------------------------------------------------------------
2284
2285[1/25] /?sa=X
2286 [x] Error downloading /?sa=X
2287[2/25] /advanced_search
2288 [x] Error downloading /advanced_search
2289[3/25] http://www.envkh.gov.sd/pdf/sample.pdf
2290[4/25] http://www.envkh.gov.sd/pdf/water.pdf
2291[5/25] http://www.envkh.gov.sd/pdf/validation.pdf
2292[6/25] http://www.envkh.gov.sd/pdf/tours.pdf
2293[7/25] http://www.envkh.gov.sd/c1234p/files/9812%25D9%2582%25D8%25B1%25D8%25A7%25D8%25B1.pdf
2294 [x] Error in the parsing process
2295[8/25] http://www.envkh.gov.sd/pdf/oil%2520selling.pdf
2296 [x] Error in the parsing process
2297[9/25] http://www.envkh.gov.sd/pdf/dangerous%2520lug.pdf
2298---------------------------------------------------------------------------------------------------------------------------------------
2299
2300[+] List of users found:
2301---------------------------------------------------------------------------------------------------------------------------------------
2302IBIS
2303MRT
2304prom-sec
2305
2306[+] List of software found:
2307---------------------------------------------------------------------------------------------------------------------------------------
2308��Microsoft� Office Word 2007
2309
2310#######################################################################################################################################
2311
2312
2313[NOTE] Edit /root/.config/subfinder/config.json with your options !===============================================
2314-=Subfinder v1.1.3 github.com/subfinder/subfinder
2315===============================================
2316
2317
2318Running Source: Ask
2319Running Source: Archive.is
2320Running Source: Baidu
2321Running Source: Bing
2322Running Source: CertDB
2323Running Source: CertificateTransparency
2324Running Source: Certspotter
2325Running Source: Commoncrawl
2326Running Source: Crt.sh
2327Running Source: Dnsdb
2328Running Source: DNSDumpster
2329Running Source: DNSTable
2330Running Source: Dogpile
2331Running Source: Exalead
2332Running Source: Findsubdomains
2333Running Source: Googleter
2334Running Source: Hackertarget
2335Running Source: Ipv4Info
2336Running Source: PTRArchive
2337Running Source: Sitedossier
2338Running Source: Threatcrowd
2339Running Source: ThreatMiner
2340Running Source: WaybackArchive
2341Running Source: Yahoo
2342
2343Running enumeration on www.envkh.gov.sd
2344
2345dnsdb: Unexpected return status 503
2346
2347waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.www.envkh.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
2348
2349dogpile: Get https://www.dogpile.com/search/web?q=www.envkh.gov.sd&qsi=1: EOF
2350
2351ipv4info: <nil>
2352
2353
2354Starting Bruteforcing of www.envkh.gov.sd with 9985 words
2355
2356Total 1 Unique subdomains found for www.envkh.gov.sd
2357
2358.www.envkh.gov.sd
2359#######################################################################################################################################
2360[+] www.envkh.gov.sd has no SPF record!
2361INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): publicsuffix.org
2362[*] No DMARC record found. Looking for organizational record
2363[+] No organizational DMARC record
2364[+] Spoofing possible for www.envkh.gov.sd!
2365#######################################################################################################################################
2366dig: '.www.envkh.gov.sd' is not a legal name (empty label)
2367
2368SubOver v.1.2 Nizamul Rana (@Ice3man)
2369==================================================
2370
2371
2372[~] Enjoy your hunt !
2373[Not Vulnerable] .www.envkh.gov.sd
2374[Not Vulnerable] domain
2375[Not Vulnerable] www.envkh.gov.sd
2376#######################################################################################################################################
237762.12.96.0/20
237862.12.96.0/24
237962.12.97.0/24
238062.12.98.0/24
238162.12.99.0/24
238262.12.100.0/24
238362.12.101.0/24
238462.12.102.0/23
238562.12.104.0/24
238662.12.105.0/24
238762.12.106.0/24
238862.12.107.0/24
238962.12.108.0/24
239062.12.109.0/24
239162.12.110.0/24
239262.12.111.0/24
2393#######################################################################################################################################
2394Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:19 EDT
2395Warning: 62.12.105.2 giving up on port because retransmission cap hit (2).
2396Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2397Host is up (0.36s latency).
2398rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2399Not shown: 464 filtered ports, 4 closed ports
2400Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2401PORT STATE SERVICE
240221/tcp open ftp
240380/tcp open http
2404110/tcp open pop3
2405143/tcp open imap
2406443/tcp open https
2407993/tcp open imaps
2408995/tcp open pop3s
24098443/tcp open https-alt
2410
2411Nmap done: 1 IP address (1 host up) scanned in 135.71 seconds
2412#######################################################################################################################################
2413Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:21 EDT
2414Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2415Host is up (0.17s latency).
2416rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2417Not shown: 2 filtered ports
2418PORT STATE SERVICE
241953/udp open|filtered domain
242067/udp open|filtered dhcps
242168/udp open|filtered dhcpc
242269/udp open|filtered tftp
242388/udp open|filtered kerberos-sec
2424123/udp open|filtered ntp
2425139/udp open|filtered netbios-ssn
2426161/udp open|filtered snmp
2427162/udp open|filtered snmptrap
2428389/udp open|filtered ldap
2429520/udp open|filtered route
24302049/udp open|filtered nfs
2431
2432Nmap done: 1 IP address (1 host up) scanned in 2.85 seconds
2433#######################################################################################################################################
2434Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:22 EDT
2435Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2436Host is up (0.37s latency).
2437rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2438
2439PORT STATE SERVICE VERSION
244021/tcp open tcpwrapped
2441Too many fingerprints match this host to give specific OS details
2442Network Distance: 15 hops
2443
2444TRACEROUTE (using port 21/tcp)
2445HOP RTT ADDRESS
24461 174.27 ms 10.253.200.1
24472 175.48 ms 213.184.122.97
24483 174.43 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
24494 174.48 ms bzq-219-189-185.dsl.bezeqint.net (62.219.189.185)
24505 225.52 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
24516 174.97 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
24527 226.19 ms peer1.fra1.flagtel.com (80.81.192.64)
24538 255.98 ms xe-2-1-1.0.cjr04.prs001.flagtel.com (62.216.128.13)
24549 347.23 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
245510 344.84 ms 196.29.177.113
245611 367.34 ms 197.254.196.62
245712 337.36 ms 196.29.177.113
245813 368.05 ms 197.254.196.62
245914 372.26 ms 197.254.196.62
246015 366.42 ms f03-web02.nic.gov.sd (62.12.105.2)
2461#######################################################################################################################################
2462
2463wig - WebApp Information Gatherer
2464
2465
2466Scanning http://www.envkh.gov.sd...
2467_________________________________________ SITE INFO __________________________________________
2468IP Title
246962.12.105.2 المجلس الأعلى للبيئة-ولاية الخرطوم
2470
2471__________________________________________ VERSION ___________________________________________
2472Name Versions Type
2473Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2474 2.4.9
2475nginx Platform
2476
2477________________________________________ INTERESTING _________________________________________
2478URL Note Type
2479/test.html Test file Interesting
2480
2481______________________________________________________________________________________________
2482Time: 416.5 sec Urls: 885 Fingerprints: 40401
2483#######################################################################################################################################
2484HTTP/1.1 200 OK
2485Server: nginx
2486Date: Sat, 22 Jun 2019 02:45:27 GMT
2487Content-Type: text/html
2488Connection: keep-alive
2489X-Powered-By: PHP/5.4.16
2490X-Powered-By: PleskLin
2491
2492HTTP/1.1 200 OK
2493Server: nginx
2494Date: Sat, 22 Jun 2019 02:45:28 GMT
2495Content-Type: text/html
2496Connection: keep-alive
2497X-Powered-By: PHP/5.4.16
2498X-Powered-By: PleskLin
2499#######################################################################################################################################
2500Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:43 EDT
2501Nmap scan report for www.envkh.gov.sd (62.12.105.2)
2502Host is up (0.34s latency).
2503rDNS record for 62.12.105.2: f03-web02.nic.gov.sd
2504
2505PORT STATE SERVICE VERSION
2506110/tcp open pop3 Dovecot pop3d
2507| pop3-brute:
2508| Accounts: No valid accounts found
2509|_ Statistics: Performed 211 guesses in 188 seconds, average tps: 1.1
2510|_pop3-capabilities: TOP APOP CAPA STLS USER PIPELINING AUTH-RESP-CODE UIDL SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES
2511Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2512OS fingerprint not ideal because: Timing level 5 (Insane) used
2513No OS matches for host
2514Network Distance: 15 hops
2515Service Info: Host: fo3-web02.nic.gov.sd
2516
2517TRACEROUTE (using port 443/tcp)
2518HOP RTT ADDRESS
25191 170.38 ms 10.253.200.1
25202 171.94 ms 213.184.122.97
25213 170.62 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
25224 170.83 ms bzq-219-189-185.dsl.bezeqint.net (62.219.189.185)
25235 171.12 ms bzq-219-189-2.cablep.bezeqint.net (62.219.189.2)
25246 228.41 ms bzq-219-189-2.cablep.bezeqint.net (62.219.189.2)
25257 238.11 ms peer1.ldn1.flagtel.com (195.66.224.146)
25268 371.46 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
25279 368.42 ms xe-2-2-0.0.pjr03.ldn001.flagtel.com (62.216.128.113)
252810 371.49 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
252911 338.52 ms 80.77.2.42
253012 378.58 ms 197.254.196.62
253113 378.60 ms 197.254.196.62
253214 345.49 ms 196.29.177.113
253315 380.83 ms f03-web02.nic.gov.sd (62.12.105.2)
2534#######################################################################################################################################
2535Version: 1.11.13-static
2536OpenSSL 1.0.2-chacha (1.0.2g-dev)
2537
2538Connected to 62.12.105.2
2539
2540Testing SSL server www.envkh.gov.sd on port 443 using SNI name www.envkh.gov.sd
2541
2542 TLS Fallback SCSV:
2543Server supports TLS Fallback SCSV
2544
2545 TLS renegotiation:
2546Secure session renegotiation supported
2547
2548 TLS Compression:
2549Compression disabled
2550
2551 Heartbleed:
2552TLS 1.2 not vulnerable to heartbleed
2553TLS 1.1 not vulnerable to heartbleed
2554TLS 1.0 not vulnerable to heartbleed
2555
2556 Supported Server Cipher(s):
2557Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2558Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2559Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2560Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2561Accepted TLSv1.2 256 bits AES256-SHA256
2562Accepted TLSv1.2 256 bits AES256-SHA
2563Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2564Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2565Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2566Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2567Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2568Accepted TLSv1.2 128 bits AES128-SHA256
2569Accepted TLSv1.2 128 bits AES128-SHA
2570Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2571Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2572Accepted TLSv1.1 256 bits AES256-SHA
2573Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2574Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2575Accepted TLSv1.1 128 bits AES128-SHA
2576Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2577Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2578Accepted TLSv1.0 256 bits AES256-SHA
2579Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2580Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2581Accepted TLSv1.0 128 bits AES128-SHA
2582Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2583
2584 SSL Certificate:
2585Signature Algorithm: sha256WithRSAEncryption
2586RSA Key Strength: 2048
2587
2588Subject: Plesk
2589Issuer: Plesk
2590
2591Not valid before: Apr 20 02:40:27 2016 GMT
2592Not valid after: Apr 20 02:40:27 2017 GMT
2593#######################################################################################################################################
2594--------------------------------------------------------
2595<<<Yasuo discovered following vulnerable applications>>>
2596--------------------------------------------------------
2597+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2598| App Name | URL to Application | Potential Exploit | Username | Password |
2599+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2600| phpMyAdmin | https://62.12.105.2:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
2601+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2602#######################################################################################################################################
2603Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:20 EDT
2604Warning: 62.12.105.2 giving up on port because retransmission cap hit (2).
2605Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2606Host is up (0.37s latency).
2607Not shown: 464 filtered ports, 4 closed ports
2608Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2609PORT STATE SERVICE
261021/tcp open ftp
261180/tcp open http
2612110/tcp open pop3
2613143/tcp open imap
2614443/tcp open https
2615993/tcp open imaps
2616995/tcp open pop3s
26178443/tcp open https-alt
2618
2619Nmap done: 1 IP address (1 host up) scanned in 150.48 seconds
2620#######################################################################################################################################
2621Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:23 EDT
2622Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2623Host is up (0.17s latency).
2624Not shown: 2 filtered ports
2625PORT STATE SERVICE
262653/udp open|filtered domain
262767/udp open|filtered dhcps
262868/udp open|filtered dhcpc
262969/udp open|filtered tftp
263088/udp open|filtered kerberos-sec
2631123/udp open|filtered ntp
2632139/udp open|filtered netbios-ssn
2633161/udp open|filtered snmp
2634162/udp open|filtered snmptrap
2635389/udp open|filtered ldap
2636520/udp open|filtered route
26372049/udp open|filtered nfs
2638
2639Nmap done: 1 IP address (1 host up) scanned in 3.99 seconds
2640#######################################################################################################################################
2641Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:23 EDT
2642Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2643Host is up (0.33s latency).
2644
2645PORT STATE SERVICE VERSION
264621/tcp open tcpwrapped
2647Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2648Device type: specialized|WAP|phone
2649Running: iPXE 1.X, Linux 2.4.X|2.6.X, Sony Ericsson embedded
2650OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:sonyericsson:u8i_vivaz
2651OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
2652Network Distance: 13 hops
2653
2654TRACEROUTE (using port 21/tcp)
2655HOP RTT ADDRESS
26561 172.42 ms 10.253.200.1
26572 173.82 ms 213.184.122.97
26583 167.39 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
26594 167.45 ms bzq-219-189-185.cablep.bezeqint.net (62.219.189.185)
26605 217.31 ms bzq-179-124-249.cust.bezeqint.net (212.179.124.249)
26616 217.28 ms bzq-179-124-249.cust.bezeqint.net (212.179.124.249)
26627 264.49 ms xe-2-1-1.0.cjr04.prs001.flagtel.com (62.216.128.13)
26638 256.11 ms xe-2-1-1.0.cjr04.prs001.flagtel.com (62.216.128.13)
26649 344.90 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
266510 347.57 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
266611 326.48 ms 80.77.2.42
266712 ...
266813 362.88 ms f03-web02.nic.gov.sd (62.12.105.2)
2669#######################################################################################################################################
2670Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:35 EDT
2671Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2672Host is up.
2673
2674PORT STATE SERVICE VERSION
267567/udp open|filtered dhcps
2676|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2677Too many fingerprints match this host to give specific OS details
2678
2679TRACEROUTE (using proto 1/icmp)
2680HOP RTT ADDRESS
26811 172.49 ms 10.253.200.1
26822 174.14 ms 213.184.122.97
26833 177.74 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
26844 172.95 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
26855 167.19 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
26866 229.23 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
26877 235.01 ms peer1.ldn1.flagtel.com (195.66.224.146)
26888 367.92 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
26899 238.66 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
269010 368.74 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
269111 334.33 ms 80.77.2.42
269212 346.38 ms 196.29.177.113
269313 378.73 ms 197.254.196.62
269414 ... 30
2695#######################################################################################################################################
2696Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:37 EDT
2697Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2698Host is up.
2699
2700PORT STATE SERVICE VERSION
270168/udp open|filtered dhcpc
2702Too many fingerprints match this host to give specific OS details
2703
2704TRACEROUTE (using proto 1/icmp)
2705HOP RTT ADDRESS
27061 172.83 ms 10.253.200.1
27072 173.65 ms 213.184.122.97
27083 172.90 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
27094 167.14 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
27105 167.22 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
27116 228.51 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
27127 234.57 ms peer1.ldn1.flagtel.com (195.66.224.146)
27138 367.48 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
27149 238.75 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
271510 368.36 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
271611 335.72 ms 80.77.2.42
271712 347.67 ms 196.29.177.113
271813 379.67 ms 197.254.196.62
271914 ... 30
2720#######################################################################################################################################
2721Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:39 EDT
2722Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2723Host is up.
2724
2725PORT STATE SERVICE VERSION
272669/udp open|filtered tftp
2727Too many fingerprints match this host to give specific OS details
2728
2729TRACEROUTE (using proto 1/icmp)
2730HOP RTT ADDRESS
27311 172.79 ms 10.253.200.1
27322 173.93 ms 213.184.122.97
27333 172.86 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
27344 174.91 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
27355 173.91 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
27366 235.24 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
27377 241.02 ms peer1.ldn1.flagtel.com (195.66.224.146)
27388 374.87 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
27399 246.26 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
274010 374.97 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
274111 335.63 ms 80.77.2.42
274212 347.62 ms 196.29.177.113
274313 379.62 ms 197.254.196.62
274414 ... 30
2745#######################################################################################################################################
2746wig - WebApp Information Gatherer
2747
2748
2749Scanning http://62.12.105.2...
2750_________________________________________ SITE INFO __________________________________________
2751IP Title
275262.12.105.2 Domain Default page
2753
2754__________________________________________ VERSION ___________________________________________
2755Name Versions Type
2756Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2757 2.4.9
2758nginx Platform
2759
2760______________________________________________________________________________________________
2761Time: 204.5 sec Urls: 801 Fingerprints: 40401
2762#######################################################################################################################################
2763HTTP/1.1 200 OK
2764Server: nginx
2765Date: Sat, 22 Jun 2019 02:47:54 GMT
2766Content-Type: text/html
2767Content-Length: 3750
2768Connection: keep-alive
2769Last-Modified: Wed, 07 Feb 2018 11:25:44 GMT
2770ETag: "ea6-5649d8e57844b"
2771Accept-Ranges: bytes
2772
2773HTTP/1.1 200 OK
2774Server: nginx
2775Date: Sat, 22 Jun 2019 02:47:54 GMT
2776Content-Type: text/html
2777Content-Length: 3750
2778Connection: keep-alive
2779Last-Modified: Wed, 07 Feb 2018 11:25:44 GMT
2780ETag: "ea6-5649d8e57844b"
2781Accept-Ranges: bytes
2782
2783Allow: OPTIONS,GET,HEAD,POST
2784#######################################################################################################################################
2785Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:45 EDT
2786Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2787Host is up (0.34s latency).
2788
2789PORT STATE SERVICE VERSION
2790110/tcp open pop3 Dovecot pop3d
2791| pop3-brute:
2792| Accounts: No valid accounts found
2793|_ Statistics: Performed 175 guesses in 185 seconds, average tps: 0.7
2794|_pop3-capabilities: AUTH-RESP-CODE UIDL APOP TOP STLS RESP-CODES PIPELINING CAPA USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5)
2795Too many fingerprints match this host to give specific OS details
2796Network Distance: 15 hops
2797Service Info: Host: fo3-web02.nic.gov.sd
2798
2799TRACEROUTE (using port 443/tcp)
2800HOP RTT ADDRESS
28011 167.12 ms 10.253.200.1
28022 168.53 ms 213.184.122.97
28033 167.27 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
28044 167.58 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
28055 167.80 ms bzq-219-189-2.dsl.bezeqint.net (62.219.189.2)
28066 229.79 ms bzq-219-189-6.cablep.bezeqint.net (62.219.189.6)
28077 370.91 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
28088 241.64 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
28099 237.83 ms xe-8-2-2.0.cjr04.prs001.flagtel.com (85.95.27.69)
281010 368.19 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
281111 242.75 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
281212 376.93 ms 197.254.196.62
281313 ... 14
281415 371.88 ms f03-web02.nic.gov.sd (62.12.105.2)
2815#######################################################################################################################################
2816Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:49 EDT
2817Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2818Host is up.
2819
2820PORT STATE SERVICE VERSION
2821123/udp open|filtered ntp
2822Too many fingerprints match this host to give specific OS details
2823
2824TRACEROUTE (using proto 1/icmp)
2825HOP RTT ADDRESS
28261 171.77 ms 10.253.200.1
28272 173.12 ms 213.184.122.97
28283 173.53 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
28294 172.36 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
28305 172.39 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
28316 236.80 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
28327 240.60 ms peer1.ldn1.flagtel.com (195.66.224.146)
28338 373.14 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
28349 243.19 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
283510 373.84 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
283611 335.29 ms 80.77.2.42
283712 347.30 ms 196.29.177.113
283813 379.37 ms 197.254.196.62
283914 ... 30
2840#######################################################################################################################################
2841Version: 1.11.13-static
2842OpenSSL 1.0.2-chacha (1.0.2g-dev)
2843
2844Connected to 62.12.105.2
2845
2846Testing SSL server 62.12.105.2 on port 443 using SNI name 62.12.105.2
2847
2848 TLS Fallback SCSV:
2849Server supports TLS Fallback SCSV
2850
2851 TLS renegotiation:
2852Secure session renegotiation supported
2853
2854 TLS Compression:
2855Compression disabled
2856
2857 Heartbleed:
2858TLS 1.2 not vulnerable to heartbleed
2859TLS 1.1 not vulnerable to heartbleed
2860TLS 1.0 not vulnerable to heartbleed
2861
2862 Supported Server Cipher(s):
2863Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2864Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2865Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2866Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2867Accepted TLSv1.2 256 bits AES256-SHA256
2868Accepted TLSv1.2 256 bits AES256-SHA
2869Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2870Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2871Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2872Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2873Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2874Accepted TLSv1.2 128 bits AES128-SHA256
2875Accepted TLSv1.2 128 bits AES128-SHA
2876Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2877Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2878Accepted TLSv1.1 256 bits AES256-SHA
2879Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2880Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2881Accepted TLSv1.1 128 bits AES128-SHA
2882Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2883Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2884Accepted TLSv1.0 256 bits AES256-SHA
2885Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2886Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2887Accepted TLSv1.0 128 bits AES128-SHA
2888Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2889
2890 SSL Certificate:
2891Signature Algorithm: sha256WithRSAEncryption
2892RSA Key Strength: 2048
2893
2894Subject: Plesk
2895Issuer: Plesk
2896
2897Not valid before: Apr 20 02:40:27 2016 GMT
2898Not valid after: Apr 20 02:40:27 2017 GMT
2899#######################################################################################################################################
2900--------------------------------------------------------
2901<<<Yasuo discovered following vulnerable applications>>>
2902--------------------------------------------------------
2903+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2904| App Name | URL to Application | Potential Exploit | Username | Password |
2905+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2906| phpMyAdmin | https://62.12.105.2:8443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | None | None |
2907+------------+--------------------------------------+--------------------------------------------------+----------+----------+
2908#######################################################################################################################################
2909Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-21 23:59 EDT
2910NSE: Loaded 148 scripts for scanning.
2911NSE: Script Pre-scanning.
2912NSE: Starting runlevel 1 (of 2) scan.
2913Initiating NSE at 23:59
2914Completed NSE at 23:59, 0.00s elapsed
2915NSE: Starting runlevel 2 (of 2) scan.
2916Initiating NSE at 23:59
2917Completed NSE at 23:59, 0.00s elapsed
2918Initiating Ping Scan at 23:59
2919Scanning 62.12.105.2 [4 ports]
2920Completed Ping Scan at 23:59, 0.41s elapsed (1 total hosts)
2921Initiating Parallel DNS resolution of 1 host. at 23:59
2922Completed Parallel DNS resolution of 1 host. at 23:59, 0.03s elapsed
2923Initiating Connect Scan at 23:59
2924Scanning f03-web02.nic.gov.sd (62.12.105.2) [65535 ports]
2925Discovered open port 21/tcp on 62.12.105.2
2926Discovered open port 80/tcp on 62.12.105.2
2927Discovered open port 995/tcp on 62.12.105.2
2928Discovered open port 443/tcp on 62.12.105.2
2929Discovered open port 993/tcp on 62.12.105.2
2930Discovered open port 143/tcp on 62.12.105.2
2931Discovered open port 110/tcp on 62.12.105.2
2932Connect Scan Timing: About 4.24% done; ETC: 00:12 (0:11:40 remaining)
2933Connect Scan Timing: About 19.74% done; ETC: 00:05 (0:04:08 remaining)
2934Connect Scan Timing: About 42.66% done; ETC: 00:03 (0:02:02 remaining)
2935Connect Scan Timing: About 70.16% done; ETC: 00:02 (0:00:51 remaining)
2936Completed Connect Scan at 00:02, 149.10s elapsed (65535 total ports)
2937Initiating Service scan at 00:02
2938Scanning 7 services on f03-web02.nic.gov.sd (62.12.105.2)
2939Completed Service scan at 00:02, 14.75s elapsed (7 services on 1 host)
2940Initiating OS detection (try #1) against f03-web02.nic.gov.sd (62.12.105.2)
2941Retrying OS detection (try #2) against f03-web02.nic.gov.sd (62.12.105.2)
2942WARNING: OS didn't match until try #2
2943Initiating Traceroute at 00:02
2944Completed Traceroute at 00:02, 6.40s elapsed
2945Initiating Parallel DNS resolution of 13 hosts. at 00:02
2946Completed Parallel DNS resolution of 13 hosts. at 00:02, 0.30s elapsed
2947NSE: Script scanning 62.12.105.2.
2948NSE: Starting runlevel 1 (of 2) scan.
2949Initiating NSE at 00:02
2950NSE Timing: About 99.06% done; ETC: 00:03 (0:00:00 remaining)
2951NSE Timing: About 99.16% done; ETC: 00:03 (0:00:01 remaining)
2952NSE Timing: About 99.48% done; ETC: 00:04 (0:00:00 remaining)
2953NSE Timing: About 99.90% done; ETC: 00:04 (0:00:00 remaining)
2954Completed NSE at 00:05, 139.64s elapsed
2955NSE: Starting runlevel 2 (of 2) scan.
2956Initiating NSE at 00:05
2957Completed NSE at 00:05, 0.77s elapsed
2958Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
2959Host is up, received syn-ack ttl 47 (0.16s latency).
2960Scanned at 2019-06-21 23:59:54 EDT for 323s
2961Not shown: 65524 filtered ports
2962Reason: 65523 no-responses and 1 host-unreach
2963PORT STATE SERVICE REASON VERSION
296421/tcp open tcpwrapped syn-ack
296525/tcp closed smtp conn-refused
296680/tcp open http syn-ack nginx
2967|_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
2968| http-methods:
2969|_ Supported Methods: OPTIONS GET HEAD POST
2970|_http-server-header: nginx
2971|_http-title: Domain Default page
2972110/tcp open pop3 syn-ack Dovecot pop3d
2973|_pop3-capabilities: AUTH-RESP-CODE CAPA USER STLS RESP-CODES UIDL SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) PIPELINING APOP TOP
2974|_ssl-date: TLS randomness does not represent time
2975113/tcp closed ident conn-refused
2976139/tcp closed netbios-ssn conn-refused
2977143/tcp open imap syn-ack Dovecot imapd
2978|_imap-capabilities: AUTH=CRAM-MD5A0001 capabilities AUTH=DIGEST-MD5 IDLE OK AUTH=PLAIN ENABLE listed LOGIN-REFERRALS AUTH=LOGIN have Pre-login STARTTLS ID post-login IMAP4rev1 more SASL-IR LITERAL+
2979|_ssl-date: TLS randomness does not represent time
2980443/tcp open ssl/http syn-ack nginx
2981|_http-server-header: nginx
2982|_http-title: 400 The plain HTTP request was sent to HTTPS port
2983| ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
2984| Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/emailAddress=info@plesk.com/localityName=Seattle
2985| Public Key type: rsa
2986| Public Key bits: 2048
2987| Signature Algorithm: sha256WithRSAEncryption
2988| Not valid before: 2016-04-20T02:40:27
2989| Not valid after: 2017-04-20T02:40:27
2990| MD5: a38f 7308 6ca0 a95d 2faa d3f0 6cb4 5553
2991| SHA-1: 1479 6658 f803 6987 8f42 5473 9eaf 97e1 50dd 2d68
2992| -----BEGIN CERTIFICATE-----
2993| MIIDfTCCAmUCBFcW7BswDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
2994| EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
2995| ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
2996| CQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDQyMDAyNDAyN1oXDTE3MDQyMDAyNDAy
2997| N1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
2998| EwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE
2999| AxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq
3000| hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZDNfEWzRPuiKR6QpFWONPYHX+Pl6rwn
3001| 6ctlVkGd2xcdnPKqzuL8z06rprVz1ro/kK7O9Xna4YfMzqoZjanxdzvjg5936PKF
3002| jjf5+AA4mmbD1SD1wFCE4+U4PnE2lz/Ae/Nj5wSLK1xAL3zitACHRLTXs3a4GMQC
3003| Q1LD36PSzhTl2EhDgQbSK+HB3YqsuJ8tKvn7P4qIGTZJ+HPikTXZ2e+bztPJGN4H
3004| iL16zcL5F8DcIKuRx6qpmGjji8As/JsNLckYD0O8CFWZHNjbAniQ+c64Umif9UrD
3005| IMcNJ3sgChQA7o8A1Qlu63FqJWGwxKlnPGt94tRpTUT1SGDCCMTTTwIDAQABMA0G
3006| CSqGSIb3DQEBCwUAA4IBAQAmNWQp2HI7DaKdIhVqqviur4Z852Z1RCrqWXMl95DP
3007| vtMpgRNrfdqC33xw627iWLJo4vKLvFK0OBgZ6O1gcLhcOeTGGbJLykhNjiPd0YU1
3008| oIg7G6HWKeQ30q2FTv43qoc1s6uiuflihbctsF7tnLxMXQcZO3nwWkkLcuQtMDFS
3009| RAkfBKbIoI/36MFs4GUh/nS78k9b3RgnSWwAD7DQi2+FrVr712EelRT627XIDp0U
3010| t3D2RhpH0SqBX1ncmzF5P9wll3Yqoy0nrJOpXXEf3nP9LyTBA2imWclm4NHaBVat
3011| CfsxXtJeFHpedfALThLxsTPAz/fsZoMC4s4N/ViMbF62
3012|_-----END CERTIFICATE-----
3013|_ssl-date: TLS randomness does not represent time
3014| tls-alpn:
3015|_ http/1.1
3016| tls-nextprotoneg:
3017|_ http/1.1
3018445/tcp closed microsoft-ds conn-refused
3019993/tcp open ssl/imaps? syn-ack
3020|_ssl-date: TLS randomness does not represent time
3021995/tcp open ssl/pop3s? syn-ack
3022|_ssl-date: TLS randomness does not represent time
3023Device type: general purpose
3024Running: Linux 2.6.X
3025OS CPE: cpe:/o:linux:linux_kernel:2.6
3026OS details: Linux 2.6.18 - 2.6.22
3027TCP/IP fingerprint:
3028OS:SCAN(V=7.70%E=4%D=6/22%OT=80%CT=25%CU=%PV=N%G=N%TM=5D0DA8FD%P=x86_64-pc-
3029OS:linux-gnu)SEQ(SP=100%GCD=1%ISR=107%TI=Z%CI=Z%TS=A)SEQ(CI=Z)OPS(O1=M44FST
3030OS:11NW7%O2=M44FST11NW7%O3=M44FNNT11NW7%O4=M44FST11NW7%O5=M44FST11NW7%O6=M4
3031OS:4FST11)WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)ECN(R=Y%DF=Y%
3032OS:TG=40%W=7210%O=M44FNNSNW7%CC=Y%Q=)ECN(R=N)T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=A
3033OS:S%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD
3034OS:=0%Q=)T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=N)IE(R=N)
3035
3036Service Info: Host: fo3-web02.nic.gov.sd
3037
3038TRACEROUTE (using proto 1/icmp)
3039HOP RTT ADDRESS
30401 172.82 ms 10.253.200.1
30412 174.00 ms 213.184.122.97
30423 172.88 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
30434 173.22 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
30445 173.26 ms bzq-179-124-82.cust.bezeqint.net (212.179.124.82)
30456 234.96 ms bzq-219-189-30.dsl.bezeqint.net (62.219.189.30)
30467 234.79 ms peer1.ldn1.flagtel.com (195.66.224.146)
30478 367.95 ms xe-9-0-0.0.pjr04.ldn001.flagtel.com (85.95.25.9)
30489 242.41 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
304910 368.50 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
305011 334.12 ms 80.77.2.42
305112 346.09 ms 196.29.177.113
305213 378.19 ms 197.254.196.62
305314 ... 30
3054
3055NSE: Script Post-scanning.
3056NSE: Starting runlevel 1 (of 2) scan.
3057Initiating NSE at 00:05
3058Completed NSE at 00:05, 0.00s elapsed
3059NSE: Starting runlevel 2 (of 2) scan.
3060Initiating NSE at 00:05
3061Completed NSE at 00:05, 0.00s elapsed
3062Read data files from: /usr/bin/../share/nmap
3063OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3064Nmap done: 1 IP address (1 host up) scanned in 323.83 seconds
3065 Raw packets sent: 186 (12.688KB) | Rcvd: 208 (40.300KB)
3066#######################################################################################################################################
3067Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-22 00:05 EDT
3068NSE: Loaded 148 scripts for scanning.
3069NSE: Script Pre-scanning.
3070Initiating NSE at 00:05
3071Completed NSE at 00:05, 0.00s elapsed
3072Initiating NSE at 00:05
3073Completed NSE at 00:05, 0.00s elapsed
3074Initiating Parallel DNS resolution of 1 host. at 00:05
3075Completed Parallel DNS resolution of 1 host. at 00:05, 0.02s elapsed
3076Initiating UDP Scan at 00:05
3077Scanning f03-web02.nic.gov.sd (62.12.105.2) [14 ports]
3078Completed UDP Scan at 00:05, 3.37s elapsed (14 total ports)
3079Initiating Service scan at 00:05
3080Scanning 12 services on f03-web02.nic.gov.sd (62.12.105.2)
3081Service scan Timing: About 8.33% done; ETC: 00:24 (0:17:58 remaining)
3082Completed Service scan at 00:07, 102.58s elapsed (12 services on 1 host)
3083Initiating OS detection (try #1) against f03-web02.nic.gov.sd (62.12.105.2)
3084Retrying OS detection (try #2) against f03-web02.nic.gov.sd (62.12.105.2)
3085Initiating Traceroute at 00:07
3086Completed Traceroute at 00:07, 7.19s elapsed
3087Initiating Parallel DNS resolution of 1 host. at 00:07
3088Completed Parallel DNS resolution of 1 host. at 00:07, 0.00s elapsed
3089NSE: Script scanning 62.12.105.2.
3090Initiating NSE at 00:07
3091Completed NSE at 00:07, 20.34s elapsed
3092Initiating NSE at 00:07
3093Completed NSE at 00:07, 1.55s elapsed
3094Nmap scan report for f03-web02.nic.gov.sd (62.12.105.2)
3095Host is up (0.17s latency).
3096
3097PORT STATE SERVICE VERSION
309853/udp open|filtered domain
309967/udp open|filtered dhcps
310068/udp open|filtered dhcpc
310169/udp open|filtered tftp
310288/udp open|filtered kerberos-sec
3103123/udp open|filtered ntp
3104137/udp filtered netbios-ns
3105138/udp filtered netbios-dgm
3106139/udp open|filtered netbios-ssn
3107161/udp open|filtered snmp
3108162/udp open|filtered snmptrap
3109389/udp open|filtered ldap
3110520/udp open|filtered route
31112049/udp open|filtered nfs
3112Too many fingerprints match this host to give specific OS details
3113
3114TRACEROUTE (using port 137/udp)
3115HOP RTT ADDRESS
31161 167.67 ms 10.253.200.1
31172 ... 3
31184 166.30 ms 10.253.200.1
31195 168.26 ms 10.253.200.1
31206 168.25 ms 10.253.200.1
31217 168.24 ms 10.253.200.1
31228 168.20 ms 10.253.200.1
31239 168.06 ms 10.253.200.1
312410 168.08 ms 10.253.200.1
312511 ... 18
312619 166.83 ms 10.253.200.1
312720 167.52 ms 10.253.200.1
312821 ... 28
312929 167.42 ms 10.253.200.1
313030 167.36 ms 10.253.200.1
3131
3132NSE: Script Post-scanning.
3133Initiating NSE at 00:07
3134Completed NSE at 00:07, 0.00s elapsed
3135Initiating NSE at 00:07
3136Completed NSE at 00:07, 0.00s elapsed
3137Read data files from: /usr/bin/../share/nmap
3138OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3139Nmap done: 1 IP address (1 host up) scanned in 142.49 seconds
3140 Raw packets sent: 146 (13.536KB) | Rcvd: 110 (19.173KB)
3141#######################################################################################################################################
3142Hosts
3143=======================================================================================================================================
3144
3145address mac name os_name os_flavor os_sp purpose info comments
3146------- --- ---- ------- --------- ----- ------- ---- --------
314762.12.105.2 f03-web02.nic.gov.sd Linux 2.6.X server
3148
3149Services
3150=======================================================================================================================================
3151
3152host port proto name state info
3153---- ---- ----- ---- ----- ----
315462.12.105.2 7 tcp echo open
315562.12.105.2 9 tcp discard open
315662.12.105.2 13 tcp daytime open
315762.12.105.2 21 tcp tcpwrapped open
315862.12.105.2 25 tcp smtp closed
315962.12.105.2 42 tcp nameserver open
316062.12.105.2 49 tcp tacacs open
316162.12.105.2 53 udp domain unknown
316262.12.105.2 67 tcp dhcps open
316362.12.105.2 67 udp dhcps unknown
316462.12.105.2 68 tcp dhcpc open
316562.12.105.2 68 udp dhcpc unknown
316662.12.105.2 69 tcp tftp open
316762.12.105.2 69 udp tftp unknown
316862.12.105.2 80 tcp http open nginx
316962.12.105.2 85 tcp mit-ml-dev open
317062.12.105.2 88 tcp kerberos-sec open
317162.12.105.2 88 udp kerberos-sec unknown
317262.12.105.2 109 tcp pop2 open
317362.12.105.2 110 tcp pop3 open Dovecot pop3d
317462.12.105.2 113 tcp ident closed
317562.12.105.2 123 tcp ntp open
317662.12.105.2 123 udp ntp unknown
317762.12.105.2 137 tcp netbios-ns open
317862.12.105.2 137 udp netbios-ns filtered
317962.12.105.2 138 udp netbios-dgm filtered
318062.12.105.2 139 tcp netbios-ssn closed
318162.12.105.2 139 udp netbios-ssn unknown
318262.12.105.2 143 tcp imap open Dovecot imapd
318362.12.105.2 161 tcp snmp open
318462.12.105.2 161 udp snmp unknown
318562.12.105.2 162 udp snmptrap unknown
318662.12.105.2 264 tcp bgmp open
318762.12.105.2 389 udp ldap unknown
318862.12.105.2 402 tcp genie open
318962.12.105.2 407 tcp timbuktu open
319062.12.105.2 443 tcp ssl/http open nginx
319162.12.105.2 445 tcp microsoft-ds closed
319262.12.105.2 446 tcp ddm-rdb open
319362.12.105.2 500 tcp isakmp open
319462.12.105.2 512 tcp exec open
319562.12.105.2 515 tcp printer open
319662.12.105.2 520 udp route unknown
319762.12.105.2 523 tcp ibm-db2 open
319862.12.105.2 540 tcp uucp open
319962.12.105.2 548 tcp afp open
320062.12.105.2 617 tcp sco-dtmgr open
320162.12.105.2 689 tcp nmap open
320262.12.105.2 705 tcp agentx open
320362.12.105.2 831 tcp netconf-beep open
320462.12.105.2 902 tcp iss-realsecure open
320562.12.105.2 912 tcp apex-mesh open
320662.12.105.2 921 tcp unknown open
320762.12.105.2 993 tcp ssl/imaps open
320862.12.105.2 995 tcp ssl/pop3s open
320962.12.105.2 998 tcp busboy open
321062.12.105.2 1000 tcp cadlock open
321162.12.105.2 1030 tcp iad1 open
321262.12.105.2 1098 tcp rmiactivation open
321362.12.105.2 1100 tcp mctp open
321462.12.105.2 1102 tcp adobeserver-1 open
321562.12.105.2 1103 tcp xaudio open
321662.12.105.2 1129 tcp saphostctrls open
321762.12.105.2 1158 tcp lsnr open
321862.12.105.2 1199 tcp dmidi open
321962.12.105.2 1220 tcp quicktime open
322062.12.105.2 1234 tcp hotline open
322162.12.105.2 1241 tcp nessus open
322262.12.105.2 1311 tcp rxmon open
322362.12.105.2 1352 tcp lotusnotes open
322462.12.105.2 1433 tcp ms-sql-s open
322562.12.105.2 1440 tcp eicon-slp open
322662.12.105.2 1471 tcp csdmbase open
322762.12.105.2 1521 tcp oracle open
322862.12.105.2 1530 tcp rap-service open
322962.12.105.2 1582 tcp msims open
323062.12.105.2 2000 tcp cisco-sccp open
323162.12.105.2 2001 tcp dc open
323262.12.105.2 2049 tcp nfs open
323362.12.105.2 2049 udp nfs unknown
323462.12.105.2 2067 tcp dlswpn open
323562.12.105.2 2103 tcp zephyr-clt open
323662.12.105.2 2199 tcp onehome-help open
323762.12.105.2 2207 tcp hpssd open
323862.12.105.2 2222 tcp ethernetip-1 open
323962.12.105.2 2323 tcp 3d-nfsd open
324062.12.105.2 2362 tcp digiman open
324162.12.105.2 2381 tcp compaq-https open
324262.12.105.2 2638 tcp sybase open
324362.12.105.2 2967 tcp symantec-av open
324462.12.105.2 3037 tcp hp-san-mgmt open
324562.12.105.2 3050 tcp gds_db open
324662.12.105.2 3128 tcp squid-http open
324762.12.105.2 3200 tcp tick-port open
324862.12.105.2 3310 tcp dyna-access open
324962.12.105.2 3460 tcp edm-manager open
325062.12.105.2 3465 tcp edm-mgr-cntrl open
325162.12.105.2 3628 tcp ept-machine open
325262.12.105.2 3632 tcp distccd open
325362.12.105.2 3790 tcp quickbooksrds open
325462.12.105.2 4000 tcp remoteanything open
325562.12.105.2 4433 tcp vop open
325662.12.105.2 4444 tcp krb524 open
325762.12.105.2 4445 tcp upnotifyp open
325862.12.105.2 4659 tcp playsta2-lob open
325962.12.105.2 4679 tcp mgesupervision open
326062.12.105.2 4800 tcp iims open
326162.12.105.2 4848 tcp appserv-http open
326262.12.105.2 5000 tcp upnp open
326362.12.105.2 5009 tcp airport-admin open
326462.12.105.2 5040 tcp unknown open
326562.12.105.2 5051 tcp ida-agent open
326662.12.105.2 5060 tcp sip open
326762.12.105.2 5061 tcp sip-tls open
326862.12.105.2 5093 tcp sentinel-lm open
326962.12.105.2 5250 tcp soagateway open
327062.12.105.2 5353 tcp mdns open
327162.12.105.2 5400 tcp pcduo-old open
327262.12.105.2 5433 tcp pyrrho open
327362.12.105.2 5520 tcp sdlog open
327462.12.105.2 5554 tcp sgi-esphttp open
327562.12.105.2 5580 tcp tmosms0 open
327662.12.105.2 5632 tcp pcanywherestat open
327762.12.105.2 5666 tcp nrpe open
327862.12.105.2 5814 tcp spt-automation open
327962.12.105.2 5901 tcp vnc-1 open
328062.12.105.2 5905 tcp unknown open
328162.12.105.2 5906 tcp unknown open
328262.12.105.2 5909 tcp unknown open
328362.12.105.2 5910 tcp cm open
328462.12.105.2 5920 tcp unknown open
328562.12.105.2 5985 tcp wsman open
328662.12.105.2 5986 tcp wsmans open
328762.12.105.2 5999 tcp ncd-conf open
328862.12.105.2 6000 tcp x11 open
328962.12.105.2 6050 tcp arcserve open
329062.12.105.2 6060 tcp x11 open
329162.12.105.2 6082 tcp p25cai open
329262.12.105.2 6112 tcp dtspc open
329362.12.105.2 6161 tcp patrol-ism open
329462.12.105.2 6379 tcp redis open
329562.12.105.2 6405 tcp boe-pagesvr open
329662.12.105.2 6502 tcp netop-rc open
329762.12.105.2 6503 tcp boks_clntd open
329862.12.105.2 6504 tcp unknown open
329962.12.105.2 6542 tcp open
330062.12.105.2 6661 tcp open
330162.12.105.2 6667 tcp irc open
330262.12.105.2 6789 tcp ibm-db2-admin open
330362.12.105.2 7001 tcp afs3-callback open
330462.12.105.2 7080 tcp empowerid open
330562.12.105.2 7144 tcp open
330662.12.105.2 7181 tcp janus-disc open
330762.12.105.2 7210 tcp open
330862.12.105.2 7272 tcp watchme-7272 open
330962.12.105.2 7414 tcp open
331062.12.105.2 7426 tcp pmdmgr open
331162.12.105.2 7510 tcp ovhpas open
331262.12.105.2 7580 tcp open
331362.12.105.2 7700 tcp em7-secom open
331462.12.105.2 7770 tcp unknown open
331562.12.105.2 7777 tcp cbt open
331662.12.105.2 7778 tcp interwise open
331762.12.105.2 7879 tcp open
331862.12.105.2 7890 tcp open
331962.12.105.2 8000 tcp http-alt open
332062.12.105.2 8008 tcp http open
332162.12.105.2 8014 tcp unknown open
332262.12.105.2 8020 tcp intu-ec-svcdisc open
332362.12.105.2 8023 tcp unknown open
332462.12.105.2 8028 tcp open
332562.12.105.2 8030 tcp open
332662.12.105.2 8050 tcp unknown open
332762.12.105.2 8082 tcp blackice-alerts open
332862.12.105.2 8086 tcp d-s-n open
332962.12.105.2 8205 tcp lm-instmgr open
333062.12.105.2 8300 tcp tmi open
333162.12.105.2 8333 tcp bitcoin open
333262.12.105.2 8400 tcp cvd open
333362.12.105.2 8443 tcp https-alt open
333462.12.105.2 8444 tcp pcsync-http open
333562.12.105.2 8503 tcp lsp-self-ping open
333662.12.105.2 8642 tcp open
333762.12.105.2 8812 tcp open
333862.12.105.2 8834 tcp nessus-xmlrpc open
333962.12.105.2 8880 tcp cddbp-alt open
334062.12.105.2 8890 tcp ddi-tcp-3 open
334162.12.105.2 8899 tcp ospf-lite open
334262.12.105.2 8903 tcp open
334362.12.105.2 9005 tcp golem open
334462.12.105.2 9080 tcp glrpc open
334562.12.105.2 9084 tcp aurora open
334662.12.105.2 9090 tcp zeus-admin open
334762.12.105.2 9099 tcp unknown open
334862.12.105.2 9111 tcp dragonidsconsole open
334962.12.105.2 9152 tcp ms-sql2000 open
335062.12.105.2 9390 tcp otp open
335162.12.105.2 9495 tcp open
335262.12.105.2 9500 tcp ismserver open
335362.12.105.2 9788 tcp open
335462.12.105.2 9809 tcp open
335562.12.105.2 9810 tcp open
335662.12.105.2 9811 tcp open
335762.12.105.2 9815 tcp unknown open
335862.12.105.2 9855 tcp open
335962.12.105.2 9910 tcp unknown open
336062.12.105.2 9991 tcp issa open
336162.12.105.2 10000 tcp snet-sensor-mgmt open
336262.12.105.2 27017 tcp mongod open
3363#######################################################################################################################################
3364---------------------------------------------------------------------------------------------------------------------------------------
3365+ Target IP: 62.12.105.2
3366+ Target Hostname: 62.12.105.2
3367+ Target Port: 443
3368---------------------------------------------------------------------------------------------------------------------------------------
3369+ SSL Info: Subject: /C=US/ST=Washington/L=Seattle/O=Odin/OU=Plesk/CN=Plesk/emailAddress=info@plesk.com
3370 Ciphers: ECDHE-RSA-AES256-GCM-SHA384
3371 Issuer: /C=US/ST=Washington/L=Seattle/O=Odin/OU=Plesk/CN=Plesk/emailAddress=info@plesk.com
3372+ Start Time: 2019-06-21 23:21:12 (GMT-4)
3373---------------------------------------------------------------------------------------------------------------------------------------
3374+ Server: nginx
3375+ The anti-clickjacking X-Frame-Options header is not present.
3376+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3377+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
3378+ The site uses SSL and Expect-CT header is not present.
3379+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3380+ Hostname '62.12.105.2' does not match certificate's names: Plesk
3381+ Allowed HTTP Methods: OPTIONS, GET, HEAD, POST
3382+ OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
3383+ OSVDB-3268: /icons/: Directory indexing found.
3384+ OSVDB-3233: /icons/README: Apache default file found.
3385+ 8733 requests: 3 error(s) and 10 item(s) reported on remote host
3386+ End Time: 2019-06-22 03:06:51 (GMT-4) (13539 seconds)
3387---------------------------------------------------------------------------------------------------------------------------------------
3388#######################################################################################################################################
3389 Anonymous JTSEC #OpSudan Full Recon #95