· 6 years ago · Jan 18, 2020, 06:10 AM
1WHOIS
2
3 Domain Name: BLACKHAT-GLOBAL.COM
4 Registry Domain ID: 2458138876_DOMAIN_COM-VRSN
5 Registrar WHOIS Server: whois.networksolutions.com
6 Registrar URL: http://networksolutions.com
7 Updated Date: 2019-11-21T19:45:41Z
8 Creation Date: 2019-11-21T19:42:39Z
9 Registry Expiry Date: 2020-11-21T19:42:39Z
10 Registrar: Network Solutions, LLC
11 Registrar IANA ID: 2
12 Registrar Abuse Contact Email: abuse@web.com
13 Registrar Abuse Contact Phone: +1.8003337680
14 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
15 Name Server: NS85.WORLDNIC.COM
16 Name Server: NS86.WORLDNIC.COM
17 DNSSEC: unsigned
18 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
19>>> Last update of whois database: 2020-01-18T05:44:09Z <<<
20The Registry database contains ONLY .COM, .NET, .EDU domains and
21Registrars.
22Domain Name: BLACKHAT-GLOBAL.COM
23Registry Domain ID:
24Registrar WHOIS Server: whois.networksolutions.com
25Registrar URL: http://networksolutions.com
26Updated Date: 2020-01-16T09:31:58Z
27Creation Date: 2019-11-21T19:42:39Z
28Registrar Registration Expiration Date: 2020-11-21T19:42:39Z
29Registrar: Network Solutions, LLC
30Registrar IANA ID: 2
31Reseller:
32Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
33Registry Registrant ID:
34Registrant Name: PERFECT PRIVACY, LLC
35Registrant Organization:
36Registrant Street: 5335 Gate Parkway care of Network Solutions PO Box 459
37Registrant City: Jacksonville
38Registrant State/Province: FL
39Registrant Postal Code: 32256
40Registrant Country: US
41Registrant Phone: +1.5707088780
42Registrant Phone Ext:
43Registrant Fax:
44Registrant Fax Ext:
45Registrant Email: fz36z2u96j5@networksolutionsprivateregistration.com
46Registry Admin ID:
47Admin Name: PERFECT PRIVACY, LLC
48Admin Organization:
49Admin Street: 5335 Gate Parkway care of Network Solutions PO Box 459
50Admin City: Jacksonville
51Admin State/Province: FL
52Admin Postal Code: 32256
53Admin Country: US
54Admin Phone: +1.5707088780
55Admin Phone Ext:
56Admin Fax:
57Admin Fax Ext:
58Admin Email: fz36z2u96j5@networksolutionsprivateregistration.com
59Registry Tech ID:
60Tech Name: PERFECT PRIVACY, LLC
61Tech Organization:
62Tech Street: 5335 Gate Parkway care of Network Solutions PO Box 459
63Tech City: Jacksonville
64Tech State/Province: FL
65Tech Postal Code: 32256
66Tech Country: US
67Tech Phone: +1.5707088780
68Tech Phone Ext:
69Tech Fax:
70Tech Fax Ext:
71Tech Email: fz36z2u96j5@networksolutionsprivateregistration.com
72Name Server: NS85.WORLDNIC.COM
73Name Server: NS86.WORLDNIC.COM
74DNSSEC: unsigned
75Registrar Abuse Contact Email: abuse@web.com
76Registrar Abuse Contact Phone: +1.8003337680
77URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
78>>> Last update of WHOIS database: 2020-01-18T05:44:33Z <<<
79
80DNS
81
82; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> type=
83;; global options: +cmd
84;; Got answer:
85;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52499
86;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
87
88;; OPT PSEUDOSECTION:
89; EDNS: version: 0, flags:; udp: 4096
90; COOKIE: b7c63ba16991ea51ffba4eeb5e229ad692953a22c1e1b2fb (good)
91;; QUESTION SECTION:
92;type=. IN A
93
94;; AUTHORITY SECTION:
95. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020011701 1800 900 604800 86400
96
97Server: 10.5.0.1
98Address: 10.5.0.1#53
99
100Non-authoritative answer:
101blackhat-global.com mail exchanger = 10 mx1.netsolmail.net.
102
103Authoritative answers can be found from:
104blackhat-global.com nameserver = ns85.worldnic.com.
105blackhat-global.com nameserver = ns86.worldnic.com.
106
107NMAP
108
109Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 16:40 CST
110Stats: 0:08:28 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
111SYN Stealth Scan Timing: About 32.43% done; ETC: 17:05 (0:17:22 remaining)
112Stats: 0:08:31 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
113SYN Stealth Scan Timing: About 32.44% done; ETC: 17:06 (0:17:28 remaining)
114Stats: 0:08:32 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
115SYN Stealth Scan Timing: About 32.51% done; ETC: 17:06 (0:17:26 remaining)
116Stats: 0:08:33 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
117SYN Stealth Scan Timing: About 32.59% done; ETC: 17:06 (0:17:24 remaining)
118Stats: 0:22:08 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
119SYN Stealth Scan Timing: About 84.89% done; ETC: 17:06 (0:03:55 remaining)
120Nmap scan report for blackhat-global.com (209.17.116.160)
121Host is up (0.039s latency).
122Not shown: 65530 filtered ports
123PORT STATE SERVICE VERSION
12421/tcp open ftp ProFTPD or KnFTPD
12522/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
12680/tcp open http OpenResty web app server 1.13.6.2
127| http-server-header:
128| openresty/1.13.6.2
129|_ openresty/1.15.8.1
130|_http-title: Did not follow redirect to https://blackhat-global.com/
131113/tcp closed ident
132443/tcp open ssl/http OpenResty web app server 1.13.6.2
133|_http-generator: WordPress 5.1.4
134| http-robots.txt: 1 disallowed entry
135|_/wp-admin/
136|_http-server-header: openresty/1.13.6.2
137|_http-title: 400 The plain HTTP request was sent to HTTPS port
138| ssl-cert: Subject: commonName=blackhat-global.com
139| Subject Alternative Name: DNS:blackhat-global.com, DNS:www.blackhat-global.com
140| Not valid before: 2019-11-21T00:00:00
141|_Not valid after: 2020-11-21T23:59:59
142Device type: bridge|general purpose
143Running (JUST GUESSING): Oracle Virtualbox (99%), QEMU (99%)
144OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu
145Aggressive OS guesses: Oracle Virtualbox (99%), QEMU user mode network gateway (99%)
146No exact OS matches for host (test conditions non-ideal).
147Network Distance: 2 hops
148Service Info: OS: Unix
149
150WhatWAF
151
152[23:02:23][INFO] checking for updates
153[23:02:24][WARN] it is highly advised to use a proxy when using WhatWaf. do so by passing the proxy flag (IE `--proxy http://127.0.0.1:9050`) or by passing the Tor flag (IE `--tor`)
154[23:02:24][INFO] using User-Agent 'whatwaf/1.9.7 (Language=2.7.17; Platform=Linux)'
155[23:02:24][INFO] using default payloads
156[23:02:24][INFO] testing connection to target URL before starting attack
157[23:02:28][SUCCESS] connection succeeded, continuing
158[23:02:28][INFO] running single web application 'https://blackhat-global.com'
159[23:02:28][WARN] URL does not appear to have a query (parameter), this may interfere with the detection results
160[23:02:28][INFO] request type: GET
161[23:02:28][INFO] gathering HTTP responses
162[23:03:01][INFO] gathering normal response to compare against
163[23:03:02][INFO] loading firewall detection scripts
164[23:03:02][INFO] running firewall detection checks
165[23:03:03][FIREWALL] detected website protection identified as 'Shadow Daemon Opensource (WAF)'
166[23:03:03][INFO] starting bypass analysis
167[23:03:03][INFO] loading payload tampering scripts
168[23:03:03][INFO] running tampering bypass checks
169[23:13:07][WARN] no valid bypasses discovered with provided payloads
170[23:13:07][INFO] URL has been cached for future use
171
172WPSCAN
173
174 WordPress Security Scanner by the WPScan Team
175 Version 3.7.6
176 Sponsored by Automattic - https://automattic.com/
177 @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
178_______________________________________________________________
179
180[+] URL: https://blackhat-global.com/
181[+] Started: Fri Jan 17 23:52:47 2020
182
183Interesting Finding(s):
184
185[+] https://blackhat-global.com/
186 | Interesting Entries:
187 | - Server: openresty/1.13.6.2
188 | - X-Powered-By: PHP/5.6.17-pl0-gentoo
189 | - X-Webcom-Cache-Status: BYPASS
190 | Found By: Headers (Passive Detection)
191 | Confidence: 100%
192
193[+] https://blackhat-global.com/robots.txt
194 | Interesting Entries:
195 | - /wp-admin/
196 | - /wp-admin/admin-ajax.php
197 | Found By: Robots Txt (Aggressive Detection)
198 | Confidence: 100%
199
200[+] https://blackhat-global.com/xmlrpc.php
201 | Found By: Direct Access (Aggressive Detection)
202 | Confidence: 100%
203 | References:
204 | - http://codex.wordpress.org/XML-RPC_Pingback_API
205 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
206 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
207 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
208 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
209
210[+] https://blackhat-global.com/readme.html
211 | Found By: Direct Access (Aggressive Detection)
212 | Confidence: 100%
213
214[+] https://blackhat-global.com/wp-cron.php
215 | Found By: Direct Access (Aggressive Detection)
216 | Confidence: 60%
217 | References:
218 | - https://www.iplocation.net/defend-wordpress-from-ddos
219 | - https://github.com/wpscanteam/wpscan/issues/1299
220
221[+] WordPress version 5.1.4 identified (Latest, released on 2019-12-12).
222 | Found By: Rss Generator (Passive Detection)
223 | - https://blackhat-global.com/feed/, <generator>https://wordpress.org/?v=5.1.4</generator>
224 | - https://blackhat-global.com/comments/feed/, <generator>https://wordpress.org/?v=5.1.4</generator>
225
226[+] WordPress theme in use: megapress
227 | Location: https://blackhat-global.com/wp-content/themes/megapress/
228 | Latest Version: 1.0.6 (up to date)
229 | Last Updated: 2019-11-14T00:00:00.000Z
230 | Readme: https://blackhat-global.com/wp-content/themes/megapress/readme.txt
231 | Style URL: https://blackhat-global.com/wp-content/themes/megapress/style.css?ver=5.1.4
232 | Style Name: Megapress
233 | Style URI: https://themegabytech.com/themedetail/megapress
234 | Description: Build your blog with megapress. It delivers clean, responsive and smooth output. It is especially su...
235 | Author: Megabyte Tech
236 | Author URI: https://themegabytech.com/
237 |
238 | Found By: Css Style In Homepage (Passive Detection)
239 | Confirmed By: Css Style In 404 Page (Passive Detection)
240 |
241 | Version: 1.0.6 (80% confidence)
242 | Found By: Style (Passive Detection)
243 | - https://blackhat-global.com/wp-content/themes/megapress/style.css?ver=5.1.4, Match: 'Version: 1.0.6'
244
245[+] Enumerating Vulnerable Themes (via Passive and Aggressive Methods)
246 Checking Known Locations - Time: 00:01:13 <===================================> (323 / 323) 100.00% Time: 00:01:13
247[+] Checking Theme Versions (via Passive and Aggressive Methods)
248
249[i] Theme(s) Identified:
250
251[+] atahualpa
252 | Location: https://blackhat-global.com/wp-content/themes/atahualpa/
253 | Latest Version: 3.7.24 (up to date)
254 | Last Updated: 2015-05-30T00:00:00.000Z
255 | Readme: https://blackhat-global.com/wp-content/themes/atahualpa/README.txt
256 | Style URL: https://blackhat-global.com/wp-content/themes/atahualpa/style.css
257 | Style Name: Atahualpa
258 | Style URI: http://wordpress.bytesforall.com/
259 | Description: Atahualpa is a very customizable and browser-safe (incl. IE6) theme: Choose between fixed or flexibl...
260 | Author: BytesForAll
261 | Author URI: http://forum.bytesforall.com/
262 |
263 | Found By: Known Locations (Aggressive Detection)
264 | - https://blackhat-global.com/wp-content/themes/atahualpa/, status: 200
265 |
266 | [!] 1 vulnerability identified:
267 |
268 | [!] Title: Atahualpa Theme - Authenticated Cross-Site Scripting (XSS)
269 | References:
270 | - https://wpvulndb.com/vulnerabilities/8748
271 | - https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_atahualpa_wordpress_theme.html
272 | - https://seclists.org/fulldisclosure/2017/Feb/83
273 |
274 | Version: 3.7.24 (80% confidence)
275 | Found By: Style (Passive Detection)
276 | - https://blackhat-global.com/wp-content/themes/atahualpa/style.css, Match: 'Version: 3.7.24'
277
278[+] WPVulnDB API OK
279 | Plan: free
280 | Requests Done (during the scan): 5
281 | Requests Remaining: 45
282
283[+] Finished: Fri Jan 17 23:54:41 2020
284[+] Requests Done: 370
285[+] Cached Requests: 14
286[+] Data Sent: 103.419 KB
287[+] Data Received: 519.95 KB
288[+] Memory used: 144.63 MB
289[+] Elapsed time: 00:01:54
290
291OTHER
292
293 http-csrf:
294| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=blackhat-global.com
295| Found the following possible CSRF vulnerabilities:
296|
297| Path: https://blackhat-global.com:443/
298| Form id: give-form-33-1
299| Form action: https://blackhat-global.com/?payment-mode=stripe_checkout
300|
301| Path: https://blackhat-global.com:443/?payment-mode=stripe_checkout
302| Form id: give-form-33-1
303| Form action: https://blackhat-global.com/?payment-mode=stripe_checkout
304|
305| Path: https://blackhat-global.com:443/wp-includes/js/d.value%7delse;,d)a.addEventListener(%22message%22,a.wp.
306receiveEmbedMessage,!1),b.addEventListener(%22DOMContentLoaded%22,c,!1),a.addEventListener(%22load%22,c,!1)(window,
307document
308| Form id:
309| Form action: https://blackhat-global.com/
310|
311| Path: https://blackhat-global.com:443/wp-includes/js/d.value%7delse;,d)a.addEventListener(%22message%22,a.wp.receiveEmbedMessage,!1),b.addEventListener(%22DOMContentLoaded%22,c,!1),a.addEventListener(%22load%22,c,!1)(window,document
312| Form id: give-form-33-1
313|_ Form action: https://blackhat-global.com/wp-includes/js/d.value%7delse/?payment-mode=stripe_checkout
314|_http-date: Sat, 18 Jan 2020 00:28:42 GMT; -2s from local time.
315|_http-devframework: Wordpress detected. Found common traces on /
316|_http-dombased-xss: Couldn't find any DOM based XSS.
317|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
318| http-enum:
319|_ /wp-login.php: Possible admin folder
320
321http-errors: Couldn't find any error pages.
322|_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
323|_http-feed: ERROR: Script execution failed (use -d to debug)
324|_http-fetch: Please enter the complete path of the directory to save data in.
325|_http-generator: WordPress 5.1.4
326| http-headers:
327| Server: openresty/1.13.6.2
328| Date: Sat, 18 Jan 2020 00:28:40 GMT
329| Content-Type: text/html; charset=UTF-8
330| Connection: close
331| Vary: Accept-Encoding
332| X-Powered-By: PHP/5.6.17-pl0-gentoo
333| Link: <https://blackhat-global.com/wp-json/>; rel="https://api.w.org/", <https://blackhat-global.com/>; rel=shortlink
334| X-Webcom-Cache-Status: BYPASS
335|
336|_ (Request type: HEAD)
337|_http-jsonp-detection: Couldn't find any JSONP endpoints.
338|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
339|_http-malware-host: Host appears to be clean
340| http-methods:
341|_ Supported Methods: GET HEAD POST OPTIONS
342|_http-mobileversion-checker: No mobile version detected.
343|_http-passwd: ERROR: Script execution failed (use -d to debug)
344|_http-php-version: Version from header x-powered-by: PHP/5.6.17-pl0-gentoo
345|_http-referer-checker: Couldn't find any cross-domain scripts.
346| http-robots.txt: 1 disallowed entry
347|_/wp-admin/
348| http-security-headers:
349| Strict_Transport_Security:
350|_ HSTS not configured in HTTPS Server
351|_http-server-header: openresty/1.13.6.2
352| http-sitemap-generator:
353| Directory structure:
354| /
355| Other: 1; php: 1
356| /comments/feed/
357| Other: 1
358| /feed/
359| Other: 1
360| /wp-content/themes/megapress/
361| css: 1
362| /wp-includes/
363| xml: 1
364| /wp-includes/js/
365|wp-includes/js/mediaelement/
366| css: 2; js: 3
367| /wp-json/
368| Other: 1
369| /wp-json/oembed/1.0/
370| Other: 1
371| Longest directory structure:
372| Depth: 3
373| Dir: /wp-json/oembed/1.0/
374| Total files found (by extension):
375|_ Other: 5; css: 3; js: 6; php: 1; xml: 1
376|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
377|_http-title: blackhat-global
378| http-useragent-tester:
379| Status for browser useragent: 200
380| Allowed User Agents:
381| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
382| libwww
383| lwp-trivial
384| libcurl-agent/1.0
385| PHP/
386| Python-urllib/2.5
387| GT::WWW
388| Snoopy
389| MFC_Tear_Sample
390| HTTP::Lite
391| PHPCrawl
392| URI::Fetch
393| Zend_Http_Client
394| http client
395| PECL::HTTP
396| Wget/1.13.4 (linux-gnu)
397|_ WWW-Mechanize/1.34
398| http-vhosts:
399| secure.com : 200
400| demo.com : 200
401| server.com : 200
402| web.com : 200
403|_123 names had status 400
404|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
405| http-waf-detect: IDS/IPS/WAF detected:
406|_blackhat-global.com:443/?p4yl04d3=<script>alert(document.cookie)</script>
407| http-wordpress-enum:
408| Search limited to top 100 themes/plugins
409| themes
410| twentyeleven
411| twentytwelve 3.0
412| twentyten 2.9
413| twentyfourteen 2.7
414| twentyfifteen 2.5
415| atahualpa 3.7.24
416|_ twentysixteen 2.0
417| http-wordpress-users:
418| Username found: blackhatglobal
419|_Search stopped at ID #25. Increase the upper limit if necessary with 'http-wordpress-users.limit'
420| ssl-cert: Subject: commonName=blackhat-global.com/organizationalUnitName=nsProtect Secure Xpress
421| Subject Alternative Name: DNS:blackhat-global.com, DNS:www.blackhat-global.com
422| Issuer: commonName=Network Solutions DV Server CA 2/organizationName=Network Solutions L.L.C./stateOrProvinceName=VA/countryName=US/localityName=Herndon
423| Public Key type: rsa
424| Public Key bits: 2048
425| Signature Algorithm: sha256WithRSAEncryption
426| Not valid before: 2019-11-21T00:00:00
427| Not valid after: 2020-11-21T23:59:59
428| MD5: c860 4997 45ef 0a48 8017 2fb2 b14c 85ef
429| SHA-1: 0216 7019 c522 440a 41d2 1f5f 5535 fed4 9511 60df
430| -----BEGIN CERTIFICATE-----
431| MIIGajCCBVKgAwIBAgIQVlEcA4FOrFwB+be7eYcSFTANBgkqhkiG9w0BAQsFADB6
432| MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVkExEDAOBgNVBAcTB0hlcm5kb24xITAf
433| BgNVBAoTGE5ldHdvcmsgU29sdXRpb25zIEwuTC5DLjEpMCcGA1UEAxMgTmV0d29y
434| ayBTb2x1dGlvbnMgRFYgU2VydmVyIENBIDIwHhcNMTkxMTIxMDAwMDAwWhcNMjAx
435| MTIxMjM1OTU5WjBjMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQx
436| IDAeBgNVBAsTF25zUHJvdGVjdCBTZWN1cmUgWHByZXNzMRwwGgYDVQQDExNibGFj
437| a2hhdC1nbG9iYWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
438| iGcuNksofKtd8RJzN1r6dm7F4dWZglAHKiDgZ879oJoDhkMh6my/Fu1uYwZoWGee
439| d82pQO2zjONo3Lnz6lBGbXWqS7Z+fMnxoMV9H8P/cHxywwMhQLSqs5tOJDSJyXLA
440| mlaR7ebCmrUq7W3XTTMnDkTVk/qqx9oKzntCZm5Zhu7/Qx7pmdpWosGakpNDK1ZV
441| 0jpU+GmiS/kO54AdawWqI32QtzRvIzvq0CHoDAou4D3ejxnwxYgP5yeBg/2MnZJM
442| WU0HNUkqCrTRBUHV8eb/UyQPXk5C6977gOCgjH2FqUx9ZLNYPZ5nc6lHQ7zt9cpJ
443| ltZgDn+Lf38U5Ts8sncrkwIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUUc7fVB23
444| LFeraGFIAhrTsoXsQKowHQYDVR0OBBYEFPJfSFLOyYQqkwtDUGdbptAgeN8GMA4G
445| A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
446| BggrBgEFBQcDAjB1BgNVHSAEbjBsMGAGDCsGAQQBhg4BAgEJATBQME4GCCsGAQUF
447| BwIBFkJodHRwOi8vd3d3Lm5ldHdvcmtzb2x1dGlvbnMuY29tL2xlZ2FsL1NTTC1s
448| ZWdhbC1yZXBvc2l0b3J5LWNwcy5qc3AwCAYGZ4EMAQIBMEkGA1UdHwRCMEAwPqA8
449| oDqGOGh0dHA6Ly9jcmwubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zRFZT
450| ZXJ2ZXJDQTIuY3JsMHsGCCsGAQUFBwEBBG8wbTBEBggrBgEFBQcwAoY4aHR0cDov
451| L2NydC5uZXRzb2xzc2wuY29tL05ldHdvcmtTb2x1dGlvbnNEVlNlcnZlckNBMi5j
452| cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLm5ldHNvbHNzbC5jb20wNwYDVR0R
453| BDAwLoITYmxhY2toYXQtZ2xvYmFsLmNvbYIXd3d3LmJsYWNraGF0LWdsb2JhbC5j
454| b20wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgAHt1wb5X1o//Gwxh0jFce65ld8
455| V5S3au68YToaadOiHAAAAW6PgZeMAAAEAwBHMEUCIBCBg4HMs6AWDOx1NQIfTLxx
456| dj4vYbDziCc3vuZ5QBb8AiEA1wbAChI9YW5Ku57Z3U4FHLEFTS5pJ1ywDdPWX6RR
457| U2EAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAW6PgZeCAAAE
458| AwBHMEUCIQDCDy74/a/mcWAIG4XeaPSod0+Xm0aJXVSk8gr+qlwkmgIgYMMpOVMt
459| KG/gCnSkKaT/vs26QR4GC2cnaU6AtAopktIwDQYJKoZIhvcNAQELBQADggEBAHdZ
460| SX0oNiaovydZ5XQWgfIZJd/OZBf8Z/hZLSs0IWlR/5Uqx0NRGRsdINIPGnThhg9J
461| WuJyWdLMYp623mC5k7eBIeOvckp+UNd0Rz4fABcAtxOh8Fy6aD8sdF/ee6YwEdHs
462| LEF1HEjidKTnOn8QF8Y+MA4EbRAtNMBVkeznIoAbT9/2qQVCoeZJ8tfw2rEA5T3I
463| 3O5epRQQG3zz9xYFSPmiDQ6uaH7sToTetq8r4NwG7y4+B5VZ+ivSojltMgofsLeX
464| os3VNYpNWptcVd+pzdR40EdfRhs/sOiHk0TFswvmhWOLNRqYUa26wdxOLhNlpFpy
465| QMuoZJ+9ARgGS4FWHiY=
466
467 ssl-enum-ciphers:
468| TLSv1.2:
469| ciphers:
470| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp384r1) - A
471| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp384r1) - A
472| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp384r1) - A
473| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
474| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
475| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp384r1) - A
476| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
477| TLS_DHE_RSA_WITH_AES_256_CCM_8 (dh 2048) - A
478| TLS_DHE_RSA_WITH_AES_256_CCM (dh 2048) - A
479| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
480| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
481| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp384r1) - A
482| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp384r1) - A
483| TLS_DHE_RSA_WITH_AES_128_CCM_8 (dh 2048) - A
484| TLS_DHE_RSA_WITH_AES_128_CCM (dh 2048) - A
485| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A
486| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
487| compressors:
488| NULL
489| cipher preference: server
490|_ least strength: A
491|_sslv2-drown:
492
493- Nikto v2.1.6
494---------------------------------------------------------------------------
495+ Target IP: 209.17.116.160
496+ Target Hostname: blackhat-global.com
497+ Target Port: 443
498---------------------------------------------------------------------------
499+ SSL Info: Subject: /OU=Domain Control Validated/OU=nsProtect Secure Xpress/CN=blackhat-global.com
500 Ciphers: ECDHE-RSA-AES256-GCM-SHA384
501 Issuer: /C=US/ST=VA/L=Herndon/O=Network Solutions L.L.C./CN=Network Solutions DV Server CA 2
502+ Start Time: 2020-01-17 18:28:03 (GMT-6)
503---------------------------------------------------------------------------
504+ Server: openresty/1.13.6.2
505+ Retrieved x-powered-by header: PHP/5.6.17-pl0-gentoo
506+ IP address found in the 'server' header. The IP is "1.13.6.2".
507+ The anti-clickjacking X-Frame-Options header is not present.
508+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms
509of XSS
510+ Uncommon header 'link' found, with contents: <https://blackhat-global.com/wp-json/>; rel="https://api.w.org/", <h
511ttps://blackhat-global.com/>; rel=shortlink
512+ Uncommon header 'x-webcom-cache-status' found, with contents: BYPASS
513+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
514+ The site uses SSL and Expect-CT header is not present.
515+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site i
516n a different fashion to the MIME type
517+ All CGI directories 'found', use '-C none' to test none
518+ ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error at /var/lib/nikto/plugins/LW2.pm line 5157.
519 at /var/lib/nikto/plugins/LW2.pm line 5157.
520; at /var/lib/nikto/plugins/LW2.pm line 5157.
521+ ERROR: Error limit (20) reached for host, giving up. Last error:
522+ ERROR: Error limit (20) reached for host, giving up. Last error:
523+ ERROR: Error limit (20) reached for host, giving up. Last error:
524+ Scan terminated: 18 error(s) and 9 item(s) reported on remote host
525+ End Time: 2020-01-17 18:36:40 (GMT-6) (517 seconds)
526---------------------------------------------------------------------------
527+ 1 host(s) tested
528HTTP/1.1 200 OK
529erver: openresty/1.13.6.2
530Date: Sat, 18 Jan 2020 00:27:54 GMT
531Content-Type: text/plain; charset=utf-8
532Transfer-Encoding: chunked
533Connection: keep-alive
534Vary: Accept-Encoding
535X-Powered-By: PHP/5.6.17-pl0-gentoo
536Link: <https://blackhat-global.com/wp-json/>; rel="https://api.w.org/"
537X-Webcom-Cache-Status: BYPASS
538
539User-agent: *
540Disallow: /wp-admin/
541Allow: /wp-admin/admin-ajax.php
542WhatWeb report for https://blackhat-global.com/
543Status : 200 OK
544Title : blackhat-global
545IP : 209.17.116.160
546Country : UNITED STATES, US
547
548Summary : PHP[5.6.17-pl0-gentoo], UncommonHeaders[link,x-webcom-cache-status], Script[text/javascript], HTTPServer[Gentoo Linux][openresty/1.13.6.2], X-Powered-By[PHP/5.6.17-pl0-gentoo], MetaGenerator[Give v2.5.10,WordPress 5.1.4], WordPress[5.1.4], HTML5, JQuery[1.12.4]
549
550Detected Plugins:
551[ HTML5 ]
552 HTML version 5, detected by the doctype declaration
553
554
555[ HTTPServer ]
556 HTTP server header string. This plugin also attempts to
557 identify the operating system from the server header.
558
559 OS : Gentoo Linux
560 String : openresty/1.13.6.2 (from server string)
561
562[ JQuery ]
563 A fast, concise, JavaScript that simplifies how to traverse
564 HTML documents, handle events, perform animations, and add
565 AJAX.
566
567 Version : 1.12.4
568 Website : http://jquery.com/
569
570[ MetaGenerator ]
571 This plugin identifies meta generator tags and extracts its
572value.
573
574 String : Give v2.5.10,WordPress 5.1.4
575
576[ PHP ]
577 PHP is a widely-used general-purpose scripting language
578 that is especially suited for Web development and can be
579 embedded into HTML. This plugin identifies PHP errors,
580 modules and versions and extracts the local file path and
581 username if present.
582
583 Version : 5.6.17-pl0-gentoo
584 Google Dorks: (2)
585 Website : http://www.php.net/
586
587[ Script ]
588 This plugin detects instances of script HTML elements and
589 returns the script language/type.
590
591 String : text/javascript
592
593[ UncommonHeaders ]
594 Uncommon HTTP server headers. The blacklist includes all
595 the standard headers and many non standard but common ones.
596 Interesting but fairly common headers should have their own
597 plugins, eg. x-powered-by, server and x-aspnet-version.
598 Info about headers can be found at www.http-stats.com
599
600 String : link,x-webcom-cache-status (from headers)
601
602[ WordPress ]
603 WordPress is an opensource blogging system commonly used as
604 a CMS.
605
606 Version : 5.1.4
607 Aggressive function available (check plugin file or details).
608 Google Dorks: (1)
609 Website : http://www.wordpress.org/
610
611[ X-Powered-By ]
612 X-Powered-By HTTP header
613
614 String : PHP/5.6.17-pl0-gentoo (from x-powered-by string)
615
616HTTP Headers:
617 HTTP/1.1 200 OK
618 Server: openresty/1.13.6.2
619 Date: Sat, 18 Jan 2020 00:28:00 GMT
620 Content-Type: text/html; charset=UTF-8
621 Transfer-Encoding: chunked
622 Connection: close
623 Vary: Accept-Encoding
624 X-Powered-By: PHP/5.6.17-pl0-gentoo
625 Link: <https://blackhat-global.com/wp-json/>; rel="https://api.w.org/", <https://blackhat-global.com/>; rel=shortlink
626 X-Webcom-Cache-Status: BYPASS
627 Content-Encoding: gzip
628
629Version: 1.11.13-static
630OpenSSL 1.0.2-chacha (1.0.2g-dev)
631
632Connected to 209.17.116.160
633
634Testing SSL server blackhat-global.com on port 443 using SNI name blackhat-global.com
635
636 TLS Fallback SCSV:
637Server supports TLS Fallback SCSV
638
639 TLS renegotiation:
640Session renegotiation not supported
641
642 TLS Compression:
643Compression disabled
644
645 Heartbleed:
646TLS 1.2 not vulnerable to heartbleed
647TLS 1.1 not vulnerable to heartbleed
648TLS 1.0 not vulnerable to heartbleed
649
650 Supported Server Cipher(s):
651Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
652Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
653Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
654Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
655Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
656Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
657Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
658Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
659Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
660Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
661Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
662Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
663
664SSL Certificate:
665Signature Algorithm: sha256WithRSAEncryption
666RSA Key Strength: 2048
667
668Subject: blackhat-global.com
669Altnames: DNS:blackhat-global.com, DNS:www.blackhat-global.com
670Issuer: Network Solutions DV Server CA 2
671
672Not valid before: Nov 21 00:00:00 2019 GMT
673Not valid after: Nov 21 23:59:59 2020 GMT
674HTTP/1.1 301 Moved Permanently
675Server: openresty/1.13.6.2
676Date: Sat, 18 Jan 2020 00:27:48 GMT
677Content-Type: text/html
678Content-Length: 191
679Connection: keep-alive
680Location: https://blackhat-global.com/
681
682<html>
683<head><title>301 Moved Permanently</title></head>
684<body bgcolor="white">
685<center><h1>301 Moved Permanently</h1></center>
686<hr><center>openresty/1.13.6.2</center>
687</body>
688</html>